Spring Security OAuth 1.0.0.RC2 released

[Dave Syer]

Hi,

#spring #security #oauth 1.0.0.RC2 is released today http://bit.ly/xfE5PM. Download via github or Maven (SpringSource milestone repository).

Highlights:

* Better error responses from the framework endpoints
* Fixed some issues with validation and enhancement of token contents

Enjoy!

Dave.

[thedug]

Is this the same project

http://mvnrepository.com/artifact/or...ity-oauth/3.19

Which version should I be using?
When will 1.0 be production ready?

[Dave Syer]

The codehaus project is a forerunner of this one (i.e. it's very old). 1.0.0 is pretty nearly ready. I know it's been a long time and that the milestones and realease candidiates are already in use in production environments - the main risk of using them is just that you have to make changes to your code when 1.0.0 is out.

[olivier.bazoud]

Dave, I don't find any RC2 tag in git repository.

[Dave Syer]

Should be there now.

[OhadR]

both oAuth1.0 and oAuth2.0 are included in this RC2?

[Dave Syer]

Yes. They are both in the same build from the root directory.

[OhadR]

Dave, It's about time that I upgrade my sources to use RC2a :-)
After changing the pom.xml to use RC2a instead of M6, I get errors (I was expecting that though).
some of them are easy to handle, but for example this one I cannot resolve; I get ClassNotFoundException on
org.springframework.security.oauth2.provider.filte r.ClientCredentialsTokenEndpointFilter. This class (filter) was in use in M6; I declared this bean in my beans.xml, and directed my custom-filter to its ref:
<http... <custom-filter ref=ClientCredentialsTokenEndpointFilter... > (as I saw in the tonr2 example ...)

what replaces it now in RC2a?

thanks

[OhadR]

2. In addition, under "client" bean (in the client-side) there is no "resource-details-service-ref" anymore. in the docs I can still see

The client element is used to configure the OAuth 2.0 client mechanism. The following attributes can be applied to the client element:

token-services-ref: The reference to the bean that stores tokens on behalf of a user. Default value is an instance of InMemoryOAuth2ClientTokenServices.
resource-details-service-ref: The reference to the bean that services the known resource details.

what comes instead (if any)?

thanks again (PS I'd love to help and update the docs once I have a working project)

[Dave Syer]

It's just in a different package (.client not .filter). Shouldn't be in tonr2 at all (it's a client app).