2.0.0

This is a major release of the Inrupt Solid Client Libraries for Java, recommended for production use.

This release is broadly compatible with previous 1.x releases with several notable exceptions:

• Java 17 is the baseline version required to run these libraries (#2270)
• All methods and classes that were previously marked as deprecated have been removed (#2336)

New Features

• Support for linked Access Requests when using the accessgrant library (#2360)
• A new acp module can be used to manage and interact with Access Control Resources that use the ACP (Access Control Policy) language (#2338)

Dependency Updates

• Apache Commons Codec 1.19.0
• Apache Commons IO 2.20.0
• Apache Jena 5.5.0
• Caffeine 3.2.2
• Guava 33.5.0
• Jackson 2.20.0
• OkHttp 5.1.0
• Quarkus 3.26.3
• RDF4J 5.1.5
• Spring 6.5.4

Complete Changelog: 1.3.1...2.0.0

1.3.1

This is a patch release of the Inrupt Solid Client Libraries for Java, recommended for production use.

This release is compatible with all previous 1.x releases.

Patch changes

• The latest version of the Inrupt Access Grants JSON-LD context (namely v2) is now sent when calling the legacy AccessGrantClient::query(AccessCredentialQuery<T>) and AccessGrantClient::query(URI, URI, ...), ensuring that all Access Credentials (both using the v1 and the v2 context) are returned.

Dependency updates

Below is a summary of the dependency updates included in this release:

• Apache Commons Text 1.13.0
• Guava 33.4.0
• Quarkus 3.17.5
• Spring Security 6.4.2
• Okio 3.10.2

Complete Changelog: 1.3.0...1.3.1

1.3.0

This is a minor release of the Inrupt Solid Client Libraries for Java, recommended for production use.

This release is compatible with all previous 1.x releases.

Please note that, by default, the inrupt-client-jena module now depends on Jena 5.x which requires a Java 17 runtime. For those who use the inrupt-client-jena module and also rely on a Java 11 runtime environment, please add an explicit dependency on Apache Jena 4.10.0 in your library.

New features

• Introduce the Access Credential filter API for querying for Access Grants and Access Requests via AccessGrantClient::query(CredentialFilter<T>). This allows developers to perform more sophisticated queries on the ESS Access Grant service. The response from this method is a paged response that can be navigated forwards and backwards. (#1684)
• Connect Access Grants to their corresponding Access Request via the AccessGrantClient::grantAccess(AccessRequest) method. (#1716)

Deprecations

• With the introduction of the AccessGrantClient::query(CredentialFilter<T>) method, the existing ::query(AccessCredentialQuery<T>) and ::query(URI, URI, …) methods have been deprecated. Developers are advised to migrate to use the new formulation.

Dependency updates

Below is a summary of the dependency updates included in this release:

• Apache Jena 5.2.0
• Apache Commons IO 2.18.0
• Guava 33.3.1
• Jackson 2.18.2
• Quarkus 3.17.3
• Spring Security 6.4.1

Complete Changelog: 1.2.0...1.3.0

1.2.0

This is a minor release of the Inrupt Solid Client Libraries for Java, recommended for production use.

This release is compatible with all previous 1.x releases.

New features

• Add support for RFC 9457: Problem Details in HTTP responses. In the high-level SolidClient, any HTTP errors that throw exceptions now give developers access to problem detail data from an RFC 9457-conforming server. This change introduces the SolidClientException::getProblemDetails method along with a com.inrupt.client.ProblemDetails interface. (#1157, #1159, #1160, #1162, #1393)
• Add support for scope, state and nonce values in OpenIdProvider::authorize (#1375).
• Support qualified type names in the Access Grant client: qualified type names with the vc: prefix are now supported across the various Access Grant types. This is an addition to the current support of localname (e.g. SolidAccessGrant, SolidAccessRequest, SolidAccessDenial) and fully qualified names (e.g. http://www.w3.org/ns/solid/vc#SolidAccessGrant) (#1409)
• The OpenIdProvider class includes better support for issuer validation (RFC 9207) during the authorization_code flow in a browser-based interaction (#1246).

Bugs Fixed

• The SolidContainer class now has better support for the getHeaders() method, making it possible for clients using this class to access response headers from remote Web resources.

