Releases: spring-projects/spring-authorization-server
Releases Β· spring-projects/spring-authorization-server
1.1.0
β New Features
- Simplify federated login in demo sample #1208
- Hash the sid claim in the ID Token #1207
- Update web ui design for demo sample #1196
- Add demo sample #1189
- Update default sample with Spring Boot starter #1187
- ref-doc: Update Getting Started with Spring Boot starter #1186
- Add logout success page to default client sample #1161
- Revoke tokens when code is reused #1152
- Consider adding a logout success page in the default sample #1142
- How-to: Implement an Extension Authorization Grant Type #686
- How-to: Authenticate a user in a Single Page Application with PKCE #539
- How-to: Authenticate using social login #538
π¨ Dependency Upgrades
- Update to junit-jupiter 5.9.3 #1216
- Update to jackson-bom 2.15.0 #1215
- Update to Spring Security 6.1.0 #1214
- Update to Spring Framework 6.0.9 #1213
- Update to Spring Boot 3.1.0-RC1 #1198
β€οΈ Contributors
We'd like to thank all the contributors who worked on this release!
1.1.0-RC1
β New Features
- Add reference documentation for OAuth 2.0 Device Authorization Grant #1158
- Add sample supporting public client for OAuth 2.0 Device Authorization Grant #1157
- Support device code and user code in
JdbcOAuth2AuthorizationService#1156 - β¨ JDBC device_code authorization #1143
- Add tests for OAuth 2.0 Device Authorization Grant #1127
- Improve OAuth 2.0 Device Authorization Grant #1116
- Improve OpenID Connect 1.0 Logout Endpoint #1077
- ref-doc: Document OpenID Connect 1.0 Logout Endpoint #1069
π¨ Dependency Upgrades
- Update to json-path:2.8.0 #1171
- Update to io.spring.javaformat:spring-javaformat-checkstyle:0.0.38 #1170
- Update to Spring Security 6.1.0-RC1 #1169
- Update to Spring Framework 6.0.8 #1168
β€οΈ Contributors
We'd like to thank all the contributors who worked on this release!
1.0.2
0.4.2
πͺ² Bug Fixes
- Fix refresh token error code INVALID_CLIENT to INVALID_GRANT #1139
- Fixed Broken Support Link #1092
- Fix to save after encoding the secret when registering the client #1056
- Consider allowing localhost in redirect_uri #651
π¨ Dependency Upgrades
- Update to io.spring.javaformat:spring-javaformat-checkstyle:0.0.38 #1164
- Update to Spring Security 5.8.3 #1163
- Update to Spring Framework 5.3.27 #1162
β€οΈ Contributors
We'd like to thank all the contributors who worked on this release!
1.1.0-M2
β New Features
- Enable
upgradeEncodingfor OAuth2 client secrets #1099 - Implement OAuth 2.0 Device Authorization Grant #44
πͺ² Bug Fixes
- Fixed Broken Support Link #1098
π¨ Dependency Upgrades
- Update to nimbus-jose-jwt:9.31 #1132
- Update to Spring Security 6.1.0-M2 #1131
- Update to Spring Framework 6.0.7 #1130
β€οΈ Contributors
We'd like to thank all the contributors who worked on this release!
1.1.0-M1
β New Features
- Add OpenID Connect 1.0 Logout Endpoint #1068
- Implement end_session_endpoint for RP-Initiated Logout #266
π¨ Dependency Upgrades
- Update to mockito-core:4.11.0 #1096
- Update to assertj-core:3.24.2 #1095
- Update to nimbus-jose-jwt:9.30.2 #1094
- Update to Spring Security 6.1.0-M1 #1093
- Update Gradle Enterprise plugin #1067
β€οΈ Contributors
We'd like to thank all the contributors who worked on this release!
1.0.1
β New Features
- ref-doc: authorizedScopes is missing from sql #1045
πͺ² Bug Fixes
- URL-encoded parameters in redirect URI are encoded twice #1074
- redirect_uri resolver is incorrect #1072
- HttpMessageConverters uses jakarta.json.bind.Jsonb #1055
- HttpMessageConverters should use jakarta.json.bind.Jsonb #1054
π¨ Dependency Upgrades
- Update to junit-jupiter:5.9.2 #1091
- Update to jackson-bom:2.14.2 #1090
- Update to io.spring.javaformat:spring-javaformat-checkstyle:0.0.35 #1089
- Update to io.spring.nohttp:nohttp-checkstyle:0.0.11 #1088
- Update to Spring Security 6.0.2 #1087
- Update to Spring Framework 6.0.5 #1086
- Update to Spring Boot 3.0.0 #1024
- Update to Spring Boot 3.0.0 #1023
β€οΈ Contributors
We'd like to thank all the contributors who worked on this release!
0.4.1
β New Features
- Replace deprecated command with environment file #1063
- Replace deprecated
set-outputcommand with environment file #1062 - Update how-to-jpa.adoc #1010
- ref-doc: authorizedScopes is missing from sql #1008
πͺ² Bug Fixes
- Fix redirect_uri resolver #1013
- redirect_uri resolver is incorrect #1012
- URL-encoded parameters in redirect URI are encoded twice #1011
π¨ Dependency Upgrades
- Update to junit-jupiter:5.9.2 #1085
- Update to jackson-bom:2.14.2 #1084
- Update to io.spring.javaformat:spring-javaformat-checkstyle:0.0.35 #1083
- Update to io.spring.nohttp:nohttp-checkstyle:0.0.11 #1082
- Update to Spring Security 5.8.2 #1081
- Update to Spring Framework 5.3.25 #1080
β€οΈ Contributors
We'd like to thank all the contributors who worked on this release!
1.0.0
0.4.0
β New Features
- Upgrade to JUnit 5 #964
- Update links to current version of OAuth 2.1 #960
- Assert unique identifiers in JdbcRegisteredClientRepository #959
- Add logging #956
- ref-doc: Document Jwt Client Assertion Validation #945
- ref-doc: Add configuration for userinfo endpoint to Getting Started example #917
- Reject client authentication where client_id has non-printable ASCII characters #889
- ref-doc: Document Authorization Request Validation #858
- Add logging #159
π¨ Dependency Upgrades
- Update to jackson-bom 2.14.0 #980
- Update to Spring Security 5.8.0 #979
- Update to Spring Framework 5.3.24 #978
β€οΈ Contributors
We'd like to thank all the contributors who worked on this release!