Mercurial > hg > orthanc-authorization

view NEWS @ 81:fac45493d547

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
more flexibility wrt configuration
author Alain Mazy <am@osimis.io>
date Thu, 16 Mar 2023 17:38:03 +0100
parents 94a9484d7f8f
children 9194a65254d4
line wrap: on
line source

* BREAKING-CHANGE: the API between the authorization plugin and the 
  WebService has slightly changed.  Check the samples in the README (TODO).
  - "identifier" has been renamed into "server-id"
* new user-permission based authorization model.  This is enabled if you
  define the new "WebServiceUserProfileUrl" configuration.
* new "orthanc-explorer-2" StandardConfigurations
* new GET "auth/user/profile" Rest API route to retrieve user permissions
* new PUT "auth/tokens/{token-type}" Rest API route to create tokens
* new POST "auth/tokens/decode" Rest API route to decode tokens
* SECURITY FIX: in prior versions, it was possible to browse remote
  dicom-web servers without being authenticated.  (The API routes
  /dicom-web/servers/.../studies were unprotected).  The local
  dicom-web server was correctly protected.


2022-11-16 - v 0.4.1
====================

* fix: get argument values were transformed to lower case
* the "osimis-web-viewer" StandardConfigurations now take into account
  the token get argument used when downloading a study from the UI

2022-11-10 - v 0.4.0
====================

* new configuration option "CheckedLevel" that is clearer than "UncheckedLevels".
  "UncheckedLevels" remains for backward compatibility.
  Allowed values: "patients", "studies", "series", "instances"
* new configuration option "StandardConfigurations" to replace multiple configurations.
  Allowed values: "osimis-web-viewer", "stone-webviewer"
* added support for QIDO-RS query arguments (e.g: /dicom-web/studies?0020000D=1.2.3&...)
* possible BREAKING_CHANGE: if "TokenHttpHeaders" is set to "Authorization" and if
  "WebServiceUsername" is defined, the "Authorization" header of the HTTP request
  sent to the auth-service will contain the basic auth info from WebServiceUsername and 
  WebServicePassword.  You should get the "Authorization" value from the token-value field
  of the payload sent to the auth-service.

2022-09-26 - v 0.3.0
====================

* Added 3 new configurations: WebServiceUsername, WebServicePassword, WebServiceIdentifier.
* The WebServiceIdentifier is now included in the payload sent to the WebService as the 
  "identifier" field.


2022-05-13 - v 0.2.5
====================

* Fix osimis-viewer route


2020-12-10 - v 0.2.4
====================

* Added support for Osimis Web Viewer new route (osimis-viewer/custom-command/)
* Support of dynamic linking against the system-wide Orthanc framework library


2018-08-13 - v 0.2.3
====================

* Compatibility with Linux Standard Base
* Now using the Orthanc framework


2018-07-19 - v 0.2.2
====================

* Added automated build


2018-03-09 - v 0.2.1
====================

* Upgraded sdk to 1.3.1


2018-03-08 - v 0.2.0
====================

* Added support for Osimis Web Viewer


2017-03-22
==========

* Initial release