Releases
5.2.3.RELEASE
⏪ Non-passive
SwitchUserFilter vulnerable to CSRF #8223
⭐ New Features
SpringTestContext returns ConfigurableWebApplicationContext #8240
OAuth2LoginAuthenticationProvider uses OAuth2AuthorizationCodeAuthenticationProvider #8235
Update Encryptors documentation for standard and stronger #8212
Getting OAuth2AuthenticationException when Bearer token is empty #8207
Document AuthorizedClientServiceOAuth2AuthorizedClientManager #8159
Basic auth header without user results in exception #8123
Typo 'properites' -> 'properties' in documentation #8099
🪲 Bug Fixes
Update tests to use absolute paths #8260
HttpServletRequest.logout() not functioning #8241
OAuth2 ClientRegistrations NPE when UserInfo endpoint missing #8210
oauth2Login WebFlux should not auto-redirect for XHR request #8202
Make OAuth2ErrorHttpMessageConverter more resilient #8180
RSocket test should throw AccessDeniedException #8155
Fix typo in Javadoc of HttpSecurity#csrf() #8137
Empty RelayState causes errors with ADFS #8070
Fix typo in AntPathRequestMatcher contructor comment #8045
An AuthenticationManager is required. Oauth2ResourceServer + anonymous disable #8040
OAuth2 access token response parsing fails with nested JSON object #8021
Fix typo in snippet code 'jwtAuthenticationConveter' -> 'jwtAuthenticationConverter' #7969
OAuth2AuthorizationCodeGrantWebFilter should also match on query parameters #7967
OAuth2AuthorizationCodeGrantFilter should also match on query parameters #7964
Query parameters in authorization-url are double-encoded #7960
Don't force downcasting of RequestAttributes to ServletRequestAttributes #7959
ClassCastException for ServletRequestAttributes #7958
🔨 Dependency Upgrades
Update RSocket to 1.0.0-RC6 #8280
Update to reactive-streams 1.0.3 #8279
Update to OpenSAML 3.4.5 #8278
Update to hibernate-entitymanager 5.4.13.Final #8277
Update to hibernate-core 5.2.18.Final #8276
Update blockhound to 1.0.3.RELEASE #8275
Update to unboundid-ldapsdk 4.0.14 #8274
Update to okhttp 3.14.7 #8259
Update to Jackson 2.10.3 #8258
Update to mockwebserver 3.14.7 #8257
Update to org.powermock 2.0.6 #8255
Upgrade to embedded Apache Tomcat 9.0.33 #8254
Update to httpclient 4.5.12 #8253
Update to Spring Boot 2.2.6.RELEASE #8252
Update to GAE 1.9.79 #8251
Update to Reactor Dysprosium-SR6 #8250
Update to Spring Framework 5.2.5 #8249
Update to Spring Data Moore-SR6 #8248
Update to Jetty 9.4.22.v20191022 #7507
You can’t perform that action at this time.