Releases: spring-projects/spring-authorization-server
Releases · spring-projects/spring-authorization-server
1.5.2
🔨 Dependency Upgrades
- Bump
@springio/antora-extensions from 1.14.4 to 1.14.6 in /docs #2096 - Bump io-spring-javaformat from 0.0.46 to 0.0.47 #2066
- Bump io.spring.develocity.conventions from 0.0.23 to 0.0.24 #2124
- Bump io.spring.security.release from 1.0.10 to 1.0.11 #2148
- Bump io.spring.security.release from 1.0.6 to 1.0.8 #2065
- Bump io.spring.security.release from 1.0.8 to 1.0.9 #2105
- Bump io.spring.security.release from 1.0.9 to 1.0.10 #2125
- Bump org.springframework.security:spring-security-bom from 6.5.1 to 6.5.2 #2126
- Bump org.springframework.security:spring-security-bom from 6.5.2 to 6.5.3 #2167
- Bump org.springframework:spring-framework-bom from 6.2.8 to 6.2.9 #2104
- Bump org.springframework:spring-framework-bom from 6.2.9 to 6.2.10 #2149
1.4.5
🔨 Dependency Upgrades
- Bump
@springio/antora-extensions from 1.14.4 to 1.14.6 in /docs #2094 - Bump io-spring-javaformat from 0.0.46 to 0.0.47 #2056
- Bump io.spring.develocity.conventions from 0.0.23 to 0.0.24 #2121
- Bump io.spring.security.release from 1.0.10 to 1.0.11 #2151
- Bump io.spring.security.release from 1.0.6 to 1.0.8 #2059
- Bump io.spring.security.release from 1.0.8 to 1.0.9 #2107
- Bump io.spring.security.release from 1.0.9 to 1.0.10 #2122
- Bump org.springframework.security:spring-security-bom from 6.4.7 to 6.4.8 #2123
- Bump org.springframework.security:spring-security-bom from 6.4.8 to 6.4.9 #2169
- Bump org.springframework:spring-framework-bom from 6.2.8 to 6.2.9 #2108
- Bump org.springframework:spring-framework-bom from 6.2.9 to 6.2.10 #2150
1.5.1
⭐ New Features
- Polish logging in OAuth2ClientAuthenticationFilter #2025
🪲 Bug Fixes
- OAuth2 Pushed Authorization Request request_uri expiry is too short #2024
🔨 Dependency Upgrades
- Bump com.fasterxml.jackson:jackson-bom from 2.18.4 to 2.18.4.1 #2040
- Bump io-spring-javaformat from 0.0.45 to 0.0.46 #2030
- Bump io.spring.develocity.conventions from 0.0.22 to 0.0.23 #2034
- Bump org.springframework.security:spring-security-bom from 6.5.0 to 6.5.1 #2049
- Bump org.springframework:spring-framework-bom from 6.2.7 to 6.2.8 #2045
1.4.4
🪲 Bug Fixes
- Prevent NPE #1995
🔨 Dependency Upgrades
- Bump com.fasterxml.jackson:jackson-bom from 2.18.3 to 2.18.4 #2001
- Bump com.fasterxml.jackson:jackson-bom from 2.18.4 to 2.18.4.1 #2039
- Bump io-spring-javaformat from 0.0.43 to 0.0.45 #2022
- Bump io-spring-javaformat from 0.0.45 to 0.0.46 #2031
- Bump io.spring.develocity.conventions from 0.0.22 to 0.0.23 #2033
- Bump io.spring.security.release from 1.0.5 to 1.0.6 #1998
- Bump org.springframework.security:spring-security-bom from 6.4.5 to 6.4.6 #2023
- Bump org.springframework.security:spring-security-bom from 6.4.6 to 6.4.7 #2050
- Bump org.springframework:spring-framework-bom from 6.2.6 to 6.2.7 #2018
- Bump org.springframework:spring-framework-bom from 6.2.7 to 6.2.8 #2044
❤️ Contributors
Thank you to all the contributors who worked on this release:
Contributors
ngocnhan-tran1996
Assets 2
1.3.7
🪲 Bug Fixes
🔨 Dependency Upgrades
- Bump io-spring-javaformat from 0.0.43 to 0.0.45 #2019
- Bump io-spring-javaformat from 0.0.45 to 0.0.46 #2029
- Bump io.spring.develocity.conventions from 0.0.22 to 0.0.23 #2032
- Bump io.spring.security.release from 1.0.5 to 1.0.6 #1999
- Bump org.springframework.security:spring-security-bom from 6.3.9 to 6.3.10 #2051
- Bump org.springframework:spring-framework-bom from 6.1.19 to 6.1.20 #2017
- Bump org.springframework:spring-framework-bom from 6.1.20 to 6.1.21 #2046
❤️ Contributors
Thank you to all the contributors who worked on this release:
Contributors
ngocnhan-tran1996 and antoinelauzon-bell
Assets 2
1.5.0
⭐ New Features
- Add documentation for DPoP support #2009
- Add documentation for OAuth 2.0 Pushed Authorization Requests (PAR) #2014
- Replace
@MockBeanwith@MockitoBean#1972
🪲 Bug Fixes
