. . .

Version 20.11

The new November 2020 Release of ApiOmat features the beta version of our Microservice Generation Feature, authentication with JWT, besides additional changes. See below for further information on these topics.

Note that this is the second version with the changed versioning scheme. As of this version, we will provide larger releases every four months, which will contain a set of the different software parts in different versions.

The ApiOmat version 20.11 consists of the following versions of sub-components and services:

New Features

Microservices Generation

Generate Spring Boot Microservices in a simple way to bring your business logic into ApiOmat.

Generated microservices are following defined boundaries so that also developers with less experience can achieve results fast. Security audits can take place only one time.

With this release you are able to generate Spring boot microservices, deploy and execute them in your ApiOmat environment.

With services based on Spring boot you can fastly integrate your businesslogic and benefit from the large spring ecosystem.

Powerful, secure and efficient authentication with JWT

ApiOmat is shipped now with our new service called Bouncer for easier integration of third party authentication providers (Active Directory, LDAP, SSO, Mulitfactor Authentication) inside your application. Besides that we provied a stronger separation between Authentication and Authorization and using JWT now for secure authentication.

Clean Separation Between Authorization And Authentication

A major change in the ApiOmat 20.11 release is the clean separation between authentication and authorization.
In short, an authentication check is about checking whether the requesting user is the one, who he says that he is. While authorization checks whether the user has access to the requested resource.
In the past, we did not provide a clear separation between these two topics and changed it in the current release. We will explain in this section, what has changed, which implications this has and what advantages you get from this.

Previous versions checked the authentication altogether with the authorization at a central point. This lead to the situation that within one request the authentication has been checked multiple times, including multiple calls to the auth-method within a native module. Although there were some caching mechanisms that prevented multiple authentication checks, there were still some cases where, under special circumstances, these checks would still occur.

Since ApiOmat 20.11, the authentication is done directly and solely when the request comes in, before any other logic is executed. Therefore your auth method gets executed only once. If your module's auth-method contains authorization logic, you should move this logic parts to the isUserInRoles method and only keep the authentication logic in your auth-method.

The APIKey checks were also moved to the beginning execution of the request. Therefore this check gets only executed once and not within the execution of a native module.

For custom REST-Endpoints you'll still need to do the checks by yourself.

As a side effect a wrong APIKey as well as a model-request for a non-existing app will now consistently lead to a "API Key was not correct" exception ( status code 841 or 401 ) instead of a "Application was not found!" exception ( status code 801 or 404 ).

C# Embedded Documents Support

New C# SDK supports now ApiOmat Embedded Objects in all CRUD methods

Breaking changes

Breaking changes may require changes in configuration, apps, or native module code after an ApiOmat upgrade to ensure system stability.

Affects

Change

Implications

Delete Parent Module Endpoint

Instead of the need to send a payload to the delete parent module endpoint you now need to give the parentModuleName and parentModuleVersion to the path:

  • old:/yambas/rest/modules/{moduleName}/v/{moduleVersion}/parent

  • new: /yambas/rest/modules/{moduleName}/v/{moduleVersion}/parent/{parentModuleName} /v/{parentModuleVersion}

If you called the delete parent endpoints before you need to switch to the new one.

Swift SDK,
Objective-C SDK

The Swift SDK has been adapted to work with Objective-C code:

  • Generated classes inherit from NSObject

  • Added methods for usage in Objective-C, these methods are postfixed with "ObjC", e.g. DataStore.loadCountForReferenceObjC. These methods are for handling optional parameters of primitive types, e.g. the Bool "usePersistentStorage", as primitive types cannot be nil in Objective-C. So instead, we provide one method with the parameter and one without it.

Classes in base modules such as Basics, Push, Facebook etc. are prefixed with AOM, e.g. AOMUser, because Objective-C does not have name-spacing.

If you used a String attribute named "description", it will be generated as a method because "description" is used as a property name in NSObject.

