Skip to content

Releases: spring-projects/spring-authorization-server

0.4.2

18 Apr 11:05
Compare
Choose a tag to compare

πŸͺ² Bug Fixes

  • Fix refresh token error code INVALID_CLIENT to INVALID_GRANT #1139
  • Fixed Broken Support Link #1092
  • Fix to save after encoding the secret when registering the client #1056
  • Consider allowing localhost in redirect_uri #651

πŸ”¨ Dependency Upgrades

  • Update to io.spring.javaformat:spring-javaformat-checkstyle:0.0.38 #1164
  • Update to Spring Security 5.8.3 #1163
  • Update to Spring Framework 5.3.27 #1162

❀️ Contributors

We'd like to thank all the contributors who worked on this release!

1.1.0-M2

21 Mar 16:09
81458eb
Compare
Choose a tag to compare
1.1.0-M2 Pre-release
Pre-release

⭐ New Features

  • Enable upgradeEncoding for OAuth2 client secrets #1099
  • Implement OAuth 2.0 Device Authorization Grant #44

πŸͺ² Bug Fixes

  • Fixed Broken Support Link #1098

πŸ”¨ Dependency Upgrades

  • Update to nimbus-jose-jwt:9.31 #1132
  • Update to Spring Security 6.1.0-M2 #1131
  • Update to Spring Framework 6.0.7 #1130

❀️ Contributors

We'd like to thank all the contributors who worked on this release!

1.1.0-M1

21 Feb 19:54
Compare
Choose a tag to compare
1.1.0-M1 Pre-release
Pre-release

⭐ New Features

  • Add OpenID Connect 1.0 Logout Endpoint #1068
  • Implement end_session_endpoint for RP-Initiated Logout #266

πŸ”¨ Dependency Upgrades

  • Update to mockito-core:4.11.0 #1096
  • Update to assertj-core:3.24.2 #1095
  • Update to nimbus-jose-jwt:9.30.2 #1094
  • Update to Spring Security 6.1.0-M1 #1093
  • Update Gradle Enterprise plugin #1067

❀️ Contributors

We'd like to thank all the contributors who worked on this release!

1.0.1

21 Feb 17:47
Compare
Choose a tag to compare

⭐ New Features

  • ref-doc: authorizedScopes is missing from sql #1045

πŸͺ² Bug Fixes

  • URL-encoded parameters in redirect URI are encoded twice #1074
  • redirect_uri resolver is incorrect #1072
  • HttpMessageConverters uses jakarta.json.bind.Jsonb #1055
  • HttpMessageConverters should use jakarta.json.bind.Jsonb #1054

πŸ”¨ Dependency Upgrades

  • Update to junit-jupiter:5.9.2 #1091
  • Update to jackson-bom:2.14.2 #1090
  • Update to io.spring.javaformat:spring-javaformat-checkstyle:0.0.35 #1089
  • Update to io.spring.nohttp:nohttp-checkstyle:0.0.11 #1088
  • Update to Spring Security 6.0.2 #1087
  • Update to Spring Framework 6.0.5 #1086
  • Update to Spring Boot 3.0.0 #1024
  • Update to Spring Boot 3.0.0 #1023

❀️ Contributors

We'd like to thank all the contributors who worked on this release!

0.4.1

21 Feb 16:33
Compare
Choose a tag to compare

⭐ New Features

  • Replace deprecated command with environment file #1063
  • Replace deprecated set-output command with environment file #1062
  • Update how-to-jpa.adoc #1010
  • ref-doc: authorizedScopes is missing from sql #1008

πŸͺ² Bug Fixes

  • Fix redirect_uri resolver #1013
  • redirect_uri resolver is incorrect #1012
  • URL-encoded parameters in redirect URI are encoded twice #1011

πŸ”¨ Dependency Upgrades

  • Update to junit-jupiter:5.9.2 #1085
  • Update to jackson-bom:2.14.2 #1084
  • Update to io.spring.javaformat:spring-javaformat-checkstyle:0.0.35 #1083
  • Update to io.spring.nohttp:nohttp-checkstyle:0.0.11 #1082
  • Update to Spring Security 5.8.2 #1081
  • Update to Spring Framework 5.3.25 #1080

❀️ Contributors

We'd like to thank all the contributors who worked on this release!

