Release 1.0.0-rc.1

CHANGELOG.md

@@ -0,0 +1,72 @@
+# Change Log
+
+## [1.0.0-rc.1](https://github.com/auth0/java-jwt/tree/1.0.0-rc.1) (2016-12-19)
+
+Auth0 integration with Spring Security to add authorization to your API using JWTs
+
+## Download
+
+Get Auth0 Spring Security API using Maven:
+
+```xml
+<dependency>
+    <groupId>com.github.auth0</groupId>
+    <artifactId>auth0-spring-security-api</artifactId>
+    <version>1.0.0-rc.1</version>
+</dependency>
+```
+
+or Gradle:
+
+```gradle
+compile 'com.auth0.github:auth0-spring-security-api:1.0.0-rc.1'
+```
+
+## Usage
+
+Inside a `WebSecurityConfigurerAdapter` you can configure your api to only accept `RS256` signed JWTs
+
+```java
+@EnableWebSecurity
+@Configuration
+public class SecurityConfig extends WebSecurityConfigurerAdapter {
+
+    @Override
+    protected void configure(HttpSecurity http) throws Exception {
+        JwtWebSecurityConfigurer
+                .forRS256("YOUR_API_AUDIENCE", "YOUR_API_ISSUER")
+                .configure(http);
+    }
+}
+```
+
+or for `HS256` signed JWTs
+
+```java
+@EnableWebSecurity
+@Configuration
+public class SecurityConfig extends WebSecurityConfigurerAdapter {
+
+    @Override
+    protected void configure(HttpSecurity http) throws Exception {
+        JwtWebSecurityConfigurer
+                .forHS256WithBase64Secret("YOUR_API_AUDIENCE", "YOUR_API_ISSUER", "YOUR_BASE_64_ENCODED_SECRET")
+                .configure(http);
+    }
+}
+```
+
+
+Then using Spring Security `HttpSecurity` you can specify which paths requires authentication
+
+```java
+    http.authorizeRequests()
+        .antMatchers("/api/**").fullyAuthenticated();
+```
+
+and you can even specify that the JWT should have a single or several scopes
+
+```java
+    http.authorizeRequests()
+        .antMatchers(HttpMethod.GET, "/api/users/**").hasAuthority("read:users");
+```

README.md

@@ -7,24 +7,22 @@
 
 ## Download
 
-Get Auth0 Spring Security API via [JitPack](https://jitpack.io):
+Get Auth0 Spring Security API using Maven:
 
 ```xml
 <dependency>
     <groupId>com.github.auth0</groupId>
     <artifactId>auth0-spring-security-api</artifactId>
-    <version>0.0.1</version>
+    <version>1.0.0-rc.1</version>
 </dependency>
 ```
 
 or Gradle:
 
 ```gradle
-compile 'com.auth0.github:auth0-spring-security-api:0.0.1'
+compile 'com.auth0.github:auth0-spring-security-api:1.0.0-rc.1'
 ```
 
-> Remember to add JitPack repositories
-
 ## Usage
 
 Inside a `WebSecurityConfigurerAdapter` you can configure your api to only accept `RS256` signed JWTs 

build.gradle

@@ -8,7 +8,7 @@ buildscript {
     dependencies {
         classpath 'com.android.tools.build:gradle:2.2.2'
         classpath 'com.jfrog.bintray.gradle:gradle-bintray-plugin:1.7'
-        classpath "gradle.plugin.com.auth0.gradle:oss-library:0.2.11"
+        classpath "gradle.plugin.com.auth0.gradle:oss-library:0.3.1"
     }
 }
 

lib/build.gradle

@@ -11,16 +11,16 @@ oss {
 
 developers {
     auth0 {
-        displayName = "Auth0"
-        email = "[email protected]"
+        displayName = 'Auth0'
+        email = '[email protected]'
     }
     lbalmaceda {
-        displayName = "Luciano Balmaceda"
-        email = "[email protected]"
+        displayName = 'Luciano Balmaceda'
+        email = '[email protected]'
     }
     hzalaz {
-        displayName = "Hernan Zalazar"
-        email = "[email protected]"
+        displayName = 'Hernan Zalazar'
+        email = '[email protected]'
     }
 }
 
@@ -58,12 +58,11 @@ jacocoTestReport {
 
 test {
     testLogging {
-        events "passed", "skipped", "failed", "standardError"
-        exceptionFormat "short"
+        events 'passed', 'skipped', 'failed', 'standardError'
+        exceptionFormat 'short'
     }
 }
 
-task clean(type: Delete) {
-    delete rootProject.buildDir
-    delete 'CHANGELOG.md.release'
-}
+clean.doFirst {
+    new File('CHANGELOG.md.release').delete()
+}