77.13.0

What's Changed

Fix

• fix: test bug (SamlLoginIT) by @peterhaochen47 in #2957
• fix: Integration test bootstrap fixed by @strehle in #2959
• fix Injection of 'aliasEntitiesEnabled' into IdentityProviderEndpoints by @adrianhoelzl-sap in
• fix documentation for OpenID connect clientJWT by @strehle in #2937
• fix Version Handling during Update of User with Alias by @adrianhoelzl-sap in #2944

Misc

• Add performance index for token resolution by @strehle in #2932
• Refactor: throw an exception if reference in uaa.yml is missing by @strehle in #2952
• Refactor: Load UserConfig as bean by @strehle in #2934

Dependency Bumps

• build(deps): bump org.sonarsource.scanner.gradle:sonarqube-gradle-plugin from 5.0.0.4638 to 5.1.0.4872 by @dependabot in #2946
• build(deps): bump org.sonarsource.scanner.gradle:sonarqube-gradle-plugin from 5.1.0.4872 to 5.1.0.4882 by @dependabot in #2947
• build(deps): bump versions.jacksonVersion from 2.17.1 to 2.17.2 by @dependabot in #2949
• build(deps): bump versions.tomcatCargoVersion from 9.0.90 to 9.0.91 by @dependabot in #2951
  #2943
• Bump Gradle to 8.9 by @strehle in #2953
• build(deps): bump org.apache.commons:commons-rng-core from 1.5 to 1.6 by @dependabot in #2956
• build(deps): bump org.apache.commons:commons-rng-simple from 1.5 to 1.6 by @dependabot in #2955
• build(deps): bump commons-codec:commons-codec from 1.17.0 to 1.17.1 by @dependabot in #2958

Full Changelog: v77.12.0...v77.13.0

77.12.0

What's Changed

Fix

• fix: Support authMethod=none in proxy password grant by @strehle in #2918
• fix: bearer token in oauth2 UserInfo flow by @strehle in #2924
• fix potential typo in OauthIDPWrapperFactoryBean.java by @adrianhoelzl-sap in #2940
• fix: publish an external group auth event only with registered IDPs by @mikeroda in #2941

Misc

• Reject IdZ deletion if an IdP with alias exists in the zone by @adrianhoelzl-sap in #2850
• Add postgresql 16 tests to github actions by @iprotsiuk in #2938
• Add 'identity_zone_id' column to indexes for 'alias_zid' by @adrianhoelzl-sap in #2942

Dependency Bumps

• build(deps): bump k8s.io/client-go from 0.30.1 to 0.30.2 in /k8s by @dependabot in #2929
• build(deps): bump versions.springFrameworkVersion from 5.3.36 to 5.3.37 by @dependabot in #2926
• build(deps): bump org.eclipse.jgit:org.eclipse.jgit from 6.9.0.202403050737-r to 6.10.0.202406032230-r by @dependabot in #2927
• build(deps): bump versions.springSecurityVersion from 5.8.12 to 5.8.13 by @dependabot in #2933
• renovate: : update dependency nokogiri to v1.16.6 by @strehle in #2931
• build(deps): bump versions.tomcatCargoVersion from 9.0.89 to 9.0.90 by @dependabot in #2935

New Contributors

• @iprotsiuk made their first contribution in #2938

Full Changelog: v77.11.0...v77.12.0

77.11.0

What's Changed

Fix

• fix issue #2917 by @strehle in #2923
• fix: generate email if it is the empty string on external login by @mikeroda in #2868
• fix: Zone creation fails when allow list does not contain all default groups by @adrianhoelzl-sap in #2870

Feature

• Support Alias feature in experimental mode
• Documentation for Alias Feature by @adrianhoelzl-sap in #2919
• Alias ID and Alias ZID for Users by @adrianhoelzl-sap in #2663
• Alias Handler for SCIM Users by @adrianhoelzl-sap in #2769
• feature: filter IdP retrival by @strehle in #2882
• Identity provider key caching behavior configurable by @strehle in #2920

Misc

• Add kill_uaa script before run and integrationTest tasks by @duanemay in #2903
• Sonar refactoring - IdentityProviderEndpoints class by @strehle in #2890
• IT for testing a fix of issue #2917 by @strehle in #2922

Dependency Bumps

• Update rexml to 3.2.7 by @strehle in #2902
• build(deps): bump com.nimbusds:nimbus-jose-jwt from 9.39.1 to 9.39.2 by @dependabot in #2905
• build(deps): bump com.nimbusds:nimbus-jose-jwt from 9.39.2 to 9.39.3 by @dependabot in #2909
• build(deps): bump org.owasp.esapi:esapi from 2.5.3.1 to 2.5.4.0 by @dependabot in #2906
• deps: update dependency org.hsqldb:hsqldb to v2.7.3 by @strehle in #2910
• Bump Gradle to 8.8 by @strehle in #2912
• build(deps): bump versions.guavaVersion from 33.2.0-jre to 33.2.1-jre by @dependabot in #2911
• build(deps): bump com.nimbusds:nimbus-jose-jwt from 9.39.3 to 9.40 by @dependabot in #2921

Full Changelog: v77.10.0...v77.11.0

77.10.0

What's Changed

Fix

• fix: allow to change or delete a relyingPartySecret on IdP by @strehle in #2896
• fix: always rotate refresh tokens for public clients by @mikeroda in #2846
• fix: /info docs test expectation by @peterhaochen47 in #2884

Misc

• Misc dev script improvements by @peterhaochen47 in #2876
• refactor: avoid indirect dep from EOL lib spring-security-saml2-core by @peterhaochen47 in #2879
• Sonar refactoring - AbstractUaaEvent class by @strehle in #2891

