diff --git a/CHANGELOG.md b/CHANGELOG.md
index 17e0bb33c7..9e70172a9d 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,6 +1,14 @@
# Change Log
All notable changes to this project will be documented in this file.
+## 2.13.8
+- [spring-xsuaa]
+ - Synchronizes `XsuaaJwtDecoder` cache configuration with internal `NimbusJwtDecoder` cache
+ - Improved logging for `XsuaaJwtDecoder` fallback key validation
+
+#### Dependency upgrades
+* Bump spring.boot.version from 2.7.9 to 2.7.10
+
## 2.13.7
- [token-client] Fixes regression introduced with logback dependency not having scope test
diff --git a/api/README.md b/api/README.md
index 0138baeaa4..42f21590dd 100644
--- a/api/README.md
+++ b/api/README.md
@@ -5,6 +5,6 @@
com.sap.cloud.security.xsuaa
api
- 2.13.7
+ 2.13.8
```
diff --git a/api/pom.xml b/api/pom.xml
index 9b394eff5c..e518d82e6f 100644
--- a/api/pom.xml
+++ b/api/pom.xml
@@ -11,7 +11,7 @@
com.sap.cloud.security.xsuaa
parent
- 2.13.7
+ 2.13.8
jar
diff --git a/bom/pom.xml b/bom/pom.xml
index 12e62f02e8..30eefbc98b 100644
--- a/bom/pom.xml
+++ b/bom/pom.xml
@@ -8,7 +8,7 @@
com.sap.cloud.security
java-bom
- 2.13.7
+ 2.13.8
pom
java-bom
@@ -112,6 +112,11 @@
resourceserver-security-spring-boot-starter
${project.version}
+
+ ${xsuaa-groupId}
+ spring-security-compatibility
+ ${project.version}
+
${xsuaa-groupId}
token-client
diff --git a/env/pom.xml b/env/pom.xml
index d89ee54f23..c4fe4e46d9 100644
--- a/env/pom.xml
+++ b/env/pom.xml
@@ -9,7 +9,7 @@
com.sap.cloud.security.xsuaa
parent
- 2.13.7
+ 2.13.8
com.sap.cloud.security
diff --git a/java-api/README.md b/java-api/README.md
index 264244beb9..5aaa287c12 100644
--- a/java-api/README.md
+++ b/java-api/README.md
@@ -5,6 +5,6 @@
com.sap.cloud.security
java-api
- 2.13.7
+ 2.13.8
```
diff --git a/java-api/pom.xml b/java-api/pom.xml
index ae405a5785..1bfdeace5b 100644
--- a/java-api/pom.xml
+++ b/java-api/pom.xml
@@ -9,7 +9,7 @@
com.sap.cloud.security.xsuaa
parent
- 2.13.7
+ 2.13.8
com.sap.cloud.security
diff --git a/java-security-it/pom.xml b/java-security-it/pom.xml
index 4944a43337..2e63132aa8 100644
--- a/java-security-it/pom.xml
+++ b/java-security-it/pom.xml
@@ -9,7 +9,7 @@
parent
com.sap.cloud.security.xsuaa
- 2.13.7
+ 2.13.8
java-security-it
diff --git a/java-security-test/README.md b/java-security-test/README.md
index fd9db0f636..c95ba6cc5c 100644
--- a/java-security-test/README.md
+++ b/java-security-test/README.md
@@ -22,7 +22,7 @@ It includes for example a `JwtGenerator` that generates JSON Web Tokens (JWT) th
com.sap.cloud.security
java-security-test
- 2.13.7
+ 2.13.8
test
```
diff --git a/java-security-test/pom.xml b/java-security-test/pom.xml
index fff33c0acf..31c59c6870 100644
--- a/java-security-test/pom.xml
+++ b/java-security-test/pom.xml
@@ -9,7 +9,7 @@
com.sap.cloud.security.xsuaa
parent
- 2.13.7
+ 2.13.8
com.sap.cloud.security
