Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-06-07 20:52:13 +00:00
Code Issues Packages Projects Releases Wiki Activity
18,325 Commits 51 Branches 345 Tags
Commit Graph

173 Commits

Author SHA1 Message Date
Joe Grandja
ba7be9c8b9 Merge branch '6.5.x' 2025-05-09 16:14:34 -04:00
Joe Grandja
e3c39f02bc Add documentation for DPoP support 
Closes gh-17072
 2025-05-09 16:02:14 -04:00
Rob Winch
f13836c9c8
Add X to CommonOAuth2Provider Reference 
Issue gh-16510

Signed-off-by: Rob Winch <362503+rwinch@users.noreply.github.com>
 2025-05-07 11:31:28 -05:00
Josh Cummings
d0a97917ad
Merge branch '6.4.x' 2025-04-29 13:39:00 -06:00
Josh Cummings
d76ccc6856
Merge branch '6.3.x' into 6.4.x 2025-04-29 13:38:41 -06:00
Yanming Zhou
9c76ab69f0 Use proper configuration key 
the getter method is `getOpaquetoken()` not `getOpaqueToken()`

See c6045c3111/spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/oauth2/resource/OAuth2ResourceServerProperties.java (L51)

Signed-off-by: Yanming Zhou <zhouyanming@gmail.com>
 2025-04-29 13:37:51 -06:00
Yanming Zhou
ce5a12b2f7 Revise document to replace outdated NimbusOpaqueTokenIntrospector with SpringOpaqueTokenIntrospector 
Signed-off-by: Yanming Zhou <zhouyanming@gmail.com>
 2025-04-23 14:10:02 -06:00
Steve Riesenberg
15c2b156f1
Update Client Authentication examples 
Closes gh-16925

987d9c9788ba0343f543083c87613fb5
 2025-04-11 15:10:05 -05:00
Hao
6159e089d4 Fix inline code formatting in documentation 
Signed-off-by: Hao <kyrieeeee2@gmail.com>
 2025-03-26 21:51:52 -06:00
Hao
8c7d2e8922 Fix typo in multitenancy documentation 
Signed-off-by: Hao <kyrieeeee2@gmail.com>
 2025-03-26 21:51:52 -06:00
Juha-1
19a5a9c970 Update logout.adoc 
typos

Signed-off-by: Juha-1 <52188855+Juha-1@users.noreply.github.com>
 2025-03-07 13:59:05 -07:00
Josh Cummings
ab43a660b9 Add RFC 9068 Support 
Closes gh-13185
 2025-02-27 12:40:01 -07:00
Steve Riesenberg
54a6a19e05 Polish gh-16214 
This commit applies the following changes:

* Added local Content-Security-Policy with script-src nonce directive
* Removed form-redirect.js and associated changes
* Renamed to FormPostRedirectStrategy
* Removed HtmlUtils usage
* Moved to same package as DefaultRedirectStrategy
 2025-02-03 14:52:30 -06:00
Craig Andrews
58534e7f60 Add FormRedirectStrategy to enable POST OIDC Logout 
FormRedirectStrategy redirects using an autosubmitting HTML form using the POST method versus DefaultRedirectStrategy which redirects using the GET method.

Can be used to implement POST binding for relying party initiated OIDC logout by setting FormRedirectStrategy as the redirection strategy on OidcClientInitiatedLogoutSuccessHandler.

