Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-06-06 04:02:19 +00:00
Code Issues Packages Projects Releases Wiki Activity
17,560 Commits 51 Branches 345 Tags
Commit Graph

1292 Commits

Author SHA1 Message Date
Josh Cummings
a4126aa27d
Merge branch '6.3.x' into 6.4.x 2025-04-29 14:27:40 -06:00
Josh Cummings
f631a0fcd5
Polish ClientRegistrationsTests 
Simplified the assertion so that it is focused on the core
behavior being verified. This will likely also make the test
more stable when updating Spring Framework versions.

Issue gh-16860
 2025-04-29 14:27:04 -06:00
Josh Cummings
656ad72608
Merge branch '6.3.x' into 6.4.x 
Closes gh-17016
 2025-04-29 14:22:52 -06:00
Evgeniy Cheban
0e84f31a00 Add ClientRegistration's RestClient failed attempts information to exception message 
Closes gh-16860

Signed-off-by: Evgeniy Cheban <mister.cheban@gmail.com>
 2025-04-29 13:43:20 -06:00
Steve Riesenberg
db34de59bc
Merge branch '6.3.x' into 6.4.x 
Closes gh-16901
 2025-04-07 10:55:51 -05:00
Steve Riesenberg
3c0fef59b5
Polish gh-16039 
Closes gh-16038
 2025-04-07 10:54:09 -05:00
Jonah Klöckner
da94fbe431
Evaluate URI query parameter only if enabled 
Issue gh-16038
 2025-04-07 10:54:07 -05:00
Steve Riesenberg
96cfbd1e6c
Merge branch '6.3.x' into 6.4.x 
Closes gh-16782
Closes gh-16783
Closes gh-16784
Closes gh-16785
Closes gh-16786
 2025-03-20 14:46:18 -05:00
Tran Ngoc Nhan
a53ca7c3d0
Update ServerOAuth2AuthorizedClientExchangeFilterFunction javadoc 
Closes gh-16555

Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
 2025-03-20 14:38:09 -05:00
Rob Winch
05116eabbd
Merge branch '6.3.x' into 6.4.x 
- adb303e Add testRuntimeOnly junit-platform-launcher

Closes gh-16756
 2025-03-17 14:18:49 -05:00
Rob Winch
adb303e152
Add testRuntimeOnly junit-platform-launcher 
Closes gh-16755
 2025-03-17 14:16:44 -05:00
Pat McCusker
2bd3cadde8 Use possessive pronoun rather contraction 
Signed-off-by: Pat McCusker <patmccusker14@gmail.com>
 2025-02-24 17:02:45 -07:00
Pat McCusker
bfce6e438d Add fourth oauth grant type to javadoc 
Signed-off-by: Pat McCusker <patmccusker14@gmail.com>
 2025-02-24 17:02:45 -07:00
Josh Cummings
244fd2eb51
Support Serialization in Exceptions 
Issue gh-16276
 2025-01-14 18:37:53 -07:00
Josh Cummings
8735368d9e
Don't Support Serialization of Jackson Modules 
Issu gh-16276
 2025-01-14 17:04:36 -07:00
Josh Cummings
018e1ae1a4
Added Serialization Values 
Issue gh-16276
 2024-12-13 16:41:32 -07:00
Josh Cummings
b9911fd522
Add serialVersionUID to Authentication classes 
Issue gh-16276
 2024-12-13 16:41:32 -07:00
Tran Ngoc Nhan
39cd8d9faf Update copyright headers 2024-12-05 14:52:59 -07:00
Steve Riesenberg
77233daae7
Merge branch '6.3.x' 
Closes gh-16139
 2024-11-20 15:55:57 -06:00
Steve Riesenberg
4b41f8cb5b
Merge branch '6.2.x' into 6.3.x 
Closes gh-16138
 2024-11-20 15:54:29 -06:00
Steve Riesenberg
0eb6acde96
Polish gh-16133 2024-11-20 15:50:29 -06:00
Kai Zander
73f3f75712
Always return current ClientRegistration in loadAuthorizedClient 
This changes `InMemoryOAuth2AuthorizedClientService.loadAuthorizedClient`
(and its reactive counterpart) to always return `OAuth2AuthorizedClient`
instances containing the current `ClientRegistration` as obtained from
the `ClientRegistrationRepository`.

Before this change, the first `ClientRegistration` instance was cached,
with the effect that any changes made in the `ClientRegistrationRepository`
(such as a new client secret) would not have taken effect.

