✳️ Added
-
Support for secret values within Thunder configuration.
If you want to keep specific values in your configuration file a secret,
you can now use the${name-of-secret}notation.By default, Thunder will try to read secrets from environment variables.
You can also specify where Thunder should read secrets from with new
configuration:secrets: provider: [env|secretsmanager]
-
OAuth 2.0 is now a supported authentication mechanism. Currently, JWT
tokens that use HMAC or RSA for token signing are supported. Use the following config:auth: type: oauth hmacSecret: ${thunderHmacSigningSecret} rsaPublicKeyFilePath: "path/to/public-key.der" issuer: "your-issuer-name" audience: "optional-audience-to-verify"
-
Timer and success/failure metrics for both basic and OAuth
authentication. -
Thunder is now more performant as it processes requests asynchronously
behind the scenes. -
Thunder now times out requests after 30 seconds by default. You can
customize the timeout duration with the following config:options: operationTimeout: 20s
✴️ Changed
- The
setProperty(String, Object)method onUserobjects has been
changed frompublictopackage-privatein order to avoid potential
race conditions.
➡️ DevOps
- Migrated integration tests to use Artillery instead of a custom framework.
- Added load tests to ensure Thunder performs well under load.