Skip to content

Commit ea432c8

Browse files
NiklasHerrmann21NiklasHerrmann21
authored
Bugfix/4.0.2 (#1938)
* fix: Use getClientIdentity() for token exchange credentials Simplified DefaultIdTokenExtension and DefaultXsuaaTokenExtension to use OAuth2ServiceConfiguration.getClientIdentity() instead of manually checking for certificate vs client secret. This ensures correct credential handling for both X.509 certificate and client secret authentication. Also added IAS certificate properties (certificate, key, credential-type, certurl) to IdentityServicesPropertySourceFactory to properly map X.509 credentials for IAS service bindings. Changes: - DefaultIdTokenExtension: Use iasConfig.getClientIdentity() - DefaultXsuaaTokenExtension: Use xsuaaConfig.getClientIdentity() - IdentityServicesPropertySourceFactory: Add IAS certificate properties * test: Update tests to use getClientIdentity() mocks * chore: Release 4.0.2 * test: Remove unused credentials variables from tests
1 parent 4dce88b commit ea432c8

34 files changed

Lines changed: 125 additions & 100 deletions

File tree

CHANGELOG.md

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,11 @@
11
# Change Log
22
All notable changes to this project will be documented in this file.
33

4+
## 4.0.2
5+
6+
- Fix token exchange credential handling to use `getClientIdentity()` instead of manually checking for certificate vs client secret
7+
- Add IAS certificate properties (`certificate`, `key`, `credential-type`, `certurl`) to `IdentityServicesPropertySourceFactory` to properly map X.509 credentials for IAS service bindings
8+
49
## 4.0.1
510

611
- Fix IAS token exchange to use `getUrl()` instead of `getCertUrl()` in `DefaultIdTokenExtension`

MIGRATION_4.0.md

Lines changed: 7 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -58,7 +58,7 @@ If you use these classes, add the new dependency:
5858
<dependency>
5959
<groupId>com.sap.cloud.security.xsuaa</groupId>
6060
<artifactId>token-client-spring</artifactId>
61-
<version>4.0.1</version>
61+
<version>4.0.2</version>
6262
</dependency>
6363
```
6464
No code changes required - the classes remain in the same package.
@@ -88,7 +88,7 @@ No code changes required - the classes remain in the same package.
8888
<dependency>
8989
<groupId>com.sap.cloud.security</groupId>
9090
<artifactId>resourceserver-security-spring-boot-starter</artifactId>
91-
<version>4.0.1</version>
91+
<version>4.0.2</version>
9292
</dependency>
9393
```
9494

@@ -146,7 +146,7 @@ Replace the standard starter with the Spring Boot 3 starter:
146146
<dependency>
147147
<groupId>com.sap.cloud.security</groupId>
148148
<artifactId>resourceserver-security-spring-boot-3-starter</artifactId>
149-
<version>4.0.1</version>
149+
<version>4.0.2</version>
150150
</dependency>
151151
```
152152

@@ -203,7 +203,7 @@ The `spring-xsuaa` module has been removed. Migrate to either:
203203
<dependency>
204204
<groupId>com.sap.cloud.security</groupId>
205205
<artifactId>java-security-test</artifactId>
206-
<version>4.0.1</version>
206+
<version>4.0.2</version>
207207
<scope>test</scope>
208208
</dependency>
209209
```
@@ -234,7 +234,7 @@ import com.sap.cloud.security.test.JwtGenerator;
234234
<dependency>
235235
<groupId>com.sap.cloud.security</groupId>
236236
<artifactId>spring-security-3</artifactId>
237-
<version>4.0.1</version>
237+
<version>4.0.2</version>
238238
</dependency>
239239
```
240240

@@ -272,7 +272,7 @@ The `token-client` module now uses Java 11 HttpClient by default - no additional
272272
<dependency>
273273
<groupId>com.sap.cloud.security.xsuaa</groupId>
274274
<artifactId>token-client</artifactId>
275-
<version>4.0.1</version>
275+
<version>4.0.2</version>
276276
</dependency>
277277
```
278278

