Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-08-07 01:53:48 +00:00
Code Issues Packages Projects Releases Wiki Activity
17,827 Commits 44 Branches 351 Tags
Commit Graph

1293 Commits

Author SHA1 Message Date
Joe Grandja
044c30c3bc OAuth2ErrorHttpMessageConverter handles JSON object parameters 
Fixes gh-8157
 2020-03-24 14:56:51 -04:00
Joe Grandja
93ed92cc94 OAuth2ErrorHttpMessageConverter handles JSON object parameters 
Fixes gh-8157
 2020-03-24 14:51:04 -04:00
Joe Grandja
a1bcd4ed00 Fix OAuth2AuthorizationRequest additionalParameters/attributes Consumer 
Fixes gh-8177
 2020-03-24 13:59:36 -04:00
Joe Grandja
46baf38f59 Fix OAuth2AuthorizationRequest additionalParameters/attributes Consumer 
Fixes gh-8177
 2020-03-24 13:44:09 -04:00
Joe Grandja
2d8242c5c1 Assign sensible default for OAuth2AuthorizedClientProvider 
Fixes gh-8150
 2020-03-19 11:50:48 -04:00
Joe Grandja
a9dabf6efb Assign sensible default for OAuth2AuthorizedClientProvider 
Fixes gh-8150
 2020-03-19 11:44:30 -04:00
Joe Grandja
5e0e5b6ed4 Fix NPE when token response contains a null value 
Fixes gh-8108
 2020-03-16 15:59:19 -04:00
Joe Grandja
26414ad3af Fix NPE when token response contains a null value 
Fixes gh-8108
 2020-03-16 15:56:59 -04:00
Josh Cummings
6eadf7b140
Unlock dependencies for 5.3.0.RELEASE 
This reverts commit 147d7dadd7e449e1e8347f9a0b3959c7abf095dc.
 2020-03-04 12:02:48 -07:00
Josh Cummings
147d7dadd7
Lock dependencies for 5.3.0.RELEASE 2020-03-04 10:28:39 -07:00
Roman Matiushchenko
9d66f2ccce polish gh-7996 
Make defensive collection copy as Collections.unmodifiableCollection
does not protect from the source collection direct modification.
Use Mono#map instead of Mono#flatMap as it allocates less.
Use less operators to reduce allocations.
Use lambda parameter instead of outer method parameter
in authenticationManagers#computeIfAbsent()
to make it non capturing so it could be cached by JVM.
Propagate cause for InvalidBearerTokenException.
 2020-02-27 09:29:43 -07:00
Roman Matiushchenko
04e671fb4d Instantiate exceptions lazily 
Add lazy Exception instantiation to reduce allocations

Fixes gh-7995
 2020-02-27 09:29:43 -07:00
Josh Cummings
968ebb194b
baseUrl placeholder for OidcLogoutSuccessHandlers 
Fixes gh-7842
 2020-02-25 13:35:50 -07:00
Josh Cummings
283e451cad
Update JwtDecoders tests 
Issue gh-7860
 2020-02-25 13:33:20 -07:00
Zeeshan Adnan
431cd6000b
Add JwtClaimValidator 
Fixes gh-7860
 2020-02-25 13:32:41 -07:00
Joe Grandja
3dbfef9ef1 OAuth2AccessTokenResponseHttpMessageConverter handles JSON object parameters 
Fixes gh-6463
 2020-02-24 15:58:25 -05:00
Joe Grandja
fb2bbd74dc OAuth2AccessTokenResponseHttpMessageConverter handles JSON object parameters 
Fixes gh-6463
 2020-02-24 15:36:53 -05:00
Joe Grandja
fa73b1397a Add missing @FunctionalInterface in oauth2 modules 
Fixes gh-8020
 2020-02-24 11:53:30 -05:00
Joe Grandja
3e5600f83f Add configurable Clock in OidcIdTokenValidator 
Fixes gh-8019
 2020-02-24 11:21:03 -05:00
Joe Grandja
7734d049eb Polish javadoc gh-7511 2020-02-24 10:35:58 -05:00
Joe Grandja
d32c98b1c5 Add OAuth2AuthorizeRequest.Builder.principal(String) 
Fixes gh-8018
 2020-02-24 09:58:38 -05:00
Joe Grandja
c6da7b2dd6 Polish gh-7840 2020-02-24 09:28:00 -05:00
Joe Grandja
65b5d468fb Deprecate UnAuthenticatedServerOAuth2AuthorizedClientRepository 
Fixes gh-8016
 2020-02-24 06:50:58 -05:00
Joe Grandja
4e2f1988f2 Polish Fix package tangles 
Issue #7699 #7840
 2020-02-24 06:42:00 -05:00
Joe Grandja
82cd203791 Remove unnecessary mocking 
Fixes gh-8012
 2020-02-23 19:35:16 -05:00
Joe Grandja
204a612be1 Deprecate Implicit Grant 
Fixes gh-8013
 2020-02-23 19:34:52 -05:00
Joe Grandja
c8cc9717c9 Fix package tangles 
Issue #7699 #7840
 2020-02-23 07:24:36 -05:00
Joe Grandja
f2da2c56be Resolve OAuth2Error from WWW-Authenticate header 
Issue gh-7699
 2020-02-21 15:12:58 -05:00
Joe Grandja
69156b741d Add OAuth2Authorization success/failure handlers 
Fixes gh-7840
 2020-02-21 15:12:58 -05:00
Joe Grandja
23ce717380 Simplify customizing OAuth2AuthorizationRequest 
Fixes gh-7696
 2020-02-19 06:22:07 -05:00
Joe Grandja
de8b558561 Add JDBC implementation of OAuth2AuthorizedClientService 
Fixes gh-7655
 2020-02-13 12:17:29 -05:00
Joe Grandja
ff8002eb2e Polish gh-4557 2020-02-12 15:47:57 -05:00
Joe Grandja
8acdb82e6a OAuth2AuthorizationCodeGrantWebFilter matches on query parameters 
Fixes gh-7966
 2020-02-10 15:28:06 -05:00
Joe Grandja
0809c04aa2 OAuth2AuthorizationCodeGrantWebFilter matches on query parameters 
Fixes gh-7966
 2020-02-10 15:11:04 -05:00
Joe Grandja
6141132cfa Fix test gh-7963 2020-02-10 05:53:00 -05:00
Joe Grandja
cc7ea4acd3 OAuth2AuthorizationCodeGrantFilter matches on query parameters 
Fixes gh-7963
 2020-02-10 05:24:14 -05:00
Joe Grandja
3c86239b39 OAuth2AuthorizationCodeGrantFilter matches on query parameters 
Fixes gh-7963
 2020-02-10 05:13:47 -05:00
Manuel Bleichenbacher
1e4736f9b3 Prevent double-escaping of authorize URL parameters 
If the authorization URL in the OAuth2 provider configuration contained query parameters with escaped characters, these characters were escaped a second time. This commit fixes it.

