Skip to content

Latest commit

 

History

History
346 lines (250 loc) · 14.3 KB

BREAKING.md

File metadata and controls

346 lines (250 loc) · 14.3 KB

Server Breaking Changes

Note: These breaking changes are only relevant to the server packages and images released from ./routerlicious.

Contents

4.0.0 Breaking Changes

An invalid JWT token will now return a 401 error instead of a 500

When we auth request JWT token, previous we would fail directly for the invalid/malformtted JWT token and don't do any handling and return 500. Now it is returning a 401 with Invalid token information

1.0.0 Breaking Changes

getLatestKeyVersion function added to ISecretManager

ISecretManager has a new function getLatestKeyVersion. By default, just return undefined in this function, it will be backward compatible with existing logic. However, you can add custom logic yourself.

export class SecretManager implements core.ISecretManager {
	public getLatestKeyVersion(): core.EncryptionKeyVersion {
		return undefined;
	}
        ......
}

The ISecretManager.decrypt/encryptSecret functions support encryptionKeyVersion parameter

decryptSecret() and encryptSecret()functions in ISecretManager have a new optional parameter encryptionKeyVersion.

export class SecretManager implements core.ISecretManager {
        ......
        public decryptSecret(
		encryptedSecret: string,
		encryptionKeyVersion?: core.EncryptionKeyVersion,
	): string {
		return encryptedSecret;
	}

	public encryptSecret(secret: string, encryptionKeyVersion?: core.EncryptionKeyVersion): string {
		return secret;
	}
}

auth.ts Refactor function validateTokenRevocationClaims to validateTokenScopeClaims

Before: validateTokenRevocationClaims() Now: validateTokenScopeClaims(expectedScopes: string) Valid expectedScopes are either DocDeleteScopeType or TokenRevokeScopeType

IDocumentDeleteService added to alfred runnerFactory and resource

export class AlfredResources implements core.IResources {
...
	constructor(
    ...
		public documentRepository: core.IDocumentRepository,
		public documentDeleteService: IDocumentDeleteService,
		public throttleAndUsageStorageManager?: core.IThrottleAndUsageStorageManager,
    ...
  )
...
}

DocumentStorage class take one additional IStorageNameAllocator parameter

One more IStorageNameAllocator parameter need for DocumentStorage class to assign a storage name while initial upload

The foreman lambda was removed

The foreman lambda in server has not been in use for a while so we are removing it.

0.1038 Breaking Changes

aggregate function from MongoCollection became async

Before: const cursor = collection.aggregate([ ... ]);

Now: const cursor = await collection.aggregate([ ... ]);

0.1037 Breaking Changes

IDeltaService added to alfred runnerFactory and resource

export class AlfredResources implements core.IResources {
    ...
    constructor(
        public config: Provider,
        public producer: core.IProducer,
        public redisConfig: any,
        public clientManager: core.IClientManager,
        public webSocketLibrary: string,
        public orderManager: core.IOrdererManager,
        public tenantManager: core.ITenantManager,
        public restTenantThrottlers: Map<string, core.IThrottler>,
        public restClusterThrottlers: Map<string, core.IThrottler>,
        public socketConnectTenantThrottler: core.IThrottler,
        public socketConnectClusterThrottler: core.IThrottler,
        public socketSubmitOpThrottler: core.IThrottler,
        public socketSubmitSignalThrottler: core.IThrottler,
        public singleUseTokenCache: core.ICache,
        public storage: core.IDocumentStorage,
        public appTenants: IAlfredTenant[],
        public mongoManager: core.MongoManager,
        public deltaService: core.IDeltaService,
        public port: any,
        public documentsCollectionName: string,
        public metricClientConfig: any,
        public documentsCollection: core.ICollection<core.IDocument>,
        public throttleAndUsageStorageManager?: core.IThrottleAndUsageStorageManager,
    )
    ....

export class AlfredResourcesFactory implements core.IResourcesFactory<AlfredResources> {
    public async create(config: Provider): Promise<AlfredResources> {
        ...
        return new AlfredResources(
            config,
            producer,
            redisConfig,
            clientManager,
            webSocketLibrary,
            orderManager,
            tenantManager,
            restTenantThrottlers,
            restClusterThrottler,
            socketConnectTenantThrottler,
            socketConnectClusterThrottler
            socketSubmitOpThrottler,
            socketSubmitSignalThrottler,
            redisJwtCache,
            storage,
            appTenants,
            operationsDbMongoManager,
            deltaService,
            port,
            documentsCollectionName,
            metricClientConfig,
            documentsCollection,
            throttleAndUsageStorageManager);

0.1032 Breaking Changes

@fluidframework/[email protected]

deleteSummary added to IGitManager and IGitService

deleteSummary(softDelete: boolean): Promise<void>;

@fluidframework/[email protected]

encoding type change

The encoding property of ICreateBlobParams has changed type from string to "utf-8" | "base64" to match the only supported values.

