1605 Commits

Author SHA1 Message Date
Martin Vietz
0486d5add9 scopes_supported metadata not used as default in ClientRegistrations
Closes gh-8514
2020-08-20 08:09:54 -04:00
Josh Cummings
af5c55c380
Polish AuthnRequest Customization Support
Having the application generate the AuthnRequest fresh allows Spring
Security to back away more gracefully. Using a Consumer implies that
the application will need to undo any values that Spring Security set
that the application doesn't want.

Also, if this does become a configuration burden, it can be simplified
in a separate ticket by exposing the default Converter.

Issue gh-8776
2020-08-19 14:27:31 -06:00
Josh Cummings
1069e91645
RSocket Deprecations
Stop using deprecated RSocket APIs in integration tests

Issue gh-8948
2020-08-13 17:51:59 -06:00
koishikawa11
be6d2f117e
Add hasAnyRole and hasAnyAuthority to authorizeRequests in Kotlin DSL
Closes gh-8892
2020-08-11 07:59:22 -04:00
Joe Grandja
1d74d556c2 Revert "Lock Dependency Versions for 5.4.0-RC1"
This reverts commit f3a1e5d40c11169d4ec6c50eba30cf4ed3ba2851.
2020-08-05 14:59:11 -04:00
Rob Winch
74b42ba956 Move RSocket integration tests to integration tests
Closes gh-8944
2020-08-05 13:23:20 -05:00
Joe Grandja
f3a1e5d40c Lock Dependency Versions for 5.4.0-RC1 2020-08-05 13:46:11 -04:00
Josh Cummings
b999faa5a0
Complete SAML 2.0 SP Metadata Endpoint
Closes gh-8693
2020-08-05 10:08:47 -06:00
Jakub Kubrynski
8a355240bc
SAML 2.0 SP Metadata Endpoint Support
Issue gh-8693
2020-08-05 10:08:47 -06:00
Eleftheria Stein
aeafe04260 Remove need for WebSecurityConfigurerAdapter
Closes gh-8804
2020-08-05 10:10:12 -04:00
Josh Cummings
5061ae9e79
Add Saml2AuthenticationTokenConverter
Closes gh-8768
2020-08-04 18:41:43 -06:00
Josh Cummings
a10c2c6cf8
Polish DefaultSaml2AuthenticationRequestContextResolver
Issue gh-8360
Issue gh-8887
2020-08-04 17:29:13 -06:00
Joe Grandja
3bc0b8c144 Revert "Fix snapshot build failure related to reactor-netty"
This reverts commit f37714a26fb2cc8a93cb1d5259a00c4c0934dd59.
2020-08-04 14:24:32 -04:00
Joe Grandja
f37714a26f Fix snapshot build failure related to reactor-netty
Closes gh-8909
2020-08-04 14:17:03 -04:00
Joe Grandja
8146b1fdda Deprecate CustomUserTypesOAuth2UserService
Closes gh-8908
2020-08-04 13:23:44 -04:00
Joe Grandja
0ed919f072 Deprecate ClientRegistration.redirectUriTemplate
Closes gh-8906
2020-08-04 11:03:29 -04:00
Joe Grandja
11cc94afd8 Deprecate ImplicitGrantConfigurer
Closes gh-8902
2020-08-04 07:26:58 -04:00
Evgeniy Cheban
0a2006ebec Support custom filter in Server Kotlin DSL
Closes gh-8783
2020-07-22 05:32:16 -04:00
Dávid Kováč
37aa5f9b7c Introduce AuthenticationConverterServerWebExchangeMatcher
AuthenticationConverterServerWebExchangeMatcher is ServerWebExchangeMatcher implementation based on AuthenticationConverter which matches if ServerWebExchange can be converted to Authentication.
It can be used as a matcher where SecurityFilterChain should be matched based on used authentication method.
BearerTokenServerWebExchangeMatcher was replaced by this matcher.