It is relevant to support the OIDC claims parameter (see https://openid.net/specs/openid-connect-core-1_0.html#ClaimsParameter).

Fixes gh-7871
 2020-02-08 16:59:01 -05:00
Manuel Bleichenbacher
d3490b0f87 Prevent double-escaping of authorize URL parameters 
If the authorization URL in the OAuth2 provider configuration contained query parameters with escaped characters, these characters were escaped a second time. This commit fixes it.

It is relevant to support the OIDC claims parameter (see https://openid.net/specs/openid-connect-core-1_0.html#ClaimsParameter).

Fixes gh-7871
 2020-02-08 16:40:15 -05:00
Stephane Maldini
851be025e9 Don't force downcasting of RequestAttributes to ServletRequestAttributes 
Fixes gh-7952
 2020-02-07 20:44:19 -05:00
Stephane Maldini
0012e24c46 Don't force downcasting of RequestAttributes to ServletRequestAttributes 
Fixes gh-7953
 2020-02-07 20:18:50 -05:00
Josh Cummings
a90e579350 Add JwtIssuerReactiveAuthenticationManagerResolver 
Fixes gh-7857
 2020-02-06 13:45:13 -07:00
Eleftheria Stein
84b8a5abd7 Unlock dependencies for next development version 
This reverts commit 064616f1ef077cf23028d64b61b1452be0ec9eb1.
 2020-02-05 15:53:04 +01:00
Josh Cummings
c4ccc96655
Polish Error Messages for OpaqueTokenIntrospectors 2020-02-05 07:16:37 -07:00
Eleftheria Stein
064616f1ef Lock dependencies for 5.3.0.RC1 2020-02-05 10:20:05 +01:00
Josh Cummings
209c81d65d
Add BadOpaqueTokenException 
Updated NimbusOpaqueTokenIntrospector and
NimbusReactiveOpaqueTokenIntrospector to throw.
Updated OpaqueTokenAuthenticationProvider and
OpaqueTokenReactiveAuthenticationManager to catch.

Fixes gh-7902
 2020-02-04 17:33:08 -07:00
Josh Cummings
0c3754c811
Add BadJwtException 
Updated NimbusJwtDecoder and NimbusReactiveJwtDecoder to throw.
Updated JwtAuthenticationProvider and JwtReactiveAuthenticationManager
to catch.

Fixes gh-7885
 2020-02-04 17:33:08 -07:00
Josh Cummings
fbdecdafb8
Add Mapping to Invalid Bearer Token 
Fixes gh-7793
 2020-02-04 17:33:08 -07:00
Joe Grandja
25d029b092 Fix test gh-7873 2020-02-04 12:00:55 -05:00
Joe Grandja
04f3fe8af9 Add Jackson support for oauth2-client session related classes 
Fixes gh-4886
 2020-02-04 09:01:12 -05:00