diff --git a/java-security/Migration_SpringSecurityProjects.md b/java-security/Migration_SpringSecurityProjects.md
index bc2ba2b50d..03e462db46 100644
--- a/java-security/Migration_SpringSecurityProjects.md
+++ b/java-security/Migration_SpringSecurityProjects.md
@@ -37,19 +37,19 @@ First make sure you have the following dependencies defined in your pom.xml:
com.sap.cloud.security.xsuaa
api
- 2.13.7
+ 2.13.8
com.sap.cloud.security
java-security
- 2.13.7
+ 2.13.8
com.sap.cloud.security
java-security-test
- 2.13.7
+ 2.13.8
test
```
diff --git a/java-security/README.md b/java-security/README.md
index d51512ee87..ae351dcf0b 100644
--- a/java-security/README.md
+++ b/java-security/README.md
@@ -47,7 +47,7 @@ In case of XSUAA does the JWT provide a valid `jku` token header parameter that
com.sap.cloud.security
java-security
- 2.13.7
+ 2.13.8
org.apache.httpcomponents
diff --git a/java-security/pom.xml b/java-security/pom.xml
index 24649d6000..d375b74efd 100644
--- a/java-security/pom.xml
+++ b/java-security/pom.xml
@@ -9,7 +9,7 @@
com.sap.cloud.security.xsuaa
parent
- 2.13.7
+ 2.13.8
com.sap.cloud.security
diff --git a/java-security/src/test/java/com/sap/cloud/security/token/validation/CombiningValidatorTest.java b/java-security/src/test/java/com/sap/cloud/security/token/validation/CombiningValidatorTest.java
index 5d34dba19e..0ec786eb5e 100644
--- a/java-security/src/test/java/com/sap/cloud/security/token/validation/CombiningValidatorTest.java
+++ b/java-security/src/test/java/com/sap/cloud/security/token/validation/CombiningValidatorTest.java
@@ -5,16 +5,16 @@
*/
package com.sap.cloud.security.token.validation;
-import com.sap.cloud.security.token.Token;
-import org.junit.Test;
-import org.mockito.Mockito;
-
-import java.util.ArrayList;
-
import static org.assertj.core.api.Assertions.assertThat;
import static org.mockito.ArgumentMatchers.any;
import static org.mockito.Mockito.times;
+import java.util.ArrayList;
+
+import com.sap.cloud.security.token.Token;
+import org.junit.Test;
+import org.mockito.Mockito;
+
public class CombiningValidatorTest {
public static final Token TOKEN = null;
@@ -97,7 +97,7 @@ public void registerValidationListener_listenerIsRemoved_isNotCalled() {
combiningValidator.validate(TOKEN);
- Mockito.verifyZeroInteractions(validationListenerMock);
+ Mockito.verifyNoMoreInteractions(validationListenerMock);
}
@Test
diff --git a/pom.xml b/pom.xml
index 9ba54f0a9d..1cbd9943d3 100644
--- a/pom.xml
+++ b/pom.xml
@@ -7,7 +7,7 @@
com.sap.cloud.security.xsuaa
parent
- 2.13.7
+ 2.13.8
pom
parent
@@ -57,7 +57,7 @@
1.8
3.2.1
- 2.7.9
+ 2.7.10
5.3.26
5.8.2
2.5.2.RELEASE
@@ -67,17 +67,16 @@
1.7.36
20230227
0.5.2
- 3.0.2
4.5.14
2.9.3
2.11.0
4.0.1
4.13.2
4.13.2
- 5.7.2
- 3.0.0-M9
+ 5.9.2
+ 3.0.0
1.3
- 3.12.4
+ 4.11.0
3.24.2
3.5.0
2.35.0
diff --git a/samples/java-security-usage-ias/pom.xml b/samples/java-security-usage-ias/pom.xml
index 3fbbbfc7b8..4f27e8c363 100755
--- a/samples/java-security-usage-ias/pom.xml