Closes gh-8824
2020-07-21 10:11:57 -06:00
Josh Cummings
cc44a93333
Polish WebSecurityConfigurerAdapter JavaDoc
Issue gh-8784
2020-07-20 15:21:18 -06:00
Romil Patel
956a6ee00c
WebSecurityConfigurerAdapter JavaDoc
Closes gh-8784
2020-07-20 15:21:18 -06:00
Josh Cummings
2c960d2ad1
Add AuthnRequestConsumerResolver
Closes gh-8141
2020-07-16 14:53:22 -06:00
Joe Grandja
7cc6509200 Polish gh-8669 2020-07-15 11:52:42 -04:00
Eleftheria Stein
78ed6c4de6 Add custom HeaderWriter in Kotlin DSL
Closes gh-8823
2020-07-10 14:18:48 +02:00
Eleftheria Stein
815ceae45c Allow disabling headers in Kotlin DSL
Closes gh-8816
2020-07-08 10:55:01 +02:00
Josh Cummings
146d0b6358
Revert "Lock Dependency Versions for 5.4.0-M2"
This reverts commit 68538897c83a7ce8db0ec7275dbd10b1a548498f.
2020-07-01 13:11:50 -06:00
Josh Cummings
68538897c8
Lock Dependency Versions for 5.4.0-M2 2020-07-01 12:40:29 -06:00
Joe Grandja
0b5a14a900 Register OAuth2AuthorizedClientArgumentResolver as custom resolver for XML config
Issue gh-8669
2020-07-01 11:07:33 -04:00
Peer Schönhusen
3e25714dc6 Add reified function variants to security DSL
Closes gh-8697
2020-07-01 07:22:16 -04:00
Joe Grandja
edf06a3461 OAuth2AuthorizedClientArgumentResolver uses OAuth2AuthorizedClientManager @Bean
Closes gh-8700
2020-06-30 11:25:39 -04:00
Joe Grandja
951e64185b Register OAuth2AuthorizedClientArgumentResolver for XML Config
Closes gh-8669
2020-06-25 16:10:29 -04:00
Eleftheria Stein
224361cb4a Fix typo in Javadoc 2020-06-16 09:38:09 -04:00
Evgeniy Cheban
4e7be2078f DefaultWebSecurityExpressionHandler uses RoleHierarchy bean
Fixes gh-7059
2020-06-10 16:43:01 -04:00
Rob Winch
a907026eae Deprecate X-FRAME-OPTIONS ALLOW-FROM Directive
Closes gh-8677
2020-06-10 11:48:56 -05:00
Joe Grandja
da4b626bf1 OAuth2LoginAuthenticationWebFilter should handle OAuth2AuthorizationException
Issue gh-8609
2020-06-09 17:28:21 -04:00
Parikshit Dutta
28d2cfa14a Add ServerRequestCache setter in OAuth2AuthorizationCodeGrantWebFilter
Fixes gh-8536
2020-06-02 21:54:09 -04:00
Rob Winch
748538d19f Delay AuthenticationPrincipalArgumentResolver Creation
Use ObjectProvider<AuthenticationPrincipalArgumentResolver> to delay its
lookup.

Closes gh-8613
2020-05-29 16:49:01 -05:00
Eleftheria Stein
61060b3a4f Add multipart configuration to CSRF Kotlin DSL
Fixes gh-8602
2020-05-27 17:01:12 -04:00
Eleftheria Stein
6f5947cab7 Fix test warnings 2020-05-27 17:00:48 -04:00
Eleftheria Stein
fa11ae3c33 Remove unused import 2020-05-27 14:27:29 -04:00
Eleftheria Stein
67d2efde1c Resolve package tangles with security marker annotation 2020-05-27 07:33:24 -05:00
Eleftheria Stein
bc272ddf73 Resolve package tangles in Kotlin server package 2020-05-27 07:33:24 -05:00
Craig Andrews
f1db7167cb Polish
Use `getBeanOrNull` in `registerDelegateApplicationListener` to simplify implementation.

This change does not alter behavior.
2020-05-22 20:33:32 -05:00
Craig Andrews
dbdeec4216 Check for an existing SessionRegistry bean
If a SessionRegistry is necessary, check for one in the ApplicationContext before creating one.
2020-05-22 20:33:32 -05:00
Evgeniy Cheban
0fa339f75b Allow port=0 for ApacheDSContainer
Fixes gh-8144
2020-05-21 16:14:01 -05:00
Josh Cummings
51a0cffd36
Post-process AuthenticationRequestFilter
Fixes gh-8552
2020-05-18 21:08:23 -06:00
Josh Cummings
9241cd2892
Move TestRelyingPartyRegistrations
Fixes gh-8551
2020-05-18 16:38:40 -06:00
Parikshit Dutta
1e211b6558 Add RequestCache setter in OAuth2AuthorizationCodeGrantFilter
Fixes gh-8120
2020-05-15 15:13:15 -04:00
Joe Grandja
c1abc9b134 Polish gh-8501 2020-05-15 13:26:09 -04:00
Thomas Vitale
78fa859798 Add issuerUri to ClientRegistration.providerDetails
- Add "issuerUri" attribute to ClientRegistration.providerDetails for OpenID Connect Discovery 1.0 or OAuth 2.0 Authorization Server Metadata.
- Validate OidcIdToken "iss" claim against the OpenID Provider "issuerUri" value.
- Update documentation for client registration: it includes issuer-uri property now.

Fixes gh-8326
2020-05-14 17:13:07 -04:00