Spring Authorization Server Versions Save

Spring Authorization Server

1.1.2

8 months ago

:beetle: Bug Fixes

  • Fix samples test suite execution and failing tests #1325
  • Samples test suite is not executed as part of build process #1324
  • Fix: add length validation to prevent 500 error on invalid usercode #1309
  • Fix generating ID token with null sid when refresh_token grant #1289
  • Default error controller throws NPE when error message attribute missing #1286
  • Generating ID token when sid null during refresh_token grant throws IllegalArgumentException #1283

:hammer: Dependency Upgrades

  • Update to org.hsqldb:hsqldb 2.7.2 #1340
  • Update to Spring Security 6.1.2 #1339
  • Update to Spring Framework 6.0.11 #1338

:heart: Contributors

We'd like to thank all the contributors who worked on this release!

1.1.1

10 months ago

:star: New Features

  • Use substring instead of replaceFirst in OAuth2AuthorizationConsent #1223
  • Use substring instead of replaceFirst in OAuth2AuthorizationConsent #1222

:beetle: Bug Fixes

  • Device Grant AuthenticationConverter's can not handle multi-valued parameters #1269
  • OAuth2AuthorizationCodeRequestAuthenticationConverter can not handle multi-valued parameters #1268
  • Validate authorized principal instead of sub during logout #1235
  • Fix NPE on access token in OAuth2AuthorizationCodeAuthenticationProvider #1233
  • ID Token missing sid claim after refresh_token grant #1224
  • Revert serialVersionUID to 1.1.0 #1220

:hammer: Dependency Upgrades

  • Update to jackson-bom 2.15.2 #1282
  • Update to Spring Security 6.1.1 #1279
  • Update to Spring Framework 6.0.10 #1278
  • Update com.gradle.enterprise plugin to 3.13.3 #1234
  • Update to Spring Boot 3.1.0 #1229

:heart: Contributors

We'd like to thank all the contributors who worked on this release!

1.0.3

10 months ago

:beetle: Bug Fixes

  • OAuth2AuthorizationCodeRequestAuthenticationConverter can not handle multi-valued parameters #1267
  • Revert serialVersionUID to 1.0.0 #1219
  • Fix artifact build properties for Artifactory #1180
  • Apply ArtifactoryPlugin to SpringRootProjectPlugin #1178

:hammer: Dependency Upgrades

  • Update to junit-jupiter 5.9.3 #1281
  • Update to Spring Security 6.0.4 #1277
  • Update to Spring Framework 6.0.10 #1276
  • Update to jackson-bom 2.14.3 #1275
  • Update spring-asciidoctor-backends to 0.0.5 #1194
  • Update io.spring.ge.conventions plugin to 0.0.13 #1193
  • Update to org.jfrog.buildinfo:build-info-extractor-gradle:4.29.0 #1176

0.4.3

10 months ago

:beetle: Bug Fixes

  • Fix to save all values for multi-valued request parameters #1252
  • OAuth2AuthorizationCodeRequestAuthenticationConverter can not handle multi-valued parameters #1250
  • Revert serialVersionUID to 0.4.0 #1218
  • Fix artifact build properties for Artifactory #1179
  • Apply ArtifactoryPlugin to SpringRootProjectPlugin #1177

:hammer: Dependency Upgrades

  • Update to junit-jupiter 5.9.3 #1280
  • Update to jackson-bom 2.14.3 #1274
  • Update to Spring Security 5.8.4 #1273
  • Update to Spring Framework 5.3.28 #1272
  • Update spring-asciidoctor-backends to 0.0.5 #1192
  • Update io.spring.ge.conventions plugin to 0.0.13 #1190
  • Update to org.jfrog.buildinfo:build-info-extractor-gradle:4.29.0 #1175

:heart: Contributors

We'd like to thank all the contributors who worked on this release!

