Skip to content

Releases: spring-projects/spring-authorization-server

2.0.0-M1

22 Jul 17:05
@spring-builds spring-builds
2.0.0-M1
dd949a0
Compare
Choose a tag to compare
2.0.0-M1 Pre-release
Pre-release

⭐ New Features

  • Add testRuntimeOnly junit-platform-launcher #2092
  • Remove explicit type #2069

🔨 Dependency Upgrades

  • Bump @springio/antora-extensions from 1.14.4 to 1.14.6 in /docs #2095
  • Bump com.fasterxml.jackson:jackson-bom from 2.18.4.1 to 2.19.1 #2079
  • Bump com.fasterxml.jackson:jackson-bom from 2.19.1 to 2.19.2 #2116
  • Bump com.nimbusds:nimbus-jose-jwt from 9.47 to 10.3.1 #2072
  • Bump io-spring-javaformat from 0.0.46 to 0.0.47 #2061
  • Bump io.spring.security.release from 1.0.6 to 1.0.8 #2060
  • Bump io.spring.security.release from 1.0.8 to 1.0.9 #2106
  • Bump org-bouncycastle from 1.79 to 1.81 #2077
  • Bump org.assertj:assertj-core from 3.26.3 to 3.27.3 #2063
  • Bump org.gradle.wrapper-upgrade from 0.11.4 to 0.12 #2064
  • Bump org.jetbrains.kotlin:kotlin-gradle-plugin from 1.9.25 to 2.2.0 #2078
  • Bump org.mockito:mockito-core from 4.11.0 to 5.18.0 #2099
  • Bump org.sonarsource.scanner.gradle:sonarqube-gradle-plugin from 2.8.0.1969 to 3.3 #2098
  • Update docs to Spring Boot 4.0.0-SNAPSHOT #2089
  • Update docs to Spring Security 7.0.0-SNAPSHOT #2088
  • Update io.spring.security.release to 1.0.10 #2118
  • Update samples to Spring Boot 4.0.0-SNAPSHOT #2091
  • Update samples to Spring Security 7.0.0-SNAPSHOT #2090
  • Update to org.junit:junit-bom:5.13.3 #2117
  • Update to Spring Framework 7.0.0-M7 #2119
  • Update to Spring Framework 7.0.0-SNAPSHOT #2083
  • Update to Spring Security 7.0.0-M1 #2120
  • Update to Spring Security 7.0.0-SNAPSHOT #2084

⏪ Non-passive

  • Fix breaking changes with AntPathRequestMatcher being removed #2086
  • Fix breaking changes with ObjectPostProcessor being moved #2085
  • Remove DelegatingAuthenticationConverter #2102
  • Remove OAuth2AuthorizationServerConfiguration.applyDefaultSecurity() #2101
  • Serializable classes should not share serialVersionUID #2100

❤️ Contributors

Thank you to all the contributors who worked on this release:

@ngocnhan-tran1996

Contributors

ngocnhan-tran1996
Loading

1.5.1

17 Jun 15:38
@spring-builds spring-builds
1.5.1
310b192
Compare
Choose a tag to compare
1.5.1 Latest
Latest

⭐ New Features

  • Polish logging in OAuth2ClientAuthenticationFilter #2025

🪲 Bug Fixes

  • OAuth2 Pushed Authorization Request request_uri expiry is too short #2024

🔨 Dependency Upgrades

  • Bump com.fasterxml.jackson:jackson-bom from 2.18.4 to 2.18.4.1 #2040
  • Bump io-spring-javaformat from 0.0.45 to 0.0.46 #2030
  • Bump io.spring.develocity.conventions from 0.0.22 to 0.0.23 #2034
  • Bump org.springframework.security:spring-security-bom from 6.5.0 to 6.5.1 #2049
  • Bump org.springframework:spring-framework-bom from 6.2.7 to 6.2.8 #2045
Assets 2
Loading

