1.5.14
1.5.14 (2018-05-19)
Closed issues:
- update client.yml and secret.yml in other modules #211
- Rename resources module to resource for consistency #209
- update client module to support refresh token flow for light-spa-4j #208
- update verifyJwt with ignoreExpiry flag #207
- add default method setExchangeStatus into MiddlewareHandler #206
- move auth and csrf to light-spa-4j repository #205
- add error code for light-spa-4j stateless-token handler #204
- switch StatelessAuthHandler to middleware handler #203
- add stateless auth and csrf handlers for SPA application #201
- pass csrf token in oauth token request #200
- add status code for light-proxy tableau authentication handler #199
- move password in jwt.yml to secret.yml #198
- share the connections to consul in ConsulClientImpl #196
Merged pull requests:
Upgrade Guidelines
There is no API change for this release; however, the following three config files have been updated:
- Add refresh token client secret in secret.yml
# Fresh token client secret for OAuth2 server
refreshTokenClientSecret: f6h1FTI8Q3-7UScPZDzfXA
- Remove oauthHttp2Support from security.yml to client.yml
# If OAuth2 provider support http2 protocol. If using light-oauth2, set this to true.
oauthHttp2Support: true
- Add enableHttp2 and refresh token section in client.yml
# set to true if the oauth2 provider supports HTTP/2
enableHttp2: true
refresh_token:
# token endpoint for refresh token grant
uri: "/oauth2/token"
# client_id for refresh token grant flow. client_secret is in secret.yml
client_id: f7d42348-c647-4efb-a52d-4c5787421e72
# optional scope, default scope in the client registration will be used if not defined.
scope:
- petstore.r
- petstore.w
For details, please refer to https://github.com/networknt/light-4j/blob/master/client/src/main/resources/config/client.yml