77.15.0

What's Changed

Fix

• Fix Alias Validation when no Identity Zone ID is set in the Request Body by @adrianhoelzl-sap in #2967
• fix: ErrorRoutingIT test by @peterhaochen47 in #2977
• Sonar fix by @strehle in #2954

Misc

• New: Return a sorted IdP list by @strehle in #2980
• clean-up: IdentityZone samlConfig properties for UAA-as-SAML-IdP feature by @hsinn0 in #2983
• Adjust Section about IdZ Deletion in Alias Documentation by @adrianhoelzl-sap in #2969
• Update UAA image reference in k8s deployment template to 77.14.0 by @coolgang123 in #2996
• Optional BC-FIPS upgrade to 2.0.0 by @strehle in #2987

Dependency Bumps

• build(deps): bump k8s.io/client-go from 0.30.2 to 0.30.3 in /k8s by @dependabot in #2964
• Dependabot fix for rexml by @strehle in #2968
• build(deps): bump jasmine-core from 5.1.2 to 5.2.0 in /uaa by @dependabot in #2975
• build(deps): bump jasmine from 5.1.0 to 5.2.0 in /uaa by @dependabot in #2974
• build(deps): bump github.com/onsi/gomega from 1.33.1 to 1.34.0 in /k8s by @dependabot in #2979
• build(deps): bump github.com/onsi/gomega from 1.34.0 to 1.34.1 in /k8s by @dependabot in #2984
• build(deps): bump versions.tomcatCargoVersion from 9.0.91 to 9.0.93 by @dependabot in #2992
• Revert "build(deps): bump versions.tomcatCargoVersion from 9.0.91 to 9.0.93" by @hsinn0 in #2997
• build(deps): bump org.hamcrest:hamcrest from 2.2 to 3.0 by @dependabot in #2990
• build(deps): bump rexml from 3.3.2 to 3.3.3 in /uaa/slate by @dependabot in #2991
• build(deps): bump org.apache.directory.api:api-ldap-model from 2.1.6 to 2.1.7 by @dependabot in #2995
• build(deps): bump k8s.io/client-go from 0.30.3 to 0.31.0 in /k8s by @dependabot in #3004
• build(deps): bump versions.springFrameworkVersion from 5.3.37 to 5.3.39 by @dependabot in #3005 , solve https://spring.io/security/cve-2024-38809

New Contributors

• @coolgang123 made their first contribution in #2996

Full Changelog: v77.14.0...v77.15.0

77.14.0

What's Changed

Fix

Regression in Release before, see #2963 , PR: Fix regression in identity-provider endpoint by @strehle in #2962

Misc

• Show error in IT by @strehle in #2960
• build(deps): bump org.gradle:test-retry-gradle-plugin from 1.5.9 to 1.5.10 by @dependabot in #2961

Full Changelog: v77.13.0...v77.14.0

77.13.0

What's Changed

Fix

• fix: test bug (SamlLoginIT) by @peterhaochen47 in #2957
• fix: Integration test bootstrap fixed by @strehle in #2959
• fix Injection of 'aliasEntitiesEnabled' into IdentityProviderEndpoints by @adrianhoelzl-sap in
• fix documentation for OpenID connect clientJWT by @strehle in #2937
• fix Version Handling during Update of User with Alias by @adrianhoelzl-sap in #2944

Misc

• Add performance index for token resolution by @strehle in #2932
• Refactor: throw an exception if reference in uaa.yml is missing by @strehle in #2952
• Refactor: Load UserConfig as bean by @strehle in #2934

Dependency Bumps

• build(deps): bump org.sonarsource.scanner.gradle:sonarqube-gradle-plugin from 5.0.0.4638 to 5.1.0.4872 by @dependabot in #2946
• build(deps): bump org.sonarsource.scanner.gradle:sonarqube-gradle-plugin from 5.1.0.4872 to 5.1.0.4882 by @dependabot in #2947
• build(deps): bump versions.jacksonVersion from 2.17.1 to 2.17.2 by @dependabot in #2949
• build(deps): bump versions.tomcatCargoVersion from 9.0.90 to 9.0.91 by @dependabot in #2951
  #2943
• Bump Gradle to 8.9 by @strehle in #2953
• build(deps): bump org.apache.commons:commons-rng-core from 1.5 to 1.6 by @dependabot in #2956
• build(deps): bump org.apache.commons:commons-rng-simple from 1.5 to 1.6 by @dependabot in #2955
• build(deps): bump commons-codec:commons-codec from 1.17.0 to 1.17.1 by @dependabot in #2958

