Skip to content

6.4.0-RC1

Pre-release
Pre-release
Compare
Choose a tag to compare
@spring-builds spring-builds released this 21 Oct 18:41
· 238 commits to main since this release
6.4.0-RC1
f886438

⭐ New Features

  • Add API for Looking Up Security Annotations #15700
  • Add loginPage() to DSL in reactive oauth2Login() #15674
  • Add public InMemoryOneTimeTokenService.setClock(Clock) #15864
  • Support One-Time Tokens in a Clustered Environment [#15735][https://github.com//issues/15735]
  • Add Reactive One-Time Token Login Kotlin DSL Support #15888
  • Add Support for Passkeys #13305
  • Allow OAuth2ClientSpec to get ReactiveOAuth2AccessTokenResponseClient from Spring IoC #11097
  • Allow access token request parameters to override defaults #15339
  • Allow building a ClientRegistration from provided configuration #15716
  • Allow logout+jwt JWT type for reactive #15847
  • AuthorizationEventPublisher should accept an AuthorizationResult #15915
  • AuthorizationManager should return AuthorizationResult #14846
  • Clarify Username/Password Authentication Docs #15806
  • Customize the strategy for resolving the principal #15833
  • Introduce ExpressionJwtGrantedAuthoritiesConverter to extract nested authorities via SpEL expression #15202
  • Improve encapsulation for jwtValidators #15879
  • Improve readibility of empty collection checks #15898
  • Improved error message for PasswordEncoder #14968
  • Make Security Observations Selectable #15678
  • ObjectProvider over custom getBeanOrNull method #15816
  • Parameters customizer called before all parameters are set #15939
  • Polish diamond operator usage #15900
  • Polish OAuth2ClientConfiguration #15857
  • Reactive oauth2Login should pick up OAuth2ReactiveUserService bean #15848
  • Replace Date().getTime() method with System.currentTimeMillis() #15890
  • Simplify Casting with ReactiveJwtDecoders #15797
  • Support refresh token for Token Exchange #15534
  • Update document #15862
  • Update javaDoc for DefaultOneTimeTokenSubmitPageGeneratingFilter #15870
  • Update websocket integration docs #15438
  • Use SessionAuthenticationStrategy for Remember-Me authentication #15748

🪲 Bug Fixes

  • Fix HttpSecurity Deprecation notices #15827
  • Minor fix in Kotlin docs for noSpringSecurityObservations #15831
  • OidcBackChannelLogoutTokenValidator should not construct when missing OIDC Provider Issuer #15824
  • Restore Framework version on Snapshot build #15916
  • The additionalParameters array parameter of OAuth2AuthorizationRequest causes the authorizationRequestUri to be incorrect #15830

🔨 Dependency Upgrades

  • Bump ch.qos.logback:logback-classic from 1.5.10 to 1.5.11 #15924
  • Bump com.fasterxml.jackson:jackson-bom from 2.17.2 to 2.18.0 #15859
  • Bump io.freefair.gradle:aspectj-plugin from 8.10 to 8.10.2 #15881
  • Bump io.micrometer:micrometer-observation from 1.13.5 to 1.13.6 #15918
  • Bump io.mockk:mockk from 1.13.12 to 1.13.13 #15895
  • Bump io.projectreactor:reactor-bom from 2023.0.10 to 2023.0.11 #15922
  • Bump io.spring.develocity.conventions from 0.0.21 to 0.0.22 #15871
  • Bump org.hibernate.orm:hibernate-core from 6.6.0.Final to 6.6.1.Final #15823
  • Bump org.htmlunit:htmlunit from 4.4.0 to 4.5.0 #15960
  • Bump org.junit:junit-bom from 5.11.1 to 5.11.2 #15882
  • Bump org.mockito:mockito-bom from 5.14.1 to 5.14.2 #15923
  • Bump org.seleniumhq.selenium:htmlunit3-driver from 4.23.0 to 4.25.0 #15959
  • Bump org.seleniumhq.selenium:selenium-java from 4.24.0 to 4.25.0 #15839
  • Bump org.springframework.data:spring-data-bom from 2024.0.4 to 2024.0.5 #15961
  • Bump org.springframework.ldap:spring-ldap-core from 3.2.6 to 3.2.7 #15942
  • Bump org.springframework:spring-framework-bom from 6.2.0-RC1 to 6.2.0-RC2 #15943

🔩 Build Updates

  • Bump @antora/collector-extension from 1.0.0-beta.2 to 1.0.0-beta.3 in /docs #15911
  • Bump @springio/asciidoctor-extensions from 1.0.0-alpha.13 to 1.0.0-alpha.14 in /docs #15834
  • Fix Broken Resource Server Doc Links #15845
  • Fix typo of createDefaultRequestMacher in WebSessionServerRequestCache #15867
  • Polish ExpressionTemplateSecurityAnnotationScanner #15832
  • Release 6.4.0-RC1 #15966

❤️ Contributors

Thank you to all the contributors who worked on this release:

@JohnNiang, @bottlerocketjonny, @c1rd3cm, @dependabot[bot], @franticticktick, @heruan, @jinia91, @kse-music, @kwonyonghyun, @ngocnhan-tran1996, @nimakarimiank, @openrefactorymunawar, @regiuss-own, @rs017991, @sjohnr, @thomasdarimont, @wapkch, and @xhaggi

Contributors

thomasdarimont, heruan, and 16 other contributors
Assets 2
Loading