Dependency updates

Below is a summary of the dependency updates included in this release:

• Apache Commons Codec 1.17.1
• Apache Commons IO 2.17.0
• Guava 33.3.0
• Jackson 2.17.2
• Quarkus 3.14.0
• Spring Security 6.3.3

Complete Changelog: 1.1.0...1.2.0

1.1.1

This is a new patch release of the Inrupt Solid Client Libraries for Java, recommended for production use.

This release is compatible with all 1.1.x releases.

Bug fixes

Below is a summary of the bug fixes included in this release:

• The SolidContainer class now has better support for the getHeaders() method, making it possible for clients using this class to access response headers from remote Web resources.
• The OpenIdProvider.authorize() method had previously ignored scope, nonce and state values. If a client supplies these values, they will now be included in the resulting redirection URL.

Dependency updates

Below is a summary of the dependency updates included in this release:

• Apache Commons Codec 1.17.0
• Apache Commons IO 2.16.1
• Guava 33.2.1
• Jackson 2.17.1
• Jose4j 0.9.6
• Quarkus 3.12.0
• Spring Security 6.3.1

Complete Changelog: 1.1.0...1.1.1

1.1.0

This is a new minor release of the Inrupt Solid Client Libraries for Java, recommended for production use.

This release is compatible with all 1.0.x releases.

The Inrupt Solid Client Libraries are designed to make it easier for developers to interact with Solid Resources. The libraries provide a session management abstraction that supports OpenID Connect tokens as well as Access Grants. In addition, there are mechanisms for mapping RDF-based resources into domain-specific Java objects.

Features

Below is a summary of the new features included in this release:

• The Resource interface now includes a getHeaders() method, making it possible for clients to access all response headers from remote Web resources. This method is available on all subtypes, including RDFSource, NonRDSource, SolidRDFSource, SolidNonRDFSource and any derived user-defined type.
• Standard URI normalization is now performed automatically for all resource identifiers, so it is now unnecessary to call URI::normalize in user code before interacting with SolidClient API methods.
• An inrupt-client-spring module is available to make it easier to integrate Spring applications with the Inrupt Solid Client Libraries. At present, this integration layer includes an asSession(OAuth2User) method to convert a Spring user object into a Session object that can be used with these libraries.
• An inrupt-client-quarkus module is available to make it easier to integrate Quarkus applications with the Inrupt Solid Client Libraries. As with the Spring integration, this module includes an asSession(JsonWebToken) utility method to convert a Microprofile user object into a Session object.

Dependency updates

Below is a summary of the dependency updates included in this release:

• Guava 32.1.3
• Jackson 2.16.0
• Jena 4.10.0
• OkHttp 4.12.0
• Quarkus 3.6.0
• RDF4J 4.3.8
• Spring Boot 3.2.0

Complete Changelog: 1.0.0...1.1.0

1.0.1

This is a patch release of the Inrupt Solid Client Libraries for Java, recommended for production use.

The Inrupt Solid Client Libraries are designed to make it easier for developers to interact with Solid Resources. The libraries provide a session management abstraction that supports OpenID Connect tokens as well as Access Grants. In addition, there are mechanisms for mapping RDF-based resources into domain-specific Java objects.

Bug Fixes

Below is a summary of bug fixes included in this release:

• The SolidContainer class method getResources(), is now more strict in validating containment triples: it now excludes containment triples that include fragment and query components (#653).

Dependency updates

Below is a summary of the selected dependency updates that are part of this release:

• Fixes vulnerability CVE-2023-3635 by upgrading the transitive dependency okio-jvm.

Complete Changelog: 1.0.0 ...1.0.1

1.0.0

This is the first generally available release of the Inrupt Solid Client Libraries for Java, recommended for production use.

The Inrupt Solid Client Libraries are designed to make it easier for developers to interact with Solid Resources. The libraries provide a session management abstraction that supports OpenID Connect tokens as well as Access Grants. In addition, there are mechanisms for mapping RDF-based resources into domain-specific Java objects.

Features

Below is a summary of the new features included in this release:

• Add validation for SolidContainer objects (#571)
• The AccessGrantClient::requestAccess method now supports a builder for more complex parameters (#577)

Complete Changelog: 1.0.0.Beta4 ... 1.0.0

Upgrade notes

All previously deprecated methods have been removed from the client library.

