⭐ New Features
- Improve support for large data columns in JdbcOAuth2AuthorizationService #604
- Deprecate OAuth2TokenIntrospectionClaimAccessor #597
- Deprecate JwtEncoder and associated classes #596
- JdbcOAuth2AuthorizationService supports clob and text datatype for token columns #491
- Allow Token Revocation to be customized #490
- Adds userinfo_endpoint to authorization server metadata #489
- Authorization server metadata is missing userinfo_endpoint #488
- JdbcOAuth2AuthorizationService should support clob and text datatype for token columns #480
- Support resolving issuer from current request #479
- Allow Token Revocation to be customized #476
- Client authentication with JWT assertion #293
- Support JWT Bearer Client Authentication #59
🪲 Bug Fixes
- Missing
statein initial request + deny consent results in failure #595 - Throw invalid_grant when invalid token request with PKCE #581
- Default schema exceeds mysql row limits #550
- OAuth2ClientAuthenticationToken should not be persisted across requests #482
🔨 Dependency Upgrades
- Update to Jackson 2.12.6 #609
- Update to Spring Boot 2.5.9 #608
- Update to Reactor 2020.0.15 #607
- Update to Spring Security 5.5.4 #606
- Update to Spring Framework 5.3.15 #605
- Upgrade
io.spring.ge.conventionsto 0.0.9 #578 - Update gradle enterprise to 3.8 to address CVE-2021-45105. #547
❤️ Contributors
We'd like to thank all the contributors who worked on this release!