Releases: spring-projects/spring-authorization-server
Releases · spring-projects/spring-authorization-server
1.5.1
⭐ New Features
- Polish logging in OAuth2ClientAuthenticationFilter #2025
🪲 Bug Fixes
- OAuth2 Pushed Authorization Request request_uri expiry is too short #2024
🔨 Dependency Upgrades
- Bump com.fasterxml.jackson:jackson-bom from 2.18.4 to 2.18.4.1 #2040
- Bump io-spring-javaformat from 0.0.45 to 0.0.46 #2030
- Bump io.spring.develocity.conventions from 0.0.22 to 0.0.23 #2034
- Bump org.springframework.security:spring-security-bom from 6.5.0 to 6.5.1 #2049
- Bump org.springframework:spring-framework-bom from 6.2.7 to 6.2.8 #2045
1.4.4
🪲 Bug Fixes
- Prevent NPE #1995
🔨 Dependency Upgrades
- Bump com.fasterxml.jackson:jackson-bom from 2.18.3 to 2.18.4 #2001
- Bump com.fasterxml.jackson:jackson-bom from 2.18.4 to 2.18.4.1 #2039
- Bump io-spring-javaformat from 0.0.43 to 0.0.45 #2022
- Bump io-spring-javaformat from 0.0.45 to 0.0.46 #2031
- Bump io.spring.develocity.conventions from 0.0.22 to 0.0.23 #2033
- Bump io.spring.security.release from 1.0.5 to 1.0.6 #1998
- Bump org.springframework.security:spring-security-bom from 6.4.5 to 6.4.6 #2023
- Bump org.springframework.security:spring-security-bom from 6.4.6 to 6.4.7 #2050
- Bump org.springframework:spring-framework-bom from 6.2.6 to 6.2.7 #2018
- Bump org.springframework:spring-framework-bom from 6.2.7 to 6.2.8 #2044
❤️ Contributors
Thank you to all the contributors who worked on this release:
Contributors
ngocnhan-tran1996
Assets 2
1.3.7
🪲 Bug Fixes
🔨 Dependency Upgrades
- Bump io-spring-javaformat from 0.0.43 to 0.0.45 #2019
- Bump io-spring-javaformat from 0.0.45 to 0.0.46 #2029
- Bump io.spring.develocity.conventions from 0.0.22 to 0.0.23 #2032
- Bump io.spring.security.release from 1.0.5 to 1.0.6 #1999
- Bump org.springframework.security:spring-security-bom from 6.3.9 to 6.3.10 #2051
- Bump org.springframework:spring-framework-bom from 6.1.19 to 6.1.20 #2017
- Bump org.springframework:spring-framework-bom from 6.1.20 to 6.1.21 #2046
❤️ Contributors
Thank you to all the contributors who worked on this release:
Contributors
ngocnhan-tran1996 and antoinelauzon-bell
Assets 2
1.5.0
⭐ New Features
- Add documentation for DPoP support #2009
- Add documentation for OAuth 2.0 Pushed Authorization Requests (PAR) #2014
- Replace
@MockBeanwith@MockitoBean#1972
🪲 Bug Fixes
- Fix DPoP jkt claim to be JWK SHA-256 thumbprint #2007
- Fix DPoP jkt claim validation during refresh_token grant for public clients #2008
🔨 Dependency Upgrades
- Bump com.fasterxml.jackson:jackson-bom from 2.18.3 to 2.18.4 #2002
- Bump io-spring-javaformat from 0.0.43 to 0.0.45 #2020
- Bump io.spring.security.release from 1.0.5 to 1.0.6 #2000
- Bump org.springframework.security:spring-security-bom from 6.5.0-RC1 to 6.5.0 #2021
- Bump org.springframework:spring-framework-bom from 6.2.6 to 6.2.7 #2016
❤️ Contributors
Thank you to all the contributors who worked on this release:
Contributors
DevDengChao
Assets 2
1.5.0-RC1
⭐ New Features
- Add authorization server metadata for DPoP support #1951
- Add authorization server metadata for OAuth 2.0 Pushed Authorization Requests (PAR) #1975
- Enforce one-time use for request_uri used in PAR #1974
- request_uri used in PAR must be bound to the client #1971
- Use OAuth2ParameterNames.REQUEST_URI #1991
- Validate expiry for request_uri used in PAR #1973
- Verify DPoP Proof public key during refresh_token grant for public clients #1949
🔨 Dependency Upgrades
- Bump
@springio/asciidoctor-extensions from 1.0.0-alpha.16 to 1.0.0-alpha.17 in /docs #1944 - Bump io.spring.security.release from 1.0.3 to 1.0.4 #1968
- Bump io.spring.security.release from 1.0.4 to 1.0.5 #1987
