4.0.0

What's Changed

• prevent npe on enroll by @arvindkrishnakumar-okta in #461
• make models serializable by @arvindkrishnakumar-okta in #462
• OKTA-595552: Add password requirement settings to CurrentAuthenticatorEnrollmentValue by @arvindkrishnakumar-okta in #463
• Bump thymeleaf-extras-springsecurity5 from 3.0.4.RELEASE to 3.1.2.RELEASE by @arvindkrishnakumar-okta in #464
• Bounced spring-security-config from 5.7.8 to 5.8.5 by @arvindkrishnakumar-okta in #465
• Initialize Authentication response AuthenticationStatus to UNKNOWN by @arvindkrishnakumar-okta in #466
• Add Semgrep by @bjr-okta in #467
• OKTA-595563: Favor Collections instead of Arrays by @arvindkrishnakumar-okta in #468
• OKTA-595565: Improved UserProfile construction by @arvindkrishnakumar-okta in #469
• cve fix: bump org.thymeleaf from 3.0.15 to 3.1.2.RELEASE by @arvindkrishnakumar-okta in #470
• OKTA-595560: Use Duration type for refresh interval by @arvindkrishnakumar-okta in #471
• Bump snakeyaml from 2.0 to 2.2 by @arvindkrishnakumar-okta in #472
• OKTA-595564: Refactor model APIs by @arvindkrishnakumar-okta in #473
• Bump okio from 2.8.0 to 3.4.0 by @arvindkrishnakumar-okta in #474
• Fix NPE in AuthenticationTransaction by @arvindkrishnakumar-okta in #477
• OKTA-651029: Fix broken embedded-auth-with-sdk sample by @arvindkrishnakumar-okta in #478
• Bump tomcat-embed-core from 9.0.76 to 9.0.81 by @arvindkrishnakumar-okta in #479
• Update spring-security-config from 5.8.5 to 5.8.7 to fix cve by @arvindkrishnakumar-okta in #480
• Bump org.thymeleaf:thymeleaf from 3.0.15 to 3.1.1.RELEASE by @arvindkrishnakumar-okta in #481
• Bump thymeleaf from 3.1.1.RELEASE to 3.1.2.RELEASE by @arvindkrishnakumar-okta in #482
• Bump tomcat-embed-core from 9.0.81 to 9.0.83 by @arvindkrishnakumar-okta in #483
• Upgrade logback-classic from 1.2.x to 1.4.14 by @arvindkrishnakumar-okta in #484
• Upgrade logback-core from 1.2.x to 1.4.14 by @arvindkrishnakumar-okta in #485
• Bump okta-oidc-tck from 0.5.8 to 0.5.10 by @arvindkrishnakumar-okta in #486
• OKTA-689243: Webauthn Credential ID is not being passed in idxAuthenticationWrapper by @arvindkrishnakumar-okta in #488
• Bumped springboot spring-web and nimbus dependencies by @arvindkrishnakumar-okta in #489
• Enforce spring-security-core to 5.8.11 by @arvindkrishnakumar-okta in #491
• Bump tomcat-embed from 9.0.84 to 9.0.87 by @arvindkrishnakumar-okta in #490
• Bump spring-web from 5.3.33 to 5.3.37 by @arvindkrishnakumar-okta in #492
• Bump org.apache.tomcat.embed:tomcat-embed-core from 9.0.87 to 9.0.90 by @arvindkrishnakumar-okta in #493
• Update semgrep by @bretterer in #496
• Add Snyk to CCI by @arvindkrishnakumar-okta in #497
• Bump Jackson from 2.15.2 to 2.17.2 by @arvindkrishnakumar-okta in #499
• prepare for 4.0.0 release by @arvindkrishnakumar-okta in #501

New Contributors

• @bjr-okta made their first contribution in #467

Full Changelog: okta-idx-java-root-3.0.7...okta-idx-java-root-4.0.0

3.0.7

What's Changed

• Update README.md by @arvindkrishnakumar-okta in #455
• Bump okta-commons from 1.3.4 to 1.3.5 by @arvindkrishnakumar-okta in #458

