From e4215faac3c4bfa01e079b0f8214c589098ce419 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?L=C4=ABga?= <72249435+liga-oz@users.noreply.github.com> Date: Thu, 16 May 2024 15:59:03 +0200 Subject: [PATCH] Bump version to 3.5.0 (#1545) * bump version to 3.5.0 Signed-off-by: liga-oz * update CHANGELOG.md Signed-off-by: liga-oz --------- Signed-off-by: liga-oz --- CHANGELOG.md | 26 ++++++++++++++----- README.md | 2 +- bom/pom.xml | 2 +- env/pom.xml | 2 +- java-api/README.md | 2 +- java-api/pom.xml | 2 +- java-security-it/pom.xml | 2 +- java-security-test/README.md | 2 +- java-security-test/pom.xml | 2 +- java-security/README.md | 2 +- java-security/pom.xml | 2 +- pom.xml | 2 +- samples/java-security-usage-ias/pom.xml | 4 +-- samples/java-security-usage/pom.xml | 4 +-- samples/java-tokenclient-usage/pom.xml | 4 +-- samples/sap-java-buildpack-api-usage/pom.xml | 2 +- samples/spring-security-basic-auth/pom.xml | 6 ++--- samples/spring-security-hybrid-usage/pom.xml | 4 +-- samples/spring-security-xsuaa-usage/pom.xml | 4 +-- .../pom.xml | 4 +-- spring-security-compatibility/pom.xml | 2 +- spring-security-starter/pom.xml | 2 +- .../Migration_SpringXsuaaProjects.md | 2 +- spring-security/README.md | 2 +- spring-security/pom.xml | 4 +-- spring-xsuaa-it/pom.xml | 4 +-- spring-xsuaa-starter/pom.xml | 2 +- spring-xsuaa-test/README.md | 2 +- spring-xsuaa-test/pom.xml | 2 +- spring-xsuaa/README.md | 4 +-- spring-xsuaa/pom.xml | 2 +- token-client/README.md | 6 ++--- token-client/pom.xml | 2 +- 33 files changed, 65 insertions(+), 51 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 5e1de74cb..931a43429 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -3,23 +3,37 @@ All notable changes to this project will be documented in this file. ## 3.5.0 -- [java-api] `ClientIdentity` interface has been extended with 2 new methods `getCertificateChain()` - and `getPrivateKey()` - and `ClientCertificate` class has been extended with new constructor that takes `java.security.cert.Certificate[]` - and `java.security.PrivateKey` as an argument and corresponding getters for these fields. +- [java-api] + - `ClientIdentity` interface has been extended with 2 new methods `getCertificateChain()` + and `getPrivateKey()` + and `ClientCertificate` class has been extended with new constructor that takes `java.security.cert.Certificate[]` + and `java.security.PrivateKey` as an argument and corresponding getters for these fields. + - `user_token` grant type has been re-added to `GrantType` enum - [token-client] `SSLContextFactory` class has been extended and supports Keys in PKCS#8 format with ECC algorithm. - [spring-security] - fixed NPE in IdentityServicesPropertySourceFactory on application startup when bound to a list of XSUAA services whose service plans are ALL not supported - provides an autoconfiguration that creates an Identity Service JwtDecoder with enabled proof token check. To enable it, set the `sap.spring.security.identity.prooftoken` spring property to true. + - Fixes an issue with MockMvc when the SecurityContexts are synced. It sets SecurityContextStrategy based on an + EnvironmentPostProcessor as in this scenario the servlet initialization is not happening and the code runs too late + due to that. + +#### Dependency upgrades +- Bump io.projectreactor:reactor-core from 3.6.5 to 3.6.6 +- Bump com.nimbusds:nimbus-jose-jwt from 9.37.3 to 9.39.1 +- Bump spring.core.version from 6.1.6 