Objective-C SDK,
JavaScript SDK,
Phonegap SDK,
ReactNative SDK

The following SDKs ran out of deprecation and were removed from ApiOmat:

  • Objective-C SDK, JavaScript SDK, Phonegap SDK, ReactNative SDK

Those specific SDKs cannot be generated anymore with YAMBAS version 3.6.0 and higher. Please use the following replacements instead:

  • Swift, Typescript

Google Analytics, Restore Module,
Evalanche Module,
Wordpress Module, Mandrill,
ApiOmat Studio,
UIs

These static modules were removed from ApiOmat

YAMBAS and Dashboard

The Tomcat used for YAMBAS installation was updated to 8.5.60 .
To reduce risks regarding GhostCat leaks we decided to remove the AJP Connector setup by default.

If you want to use the AJP Connector in your ApiOmat environment, you now need to set it up manually after installation.
Please follow the official Tomcat AJP Configuration documentation. It is recommended to enable security functionality by defining an AJP secret for communication.

Remarkable changes

Remarkable changes do not affect system stability after ApiOmat upgrade, but may require changes in configuration, apps, or modules in the next development cycle.

Affects

Change

Implications

OAuth2 tokens

We have changed the hash function used to generate OAuth2 tokens, so any existing tokens will no longer work. Therefore, all existing tokens (including manually set tokens) will be deleted when upgrading from a previous version.

After upgrading, generate new tokens for any Customers/Users that need them.

Consul registration

We have added a scheduled job to check if YAMBAS is (still) registered to Consul, and re-register it if not.

This job is deactivated by default. You can activate it by setting a specific application property.

Please note that this job does not work if you are using a Consul cluster, as YAMBAS may be registered in a different node.

To activate the job, set the application property common.consul.health.registrationCheckInterval to a positive integer, which will be the job interval (e.g. a value of 5 means the job will be executed once every five minutes).

Installations using usernames for Customers, Organizations and/or Users that only differ in case

It is no longer possible to create Customers, Organizations or Users with usernames that are identical except for case, e.g. "Freddy" and "freddy"

This is because Bouncer, our authentication microservice, cannot handle different casings.

The minimum required MongoDB version has been raised from 3.2 to 3.4. Please upgrade if necessary.

Customers and Organizations with usernames identical except for case may not be useable anymore.

With Users, the change only automatically affects new applications. It does not affect existing applications unless all the data for the User class is deleted (via "Drop all data" or "Drop class data") in the Dashboard.

Changelog

Schlüssel

Zusammenfassung

S

Lösung

DAS-2097

Wrong URL called for image/file name information for embedded objects in dataeditor

