0.4.0

Main Changes since 0.3.0

Deprecated configuration options

The following configuration options have been deprecated:

• oauth.tokens.not.jwt is now called oauth.access.token.is.jwt and has a reverse meaning.
• oauth.validation.skip.type.check is now called oauth.check.access.token.type and has a reverse meaning.

See: Align configuration with Kafka Operator PR (#36).

Compatibility improvements

Scope claim is no longer required in an access token. (#30)
That improves compatibility with different authorization servers, since the attribute is not required by OAuth 2.0 specification neither is it used by validation logic.

Updated dependencies

jackson-core, and jackson-databind libraries have been updated to latest versions. (#33)

Instructions for developers added

Instructions for preparing the environment, building and deploying the latest version of Strimzi Kafka OAuth library with Strimzi Kafka Operator have been added.

See: Hacking on OAuth and deploying with Strimzi Kafka Operator PR (#34)

Improvements to examples and documentation

Fixed enabled remote debugging mode in example compose-authz.yml (#39)