Dependency Bumps

• build(deps): bump com.nimbusds:nimbus-jose-jwt from 9.37.3 to 9.38 by @dependabot in #2877
• build(deps): bump com.nimbusds:nimbus-jose-jwt from 9.38 to 9.39 by @dependabot in #2881
• build(deps): bump nokogiri from 1.16.4 to 1.16.5 in /uaa/slate by @dependabot in #2886
• build(deps): bump k8s.io/client-go from 0.30.0 to 0.30.1 in /k8s by @dependabot in #2893
• build(deps): bump com.nimbusds:nimbus-jose-jwt from 9.39 to 9.39.1 by @dependabot in #2892
• build(deps): bump versions.springFrameworkVersion from 5.3.34 to 5.3.35 by @dependabot in #2897
• build(deps): bump versions.springFrameworkVersion from 5.3.35 to 5.3.36 by @dependabot in #2901

Full Changelog: v77.9.0...v77.10.0

77.9.0

What's Changed

• Move OAuth2 Core Server Classes to UAA namespace by @strehle in #2813
• test-refactoring: remove forked class in tests by @strehle in #2845
• build(deps): bump versions.guavaVersion from 33.1.0-jre to 33.2.0-jre by @dependabot in #2865
• build(deps): bump versions.jacksonVersion from 2.17.0 to 2.17.1 by @dependabot in #2869
• Refactoring: testable code in JdbcScimUserProvisioning by @strehle in #2863
• Refactoring: use namedJdbcTemplate bean instead of internal new object by @strehle in #2864
• Update tool chain by @strehle in #2873
• build(deps): bump versions.tomcatCargoVersion from 9.0.88 to 9.0.89 by @dependabot in #2872

Full Changelog: v77.8.0...v77.9.0

77.8.0

What's Changed

• build(deps): bump github.com/onsi/gomega from 1.33.0 to 1.33.1 in /k8s by @dependabot in #2858
• fix: MySQL Performance Issues in "/ids/Users" Endpoint by @adrianhoelzl-sap in #2859

Full Changelog: v77.7.0...v77.8.0

77.7.0

What's Changed

This release addresses a serious performance issue that can affect installations using a MySQL database for UAA and has a large number of users (10,000+).

Fix

• Fix: performance issue in MySQL -- revert #2704 by @bruce-ricard in #2857

Full Changelog: v77.6.0...v77.7.0

77.6.0

What's Changed

Security

• The bc-fips bump addresses CVE-2024-29857.

Fix

• fix: load static resources from default zone if zone not found by @tack-sap in #2828

Misc

• Remove direct usage of commons-httpclient 3.1 by @strehle in #2826
• Refactor tests for EntityAliasHandler.ensureConsistencyOfAliasEntity by @adrianhoelzl-sap in #2824

Dependency Bumps

• build(deps): bump versions.springSecurityVersion from 5.8.11 to 5.8.12 by @dependabot in #2829
• build(deps): bump versions.tomcatCargoVersion from 9.0.87 to 9.0.88 by @dependabot in #2832
• build(deps): bump k8s.io/client-go from 0.29.3 to 0.29.4 in /k8s by @dependabot in #2835
• build(deps): bump org.apache.commons:commons-text from 1.11.0 to 1.12.0 by @dependabot in #2833
• build(deps): bump k8s.io/client-go from 0.29.4 to 0.30.0 in /k8s by @dependabot in #2839
• build(deps): bump github.com/onsi/gomega from 1.32.0 to 1.33.0 in /k8s by @dependabot in #2842
• build(deps): bump org.gradle:test-retry-gradle-plugin from 1.5.8 to 1.5.9 by @dependabot in #2852
• build(deps): bump org.bouncycastle:bc-fips from 1.0.2.4 to 1.0.2.5 by @dependabot in #2853

Full Changelog: v77.5.0...v77.6.0

77.5.0

What's Changed

Security Fix

• Spring Framework update from 5.3.33 to 5.3.34 by @dependabot in #2822, solves https://spring.io/security/cve-2024-22262

Misc

• Fix flaky test in ScimUserEndpointsMockMvcTests by @adrianhoelzl-sap in #2804
• Further Integration Tests for Alias Identity Providers Feature by @adrianhoelzl-sap in #2722
• Set default SAML signatureAlgorithm value to SHA256 by @hsinn0 in #2807
• Misc API docs improvements by @peterhaochen47 in #2795
• fix: gradle test might give false green by @peterhaochen47 in #2801
• backfill tests: SAML SP metadata by @peterhaochen47 in #2794
• Prevent Update and Delete of Entities with Alias if Alias Feature is disabled by @adrianhoelzl-sap in #2803
• Sonar fix by @strehle in #2816
• Move OAuth2 classes BaseClientDetails to UaaClientDetails by @strehle in #2806

Dependency Bumps

• build(deps): bump commons-io:commons-io from 2.15.1 to 2.16.0 by @dependabot in #2811
• build(deps): bump commons-io:commons-io from 2.16.0 to 2.16.1 by @dependabot in #2819
• build(deps): bump versions.braveVersion from 6.0.2 to 6.0.3 by @dependabot in #2823
• update dependency nokogiri to v1.16.4 by @strehle in #2827

Full Changelog: v77.4.0...v77.5.0

77.4.0

What's Changed

• Add 'aliasId' and 'aliasZid' Fields to ScimUser by @adrianhoelzl-sap in #2765
• Cleanup from PR 2765 by @strehle in #2797
• Bump Gradle to 8.7 by @strehle in #2798
• Support own key and cert for jwtClientAuthentication by @strehle in #2771
• build(deps): bump org.sonarsource.scanner.gradle:sonarqube-gradle-plugin from 4.4.1.3373 to 5.0.0.4638 by @dependabot in #2800

Full Changelog: v77.3.0...v77.4.0