1.4.4

17 Jun 15:38
@spring-builds spring-builds
1.4.4
2baebf3
Compare
Choose a tag to compare
1.4.4

🪲 Bug Fixes

🔨 Dependency Upgrades

  • Bump com.fasterxml.jackson:jackson-bom from 2.18.3 to 2.18.4 #2001
  • Bump com.fasterxml.jackson:jackson-bom from 2.18.4 to 2.18.4.1 #2039
  • Bump io-spring-javaformat from 0.0.43 to 0.0.45 #2022
  • Bump io-spring-javaformat from 0.0.45 to 0.0.46 #2031
  • Bump io.spring.develocity.conventions from 0.0.22 to 0.0.23 #2033
  • Bump io.spring.security.release from 1.0.5 to 1.0.6 #1998
  • Bump org.springframework.security:spring-security-bom from 6.4.5 to 6.4.6 #2023
  • Bump org.springframework.security:spring-security-bom from 6.4.6 to 6.4.7 #2050
  • Bump org.springframework:spring-framework-bom from 6.2.6 to 6.2.7 #2018
  • Bump org.springframework:spring-framework-bom from 6.2.7 to 6.2.8 #2044

❤️ Contributors

Thank you to all the contributors who worked on this release:

@ngocnhan-tran1996

Contributors

ngocnhan-tran1996
Loading

1.3.7

17 Jun 15:34
@spring-builds spring-builds
1.3.7
ae8cba1
Compare
Choose a tag to compare
1.3.7

🪲 Bug Fixes

  • Check user code expiry and invalidity #1997
  • Prevent NPE #1955

🔨 Dependency Upgrades

  • Bump io-spring-javaformat from 0.0.43 to 0.0.45 #2019
  • Bump io-spring-javaformat from 0.0.45 to 0.0.46 #2029
  • Bump io.spring.develocity.conventions from 0.0.22 to 0.0.23 #2032
  • Bump io.spring.security.release from 1.0.5 to 1.0.6 #1999
  • Bump org.springframework.security:spring-security-bom from 6.3.9 to 6.3.10 #2051
  • Bump org.springframework:spring-framework-bom from 6.1.19 to 6.1.20 #2017
  • Bump org.springframework:spring-framework-bom from 6.1.20 to 6.1.21 #2046

❤️ Contributors

Thank you to all the contributors who worked on this release:

@antoinelauzon-bell and @ngocnhan-tran1996

Contributors

ngocnhan-tran1996 and antoinelauzon-bell
Loading

1.5.0

20 May 15:48
@spring-builds spring-builds
1.5.0
ebd3c3c
Compare
Choose a tag to compare
1.5.0

⭐ New Features

  • Add documentation for DPoP support #2009
  • Add documentation for OAuth 2.0 Pushed Authorization Requests (PAR) #2014
  • Replace @MockBean with @MockitoBean #1972

🪲 Bug Fixes

  • Fix DPoP jkt claim to be JWK SHA-256 thumbprint #2007
  • Fix DPoP jkt claim validation during refresh_token grant for public clients #2008

🔨 Dependency Upgrades

  • Bump com.fasterxml.jackson:jackson-bom from 2.18.3 to 2.18.4 #2002
  • Bump io-spring-javaformat from 0.0.43 to 0.0.45 #2020
  • Bump io.spring.security.release from 1.0.5 to 1.0.6 #2000
  • Bump org.springframework.security:spring-security-bom from 6.5.0-RC1 to 6.5.0 #2021
  • Bump org.springframework:spring-framework-bom from 6.2.6 to 6.2.7 #2016

❤️ Contributors

Thank you to all the contributors who worked on this release:

@DevDengChao

Contributors

DevDengChao
Loading

1.5.0-RC1

22 Apr 15:28
@spring-builds spring-builds
1.5.0-RC1
f121738
Compare
Choose a tag to compare
1.5.0-RC1 Pre-release
Pre-release

⭐ New Features

  • Add authorization server metadata for DPoP support #1951
  • Add authorization server metadata for OAuth 2.0 Pushed Authorization Requests (PAR) #1975
  • Enforce one-time use for request_uri used in PAR #1974
  • request_uri used in PAR must be bound to the client #1971
  • Use OAuth2ParameterNames.REQUEST_URI #1991
  • Validate expiry for request_uri used in PAR #1973
  • Verify DPoP Proof public key during refresh_token grant for public clients #1949

🔨 Dependency Upgrades

  • Bump @springio/asciidoctor-extensions from 1.0.0-alpha.16 to 1.0.0-alpha.17 in /docs #1944
  • Bump io.spring.security.release from 1.0.3 to 1.0.4 #1968
  • Bump io.spring.security.release from 1.0.4 to 1.0.5 #1987
  • Bump org.springframework.security:spring-security-bom from 6.5.0-M3 to 6.5.0-RC1 #1990
  • Bump org.springframework:spring-framework-bom from 6.2.4 to 6.2.5 #1940
  • Bump org.springframework:spring-framework-bom from 6.2.5 to 6.2.6 #1979
  • Bump spring-io/spring-doc-actions from 0.0.18 to 0.0.19 #1942
Loading