Full Changelog: v77.12.0...v77.13.0

77.12.0

What's Changed

Fix

• fix: Support authMethod=none in proxy password grant by @strehle in #2918
• fix: bearer token in oauth2 UserInfo flow by @strehle in #2924
• fix potential typo in OauthIDPWrapperFactoryBean.java by @adrianhoelzl-sap in #2940
• fix: publish an external group auth event only with registered IDPs by @mikeroda in #2941

Misc

• Reject IdZ deletion if an IdP with alias exists in the zone by @adrianhoelzl-sap in #2850
• Add postgresql 16 tests to github actions by @iprotsiuk in #2938
• Add 'identity_zone_id' column to indexes for 'alias_zid' by @adrianhoelzl-sap in #2942

Dependency Bumps

• build(deps): bump k8s.io/client-go from 0.30.1 to 0.30.2 in /k8s by @dependabot in #2929
• build(deps): bump versions.springFrameworkVersion from 5.3.36 to 5.3.37 by @dependabot in #2926
• build(deps): bump org.eclipse.jgit:org.eclipse.jgit from 6.9.0.202403050737-r to 6.10.0.202406032230-r by @dependabot in #2927
• build(deps): bump versions.springSecurityVersion from 5.8.12 to 5.8.13 by @dependabot in #2933
• renovate: : update dependency nokogiri to v1.16.6 by @strehle in #2931
• build(deps): bump versions.tomcatCargoVersion from 9.0.89 to 9.0.90 by @dependabot in #2935

New Contributors

• @iprotsiuk made their first contribution in #2938

Full Changelog: v77.11.0...v77.12.0

77.11.0

What's Changed

Fix

• fix issue #2917 by @strehle in #2923
• fix: generate email if it is the empty string on external login by @mikeroda in #2868
• fix: Zone creation fails when allow list does not contain all default groups by @adrianhoelzl-sap in #2870

Feature

• Support Alias feature in experimental mode
• Documentation for Alias Feature by @adrianhoelzl-sap in #2919
• Alias ID and Alias ZID for Users by @adrianhoelzl-sap in #2663
• Alias Handler for SCIM Users by @adrianhoelzl-sap in #2769
• feature: filter IdP retrival by @strehle in #2882
• Identity provider key caching behavior configurable by @strehle in #2920

Misc

• Add kill_uaa script before run and integrationTest tasks by @duanemay in #2903
• Sonar refactoring - IdentityProviderEndpoints class by @strehle in #2890
• IT for testing a fix of issue #2917 by @strehle in #2922

Dependency Bumps

• Update rexml to 3.2.7 by @strehle in #2902
• build(deps): bump com.nimbusds:nimbus-jose-jwt from 9.39.1 to 9.39.2 by @dependabot in #2905
• build(deps): bump com.nimbusds:nimbus-jose-jwt from 9.39.2 to 9.39.3 by @dependabot in #2909
• build(deps): bump org.owasp.esapi:esapi from 2.5.3.1 to 2.5.4.0 by @dependabot in #2906
• deps: update dependency org.hsqldb:hsqldb to v2.7.3 by @strehle in #2910
• Bump Gradle to 8.8 by @strehle in #2912
• build(deps): bump versions.guavaVersion from 33.2.0-jre to 33.2.1-jre by @dependabot in #2911
• build(deps): bump com.nimbusds:nimbus-jose-jwt from 9.39.3 to 9.40 by @dependabot in #2921

Full Changelog: v77.10.0...v77.11.0

77.10.0

What's Changed

Fix

• fix: allow to change or delete a relyingPartySecret on IdP by @strehle in #2896
• fix: always rotate refresh tokens for public clients by @mikeroda in #2846
• fix: /info docs test expectation by @peterhaochen47 in #2884

