Kong v0.5.0 Release Notes
Release Date: 2015-09-25 // over 8 years ago-
๐ With new plugins, many improvements and bug fixes, this release comes with breaking changes that will require your attention.
๐ฅ Breaking changes
โก๏ธ Several breaking changes are introduced. You will have to slightly change your configuration file and a migration script will take care of updating your database cluster. Please follow the instructions in UPGRADE.md for an update without downtime.
- ๐ Many plugins were renamed due to new naming conventions for consistency. #480
- ๐ง In the configuration file, the Cassandra
hostsproperty was renamed tocontact_points. #513 - Properties belonging to APIs entities have been renamed for clarity. #513
public_dns->request_hostpath->request_pathstrip_path->strip_request_pathtarget_url->upstream_url
- ๐
plugins_configurationshave been renamed toplugins, and theirvalueproperty has been renamed toconfigto avoid confusions. #513 - โก๏ธ The database schema has been updated to handle the separation of plugins outside of the core repository.
- ๐ The Key authentication and Basic authentication plugins routes have changed:
Old route New route /consumers/:consumer/keyauth -> /consumers/:consumer/key-auth /consumers/:consumer/keyauth/:id -> /consumers/:consumer/key-auth/:id /consumers/:consumer/basicauth -> /consumers/:consumer/basic-auth /consumers/:consumer/basicauth/:id -> /consumers/:consumer/basic-auth/:id๐ The old routes are still maintained but will be removed in upcoming versions. Consider them deprecated.
- Admin API
- The route to retrieve enabled plugins is now under
/plugins/enabled. - The route to retrieve a plugin's configuration schema is now under
/plugins/schema/{plugin name}.
- The route to retrieve enabled plugins is now under
โ Added
- ๐ Plugins
- New Response Rate Limiting plugin: Give a usage quota to your users based on a parameter in your response. #247
- New ACL (Access Control) plugin: Configure authorizations for your Consumers. #225
- New JWT (JSON Web Token) plugin: Verify and authenticate JWTs. #519
- New HMAC signature plugin: Verify and authenticate HMAC signed HTTP requests. #549
- Plugins migrations. Each plugin can now have its own migration scripts if it needs to store data in your cluster. This is a step forward to improve Kong's pluggable architecture. #443
- Basic Authentication: the password field is now sha1 encrypted. #33
- Basic Authentication: now supports credentials in the
Proxy-Authorizationheader. #460
๐ Changed
- Basic Authentication and Key Authentication now require authentication parameters even when the
Expect: 100-continueheader is being sent. #408 - ๐ฐ Key Auth plugin does not support passing the key in the request payload anymore. #566
- APIs' names cannot contain characters from the RFC 3986 reserved list. #589
๐ Fixed
- Resolver
- Making a request with a querystring will now correctly match an API's path. #496
- Admin API
- Data associated to a given API/Consumer will correctly be deleted if related Consumer/API is deleted. #107 #438 #504
- The
/api/{api_name_or_id}/plugins/{plugin_name_or_id}changed to/api/{api_name_or_id}/plugins/{plugin_id}to avoid requesting the wrong plugin if two are configured for one API. #482 - APIs created without a
namebut with arequest_pathwill now have a name which defaults to the setrequest_path. #547
- ๐ Plugins
- Mashape Analytics: More robust buffer and better error logging. #471
- Mashape Analytics: Several ALF (API Log Format) serialization fixes. #515
- Oauth2: A response is now returned on
http://kong:8001/consumers/{consumer}/oauth2/{oauth2_id}. #469 - Oauth2: Saving
authenticated_useridon Password Grant. #476 - Oauth2: Proper handling of the
/oauth2/authorizeand/oauth2/tokenendpoints in the OAuth 2.0 Plugin when an API with apathis being consumed using thepublic_dnsinstead. #503 - OAuth2: Properly returning
X-Authenticated-UserIdin theclient_credentialsandpasswordflows. #535 - Response-Transformer: Properly handling JSON responses that have a charset specified in their
Content-Typeheader.