0.1023 Breaking Changes

@fluidframework/[email protected]

shared.SocketIORedisConnection and shared.SocketIoServer using ioredis

import * as Redis from "ioredis";
import socketIo from "socket.io";
import { SocketIORedisConnection } from "@fluidframework/server-services";

const options: Redis.RedisOptions = {
	host: "host",
	port: "6379",
};
const pub = new Redis.default(options);
const sub = new Redis.default(options);

const pubConn = new SocketIORedisConnection(pub);
const subConn = new SocketIORedisConnection(sub);
const server = new SocketIoServer(new SocketIo(), pub, sub);

services.RedisCache, services.ClientManager, services.RedisThrottleManager, and services.SocketIoRedisPublisher using ioredis

import Redis from "ioredis";
import * as services from "@fluidframework/server-services";

const options: Redis.RedisOptions = {
	host: "host",
	port: "6379",
};
const redisClient = new Redis(options);

const redisCache = new services.RedisCache(redisClient);
const clientManager = new services.ClientManager(redisClient);
const redisClientForThrottling = new services.RedisThrottleStorageManager(redisClient);

const publisher = new services.SocketIoRedisPublisher(options);

0.1022 Breaking Changes

@fluidframework/[email protected]

client.validateTokenClaims no longer contains token expiration logic

Token expiration logic has been moved from validateTokenClaims to validateTokenClaimsExpiration. To maintain functionality, use the two in succession. For example,

import {
	validateTokenClaims,
	validateTokenClaimsExpiration,
} from "@fluidframework/server-services-client";

const claims = validateTokenClaims(token, tenantId, documentId);
if (isTokenExpiryEnabled) {
	validateTokenClaimsExpiration(claims, maxTokenLifetimeSec);
}

client.validateTokenClaims throws on invalid claims

validateTokenClaims previously returned undefined if claims were invalid. Now, instead, it will throw a NetworkError that contains a status code (i.e. 401 or 403).

@fluidframework/[email protected]

utils.validateTokenClaims no longer contains token expiration logic

Token expiration logic has been moved from validateTokenClaims to @fluidframework/server-services-client's validateTokenClaimsExpiration. To maintain functionality, use the two in succession. For example,

import { validateTokenClaims } from "@fluidframework/server-services-utils";
import { validateTokenClaimsExpiration } from "@fluidframework/server-services-client";

const claims = validateTokenClaims(token, tenantId, documentId);
if (isTokenExpiryEnabled) {
	validateTokenClaimsExpiration(claims, maxTokenLifetimeSec);
}

utils.validateTokenClaims throws on invalid claims

validateTokenClaims previously returned undefined if claims were invalid. Now, instead, it will throw a NetworkError that contains a status code (i.e. 401 or 403).

0.1020 Breaking Changes

@fluidframework/[email protected]

RestWrapper is now an abstract class

RestWrapper is now an abstract class that cannot be instantiated. Use BasicRestWrapper instead to maintain current functionality.

Historian class no longer handles request headers

The Historian client class no longer builds its own request headers, and therefore does not have constructor parameters getCredentials and getCorrelationId. Instead, it relies on the consumer to pass in a RestWrapper with the desired default headers. To easily generate the necessary token format for communicating with the Historian service, use the new getAuthorizationTokenFromCredentials() function. For example,

import {
	BasicRestWrapper,
	Historian,
	getAuthorizationTokenFromCredentials,
	ICredentials,
} from "@fluidframework/server-services-client";

const credentials: ICredentials = { user: "user", password: "password" };
const token = getAuthorizationTokenFromCredentials(credentials);
const restWrapper = new BasicRestWrapper(baseUrl, {}, undefined, { Authorization: token });
const Historian = new Historian(baseUrl, true, false, restWrapper);

Alfred endpoints deltas/ and documents/ now validate token for every incoming request

All the Alfred deltas/ and documents/ endpoints will now expect a valid JWT token as part of the authorization header. The token claims will be validated by Alfred and the token will be validated via Riddler api. The corresponding routerlicious driver changes are available with package @fluidframework/routerlicious-driver version >= 0.34.1.

0.1019 and earlier Breaking Changes

Breaking changes in server packages and images were not tracked before 0.1020.