Misc

• Misc dev script improvements by @peterhaochen47 in #2876
• refactor: avoid indirect dep from EOL lib spring-security-saml2-core by @peterhaochen47 in #2879
• Sonar refactoring - AbstractUaaEvent class by @strehle in #2891

Dependency Bumps

• build(deps): bump com.nimbusds:nimbus-jose-jwt from 9.37.3 to 9.38 by @dependabot in #2877
• build(deps): bump com.nimbusds:nimbus-jose-jwt from 9.38 to 9.39 by @dependabot in #2881
• build(deps): bump nokogiri from 1.16.4 to 1.16.5 in /uaa/slate by @dependabot in #2886
• build(deps): bump k8s.io/client-go from 0.30.0 to 0.30.1 in /k8s by @dependabot in #2893
• build(deps): bump com.nimbusds:nimbus-jose-jwt from 9.39 to 9.39.1 by @dependabot in #2892
• build(deps): bump versions.springFrameworkVersion from 5.3.34 to 5.3.35 by @dependabot in #2897
• build(deps): bump versions.springFrameworkVersion from 5.3.35 to 5.3.36 by @dependabot in #2901

Full Changelog: v77.9.0...v77.10.0

77.9.0

What's Changed

• Move OAuth2 Core Server Classes to UAA namespace by @strehle in #2813
• test-refactoring: remove forked class in tests by @strehle in #2845
• build(deps): bump versions.guavaVersion from 33.1.0-jre to 33.2.0-jre by @dependabot in #2865
• build(deps): bump versions.jacksonVersion from 2.17.0 to 2.17.1 by @dependabot in #2869
• Refactoring: testable code in JdbcScimUserProvisioning by @strehle in #2863
• Refactoring: use namedJdbcTemplate bean instead of internal new object by @strehle in #2864
• Update tool chain by @strehle in #2873
• build(deps): bump versions.tomcatCargoVersion from 9.0.88 to 9.0.89 by @dependabot in #2872

Full Changelog: v77.8.0...v77.9.0

77.8.0

What's Changed

• build(deps): bump github.com/onsi/gomega from 1.33.0 to 1.33.1 in /k8s by @dependabot in #2858
• fix: MySQL Performance Issues in "/ids/Users" Endpoint by @adrianhoelzl-sap in #2859

Full Changelog: v77.7.0...v77.8.0

77.7.0

What's Changed

This release addresses a serious performance issue that can affect installations using a MySQL database for UAA and has a large number of users (10,000+).

Fix

• Fix: performance issue in MySQL -- revert #2704 by @bruce-ricard in #2857

Full Changelog: v77.6.0...v77.7.0

77.6.0

What's Changed

Security

• The bc-fips bump addresses CVE-2024-29857.

Fix

• fix: load static resources from default zone if zone not found by @tack-sap in #2828

Misc

• Remove direct usage of commons-httpclient 3.1 by @strehle in #2826
• Refactor tests for EntityAliasHandler.ensureConsistencyOfAliasEntity by @adrianhoelzl-sap in #2824

Dependency Bumps

• build(deps): bump versions.springSecurityVersion from 5.8.11 to 5.8.12 by @dependabot in #2829
• build(deps): bump versions.tomcatCargoVersion from 9.0.87 to 9.0.88 by @dependabot in #2832
• build(deps): bump k8s.io/client-go from 0.29.3 to 0.29.4 in /k8s by @dependabot in #2835
• build(deps): bump org.apache.commons:commons-text from 1.11.0 to 1.12.0 by @dependabot in #2833
• build(deps): bump k8s.io/client-go from 0.29.4 to 0.30.0 in /k8s by @dependabot in #2839
• build(deps): bump github.com/onsi/gomega from 1.32.0 to 1.33.0 in /k8s by @dependabot in #2842
• build(deps): bump org.gradle:test-retry-gradle-plugin from 1.5.8 to 1.5.9 by @dependabot in #2852
• build(deps): bump org.bouncycastle:bc-fips from 1.0.2.4 to 1.0.2.5 by @dependabot in #2853

Full Changelog: v77.5.0...v77.6.0