v1.7.0

1.7

We start 2022 with a fresh release of Couper with some exciting features.

Our OpenID-Connect (OIDC) configuration specification has been proven as final and is moved out of beta to the oidc block.
(Couper will still support beta_oidc until version 1.8). With OIDC, Couper supports a variety of Identity Provides such as Google, Azure AD, Keycloak and many more.

While microservices aim for decoupling, they still need to work together. A typical API gateway approach is to make them individually accessible and move the point of integration into the client. Couper sequences however allows you to chain requests in the gateway. The response of one service call is used as input for the request to the next service. This keeps coupling loose and inter-service connectivity robust.
How Couper can help here is explained in our sequence example.

As part of our efforts to ease observability, Couper now allows you to collect custom log data. Use the custom_log_fields attribute
all over your configuration file to augment your logs with information that is relevant to your application. Check out our example to find out how it works.

To further improve the developer experience with Couper the container image supports amd64 and arm64 architecture now.
On top of that the binary installation has been improved for homebrew users: brew tap avenga/couper && brew install couper and go!

• Added

  • Support for sequences of outgoing endpoint requests (#405)
  • expected_status attribute for request and proxy block definitions which can be caught with error handling (#405)
  • custom_log_fields attribute to be able to describe a user defined map for custom log field enrichment (#388)
  • jwt block/jwt_signing_profile block support ECDSA signatures (#401)
  • user as context variable from a Basic Auth is now accessible via request.context.<label>.user for successfully authenticated requests (#402)

• Changed

  • oidc block is out of beta. (The beta_oidc block name will be removed with Couper 1.8. (#400)
  • oauth2_authorization_url() and oauth2_verifier() functions are our of beta. (The old function names beta_oauth_... will be removed with Couper 1.8). (#400)
  • The access control for the OIDC redirect endpoint (oidc block) now verifies ID token signatures (#404)
  • header = "Authorization" is now the default token source for JWT and may be omitted (#413)
  • Improved the validation for unique keys in all map-attributes in the config (#403)
  • Missing scope or roles claims, or scope or roles claim with unsupported values are now ignored instead of causing an error (#380)

• Fixed

  • build-date configuration for binary and docker builds (#396)
  • exclude file descriptor limit startup-logs for Windows (#396, #383)
  • possible race conditions while updating JWKS for the JWT access control (#398)
  • panic while accessing primitive variables with a key (#377)
  • default() function continues to the next fallback value if this is a string type and an argument evaluates to an empty string (#408)
  • missing read of client-request bodies if related variables are used in referenced access controls only (e.g. JWT token source) (#415)

• Dependencies

  • Update kin-openapi used for OpenAPI validation to v0.83.0 (#399)