Skip to content

Releases: patternhelloworld/spring-oauth2-easyplus

Stabilize App-Token based Module

14 Sep 15:04
@patternhelloworld patternhelloworld
v3.1.1
85c15f2
Compare
Choose a tag to compare
Stabilize App-Token based Module
  • Leave warning logs for the function 'findSafelyByPrincipalNameAndClientIdAndAppToken'
  • Conditional 'No app-token module'
  • Fix minor bugs
Loading

v3.0.1

12 Sep 07:06
@patternhelloworld patternhelloworld
v3.0.1
ed38308
Compare
Choose a tag to compare
v3.0.1
  • Emergent fixes on the new v3
Loading

The first release for v3

11 Sep 17:30
@patternhelloworld patternhelloworld
v3.0.0
27eb117
Compare
Choose a tag to compare
The first release for v3
  • Now follows the DB tables from Spring Authorization Server.
  • DB tables from Spring Security 5 have been removed.
Loading

The latest Spring Boot version applied

09 Sep 15:37
@patternhelloworld patternhelloworld
v2.8.1
b85ffa9
Compare
Choose a tag to compare
The latest Spring Boot version applied
  • v3.3.2
  • Another conditional bean to handle 'HashCheckService'
  • and others...
Loading

Make Authorization(=Access Denied) Exceptions clear and add test codes for that

18 Jul 15:35
@patternhelloworld patternhelloworld
v2.7.0
c2874e2
Compare
Choose a tag to compare
Make Authorization(=Access Denied) Exceptions clear and add test codes for that

"Customizable" settings

  • Insert your code when events happen such as tokens created

    • SecurityPointCut
    • See the source code in client.config.securityimpl.aop

  • Register error user messages as desired

    • ISecurityUserExceptionMessageService
    • See the source code in client.config.securityimpl.message

  • Customize the whole error payload as desired for all cases

    • What is "all cases"?
      • Authorization Server ("/oauth2/token", "/api/v1/traditional-oauth/token") and Resource Server (Bearer token inspection : 401, Permission : 403)
    • Customize errors of the following cases
      • Login (/oauth2/token) : client.config.securityimpl.response.CustomAuthenticationFailureHandlerImpl
      • Login (/api/v1/traditional-oauth/token) : client.config.response.error.GlobalExceptionHandler.authenticationException ("/api/v1/traditional-oauth/token", Resource Server (Bearer token inspection))
      • Resource Server (Bearer token expired or with a wrong value, 401) :client.config.securityimpl.response.CustomAuthenticationEntryPointImpl
      • Resource Server (Permission, 403, @PreAuthorized on your APIs) client.config.response.error.GlobalExceptionHandler.authorizationException
Loading

Add more selective pointcuts (refer to README)

18 Jul 10:18
@patternhelloworld patternhelloworld
v2.6.0
f542bcb
Compare
Choose a tag to compare
Add more selective pointcuts (refer to README)

Full Changelog: v2.6.0...v2.6.0

Loading

Make the error payload customizable

17 Jul 15:35
@patternhelloworld patternhelloworld
v2.5.0
3dad57f
Compare
Choose a tag to compare
Make the error payload customizable

Full Changelog: v2.5.0...v2.5.0

Loading

The first publication to the Maven repository

16 Jul 14:49
@patternhelloworld patternhelloworld
v2.4.0
e384d11
Compare
Choose a tag to compare
The first publication to the Maven repository

Full Changelog: v2.4.0...v2.4.0

Loading

Add a test code for grant_type missing and correct the payload consistency

16 Jul 04:49
@patternhelloworld patternhelloworld
v2.2.0
bfaf16c
Compare
Choose a tag to compare
Add a test code for grant_type missing and correct the payload consistency

Full Changelog: v2.2.0...v2.2.0

Loading

Synchronize api/v1/... and oauth2/token for basic token errors

15 Jul 15:31
@patternhelloworld patternhelloworld
v2.1.0
f9cb8ab
Compare
Choose a tag to compare
Synchronize api/v1/... and oauth2/token for basic token errors
  • Corrected to return the same Payload from both APIs when a token error occurs

Full Changelog: v2.1.0...v2.1.0

Loading