Mercurial > hg > orthanc-authorization
annotate NEWS @ 77:94a9484d7f8f
fix security issues allowing to browse remote dicom servers + introduced UnitTests
author | Alain Mazy <am@osimis.io> |
---|---|
date | Wed, 15 Mar 2023 16:36:42 +0100 |
parents | aa73b10c2db9 |
children | 9194a65254d4 |
rev | line source |
---|---|
72
e381ba725669
new PUT auth/tokens/{token-type} API route + updated interface with WebService
Alain Mazy <am@osimis.io>
parents:
71
diff
changeset
|
1 * BREAKING-CHANGE: the API between the authorization plugin and the |
e381ba725669
new PUT auth/tokens/{token-type} API route + updated interface with WebService
Alain Mazy <am@osimis.io>
parents:
71
diff
changeset
|
2 WebService has slightly changed. Check the samples in the README (TODO). |
e381ba725669
new PUT auth/tokens/{token-type} API route + updated interface with WebService
Alain Mazy <am@osimis.io>
parents:
71
diff
changeset
|
3 - "identifier" has been renamed into "server-id" |
71 | 4 * new user-permission based authorization model. This is enabled if you |
5 define the new "WebServiceUserProfileUrl" configuration. | |
72
e381ba725669
new PUT auth/tokens/{token-type} API route + updated interface with WebService
Alain Mazy <am@osimis.io>
parents:
71
diff
changeset
|
6 * new "orthanc-explorer-2" StandardConfigurations |
e381ba725669
new PUT auth/tokens/{token-type} API route + updated interface with WebService
Alain Mazy <am@osimis.io>
parents:
71
diff
changeset
|
7 * new GET "auth/user/profile" Rest API route to retrieve user permissions |
e381ba725669
new PUT auth/tokens/{token-type} API route + updated interface with WebService
Alain Mazy <am@osimis.io>
parents:
71
diff
changeset
|
8 * new PUT "auth/tokens/{token-type}" Rest API route to create tokens |
74 | 9 * new POST "auth/tokens/decode" Rest API route to decode tokens |
77
94a9484d7f8f
fix security issues allowing to browse remote dicom servers + introduced UnitTests
Alain Mazy <am@osimis.io>
parents:
74
diff
changeset
|
10 * SECURITY FIX: in prior versions, it was possible to browse remote |
94a9484d7f8f
fix security issues allowing to browse remote dicom servers + introduced UnitTests
Alain Mazy <am@osimis.io>
parents:
74
diff
changeset
|
11 dicom-web servers without being authenticated. (The API routes |
94a9484d7f8f
fix security issues allowing to browse remote dicom servers + introduced UnitTests
Alain Mazy <am@osimis.io>
parents:
74
diff
changeset
|
12 /dicom-web/servers/.../studies were unprotected). The local |
94a9484d7f8f
fix security issues allowing to browse remote dicom servers + introduced UnitTests
Alain Mazy <am@osimis.io>
parents:
74
diff
changeset
|
13 dicom-web server was correctly protected. |
72
e381ba725669
new PUT auth/tokens/{token-type} API route + updated interface with WebService
Alain Mazy <am@osimis.io>
parents:
71
diff
changeset
|
14 |
65 | 15 |
63 | 16 2022-11-16 - v 0.4.1 |
62
222f0652025f
fix get argument values that were transformed to lowercase
Alain Mazy <am@osimis.io>
parents:
60
diff
changeset
|
17 ==================== |
222f0652025f
fix get argument values that were transformed to lowercase
Alain Mazy <am@osimis.io>
parents:
60
diff
changeset
|
18 |
222f0652025f
fix get argument values that were transformed to lowercase
Alain Mazy <am@osimis.io>
parents:
60
diff
changeset
|
19 * fix: get argument values were transformed to lower case |
222f0652025f
fix get argument values that were transformed to lowercase
Alain Mazy <am@osimis.io>
parents:
60
diff
changeset
|
20 * the "osimis-web-viewer" StandardConfigurations now take into account |
222f0652025f
fix get argument values that were transformed to lowercase
Alain Mazy <am@osimis.io>
parents:
60
diff
changeset
|
21 the token get argument used when downloading a study from the UI |
222f0652025f
fix get argument values that were transformed to lowercase
Alain Mazy <am@osimis.io>
parents:
60
diff
changeset
|
22 |
60 | 23 2022-11-10 - v 0.4.0 |
24 ==================== | |
53 | 25 |
58
ad279c70c22d
added a new configuration 'StandardConfigurations'
Alain Mazy <am@osimis.io>
parents:
56
diff
changeset
|
26 * new configuration option "CheckedLevel" that is clearer than "UncheckedLevels". |
ad279c70c22d
added a new configuration 'StandardConfigurations'
Alain Mazy <am@osimis.io>
parents:
56
diff
changeset
|
27 "UncheckedLevels" remains for backward compatibility. |
ad279c70c22d
added a new configuration 'StandardConfigurations'
Alain Mazy <am@osimis.io>
parents:
56
diff
changeset
|
28 Allowed values: "patients", "studies", "series", "instances" |
ad279c70c22d
added a new configuration 'StandardConfigurations'
Alain Mazy <am@osimis.io>
parents:
56
diff
changeset
|
29 * new configuration option "StandardConfigurations" to replace multiple configurations. |
ad279c70c22d
added a new configuration 'StandardConfigurations'
Alain Mazy <am@osimis.io>
parents:
56
diff
changeset
|
30 Allowed values: "osimis-web-viewer", "stone-webviewer" |
56
c02f0646297d
added support for /dicom-web/studies?0020000D=1.2.3&...
