70076188af
Bump com.fasterxml.jackson:jackson-bom from 2.18.4.1 to 2.18.5
2025-11-17 09:34:44 -06:00
57c9b1365c
Bump org.hibernate.orm:hibernate-core from 6.6.33.Final to 6.6.34.Final
2025-11-17 09:34:42 -06:00
1c3d28f14d
Bump io.spring.gradle:spring-security-release-plugin from 1.0.11 to 1.0.13
2025-11-17 09:34:40 -06:00
aaadb43ef8
Bump org-aspectj from 1.9.24 to 1.9.25
2025-11-17 09:34:38 -06:00
a6c1a02afa
Bump io.micrometer:micrometer-observation from 1.14.12 to 1.14.13
2025-11-17 09:34:35 -06:00
baebd04df7
Merge branch '6.4.x' into 6.5.x
2025-11-17 09:34:26 -06:00
d0166004aa
Bump com.fasterxml.jackson:jackson-bom from 2.18.4.1 to 2.18.5
2025-11-17 09:33:40 -06:00
9f96fbcda0
Bump org.hibernate.orm:hibernate-core from 6.6.33.Final to 6.6.34.Final
2025-11-17 09:33:37 -06:00
ccffb48fd1
Bump org-aspectj from 1.9.24 to 1.9.25
2025-11-17 09:33:35 -06:00
d0fcdebe88
Bump io.spring.gradle:spring-security-release-plugin from 1.0.11 to 1.0.13
2025-11-17 09:33:33 -06:00
26991bbe5f
AuthenticationRequest uses rawId.getBytes()
...
CI / Build (17, ubuntu-latest) (push) Waiting to run
Details
CI / Build (17, windows-latest) (push) Waiting to run
Details
CI / Deploy Artifacts (push) Blocked by required conditions
Details
CI / Deploy Docs (push) Blocked by required conditions
Details
CI / Deploy Schema (push) Blocked by required conditions
Details
CI / Perform Release (push) Blocked by required conditions
Details
CI / Send Notification (push) Blocked by required conditions
Details
Deploy Docs / build (push) Has been cancelled
Details
CodeQL Advanced / codeql-analysis-call (push) Has been cancelled
Details
Previously id.getBytes() was used which was problemantic because
the id is base64 encoded and this did not match the expected ids.
Closes gh-18158
2025-11-14 15:21:20 -06:00
e4106ecf68
Add Webauthn4JRelyingPartyOperations.setObjectConverter
...
Simplifies testing of Webauthn4JRelyingPartyOperations
Issue gh-18158
2025-11-14 15:21:20 -06:00
7cb57ab940
Improve webauthn webdriver tests
...
Signed-off-by: Daniel Garnier-Moiroux <git@garnier.wf>
2025-11-14 15:21:20 -06:00
b130e728b7
Polish gh-18153
...
CodeQL Advanced / codeql-analysis-call (push) Waiting to run
Details
CI / Build (17, ubuntu-latest) (push) Waiting to run
Details
CI / Build (17, windows-latest) (push) Waiting to run
Details
CI / Deploy Artifacts (push) Blocked by required conditions
Details
CI / Deploy Docs (push) Blocked by required conditions
Details
CI / Deploy Schema (push) Blocked by required conditions
Details
CI / Perform Release (push) Blocked by required conditions
Details
CI / Send Notification (push) Blocked by required conditions
Details
Deploy Docs / build (push) Has been cancelled
Details
Issue gh-18144
2025-11-11 14:27:50 -05:00
e6db56ab4f
Add a minimal authorization server configuration
...
Closes gh-18144
Signed-off-by: Andrey Litvitski <andrey1010102008@gmail.com>
2025-11-11 14:27:36 -05:00
af47cc2abe
Bump io.micrometer:micrometer-observation from 1.14.12 to 1.14.13
...
Bumps [io.micrometer:micrometer-observation](https://github.com/micrometer-metrics/micrometer ) from 1.14.12 to 1.14.13.
- [Release notes](https://github.com/micrometer-metrics/micrometer/releases )
- [Commits](https://github.com/micrometer-metrics/micrometer/compare/v1.14.12...v1.14.13 )
---
updated-dependencies:
- dependency-name: io.micrometer:micrometer-observation
dependency-version: 1.14.13
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2025-11-07 03:20:24 +00:00
f997e22d9d
Bump io.micrometer:micrometer-observation from 1.14.12 to 1.14.13
...
