Skip to content

Version 3.0.0

Choose a tag to compare

View all tags
@liga-oz liga-oz released this 24 Apr 07:56
· 680 commits to main since this release
3.0.0
67672cd
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.

Baseline changes

cloud-security-services-integration-library requires

  • Java 17
  • Spring Boot 3.0.x
  • Spring security 6.0.x

Breaking Changes

  • Identity service configurations need to provide domains via String array in JSON key 'identity.credentials.domains'. Providing String values under key 'identity.credentials.domain' is not supported anymore. IAS configurations from service bindings have been generated like this for a long time already. This should only affect old configuration files manually written for testing.

Removed modules

Removed deprecated classes and interfaces

  • [api]
    • XSPrincipal, XSUserInfoException → not needed anymore with new Token interface
  • [env]
    • CFEnvironment, K8sEnvironment → use instead ServiceBindingEnvironment
    • CFConstants, K8sConstants → use instead ServiceConstants
  • [java-security]
    • XSUserInfo, XSUserInfoAdapter → use instead Token interface and Token#getClaimAsString with TokenClaims.XSUAA constants to access XSUAA-specific claims.
    • SAPOfflineTokenServicesCloud → use instead [spring-security] module
  • [spring-xsuaa]
    • XSTokenRequest, TokenBroker, UaaTokenBroker → use instead token-client module to fetch XSUAA tokens via XsuaaTokenFlows
    • TokenBrokerResolver, AuthenticaionMethod → No longer provided. See spring-security-basic-auth sample how to write your own implementation.
    • IasXsuaaExchangeBroker → Exchange is not supported by XSUAA service anymore.
    • TokenUrlUtils → use instead OAuth2ServiceEndpointsProvider
    • XsuaaServicesParser → use instead Environments#getCurrent or new ServiceBindingEnvironment(new SapVcapServicesServiceBindingAccessor(any -> xsuaaConfigJson))
    • OAuth2AuthenticationConverter → Not supported anymore because deprecated by Spring Security: https://github.com/spring-projects/spring-security/wiki/OAuth-2.0-Migration-Guide
  • [token-client]
    • UserTokenFlow → use instead JwtBearerTokenFlow

Removed deprecated methods

  • [java-security]
    • OAuth2TokenKeyServiceWithCache#withCacheTime, OAuth2TokenKeyServiceWithCache#withCacheSize → use instead OAuth2TokenKeyServiceWithCache#withCacheConfiguration
    • SAPOfflineTokenServicesCloud#SAPOfflineTokenServicesCloud(OAuth2ServiceConfiguration)
  • [java-security-test]
    • SecurityTestRule#getConfigurationBuilderFromFile → use instead SecurityTestRule#getOAuth2ServiceConfigurationBuilderFromFile
    • SecurityTestRule#getWireMockRule → use instead SecurityTestRule#getWireMockServer
  • [spring-xsuaa]
    • Token#getExpirationDate → use instead Token#getExpiration
  • [spring-xsuaa-test]
    • Base64JwtDecoder#Base64JwtDecoder → use instead Base64JwtDecoder#getInstance
  • [token-client]
    • XsuaaTokenFlows#userTokenFlow → use instead XsuaaTokenFlows#jwtBearerTokenFlow
    • OAuth2TokenService#retrieveAccessTokenViaUserTokenGrant → use instead OAuth2TokenService#retrieveAccessTokenViaJwtBearerTokenGrant
    • OAuth2TokenService#retrieveAccessTokenViaClientCredentialsGrant(URI, ClientIdentity, String, Map, boolean) → use instead OAuth2TokenService#retrieveAccessTokenViaClientCredentialsGrant with null for argument subdomain
    • DefaultOAuth2TokenService#DefaultOAuth2TokenService → use instead DefaultOAuth2TokenService#DefaultOAuth2TokenService(CloseableHttpClient)
    • XsuaaOAuth2TokenService#XsuaaOAuth2TokenService → use instead XsuaaOAuth2TokenService#XsuaaOAuth2TokenService(CloseableHttpClient)
    • DefaultOAuth2TokenService#DefaultOAuth2TokenService(TokenCacheConfiguration) → use instead DefaultOAuth2TokenService#DefaultOAuth2TokenService(CloseableHttpClient, TokenCacheConfiguration)
    • XsuaaOAuth2TokenService#XsuaaOAuth2TokenService(TokenCacheConfiguration) → use instead XsuaaOAuth2TokenService#XsuaaOAuth2TokenService(CloseableHttpClient, TokenCacheConfiguration)
    • XsuaaDefaultEndpoints#XsuaaDefaultEndpoints(URI), XsuaaDefaultEndpoints#XsuaaDefaultEndpoints(String) → use instead XsuaaDefaultEndpoints#XsuaaDefaultEndpoints(String, String)
    • OAuth2TokenResponse#getExpiredAtDate → use instead OAuth2TokenResponse#getExpiredAt
    • Base64JwtDecoder#Base64JwtDecoder → use instead Base64JwtDecoder#getInstance

Removed deprecated fields

  • [java-api]
    • GrantType#USER_TOKEN → use instead GrantType#JWT_BEARER
  • [token-client]
    • OAuth2TokenServiceConstants#GRANT_TYPE_USER_TOKEN → use instead GrantType#JWT_BEARER
  • [spring-xsuaa]
    • Token#GRANTTYPE_CLIENTCREDENTIAL → use instead GrantType#CLIENT_CREDENTIALS
Assets 2
Loading