Closes gh-13002

Signed-off-by: Craig Andrews <candrews@integralblue.com>
 2025-02-03 14:52:30 -06:00
Rob Winch
85d7cc1335
Document requireProofKey 
Issue gh-16386
 2025-01-17 17:26:48 -06:00
Josh Cummings
a5af8503df
Update OpaqueTokenIntrospector Documentation 
Issue gh-15988
 2025-01-16 16:46:46 -07:00
Tran Ngoc Nhan
5fdacef398 Remove obsolete typo in OAuth 2.0 Client page 2025-01-07 14:05:45 -06:00
Harpreet Singh Bhullar
f5eccf7cd3
Fix OAuth2 documentation: Corrected OAuth2ClientHttpRequestInterceptor usage 
Closes gh-16165
 2024-11-26 12:18:19 -06:00
Josh Cummings
5c7237be79
Merge branch '6.3.x' 2024-11-18 12:13:20 -07:00
Josh Cummings
1414b88ef3
Merge branch '6.2.x' into 6.3.x 2024-11-18 12:13:05 -07:00
Josh Cummings
ba520db7f7
Merge branch '5.8.x' into 6.2.x 2024-11-18 12:12:46 -07:00
Josh Cummings
85248083c0
Add Dark Mode CSS Style 
Closes gh-14834
 2024-11-18 12:10:48 -07:00
Steve Riesenberg
ea5bc28773
Polish OAuth2 docs 2024-10-28 16:06:50 -05:00
Steve Riesenberg
8982851355
Document RestClient-based implementations 
Closes gh-15938
 2024-10-18 12:24:17 -05:00
Steve Riesenberg
d0fc4fe4dc
Document RestClient integration 
Closes gh-15894
 2024-10-18 12:24:17 -05:00
Steve Riesenberg
9b89fc2f1f
Add example for setting up client credentials 
Closes gh-15304
 2024-10-18 12:24:16 -05:00
Josh Cummings
b49051a1e6
Merge branch '6.2.x' into 6.3.x 2024-09-26 13:08:34 -06:00
Tran Ngoc Nhan
f7b85ed314
Fix Broken Resource Server Doc Links 2024-09-26 13:08:12 -06:00
Tran Ngoc Nhan
4e2cb8bc25 Fix Broken Resource Server Doc Links 2024-09-26 12:07:40 -07:00
Steve Riesenberg
5d8cf6a8bc
Polish gh-13588 2024-09-19 12:08:48 -05:00
Josh Cummings
8bb5875595 Expose OidcBackChannelLogoutHandler 
This component already uses by default a URI that doesn't require
a CSRF token and aalready allows for configuring a cookie name.

So, by making it public and configurable in the DSL, both
of these tickets quite naturally close.

Closes gh-13841
Closes gh-14904
 2024-09-15 21:30:55 -07:00
Josh Cummings
d2e8c19789
Merge branch '6.3.x' 2024-08-26 16:33:04 -06:00
Josh Cummings
279cb89eac
Merge branch '6.2.x' into 6.3.x 2024-08-26 16:32:58 -06:00
Hero Wanders
2ba9b6821a Fix OIDC Logout Code Snippets 2024-08-26 15:32:35 -07:00
Hero Wanders
f372f5cf52 Replace OidcSessionStrategy References with OidcSessionRegistry 2024-08-26 15:32:35 -07:00
Josh Cummings
f0f04e490e
Merge branch '6.3.x' 2024-08-26 16:25:27 -06:00
Josh Cummings
6ea33ceaea
Merge branch '6.2.x' into 6.3.x 2024-08-26 16:25:12 -06:00
Junhyunny
47723f6d39 Fix code format in OIDC Logout docs 2024-08-26 15:14:02 -07:00
Steve Riesenberg
e3c19ba86c Add RestClient interceptor 
Closes gh-13588
 2024-08-16 17:15:18 -05:00
Rob Winch
5bd4db1a13 Use javadoc macro 
Closes gh-15386
 2024-07-09 22:35:01 -05:00
Antoine Rey
f184d13096 Update the OAuth2 jwt and opaque resource server documentation with the Lambda DSL 
The OAuth2ResourceServerConfigurer::opaqueToken() and ::jwt() methods are deprecated since Spring Security 6.1
 2024-07-09 07:25:13 -07:00
Josh Cummings
24e3bb11bc
Merge branch '6.3.x' 2024-06-06 13:46:08 -06:00
Josh Cummings
bce8035bb6
Merge branch '6.2.x' into 6.3.x 
Closes gh-15212
 2024-06-06 13:45:56 -06:00
Josh Cummings
0532659245
Fix Typo in Oidc Logout Docs 
Closes gh-15198
 2024-06-06 13:45:35 -06:00
Caio Henrique
67853d585e docs: add correction to java example in multitenanci.adoc 2024-05-24 16:59:13 -06:00
Marcus Hert Da Coregio
da1869c271 Merge branch '6.2.x' 
Closes gh-15151
 2024-05-23 14:17:20 -03:00
Marcus Hert Da Coregio
58cbc47376 Merge branch '5.8.x' into 6.2.x 
Closes gh-15150
 2024-05-23 14:17:09 -03:00
Caio Henrique
896dd93313 fix: add correction to java example in multitenancy.adoc 
Closes gh-15146
 2024-05-23 14:16:59 -03:00
Marcus Hert Da Coregio
08f11f06ab Revert unnecessary commits from main 
Issue gh-15016
 2024-05-08 13:49:18 -03:00
Steve Riesenberg
2dd908dff8
Document additional client authenticating methods 
Issue gh-11440
Closes gh-14982
 2024-04-29 15:07:46 -05:00