Releases: zalando-stups/stups-spring-oauth2-support
Support expressions to check 'realms'.
Expression-Support for 'realm'
This release bring support for realm-checks in expressions. An example can be seen here. For configuration have look at this line.
You can now define expressions like:
- #oauth2.hasRealm('/customrealm')
- #oauth2.hasAnyRealm('/customrealm','nextCustomRealm','howManyRealmsDoYouHaveMan')
You are also able to combine them:
- (#oauth2.hasRealm('/customrealm') && #oauth2.hasScope('uid'))
- (#oauth2.hasScope('uid') && #oauth2.hasAnyRealm('/customrealm','nextCustomRealm','howManyRealmsDoYouHaveMan'))
But to make the last expression a bit shorter, we also provide something like
- #oauth2.hasUidScopeAndRealm('/customrealm')
- #oauth2.hasUidScopeAndAnyRealm('/customrealm','nextCustomRealm','howManyRealmsDoYouHaveMan')
PR's merged
- #24 thanks to Lukas Niemeier
- #22 see above for description
- #21 'choose request-factory by dependencies in classpath'
Thanks to all for reporting issues and PR's.
1.0.0
0.9.11 - StupsTokensAccessTokenProvider
Release Notes
Introduced the StupsTokensAccessTokenProvider
, which obtains OAuth2 access tokens from STUPS' tokens library and maps them to Spring security OAuth2AccessToken
s.
Please use StupsTokensAccessTokenProvider
in favor of StupsAccessTokenProvider
!
The existing StupsAccessTokenProvider
did not consider the expiration date of access tokens. This leads to a bug, when using it together with Spring's OAuthRestTemplate
: Once an access token was obtained it will never expire and hence never be refreshed.