Releases: boostercloud/booster
Add SortBy support for Azure and Local Providers
What's Changed
- Add SortBy support for Azure and Local Providers
See documentation
Full Changelog: v0.26.10...v0.26.11
Improve Local and Azure queries
What's Changed
- Add paginated queries to Local Provider
- Fix Local Provider queries with objects in the
includesvalue - Fix Azure Provider nested queries
Full Changelog: v0.26.9...v0.26.10
Improved token verifications
What has changed
- If there is any expired token error while verifying the token then a
BoosterTokenExpiredErrorerror will be thrown. - If there is any NotBefore token error while verifying the token, a
BoosterTokenNotBeforeErrorerror will be thrown. - On any other token error, a NotAuthorizedError will be thrown.
Complete changelog: v0.26.8...v0.26.9
Fixed small bugs on read models
What's Changed
- Avoid creating projection if the read model join key is not valid
- Avoid sending an empty object to read the model when a snapshot doesn't exist
Full Changelog: v0.26.7...v0.26.8
Add Event API to Azure Provider
Description
This version add the event API to the Azure Provider
Code and data fields on GraphQL Error messages
Description
This version add code and data fields on GraphQL Error messages
Multiple JWT roles
Description
This version improves Booster's Custom Authentication by including the possibility to manage more than one JWT role.
Details
Until now, if we defined the rolesClaim field as: firebase:groups this field could only contain a text string. Example:
{
"firebase:groups": "User",
"iss": "https://securetoken.google.com/demoapp",
"aud": "demoapp",
"auth_time": "1604676721",
"user_id": "xJYY5Y6fTbVggNtDjaNh7cNSBd7q1",
"sub": "xJY5Y6fTbVggNtDjaNh7cNSBd7q1",
"iat": 1604676721,
"exp": "1604680321",
"phone_number": "+99999999999",
}
}It is now possible to also indicate a list of values, such that, if any of the strings match any of the defined roles, the validation will be successful. Example:
{
"firebase:groups": ["Readers", "Writters"],
"iss": "https://securetoken.google.com/demoapp",
"aud": "demoapp",
"auth_time": "1604676721",
"user_id": "xJYY5Y6fTbVggNtDjaNh7cNSBd7q1",
"sub": "xJY5Y6fTbVggNtDjaNh7cNSBd7q1",
"iat": 1604676721,
"exp": "1604680321",
"phone_number": "+99999999999",
}
}Execution context + JWT token custom validations
This new Booster version contains a context property inside the commands Register object. In that way, the user could log, intercept or validate at the command side the content of the context object.
@Command({
authorize: 'all',
})
export class CreatePost {
public constructor(
readonly postId: UUID,
readonly title: string,
readonly content: string,
readonly author: string
) {}
public static async handle(command: CreatePost, register: Register): Promise<void> {
console.log('Our awesome context', register.context)
register.events(new PostCreated(command.postId, command.title, command.content, command.author))
}
}
Also, we support a new extraValidation function inside the TokenVerifierConfig to perform custom JWT token validations which will be executed always after the JWT standard validations, expiration, issuers checks, and so on.
This is the new signature for TokenVerifierConfig:
export type TokenVerifierConfig = {
issuer: string
jwksUri?: string
publicKey?: string
rolesClaim?: string
extraValidation?: (jwtToken: unknown, rawToken: string) => void
}
The extraValidation function will receive the decoded token jwtToken which includes the header, payload, and signature. Also, the raw token is provided for additional checks. This extraValidation function must throw an exception if any custom validation doesn't match.
Example config:
const configWithExtraValidation = new BoosterConfig('test with extra validation')
configWithExtraValidation.tokenVerifiers = [
{
issuer: 'auth0',
jwksUri: 'https://myauth0app.auth0.com/.well-known/jwks.json',
extraValidation: (jwtToken, _rawToken) => {
if ((jwtToken.headers as any)?.alg !== 'RS512') {
throw 'Invalid token encoding'
}
if ((jwtToken.payload as any)?.['custom:role'] !== 'Admin') {
throw 'Unauthorized'
}
},
},
]
Rockets 2.0 - Multi-provider Rockets
Rockets 2.0
Rockets 2.0 is here!
This new Booster version includes the new Rockets 2.0 functionality that allows you to create multi-providers Rockets.
A Multi-providers Rocket is a Rocket that includes an implementation for different vendors in the same Rocket. For example, you can create a Rocket to handle webhooks that works for Azure or Local Provider in the same Rocket.
This functionality supports the following providers:
- Azure Provider
- Local Provider
New improvement with a new Terraform provider
What's Changed
This release introduces a new Azure provider for Booster, which makes deploying your applications more reliable by using Terraform.
Thanks to this new provider, Azure supports will come close to the AWS provider sooner than expected 🚀 💪 .
And, you can now create Terraform templates with a new Booster synth command.
Full Changelog: v0.21.7...v0.22.0