azure-spring-boot_3.0.0

3.0.0 (2020-12-30)

Breaking Changes

• Deprecate AADAppRoleStatelessAuthenticationFilter and AADAuthenticationFilter.
• Change artifact id from azure-active-directory-spring-boot-starter to azure-spring-boot-starter-active-directory.
• Deprecate following azure-spring-boot-starter-active-directory configuration properties:

  spring.security.oauth2.client.provider.azure.*
  spring.security.oauth2.client.registration.azure.*
  azure.activedirectory.environment
  azure.activedirectory.user-group.key
  azure.activedirectory.user-group.value
  azure.activedirectory.user-group.object-id-key
  

• Stop support of Azure Active Directory Endpoints.

New Features

• Support consent of multiple client registrations during user login.
• Support on-demand client registrations.
• Support the use of @RegisteredOAuth2AuthorizedClient annotation to get OAuth2AuthorizedClient.
• Support access control through users' membership information.
• Support on-behalf-of flow in the resource server.
• Provide AAD specific token validation methods of audience validation and issuer validation.
• Expose a flag isPersonalAccount in AADOAuth2AuthenticatedPrincipal to specify the account type in use: work account or personal account.
• Enable loading transitive membership information from Microsoft Graph API.
• Enable following azure-spring-boot-starter-active-directory configuration properties:

  # Redirect URI of authorization server
  azure.activedirectory.redirect-uri-template
  # Refresh time of the cached JWK set before it expires, default value is 5 minutes.
  azure.activedirectory.jwk-set-cache-refresh-time
  # Logout redirect URI
  azure.activedirectory.post-logout-redirect-uri
  # base URI for authorization server, default value is "https://login.microsoftonline.com/"
  azure.activedirectory.base-uri
  # Membership URI of Microsoft Graph API to get users' group information, default value is "https://graph.microsoft.com/v1.0/me/memberOf"
  azure.activedirectory.graph-membership-uri