Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-06-07 12:42:13 +00:00
Code Issues Packages Projects Releases Wiki Activity
18,325 Commits 51 Branches 345 Tags
Commit Graph

205 Commits

Author SHA1 Message Date
Josh Cummings
d52e0b6a05
Polish NimbusJwtDecoder 
- Aligned JwkSourceJwtDecoderBuilder's relative position with its
corresponding static factory
- Added @since to JwkSourceJwtDecoderBuilder

PR gh-17046
 2025-06-02 15:53:59 -06:00
Mark Bonnekessel
ada75e76a6 Add builder to create NimbusJwtDecoder with JwkSource 
Signed-off-by: Mark Bonnekessel <2949525+marbon87@users.noreply.github.com>
 2025-06-02 13:33:39 -06:00
Pat McCusker
5517d8fe3a Deprecate the X5T JOSE Header name 
Closes gh-16979

Signed-off-by: Pat McCusker <patmccusker14@gmail.com>
 2025-05-30 06:45:02 -06:00
Josh Cummings
6d3b54df21
Change Type Validation Default 
NimbusJwtDecoder and NimbusReactiveJwtDecoder now use
Spring Security's JwtTypeValidator by default instead
of Nimbus's type validator.

Closes gh-17181
 2025-05-28 16:11:13 -06:00
Ferenc Kemeny
bf05b8b430 Support Requiring exp and nbf in JwtTimestampsValidator 
Closes gh-17004

Signed-off-by: Ferenc Kemeny <ferenc.kemeny79+oss@gmail.com>
 2025-05-27 12:22:25 -06:00
Ferenc Kemeny
91b21663db Polish JwtTimestampValidatorTests 
This commit corrects the test that checks for both
nbf and exp missing. It also adds one for just exp
and on for just nbf.

Issue gh-17004

Signed-off-by: Ferenc Kemeny <ferenc.kemeny79+oss@gmail.com>
 2025-05-27 12:22:25 -06:00
Joe Grandja
5f7155bfc7 Implement internal cache in JtiClaimValidator 
Closes gh-17107
 2025-05-14 05:21:00 -04:00
Joe Grandja
e3c39f02bc Add documentation for DPoP support 
Closes gh-17072
 2025-05-09 16:02:14 -04:00
Joe Grandja
1ca33cae70 Make DPoP IatClaimValidator public to allow configuring clock and clockSkew 
Issue gh-16574

Closes gh-16921
 2025-04-10 16:04:37 -04:00
Vedran Pavic
401e237082 Introduce JwtAudienceValidator 
Signed-off-by: Vedran Pavic <vedran@vedranpavic.com>
 2025-02-28 12:38:18 -07:00
Josh Cummings
7df85a2ed9 Polish NimbusJwtDecoder 2025-02-27 12:40:01 -07:00
Josh Cummings
ab43a660b9 Add RFC 9068 Support 
Closes gh-13185
 2025-02-27 12:40:01 -07:00
Josh Cummings
81e2fd2fe8 Add Type Validation 
Closes gh-16672
 2025-02-27 12:40:01 -07:00
Josh Cummings
eb5252c4f0
Merge branch '6.4.x' 2025-02-24 17:03:13 -07:00
Pat McCusker
2bd3cadde8 Use possessive pronoun rather contraction 
Signed-off-by: Pat McCusker <patmccusker14@gmail.com>
 2025-02-24 17:02:45 -07:00
Josh Cummings
3d15be1b06 JwtDecoders Supports Hostnames with Underscores 
In the process of verifying gh-15852, another issue with URI was discovered.
This commit adds tests to the uri-computing methods and changes them to use
UriComponents instead of URI.

Issue gh-15852
 2025-02-20 16:54:24 -07:00
Bodo Graumann
0cd6a19b87 Avoid UriComponentsBuilder.fromUri 
Closes gh-15852
 2025-02-20 16:54:24 -07:00
Josh Cummings
6793334575 Polish setJwkSelector 
Make so that it runs only when selection is needed.
Require the provided selector be non-null.
Add Tests.

Issue gh-16170
 2025-02-18 09:14:45 -07:00
douxiaofeng99
e22bc11cc9 Support JWK Selection Strategy 
Closes gh-16170

Signed-off-by: douxiaofeng99 <18600127780@163.com>
 2025-02-18 09:14:45 -07:00
Joe Grandja
2480d41981 Add support for OAuth 2.0 Demonstrating Proof of Possession (DPoP) 
Signed-off-by: Joe Grandja <10884212+jgrandja@users.noreply.github.com>
 2025-02-11 14:10:23 -05:00
Josh Cummings
11113adf62 Polish Nimbus JWK Source Implementation 
Issue gh-16251
 2025-02-05 09:28:07 -07:00
Daeho Kwon
7b7abb28bb Remove Deprecated Usages of RemoteJWKSet 
Closes gh-16251

