From 62a7956c9434121cc6f4e6b86023351a3319211b Mon Sep 17 00:00:00 2001
From: tanya732 <sinha.tanya26@gmail.com>
Date: Mon, 2 Mar 2026 15:38:43 +0530
Subject: [PATCH] Release 1.0.0-beta.0

---
 .github/workflows/claude-code-review.yml |  11 ---
 .github/workflows/sca_scan.yml           |  11 ---
 CHANGELOG.md                             | 105 +++++++++++++++++++++++
 gradle.properties                        |   2 +-
 4 files changed, 106 insertions(+), 23 deletions(-)
 delete mode 100644 .github/workflows/claude-code-review.yml
 delete mode 100644 .github/workflows/sca_scan.yml
 create mode 100644 CHANGELOG.md

diff --git a/.github/workflows/claude-code-review.yml b/.github/workflows/claude-code-review.yml
deleted file mode 100644
index 673cab1..0000000
--- a/.github/workflows/claude-code-review.yml
+++ /dev/null
@@ -1,11 +0,0 @@
-name: Claude Code PR Review
-
-on:
-  issue_comment:
-    types: [ created ]
-  pull_request_review_comment:
-    types: [ created ]
-
-jobs:
-  claude-review:
-    uses: auth0/ai-pr-analyzer-gh-action/.github/workflows/claude-code-review.yml@main
\ No newline at end of file
diff --git a/.github/workflows/sca_scan.yml b/.github/workflows/sca_scan.yml
deleted file mode 100644
index aa1c2bd..0000000
--- a/.github/workflows/sca_scan.yml
+++ /dev/null
@@ -1,11 +0,0 @@
-
-name: SCA
-
-on:
-  push:
-    branches: ["master", "main"]
-
-jobs:
-  snyk-cli:
-    uses: atko-security/devsecops-tooling/.github/workflows/sca-scan.yml@main
-    secrets: inherit
diff --git a/CHANGELOG.md b/CHANGELOG.md
new file mode 100644
index 0000000..157a5e4
--- /dev/null
+++ b/CHANGELOG.md
@@ -0,0 +1,105 @@
+# Changelog
+
+## [1.0.0-beta.0](https://github.com/auth0/auth0-auth-java/tree/1.0.0-beta.0) (2026-03-02)
+
+### Features
+
+- **JWT Bearer Authentication** - Complete Spring Security integration for validating Auth0-issued JWTs.
+- **DPoP (Demonstration of Proof-of-Possession) Support** - Built-in support for DPoP token security per [RFC 9449](https://datatracker.ietf.org/doc/html/rfc9449), including proof validation, token binding, and JWK thumbprint verification.
+- **Flexible Authentication Modes** - Configure how your API handles token types:
+  - `DISABLED` - Accept Bearer tokens only.
+  - `ALLOWED` - Accept both Bearer and DPoP tokens (default).
+  - `REQUIRED` - Enforce DPoP tokens only.
+- **Scope-Based Authorization** - Derive Spring Security authorities from JWT scopes with `SCOPE_` prefix for use with `hasAuthority()`.
+- **Custom Claim Access** - Access any JWT claim via `Auth0AuthenticationToken.getClaim(name)` and `getClaims()`.
+- **Auto-Configuration** - Minimal setup required; just provide `auth0.domain` and `auth0.audience` properties.
+- **WWW-Authenticate Header Generation** - Automatic RFC-compliant error response headers for Bearer and DPoP challenges.
+- **Java 8+ Core Module** - The underlying `auth0-api-java` module targets Java 8, enabling use in non-Spring environments.
+
+### Installation
+
+**Gradle**
+
+```groovy
+implementation 'com.auth0:auth0-springboot-api:1.0.0-beta.0'
+```
+
+**Maven**
+
+```xml
+<dependency>
+    <groupId>com.auth0</groupId>
+    <artifactId>auth0-springboot-api</artifactId>
+    <version>1.0.0-beta.0</version>
+</dependency>
+```
+
+### Basic Usage
+
+**1. Add application properties:**
+
+```yaml
+auth0:
+  domain: "your-tenant.auth0.com"
+  audience: "https://your-api-identifier"
+  dpopMode: ALLOWED                  # DISABLED | ALLOWED | REQUIRED
+```
+
+**2. Configure Spring Security:**
+
+```java
+@Configuration
+@EnableMethodSecurity
+public class SecurityConfig {
+
+    @Bean
+    SecurityFilterChain apiSecurity(HttpSecurity http, Auth0AuthenticationFilter authFilter)
+            throws Exception {
+        return http
+            .csrf(csrf -> csrf.disable())
+            .sessionManagement(s -> s.sessionCreationPolicy(SessionCreationPolicy.STATELESS))
+            .authorizeHttpRequests(auth -> auth
+                .requestMatchers("/api/public").permitAll()
+                .requestMatchers("/api/protected").authenticated()
+                .requestMatchers("/api/admin/**").hasAuthority("SCOPE_admin")
+                .anyRequest().permitAll())
+            .addFilterBefore(authFilter, UsernamePasswordAuthenticationFilter.class)
+            .build();
+    }
+}
+```
+
+**3. Access authenticated user info in your controller:**
+
+```java
+@RestController
+@RequestMapping("/api")
+public class ApiController {
+
+    @GetMapping("/protected")
+    public ResponseEntity<Map<String, Object>> protectedEndpoint(Authentication authentication) {
+        Auth0AuthenticationToken token = (Auth0AuthenticationToken) authentication;
+        return ResponseEntity.ok(Map.of(
+            "user", authentication.getName(),
+            "email", token.getClaim("email"),
+            "scopes", token.getScopes()
+        ));
+    }
+}
+```
+
+### Dependencies
+
+| Dependency | Version | Module |
+|---|---|---|
+| Spring Boot Starter | 3.2.0 | auth0-springboot-api |
+| Spring Boot Starter Web | 3.2.0 | auth0-springboot-api |
+| Spring Boot Starter Security | 3.2.0 | auth0-springboot-api |
+| Jackson Databind | 2.15.2 | auth0-api-java |
+| Apache HttpClient | 4.5.14 | auth0-api-java |
+| Auth0 java-jwt | 4.5.1 | auth0-api-java |
+| Auth0 jwks-rsa | 0.23.0 | auth0-api-java |
+
+**Runtime Requirements:**
+- `auth0-springboot-api` — Java 17+
+- `auth0-api-java` — Java 8+
diff --git a/gradle.properties b/gradle.properties
index b3603bf..efe7256 100644
--- a/gradle.properties
+++ b/gradle.properties
@@ -1,5 +1,5 @@
 GROUP=com.auth0
-VERSION_NAME=1.0.0-beta.1
+VERSION_NAME=1.0.0-beta.0
 
 # Shared POM metadata (module-specific properties are in each module's build.gradle)
 POM_URL=https://github.com/auth0/auth0-auth-java