to 6.1.7 ## 3.4.3 -- [spring-security] improved custom SecurityContextStrategy registration for the `SecurityContextAutoConfiguration` class. It uses `ServletContextInitializer` to hook early into the initialization phase. + +- [spring-security] improved custom SecurityContextStrategy registration for the `SecurityContextAutoConfiguration` + class. It uses `ServletContextInitializer` to hook early into the initialization phase. #### Dependency upgrades -- Bump [com.sap.cloud.environment.servicebinding:java-bom](https://github.com/SAP/btp-environment-variable-access) from 0.10.4 to 0.10.5. + +- Bump [com.sap.cloud.environment.servicebinding:java-bom](https://github.com/SAP/btp-environment-variable-access) from + 0.10.4 to 0.10.5. ## 3.4.2 diff --git a/README.md b/README.md index 86c1cd32c..54ae1c0ce 100644 --- a/README.md +++ b/README.md @@ -126,7 +126,7 @@ The SAP Cloud Security Services Integration is published to maven central: https com.sap.cloud.security java-bom - 3.4.3 + 3.5.0 import pom diff --git a/bom/pom.xml b/bom/pom.xml index 00896be18..44580d4a4 100644 --- a/bom/pom.xml +++ b/bom/pom.xml @@ -8,7 +8,7 @@ com.sap.cloud.security java-bom - 3.4.3 + 3.5.0 pom java-bom diff --git a/env/pom.xml b/env/pom.xml index 4204bff4a..3e7eebf34 100644 --- a/env/pom.xml +++ b/env/pom.xml @@ -9,7 +9,7 @@ com.sap.cloud.security.xsuaa parent - 3.4.3 + 3.5.0 com.sap.cloud.security diff --git a/java-api/README.md b/java-api/README.md index ca73d10e6..6194fdfa7 100644 --- a/java-api/README.md +++ b/java-api/README.md @@ -5,6 +5,6 @@ com.sap.cloud.security java-api - 3.4.3 + 3.5.0 ``` diff --git a/java-api/pom.xml b/java-api/pom.xml index aabe476cf..2003459c7 100644 --- a/java-api/pom.xml +++ b/java-api/pom.xml @@ -9,7 +9,7 @@ com.sap.cloud.security.xsuaa parent - 3.4.3 + 3.5.0 com.sap.cloud.security diff --git a/java-security-it/pom.xml b/java-security-it/pom.xml index 6bf794b04..f70ca3064 100644 --- a/java-security-it/pom.xml +++ b/java-security-it/pom.xml @@ -9,7 +9,7 @@ parent com.sap.cloud.security.xsuaa - 3.4.3 + 3.5.0 java-security-it diff --git a/java-security-test/README.md b/java-security-test/README.md index 4f3fd0184..3011b05cd 100644 --- a/java-security-test/README.md +++ b/java-security-test/README.md @@ -40,7 +40,7 @@ It is pre-configured with a security filter that only accepts valid tokens. Furt com.sap.cloud.security java-security-test - 3.4.3 + 3.5.0 test ``` diff --git a/java-security-test/pom.xml b/java-security-test/pom.xml index 45d56dce6..fae56b613 100644 --- a/java-security-test/pom.xml +++ b/java-security-test/pom.xml @@ -9,7 +9,7 @@ com.sap.cloud.security.xsuaa parent - 3.4.3 + 3.5.0 com.sap.cloud.security diff --git a/java-security/README.md b/java-security/README.md index ed29f824d..bc0f477a6 100644 --- a/java-security/README.md +++ b/java-security/README.md @@ -67,7 +67,7 @@ To be able to validate tokens it performs the following tasks: com.sap.cloud.security java-security - 3.4.3 + 3.5.0 org.apache.httpcomponents diff --git a/java-security/pom.xml b/java-security/pom.xml index 94c726926..73c4a9eb3 100644 --- a/java-security/pom.xml +++ b/java-security/pom.xml @@ -9,7 +9,7 @@ com.sap.cloud.security.xsuaa parent - 3.4.3 + 3.5.0 com.sap.cloud.security diff --git a/pom.xml b/pom.xml index 26caf8ea3..72c0a6faf 100644 --- a/pom.xml +++ b/pom.xml @@ -7,7 +7,7 @@ com.sap.cloud.security.xsuaa parent - 3.4.3 + 3.5.0 pom parent diff --git