bump version to 3.1.3 (#1273)

* bump version to 3.1.3

* update CHANGELOG.md

Author: liga-oz

CHANGELOG.md

@@ -1,6 +1,24 @@
 # Change Log
 All notable changes to this project will be documented in this file.
 
+## 3.1.3
+- [java-security]
+  - Fixes NPE when accessing `XsuaaToken.getPrincipal()` and `grantType` is null (#1261)
+- [token-client]
+  -  fixes JWKs fetch from identity service issue when `app_tid` is not present in the token - the `X-app_tid` and `X-client_id` headers are only added when both values are available. 
+  - `DefaultOAuth2TokenService` 
+      - fixes issue when in case of unsuccessful token fetch `OAuth2ServiceException.withHeaders()` headers field were filled with only one entry containing all headers as a string
+  - `DefaultOAuth2TokenKeyService` and `SpringOAuth2TokenKeyService`
+    - improved error handling
+      - `OAuth2ServiceException` that's thrown status code != 200 case doesn't get swallowed
+      - fixes `OAuth2ServiceException.withHeaders()` semantically incorrect behavior when headers were filled with request headers instead of response headers
+      - `OAuth2ServiceException` generated by unsuccessful JWKs fetch contains request headers as well
+  - `OAuth2ServiceException` updated header message - contains now `Response Headers` instead of `Headers`
+
+#### Dependency upgrades
+- Bump spring.security.version from 6.1.2 to 6.1.3
+- Bump spring.boot.version from 3.1.2 to 3.1.3
+
 ## 3.1.2
 - [token-client] 
   - `OAuth2ServiceException` has been extended with getter method `getHeaders()` that gives the access to failed request's response headers

README.md

@@ -124,7 +124,7 @@ The SAP Cloud Security Services Integration is published to maven central: https
         <dependency>
             <groupId>com.sap.cloud.security</groupId>
             <artifactId>java-bom</artifactId>
-            <version>3.1.2</version>
+            <version>3.1.3</version>
             <scope>import</scope>
             <type>pom</type>
         </dependency>

bom/pom.xml

@@ -8,7 +8,7 @@
 
     <groupId>com.sap.cloud.security</groupId>
     <artifactId>java-bom</artifactId>
-    <version>3.1.2</version>
+    <version>3.1.3</version>
     <packaging>pom</packaging>
     <name>java-bom</name>
 

env/pom.xml

@@ -9,7 +9,7 @@
     <parent>
         <groupId>com.sap.cloud.security.xsuaa</groupId>
         <artifactId>parent</artifactId>
-        <version>3.1.2</version>
+        <version>3.1.3</version>
     </parent>
 
     <groupId>com.sap.cloud.security</groupId>

java-api/README.md

@@ -5,6 +5,6 @@
 <dependency>
     <groupId>com.sap.cloud.security</groupId>
     <artifactId>java-api</artifactId>
-    <version>3.1.2</version>
+    <version>3.1.3</version>
 </dependency>
 ```

java-api/pom.xml

@@ -9,7 +9,7 @@
 	<parent>
 		<groupId>com.sap.cloud.security.xsuaa</groupId>
 		<artifactId>parent</artifactId>
-		<version>3.1.2</version>
+		<version>3.1.3</version>
 	</parent>
 
 	<groupId>com.sap.cloud.security</groupId>

java-security-it/pom.xml

@@ -9,7 +9,7 @@
     <parent>
         <artifactId>parent</artifactId>
         <groupId>com.sap.cloud.security.xsuaa</groupId>
-        <version>3.1.2</version>
+        <version>3.1.3</version>
     </parent>
 
     <artifactId>java-security-it</artifactId>

java-security-test/README.md

@@ -40,7 +40,7 @@ It is pre-configured with a security filter that only accepts valid tokens. Furt
 <dependency>
     <groupId>com.sap.cloud.security</groupId>
     <artifactId>java-security-test</artifactId>
-    <version>3.1.2</version>
+    <version>3.1.3</version>
     <scope>test</scope>
 </dependency>
 ```

java-security-test/pom.xml

@@ -9,7 +9,7 @@
 	<parent>
 		<groupId>com.sap.cloud.security.xsuaa</groupId>
 		<artifactId>parent</artifactId>
-		<version>3.1.2</version>
+		<version>3.1.3</version>
 	</parent>
 
 	<groupId>com.sap.cloud.security</groupId>

java-security/README.md

@@ -67,7 +67,7 @@ To be able to validate tokens it performs the following tasks:
 <dependency>
     <groupId>com.sap.cloud.security</groupId>
     <artifactId>java-security</artifactId>
-    <version>3.1.2</version>
+    <version>3.1.3</version>
 </dependency>
 <dependency>
     <groupId>org.apache.httpcomponents.client5</groupId>