Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-07-01 00:02:13 +00:00
Code Issues Packages Projects Releases Wiki Activity
18,597 Commits 37 Branches 348 Tags
Commit Graph

1387 Commits

Author SHA1 Message Date
Steve Riesenberg
1fb3fc80f9
Polish gh-15819 
Closes gh-15818
 2025-04-07 10:57:49 -05:00
Jonah Klöckner
9674532f4d
Add support for access token in body parameter as per rfc 6750 Sec. 2.2 
Issue gh-15818
 2025-04-07 10:57:49 -05:00
Steve Riesenberg
03e090c2d7
Merge branch '6.4.x' 
Closes gh-16902
 2025-04-07 10:57:12 -05:00
Steve Riesenberg
db34de59bc
Merge branch '6.3.x' into 6.4.x 
Closes gh-16901
 2025-04-07 10:55:51 -05:00
Steve Riesenberg
3c0fef59b5
Polish gh-16039 
Closes gh-16038
 2025-04-07 10:54:09 -05:00
Jonah Klöckner
da94fbe431
Evaluate URI query parameter only if enabled 
Issue gh-16038
 2025-04-07 10:54:07 -05:00
Josh Cummings
2885b0f75f Add valueOf 
This commit adds a static factory for returning a constant
ClientAuthenticationMethod or creating a new one when there
is no match.

Issue gh-16825
 2025-04-02 11:16:30 -06:00
Tran Ngoc Nhan
7bca17cb5a Polish 
Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
 2025-03-26 17:02:06 -06:00
Josh Cummings
99345537d6
Add RequestMatcher Migration Path for AbstractAuthenticationProcessingFilter 
Issue gh-16417
 2025-03-26 16:38:39 -06:00
Steve Riesenberg
860f130bc4
Add additional validation when refreshing ID tokens 
Issue gh-16589
 2025-03-26 15:34:17 -05:00
Steve Riesenberg
5f98ce5ecc
Polish gh-16589 2025-03-26 15:34:17 -05:00
Josh Cummings
de07b1108f
Use PathPatternRequestMatcher in Web Components 
This commit changes filters and resolvers that were using AntPathRequestMatcher as their
default to using PathPatternRequestMatcher.

Issue gh-16632
 2025-03-26 13:28:58 -06:00
Josh Cummings
56e757a2a1 Provide Authentication to AuthenticationExceptions 
Issue gh-16444
 2025-03-21 21:54:32 -06:00
Steve Riesenberg
3ebcbd4375
Merge branch '6.4.x' 
Closes gh-16788
Closes gh-16789
Closes gh-16790
Closes gh-16791
Closes gh-16792
 2025-03-20 14:47:07 -05:00
Steve Riesenberg
96cfbd1e6c
Merge branch '6.3.x' into 6.4.x 
Closes gh-16782
Closes gh-16783
Closes gh-16784
Closes gh-16785
Closes gh-16786
 2025-03-20 14:46:18 -05:00
Tran Ngoc Nhan
a53ca7c3d0
Update ServerOAuth2AuthorizedClientExchangeFilterFunction javadoc 
Closes gh-16555

Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
 2025-03-20 14:38:09 -05:00
Josh Cummings
cfe70a5fc7 Restore authorizedClientParametersMapper Assertion 
Issue gh-16726
 2025-03-19 18:13:54 -06:00
Max Batischev
6c24a1e717 Improve JdbcOAuth2AuthorizedClientService saveAuthorizedClient 
Closes gh-16726

Signed-off-by: Max Batischev <mblancer@mail.ru>
 2025-03-19 18:13:54 -06:00
Steve Riesenberg
5bb5d0f6be Polish gh-16589 2025-03-18 18:07:56 -05:00
Hao
fc1469ad5e Ensure ID Token is updated after refresh token 
Signed-off-by: Hao <kyrieeeee2@gmail.com>
 2025-03-18 18:07:56 -05:00
Rob Winch
e6223dede3
Merge branch '6.4.x' 
- adb303e Add testRuntimeOnly junit-platform-launcher

Closes gh-16757
 2025-03-17 14:34:18 -05:00
Rob Winch
05116eabbd
Merge branch '6.3.x' into 6.4.x 
- adb303e Add testRuntimeOnly junit-platform-launcher