@@ -326,7 +326,7 @@ If you use any of these classes, add the new dependency:
326326
<dependency>
327327
<groupId>com.sap.cloud.security.xsuaa</groupId>
328328
<artifactId>token-client-spring</artifactId>
329-
<version>4.0.1</version>
329+
<version>4.0.2</version>
330330
</dependency>
331331
```
332332

README.md

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -120,7 +120,7 @@ If your application uses Spring Boot 3.x and you cannot immediately upgrade to S
120120
<dependency>
121121
<groupId>com.sap.cloud.security</groupId>
122122
<artifactId>resourceserver-security-spring-boot-3-starter</artifactId>
123-
<version>4.0.1</version>
123+
<version>4.0.2</version>
124124
</dependency>
125125
```
126126

@@ -275,7 +275,7 @@ The SAP Cloud Security Services Integration is published to maven central: https
275275
<dependency>
276276
<groupId>com.sap.cloud.security</groupId>
277277
<artifactId>java-bom</artifactId>
278-
<version>4.0.1</version>
278+
<version>4.0.2</version>
279279
<scope>import</scope>
280280
<type>pom</type>
281281
</dependency>

bom/pom.xml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -8,7 +8,7 @@
88

99
<groupId>com.sap.cloud.security</groupId>
1010
<artifactId>java-bom</artifactId>
11-
<version>4.0.1</version>
11+
<version>4.0.2</version>
1212
<packaging>pom</packaging>
1313
<name>java-bom</name>
1414

env/pom.xml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -9,7 +9,7 @@
99
<parent>
1010
<groupId>com.sap.cloud.security.xsuaa</groupId>
1111
<artifactId>parent</artifactId>
12-
<version>4.0.1</version>
12+
<version>4.0.2</version>
1313
</parent>
1414

1515
<groupId>com.sap.cloud.security</groupId>

java-api/README.md

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -5,6 +5,6 @@
55
<dependency>
66
<groupId>com.sap.cloud.security</groupId>
77
<artifactId>java-api</artifactId>
8-
<version>4.0.1</version>
8+
<version>4.0.2</version>
99
</dependency>
1010
```

java-api/pom.xml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -9,7 +9,7 @@
99
<parent>
1010
<groupId>com.sap.cloud.security.xsuaa</groupId>
1111
<artifactId>parent</artifactId>
12-
<version>4.0.1</version>
12+
<version>4.0.2</version>
1313
</parent>
1414

1515
<groupId>com.sap.cloud.security</groupId>

java-security-test/README.md

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -40,7 +40,7 @@ It is pre-configured with a security filter that only accepts valid tokens. Furt
4040
<dependency>
4141
<groupId>com.sap.cloud.security</groupId>
4242
<artifactId>java-security-test</artifactId>
43-
<version>4.0.1</version>
43+
<version>4.0.2</version>
4444
<scope>test</scope>
4545
</dependency>
4646
```

java-security-test/pom.xml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -9,7 +9,7 @@
99
<parent>
1010
<groupId>com.sap.cloud.security.xsuaa</groupId>
1111
<artifactId>parent</artifactId>
12-
<version>4.0.1</version>
12+
<version>4.0.2</version>
1313
</parent>
1414

1515
<groupId>com.sap.cloud.security</groupId>

java-security/README.md

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -69,7 +69,7 @@ Since it requires the Tomcat 10 runtime, it needs to be deployed using the [SAP
6969
<dependency>
7070
<groupId>com.sap.cloud.security</groupId>
7171
<artifactId>java-security</artifactId>
72-
<version>4.0.1</version>
72+
<version>4.0.2</version>
7373
</dependency>
7474
<dependency>
7575
<groupId>org.apache.httpcomponents</groupId>

0 commit comments

Comments
 (0)