commons-auth

New version 4.4.1 published

• upgraded dependencies 2.7.18 and others
• added compatibility to 2.7 by added extra autoconfig-files

• added api/user/{usernameOrId} endpoint
• upgraded spring-boot version 2.5.9

• upgraded spring-boot 2.5.1 and other depth
• upgraded commons-rest 2.2.4
• changed nullable to javax + prepared open-api
• improved docs and prepared for opane-api documentation

• fixed OAuth refresh token
• fixed automatic refresh within AuthClientLoginRequestFactory
• upgraded spring-boot 2.3.8
• jpa added modelgen

• added password-reset option for admin
• extended /user/api see also swagger-doc

• fixed postmark autoconfiguration

• refactored Nullable replaced by javax.annotation.Nullable
• upgraded to commons-rest 2.1.0 moved HasFirstNameLastName + HasKeyValue
• upgraded guava 30.0-jre
• jpa breaking changes
  • renamed co_user_roles -> co_user_role
  • renamed co_user_keyvalue_pairs -> co_user_keyvalue
  • renamed co_invite_keyvalue_pairs -> co_invite_keyvalue

• correct key/value toLowerCase issues

• introduced API-Interfaces for Resources to allow internal call without http
• keyValue api-change
  • key is now more flexible "Allowed key chars are a-Z, 0-9 and _-.#"
  • no value length limit to allow flexible json-values (dto's have now some common jackson-readers)
  • key with # prefix will not be part within jwt-token (similar to _) but will get returned when fetching user-info (or /me endpoint)
• prefixed jpa entities/tables with co_
  • user -> co_user
  • user_roles -> co_user_roles
  • user_keyvalue_pairs -> co_user_keyvalue_pairs
  • you need to perform with manually before starting your application after upgrade!
• jpa: removed fetch.EAGER to improve performance when used entity as relations
• monitoring
  • merged events and added some new for impersonate, refresh + requestMe...
  • added ActiveUserStore to track current active users
• mailing
  • upgraded to new emai-template-builder with new theme of postmark
  • upgraded to new email-templates and improved configurations for logo
  • refactor: removed spring-boot-starter-mail + introduced EmailSender interface and refactored tests by this step
  • introduced extra module commons-auth-email-smtp to allow default config for spring-boot-starter-mail
  • added postmark sender als alternative to smtp version
• added EmailChangeEvent + UsernameChangeEvent
• fix: never set avatar to null when avatarService is active
• introduced JwtTokenStore-Interface to allow different implentation for refreshing accessToken (default http/optional internal service)
• refactored many services with some internal breaking changes
• upgraded spring-boot 2.3.4, guava 29.0, jjwt 0.11.2, passay 1.6.0 + commons-rest 2.0.5

• updated swagger doc
• added EmailChangeEvent + UsernameChangeEvent
• fixed AppInviteJpaEntity with fetch join of keyValues
• prepared for java 11

• monitoring
  • merged events and added some new for impersonate, refresh + requestMe...
  • added ActiveUserStore to track current active users
• mailing
  • upgraded to new emai-template-builder with new theme of postmark
  • upgraded to new email-templates and improved configurations for logo
  • refactor: removed spring-boot-starter-mail + introduced EmailSender interface and refactored tests by this step
  • introduced extra module commons-auth-email-smtp to allow default config for spring-boot-starter-mail
  • added postmark sender als alternative to smtp version
• jpa
  • removed fetch.EAGER to improve performance when used entity as relations
• fixes
  • never set avatar to null when avatarService is active

• prefixed jpa entities/tables with co_
  • user -> co_user
  • user_roles -> co_user_roles
  • user_keyvalue_pairs -> co_user_keyvalue_pairs
  • you need to perform with manually before starting your application after upgrade!
• fixed LoginApiService refreshing token returned wrong roles

• upgraded spring-boot 2.3.1, guava 29.0, jjwt 0.11.2, passay 1.6.0 + commons-rest 2.0.5
• refactored many services with some internal breaking changes
• introduced API-Interfaces for Resources to allow internal call without http
• introduced JwtTokenStore-Interface to allow different implentation for refreshing accessToken (default http/optional internal service)
• smaller fixes

• upgraded spring boot 2.2.6
• refactored SimpleMailContentConfig
  • renamed to DefaultMailContentConfig
  • added many protected methods to customize colors, text etc.

• lowered parameter from AppUserEntity to AppUserReference to get rid of security UserDetails within EmailService

• added option to login also via email-address

• fixed translation for valid username
• fixed forgotController optional else

• fixed invite email now with message of invitor
• added for background-compatibility the verificationUrl parameter to password-reset

• improved error handling for validations
  • initially password-errors had been mapped to field password but in some situations it's currentPassword, newPassword etc.
  • this behaviour has been improved and changed so that the error-fields fit to the posted object
• updated jjwt 0.11.1