Spring Authorization Server 0.3.0 was officially released today, and there are some highlights in this update.

Documentation Released

The documentation for Spring Authorization Server has been officially released with this update and is now available on the Spring website.

Documentation: https://spring.io/projects/spring-authorization-server

Spring Authorization Server

Spring Authorization Server

The document currently contains the following important modules.

  • Project Overview: an introduction and a list of features.

  • Getting Help: Examples, FAQs and issues.

  • Getting Started: System requirements, dependencies, and a guide to developing your first application.

  • Configuration Model: Default and custom configurations.

  • Core Model/Component: Introduction to the core domain model and component interfaces.

  • Protocol Endpoints: OAuth2 and OIDC 1.0 protocol endpoint implementations.

  • Usage Guidelines: Guidelines for Spring Authorization Server.

Significant changes in 0.3.0

  • Changed the interface containing only constants to the final class.
  • Moved OAuth2TokenCustomizer to under the token package.
  • Removed deprecated function code marked as @Deprecation.
  • Remove JwtEncoder and related classes.
  • Remove OAuth2TokenClaimsContext.Builder.claims() from the token context builder.
  • Remove the claim accessor OAuth2TokenIntrospectionClaimAccessor from the token introspection.
  • Removed support for code_challenge_method of type PKCE plain in OAuth2.

See the 0.3.0 changelog for more new features.

Dependency Upgrade

This release supports the just released Spring Boot 2.7.0 and Spring Security 5.7.1

  • Update to com.squareup.okhttp3:4.9.3。
  • Update to jackson-bom:2.13.3
  • Update to mockito-core:4.5.1
  • Update to nimbus-jose-jwt:9.22
  • Update to Spring Boot 2.7.0
  • Update to Spring Framework 5.3.20
  • Update to Spring Security 5.7.1

New Contributors

Two new Contributors have been added in this release.

Reference https://mp.weixin.qq.com/s/Q5iE9sObzfzaDTk9JfNVzg