Alain Mazy <am@osimis.io>
parents:
54
diff
changeset
|
31 * added support for QIDO-RS query arguments (e.g: /dicom-web/studies?0020000D=1.2.3&...) |
59
a5f2976fe8a0
fix Authorization header conflicting with WebServiceUsername
Alain Mazy <am@osimis.io>
parents:
58
diff
changeset
|
32 * possible BREAKING_CHANGE: if "TokenHttpHeaders" is set to "Authorization" and if |
a5f2976fe8a0
fix Authorization header conflicting with WebServiceUsername
Alain Mazy <am@osimis.io>
parents:
58
diff
changeset
|
33 "WebServiceUsername" is defined, the "Authorization" header of the HTTP request |
a5f2976fe8a0
fix Authorization header conflicting with WebServiceUsername
Alain Mazy <am@osimis.io>
parents:
58
diff
changeset
|
34 sent to the auth-service will contain the basic auth info from WebServiceUsername and |
a5f2976fe8a0
fix Authorization header conflicting with WebServiceUsername
Alain Mazy <am@osimis.io>
parents:
58
diff
changeset
|
35 WebServicePassword. You should get the "Authorization" value from the token-value field |
a5f2976fe8a0
fix Authorization header conflicting with WebServiceUsername
Alain Mazy <am@osimis.io>
parents:
58
diff
changeset
|
36 of the payload sent to the auth-service. |
58
ad279c70c22d
added a new configuration 'StandardConfigurations'
Alain Mazy <am@osimis.io>
parents:
56
diff
changeset
|
37 |
54
317b31e99501
Added 3 new configurations: WebServiceUsername, WebServicePassword, WebServiceIdentifier. WebServiceIdentifier is now included in the payload as the 'identifier' field
Alain Mazy <am@osimis.io>
parents:
53
diff
changeset
|
38 2022-09-26 - v 0.3.0 |
317b31e99501
Added 3 new configurations: WebServiceUsername, WebServicePassword, WebServiceIdentifier. WebServiceIdentifier is now included in the payload as the 'identifier' field
Alain Mazy <am@osimis.io>
parents:
53
diff
changeset
|
39 ==================== |
317b31e99501
Added 3 new configurations: WebServiceUsername, WebServicePassword, WebServiceIdentifier. WebServiceIdentifier is now included in the payload as the 'identifier' field
Alain Mazy <am@osimis.io>
parents:
53
diff
changeset
|
40 |
317b31e99501
Added 3 new configurations: WebServiceUsername, WebServicePassword, WebServiceIdentifier. WebServiceIdentifier is now included in the payload as the 'identifier' field
Alain Mazy <am@osimis.io>
parents:
53
diff
changeset
|
41 * Added 3 new configurations: WebServiceUsername, WebServicePassword, WebServiceIdentifier. |
317b31e99501
Added 3 new configurations: WebServiceUsername, WebServicePassword, WebServiceIdentifier. WebServiceIdentifier is now included in the payload as the 'identifier' field
Alain Mazy <am@osimis.io>
parents:
53
diff
changeset
|
42 * The WebServiceIdentifier is now included in the payload sent to the WebService as the |
317b31e99501
Added 3 new configurations: WebServiceUsername, WebServicePassword, WebServiceIdentifier. WebServiceIdentifier is now included in the payload as the 'identifier' field
Alain Mazy <am@osimis.io>
parents:
53
diff
changeset
|
43 "identifier" field. |
317b31e99501
Added 3 new configurations: WebServiceUsername, WebServicePassword, WebServiceIdentifier. WebServiceIdentifier is now included in the payload as the 'identifier' field
Alain Mazy <am@osimis.io>
parents:
53
diff
changeset
|
44 |
53 | 45 |
52 | 46 2022-05-13 - v 0.2.5 |
47 ==================== | |
1 | 48 |
50 | 49 * Fix osimis-viewer route |
43 | 50 |
58
ad279c70c22d
added a new configuration 'StandardConfigurations'
Alain Mazy <am@osimis.io>
parents:
56
diff
changeset
|
51 |
43 | 52 2020-12-10 - v 0.2.4 |
53 ==================== | |
54 | |
28
ae19947abf68
Added support for Osimis Web Viewer new route (osimis-viewer/custom-command/)
am@osimis.io
parents:
25
diff
changeset
|
55 * Added support for Osimis Web Viewer new route (osimis-viewer/custom-command/) |
38 | 56 * Support of dynamic linking against the system-wide Orthanc framework library |
28
ae19947abf68
Added support for Osimis Web Viewer new route (osimis-viewer/custom-command/)
am@osimis.io
parents:
25
diff
changeset
|
57 |
43 | 58 |
25 | 59 2018-08-13 - v 0.2.3 |
60 ==================== | |
61 | |
24 | 62 * Compatibility with Linux Standard Base |
63 * Now using the Orthanc framework | |
1 | 64 |
43 | 65 |
25 | 66 2018-07-19 - v 0.2.2 |
67 ==================== | |
68 | |
69 * Added automated build | |
70 | |
43 | 71 |
16 | 72 2018-03-09 - v 0.2.1 |
73 ==================== | |
74 | |
75 * Upgraded sdk to 1.3.1 | |
76 | |
43 | 77 |
12 | 78 2018-03-08 - v 0.2.0 |
79 ==================== | |
80 | |
81 * Added support for Osimis Web Viewer | |
82 | |
1 | 83 |
84 2017-03-22 | |
85 ========== | |
86 | |
87 * Initial release |