Skip to content
Pre-release

@jzheaux jzheaux released this Oct 1, 2019 · 550 commits to master since this release

⭐️ New Features

  • Add JDK 12 Build #6774
  • Update Gradle version to 5.3.1 #6747
  • Align JavaDoc in SecureRandomFactoryBean #6734
  • Fix a typo #6725
  • Introduce AuthenticationManagerResolver #6722
  • Defer downstream filter execution if no OAuth2AuthorizedClient is found #6719
  • Make UnAuthenticatedServerOAuth2AuthorizedClientRepository threadsafe #6717
  • URL Cleanup #6662
  • URL Cleanup #6655
  • Simplify MediaTypeRequestMatcher construction #6648
  • Polish #6635
  • Introduced placeholder support for headers tag attributes #6623
  • Allowing for a @bean of type OAuth2AccessTokenResponseClient<OAuth2Cl… #6606
  • Throw exception that was created but not thrown #6604
  • documentation: remove out-of-date #6603
  • OAuth2LoginSpec discovers ReactiveOAuth2AccessTokenResponseClient @bean #6587
  • OAuth2ClientConfiguration discovers client_credentials OAuth2AccessTokenResponseClient #6572
  • Multi tenancy for Resource Server #6563
  • Introduce @CurrentSecurityContext for method arguments #6562
  • Fix Broken Documentation Link #6555
  • Broken URL in documentation #6553
  • Add Support for Clear Site Data on Logout #6550
  • Introduce @CurrentSecurityContext for method arguments #6546
  • Reactive Opaque Token Support #6519
  • OidcIdTokenValidator ensures clockSkew is positive number #6514
  • Add Reactive Opaque Token Support to Resource Server #6513
  • Properties should reference scope not scopes #6510
  • HeaderWriterFilter writes headers at beginning #6509
  • Introduce OAuth2AuthorizationRequest.attributes #6508
  • Introduce Support for Reading RSA Keys #6505
  • NimbusReactiveJwtDecoder Takes Reactive Processor #6499
  • Support symmetric key for JwtDecoder #6495
  • Add RSA Key Converters #6494
  • Improve formatting of LDAP snippets in Reference Documentation #6486
  • Add client support for PKCE #6485
  • OAuth2LoginSpec discovers ReactiveOAuth2AccessTokenResponseClient @bean #6477
  • Add new configuration options for OAuth2LoginSpec #6462
  • Update to nimbus-jose-jwt:6.7 #6459
  • Consider having HeaderWriters check before writing #6456
  • Added CompositeHeaderWriter #6455
  • Consider having HeaderWriters check before writing #6454
  • Add a composite HeaderWriter class #6453
  • Support PKCE for Client #6446
  • OidcIdTokenValidator ensures clockSkew is positive number #6443
  • Save original request on oauth2Client filter #6418
  • Add Support for Opaque OAuth2 Tokens to Resource Server #6352
  • Add preload support to Strict-Transport-Security #6312
  • Remove Servlet Spec 2.5 and 3.0 support #6220
  • OAuth2ResourceServerConfigurerTests should avoid MockWebServer #6104
  • OAuth2AuthorizationRequest.additionalParameters should not contain registration_id #5940
  • NimbusReactiveJwtDecoder should accept a custom processor #5937
  • Improve OAuth2LoginSpec with more configuration options #5598
  • Provide support for symmetric key verification via JwtDecoder #5465
  • Support for OIDC Logout #5356
  • Multi-tenancy support for OAuth2 #5351
  • Support RP (Client) initiated logout #5350
  • Provide support for OAuth 2.0 Token Introspection #5200
  • Add Clear Site Data to Log Out #4187

🐞 Bug Fixes

  • ServletOAuth2AuthorizedClientExchangeFilterFunction supports chaining #6526
  • Update resource-server.adoc #6523
  • Fixed broken link #6522
  • Fix broken link in README.adoc #6521
  • Preserve existing refresh token if new refresh token not returned #6504
  • Refreshing access token may remove refresh token from AuthorizedClient #6503
  • ServletOAuth2AuthorizedClientExchangeFilterFunction Does Not Work For Chained Reactive Methods #6483
  • Missing spring: prefix on jwk-set-uri example #6479
  • Improve CsrfBeanDefinitionParser xml parsing #6451
  • HTML markup fixed in DefaultLoginPageGeneratingFilter #6448
  • XML configuration with multiple security:http register multiple requestDataValueProcessor #6423
  • Invalid html in default login page #6417
  • Webflux Oauth2 .oauth2Client() doesn't redirect back to the original request after authenticating in the auth server #6341
  • Fix OAuth2 Client with Ditributed Session #6215

❤️ Contributors

We'd like to thank all the contributors who worked on this release!

Assets 2
You can’t perform that action at this time.