-
v2.4.3-dev - Secrets Management Pre-release
released this
2026-05-12 01:43:57 +02:00 | 112 commits to main since this releasev2.4.3-dev - Secrets Management
Added
- SecretValidator: startup check for default secrets, warns in dev, fails in production profile
- TokenBlacklistService: Redis-backed token revocation with TTL-based auto-cleanup
- JwtService: JTI claim added to tokens, blacklist check in isTokenValid(), revokeToken() method
- AuthenticationService: logout() revokes token, refresh() revokes old refresh token
- AuthenticationController: POST /api/auth/logout endpoint (204 No Content)
- application.yml: synapse.security.require-secrets-override config
Downloads
-
Source code (ZIP)
0 downloads
-
Source code (TAR.GZ)
0 downloads