Bumps [io.micrometer:micrometer-observation](https://github.com/micrometer-metrics/micrometer ) from 1.14.12 to 1.14.13.
- [Release notes](https://github.com/micrometer-metrics/micrometer/releases )
- [Commits](https://github.com/micrometer-metrics/micrometer/compare/v1.14.12...v1.14.13 )
---
updated-dependencies:
- dependency-name: io.micrometer:micrometer-observation
dependency-version: 1.14.13
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2025-11-07 03:14:59 +00:00
b7fb2892ed
Next development version
CodeQL Advanced / codeql-analysis-call (push) Has been cancelled
Details
CI / Build (17, ubuntu-latest) (push) Has been cancelled
Details
CI / Build (17, windows-latest) (push) Has been cancelled
Details
Deploy Docs / build (push) Has been cancelled
Details
CI / Deploy Artifacts (push) Has been cancelled
Details
CI / Deploy Docs (push) Has been cancelled
Details
CI / Deploy Schema (push) Has been cancelled
Details
CI / Perform Release (push) Has been cancelled
Details
CI / Send Notification (push) Has been cancelled
Details
2025-11-06 17:35:33 +00:00
608b1484e4
Release 7.0.0-RC3
2025-11-06 17:07:27 +00:00
5fb2875f47
AOT hints for authorization server Jackson 3 types should be registered
...
Closes gh-18146
2025-11-06 10:14:00 -05:00
27ae318992
JdbcRegisteredClientRepository should support Jackson 3
...
CodeQL Advanced / codeql-analysis-call (push) Waiting to run
Details
CI / Build (17, ubuntu-latest) (push) Waiting to run
Details
CI / Build (17, windows-latest) (push) Waiting to run
Details
CI / Deploy Artifacts (push) Blocked by required conditions
Details
CI / Deploy Docs (push) Blocked by required conditions
Details
CI / Deploy Schema (push) Blocked by required conditions
Details
CI / Perform Release (push) Blocked by required conditions
Details
CI / Send Notification (push) Blocked by required conditions
Details
Deploy Docs / build (push) Waiting to run
Details
Issue gh-17832
Closes gh-18143
2025-11-05 15:27:14 -05:00
73840663b9
Polish JdbcOAuth2AuthorizationService
CodeQL Advanced / codeql-analysis-call (push) Waiting to run
Details
CI / Build (17, ubuntu-latest) (push) Waiting to run
Details
CI / Build (17, windows-latest) (push) Waiting to run
Details
CI / Deploy Artifacts (push) Blocked by required conditions
Details
CI / Deploy Docs (push) Blocked by required conditions
Details
CI / Deploy Schema (push) Blocked by required conditions
Details
CI / Perform Release (push) Blocked by required conditions
Details
CI / Send Notification (push) Blocked by required conditions
Details
Deploy Docs / build (push) Waiting to run
Details
2025-11-05 06:41:41 -05:00
c85cb2d1ef
Bump org-aspectj from 1.9.24 to 1.9.25
...
Bumps `org-aspectj` from 1.9.24 to 1.9.25.
Updates `org.aspectj:aspectjrt` from 1.9.24 to 1.9.25
- [Release notes](https://github.com/eclipse/org.aspectj/releases )
- [Commits](https://github.com/eclipse/org.aspectj/commits )
Updates `org.aspectj:aspectjweaver` from 1.9.24 to 1.9.25
- [Release notes](https://github.com/eclipse/org.aspectj/releases )
- [Commits](https://github.com/eclipse/org.aspectj/commits )
---
updated-dependencies:
- dependency-name: org.aspectj:aspectjrt
dependency-version: 1.9.25
dependency-type: direct:production
update-type: version-update:semver-patch
- dependency-name: org.aspectj:aspectjweaver
dependency-version: 1.9.25
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2025-11-05 03:19:48 +00:00
bf26dd9b33
Bump io.spring.gradle:spring-security-release-plugin
...
Bumps [io.spring.gradle:spring-security-release-plugin](https://github.com/spring-io/spring-security-release-tools ) from 1.0.11 to 1.0.13.
- [Release notes](https://github.com/spring-io/spring-security-release-tools/releases )
- [Commits](https://github.com/spring-io/spring-security-release-tools/compare/v1.0.11...v1.0.13 )
---
updated-dependencies:
- dependency-name: io.spring.gradle:spring-security-release-plugin
dependency-version: 1.0.13
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2025-11-05 03:19:25 +00:00
ff908c4d7c
Bump io.spring.gradle:spring-security-release-plugin
...
