Bump version to 2.17.2 (#1378)

--------- Signed-off-by: Līga <72249435+liga-oz@users.noreply.github.com> Co-authored-by: Līga <72249435+liga-oz@users.noreply.github.com>
SAP · Dec 5, 2023 · 2231b76 · 2231b76
1 parent 6c27b7b
commit 2231b76
Show file tree

Hide file tree

Showing 37 changed files with 58 additions and 50 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,6 +1,14 @@
 # Change Log
 All notable changes to this project will be documented in this file.
 
+## 2.17.2
+✅ Resolves a Breaking Change introduced in version 2.17.0. Consumers should be able to update to 2.17.2 from a version <= 2.16.0 without having to adjust test credentials used in their unit tests when using `java-security-test` or `spring-xsuaa-mock`.
+
+In version 2.17.2, when `java-security-test` or `spring-xsuaa-mock` are loaded (which should only occur during testing), credentials with `localhost` as the `uaadomain` (XSUAA) or trusted `domains` (IAS) can be used to validate tokens that include a port for `localhost` in their `jku` (XSUAA) or `issuer` (IAS). It's important to note that token validation is less strict in this case and may accept certain edge cases of malicious tokens that would not be accepted in a production environment.
+
+#### Dependency upgrades
+- Bump logback-core, logback-classic from 1.2.12 to 1.2.13
+
 ## 2.17.1
 #### Dependency upgrades
 - Bump spring.boot.version from 2.7.17 to 2.7.18

diff --git a/api/README.md b/api/README.md
@@ -5,6 +5,6 @@
 <dependency>
     <groupId>com.sap.cloud.security.xsuaa</groupId>
     <artifactId>api</artifactId>
-    <version>2.17.1</version>
+    <version>2.17.2</version>
 </dependency>
 ```
diff --git a/api/pom.xml b/api/pom.xml
@@ -11,7 +11,7 @@
 	<parent>
 		<groupId>com.sap.cloud.security.xsuaa</groupId>
 		<artifactId>parent</artifactId>
-		<version>2.17.1</version>
+		<version>2.17.2</version>
 	</parent>
 
 	<packaging>jar</packaging>

diff --git a/bom/pom.xml b/bom/pom.xml
@@ -8,7 +8,7 @@
 
     <groupId>com.sap.cloud.security</groupId>
     <artifactId>java-bom</artifactId>
-    <version>2.17.1</version>
+    <version>2.17.2</version>
     <packaging>pom</packaging>
     <name>java-bom</name>
 

diff --git a/env/pom.xml b/env/pom.xml
@@ -9,7 +9,7 @@
     <parent>
         <groupId>com.sap.cloud.security.xsuaa</groupId>
         <artifactId>parent</artifactId>
-        <version>2.17.1</version>
+        <version>2.17.2</version>
     </parent>
 
     <groupId>com.sap.cloud.security</groupId>

diff --git a/java-api/README.md b/java-api/README.md
@@ -5,6 +5,6 @@
 <dependency>
     <groupId>com.sap.cloud.security</groupId>
     <artifactId>java-api</artifactId>
-    <version>2.17.1</version>
+    <version>2.17.2</version>
 </dependency>
 ```
diff --git a/java-api/pom.xml b/java-api/pom.xml
@@ -9,7 +9,7 @@
 	<parent>
 		<groupId>com.sap.cloud.security.xsuaa</groupId>
 		<artifactId>parent</artifactId>
-		<version>2.17.1</version>
+		<version>2.17.2</version>
 	</parent>
 
 	<groupId>com.sap.cloud.security</groupId>

diff --git a/java-security-it/pom.xml b/java-security-it/pom.xml
@@ -9,7 +9,7 @@
     <parent>
         <artifactId>parent</artifactId>
         <groupId>com.sap.cloud.security.xsuaa</groupId>
-        <version>2.17.1</version>
+        <version>2.17.2</version>
     </parent>
 