- Fix DPoP jkt claim to be JWK SHA-256 thumbprint #2007
- Fix DPoP jkt claim validation during refresh_token grant for public clients #2008
🔨 Dependency Upgrades
- Bump com.fasterxml.jackson:jackson-bom from 2.18.3 to 2.18.4 #2002
- Bump io-spring-javaformat from 0.0.43 to 0.0.45 #2020
- Bump io.spring.security.release from 1.0.5 to 1.0.6 #2000
- Bump org.springframework.security:spring-security-bom from 6.5.0-RC1 to 6.5.0 #2021
- Bump org.springframework:spring-framework-bom from 6.2.6 to 6.2.7 #2016
❤️ Contributors
Thank you to all the contributors who worked on this release:
Contributors
DevDengChao
Assets 2
1.5.0-RC1
⭐ New Features
- Add authorization server metadata for DPoP support #1951
- Add authorization server metadata for OAuth 2.0 Pushed Authorization Requests (PAR) #1975
- Enforce one-time use for request_uri used in PAR #1974
- request_uri used in PAR must be bound to the client #1971
- Use OAuth2ParameterNames.REQUEST_URI #1991
- Validate expiry for request_uri used in PAR #1973
- Verify DPoP Proof public key during refresh_token grant for public clients #1949
🔨 Dependency Upgrades
- Bump
@springio/asciidoctor-extensions from 1.0.0-alpha.16 to 1.0.0-alpha.17 in /docs #1944 - Bump io.spring.security.release from 1.0.3 to 1.0.4 #1968
- Bump io.spring.security.release from 1.0.4 to 1.0.5 #1987
- Bump org.springframework.security:spring-security-bom from 6.5.0-M3 to 6.5.0-RC1 #1990
- Bump org.springframework:spring-framework-bom from 6.2.4 to 6.2.5 #1940
- Bump org.springframework:spring-framework-bom from 6.2.5 to 6.2.6 #1979
- Bump spring-io/spring-doc-actions from 0.0.18 to 0.0.19 #1942
1.4.3
🔨 Dependency Upgrades
- Bump
@springio/antora-extensions from 1.14.2 to 1.14.4 in /docs #1916 - Bump
@springio/asciidoctor-extensions from 1.0.0-alpha.16 to 1.0.0-alpha.17 in /docs #1943 - Bump com.fasterxml.jackson:jackson-bom from 2.18.2 to 2.18.3 #1922
- Bump io.spring.security.release from 1.0.3 to 1.0.4 #1966
- Bump io.spring.security.release from 1.0.4 to 1.0.5 #1988
- Bump org.springframework.security:spring-security-bom from 6.4.3 to 6.4.4 #1936
- Bump org.springframework.security:spring-security-bom from 6.4.4 to 6.4.5 #1989
- Bump org.springframework:spring-framework-bom from 6.2.3 to 6.2.4 #1933
- Bump org.springframework:spring-framework-bom from 6.2.4 to 6.2.5 #1939
- Bump org.springframework:spring-framework-bom from 6.2.5 to 6.2.6 #1980
- Bump spring-io/spring-doc-actions from 0.0.18 to 0.0.19 #1947
1.3.6
🔨 Dependency Upgrades
- Bump
@springio/antora-extensions from 1.14.2 to 1.14.4 in /docs #1919 - Bump
@springio/asciidoctor-extensions from 1.0.0-alpha.16 to 1.0.0-alpha.17 in /docs #1945 - Bump io.spring.security.release from 1.0.3 to 1.0.4 #1967
- Bump io.spring.security.release from 1.0.4 to 1.0.5 #1985
- Bump org.springframework.security:spring-security-bom from 6.3.7 to 6.3.8 #1934
- Bump org.springframework.security:spring-security-bom from 6.3.8 to 6.3.9 #1986
- Bump org.springframework:spring-framework-bom from 6.1.17 to 6.1.18 #1932
- Bump org.springframework:spring-framework-bom from 6.1.18 to 6.1.19 #1978
1.5.0-M2
⭐ New Features
- Add support for OAuth 2.0 Pushed Authorization Requests (PAR) #1925
- Polish JdbcOAuth2AuthorizationService #1908
- Support POST for authorization code request flow #1874
- Use pattern matching #1907
🪲 Bug Fixes
- The default/demo-authorizationserver samples have a redirect loop #1920
🔨 Dependency Upgrades
- Bump
@springio/antora-extensions from 1.14.2 to 1.14.4 in /docs #1917 - Bump com.fasterxml.jackson:jackson-bom from 2.18.2 to 2.18.3 #1923
- Bump org.springframework.security:spring-security-bom from 6.5.0-M2 to 6.5.0-M3 #1935
- Bump org.springframework:spring-framework-bom from 6.2.3 to 6.2.4 #1931
❤️ Contributors
Thank you to all the contributors who worked on this release:
@arefbehboudi, @dependabot[bot], and @sylvain-costanzo
Contributors
dependabot, arefbehboudi, and sylvain-costanzo