a/samples/java-security-usage-ias/pom.xml b/samples/java-security-usage-ias/pom.xml index 67aa9aec7..f168f4c3c 100755 --- a/samples/java-security-usage-ias/pom.xml +++ b/samples/java-security-usage-ias/pom.xml @@ -6,13 +6,13 @@ 4.0.0 com.sap.cloud.security.xssec.samples java-security-usage-ias - 3.4.3 + 3.5.0 war 17 17 - 3.4.3 + 3.5.0 2.0.5 4.5.14 6.0.0 diff --git a/samples/java-security-usage/pom.xml b/samples/java-security-usage/pom.xml index d894fd673..71bfe0396 100755 --- a/samples/java-security-usage/pom.xml +++ b/samples/java-security-usage/pom.xml @@ -6,7 +6,7 @@ 4.0.0 com.sap.cloud.security.xssec.samples java-security-usage - 3.4.3 + 3.5.0 war diff --git a/spring-xsuaa-it/pom.xml b/spring-xsuaa-it/pom.xml index 144f220ad..e6e35777d 100644 --- a/spring-xsuaa-it/pom.xml +++ b/spring-xsuaa-it/pom.xml @@ -14,12 +14,12 @@ spring-xsuaa-it spring-xsuaa-it - 3.4.3 + 3.5.0 4.10.0 17 - 3.4.3 + 3.5.0 diff --git a/spring-xsuaa-starter/pom.xml b/spring-xsuaa-starter/pom.xml index 82be5755b..3d198b8fb 100644 --- a/spring-xsuaa-starter/pom.xml +++ b/spring-xsuaa-starter/pom.xml @@ -16,7 +16,7 @@ com.sap.cloud.security.xsuaa parent - 3.4.3 + 3.5.0 xsuaa-spring-boot-starter diff --git a/spring-xsuaa-test/README.md b/spring-xsuaa-test/README.md index 5aa27f114..4923fa5db 100644 --- a/spring-xsuaa-test/README.md +++ b/spring-xsuaa-test/README.md @@ -31,7 +31,7 @@ This includes for example a `JwtGenerator` that generates JSON Web Tokens (JWT) com.sap.cloud.security.xsuaa spring-xsuaa-test - 3.4.3 + 3.5.0 test diff --git a/spring-xsuaa-test/pom.xml b/spring-xsuaa-test/pom.xml index 25a69c41a..9175892a2 100644 --- a/spring-xsuaa-test/pom.xml +++ b/spring-xsuaa-test/pom.xml @@ -9,7 +9,7 @@ com.sap.cloud.security.xsuaa parent - 3.4.3 + 3.5.0 spring-xsuaa-test diff --git a/spring-xsuaa/README.md b/spring-xsuaa/README.md index 0dc42f51b..0279a40e6 100644 --- a/spring-xsuaa/README.md +++ b/spring-xsuaa/README.md @@ -39,7 +39,7 @@ These (spring) dependencies need to be provided: com.sap.cloud.security.xsuaa spring-xsuaa - 3.4.3 + 3.5.0 org.apache.logging.log4j @@ -53,7 +53,7 @@ These (spring) dependencies need to be provided: com.sap.cloud.security.xsuaa xsuaa-spring-boot-starter - 3.4.3 + 3.5.0 ``` diff --git a/spring-xsuaa/pom.xml b/spring-xsuaa/pom.xml index 6b01a51f1..e52335db6 100644 --- a/spring-xsuaa/pom.xml +++ b/spring-xsuaa/pom.xml @@ -9,7 +9,7 @@ com.sap.cloud.security.xsuaa parent - 3.4.3 + 3.5.0 spring-xsuaa diff --git a/token-client/README.md b/token-client/README.md index bdf51f670..036a2f255 100644 --- a/token-client/README.md +++ b/token-client/README.md @@ -49,7 +49,7 @@ In context of a Spring Boot application you can leverage autoconfiguration provi com.sap.cloud.security resourceserver-security-spring-boot-starter - 3.4.3 + 3.5.0 ``` In context of Spring Applications you will need the following dependencies: @@ -57,7 +57,7 @@ In context of Spring Applications you will need the following dependencies: com.sap.cloud.security.xsuaa token-client - 3.4.3 + 3.5.0 org.apache.httpcomponents @@ -124,7 +124,7 @@ See the [OAuth2ServiceConfiguration](#oauth2serviceconfiguration) section and [H com.sap.cloud.security.xsuaa token-client - 3.4.3 + 3.5.0 org.apache.httpcomponents diff --git a/token-client/pom.xml b/token-client/pom.xml index 407c3efce..b6fe0acc4 100644 --- a/token-client/pom.xml +++ b/token-client/pom.xml @@ -9,7 +9,7 @@ com.sap.cloud.security.xsuaa parent - 3.4.3 + 3.5.0 token-client