Spring Authorization Server 0.3.0 was officially released today, and there are some highlights in this update.
Documentation Released
The documentation for Spring Authorization Server has been officially released with this update and is now available on the Spring website.
Documentation: https://spring.io/projects/spring-authorization-server
The document currently contains the following important modules.
-
Project Overview: an introduction and a list of features.
-
Getting Help: Examples, FAQs and issues.
-
Getting Started: System requirements, dependencies, and a guide to developing your first application.
-
Configuration Model: Default and custom configurations.
-
Core Model/Component: Introduction to the core domain model and component interfaces.
-
Protocol Endpoints: OAuth2 and OIDC 1.0 protocol endpoint implementations.
-
Usage Guidelines: Guidelines for Spring Authorization Server.
Significant changes in 0.3.0
- Changed the interface containing only constants to the final class.
- Moved
OAuth2TokenCustomizer
to under the token package. - Removed deprecated function code marked as
@Deprecation
. - Remove
JwtEncoder
and related classes. - Remove
OAuth2TokenClaimsContext.Builder.claims()
from the token context builder. - Remove the claim accessor
OAuth2TokenIntrospectionClaimAccessor
from the token introspection. - Removed support for
code_challenge_method
of type PKCEplain
in OAuth2.
See the 0.3.0 changelog for more new features.
Dependency Upgrade
This release supports the just released Spring Boot 2.7.0 and Spring Security 5.7.1
- Update to com.squareup.okhttp3:4.9.3。
- Update to jackson-bom:2.13.3
- Update to mockito-core:4.5.1
- Update to nimbus-jose-jwt:9.22
- Update to Spring Boot 2.7.0
- Update to Spring Framework 5.3.20
- Update to Spring Security 5.7.1
New Contributors
Two new Contributors have been added in this release.