1.0.0.Beta4

1.0.0.Beta4

This is the fourth beta release of the Inrupt Client Libraries for Java.
The Inrupt Client Libraries are designed to make it easier for developers to interact with Solid Resources. The libraries provide a session management abstraction that supports OpenID Connect tokens as well as Access Grants. In addition, there are mechanisms for mapping RDF-based resources into domain-specific Java objects.

Features

Below is a summary of the new features included in this release:

• AccessCredential objects now have a getIssuedAt() method (#529)
• The AccessGrantClient::query method now supports a query builder for multi-valued query parameters (#532)

Bug Fixes

Below is a summary of bug fixes included in this release:

• The PKCE verifier method now always produces specification-conforming values (#517)

Complete Changelog: 1.0.0.Beta3 ... 1.0.0.Beta4

Upgrade notes

• The AccessGrantClient::delete method has been marked as deprecated. The Inrupt Access Grant server does not support the delete method.
• The OkHttp client version has been downgraded to 4.10.0 as the 4.11.0 version exhibits compatibility problems at runtime.

1.0.0.Beta3

This is the third beta release of the Inrupt Client Libraries for Java.

The Inrupt Client Libraries are designed to make it easier for developers to interact with Solid Resources. The libraries provide a session management abstraction that supports OpenID Connect tokens as well as Access Grants. In addition, there are mechanisms for mapping RDF-based resources into domain-specific Java objects.

Features

Below is a summary of the new features included in this release:

• A caching layer is now present, including implementations written with Guava and Caffeine (#410)
• Session objects are more efficient by caching access tokens (#459)
• Session objects now support a reset() method to clear any internal state (#475)
• An inrupt-client-runtime module is now present, allowing application developers to add a single dependency to their application (#416)
• Weak authorization mechanisms are explicitly disallowed in the reactive authorization module, such as Basic and Digest (#479)
• The high level SolidClient now generates specialized exceptions corresponding to specific HTTP error codes, such as NotFoundException (#480)
• The AccessGrant client now supports a verify method (#403)
• The AccessGrantClient includes two new methods: requestAccess and grantAccess, making the type structure reflect the access request/grant interaction (#461)
• The AccessGrantClient now also supports a denyAccess method for generating AccessDenial objects (#476)
• The AccessGrantClient query method now distinguishes between the creator and recipient of an access credential (#505)
• The AccessGrantClient query method now accepts a purpose argument (#499)
• The AccessGrant module now includes a utility to make it easier to edit Access Control resources so that Access Grants may be used for authorization (#473)

Bug Fixes

Below is a summary of bug fixes included in this release:

• Fixed concurrent OpenID Connect session refresh error, improving concurrency support generally (#456)
• The AccessGrant library now uses the correct data subject property for access requests (#446)
• Improved support for reading non-RDF resources via the high-level SolidClient (#445)
• The AccessGrant library now correctly serializes expiration dates as ISO-8601 strings (#437)
• The AccessGrantClient now uses the correct integer value for revocation status requests (#502)

Complete Changelog: 1.0.0.Beta2 ... 1.0.0.Beta3

Upgrade notes

• In the accessgrant module, the type hierarchy has been expanded to include an AccessRequest and AccessDenial class. These and the AccessGrant class now both derive from the AccessCredential base class. Many of the existing AccessGrantClient methods have been deprecated in favor of new methods that work with this type hierarchy (#461)
• As part of (#449) the getter methods in the WebIdProfile class have been pluralized. For example, Set<URI> getType() is now Set<URI> getTypes(). The previous methods have been marked as deprecated.
  • Similarly, the AccessGrant::getPurpose method has been deprecated in favor of AccessGrant::getPurposes (#460)
  • Similarly, the Metadata::getType method has been deprecated in favor of Metadata::getTypes (#472)
• Jakarta EE 10+ is now supported throughout the code base. This is particularly relevant for the inrupt-client-jsonb module, which now will require a Jakarta EE 10+ implementation for any application code that uses that module (#432)
• The UmaSession class is now deprecated. Please use the OpenIdSession class directly (#411)