Full Changelog: okta-idx-java-root-3.0.6...okta-idx-java-root-3.0.7

3.0.6

What's Changed

• Added connection close http header by @arvindkrishnakumar-okta in #453

Full Changelog: okta-idx-java-root-3.0.5...okta-idx-java-root-3.0.6

3.0.5

What's Changed

• Updated prev version to 3.0.3 by @arvindkrishnakumar-okta in #391
• Added fix for Google authenticator test failures in java-idx-sdk by @karthikaselvaraj-okta in #392
• Added Okta Verify enrollment with SMS and Email based activation by @karthikaselvaraj-okta in #393
• Update Travis build URL in README by @arvindkrishnakumar-okta in #394
• ks-OKTA-448232-OktaVerify-EnrollmentWithQRCode by @karthikaselvaraj-okta in #396
• Update SnakeYAML to 1.31 by @bretterer in #398
• upgrade junit to 5.9.0 by @arvindkrishnakumar-okta in #401
• upgraded springboot to 2.7.3 by @arvindkrishnakumar-okta in #402
• Bump logback to 1.4.0 by @arvindkrishnakumar-okta in #406
• Upgrade tomcat embed lib to 9.0.64 and cleanup pom by @arvindkrishnakumar-okta in #405
• ks-OKTA-532257-OktaVerifySMSTestFailureFix by @karthikaselvaraj-okta in #408
• Add CircleCI Config by @arvindkrishnakumar-okta in #409
• Bump jackson snakeyaml okta-commons deps by @arvindkrishnakumar-okta in #410
• fixed if condition to avoid null pointer exceptions by @jkprerana in #411
• suppress false positive cve by @arvindkrishnakumar-okta in #412
• cleanup owasp suppression file by @arvindkrishnakumar-okta in #413
• Upgrade to Java parent v24 by @arvindkrishnakumar-okta in #414
• Bump springboot version from 2.7.3 to 2.7.4 by @arvindkrishnakumar-okta in #415
• Bump logback from 1.4.0 to 1.4.1 by @arvindkrishnakumar-okta in #416
• Bump mgmt sdk dep from 8.2.1 to 8.2.2 by @arvindkrishnakumar-okta in #417
• Bump snakeyaml from 1.32 to 1.33 by @arvindkrishnakumar-okta in #419
• Added features for ForgotPassword - embedded-sign-in-widget by @karthikaselvaraj-okta in #418
• Java 17 instead of Java 18 in CircleCI config by @arvindkrishnakumar-okta in #420
• Added fix for EmbeddedAuth test failures by @karthikaselvaraj-okta in #422
• Bump Springboot version from 2.7.4 to 2.7.5 by @arvindkrishnakumar-okta in #423
• Remove unnecessary logging deps by @arvindkrishnakumar-okta in #424
• Fix bacon test execution issue by @arvindkrishnakumar-okta in #433
• webauthn enroll and login feature by @karthikaselvaraj-okta in #435
• added E2E code for login and enroll okta verify feature by @karthikaselvaraj-okta in #436
• OKTA-579868: Show password field on registration form if required by policy by @arvindkrishnakumar-okta in #442
• bump jackson from 2.13.4 to 2.15.2 by @arvindkrishnakumar-okta in #447
• bump spring boot from 2.7.5 to 2.7.12 by @arvindkrishnakumar-okta in #449
• bump tomcat-embed-core dependency from 9.0.64 to 9.0.76 by @arvindkrishnakumar-okta in #448
• Bump snakeyaml from 1.33 to 2.0 by @arvindkrishnakumar-okta in #446
• Include i18n messages in AuthenticationResponse object by @arvindkrishnakumar-okta in #450
• Fix cve by @arvindkrishnakumar-okta in #451

New Contributors

• @jkprerana made their first contribution in #411

Full Changelog: okta-idx-java-root-3.0.4...okta-idx-java-root-3.0.5

3.0.4

What's Changed

• Update README.md in #380
• Upgrade appium lib to 8.1.1 in #383
• Upgrade to Spring boot 2.7.2 and Okta Spring starter 2.1.5 in #384
• Upgraded Spring test to 5.3.22 in #385
• Make stateHandle pull from the first remediation in #376
• Fix stateHandle for password recovery with identifier first flow. in #389
• Update README.md in #388

3.0.3

• Fixes the issue where the UserAgent header was not populated correctly with SDK project version #378

3.0.2

• Fixes an issue with Recover Password flow where an incorrect stateHandle was set earlier. #373

3.0.1

• Bug fix #354
• Bumped Okta Java Mgmt SDK dependency to v8.2.1 #356
• Bumped Spring Test to v5.3.19 #357
• Added Security Qn Authenticator E2E Tests #358
• Bumped Spring Boot to v2.7.0 #360
• Bump appium java-client from v7.0.0 to v8.0.0 #361
• Added openjdk18 to Travis build config #364
• Bumped Jackson to v2.13.3 #368
• Update Tomcat Embed dependency to v9.0.64 #371

3.0.0

• Cleanup log spam #344
• Expose User Info in AuthenticationResponse #345
• Renamed Qrcode model to QrCode #346
• Refresh interval in PollInfo object is now Duration type #348
• Support added for the ability to set RequestContext at the begin of transaction. This request context allows the client to set supplemental headers such as Device Token, IP Address and User Agent and pass it to Okta. #326 #301

2.0.3

• Various bug fixes and improvements.
• Upgraded samples to Springboot 2.6.7 (#333)
• Added Security Question Authenticator implementation to samples (#324)