A new /cron endpoint has been introduced, which triggers a cleanup routine.
The cleanup routine loops over all existing clients and deletes all that are
older than the value configured in config.ini.
Periodically calling the cron endpoint is the responsibility of the server admin.
The UserInfo endpoint is for fetching the users profile (name, email, phone number, picture, and so on). Token introspection is for inspecting the access token and determining the authorities the user has (subject (principal), entitlements, and scopes granted).
The information is sent via the cookie 'server_settings'. The value is a
base64-encoded json object containing the data necessary
for site-specific customization.
Also fixed a bug that was preventing the 'add new client' button from being
disabled when the client limit is reached.
- The create button is now disabled when reaching the client limit
- The client list is now always sorted by case-insensitive config name
- Focus moves to the form when opening a dialog
- Fixed some inconsistent use of snake_case vs perlCase
If configured, anyone missing the required entitlement will now be denied
access to the application and its api endpoints. If unset, any authenticated
user is accepted.
Config id:s must now match the regex ^[A-Za-z0-9-]$ in order to be considered
valid. Also rearranged early declarations to make more sense and removed
some dead code.