- Bump org.springframework.security:spring-security-bom from 6.5.0-M3 to 6.5.0-RC1 #1990
- Bump org.springframework:spring-framework-bom from 6.2.4 to 6.2.5 #1940
- Bump org.springframework:spring-framework-bom from 6.2.5 to 6.2.6 #1979
- Bump spring-io/spring-doc-actions from 0.0.18 to 0.0.19 #1942
1.4.3
🔨 Dependency Upgrades
- Bump
@springio/antora-extensions from 1.14.2 to 1.14.4 in /docs #1916 - Bump
@springio/asciidoctor-extensions from 1.0.0-alpha.16 to 1.0.0-alpha.17 in /docs #1943 - Bump com.fasterxml.jackson:jackson-bom from 2.18.2 to 2.18.3 #1922
- Bump io.spring.security.release from 1.0.3 to 1.0.4 #1966
- Bump io.spring.security.release from 1.0.4 to 1.0.5 #1988
- Bump org.springframework.security:spring-security-bom from 6.4.3 to 6.4.4 #1936
- Bump org.springframework.security:spring-security-bom from 6.4.4 to 6.4.5 #1989
- Bump org.springframework:spring-framework-bom from 6.2.3 to 6.2.4 #1933
- Bump org.springframework:spring-framework-bom from 6.2.4 to 6.2.5 #1939
- Bump org.springframework:spring-framework-bom from 6.2.5 to 6.2.6 #1980
- Bump spring-io/spring-doc-actions from 0.0.18 to 0.0.19 #1947
1.3.6
🔨 Dependency Upgrades
- Bump
@springio/antora-extensions from 1.14.2 to 1.14.4 in /docs #1919 - Bump
@springio/asciidoctor-extensions from 1.0.0-alpha.16 to 1.0.0-alpha.17 in /docs #1945 - Bump io.spring.security.release from 1.0.3 to 1.0.4 #1967
- Bump io.spring.security.release from 1.0.4 to 1.0.5 #1985
- Bump org.springframework.security:spring-security-bom from 6.3.7 to 6.3.8 #1934
- Bump org.springframework.security:spring-security-bom from 6.3.8 to 6.3.9 #1986
- Bump org.springframework:spring-framework-bom from 6.1.17 to 6.1.18 #1932
- Bump org.springframework:spring-framework-bom from 6.1.18 to 6.1.19 #1978
1.5.0-M2
⭐ New Features
- Add support for OAuth 2.0 Pushed Authorization Requests (PAR) #1925
- Polish JdbcOAuth2AuthorizationService #1908
- Support POST for authorization code request flow #1874
- Use pattern matching #1907
🪲 Bug Fixes
- The default/demo-authorizationserver samples have a redirect loop #1920
🔨 Dependency Upgrades
- Bump
@springio/antora-extensions from 1.14.2 to 1.14.4 in /docs #1917 - Bump com.fasterxml.jackson:jackson-bom from 2.18.2 to 2.18.3 #1923
- Bump org.springframework.security:spring-security-bom from 6.5.0-M2 to 6.5.0-M3 #1935
- Bump org.springframework:spring-framework-bom from 6.2.3 to 6.2.4 #1931
❤️ Contributors
Thank you to all the contributors who worked on this release:
@arefbehboudi, @dependabot[bot], and @sylvain-costanzo
Contributors
dependabot, arefbehboudi, and sylvain-costanzo
Assets 2
1.5.0-M1
⭐ New Features
- Support OAuth 2.0 Demonstrating Proof of Possession (DPoP) #1813
🔨 Dependency Upgrades
- Bump org.springframework:spring-framework-bom from 6.2.2 to 6.2.3 #1901
- Update to Spring Security 6.5.0-M2 #1905
- Update to Spring Security 6.5.0-SNAPSHOT #1897
❤️ Contributors
Thank you to all the contributors who worked on this release:
@dependabot[bot]
Contributors
dependabot
Assets 2
1.4.2
⭐ New Features
- Add annotation
@Override#1878 - Fix broken links in file README #1887
- Replace deprecated fromHttpUrl with fromUriString #1883
🪲 Bug Fixes
- Fix device access token response error codes #1903
🔨 Dependency Upgrades
- Bump org.springframework:spring-framework-bom from 6.2.1 to 6.2.2 #1881
- Bump org.springframework:spring-framework-bom from 6.2.2 to 6.2.3 #1912
- Update samples to Spring Security 6.3.7 #1906
- Update samples to Spring Security 6.3.7-SNAPSHOT #1899
- Update to Spring Security 6.4.3 #1911
❤️ Contributors
Thank you to all the contributors who worked on this release:
@dependabot[bot], @loren-coding, and @ngocnhan-tran1996
Contributors
dependabot, loren-coding, and ngocnhan-tran1996