Bumps [io.spring.gradle:spring-security-release-plugin](https://github.com/spring-io/spring-security-release-tools ) from 1.0.11 to 1.0.13.
- [Release notes](https://github.com/spring-io/spring-security-release-tools/releases )
- [Commits](https://github.com/spring-io/spring-security-release-tools/compare/v1.0.11...v1.0.13 )
---
updated-dependencies:
- dependency-name: io.spring.gradle:spring-security-release-plugin
dependency-version: 1.0.13
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2025-11-05 03:15:17 +00:00
521f533fc4
Bump org-aspectj from 1.9.24 to 1.9.25
...
Bumps `org-aspectj` from 1.9.24 to 1.9.25.
Updates `org.aspectj:aspectjrt` from 1.9.24 to 1.9.25
- [Release notes](https://github.com/eclipse/org.aspectj/releases )
- [Commits](https://github.com/eclipse/org.aspectj/commits )
Updates `org.aspectj:aspectjweaver` from 1.9.24 to 1.9.25
- [Release notes](https://github.com/eclipse/org.aspectj/releases )
- [Commits](https://github.com/eclipse/org.aspectj/commits )
---
updated-dependencies:
- dependency-name: org.aspectj:aspectjrt
dependency-version: 1.9.25
dependency-type: direct:production
update-type: version-update:semver-patch
- dependency-name: org.aspectj:aspectjweaver
dependency-version: 1.9.25
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2025-11-05 03:14:41 +00:00
5662e17370
Add Nullable Annotations
...
CodeQL Advanced / codeql-analysis-call (push) Waiting to run
Details
CI / Build (17, ubuntu-latest) (push) Waiting to run
Details
CI / Build (17, windows-latest) (push) Waiting to run
Details
CI / Deploy Artifacts (push) Blocked by required conditions
Details
CI / Deploy Docs (push) Blocked by required conditions
Details
CI / Deploy Schema (push) Blocked by required conditions
Details
CI / Perform Release (push) Blocked by required conditions
Details
CI / Send Notification (push) Blocked by required conditions
Details
Deploy Docs / build (push) Waiting to run
Details
Added Nullable to methods that may return a null value
Closes gh-18046
2025-11-04 15:08:12 -07:00
63f28a7e1f
Merge branch '6.5.x'
2025-11-04 14:04:56 -07:00
f988272fff
Merge branch '6.4.x' into 6.5.x
CodeQL Advanced / codeql-analysis-call (push) Has been cancelled
Details
CI / Build (17, ubuntu-latest) (push) Has been cancelled
Details
CI / Build (17, windows-latest) (push) Has been cancelled
Details
CI / Test Against Snapshots (17, 17) (push) Has been cancelled
Details
CI / Test Against Snapshots (21-ea, 21) (push) Has been cancelled
Details
CI / Check Samples (push) Has been cancelled
Details
Deploy Docs / build (push) Has been cancelled
Details
CI / Deploy Artifacts (push) Has been cancelled
Details
CI / Deploy Docs (push) Has been cancelled
Details
CI / Deploy Schema (push) Has been cancelled
Details
CI / Perform Release (push) Has been cancelled
Details
CI / Send Notification (push) Has been cancelled
Details
2025-11-04 14:04:29 -07:00
532d0bef14
Add Test to Confirm 72-byte BCrypt Password Limit
...
CodeQL Advanced / codeql-analysis-call (push) Has been cancelled
Details
CI / Build (17, ubuntu-latest) (push) Has been cancelled
Details
CI / Build (17, windows-latest) (push) Has been cancelled
Details
CI / Test Against Snapshots (17, 17) (push) Has been cancelled
Details
CI / Test Against Snapshots (21-ea, 21) (push) Has been cancelled
Details
CI / Check Samples (push) Has been cancelled
Details
Deploy Docs / build (push) Has been cancelled
Details
CI / Deploy Artifacts (push) Has been cancelled
Details
CI / Deploy Docs (push) Has been cancelled
Details
CI / Deploy Schema (push) Has been cancelled
Details
CI / Perform Release (push) Has been cancelled
Details
CI / Send Notification (push) Has been cancelled
Details
Closes gh-18133
2025-11-04 14:04:02 -07:00
571bd60d82
Document OAuth 2.0 Protected Resource Metadata support
...