Closes gh-16756
 2025-03-17 14:18:49 -05:00
Rob Winch
adb303e152
Add testRuntimeOnly junit-platform-launcher 
Closes gh-16755
 2025-03-17 14:16:44 -05:00
Steve Riesenberg
0938ca01a4
Add support for automatic context-propagation with Micrometer 
Closes gh-16665
 2025-03-13 15:29:08 -05:00
Vedran Pavic
401e237082 Introduce JwtAudienceValidator 
Signed-off-by: Vedran Pavic <vedran@vedranpavic.com>
 2025-02-28 12:38:18 -07:00
Josh Cummings
7df85a2ed9 Polish NimbusJwtDecoder 2025-02-27 12:40:01 -07:00
Josh Cummings
ab43a660b9 Add RFC 9068 Support 
Closes gh-13185
 2025-02-27 12:40:01 -07:00
Josh Cummings
81e2fd2fe8 Add Type Validation 
Closes gh-16672
 2025-02-27 12:40:01 -07:00
Josh Cummings
eb5252c4f0
Merge branch '6.4.x' 2025-02-24 17:03:13 -07:00
Pat McCusker
2bd3cadde8 Use possessive pronoun rather contraction 
Signed-off-by: Pat McCusker <patmccusker14@gmail.com>
 2025-02-24 17:02:45 -07:00
Pat McCusker
bfce6e438d Add fourth oauth grant type to javadoc 
Signed-off-by: Pat McCusker <patmccusker14@gmail.com>
 2025-02-24 17:02:45 -07:00
Josh Cummings
b6c813c5a2 ClientRegistrations supports hostnames with underscores 
Issue gh-15852
 2025-02-20 16:54:24 -07:00
Josh Cummings
3d15be1b06 JwtDecoders Supports Hostnames with Underscores 
In the process of verifying gh-15852, another issue with URI was discovered.
This commit adds tests to the uri-computing methods and changes them to use
UriComponents instead of URI.

Issue gh-15852
 2025-02-20 16:54:24 -07:00
Bodo Graumann
0cd6a19b87 Avoid UriComponentsBuilder.fromUri 
Closes gh-15852
 2025-02-20 16:54:24 -07:00
Steve Riesenberg
7fc5d50adf Polish gh-16551 2025-02-19 13:53:30 -06:00
Max Batischev
00cd95be76 Add setRedirectStrategy to OidcClientInitiatedServerLogoutSuccessHandler 
Closes gh-16556

Signed-off-by: Max Batischev <mblancer@mail.ru>
 2025-02-19 13:53:30 -06:00
Josh Cummings
6793334575 Polish setJwkSelector 
Make so that it runs only when selection is needed.
Require the provided selector be non-null.
Add Tests.

Issue gh-16170
 2025-02-18 09:14:45 -07:00
douxiaofeng99
e22bc11cc9 Support JWK Selection Strategy 
Closes gh-16170

Signed-off-by: douxiaofeng99 <18600127780@163.com>
 2025-02-18 09:14:45 -07:00
Joe Grandja
2480d41981 Add support for OAuth 2.0 Demonstrating Proof of Possession (DPoP) 
Signed-off-by: Joe Grandja <10884212+jgrandja@users.noreply.github.com>
 2025-02-11 14:10:23 -05:00
Josh Cummings
11113adf62 Polish Nimbus JWK Source Implementation 
Issue gh-16251
 2025-02-05 09:28:07 -07:00
Daeho Kwon
7b7abb28bb Remove Deprecated Usages of RemoteJWKSet 
Closes gh-16251

Signed-off-by: Daeho Kwon <trewq231@naver.com>
 2025-02-05 09:28:07 -07:00
Josh Cummings
f9824fd688 Polish Tests 
Issue gh-16251
 2025-02-05 09:28:07 -07:00
Tran Ngoc Nhan
e5ea75f7f4 Implement Serial 
Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
 2025-01-21 18:14:52 -06:00
Rob Winch
004f38639d
Move ClientSettings to ClientRegistration 
Initially it was proposed to put ClientSettings as a top level class, but
to be consistent with ProviderDetails, this commit moves ClientSettings to
be an inner class of ClientRegistration

Issue gh-16382


# Conflicts:
#	oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/registration/ClientSettings.java
 2025-01-17 17:26:48 -06:00
Rob Winch
4c533569bb
Ensure missing ClientRegistration.clientSettings JSON node works 
Issue gh-16382
 2025-01-17 17:26:48 -06:00
Rob Winch
f9498d3885
PKCE cannot be true and AuthorizationGrantType != AUTHORIZATION_CODE 
PKCE is only valid for AuthorizationGrantType.AUTHORIZATION_CODE so the
code should validate this.

Issue gh-16382
 2025-01-17 17:26:47 -06:00
Rob Winch
ab629cc1ca
Add AuthorizationGrantType.toString() 
This adds AuthorizationGrantType.toString() which makes debuging easier.
In particular, it will help when performing unit tests which validate the
AuthorizationGrantType.

Issue gh-16382
 2025-01-17 17:26:47 -06:00
Rob Winch
b0a4dcb89e
ClientSettings equals, hashCode, toString 
Issue gh-16382
 2025-01-17 17:26:47 -06:00
Rob Winch
2665a92107
Ensure that ClientSettings cannot be null 
This ensures that ClientRegistration.Builder.ClientSettings cannot be null.
This has a slight advantage in terms of null safety to making this check
happen in the build method since the Builder does not have a null field
either.

Issue gh-16382
 2025-01-17 17:26:47 -06:00
Rob Winch
0ed7b18f42
DefaultServerOAuth2AuthorizationRequestResolver requireProofKey support 
When requireProofKey=true, DefaultServerOAuth2AuthorizationRequestResolver
enables PKCE support.

Issue gh-16382
 2025-01-17 17:26:46 -06:00