spring-projects/spring-security 5.5.0-RC1

on GitHub

⭐ New Features

• Add Sections to What's New #9596
• Add AfterMethodAuthorizationManager #9591
• Add Kotlin DSL section to What's New #9589
• Add Configuration section to What's New #9588
• Add coroutine support to pre/post authorize #9586
• Make OAuth2AuthorizationResponseType constructor public #9584
• Deprecate OAuth2AuthorizationResponseType.TOKEN #9582
• Support Create/Delete Release on spring.io #9577
• Update to commons-codec 1.15 #9575
• Fix deprecation warnings in DocsPlugin #9547
• Fix deprecation warnings for SchemaZipPlugin #9546
• Use Checkstyle.configDirectory #9545
• Re-enable Gradle dependency cache #9544
• Use Gradle Constraints + platform instead of DependencyManagementPlugin #9541
• Use new api/implementation configurations #9540
• Extract Build Conventions to buildSrc #9539
• Update javadoc for AesBytesEncryptor constructors #9536
• Add jwt-bearer authorization grant #9535
• Change build to use GPG_PRIVATE_KEY_NO_HEADER #9531
• Update ComparableVersion to version from Maven 3.6.3 #9521
• Add Jwt Client Authentication support #9520
• Add javadoc at constructors. #9518
• Add Saml2MessageBinding#from #9515
• Test method in PasswordOAuth2AuthorizedClientProviderTests has incorrect setup of token expiry #9506
• Upgrade to Gradle 6.8.2 #9458
• Update Spring Security build to require JDK 11 #9419
• Add JavaDoc to AesBytesEncryptor #9361
• Add OpenSAML 4 support #9267
• Add OpenSaml 4 support #9095
• Support JWT for Client Authentication #8175
• Make EnableReactiveMethodSecurity compatible with Kotlin Coroutines #8143
• Support JWT as an Authorization Grant for client #6053

🪲 Bug Fixes

• Fix package tangle in Resource Server #9576
• Add package-list #9562
• Add null check in CsrfFilter and CsrfWebFilter #9561
• Fix javadoc in crypto/encrypt/Encryptors.java #9537
• Fix Javadoc errors in spring-security-saml2-service-provider #9530
• @Order annotations cannot be used with @Bean methods #9154

🔨 Dependency Upgrades

• Update htmlunit-driver to 2.49.1 #9624
• Update htmlunit to 2.49.1 #9623
• Update io.spring.nohttp to 0.0.6.RELEASE #9622
• Update reactor-netty to 1.0.6 #9621
• Update io.projectreactor to 2020.0.6 #9620
• Update com.nimbusds to 9.3.3 #9619
• Update jackson-datatype-jsr310 to 2.12.3 #9618
• Update jackson-databind to 2.12.3 #9617
• Update jackson-bom to 2.12.3 #9616
• Update spring-data-bom to 2020.0.7 #9574
• Update mockito-core to 3.9.0 #9573
• Update hsqldb to 2.6.0 #9572
• Update blockhound to 1.0.6.RELEASE #9571
• Update aspectj-plugin to 5.3.3.3 #9570
• Update com.nimbusds to 9.3.1 #9569
• Update org.jetbrains.kotlin to 1.4.32 #9555
• Update nohttp-checkstyle to 0.0.5.RELEASE #9554
• Update io.spring.javaformat to 0.0.27 #9553
• Update spring-doc-resources to 0.2.5 #9552
• Update r2dbc-spi-test to 0.8.4.RELEASE #9551
• Update aspectj-plugin to 5.3.0 #9550

❤️ Contributors

We'd like to thank all the contributors who worked on this release!

• @manousos
• @jzheaux
• @prashanttholia
• @jgrandja
• @Exclamation-mark
• @candrews
• @eleftherias