CodeQL Advanced / codeql-analysis-call (push) Waiting to run
Details
CI / Build (17, ubuntu-latest) (push) Waiting to run
Details
CI / Build (17, windows-latest) (push) Waiting to run
Details
CI / Deploy Artifacts (push) Blocked by required conditions
Details
CI / Deploy Docs (push) Blocked by required conditions
Details
CI / Deploy Schema (push) Blocked by required conditions
Details
CI / Perform Release (push) Blocked by required conditions
Details
CI / Send Notification (push) Blocked by required conditions
Details
Deploy Docs / build (push) Waiting to run
Details
Issue gh-17244
2025-11-04 14:37:19 -05:00
6471a32d66
Merge branch '6.5.x'
...
Closes gh-18132
2025-11-04 11:37:11 -06:00
c1e9e10bf0
Merge branch '6.4.x' into 6.5.x
...
CodeQL Advanced / codeql-analysis-call (push) Waiting to run
Details
CI / Build (17, ubuntu-latest) (push) Waiting to run
Details
CI / Build (17, windows-latest) (push) Waiting to run
Details
CI / Test Against Snapshots (17, 17) (push) Waiting to run
Details
CI / Test Against Snapshots (21-ea, 21) (push) Waiting to run
Details
CI / Check Samples (push) Waiting to run
Details
CI / Deploy Artifacts (push) Blocked by required conditions
Details
CI / Deploy Docs (push) Blocked by required conditions
Details
CI / Deploy Schema (push) Blocked by required conditions
Details
CI / Perform Release (push) Blocked by required conditions
Details
CI / Send Notification (push) Blocked by required conditions
Details
Deploy Docs / build (push) Waiting to run
Details
Closes gh-18131
2025-11-04 11:28:40 -06:00
fed6df5167
Default WebAuthnConfigurer#rpName to rpId
...
CodeQL Advanced / codeql-analysis-call (push) Waiting to run
Details
CI / Build (17, ubuntu-latest) (push) Waiting to run
Details
CI / Build (17, windows-latest) (push) Waiting to run
Details
CI / Test Against Snapshots (17, 17) (push) Waiting to run
Details
CI / Test Against Snapshots (21-ea, 21) (push) Waiting to run
Details
CI / Check Samples (push) Waiting to run
Details
CI / Deploy Artifacts (push) Blocked by required conditions
Details
CI / Deploy Docs (push) Blocked by required conditions
Details
CI / Deploy Schema (push) Blocked by required conditions
Details
CI / Perform Release (push) Blocked by required conditions
Details
CI / Send Notification (push) Blocked by required conditions
Details
Deploy Docs / build (push) Waiting to run
Details
In WebAuthn L3 spec, PublicKeyCredentialEntity.name is deprecated:
> This member is deprecated because many clients do not display it,
> but it remains a required dictionary member for backwards compatibility.
> Relying Parties MAY, as a safe default, set this equal to the RP ID.
Source: https://www.w3.org/TR/webauthn-3/#dictdef-publickeycredentialentity
Signed-off-by: Daniel Garnier-Moiroux <git@garnier.wf>
2025-11-04 11:16:22 -06:00
20ae9dc6bc
Remove Stray Needs Declaration
2025-11-04 10:08:45 -07:00
03eadb846c
Add Workflow to Finalize a Release
2025-11-04 10:07:22 -07:00
0928a60cd2
Post Process WebAuthnAuthenticationFilter
...
This commit ensures that WebAuthnAuthenticationFilter is
post processed by BeanPostProcessors and
ObjectPostProcessor.
Closes gh-18128
2025-11-04 10:54:45 -06:00
322634ca6a
Next Development Version
2025-11-04 10:39:24 -06:00
5213cc44fc
Merge branch '6.5.x'
2025-11-04 10:24:32 -06:00
8fa2fc0e1e
Merge branch '6.4.x' into 6.5.x
2025-11-04 10:24:15 -06:00
4feeb0f843
Docs: document effects of disabling CORS configurer
...
Signed-off-by: Daniel Garnier-Moiroux <git@garnier.wf>
2025-11-04 10:23:46 -06:00
ea88671f4c
Update webauthn4j usage, use non-deprecated methods
...