     <artifactId>java-security-it</artifactId>

diff --git a/java-security-test/README.md b/java-security-test/README.md
@@ -22,7 +22,7 @@ It includes for example a `JwtGenerator` that generates JSON Web Tokens (JWT) th
 <dependency>
     <groupId>com.sap.cloud.security</groupId>
     <artifactId>java-security-test</artifactId>
-    <version>2.17.1</version>
+    <version>2.17.2</version>
     <scope>test</scope>
 </dependency>
 ```

diff --git a/java-security-test/pom.xml b/java-security-test/pom.xml
@@ -9,7 +9,7 @@
 	<parent>
 		<groupId>com.sap.cloud.security.xsuaa</groupId>
 		<artifactId>parent</artifactId>
-		<version>2.17.1</version>
+		<version>2.17.2</version>
 	</parent>
 
 	<groupId>com.sap.cloud.security</groupId>

diff --git a/java-security/Migration_SpringSecurityProjects.md b/java-security/Migration_SpringSecurityProjects.md
@@ -37,19 +37,19 @@ First make sure you have the following dependencies defined in your pom.xml:
 <dependency>
   <groupId>com.sap.cloud.security.xsuaa</groupId>
   <artifactId>api</artifactId>
-  <version>2.17.1</version>
+  <version>2.17.2</version>
 </dependency>
 <dependency>
   <groupId>com.sap.cloud.security</groupId>
   <artifactId>java-security</artifactId>
-  <version>2.17.1</version>
+  <version>2.17.2</version>
 </dependency>
 
 <!-- new java-security dependencies for unit tests -->
 <dependency>
   <groupId>com.sap.cloud.security</groupId>
   <artifactId>java-security-test</artifactId>
-  <version>2.17.1</version>
+  <version>2.17.2</version>
   <scope>test</scope>
 </dependency>
 ```

diff --git a/java-security/README.md b/java-security/README.md
@@ -47,7 +47,7 @@ In case of XSUAA does the JWT provide a valid `jku` token header parameter that
 <dependency>
     <groupId>com.sap.cloud.security</groupId>
     <artifactId>java-security</artifactId>
-    <version>2.17.1</version>
+    <version>2.17.2</version>
 </dependency>
 <dependency>
     <groupId>org.apache.httpcomponents</groupId>

diff --git a/java-security/pom.xml b/java-security/pom.xml
@@ -9,7 +9,7 @@
 	<parent>
 		<groupId>com.sap.cloud.security.xsuaa</groupId>
 		<artifactId>parent</artifactId>
-		<version>2.17.1</version>
+		<version>2.17.2</version>
 	</parent>
 
 	<groupId>com.sap.cloud.security</groupId>

diff --git a/pom.xml b/pom.xml
@@ -7,7 +7,7 @@
 
 	<groupId>com.sap.cloud.security.xsuaa</groupId>
 	<artifactId>parent</artifactId>
-	<version>2.17.1</version>
+	<version>2.17.2</version>
 	<packaging>pom</packaging>
 
 	<name>parent</name>

diff --git a/samples/java-security-usage-ias/pom.xml b/samples/java-security-usage-ias/pom.xml
@@ -6,7 +6,7 @@
     <modelVersion>4.0.0</modelVersion>
     <groupId>com.sap.cloud.security.xssec.samples</groupId>
     <artifactId>java-security-usage-ias</artifactId>
-    <version>2.17.1</version>
+    <version>2.17.2</version>
     <packaging>war</packaging>
 
     <!--profiles>
@@ -27,7 +27,7 @@
     <properties>
         <maven.compiler.source>1.8</maven.compiler.source>
         <maven.compiler.target>1.8</maven.compiler.target>
-        <sap.cloud.security.version>2.17.1</sap.cloud.security.version>
+        <sap.cloud.security.version>2.17.2</sap.cloud.security.version>
         <slf4j.api.version>2.0.5</slf4j.api.version>
         <apache.httpclient.version>4.5.14</apache.httpclient.version>
         <javax.servlet.api.version>4.0.1</javax.servlet.api.version>

diff --git a/samples/java-security-usage/pom.xml b/samples/java-security-usage/pom.xml
@@ -6,7 +6,7 @@
     <modelVersion>4.0.0</modelVersion>
     <groupId>com.sap.cloud.security.xssec.samples</groupId>
     <artifactId>java-security-usage</artifactId>
-    <version>2.17.1</version>
+    <version>2.17.2</version>
     <packaging>war</packaging>
 
     <!--profiles>
@@ -27,7 +27,7 @@
     <properties>
         <maven.compiler.source>1.8</maven.compiler.source>
         <maven.compiler.target>1.8</maven.compiler.target>
-        <sap.cloud.security.version>2.17.1</sap.cloud.security.version>
+        <sap.cloud.security.version>2.17.2</sap.cloud.security.version>
         <slf4j.api.version>2.0.5</slf4j.api.version>
         <apache.httpclient.version>4.5.14</apache.httpclient.version>
         <javax.servlet.api.version>4.0.1</javax.servlet.api.version>

diff --git a/samples/java-tokenclient-usage/pom.xml b/samples/java-tokenclient-usage/pom.xml
@@ -6,13 +6,13 @@
     <modelVersion>4.0.0</modelVersion>
     <groupId>com.sap.cloud.security.xssec.samples</groupId>
     <artifactId>java-tokenclient-usage</artifactId>
-    <version>2.17.1</version>
+    <version>2.17.2</version>
     <packaging>war</packaging>
 
