spring-projects/spring-authorization-server 0.1.0 on GitHub

⭐ New Features

Propagate additional token request parameters #226
openid scope should not require user consent #225
Set iss claim in Jwt using configured issuer #223
Add OAuth2Authorization.id #220
Introduce base Authentication for authorization grant #216
Add JoseHeader.builder() #215
Use configuration from ProviderSettings in OAuth2AuthorizationServerConfigurer #201
Use ProviderSettings in OAuth2AuthorizationServerConfigurer #182
Allow customizing Jwt claims and headers #173
Register SecurityFilterChain instead of WebSecurityConfigurerAdapter #163
Implement OpenID Provider Configuration endpoint #143
Add client secret POST authentication method support #140
Support client authentication method POST #134
Implement OpenID Provider Configuration endpoint #55
Implement OpenID Connect 1.0 Authorization Code Flow #53

OAuth2AccessToken.scopes includes authorized or requested scopes #224
InMemoryOAuth2AuthorizationService.save() should support insert and update #222
JwkSet endpoint returns empty keys #198
token_type_hint should be used as a hint only #188
token_type_hint should be used as a hint only #175
Unknown token_type_hint should be ignored #174
Configured TokenSettings.accessTokenTimeToLive() not used #172
Ensure refresh token is not revoked #169
Refresh token should not be issued if client is not configured with refresh_token grant type#155 #168
Ensure refresh token is not revoked #158
Refresh token should not be issued if client is not configured with refresh_token grant type #155
Sample not working with Spring Boot 2.4.0 #154
Building the project fails #153

We'd like to thank all the contributors who worked on this release!