images/jira.apiomat.com/secure/viewavatar.svg

Fixed

DAS-2093

[PUSH] timepicker closes immediately after a click on chrome

images/jira.apiomat.com/secure/viewavatar.svg

Fixed

DAS-2078

[CSV] Allow Export with READ role

images/jira.apiomat.com/secure/viewavatar.png

Fixed

DAS-2074

Login page hungs up when yambas unavailable

images/jira.apiomat.com/secure/viewavatar.svg

Fixed

DAS-2073

[CSV] Add "Deselect All" possibility in Dashboard

images/jira.apiomat.com/secure/viewavatar.svg

Fixed

DAS-2066

Unversioned Role class not selectable

images/jira.apiomat.com/secure/viewavatar.png

Fixed

DAS-2032

Access yambas ping endpoint with customer credentials

images/jira.apiomat.com/secure/viewavatar.png

Fixed

BREW-109

Provide service library for usage in other services

images/jira.apiomat.com/secure/viewavatar.svg

Fixed

AOM-6030

missing MongoDB index slows down the file handling of Yambas

images/jira.apiomat.com/secure/viewavatar.png

Fixed

AOM-6028

JMX Connection Pool Monitoring for MongoDB-Driver not enabled by default

images/jira.apiomat.com/secure/viewavatar.svg

Fixed

AOM-6011

[TS SDK] object not saving the date attributes in embedded object

images/jira.apiomat.com/secure/viewavatar.svg

Fixed

AOM-6001

Yambas always tries to update accounts in Analytics even when not configured

images/jira.apiomat.com/secure/viewavatar.svg

Fixed

AOM-5991

Implement ReRegistration of Yambas when Consul was restarted

images/jira.apiomat.com/secure/viewavatar.png

Fixed

AOM-5966

Don't leak detailed information in error message

images/jira.apiomat.com/secure/viewavatar.png

Fixed

AOM-5963

[C# SQLite] wrong time in C# for createdAt and lastModifiedAt

images/jira.apiomat.com/secure/viewavatar.svg

Fixed

AOM-5961

Custom error code gets overwritten in afterpostData

images/jira.apiomat.com/secure/viewavatar.svg

Fixed

AOM-5960

[TypeScript] configureWithSessionToken cannot be configured with url, apikey, system

images/jira.apiomat.com/secure/viewavatar.png

Fixed

AOM-5956

Roleclass does not get found if newer version exists in another system

images/jira.apiomat.com/secure/viewavatar.svg

Fixed

AOM-5952

[Swift] AbstractClientDataModel has field AppName but should be ApplicationName

images/jira.apiomat.com/secure/viewavatar.svg

Fixed

AOM-5947

Reduce base load when having a lot of apps

images/jira.apiomat.com/secure/viewavatar.png

Fixed

AOM-5938

Use sh instead of bash in Docker image

images/jira.apiomat.com/secure/viewavatar.png

Fixed

AOM-5922

Apply improvements of yambas-docker image

images/jira.apiomat.com/secure/viewavatar.png

Fixed

AOM-5921

Fix and mitigate Model not found failure after startup

images/jira.apiomat.com/secure/viewavatar.svg

Fixed

AOM-5916

Usage of isUserInRoles method from another module causes ClassNotFound exception

images/jira.apiomat.com/secure/viewavatar.svg

Fixed

AOM-5915

App-specific endpoints in apidocs do not work with more than two modules with custom rest endpoints attached to backend

images/jira.apiomat.com/secure/viewavatar.svg

Fixed

AOM-5895

Incorrect refModelHref link in rest api

images/jira.apiomat.com/secure/viewavatar.svg

Fixed

AOM-5890

[Android SQLite] Unset fields are always sent to yambas on save()

images/jira.apiomat.com/secure/viewavatar.svg

Fixed

AOM-5868

[C#SQLite] Class with name "Status" leads to compilation errors in SDK

images/jira.apiomat.com/secure/viewavatar.svg

Fixed

AOM-5860

[TypeScript] GET requests with query fail in react native on iOS 13

images/jira.apiomat.com/secure/viewavatar.svg

Fixed

AOM-5826

[Swift] usePersistentStorage ignored when reading list of objects

images/jira.apiomat.com/secure/viewavatar.svg

Fixed

AOM-5820

[Push] Use HTTP/2-based APNS provider API

images/jira.apiomat.com/secure/viewavatar.svg

Fixed

AOM-5817

[iOS][Swift] Update Swift-SDK to use in Objective-C-Project

images/jira.apiomat.com/secure/viewavatar.svg

Fixed

AOM-5776

Security: Possibility to hide yambas version on /yambas/rest

images/jira.apiomat.com/secure/viewavatar.png

Fixed

AOM-5712

[C# SQLite] Support for POST Embedded Documents

images/jira.apiomat.com/secure/viewavatar.svg

Fixed

AOM-4986

Configurable minimal log level in apps

images/jira.apiomat.com/secure/viewavatar.png

Fixed

AOM-4844

custom expiration token not working with special chars passwords

images/jira.apiomat.com/secure/viewavatar.svg

Fixed

AOM-4031

[Swift] Swift strings cannot be set as map values

images/jira.apiomat.com/secure/viewavatar.svg

Fixed

AOM-3575

[Java] AbstractClientDataModel implementing getAppName but should be getApplicationName

images/jira.apiomat.com/secure/viewavatar.svg

Fixed

38 Vorgänge