Releases: spring-projects/spring-authorization-server
Releases Β· spring-projects/spring-authorization-server
1.2.2
πͺ² Bug Fixes
- Update application.yml in Getting Started guide #1521
π¨ Dependency Upgrades
β€οΈ Contributors
Thank you to all the contributors who worked on this release:
Contributors
rozagerardo
Assets 2
1.1.5
1.3.0-M1
β New Features
- Allow configurable scope validation strategy in OAuth2ClientCredentialsAuthenticationProvider #1377
- Improve logging #1467
- Support multi-tenancy using the path component for issuer #1342
π¨ Dependency Upgrades
- Update to assertj-core 3.25.1 #1513
- Update to jackson-bom 2.16.1 #1512
- Update to Spring Framework 6.1.3 #1510
- Update to Spring Security 6.3.0-M1 #1511
- Update to spring-security-release-plugin 1.0.1 #1494
β€οΈ Contributors
Thank you to all the contributors who worked on this release:
Contributors
leshalv and adamleantech
Assets 2
1.2.1
1.1.4
β New Features
- Remove org.webjars dependencies from demo-authorizationserver sample #1445
πͺ² Bug Fixes
- Default timeout should be set when fetching JWKSet for private_key_jwt #1439
- Expired ID tokens are rejected at the authorization server on an RP-initiated logout #1440
- Fix tests for OAuth2 Authorization Server Metadata Endpoint #1421
- Fix tests for OIDC Provider Configuration Endpoint #1418
- Issuer should not support path component #1437
π¨ Dependency Upgrades
1.0.5
0.4.5
πͺ² Bug Fixes
- Fix to ensure endpoints distinguish between form and query parameters #1468
- Token endpoint should not use query parameters #1451
- Issuer should not support path component #1435
- Add default 15s timeout for fetching JWKSets #1433
- Fix tests for OAuth2 Authorization Server Metadata Endpoint #1419
- Fix tests for OIDC Provider Configuration Endpoint #1416
- Default timeout should be set when fetching JWKSet for private_key_jwt #1413
π¨ Dependency Upgrades
β€οΈ Contributors
We'd like to thank all the contributors who worked on this release!
1.2.0
β New Features
- Move AOT hints to main module #1446
- Allow configurable refresh token strategy for authorization_code grant #1432
- Allow for a configurable strategy for granting refresh_token #1430
- Add AOT hints for demo-authorizationserver sample #1380
- Add how-to guide for dynamic client registration with custom metadata #1376
- ref-doc: Describe main use cases for using Spring Authorization Server #1371
- Consider adding jti claim in JWT #1360
π Documentation
- How-to: Customize client metadata during dynamic client registration #1044
π¨ Dependency Upgrades
- Update to com.squareup.okhttp3 4.12.0 #1460
- Update to junit-jupiter 5.10.1 #1459
- Update to nimbus-jose-jwt 9.37.1 #1458
- Update to jackson-bom 2.16.0 #1457
- Update to Spring Security 6.2.0 #1456
- Update to Spring Framework 6.1.0 #1455
β€οΈ Contributors
We'd like to thank all the contributors who worked on this release!
1.2.0-RC1
β New Features
- Add reusable default authentication failure handler #1384
π¨ Dependency Upgrades
- Update to nimbus-jose-jwt 9.37 #1408
- Update to jackson-bom 2.15.3 #1407
- Update to Spring Security 6.2.0-RC2 #1406
- Update to Spring Framework 6.1.0-RC1 #1405
β€οΈ Contributors
We'd like to thank all the contributors who worked on this release!