Signed-off-by: Daniel Garnier-Moiroux <git@garnier.wf>
2025-11-04 10:21:23 -06:00
9dde69746f
Release 7.0.0-RC2
CodeQL Advanced / codeql-analysis-call (push) Waiting to run
Details
CI / Build (17, ubuntu-latest) (push) Waiting to run
Details
CI / Build (17, windows-latest) (push) Waiting to run
Details
CI / Deploy Artifacts (push) Blocked by required conditions
Details
CI / Deploy Docs (push) Blocked by required conditions
Details
CI / Deploy Schema (push) Blocked by required conditions
Details
CI / Perform Release (push) Blocked by required conditions
Details
CI / Send Notification (push) Blocked by required conditions
Details
Deploy Docs / build (push) Waiting to run
Details
2025-11-04 05:32:57 +00:00
884cf0d62e
EnableGlobalMultiFactorAuthentication->EnableMultiFactorAuthentication
...
Closes gh-18127
2025-11-03 22:42:28 -06:00
aaf738f7ac
MFA is now Opt In
...
This commit ensures that MFA is only performed when users opt in. By
doing so, we allow users to decide if they will opt into the semantics
of merging two Authentication instances.
Closes gh-18126
2025-11-03 22:42:27 -06:00
ccd39a23c9
Only perform MFA if Authentication.getName() is the same
...
Closes gh-18112
2025-11-03 22:42:27 -06:00
793820acfa
Remove Authority Copying From Reactive
...
CodeQL Advanced / codeql-analysis-call (push) Waiting to run
Details
CI / Build (17, ubuntu-latest) (push) Waiting to run
Details
CI / Build (17, windows-latest) (push) Waiting to run
Details
CI / Deploy Artifacts (push) Blocked by required conditions
Details
CI / Deploy Docs (push) Blocked by required conditions
Details
CI / Deploy Schema (push) Blocked by required conditions
Details
CI / Perform Release (push) Blocked by required conditions
Details
CI / Send Notification (push) Blocked by required conditions
Details
Deploy Docs / build (push) Waiting to run
Details
We will re-address this when adding factors to
ReactiveAuthenticationManager implementations.
Issue gh-2603
2025-11-03 13:31:30 -07:00
b6ed037c39
Document device_code grant disabled by default
...
CodeQL Advanced / codeql-analysis-call (push) Waiting to run
Details
CI / Build (17, ubuntu-latest) (push) Waiting to run
Details
CI / Build (17, windows-latest) (push) Waiting to run
Details
CI / Deploy Artifacts (push) Blocked by required conditions
Details
CI / Deploy Docs (push) Blocked by required conditions
Details
CI / Deploy Schema (push) Blocked by required conditions
Details
CI / Perform Release (push) Blocked by required conditions
Details
CI / Send Notification (push) Blocked by required conditions
Details
Deploy Docs / build (push) Has been cancelled
Details
Issue gh-17998
2025-10-31 06:38:09 -04:00
5da0cbea4b
Document OAuth 2.0 Dynamic Client Registration support
...
CodeQL Advanced / codeql-analysis-call (push) Waiting to run
Details
CI / Build (17, ubuntu-latest) (push) Waiting to run
Details
CI / Build (17, windows-latest) (push) Waiting to run
Details
CI / Deploy Artifacts (push) Blocked by required conditions
Details
CI / Deploy Docs (push) Blocked by required conditions
Details
CI / Deploy Schema (push) Blocked by required conditions
Details
CI / Perform Release (push) Blocked by required conditions
Details
CI / Send Notification (push) Blocked by required conditions
Details
Deploy Docs / build (push) Waiting to run
Details
Issue gh-17964
2025-10-30 16:01:51 -04:00
e6b4d461e7
Fix OAuth2AuthorizationServerJacksonModule type validator configuration
...
CodeQL Advanced / codeql-analysis-call (push) Waiting to run
Details
CI / Build (17, ubuntu-latest) (push) Waiting to run
Details
CI / Build (17, windows-latest) (push) Waiting to run
Details
CI / Deploy Artifacts (push) Blocked by required conditions
Details
CI / Deploy Docs (push) Blocked by required conditions
Details
CI / Deploy Schema (push) Blocked by required conditions
Details
CI / Perform Release (push) Blocked by required conditions
Details
CI / Send Notification (push) Blocked by required conditions
Details
Deploy Docs / build (push) Waiting to run
Details
Closes gh-18102
2025-10-30 07:19:45 -04:00
Rob Winch
Daniel Garnier-Moiroux
Joe Grandja
Andrey Litvitski
dependabot[bot]
github-actions[bot]
Josh Cummings