What’s New in Spring Authorization Server 0.3.0? Key Features and Changes

Documentation Officially Released

Spring Authorization Server documentation is now available on the Spring website at https://spring.io/projects/spring-authorization-server.

The documentation includes the following modules:

Project Overview: introduction and feature list.

Getting Help: examples, FAQs, and issues.

Getting Started: system requirements, dependencies, and guide to building your first app.

Configuration Model: default and custom configurations.

Core Model/Components: domain model and component interface introductions.

Protocol Endpoints: implementations of OAuth2 and OIDC 1.0 protocol endpoints.

Usage Guide: guide for Spring Authorization Server.

Major Changes in 0.3.0

Interfaces that only contained constants are changed to final classes. OAuth2TokenCustomizer moved to the token package.

Deprecated code annotated with @Deprecation removed. JwtEncoder and related classes removed.

Removed OAuth2TokenClaimsContext.Builder.claims() from token context builder.

Removed claim accessor OAuth2TokenIntrospectionClaimAccessor from token introspection.

Removed support for plain code_challenge_method in PKCE.

For more new features, see the 0.3.0 changelog.

Dependency Upgrades

This version supports the newly released Spring Boot 2.7.0 and Spring Security 5.7.1.

Update to com.squareup.okhttp3:4.9.3

Update to jackson-bom:2.13.3

Update to mockito-core:4.5.1

Update to nimbus-jose-jwt:9.22

Update to Spring Boot 2.7.0

Update to Spring Framework 5.3.20

Update to Spring Security 5.7.1

New Contributors

Two new contributors joined this release:

@appchemist

@NotFound403 (胖哥)

References

Documentation: https://spring.io/projects/spring-authorization-server

0.3.0 changelog: https://github.com/spring-projects/spring-authorization-server/releases/tag/0.3.0

@NotFound403 (胖哥): https://github.com/NotFound403