You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This release introduces Beta Features. We use beta features to develop and experiment with new, complex features for you while still being able to maintain our compatibility promise. You can see beta features as a feature preview. To make users aware that a beta feature is used their configuration items are prefixed with beta_.
The first beta features incorporate the OAuth2 functionality into the Access Control capabilities of Couper. The beta_oauth2 {} block implements OAuth2 Authorization Code Grant Flows. The companion block beta_oidc {} implements OIDC, which allows simple integration of 3rd-party systems such as Google, Github or Keycloak for SSO (Single-Sign-On).
Together with transparent Websockets support that you can enable in your proxy {} block, you can guard existing Web applications with Couper via OIDC.
To aid observability of your setups, Couper sends its request ID as the Couper-Request-Id HTTP header in both backend requests and client responses. This makes it possible to trace events and correlate logs throughout the service chain. Couper can also accept a request ID generated by a downstream system like for example a load balancer. Like all settings, these can be configured in the config, as command line flag or via environment variables.
Load balancers or ingress services often provide X-Forwarded-Host headers. Couper can be configured to use these to change the properties of the request variable. This allows a Couper configuration to adapt to the run time enviroment, for example to create a back link for OIDC or SAML authorization requests with the request.origin variable.
If your applications are running in multiple setups, like testing and production environments, there will likely be more parameters that you want to have configurable. Backend origins, user names, credentials, timeouts, all that could be nice to be changed without a new deployment. Couper supports using environment variables with env.VAR-like expressions. Now, Couper can also provide default values for those variables. This makes it easy to have values configurable without the need to provide values outside of Couper (e.g. in Kubernetes). Our env vars example shows that in action.
Added
environment_variables map in the defaults block to define default values for environment variables (#271)
https-dev-proxy option creates a TLS server listing on the given TLS port. Requests are forwarded to the given server port. The certificate is generated on-the-fly. This function is intended for local development setups to support browser features requiring HTTPS connections, such as secure cookies. (#281)
websockets option in proxy block enables transparent websocket support when proxying to upstream backends (#198)
Client request variablesrequest.url, request.origin, request.protocol, request.host and request.port (#255)
Run option-accept-forwarded-url and settingaccept_forwarded_url to accept proto, host, or port from X-Forwarded-Proto, X-Forwarded-Host or X-Forwarded-Port request headers (#255)
Couper sends its request ID as Couper-Request-Id HTTP header in backend requests and client responses. This can be configured with the request_id_backend_header and request_id_client_headersettings (#268)
request_id_accept_from_header setting configures Couper to use a downstream request ID instead of generating its own in order to help correlating log events accross services (#268)
reacted with thumbs up emoji reacted with thumbs down emoji reacted with laugh emoji reacted with hooray emoji reacted with confused emoji reacted with heart emoji reacted with rocket emoji reacted with eyes emoji
-
1.4
Release date: 2021-08-26
This release introduces Beta Features. We use beta features to develop and experiment with new, complex features for you while still being able to maintain our compatibility promise. You can see beta features as a feature preview. To make users aware that a beta feature is used their configuration items are prefixed with
beta_.The first beta features incorporate the OAuth2 functionality into the Access Control capabilities of Couper. The
beta_oauth2 {}block implements OAuth2 Authorization Code Grant Flows. The companion blockbeta_oidc {}implements OIDC, which allows simple integration of 3rd-party systems such as Google, Github or Keycloak for SSO (Single-Sign-On).Together with transparent Websockets support that you can enable in your
proxy {}block, you can guard existing Web applications with Couper via OIDC.To aid observability of your setups, Couper sends its request ID as the
Couper-Request-IdHTTP header in both backend requests and client responses. This makes it possible to trace events and correlate logs throughout the service chain. Couper can also accept a request ID generated by a downstream system like for example a load balancer. Like all settings, these can be configured in the config, as command line flag or via environment variables.Load balancers or ingress services often provide
X-Forwarded-Hostheaders. Couper can be configured to use these to change the properties of therequestvariable. This allows a Couper configuration to adapt to the run time enviroment, for example to create a back link for OIDC or SAML authorization requests with therequest.originvariable.If your applications are running in multiple setups, like testing and production environments, there will likely be more parameters that you want to have configurable. Backend origins, user names, credentials, timeouts, all that could be nice to be changed without a new deployment. Couper supports using environment variables with
env.VAR-like expressions. Now, Couper can also provide default values for those variables. This makes it easy to have values configurable without the need to provide values outside of Couper (e.g. in Kubernetes). Our env vars example shows that in action.Added
environment_variablesmap in thedefaultsblock to define default values for environment variables (#271)https-dev-proxyoption creates a TLS server listing on the given TLS port. Requests are forwarded to the givenserverport. The certificate is generated on-the-fly. This function is intended for local development setups to support browser features requiring HTTPS connections, such as secure cookies. (#281)websocketsoption inproxyblock enables transparent websocket support when proxying to upstream backends (#198)request.url,request.origin,request.protocol,request.hostandrequest.port(#255)-accept-forwarded-urland settingaccept_forwarded_urlto acceptproto,host, orportfromX-Forwarded-Proto,X-Forwarded-HostorX-Forwarded-Portrequest headers (#255)Couper-Request-IdHTTP header in backend requests and client responses. This can be configured with therequest_id_backend_headerandrequest_id_client_headersettings (#268)request_id_accept_from_headersetting configures Couper to use a downstream request ID instead of generating its own in order to help correlating log events accross services (#268)couper.versionvariable (#274)protocol,host,port,origin,body,json_bodytobackend_requestsvariable (#278)Changed
sp_acs_urlin the SAML Block may now be relative (#265)Fixed
request.urlandbackend_requests.<label>.urlnow contain a query string if present (#278)backend_responses.<label>.statusis now integer (#278)backend_requests.<label>.form_bodywas always empty (#278)request.query.<name>(#278)htpasswd_fileattribute was defined (#293)Beta
beta_oauth2 {}block;beta_oauth_authorization_url()andbeta_oauth_verifier()(#247)beta_oidc {}block (#273)This discussion was created from the release 1.4.
Beta Was this translation helpful? Give feedback.
All reactions