Closes gh-15511
 2024-11-20 15:50:29 -06:00
Joe Grandja
c2cfe92a02 Merge branch '6.3.x' 2024-11-18 05:16:16 -05:00
Joe Grandja
709103e38c Merge branch '6.2.x' into 6.3.x 2024-11-18 04:45:38 -05:00
Joe Grandja
a8c4d6cead Require Locale argument for toLower/toUpperCase usage 2024-11-18 04:22:26 -05:00
Steve Riesenberg
ca1f891f25 Polish gh-15937 2024-11-13 15:53:59 -06:00
Davide Colazingari
aec5afb6eb Fix assertions in NimbusReactiveJwtDecoderTests 2024-11-13 15:53:59 -06:00
Steve Riesenberg
380e856be5
Merge branch '6.3.x' 
Closes gh-16037
 2024-11-04 13:34:57 -06:00
Steve Riesenberg
b9d5493913
Merge branch '6.2.x' into 6.3.x 
Closes gh-16036
 2024-11-04 13:34:42 -06:00
Steve Riesenberg
86f3cd6dc7
Polish gh-15940 
Closes gh-15885
 2024-11-04 13:34:12 -06:00
Hyeongi Jeong
4c6fef82b9
Fix error when Bearer token is requested with empty string 
Issue gh-15885
 2024-11-04 13:33:58 -06:00
Tran Ngoc Nhan
ab93541926 Simplify condition in some methods 2024-10-25 13:42:33 -07:00
Tran Ngoc Nhan
e76de931ce Polish Optional usage 2024-10-25 13:42:33 -07:00
Tran Ngoc Nhan
ffed4ea1dc Polish diamond usage 2024-10-25 13:42:33 -07:00
Josh Cummings
8a972917fa Deprecate Nimbus(Reactive)OpaqueTokenIntrospector 
Issue gh-14245
 2024-10-22 21:21:07 -07:00
Steve Riesenberg
dab6950231
Move parametersCustomizer 
The parametersCustomizer was introduced in 6.4.0-M4 with
DefaultOAuth2TokenRequestParametersConverter. However, it cannot be
applied to all parameters and so does not fully solve gh-11298.

This commit moves the customizer to the abstract class so it can be
applied to all parameters.

Closes gh-15939
 2024-10-18 12:22:09 -05:00
Tran Ngoc Nhan
31f8caec5f Polish diamond operator usage 2024-10-14 11:51:35 -07:00
Giovanni Lovato
a3fd551fb5 Add ClientRegistrations.fromOidcConfiguration method 
ClientRegistrations now provides the fromOidcConfiguration
method to create a ClientRegistration.Builder from a map
representation of an OpenID Provider Configuration Response.

This is useful when the OpenID Provider Configuration is not
available at a well-known location, or if custom validation
is needed for the issuer location (e.g. if the issuer is only
reachable via a back-channel URI that is different from the
issuer value in the configuration).

Fixes: gh-14633
 2024-10-02 15:11:01 -05:00
Steve Riesenberg
f5991ae176 Allow access token request parameters to override defaults 
Closes gh-11298
 2024-10-02 12:05:42 -05:00
Steve Riesenberg
9ba2435cb2
Support refresh token for Token Exchange 
Closes gh-15534
 2024-09-27 15:57:57 -05:00
Steve Riesenberg
e11c188122
Customize the strategy for resolving the principal 
Closes gh-15826
 2024-09-27 15:39:56 -05:00
Thomas Darimont
b06c40d9ef Add ExpressionJwtGrantedAuthoritiesConverter to extract authorities with an expression 
This helps to reduce custom code necessary to extract roles from deeply
nested claims.

Closes #15201

Signed-off-by: Thomas Darimont <thomas.darimont@googlemail.com>
 2024-09-23 16:59:59 -07:00
Steve Riesenberg
1a97d07079
Merge branch '6.2.x' into 6.3.x 
Closes gh-15829
 2024-09-19 16:23:08 -05:00
Steve Riesenberg
551c483ee6
Merge branch '5.8.x' into 6.2.x 
Closes gh-15828
 2024-09-19 16:22:37 -05:00
Steve Riesenberg
7b7a3044cf
Polish gh-15533 2024-09-19 16:13:03 -05:00
陈圳佳
8a791028b1
Fix array values of additionalParameters 
Closes gh-15468
 2024-09-19 16:10:00 -05:00
Steve Riesenberg
42d9f146d2 Polish gh-15533 2024-09-19 16:05:39 -05:00
陈圳佳
24dbc5de53 Fix array values of additionalParameters 
Closes gh-15468
 2024-09-19 16:05:39 -05:00
Steve Riesenberg
c1a303bc92
Add tests for overriding parameters 
Issue gh-15298
Issue gh-11298
 2024-09-19 13:01:09 -05:00
Steve Riesenberg
5d8cf6a8bc
Polish gh-13588 2024-09-19 12:08:48 -05:00