Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
8,451 Commits 32 Branches 333 Tags 109 MiB
Commit Graph

1083 Commits

Author SHA1 Message Date
Eleftheria Stein 0e37c722e2 Revert "Temporarily ignore RSocket integration tests" 
This reverts commit d5eeec0ae6.

Fixes gh-8643
 2020-06-08 16:14:34 -04:00
Eleftheria Stein d5eeec0ae6 Temporarily ignore RSocket integration tests 
Issue gh-8643
 2020-06-03 15:29:59 -04:00
Eleftheria Stein 3ed31400f7 Update SAML2 errors in integration tests 2020-05-06 14:16:41 -04:00
Josh Cummings 8fa16ce63e
Update to Jetty 9.4.27 
Fixes gh-7507
 2020-03-09 10:03:18 -06:00
Joe Grandja 148b570a98 Remove redundant validation for redirect-uri 
Fixes gh-7706
 2019-12-06 12:01:19 -05:00
Josh Cummings 7cbd1665a6
Isolate Jwt Test Support 
Isolating Jwt test support inside JwtRequestPostProcessor and
JwtMutator.

Fixes gh-7641
 2019-11-22 15:07:05 -07:00
Eddú Meléndez 27aa61b02f Use LocalRSocketServerPort annotation 2019-11-06 10:10:32 +01:00
Filip Hanik 0cafcf37e2 Make the loginProcessingUrl configurable for saml2Login() 
Fixes gh-7565

https://github.com/spring-projects/spring-security/issues/7565
 2019-10-31 08:20:12 -07:00
Filip Hanik 4489163163 Use Spring Boot configuration for saml2Login() 
Fixes gh-7521

https://github.com/spring-projects/spring-security/issues/7521
 2019-10-25 08:22:40 -07:00
Filip Hanik 5345aecd7f Align RSocket sample with new Spring Boot configuration 2019-10-25 08:22:40 -07:00
Rob Winch 03e2efacf4 Add Hello RSocket Sample 
Fixes gh-7504
 2019-09-30 13:58:03 -05:00
Filip Hanik 83b5f5c7ae Improve the Saml2AuthenticationRequest object 
- introduce the AssertionConsumerServiceURL attribute
- add javadoc
- align property name with SAML XML for AuthNRequest
 2019-09-30 11:01:34 -07:00
Filip Hanik 9731386de5 Correctly set "Destination" in AuthNRequest message 
Fixes gh-7494
https://github.com/spring-projects/spring-security/issues/7494
 2019-09-30 11:01:34 -07:00
Filip Hanik 7adb4da3ef Always require signature on either response or assertion 
Fixes gh-7490
https://github.com/spring-projects/spring-security/issues/7490
 2019-09-30 09:22:36 -07:00
Filip Hanik e6d40e8280
Merge pull request #7477 from fhanik/feature/propagate_saml_authentication_exception 
propagate saml authentication exception #7375
 2019-09-27 09:38:57 -07:00
Filip Hanik 22da2b45c9 SAML Assertion validation should propagate errors: #7375 and #7375 
Fixes gh-7377
Fixes gh-7375

https://github.com/spring-projects/spring-security/issues/7377
https://github.com/spring-projects/spring-security/issues/7375

Clean up code

- Authentication request factory should only throw Saml2Exception
- OpenSamlImplementation should only throw Saml2Exception
- Move the OpenSamlImplementation package private methods to the right
section
 2019-09-27 09:07:25 -07:00
Ivo Smid a11e61432e Document OAuth2 Client behind proxy and redirect_uri 
Fixes gh-7312
 2019-09-26 14:09:21 -04:00
Filip Hanik adde18b873 Revert "Merge pull request #7432 from fhanik/feature/propagate_saml_authentication_exception" 
This reverts commit e9619fb0e7, reversing
changes made to 45a1490d5d.
 2019-09-24 16:05:09 -07:00
Filip Hanik d472e99528 SAML Assertion validation should propagate errors: #7375 and #7375 
Fixes gh-7377
Fixes gh-7375

https://github.com/spring-projects/spring-security/issues/7377
https://github.com/spring-projects/spring-security/issues/7375
 2019-09-24 14:40:39 -07:00
Rob Winch 00f8991fac Merge Remove Redudant Throws 
Fixes gh-7301
 2019-09-19 11:04:53 -05:00
Josh Cummings bdaf530511
Remove Stray @MockBean 
Issue gh-7170
 2019-09-16 06:56:58 -06:00
Josh Cummings b55b2914c2 Mock Jwt Disables CSRF 
Fixes gh-7170
 2019-09-13 19:04:05 +01:00
Joe Grandja a60446836b OAuth2AuthorizeRequest supports attributes 
Fixes gh-7341
 2019-09-05 21:04:25 -04:00
Filip Hanik e9a44bc0ce HttpSecurity.saml2login() - MVP Core Code 
Implements minimal SAML 2.0 login/authentication functionality with the
following feature set:

  - Supports IDP initiated login at the default url of /login/saml2/sso/{registrationId}
  - Supports SP initiated login at the default url of /saml2/authenticate/{registrationId}
  - Supports basic java-configuration via DSL
  - Provides an integration sample using Spring Boot

Not implemented with this MVP

  - Single Logout
  - Dynamic Service Provider Metadata

Fixes gh-6019
 2019-09-05 14:40:08 -07:00
Joe Grandja dcd997ea43 Add support for Resource Owner Password Credentials grant 
Fixes gh-6003
 2019-09-04 14:07:45 -04:00
Josh Cummings 82ae4db4cc Update Multi Tenancy Sample to Convert Jwts 
Issue gh-7346
 2019-09-03 15:58:05 -06:00
Josh Cummings 068f4f0147 Polish Opaque Token 
Use OAuth2AuthenticatedPrincipal
Use BearerTokenAuthentication
Update names to reflect more generic approach.

Fixes gh-7344
Fixes gh-7345
 2019-09-03 15:58:05 -06:00
Lars Grefer 95511331fa fix checkstyle 2019-08-26 22:42:26 +02:00
Lars Grefer 34dd5fea30 Remove redundant throws clauses 
Removes exceptions that are declared in a method's signature but never thrown by the method itself or its implementations/derivatives.
 2019-08-23 01:03:54 +02:00
Eleftheria Stein 2ddab8b23e Use UserDetailsService bean in sample app 
Fixes: gh-7283
 2019-08-22 10:06:56 -04:00
Joe Grandja 46756d2e6b Introduce Reactive OAuth2AuthorizedClient Manager/Provider 
Fixes gh-7116
 2019-08-21 14:12:38 -04:00
Josh Cummings 95caa4715f
Add Reactive Mock Jwt Sample Tests 
Fixes gh-7278
 2019-08-19 13:14:58 -06:00
Josh Cummings 10a9207cd5
Pivot Resource Server Sample 
Changed sample to manage its own JwtDecoder, allowing the Nimbus
Jwt Decoder Builder API to evolve during milestone development.
 2019-08-17 00:26:39 -06:00
Josh Cummings 0ecffb0840
Multi-tenancy Sample AuthenticationManagers 
Fixes gh-7272
 2019-08-17 00:26:39 -06:00
Josh Cummings 9735a718cc
Remove MultiTenantAuthenticationManagerResolver 
Fixes gh-7259
 2019-08-14 11:14:47 -06:00
Lars Grefer cb4f3d2f44 Use UTF-8 for Java sources and XML 2019-08-14 08:47:00 -05:00
Josh Cummings 4ed197e515 Rename OAuth2TokenIntrospectionClient 
Renamed to OpaqueTokenIntrospector

Fixes gh-7245
 2019-08-12 18:05:28 -04:00
Rob Winch 39d2b32603 Polish io.freefair.aspectj Usage 
Consistent aspectj version throughout
 2019-08-12 14:19:50 -05:00
Rob Winch c1db1aad91
Cleanup Code Style Issues 
Cleanup Code Style Issues
 2019-08-12 13:06:49 -05:00
Lars Grefer a51318eb95 Use the 'io.freefair.aspectj' gradle plugin 2019-08-12 11:46:28 -05:00
Lars Grefer ff1070df36 remove redundant modifiers found by checkstyle 2019-08-10 00:18:56 +02:00
Lars Grefer 25c06be1eb Java 7: Identical 'catch' branches in 'try' statement 2019-08-09 16:59:07 -05:00
Lars Grefer 35bdf1f009 Unnecessary semicolon 2019-08-09 00:43:13 +02:00
Lars Grefer d9c1f03b84 Unnecessary interface modifier 2019-08-09 00:42:35 +02:00
Lars Grefer fb39d9c255 Anonymous type can be replaced with lambda 2019-08-08 17:09:09 -04:00
Henrique Luis Schmidt da62c31fdc Add test examples for the resource server sample 
- Add a post endpoint in /messages
- Changes the security config to require the read scope to GET a message and the write scope
to POST a new message.
- Changes the jwks of the mock server so I could create a new access token with the write scope.
- Creates tests and integration-tests for the POST endpoint.
- Changes the README to add an example of a POST request.

Fixes gh-7118
 2019-08-06 14:27:29 -04:00
Lars Grefer 2056834432 Cleanup unnecessary unboxing 
Unboxing is unnecessary under Java 5 and newer, and can be safely removed.
 2019-08-06 10:17:38 -04:00
Lars Grefer 2306d987e9 Cleanup unnecessary boxing 2019-08-06 10:17:38 -04:00
Lars Grefer 776a4c3760 Use org.mockito.ArgumentMatchers in favor of org.mockito.Matchers 2019-08-03 12:28:37 -04:00
Eleftheria Stein 0b4502b2c5 Remove exceptions from lambda security configuration 
Fixes: gh-7128
 2019-07-30 08:31:37 -05:00