1.0.0

21 Nov 20:08
Compare
Choose a tag to compare

⭐ New Features

  • Merge enhancements from 0.4.x into main #982

πŸ”¨ Dependency Upgrades

  • Update to Spring Security 6.0.0 #981
  • Update to hsqldb 2.7.1 #976
  • Update to jackson-bom 2.14.0 #975
  • Update to Spring Boot 3.0.0-RC2 #974
  • Update to Spring Framework 6.0.0 #972
  • Update to jakarta.servlet-api 6.0.0 #965

0.4.0

21 Nov 19:05
Compare
Choose a tag to compare

⭐ New Features

  • Upgrade to JUnit 5 #964
  • Update links to current version of OAuth 2.1 #960
  • Assert unique identifiers in JdbcRegisteredClientRepository #959
  • Add logging #956
  • ref-doc: Document Jwt Client Assertion Validation #945
  • ref-doc: Add configuration for userinfo endpoint to Getting Started example #917
  • Reject client authentication where client_id has non-printable ASCII characters #889
  • ref-doc: Document Authorization Request Validation #858
  • Add logging #159

πŸ”¨ Dependency Upgrades

  • Update to jackson-bom 2.14.0 #980
  • Update to Spring Security 5.8.0 #979
  • Update to Spring Framework 5.3.24 #978

❀️ Contributors

We'd like to thank all the contributors who worked on this release!

1.0.0-RC1

01 Nov 15:03
Compare
Choose a tag to compare
1.0.0-RC1 Pre-release
Pre-release

⭐ New Features

  • Merge enhancements from 0.4.x into main #954
  • Add @configuration with @EnableWebSecurity #935
  • Use AuthorizationFilter #934
  • Use SecurityContextRepository.loadDeferredContext() #933
  • Use securityMatcher() and authorizeHttpRequests() #922

πŸ”¨ Dependency Upgrades

  • Downgrade to jackson-bom:2.13.4.20221013 #952
  • Update to hsqldb:2.7.0 #938
  • Update to mockito-core:4.8.1 #937
  • Update to jackson-bom:2.14.0-rc2 #936
  • Update to Spring Security 6.0.0-RC1 #932
  • Update to Spring Framework 6.0.0-RC2 #931
  • Update to Spring Boot 3.0.0-RC1 #930
  • Update Gradle Enterprise plugin to 3.11.1 #894

βͺ Non-passive

  • Merge non-passive changes from 0.4.x into main #953

❀️ Contributors

We'd like to thank all the contributors who worked on this release!

0.4.0-RC1

01 Nov 14:11
Compare
Choose a tag to compare
0.4.0-RC1 Pre-release
Pre-release

⭐ New Features

  • Improve customizing OIDC Client Registration endpoint #946
  • Extract JwtDecoderFactory from JwtClientAssertionAuthenticationProvider #944
  • Extract OIDC client configuration implementation #941
  • Update OAuth 2.1 spec link in README.adoc #940
  • Improve customizing OIDC UserInfo endpoint #929
  • OidcUserInfo Change PhoneNumberVerified Field to Boolean #923
  • Improve customizing OIDC UserInfo endpoint #785
  • Allow ability to customize RegisteredClient during registration #696

πŸͺ² Bug Fixes

  • Fix URL encoding for authorization request state parameter #920
  • State parameter does not handle plus sign properly #875

πŸ”¨ Dependency Upgrades

  • Update to mockito-core:4.8.1 #951
  • Update to jackson-bom:2.13.4.20221013 #950
  • Update to Spring Security 5.8.0-RC1 #949
  • Update to Spring Boot 2.7.5 #948

βͺ Non-passive

  • OpenID Connect 1.0 should be disabled by default #928

❀️ Contributors

We'd like to thank all the contributors who worked on this release!

1.0.0-M2

20 Sep 20:55
Compare
Choose a tag to compare
1.0.0-M2 Pre-release
Pre-release

⭐ New Features

  • Merge enhancements from 0.4.x into main #906

πŸ”¨ Dependency Upgrades

  • Update to mockito-core:4.8.0 #911
  • Update to jackson-bom:2.13.4 #910
  • Update to nimbus-jose-jwt:9.24.4 #909
  • Update to Spring Security 6.0.0-M7 #908
  • Update to Spring Framework 6.0.0-M6 #907

βͺ Non-passive

  • Merge non-passive changes from 0.4.x into main #905