Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-05-31 01:02:14 +00:00
Code Issues Packages Projects Releases Wiki Activity
18,301 Commits 38 Branches 345 Tags
Commit Graph

1376 Commits

Author SHA1 Message Date
Josh Cummings
de07b1108f
Use PathPatternRequestMatcher in Web Components 
This commit changes filters and resolvers that were using AntPathRequestMatcher as their
default to using PathPatternRequestMatcher.

Issue gh-16632
 2025-03-26 13:28:58 -06:00
Josh Cummings
56e757a2a1 Provide Authentication to AuthenticationExceptions 
Issue gh-16444
 2025-03-21 21:54:32 -06:00
Steve Riesenberg
3ebcbd4375
Merge branch '6.4.x' 
Closes gh-16788
Closes gh-16789
Closes gh-16790
Closes gh-16791
Closes gh-16792
 2025-03-20 14:47:07 -05:00
Steve Riesenberg
96cfbd1e6c
Merge branch '6.3.x' into 6.4.x 
Closes gh-16782
Closes gh-16783
Closes gh-16784
Closes gh-16785
Closes gh-16786
 2025-03-20 14:46:18 -05:00
Tran Ngoc Nhan
a53ca7c3d0
Update ServerOAuth2AuthorizedClientExchangeFilterFunction javadoc 
Closes gh-16555

Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
 2025-03-20 14:38:09 -05:00
Josh Cummings
cfe70a5fc7 Restore authorizedClientParametersMapper Assertion 
Issue gh-16726
 2025-03-19 18:13:54 -06:00
Max Batischev
6c24a1e717 Improve JdbcOAuth2AuthorizedClientService saveAuthorizedClient 
Closes gh-16726

Signed-off-by: Max Batischev <mblancer@mail.ru>
 2025-03-19 18:13:54 -06:00
Steve Riesenberg
5bb5d0f6be Polish gh-16589 2025-03-18 18:07:56 -05:00
Hao
fc1469ad5e Ensure ID Token is updated after refresh token 
Signed-off-by: Hao <kyrieeeee2@gmail.com>
 2025-03-18 18:07:56 -05:00
Rob Winch
e6223dede3
Merge branch '6.4.x' 
- adb303e Add testRuntimeOnly junit-platform-launcher

Closes gh-16757
 2025-03-17 14:34:18 -05:00
Rob Winch
05116eabbd
Merge branch '6.3.x' into 6.4.x 
- adb303e Add testRuntimeOnly junit-platform-launcher

Closes gh-16756
 2025-03-17 14:18:49 -05:00
Rob Winch
adb303e152
Add testRuntimeOnly junit-platform-launcher 
Closes gh-16755
 2025-03-17 14:16:44 -05:00
Steve Riesenberg
0938ca01a4
Add support for automatic context-propagation with Micrometer 
Closes gh-16665
 2025-03-13 15:29:08 -05:00
Vedran Pavic
401e237082 Introduce JwtAudienceValidator 
Signed-off-by: Vedran Pavic <vedran@vedranpavic.com>
 2025-02-28 12:38:18 -07:00
Josh Cummings
7df85a2ed9 Polish NimbusJwtDecoder 2025-02-27 12:40:01 -07:00
Josh Cummings
ab43a660b9 Add RFC 9068 Support 
Closes gh-13185
 2025-02-27 12:40:01 -07:00
Josh Cummings
81e2fd2fe8 Add Type Validation 
Closes gh-16672
 2025-02-27 12:40:01 -07:00
Josh Cummings
eb5252c4f0
Merge branch '6.4.x' 2025-02-24 17:03:13 -07:00
Pat McCusker
2bd3cadde8 Use possessive pronoun rather contraction 
Signed-off-by: Pat McCusker <patmccusker14@gmail.com>
 2025-02-24 17:02:45 -07:00
Pat McCusker
bfce6e438d Add fourth oauth grant type to javadoc 
Signed-off-by: Pat McCusker <patmccusker14@gmail.com>
 2025-02-24 17:02:45 -07:00
Josh Cummings
b6c813c5a2 ClientRegistrations supports hostnames with underscores 
Issue gh-15852
 2025-02-20 16:54:24 -07:00
Josh Cummings
3d15be1b06 JwtDecoders Supports Hostnames with Underscores 
In the process of verifying gh-15852, another issue with URI was discovered.
This commit adds tests to the uri-computing methods and changes them to use
UriComponents instead of URI.

Issue gh-15852
 2025-02-20 16:54:24 -07:00
Bodo Graumann
0cd6a19b87 Avoid UriComponentsBuilder.fromUri 
Closes gh-15852
 2025-02-20 16:54:24 -07:00
Steve Riesenberg
7fc5d50adf Polish gh-16551 2025-02-19 13:53:30 -06:00
Max Batischev
00cd95be76 Add setRedirectStrategy to OidcClientInitiatedServerLogoutSuccessHandler 
Closes gh-16556

Signed-off-by: Max Batischev <mblancer@mail.ru>
 2025-02-19 13:53:30 -06:00
Josh Cummings
6793334575 Polish setJwkSelector 
Make so that it runs only when selection is needed.
Require the provided selector be non-null.
Add Tests.

