Skip to end of metadata
Go to start of metadata

Bug

[BGR-2602] - Move ALLOWED_HOSTS setting to settings_local
[BGR-2617] - /o/token should restrict grant scopes defined by the ApplicationInfo
[BGR-2629] - LinkedIn login SSO fails authentication
[BGR-2687] - Unable to link SSO accounts
[BGR-2690] - Canvas integrations from staging do not work
[BGR-2802] - 500 error on Authentication API call after account creation in Pathways flow
[BGR-2823] - QA Session - Release Checklist (Knowledgeable RC6)

Story

[BGR-2692] - LRNG cannot obtain token on staging

Task

[BGR-2284] - Switch bakery SVG XML parsing library
[BGR-2285] - Protect against large and malicious images uploaded by users in resize feature
[BGR-2288] - Deprecate and replace insecure user session management with v1 token
[BGR-2291] - Validate/sanitize recipient name extension entry
[BGR-2292] - Limit brute force login attempts
[BGR-2313] - Implement password security requirements
[BGR-2314] - Implement password security requirements - require password to change password
[BGR-2635] - one time token exchange for access token during oauth handoff
[BGR-2636] - do not display plaintext tokens in /staff
[BGR-2637] - badgebook - deprecate legacy token usage
[BGR-2639] - update api documentation for how to authenticate using /o/token
[BGR-2647] - Log failed login attempts
[BGR-2669] - Fix Badgr deployments / migrations
[BGR-2671] - Make marketing opt-in ON/OFF configurable for white label
[BGR-2672] - Ensure Opt-in features for terms adhere to white labeling / customer terms
[BGR-2679] - QA Session - Ticket Review and Release QA (Knowledgeable RC1)
[BGR-2688] - Trying to reset (actually set) password of acct created via FB OAuth returns 404
[BGR-2691] - define AUTHCODE_SECRET_KEY for production/staging/review
[BGR-2713] - QA Session - Ticket Review and Release QA (Knowledgeable RC2)
[BGR-2723] - QA Session - Ticket Review and Release QA (Knowledgeable RC3)
[BGR-2727] - Knowledgeable Release
[BGR-2740] - QA Session - White Label Smoke Test
[BGR-2771] - QA Session - Ticket Review and Release QA (Knowledgeable RC4)
[BGR-2779] - Issuer-specific access tokens from v2/tokens/issuers expiring too soon
[BGR-2790] - QA Session - Ticket Review and Release QA (Knowledgeable RC5)
[BGR-2840] - some badgebook users are reporting 403 "Invalid token" after knowledgeable launch



Need more help? Contact us at help@badgr.io