Historically, Spring Security tests have set the servlet path
to indicate the path of a MockHttpServletRequest. This was needed
for AntPath and MvcRequestMatcher to correctly match the
specified request path.
This can leave MockHttpServletRequest in an inconsistent state
since requestURI is null while servletPath has a value.
For example, PathPatternRequestMatcher does not use the servlet path.
For tests to continue working both before and after the migration
from AntPath/MvcRequestMatcher to PathPatternRequestMatcher, the
mock requests should have a consistent representation of path
in getRequestURI and getServletPath.
This commit updates classes to use TestMockHttpServletRequests,
which ensures that the given path is applied to the servletPath and
requestURI, while also overriding with contextPath, servletPath,
and pathInfo when necessary.
DefaultOAuth2AuthorizationRequestResolver should not depend on
OAuth2AuthorizationRequestRedirectFilter because
OAuth2AuthorizationRequestRedirectFilter already depends on
DefaultOAuth2AuthorizationRequestResolver.
OAuth2AuthorizationRequestRedirectFilter also takes advantage of the
new constructor that defaults the base uri.
Polishes gh-16384
- Simplify withKeyPair methods to match withPublicKey convention
in NimbusJwtDecoder
- Update tests to confirm support of other algorithms
- Update constructor to apply additional JWK properties
to the default header
- Deduce the possibly algorithms for a given key based
on curve and key size
- Remove algorithm method from EC builder since the
algorithm is determined by the Curve of the EC Key
Issue gh-16267
Co-Authored-By: Suraj Bhadrike <surajbh2233@gmail.com>
Add Assert.notNull validation to ensure the authentication token returned by jwtAuthenticationConverter is not null, preventing potential NullPointerException in subsequent operations.
Signed-off-by: chanbinme <gksmfcksqls@gmail.com>
- Moved to BearerTokenAuthenticationFilter constructor to align with
AuthenticationFilter
- Undeprecated BearerTokenResolver to reduce number of migration scenarios
- Updated to 7.0 schema
- Added migration docs
Issue gh-14750
- Aligned JwkSourceJwtDecoderBuilder's relative position with its
corresponding static factory
- Added @since to JwkSourceJwtDecoderBuilder
PR gh-17046
NimbusJwtDecoder and NimbusReactiveJwtDecoder now use
Spring Security's JwtTypeValidator by default instead
of Nimbus's type validator.
Closes gh-17181
This commit corrects the test that checks for both
nbf and exp missing. It also adds one for just exp
and on for just nbf.
Issue gh-17004
Signed-off-by: Ferenc Kemeny <ferenc.kemeny79+oss@gmail.com>
Just used the nimbus JOSE library to do it, because it already has a
compliant implementation.
Closes gh-17080
Signed-off-by: David Kowis <david@kow.is>
Just used the nimbus JOSE library to do it, because it already has a
compliant implementation.
Closes gh-17080
Signed-off-by: David Kowis <david@kow.is>
Simplified the assertion so that it is focused on the core
behavior being verified. This will likely also make the test
more stable when updating Spring Framework versions.
Issue gh-16860