Issue gh-16170
 2025-02-18 09:14:45 -07:00
douxiaofeng99
e22bc11cc9 Support JWK Selection Strategy 
Closes gh-16170

Signed-off-by: douxiaofeng99 <18600127780@163.com>
 2025-02-18 09:14:45 -07:00
Joe Grandja
2480d41981 Add support for OAuth 2.0 Demonstrating Proof of Possession (DPoP) 
Signed-off-by: Joe Grandja <10884212+jgrandja@users.noreply.github.com>
 2025-02-11 14:10:23 -05:00
Josh Cummings
11113adf62 Polish Nimbus JWK Source Implementation 
Issue gh-16251
 2025-02-05 09:28:07 -07:00
Daeho Kwon
7b7abb28bb Remove Deprecated Usages of RemoteJWKSet 
Closes gh-16251

Signed-off-by: Daeho Kwon <trewq231@naver.com>
 2025-02-05 09:28:07 -07:00
Josh Cummings
f9824fd688 Polish Tests 
Issue gh-16251
 2025-02-05 09:28:07 -07:00
Tran Ngoc Nhan
e5ea75f7f4 Implement Serial 
Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
 2025-01-21 18:14:52 -06:00
Rob Winch
004f38639d
Move ClientSettings to ClientRegistration 
Initially it was proposed to put ClientSettings as a top level class, but
to be consistent with ProviderDetails, this commit moves ClientSettings to
be an inner class of ClientRegistration

Issue gh-16382


# Conflicts:
#	oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/registration/ClientSettings.java
 2025-01-17 17:26:48 -06:00
Rob Winch
4c533569bb
Ensure missing ClientRegistration.clientSettings JSON node works 
Issue gh-16382
 2025-01-17 17:26:48 -06:00
Rob Winch
f9498d3885
PKCE cannot be true and AuthorizationGrantType != AUTHORIZATION_CODE 
PKCE is only valid for AuthorizationGrantType.AUTHORIZATION_CODE so the
code should validate this.

Issue gh-16382
 2025-01-17 17:26:47 -06:00
Rob Winch
ab629cc1ca
Add AuthorizationGrantType.toString() 
This adds AuthorizationGrantType.toString() which makes debuging easier.
In particular, it will help when performing unit tests which validate the
AuthorizationGrantType.

Issue gh-16382
 2025-01-17 17:26:47 -06:00
Rob Winch
b0a4dcb89e
ClientSettings equals, hashCode, toString 
Issue gh-16382
 2025-01-17 17:26:47 -06:00
Rob Winch
2665a92107
Ensure that ClientSettings cannot be null 
This ensures that ClientRegistration.Builder.ClientSettings cannot be null.
This has a slight advantage in terms of null safety to making this check
happen in the build method since the Builder does not have a null field
either.

Issue gh-16382
 2025-01-17 17:26:47 -06:00
Rob Winch
0ed7b18f42
DefaultServerOAuth2AuthorizationRequestResolver requireProofKey support 
When requireProofKey=true, DefaultServerOAuth2AuthorizationRequestResolver
enables PKCE support.

Issue gh-16382
 2025-01-17 17:26:46 -06:00
DingHao
8d3e0844c5
Add ClientRegistration.clientSettings.requireProofKey to Enable PKCE 
Closes gh-16382

Signed-off-by: DingHao <dh.hiekn@gmail.com>
 2025-01-17 17:26:46 -06:00
Tran Ngoc Nhan
aced3bcf16 Encode Introspection clientId and clientSecret 
Closes gh-15988

Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
 2025-01-16 16:32:01 -07:00
Max Batischev
ed3f3d17b2 Add support customizing redirect URI 
Closes gh-14778
 2025-01-16 14:14:11 -07:00
Josh Cummings
6019803064
Merge branch '6.4.x' 2025-01-14 18:38:14 -07:00
Josh Cummings
244fd2eb51
Support Serialization in Exceptions 
Issue gh-16276
 2025-01-14 18:37:53 -07:00
Josh Cummings
0af4cdbf5c
Merge branch '6.4.x' 2025-01-14 17:05:21 -07:00
Josh Cummings
8735368d9e
Don't Support Serialization of Jackson Modules 
Issu gh-16276
 2025-01-14 17:04:36 -07:00
Steve Riesenberg
6bc6946ad9
Make TokenType constructor public 
Closes gh-16086
 2024-12-18 16:51:47 -06:00
Steve Riesenberg
a7b6c63442
Polish gh-16087 2024-12-18 16:48:25 -06:00
ThomasKasene
9404aaf010
Added a constant for DPOP in OAuth2AccessToken.TokenType 
Issue gh-14915
 2024-12-18 16:44:38 -06:00
Josh Cummings
018e1ae1a4
Added Serialization Values 
Issue gh-16276
 2024-12-13 16:41:32 -07:00