1.4.3

22 Apr 19:41
@spring-builds spring-builds
1.4.3
a13d7cd
Compare
Choose a tag to compare
1.4.3

🔨 Dependency Upgrades

  • Bump @springio/antora-extensions from 1.14.2 to 1.14.4 in /docs #1916
  • Bump @springio/asciidoctor-extensions from 1.0.0-alpha.16 to 1.0.0-alpha.17 in /docs #1943
  • Bump com.fasterxml.jackson:jackson-bom from 2.18.2 to 2.18.3 #1922
  • Bump io.spring.security.release from 1.0.3 to 1.0.4 #1966
  • Bump io.spring.security.release from 1.0.4 to 1.0.5 #1988
  • Bump org.springframework.security:spring-security-bom from 6.4.3 to 6.4.4 #1936
  • Bump org.springframework.security:spring-security-bom from 6.4.4 to 6.4.5 #1989
  • Bump org.springframework:spring-framework-bom from 6.2.3 to 6.2.4 #1933
  • Bump org.springframework:spring-framework-bom from 6.2.4 to 6.2.5 #1939
  • Bump org.springframework:spring-framework-bom from 6.2.5 to 6.2.6 #1980
  • Bump spring-io/spring-doc-actions from 0.0.18 to 0.0.19 #1947
Loading

1.3.6

22 Apr 15:40
@spring-builds spring-builds
1.3.6
c42ea5b
Compare
Choose a tag to compare
1.3.6

🔨 Dependency Upgrades

  • Bump @springio/antora-extensions from 1.14.2 to 1.14.4 in /docs #1919
  • Bump @springio/asciidoctor-extensions from 1.0.0-alpha.16 to 1.0.0-alpha.17 in /docs #1945
  • Bump io.spring.security.release from 1.0.3 to 1.0.4 #1967
  • Bump io.spring.security.release from 1.0.4 to 1.0.5 #1985
  • Bump org.springframework.security:spring-security-bom from 6.3.7 to 6.3.8 #1934
  • Bump org.springframework.security:spring-security-bom from 6.3.8 to 6.3.9 #1986
  • Bump org.springframework:spring-framework-bom from 6.1.17 to 6.1.18 #1932
  • Bump org.springframework:spring-framework-bom from 6.1.18 to 6.1.19 #1978
Loading

1.5.0-M2

18 Mar 15:29
@spring-builds spring-builds
1.5.0-M2
796d771
Compare
Choose a tag to compare
1.5.0-M2 Pre-release
Pre-release

⭐ New Features

  • Add support for OAuth 2.0 Pushed Authorization Requests (PAR) #1925
  • Polish JdbcOAuth2AuthorizationService #1908
  • Support POST for authorization code request flow #1874
  • Use pattern matching #1907

🪲 Bug Fixes

  • The default/demo-authorizationserver samples have a redirect loop #1920

🔨 Dependency Upgrades

  • Bump @springio/antora-extensions from 1.14.2 to 1.14.4 in /docs #1917
  • Bump com.fasterxml.jackson:jackson-bom from 2.18.2 to 2.18.3 #1923
  • Bump org.springframework.security:spring-security-bom from 6.5.0-M2 to 6.5.0-M3 #1935
  • Bump org.springframework:spring-framework-bom from 6.2.3 to 6.2.4 #1931

❤️ Contributors

Thank you to all the contributors who worked on this release:

@arefbehboudi, @dependabot[bot], and @sylvain-costanzo

Contributors

dependabot, arefbehboudi, and sylvain-costanzo
Loading

1.5.0-M1

18 Feb 23:56
@spring-builds spring-builds
1.5.0-M1
48c2bcf
Compare
Choose a tag to compare
1.5.0-M1 Pre-release
Pre-release

⭐ New Features

  • Support OAuth 2.0 Demonstrating Proof of Possession (DPoP) #1813

🔨 Dependency Upgrades

  • Bump org.springframework:spring-framework-bom from 6.2.2 to 6.2.3 #1901
  • Update to Spring Security 6.5.0-M2 #1905
  • Update to Spring Security 6.5.0-SNAPSHOT #1897

❤️ Contributors

Thank you to all the contributors who worked on this release:

@dependabot[bot]

Contributors

dependabot
Loading