Releases: spring-projects/spring-authorization-server
Releases · spring-projects/spring-authorization-server
1.4.0-RC1
⭐ New Features
- Replace DelegatingAuthenticationConverter with one in Spring Security #1736
- Simplify configuring authorization server using HttpSecurity.with() #1725
- Support custom validation in OidcLogoutAuthenticationProvider #1723
🔨 Dependency Upgrades
- Bump com.fasterxml.jackson:jackson-bom from 2.17.2 to 2.18.0 #1775
- Bump com.nimbusds:nimbus-jose-jwt from 9.41.1 to 9.41.2 #1773
- Bump io-spring-javaformat from 0.0.41 to 0.0.43 #1740
- Bump io.spring.ge.conventions from 0.0.15 to 0.0.17 #1743
- Bump org.jetbrains.kotlin:kotlin-gradle-plugin from 1.6.10 to 1.9.25 #1759
- Bump org.jfrog.buildinfo:build-info-extractor-gradle from 5.2.0 to 5.2.5 #1774
- Bump org.junit.jupiter:junit-jupiter from 5.11.0 to 5.11.2 #1745
- Bump org.junit.jupiter:junit-jupiter from 5.11.2 to 5.11.3 #1784
- Bump org.sonarsource.scanner.gradle:sonarqube-gradle-plugin from 2.7.1 to 2.8.0.1969 #1747
- Bump org.springframework.security:spring-security-bom from 6.4.0-M4 to 6.4.0-RC1 #1783
- Bump org.springframework:spring-framework-bom from 6.2.0-RC1 to 6.2.0-RC2 #1779
- Update Antora UI Spring to v0.4.17 #1767
❤️ Contributors
Thank you to all the contributors who worked on this release:
Contributors
Kehrlann and franticticktick
Assets 2
1.3.3
🪲 Bug Fixes
- AOT contributions will be registered for JbcOAuth2AuthorizationService subclasses #1782
- Fix verification_uri in device authorization response when context path exists #1729
🔨 Dependency Upgrades
- Bump org.springframework.security:spring-security-bom from 6.3.3 to 6.3.4 #1785
- Bump org.springframework:spring-framework-bom from 6.1.13 to 6.1.14 #1780
- Bump org.jfrog.buildinfo:build-info-extractor-gradle from 5.2.0 to 5.2.5 #1777
- Bump org.springframework:spring-framework-bom from 6.1.12 to 6.1.13 #1776
- Update Antora UI Spring to v0.4.17 #1769
- Bump org.jetbrains.kotlin:kotlin-gradle-plugin from 1.6.10 to 1.6.21 #1762
- Bump io.spring.ge.conventions from 0.0.15 to 0.0.17 #1748
- Bump org.springframework.security:spring-security-bom from 6.3.2 to 6.3.3 #1746
- Bump io-spring-javaformat from 0.0.41 to 0.0.43 #1744
- Bump org.junit.jupiter:junit-jupiter from 5.10.3 to 5.10.5 #1741
❤️ Contributors
We'd like to thank all the contributors who worked on this release!
1.2.7
🪲 Bug Fixes
- AOT contributions will be registered for JbcOAuth2AuthorizationService subclasses #1778
🔨 Dependency Upgrades
- Bump org.springframework.security:spring-security-bom from 6.2.6 to 6.2.7 #1786
- Bump org.springframework:spring-framework-bom from 6.1.13 to 6.1.14 #1781
- Update Antora UI Spring to v0.4.17 #1768
- Bump org.junit.jupiter:junit-jupiter from 5.10.3 to 5.10.5 #1764
- Bump org.springframework:spring-framework-bom from 6.1.12 to 6.1.13 #1763
- Bump org.jetbrains.kotlin:kotlin-gradle-plugin from 1.6.10 to 1.6.21 #1760
- Bump io-spring-javaformat from 0.0.41 to 0.0.43 #1742
- Update to Gradle 8.10.2 #1735
- Update to build-info-extractor-gradle 4.29.4 #1734
- Update to nohttp-gradle 0.0.11 #1733
❤️ Contributors
We'd like to thank all the contributors who worked on this release!
1.4.0-M2
1.4.0-M1
⭐ New Features
- Add authenticationDetailsSource to OAuth2TokenRevocationEndpointFilter #1667
- Allow customizing LogoutHandler in OidcLogoutEndpointFilter #1244
- Support OpenID Connect 1.0 prompt=none parameter #501
🔨 Dependency Upgrades
- Update to assertj-core 3.26.3 #1706
- Update to jackson-bom 2.17.2 #1703
- Update to junit-jupiter 5.11.0 #1705
- Update to nimbus-jose-jwt 9.40 #1704
- Update to Spring Framework 6.2.0-M7 #1701
- Update to Spring Security 6.4.0-M2 #1702
❤️ Contributors
Thank you to all the contributors who worked on this release:
Contributors
sealte
Assets 2
1.3.2
🪲 Bug Fixes
- Can't register multiple public clients (clientAuthenticationMethod=none) #1657
- Fix empty code parameter in CodeVerifierAuthenticator #1685
- Fix json deserialization of multi-valued authorization request parameters #1683
🔨 Dependency Upgrades
- Update to jackson-bom 2.17.2 #1699
- Update to junit-jupiter 5.10.3 #1700
- Update to Spring Framework 6.1.12 #1697
- Update to Spring Security 6.3.2 #1698
❤️ Contributors
Thank you to all the contributors who worked on this release:
Contributors
MrJovanovic13 and aijazkeerio
Assets 2
1.2.6
🪲 Bug Fixes
- Can't register multiple public clients (clientAuthenticationMethod=none) #1641
- Fix empty code parameter in CodeVerifierAuthenticator #1680
- Fix json deserialization of multi-valued authorization request parameters #1676
🔨 Dependency Upgrades
- Update to junit-jupiter 5.10.3 #1696
- Update to Spring Framework 6.1.12 #1694
- Update to Spring Security 6.2.6 #1695
❤️ Contributors
Thank you to all the contributors who worked on this release:
Contributors
MrJovanovic13 and aijazkeerio
Assets 2
1.3.1
🪲 Bug Fixes
- Fix AOT hints for OAuth 2.0 Token Exchange #1630
- X509 client certificate authentication enforces client_id without checking on client authentication method #1635
🔨 Dependency Upgrades
- Update to nimbus-jose-jwt 9.39.3 #1651
- Update to org.hsqldb:hsqldb 2.7.3 #1652
- Update to Spring Framework 6.1.9 #1649
- Update to Spring Security 6.3.1 #1650
❤️ Contributors
Thank you to all the contributors who worked on this release:
Contributors
nwholloway
Assets 2
1.2.5
1.3.0
⭐ New Features
- Enable refresh of JwkSet in X509SelfSignedCertificateVerifier #1599
- How-to: Implement multi-tenancy #663
- Path component for issuer identifier should be disabled by default #1611
- ref-doc: OAuth 2.0 Mutual-TLS Client Authentication and Certificate-Bound Access Tokens #1561