+++ b/samples/java-security-usage-ias/pom.xml
@@ -6,7 +6,7 @@
4.0.0
com.sap.cloud.security.xssec.samples
java-security-usage-ias
- 2.13.7
+ 2.13.8
war
org.springframework.boot
diff --git a/spring-xsuaa-mock/pom.xml b/spring-xsuaa-mock/pom.xml
index f33456a72f..edd218227a 100644
--- a/spring-xsuaa-mock/pom.xml
+++ b/spring-xsuaa-mock/pom.xml
@@ -9,7 +9,7 @@
com.sap.cloud.security.xsuaa
parent
- 2.13.7
+ 2.13.8
spring-xsuaa-mock
diff --git a/spring-xsuaa-starter/pom.xml b/spring-xsuaa-starter/pom.xml
index e77d93d18e..35be6e83f8 100644
--- a/spring-xsuaa-starter/pom.xml
+++ b/spring-xsuaa-starter/pom.xml
@@ -16,7 +16,7 @@
com.sap.cloud.security.xsuaa
parent
- 2.13.7
+ 2.13.8
xsuaa-spring-boot-starter
diff --git a/spring-xsuaa-test/README.md b/spring-xsuaa-test/README.md
index 4b88f063af..3c705bcebb 100644
--- a/spring-xsuaa-test/README.md
+++ b/spring-xsuaa-test/README.md
@@ -31,7 +31,7 @@ This includes for example a `JwtGenerator` that generates JSON Web Tokens (JWT)
com.sap.cloud.security.xsuaa
spring-xsuaa-test
- 2.13.7
+ 2.13.8
test
diff --git a/spring-xsuaa-test/pom.xml b/spring-xsuaa-test/pom.xml
index 73e206222b..b8bafc20f7 100644
--- a/spring-xsuaa-test/pom.xml
+++ b/spring-xsuaa-test/pom.xml
@@ -9,7 +9,7 @@
com.sap.cloud.security.xsuaa
parent
- 2.13.7
+ 2.13.8
spring-xsuaa-test
diff --git a/spring-xsuaa/README.md b/spring-xsuaa/README.md
index 46f90df50d..2c4868942c 100644
--- a/spring-xsuaa/README.md
+++ b/spring-xsuaa/README.md
@@ -36,7 +36,7 @@ These (spring) dependencies needs to be provided:
com.sap.cloud.security.xsuaa
spring-xsuaa
- 2.13.7
+ 2.13.8
org.apache.logging.log4j
@@ -50,7 +50,7 @@ These (spring) dependencies needs to be provided:
com.sap.cloud.security.xsuaa
xsuaa-spring-boot-starter
- 2.13.7
+ 2.13.8
```
diff --git a/spring-xsuaa/pom.xml b/spring-xsuaa/pom.xml
index a954c06476..99e55c7bb6 100644
--- a/spring-xsuaa/pom.xml
+++ b/spring-xsuaa/pom.xml
@@ -9,7 +9,7 @@
com.sap.cloud.security.xsuaa
parent
- 2.13.7
+ 2.13.8
spring-xsuaa
diff --git a/token-client/README.md b/token-client/README.md
index db7e6a0ad6..d4bbedcff2 100644
--- a/token-client/README.md
+++ b/token-client/README.md
@@ -23,7 +23,7 @@ The Resource owner password credentials (i.e., username and password) can be use
com.sap.cloud.security.xsuaa
token-client
- 2.13.7
+ 2.13.8
org.apache.httpcomponents
@@ -81,7 +81,7 @@ tokenService.clearCache();
com.sap.cloud.security.xsuaa
token-client
- 2.13.7
+ 2.13.8
org.springframework
@@ -130,7 +130,7 @@ In context of a Spring Boot application you may like to leverage auto-configurat
com.sap.cloud.security.xsuaa
xsuaa-spring-boot-starter
- 2.13.7
+ 2.13.8
org.apache.httpcomponents
diff --git a/token-client/pom.xml b/token-client/pom.xml
index aced687abb..74e47223cd 100644
--- a/token-client/pom.xml
+++ b/token-client/pom.xml
@@ -9,7 +9,7 @@
com.sap.cloud.security.xsuaa
parent
- 2.13.7
+ 2.13.8
token-client