     <properties>
         <maven.compiler.source>1.8</maven.compiler.source>
         <maven.compiler.target>1.8</maven.compiler.target>
-        <sap.cloud.security.version>2.17.1</sap.cloud.security.version>
+        <sap.cloud.security.version>2.17.2</sap.cloud.security.version>
         <apache.httpclient.version>4.5.14</apache.httpclient.version>
         <javax.servlet.api.version>4.0.1</javax.servlet.api.version>
         <slf4j.api.version>2.0.5</slf4j.api.version>

diff --git a/samples/sap-java-buildpack-api-usage/pom.xml b/samples/sap-java-buildpack-api-usage/pom.xml
@@ -6,7 +6,7 @@
 	<modelVersion>4.0.0</modelVersion>
 	<groupId>com.sap.cloud.security.xssec.samples</groupId>
 	<artifactId>sap-java-buildpack-api-usage</artifactId>
-	<version>2.17.1</version>
+	<version>2.17.2</version>
 	<packaging>war</packaging>
 
 	<properties>

diff --git a/samples/spring-security-basic-auth/pom.xml b/samples/spring-security-basic-auth/pom.xml
@@ -13,14 +13,14 @@
 	</parent>
 
 	<artifactId>spring-security-basic-auth</artifactId>
-	<version>2.17.1</version>
+	<version>2.17.2</version>
 	<name>spring-security-basic-auth</name>
 
 	<properties>
 		<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
 		<project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>
 		<java.version>1.8</java.version>
-		<sap.cloud.security.version>2.17.1</sap.cloud.security.version>
+		<sap.cloud.security.version>2.17.2</sap.cloud.security.version>
 		<apache.httpclient.version>4.5.14</apache.httpclient.version>
 	</properties>
 

diff --git a/samples/spring-security-hybrid-usage/pom.xml b/samples/spring-security-hybrid-usage/pom.xml
@@ -16,7 +16,7 @@
 
 	<groupId>com.sap.cloud.security.samples</groupId>
 	<artifactId>spring-security-hybrid-usage</artifactId>
-	<version>2.17.1</version>
+	<version>2.17.2</version>
 
 	<properties>
 		<!-- 
@@ -28,7 +28,7 @@
 		<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
 		<project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>
 		<java.version>1.8</java.version>
-		<sap.cloud.security.version>2.17.1</sap.cloud.security.version>
+		<sap.cloud.security.version>2.17.2</sap.cloud.security.version>
 		<apache.httpclient.version>4.5.14</apache.httpclient.version>
 	</properties>
 
@@ -50,7 +50,7 @@
 		<dependency>
 			<groupId>com.sap.cloud.security.xsuaa</groupId>
 			<artifactId>spring-security-compatibility</artifactId>
-			<version>2.17.1</version>
+			<version>2.17.2</version>
 		</dependency>
 		<dependency>
 			<groupId>org.apache.httpcomponents</groupId>

diff --git a/samples/spring-security-xsuaa-usage/pom.xml b/samples/spring-security-xsuaa-usage/pom.xml
@@ -16,7 +16,7 @@
 
 	<groupId>com.sap.cloud.security.samples</groupId>
 	<artifactId>spring-security-xsuaa-usage</artifactId>
-	<version>2.17.1</version>
+	<version>2.17.2</version>
 	<name>spring-security-xsuaa-usage</name>
 
 	<properties>
@@ -29,7 +29,7 @@
 		<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
 		<project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>
 		<java.version>1.8</java.version>
-		<sap.cloud.security.version>2.17.1</sap.cloud.security.version>
+		<sap.cloud.security.version>2.17.2</sap.cloud.security.version>
 		<apache.httpclient.version>4.5.14</apache.httpclient.version>
 	</properties>
 

diff --git a/samples/spring-webflux-security-xsuaa-usage/pom.xml b/samples/spring-webflux-security-xsuaa-usage/pom.xml
@@ -14,12 +14,12 @@
 
     <groupId>com.sap.cloud.security.samples</groupId>
     <artifactId>spring-webflux-security-xsuaa-usage</artifactId>
-    <version>2.17.1</version>
+    <version>2.17.2</version>
     <name>spring-webflux-security-xsuaa-usage</name>
 
     <properties>
         <java.version>1.8</java.version>
-        <sap.cloud.security.version>2.17.1</sap.cloud.security.version>
+        <sap.cloud.security.version>2.17.2</sap.cloud.security.version>
     </properties>
 
     <dependencies>

diff --git a/spring-security-compatibility/pom.xml b/spring-security-compatibility/pom.xml
@@ -9,7 +9,7 @@
     <parent>
         <groupId>com.sap.cloud.security.xsuaa</groupId>
         <artifactId>parent</artifactId>
-        <version>2.17.1</version>
+        <version>2.17.2</version>
     </parent>
 
