diff --git a/CHANGELOG.md b/CHANGELOG.md
index 82c460dbf..cadb6d41b 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,6 +1,14 @@
# Change Log
All notable changes to this project will be documented in this file.
+## 2.17.2
+✅ Resolves a Breaking Change introduced in version 2.17.0. Consumers should be able to update to 2.17.2 from a version <= 2.16.0 without having to adjust test credentials used in their unit tests when using `java-security-test` or `spring-xsuaa-mock`.
+
+In version 2.17.2, when `java-security-test` or `spring-xsuaa-mock` are loaded (which should only occur during testing), credentials with `localhost` as the `uaadomain` (XSUAA) or trusted `domains` (IAS) can be used to validate tokens that include a port for `localhost` in their `jku` (XSUAA) or `issuer` (IAS). It's important to note that token validation is less strict in this case and may accept certain edge cases of malicious tokens that would not be accepted in a production environment.
+
+#### Dependency upgrades
+- Bump logback-core, logback-classic from 1.2.12 to 1.2.13
+
## 2.17.1
#### Dependency upgrades
- Bump spring.boot.version from 2.7.17 to 2.7.18
diff --git a/api/README.md b/api/README.md
index d6cb60839..594196c0e 100644
--- a/api/README.md
+++ b/api/README.md
@@ -5,6 +5,6 @@
com.sap.cloud.security.xsuaa
api
- 2.17.1
+ 2.17.2
```
diff --git a/api/pom.xml b/api/pom.xml
index 7c0de2667..b4c9550b6 100644
--- a/api/pom.xml
+++ b/api/pom.xml
@@ -11,7 +11,7 @@
com.sap.cloud.security.xsuaa
parent
- 2.17.1
+ 2.17.2
jar
diff --git a/bom/pom.xml b/bom/pom.xml
index a9cb3b3fe..ae96ee5de 100644
--- a/bom/pom.xml
+++ b/bom/pom.xml
@@ -8,7 +8,7 @@
com.sap.cloud.security
java-bom
- 2.17.1
+ 2.17.2
pom
java-bom
diff --git a/env/pom.xml b/env/pom.xml
index 6eab9c35b..91318a859 100644
--- a/env/pom.xml
+++ b/env/pom.xml
@@ -9,7 +9,7 @@
com.sap.cloud.security.xsuaa
parent
- 2.17.1
+ 2.17.2
com.sap.cloud.security
diff --git a/java-api/README.md b/java-api/README.md
index b33257c2f..80c6b5217 100644
--- a/java-api/README.md
+++ b/java-api/README.md
@@ -5,6 +5,6 @@
com.sap.cloud.security
java-api
- 2.17.1
+ 2.17.2
```
diff --git a/java-api/pom.xml b/java-api/pom.xml
index 297cab15c..593459995 100644
--- a/java-api/pom.xml
+++ b/java-api/pom.xml
@@ -9,7 +9,7 @@
com.sap.cloud.security.xsuaa
parent
- 2.17.1
+ 2.17.2
com.sap.cloud.security
diff --git a/java-api/src/main/java/com/sap/cloud/security/token/XsuaaJkuFactory.java b/java-api/src/main/java/com/sap/cloud/security/token/XsuaaJkuFactory.java
new file mode 100644
index 000000000..61c9fee06
--- /dev/null
+++ b/java-api/src/main/java/com/sap/cloud/security/token/XsuaaJkuFactory.java
@@ -0,0 +1,5 @@
+package com.sap.cloud.security.token;
+
+public interface XsuaaJkuFactory {
+ String create(String token);
+}
diff --git a/java-security-it/pom.xml b/java-security-it/pom.xml
index 7b9ed6d8d..9e801c43f 100644
--- a/java-security-it/pom.xml
+++ b/java-security-it/pom.xml
@@ -9,7 +9,7 @@
parent
com.sap.cloud.security.xsuaa
- 2.17.1
+ 2.17.2
java-security-it
diff --git a/java-security-test/README.md b/java-security-test/README.md
index 8c0ee7d79..3cd2896c9 100644
--- a/java-security-test/README.md
+++ b/java-security-test/README.md
@@ -22,7 +22,7 @@ It includes for example a `JwtGenerator` that generates JSON Web Tokens (JWT) th