1.1.0

1 year ago

:star: New Features

  • Simplify federated login in demo sample #1208
  • Hash the sid claim in the ID Token #1207
  • Update web ui design for demo sample #1196
  • Add demo sample #1189
  • Update default sample with Spring Boot starter #1187
  • ref-doc: Update Getting Started with Spring Boot starter #1186
  • Add logout success page to default client sample #1161
  • Revoke tokens when code is reused #1152
  • Consider adding a logout success page in the default sample #1142
  • How-to: Implement an Extension Authorization Grant Type #686
  • How-to: Authenticate a user in a Single Page Application with PKCE #539
  • How-to: Authenticate using social login #538

:hammer: Dependency Upgrades

  • Update to junit-jupiter 5.9.3 #1216
  • Update to jackson-bom 2.15.0 #1215
  • Update to Spring Security 6.1.0 #1214
  • Update to Spring Framework 6.0.9 #1213
  • Update to Spring Boot 3.1.0-RC1 #1198

:heart: Contributors

We'd like to thank all the contributors who worked on this release!

1.1.0-RC1

1 year ago

:star: New Features

  • Add reference documentation for OAuth 2.0 Device Authorization Grant #1158
  • Add sample supporting public client for OAuth 2.0 Device Authorization Grant #1157
  • Support device code and user code in JdbcOAuth2AuthorizationService #1156
  • :sparkles: JDBC device_code authorization #1143
  • Add tests for OAuth 2.0 Device Authorization Grant #1127
  • Improve OAuth 2.0 Device Authorization Grant #1116
  • Improve OpenID Connect 1.0 Logout Endpoint #1077
  • ref-doc: Document OpenID Connect 1.0 Logout Endpoint #1069

:hammer: Dependency Upgrades

  • Update to json-path:2.8.0 #1171
  • Update to io.spring.javaformat:spring-javaformat-checkstyle:0.0.38 #1170
  • Update to Spring Security 6.1.0-RC1 #1169
  • Update to Spring Framework 6.0.8 #1168

:heart: Contributors

We'd like to thank all the contributors who worked on this release!

1.0.2

1 year ago

:beetle: Bug Fixes

  • Fix refresh token error code INVALID_CLIENT to INVALID_GRANT #1153
  • Consider allowing localhost in redirect_uri #1150
  • Fix to save after encoding the secret when registering the client #1113
  • Fixed Broken Support Link #1097

:hammer: Dependency Upgrades

  • Update to io.spring.javaformat:spring-javaformat-checkstyle:0.0.38 #1167
  • Update to Spring Security 6.0.3 #1166
  • Update to Spring Framework 6.0.8 #1165

0.4.2

1 year ago

:beetle: Bug Fixes

  • Fix refresh token error code INVALID_CLIENT to INVALID_GRANT #1139
  • Fixed Broken Support Link #1092
  • Fix to save after encoding the secret when registering the client #1056
  • Consider allowing localhost in redirect_uri #651

:hammer: Dependency Upgrades

  • Update to io.spring.javaformat:spring-javaformat-checkstyle:0.0.38 #1164
  • Update to Spring Security 5.8.3 #1163
  • Update to Spring Framework 5.3.27 #1162

:heart: Contributors

We'd like to thank all the contributors who worked on this release!

1.1.0-M2

1 year ago

:star: New Features

  • Enable upgradeEncoding for OAuth2 client secrets #1099
  • Implement OAuth 2.0 Device Authorization Grant #44

:beetle: Bug Fixes

  • Fixed Broken Support Link #1098

:hammer: Dependency Upgrades

  • Update to nimbus-jose-jwt:9.31 #1132
  • Update to Spring Security 6.1.0-M2 #1131
  • Update to Spring Framework 6.0.7 #1130

:heart: Contributors

We'd like to thank all the contributors who worked on this release!

1.1.0-M1

1 year ago

:star: New Features

  • Add OpenID Connect 1.0 Logout Endpoint #1068
  • Implement end_session_endpoint for RP-Initiated Logout #266

:hammer: Dependency Upgrades

  • Update to mockito-core:4.11.0 #1096
  • Update to assertj-core:3.24.2 #1095
  • Update to nimbus-jose-jwt:9.30.2 #1094
  • Update to Spring Security 6.1.0-M1 #1093
  • Update Gradle Enterprise plugin #1067

:heart: Contributors

We'd like to thank all the contributors who worked on this release!