New Features

  • Add unsupported_token_type in OAuth2ErrorCodes #9184
  • Add token and token_type_hint to OAuth2ParameterNames #9183
  • Introduce JwaAlgorithm #9182
  • WithSecurityContextTestExecutionListener Should Support Nested Classes #9179
  • Add WebFlux Documentation for Multiple Filter Chains #9178
  • SAML 2.0 Asserting Party Metadata resolution should read SigningMethod elements #9177
  • Enable customization of BearerTokenResolver by adding a setter for JwtClaimIssuerConverter on JwtIssuerAuthenticationManagerResolver #9168
  • Reactive doc points to unit tests #9157
  • Invoke Kotlin MockMvc result matchers with parentheses #9155
  • Change guard expressions order #9153
  • It is not necessary to fetch all user sessions if unlimited sessions are set in the ConcurrentSessionControlAuthenticationStrategy. #9152
  • Add refresh token expiration support #9146
  • JwtIssuerValidator handles issuer (iss) claim values as Strings and URLs #9137
  • OpenSamlAuthenticationProvider should decrypt attributes #9131
  • Update snapshot build dependencies #9124
  • spring-security-test should include jackson-datatype-jsr310 as a test dependency #9123
  • Update to Gradle 6.6.1 #9122
  • Use LobHandler in JdbcOAuth2AuthorizedClientService #9070
  • Changed metadata converter to accept files as well #9056
  • Add HSM Support for Decrypting Assertions #9055
  • File-based Configuration for Asserting Party Metadata #9028
  • Prevent PR builds from running on forks #8993
  • Provide a R2dbc implementation of ReactiveOuath2AuthorizedClientService #8765
  • Add support for dynamic JWS signature algorithm with JWKs (2) - Issue 7160 #8752
  • Support customization of BearerTokenResolver in JwtIssuerAuthenticationManagerResolver #8535
  • Provide reactive JDBC implementation of ReactiveOAuth2AuthorizedClientService #7890
  • JwtDecoders and ReactiveJwtDecoders should determine algorithm from JWK Set Endpoint #7160
  • OAuth2Token interface for AbstractOAuth2Token #5502

🐞 Bug Fixes

  • [docs]Add white space before strong notation. #9145
  • Bug with JwtValidators.createDefaultWithIssuer(String)? #9136
  • Tests should not combine Authentication and @AuthenticationPrincipal #9121
  • Closes gh-8196 appendix indentation #9118
  • Fixes in documentation #9099

🔨 Dependency Upgrades

  • Set rsocketVersion to 1.1.0 #9167
  • Set reactorVersion to 2020.0.+ #9166
  • Set springVersion to 5.3.+ #9165

Contributors

We'd like to thank all the contributors who worked on this release!

项目简介

🚀 Github 镜像仓库 🚀

源项目地址

https://github.com/spring-projects/spring-security

发行版本 68

5.3.10.RELEASE

全部发行版

贡献者 303

全部贡献者

开发语言

  • Java 94.7 %
  • Kotlin 4.7 %
  • Groovy 0.5 %
  • PLSQL 0.0 %
  • AspectJ 0.0 %