com.sap.cloud.security
java-security-test
- 2.17.1
+ 2.17.2
test
```
diff --git a/java-security-test/pom.xml b/java-security-test/pom.xml
index 7bc992b1e..e7aff0607 100644
--- a/java-security-test/pom.xml
+++ b/java-security-test/pom.xml
@@ -9,7 +9,7 @@
com.sap.cloud.security.xsuaa
parent
- 2.17.1
+ 2.17.2
com.sap.cloud.security
diff --git a/java-security-test/src/main/java/com/sap/cloud/security/test/ApplicationServerOptions.java b/java-security-test/src/main/java/com/sap/cloud/security/test/ApplicationServerOptions.java
index b9996d3ae..30630b6bb 100644
--- a/java-security-test/src/main/java/com/sap/cloud/security/test/ApplicationServerOptions.java
+++ b/java-security-test/src/main/java/com/sap/cloud/security/test/ApplicationServerOptions.java
@@ -69,8 +69,8 @@ public static ApplicationServerOptions forService(Service service, int jwksPort)
instance = new ApplicationServerOptions(new IasTokenAuthenticator()
.withServiceConfiguration(OAuth2ServiceConfigurationBuilder.forService(Service.IAS)
.withClientId(SecurityTestRule.DEFAULT_CLIENT_ID)
- .withUrl("http://localhost")
- .withDomains("localhost")
+ .withUrl(String.format("http://localhost:%d", jwksPort))
+ .withDomains(String.format("localhost:%d", jwksPort))
.build()));
break;
default:
diff --git a/java-security/Migration_SpringSecurityProjects.md b/java-security/Migration_SpringSecurityProjects.md
index 5f46d183b..21980db32 100644
--- a/java-security/Migration_SpringSecurityProjects.md
+++ b/java-security/Migration_SpringSecurityProjects.md
@@ -37,19 +37,19 @@ First make sure you have the following dependencies defined in your pom.xml:
com.sap.cloud.security.xsuaa
api
- 2.17.1
+ 2.17.2
com.sap.cloud.security
java-security
- 2.17.1
+ 2.17.2
com.sap.cloud.security
java-security-test
- 2.17.1
+ 2.17.2
test
```
diff --git a/java-security/README.md b/java-security/README.md
index 4b194f219..fa4719c77 100644
--- a/java-security/README.md
+++ b/java-security/README.md
@@ -47,7 +47,7 @@ In case of XSUAA does the JWT provide a valid `jku` token header parameter that
com.sap.cloud.security
java-security
- 2.17.1
+ 2.17.2
org.apache.httpcomponents
diff --git a/java-security/pom.xml b/java-security/pom.xml
index b7fd5d472..0cf0be0f9 100644
--- a/java-security/pom.xml
+++ b/java-security/pom.xml
@@ -9,7 +9,7 @@
com.sap.cloud.security.xsuaa
parent
- 2.17.1
+ 2.17.2
com.sap.cloud.security
diff --git a/pom.xml b/pom.xml
index fd24e8246..bd7719123 100644
--- a/pom.xml
+++ b/pom.xml
@@ -7,7 +7,7 @@
com.sap.cloud.security.xsuaa
parent
- 2.17.1
+ 2.17.2
pom
parent
diff --git a/samples/java-security-usage-ias/pom.xml b/samples/java-security-usage-ias/pom.xml
index 685a90095..22311bf6b 100755
--- a/samples/java-security-usage-ias/pom.xml
+++ b/samples/java-security-usage-ias/pom.xml
@@ -6,7 +6,7 @@
4.0.0
com.sap.cloud.security.xssec.samples
java-security-usage-ias
- 2.17.1
+ 2.17.2
war
org.springframework.boot
diff --git a/spring-xsuaa-mock/pom.xml b/spring-xsuaa-mock/pom.xml
index ff82d8239..dc6c561c7 100644
--- a/spring-xsuaa-mock/pom.xml
+++ b/spring-xsuaa-mock/pom.xml
@@ -9,7 +9,7 @@
com.sap.cloud.security.xsuaa
parent
- 2.17.1
+ 2.17.2
spring-xsuaa-mock
diff --git a/spring-xsuaa-mock/src/main/resources/META-INF/services/com.sap.cloud.security.token.XsuaaJkuFactory b/spring-xsuaa-mock/src/main/resources/META-INF/services/com.sap.cloud.security.token.XsuaaJkuFactory