Signed-off-by: Daeho Kwon <trewq231@naver.com>
 2025-02-05 09:28:07 -07:00
Josh Cummings
f9824fd688 Polish Tests 
Issue gh-16251
 2025-02-05 09:28:07 -07:00
Josh Cummings
244fd2eb51
Support Serialization in Exceptions 
Issue gh-16276
 2025-01-14 18:37:53 -07:00
Josh Cummings
b9911fd522
Add serialVersionUID to Authentication classes 
Issue gh-16276
 2024-12-13 16:41:32 -07:00
Tran Ngoc Nhan
39cd8d9faf Update copyright headers 2024-12-05 14:52:59 -07:00
Steve Riesenberg
ca1f891f25 Polish gh-15937 2024-11-13 15:53:59 -06:00
Davide Colazingari
aec5afb6eb Fix assertions in NimbusReactiveJwtDecoderTests 2024-11-13 15:53:59 -06:00
Tran Ngoc Nhan
31f8caec5f Polish diamond operator usage 2024-10-14 11:51:35 -07:00
Tran Ngoc Nhan
2c9c309d7f Provide Casting for ReactiveJwtDecoder 
Closes gh-15773
 2024-09-17 13:54:35 -07:00
MateuszLenczewski
077439c73e Fix typo in JwtDecoder 2024-06-05 17:38:12 -06:00
MrJovanovic13
24fd19b107 Add Default Timeout to JwtDecoders RestTemplate 
Closes gh-14269
 2024-04-18 14:40:18 -06:00
Joe Grandja
644cfa9f87 Add Jwt validator for the X509Certificate thumbprint claim 
Closes gh-10538
 2024-04-11 12:35:52 -04:00
Josh Cummings
ee42ad2c8c
Polish JwtValidators 
Closes gh-14831
 2024-04-02 16:04:43 -06:00
Max Batischev
ff19f04fca Add JwtValidators append to default 
Implemented simplified creation of default OAuth2TokenValidator with additional validators.

Closes gh-14831
 2024-04-02 14:41:35 -07:00
Josh Cummings
84c45adc70
Merge branch '6.1.x' into 6.2.x 
Closes gh-14496
 2024-01-25 17:33:15 -07:00
Josh Cummings
44f22ee5cf
Merge branch '5.8.x' into 6.1.x 
Closes gh-14495
 2024-01-25 17:32:57 -07:00
Hans Lindner
ca10187fd1 Enhance JWT decoding error handling 
Previously, the `decode` method threw a `JwtException` directly when encountering an unsupported algorithm or any exception during parsing. This commit introduces a more robust error handling mechanism. Now, instead of throwing exceptions directly, it returns a `Mono.error()` with a `BadJwtException` containing detailed error information. This approach provides more flexibility and allows the caller to handle errors in a more granular way, by being able to use project reactors onError functionality.

Closes gh-14467
 2024-01-25 17:32:10 -07:00
Josh Cummings
966c01fa90
Merge branch '6.1.x' into 6.2.x 
Closes gh-14278
 2023-12-11 10:21:00 -07:00
Josh Cummings
c4a99fc942
Merge branch '5.8.x' into 6.1.x 
Closes gh-14277
 2023-12-11 10:20:38 -07:00
Candelario
e896b14046 Dropped Nimbus Error Message 
Closes gh-13730
 2023-12-11 10:19:02 -07:00
Steve Riesenberg
447f40949c
Revert unnecessary merges on 6.1.x 
This commit removes unnecessary main-branch merges starting from
9f8db22b774fe78fef3598c07e184c371892c1c7 and adds the following
needed commit(s) that were made afterward:

- 4d6ff49b9d663d0f25454f3704a45c83b35da689
- ed6ff670d102736eea0ac360921c9015151ac630
- c823b007942a04a27d02c0a28bc2ad85e8790084
- 44fad21363bef1b06422be28c9bbfadde5e44804
 2023-10-31 15:22:15 -05:00
Steve Riesenberg
9db33f33c7
Revert unnecessary merges on 6.0.x 
This commit removes unnecessary main-branch merges starting from
8750608b5bca45525c99d0a41a20ed02de93d8c7 and adds the following
needed commit(s) that were made afterward:

- 5dce82c48bc0b174838501c5a111b2de70822914
 2023-10-31 15:11:45 -05:00
Steve Riesenberg
975ac10f19
Merge branch '6.1.x' 
Closes gh-14042
 2023-10-19 16:44:03 -05:00
Steve Riesenberg
b4e0873b1e
Merge branch '6.0.x' into 6.1.x 
Closes gh-14041
 2023-10-19 16:43:21 -05:00
Steve Riesenberg
bb732e9d35
Merge branch '5.8.x' into 6.0.x 
Closes gh-14040
 2023-10-19 16:40:34 -05:00
Steve Riesenberg
5161712c35
Polish gh-13976 
Closes gh-13757
 2023-10-19 16:40:23 -05:00
Veli Döngelci
a6b872dcf3
Fix caching error state in ReactiveRemoteJWKSource 2023-10-19 16:40:13 -05:00
Valeriy Vyrva
0e30b923f8 Check for null value with the appropriate assertion method 2023-10-03 08:16:21 -06:00
Marcus Da Coregio
07b6c451fd Merge branch '6.1.x' 
Closes gh-13884
 2023-09-29 11:47:38 -03:00