spring-security

mirror of https://github.com/spring-projects/spring-security.git synced 2025-06-30 07:42:52 +00:00

Author	SHA1	Message	Date
Josh Cummings	676b44ebb0	Polish NimbusJwtEncoder Builders - Simplify withKeyPair methods to match withPublicKey convention in NimbusJwtDecoder - Update tests to confirm support of other algorithms - Update constructor to apply additional JWK properties to the default header - Deduce the possibly algorithms for a given key based on curve and key size - Remove algorithm method from EC builder since the algorithm is determined by the Curve of the EC Key Issue gh-16267 Co-Authored-By: Suraj Bhadrike <surajbh2233@gmail.com>	2025-06-17 16:47:39 -06:00
Suraj Bhadrike	ee09215f89	Add NimbusJwtEncoder Builders Closes gh-16267 Signed-off-by: Suraj Bhadrike <surajbh2233@gmail.com>	2025-06-17 16:47:39 -06:00
Josh Cummings	d52e0b6a05	Polish NimbusJwtDecoder - Aligned JwkSourceJwtDecoderBuilder's relative position with its corresponding static factory - Added @since to JwkSourceJwtDecoderBuilder PR gh-17046	2025-06-02 15:53:59 -06:00
Mark Bonnekessel	ada75e76a6	Add builder to create NimbusJwtDecoder with JwkSource Signed-off-by: Mark Bonnekessel <2949525+marbon87@users.noreply.github.com>	2025-06-02 13:33:39 -06:00
Pat McCusker	5517d8fe3a	Deprecate the X5T JOSE Header name Closes gh-16979 Signed-off-by: Pat McCusker <patmccusker14@gmail.com>	2025-05-30 06:45:02 -06:00
Josh Cummings	6d3b54df21	Change Type Validation Default NimbusJwtDecoder and NimbusReactiveJwtDecoder now use Spring Security's JwtTypeValidator by default instead of Nimbus's type validator. Closes gh-17181	2025-05-28 16:11:13 -06:00
Ferenc Kemeny	bf05b8b430	Support Requiring exp and nbf in JwtTimestampsValidator Closes gh-17004 Signed-off-by: Ferenc Kemeny <ferenc.kemeny79+oss@gmail.com>	2025-05-27 12:22:25 -06:00
Ferenc Kemeny	91b21663db	Polish JwtTimestampValidatorTests This commit corrects the test that checks for both nbf and exp missing. It also adds one for just exp and on for just nbf. Issue gh-17004 Signed-off-by: Ferenc Kemeny <ferenc.kemeny79+oss@gmail.com>	2025-05-27 12:22:25 -06:00
Joe Grandja	5f7155bfc7	Implement internal cache in JtiClaimValidator Closes gh-17107	2025-05-14 05:21:00 -04:00
Joe Grandja	e3c39f02bc	Add documentation for DPoP support Closes gh-17072	2025-05-09 16:02:14 -04:00
Joe Grandja	1ca33cae70	Make DPoP IatClaimValidator public to allow configuring clock and clockSkew Issue gh-16574 Closes gh-16921	2025-04-10 16:04:37 -04:00
Rob Winch	e6223dede3	Merge branch '6.4.x' - adb303e Add testRuntimeOnly junit-platform-launcher Closes gh-16757	2025-03-17 14:34:18 -05:00
Rob Winch	05116eabbd	Merge branch '6.3.x' into 6.4.x - adb303e Add testRuntimeOnly junit-platform-launcher Closes gh-16756	2025-03-17 14:18:49 -05:00
Rob Winch	adb303e152	Add testRuntimeOnly junit-platform-launcher Closes gh-16755	2025-03-17 14:16:44 -05:00
Vedran Pavic	401e237082	Introduce JwtAudienceValidator Signed-off-by: Vedran Pavic <vedran@vedranpavic.com>	2025-02-28 12:38:18 -07:00
Josh Cummings	7df85a2ed9	Polish NimbusJwtDecoder	2025-02-27 12:40:01 -07:00
Josh Cummings	ab43a660b9	Add RFC 9068 Support Closes gh-13185	2025-02-27 12:40:01 -07:00
Josh Cummings	81e2fd2fe8	Add Type Validation Closes gh-16672	2025-02-27 12:40:01 -07:00
Josh Cummings	eb5252c4f0	Merge branch '6.4.x'	2025-02-24 17:03:13 -07:00
Pat McCusker	2bd3cadde8	Use possessive pronoun rather contraction Signed-off-by: Pat McCusker <patmccusker14@gmail.com>	2025-02-24 17:02:45 -07:00
Josh Cummings	3d15be1b06	JwtDecoders Supports Hostnames with Underscores In the process of verifying gh-15852, another issue with URI was discovered. This commit adds tests to the uri-computing methods and changes them to use UriComponents instead of URI. Issue gh-15852	2025-02-20 16:54:24 -07:00
Bodo Graumann	0cd6a19b87	Avoid UriComponentsBuilder.fromUri Closes gh-15852	2025-02-20 16:54:24 -07:00
Josh Cummings	6793334575	Polish setJwkSelector Make so that it runs only when selection is needed. Require the provided selector be non-null. Add Tests. Issue gh-16170	2025-02-18 09:14:45 -07:00
