Skip to content

Version 3.1.3
Compare
Choose a tag to compare
@liga-oz liga-oz released this 28 Aug 06:52
· 333 commits to main since this release
3.1.3
591cb3e
  • [java-security]
    • Fixes NPE when accessing XsuaaToken.getPrincipal() and grantType is null (#1261)
  • [token-client]
    • fixes JWKs fetch from identity service issue when app_tid is not present in the token - the X-app_tid and X-client_id headers are only added when both values are available.
    • DefaultOAuth2TokenService
      • fixes issue when in case of unsuccessful token fetch OAuth2ServiceException.withHeaders() headers field were filled with only one entry containing all headers as a string
    • DefaultOAuth2TokenKeyService and SpringOAuth2TokenKeyService
      • improved error handling
        • OAuth2ServiceException that's thrown status code != 200 case doesn't get swallowed
        • fixes OAuth2ServiceException.withHeaders() semantically incorrect behavior when headers were filled with request headers instead of response headers
        • OAuth2ServiceException generated by unsuccessful JWKs fetch contains request headers as well
    • OAuth2ServiceException updated header message - contains now Response Headers instead of Headers

Dependency upgrades

  • Bump spring.security.version from 6.1.2 to 6.1.3
  • Bump spring.boot.version from 3.1.2 to 3.1.3
Assets 2
Loading