     <groupId>com.sap.cloud.security.xsuaa</groupId>

diff --git a/spring-security-starter/pom.xml b/spring-security-starter/pom.xml
@@ -16,7 +16,7 @@
 	<parent>
 		<groupId>com.sap.cloud.security.xsuaa</groupId>
 		<artifactId>parent</artifactId>
-		<version>2.17.1</version>
+		<version>2.17.2</version>
 	</parent>
 
 	<groupId>com.sap.cloud.security</groupId>

diff --git a/spring-security/Migration_SpringXsuaaProjects.md b/spring-security/Migration_SpringXsuaaProjects.md
@@ -157,7 +157,7 @@ It is provided in an extra module. This maven dependency needs to be provided ad
 <dependency>
     <groupId>com.sap.cloud.security.xsuaa</groupId>
     <artifactId>spring-security-compatibility</artifactId>
-    <version>2.17.1</version>
+    <version>2.17.2</version>
 </dependency>
 ```
 

diff --git a/spring-security/README.md b/spring-security/README.md
@@ -51,7 +51,7 @@ These (spring) dependencies needs to be provided:
 <dependency>
     <groupId>com.sap.cloud.security</groupId>
     <artifactId>resourceserver-security-spring-boot-starter</artifactId>
-    <version>2.17.1</version>
+    <version>2.17.2</version>
 </dependency>
 <dependency>
     <groupId>org.apache.httpcomponents</groupId>

diff --git a/spring-security/pom.xml b/spring-security/pom.xml
@@ -9,13 +9,13 @@
 	<parent>
 		<groupId>com.sap.cloud.security.xsuaa</groupId>
 		<artifactId>parent</artifactId>
-		<version>2.17.1</version>
+		<version>2.17.2</version>
 	</parent>
 
 	<groupId>com.sap.cloud.security</groupId>
 	<artifactId>spring-security</artifactId>
 	<packaging>jar</packaging>
-	<version>2.17.1</version>
+	<version>2.17.2</version>
 
 	<dependencies>
 		<dependency>

diff --git a/spring-xsuaa-it/pom.xml b/spring-xsuaa-it/pom.xml
@@ -8,7 +8,7 @@
 	<parent>
 		<groupId>com.sap.cloud.security.xsuaa</groupId>
 		<artifactId>parent</artifactId>
-		<version>2.17.1</version>
+		<version>2.17.2</version>
 	</parent>
 
 	<artifactId>spring-xsuaa-it</artifactId>

diff --git a/spring-xsuaa-mock/README.md b/spring-xsuaa-mock/README.md
@@ -21,7 +21,7 @@ The default implementation offers already valid *token_keys* for JWT tokens, tha
 <dependency>
     <groupId>com.sap.cloud.security.xsuaa</groupId>
     <artifactId>spring-xsuaa-mock</artifactId>
-    <version>2.17.1</version>
+    <version>2.17.2</version>
 </dependency>
 <dependency> <!-- new with version 1.5.0 - provided with org.springframework.boot:spring-boot-starter:jar -->
     <groupId>org.springframework.boot</groupId>

diff --git a/spring-xsuaa-mock/pom.xml b/spring-xsuaa-mock/pom.xml
@@ -9,7 +9,7 @@
 	<parent>
 		<groupId>com.sap.cloud.security.xsuaa</groupId>
 		<artifactId>parent</artifactId>
-		<version>2.17.1</version>
+		<version>2.17.2</version>
 	</parent>
 
 	<artifactId>spring-xsuaa-mock</artifactId>

diff --git a/spring-xsuaa-starter/pom.xml b/spring-xsuaa-starter/pom.xml
@@ -16,7 +16,7 @@
 	<parent>
 		<groupId>com.sap.cloud.security.xsuaa</groupId>
 		<artifactId>parent</artifactId>
-		<version>2.17.1</version>
+		<version>2.17.2</version>
 	</parent>
 
 	<artifactId>xsuaa-spring-boot-starter</artifactId>

diff --git a/spring-xsuaa-test/README.md b/spring-xsuaa-test/README.md
@@ -31,7 +31,7 @@ This includes for example a `JwtGenerator` that generates JSON Web Tokens (JWT)
 <dependency>
     <groupId>com.sap.cloud.security.xsuaa</groupId>
     <artifactId>spring-xsuaa-test</artifactId>
-    <version>2.17.1</version>
+    <version>2.17.2</version>
     <scope>test</scope>
 </dependency>
 

diff --git a/spring-xsuaa-test/pom.xml b/spring-xsuaa-test/pom.xml
@@ -9,7 +9,7 @@
 	<parent>
 		<groupId>com.sap.cloud.security.xsuaa</groupId>
 		<artifactId>parent</artifactId>
-		<version>2.17.1</version>
+		<version>2.17.2</version>
 	</parent>
 
 	<artifactId>spring-xsuaa-test</artifactId>