douxiaofeng99	e22bc11cc9	Support JWK Selection Strategy Closes gh-16170 Signed-off-by: douxiaofeng99 <18600127780@163.com>	2025-02-18 09:14:45 -07:00
Joe Grandja	2480d41981	Add support for OAuth 2.0 Demonstrating Proof of Possession (DPoP) Signed-off-by: Joe Grandja <10884212+jgrandja@users.noreply.github.com>	2025-02-11 14:10:23 -05:00
Josh Cummings	11113adf62	Polish Nimbus JWK Source Implementation Issue gh-16251	2025-02-05 09:28:07 -07:00
Daeho Kwon	7b7abb28bb	Remove Deprecated Usages of RemoteJWKSet Closes gh-16251 Signed-off-by: Daeho Kwon <trewq231@naver.com>	2025-02-05 09:28:07 -07:00
Josh Cummings	f9824fd688	Polish Tests Issue gh-16251	2025-02-05 09:28:07 -07:00
Josh Cummings	244fd2eb51	Support Serialization in Exceptions Issue gh-16276	2025-01-14 18:37:53 -07:00
Josh Cummings	b9911fd522	Add serialVersionUID to Authentication classes Issue gh-16276	2024-12-13 16:41:32 -07:00
Tran Ngoc Nhan	39cd8d9faf	Update copyright headers	2024-12-05 14:52:59 -07:00
Steve Riesenberg	ca1f891f25	Polish gh-15937	2024-11-13 15:53:59 -06:00
Davide Colazingari	aec5afb6eb	Fix assertions in NimbusReactiveJwtDecoderTests	2024-11-13 15:53:59 -06:00
Tran Ngoc Nhan	31f8caec5f	Polish diamond operator usage	2024-10-14 11:51:35 -07:00
Tran Ngoc Nhan	2c9c309d7f	Provide Casting for ReactiveJwtDecoder Closes gh-15773	2024-09-17 13:54:35 -07:00
MateuszLenczewski	077439c73e	Fix typo in JwtDecoder	2024-06-05 17:38:12 -06:00
MrJovanovic13	24fd19b107	Add Default Timeout to JwtDecoders RestTemplate Closes gh-14269	2024-04-18 14:40:18 -06:00
Josh Cummings	8dd28b797a	Update to BouncyCastle 1.78 Closes gh-14910	2024-04-15 15:32:08 -06:00
Joe Grandja	644cfa9f87	Add Jwt validator for the X509Certificate thumbprint claim Closes gh-10538	2024-04-11 12:35:52 -04:00
Josh Cummings	ee42ad2c8c	Polish JwtValidators Closes gh-14831	2024-04-02 16:04:43 -06:00
Max Batischev	ff19f04fca	Add JwtValidators append to default Implemented simplified creation of default OAuth2TokenValidator with additional validators. Closes gh-14831	2024-04-02 14:41:35 -07:00
Josh Cummings	84c45adc70	Merge branch '6.1.x' into 6.2.x Closes gh-14496	2024-01-25 17:33:15 -07:00
Josh Cummings	44f22ee5cf	Merge branch '5.8.x' into 6.1.x Closes gh-14495	2024-01-25 17:32:57 -07:00
Hans Lindner	ca10187fd1	Enhance JWT decoding error handling Previously, the `decode` method threw a `JwtException` directly when encountering an unsupported algorithm or any exception during parsing. This commit introduces a more robust error handling mechanism. Now, instead of throwing exceptions directly, it returns a `Mono.error()` with a `BadJwtException` containing detailed error information. This approach provides more flexibility and allows the caller to handle errors in a more granular way, by being able to use project reactors onError functionality. Closes gh-14467	2024-01-25 17:32:10 -07:00
Josh Cummings	966c01fa90	Merge branch '6.1.x' into 6.2.x Closes gh-14278	2023-12-11 10:21:00 -07:00
Josh Cummings	c4a99fc942	Merge branch '5.8.x' into 6.1.x Closes gh-14277	2023-12-11 10:20:38 -07:00
Candelario	e896b14046	Dropped Nimbus Error Message Closes gh-13730	2023-12-11 10:19:02 -07:00
Steve Riesenberg	447f40949c	Revert unnecessary merges on 6.1.x This commit removes unnecessary main-branch merges starting from 9f8db22b774fe78fef3598c07e184c371892c1c7 and adds the following needed commit(s) that were made afterward: - 4d6ff49b9d663d0f25454f3704a45c83b35da689 - ed6ff670d102736eea0ac360921c9015151ac630 - c823b007942a04a27d02c0a28bc2ad85e8790084 - 44fad21363bef1b06422be28c9bbfadde5e44804	2023-10-31 15:22:15 -05:00
Steve Riesenberg	9db33f33c7	Revert unnecessary merges on 6.0.x This commit removes unnecessary main-branch merges starting from 8750608b5bca45525c99d0a41a20ed02de93d8c7 and adds the following needed commit(s) that were made afterward: - 5dce82c48bc0b174838501c5a111b2de70822914	2023-10-31 15:11:45 -05:00
Steve Riesenberg	975ac10f19	Merge branch '6.1.x' Closes gh-14042	2023-10-19 16:44:03 -05:00

1 2 3 4 5

239 Commits