Spring Authorization Server 1.1 Migration Guide

This document is meant to help you migrate your application to Spring Authorization Server 1.1.

Before You Start

Upgrade to the Latest 1.0.x Version

Before you start the upgrade, make sure to upgrade to the latest available 1.0.x version. This will make sure that you are building against the most recent dependencies of that line.

Upgrade to Spring Authorization Server 1.1

RegisteredClient Enhancements

The new Set<String> postLogoutRedirectUris attribute was added to RegisteredClient to support the implementation of OpenID Connect RP-Initiated Logout 1.0, which was merged via gh-1068.

In addition to the postLogoutRedirectUris attribute, the post_logout_redirect_uris column was added to the oauth2_registered_client table definition in oauth2-registered-client-schema.sql.

CREATE TABLE oauth2_registered_client (
    id varchar(100) NOT NULL,
    client_id varchar(100) NOT NULL,
    client_id_issued_at timestamp DEFAULT CURRENT_TIMESTAMP NOT NULL,
    client_secret varchar(200) DEFAULT NULL,
    client_secret_expires_at timestamp DEFAULT NULL,
    client_name varchar(200) NOT NULL,
    client_authentication_methods varchar(1000) NOT NULL,
    authorization_grant_types varchar(1000) NOT NULL,
    redirect_uris varchar(1000) DEFAULT NULL,
    post_logout_redirect_uris varchar(1000) DEFAULT NULL,
    scopes varchar(1000) NOT NULL,
    client_settings varchar(2000) NOT NULL,
    token_settings varchar(2000) NOT NULL,
    PRIMARY KEY (id)
);

JdbcRegisteredClientRepository was also updated to support the new post_logout_redirect_uris column.

Important

If your application is currently using JdbcRegisteredClientRepository then you need to ensure the post_logout_redirect_uris column is added to the existing oauth2_registered_client table.

The following script MUST be applied to an existing oauth2_registered_client table to add the new column post_logout_redirect_uris:

ALTER TABLE oauth2_registered_client
ADD post_logout_redirect_uris varchar(1000) DEFAULT NULL