new file mode 100644
index 000000000..836e10740
--- /dev/null
+++ b/spring-xsuaa-mock/src/main/resources/META-INF/services/com.sap.cloud.security.token.XsuaaJkuFactory
@@ -0,0 +1 @@
+com.sap.cloud.security.xsuaa.XsuaaLocalhostJkuFactory
\ No newline at end of file
diff --git a/spring-xsuaa-starter/pom.xml b/spring-xsuaa-starter/pom.xml
index c36a6f3b5..5dfac9984 100644
--- a/spring-xsuaa-starter/pom.xml
+++ b/spring-xsuaa-starter/pom.xml
@@ -16,7 +16,7 @@
com.sap.cloud.security.xsuaa
parent
- 2.17.1
+ 2.17.2
xsuaa-spring-boot-starter
diff --git a/spring-xsuaa-test/README.md b/spring-xsuaa-test/README.md
index 3737b15b2..6b41aba35 100644
--- a/spring-xsuaa-test/README.md
+++ b/spring-xsuaa-test/README.md
@@ -31,7 +31,7 @@ This includes for example a `JwtGenerator` that generates JSON Web Tokens (JWT)
com.sap.cloud.security.xsuaa
spring-xsuaa-test
- 2.17.1
+ 2.17.2
test
diff --git a/spring-xsuaa-test/pom.xml b/spring-xsuaa-test/pom.xml
index dc1b6c4e7..8d8fc0da7 100644
--- a/spring-xsuaa-test/pom.xml
+++ b/spring-xsuaa-test/pom.xml
@@ -9,7 +9,7 @@
com.sap.cloud.security.xsuaa
parent
- 2.17.1
+ 2.17.2
spring-xsuaa-test
diff --git a/spring-xsuaa/README.md b/spring-xsuaa/README.md
index 24396b1f4..1ecec9ee9 100644
--- a/spring-xsuaa/README.md
+++ b/spring-xsuaa/README.md
@@ -41,7 +41,7 @@ These (spring) dependencies needs to be provided:
com.sap.cloud.security.xsuaa
spring-xsuaa
- 2.17.1
+ 2.17.2
org.apache.logging.log4j
@@ -55,7 +55,7 @@ These (spring) dependencies needs to be provided:
com.sap.cloud.security.xsuaa
xsuaa-spring-boot-starter
- 2.17.1
+ 2.17.2
```
diff --git a/spring-xsuaa/pom.xml b/spring-xsuaa/pom.xml
index aace0eeba..d1b04a665 100644
--- a/spring-xsuaa/pom.xml
+++ b/spring-xsuaa/pom.xml
@@ -9,7 +9,7 @@
com.sap.cloud.security.xsuaa
parent
- 2.17.1
+ 2.17.2
spring-xsuaa
diff --git a/spring-xsuaa/src/test/resources/META-INF/services/com.sap.cloud.security.token.XsuaaJkuFactory b/spring-xsuaa/src/test/resources/META-INF/services/com.sap.cloud.security.token.XsuaaJkuFactory
new file mode 100644
index 000000000..92f28f804
--- /dev/null
+++ b/spring-xsuaa/src/test/resources/META-INF/services/com.sap.cloud.security.token.XsuaaJkuFactory
@@ -0,0 +1 @@
+com.sap.cloud.security.xsuaa.token.XsuaaLocalhostJkuFactory
\ No newline at end of file
diff --git a/token-client/README.md b/token-client/README.md
index cdab724e6..2da097aed 100644
--- a/token-client/README.md
+++ b/token-client/README.md
@@ -23,7 +23,7 @@ The Resource owner password credentials (i.e., username and password) can be use
com.sap.cloud.security.xsuaa
token-client
- 2.17.1
+ 2.17.2
org.apache.httpcomponents
@@ -80,7 +80,7 @@ tokenService.clearCache();
com.sap.cloud.security.xsuaa
token-client
- 2.17.1
+ 2.17.2
org.springframework
@@ -130,7 +130,7 @@ In context of a Spring Boot application you may like to leverage autoconfigurati
com.sap.cloud.security.xsuaa
xsuaa-spring-boot-starter
- 2.17.1
+ 2.17.2
org.apache.httpcomponents
diff --git a/token-client/pom.xml b/token-client/pom.xml
index 2db87ec9e..f756bb6e8 100644
--- a/token-client/pom.xml
+++ b/token-client/pom.xml
@@ -9,7 +9,7 @@
com.sap.cloud.security.xsuaa
parent
- 2.17.1
+ 2.17.2
token-client