Skip to content

1.5.0-RC1

Pre-release
Pre-release
Compare
Choose a tag to compare
@spring-builds spring-builds released this 22 Apr 15:28
· 34 commits to main since this release
1.5.0-RC1
f121738

⭐ New Features

  • Add authorization server metadata for DPoP support #1951
  • Add authorization server metadata for OAuth 2.0 Pushed Authorization Requests (PAR) #1975
  • Enforce one-time use for request_uri used in PAR #1974
  • request_uri used in PAR must be bound to the client #1971
  • Use OAuth2ParameterNames.REQUEST_URI #1991
  • Validate expiry for request_uri used in PAR #1973
  • Verify DPoP Proof public key during refresh_token grant for public clients #1949

🔨 Dependency Upgrades

  • Bump @springio/asciidoctor-extensions from 1.0.0-alpha.16 to 1.0.0-alpha.17 in /docs #1944
  • Bump io.spring.security.release from 1.0.3 to 1.0.4 #1968
  • Bump io.spring.security.release from 1.0.4 to 1.0.5 #1987
  • Bump org.springframework.security:spring-security-bom from 6.5.0-M3 to 6.5.0-RC1 #1990
  • Bump org.springframework:spring-framework-bom from 6.2.4 to 6.2.5 #1940
  • Bump org.springframework:spring-framework-bom from 6.2.5 to 6.2.6 #1979
  • Bump spring-io/spring-doc-actions from 0.0.18 to 0.0.19 #1942
Assets 2
Loading