Release 0.23.2

This release contains following bugfix:

• Fixed missing key convertor initialization due to an invalid merge

Release 0.23.1

This release contains following improvement:

• Unirest concurrency configuration using application properties

Release 0.23.0

This release contains following improvements and bug fixes:

• Anti-fraud system (AFS) integration for Threat Mark
• Integration of AFS JavaScript into Web Flow UI
• Authentication step down for login and approval steps based on AFS result
• Detection of client IP address for AFS
• Web Socket connection is established during whole operation
• Detection of interrupted operations for AFS logout action
• Information about used authentication instruments is stored in Next Step database
• User account status is tracked to distinguish active and blocked accounts
• OAuth 2.0 scopes are now strongly typed in Web Flow
• Third party provider (TPP) registry
• Consent engine for storing of user consents
• Larger consent screen can be enabled for consents with lots of text
• Improved user interface for actions buttons
• Mobile token can be dynamically enabled during authentication steps
• Database schema definition for PostgreSQL
• Improved sanitization for input fields in user interface
• Enabled Spring actuators health and info
• Fixed duplicate requests for timeout verification
• Fixed error when Web Socket connection failed in UI
• Dependency updates, security fixes

Release 0.22.2 - hotfix

This hotfix release provides configuration of mobile token on operation level:

• #682: Allow configuration of mobile token availability per operation

SQL Schema Update

The following database schema update is required for this release:

Oracle:

ALTER TABLE ns_operation_config ADD mobile_token_enabled NUMBER(1) DEFAULT 0 NOT NULL;

MySQL:

ALTER TABLE `ns_operation_config` ADD `mobile_token_enabled` BOOLEAN DEFAULT FALSE NOT NULL;

Configuration of operations

For each operation which requires the mobile token to be enabled, run following SQL update. Update ${operation_name} placehoder with actual operation name.

Oracle:

UPDATE ns_operation_config SET mobile_token_enabled=1 WHERE operation_name='${operation_name}';
COMMIT;

MySQL:

UPDATE ns_operation_config SET mobile_token_enabled=true WHERE operation_name='${operation_name}';
COMMIT;

Release 0.22.1 - hotfix

Hotfix release fixes issue with HTTP session cleanup:

• #601: Clean HTTP session properly

Release 0.22.0

This release contains following improvements and bug fixes:

• Support for Strong Customer Authentication (SCA)
  • New operation step for SCA login
  • New operation step for SCA approval
• Updated Data Adapter model and interface for SCA
• Organization choice (e.g. RETAIL/SME)
• OAuth 2.0 consent form with customization
• Optional password encryption using AES-256
• Security warning on Android devices
• Refreshed UI design of test client application
• Added deployment descriptor for JBoss/Wildfly
• Dependency updates, security fixes

Release 0.21.1 - hotfix

Hotfix release which adds POST alternatives for DELETE and PUT HTTP methods:

• #518: Backport alternative methods for DELETE and PUT into branch 0.21.x

Release 0.20.2 - hotfix

Hotfix release which adds POST alternatives for DELETE and PUT HTTP methods:

• #517: Backport alternative methods for DELETE and PUT into branch 0.20.x

Release 0.21.0

This release contains following improvements and bug fixes:

• Migration to PowerAuth protocol version 3
• Improvements in Mobile Token API - formatting of currencies and third party info
• RestTemplate instances are available for interceptors in client classes
• Logging migrated to SLF4J
• Dependency updates

Release 0.20.1 - hotfix

Hotfix release with fix of issue with client language detection.

• #463: Backport fix of #450: Invalid language in frontend vs. backend