Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-02-19 04:45:01 +00:00
Code Issues Packages Projects Releases Wiki Activity
6,523 Commits 33 Branches 337 Tags
Commit Graph

6523 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Rob Winch
060d8689fe Make RedirectServer*Tests less specific 
Issue: gh-4816
 2017-11-13 15:49:06 -06:00
Rob Winch
3c7fb977fe WebTestClientHtmlUnitDriverBuilder uses WebTestClient for localhost 
Fixes gh-4815
 2017-11-13 15:48:52 -06:00
Joe Grandja
426c034c01 OidcUserService uses custom userNameAttributeName 
Fixes gh-4812
 2017-11-12 14:44:57 -05:00
Joe Grandja
3661cb58d6 Polish oauth2Login sample integration test 
Fixes gh-4811
 2017-11-12 12:59:58 -05:00
Joe Grandja
aa9e057ba8 Fix CNF exception if oauth2-jose dependency not included 
Fixes gh-4753
 2017-11-12 12:27:18 -05:00
Joe Grandja
6775d9fdd8 OAuth2AccessTokenResponse should account for expires_in <= 0 
Fixes gh-4810
 2017-11-12 11:30:11 -05:00
Joe Grandja
1dac191b19 Remove custom security config from oauth2Login sample 
Fixes gh-4808
 2017-11-11 21:15:01 -05:00
Joe Grandja
cd9e712117 Remove GlobalAuthenticationConfigurerAdapter from oauth2Login sample 
Fixes gh-4665
 2017-11-11 21:15:01 -05:00
Joe Grandja
9098d1a726 Update to Spring Boot 2.0.0.M6 
Fixes gh-4809
 2017-11-11 21:14:18 -05:00
Joe Grandja
63e2db72ea Add tests to oauth2-jose 
Fixes gh-4806
 2017-11-10 17:09:48 -05:00
Joe Grandja
473ac0e37c Add tests to oauth2-client 
Fixes gh-4299
 2017-11-10 16:03:34 -05:00
Rob Winch
f2ccc53549 Add UserDetailsMapFactoryBean 
Fixes gh-4804
 2017-11-09 14:01:43 -06:00
Johnny Lim
99df632f24 Add missing @Override annotations 
This commit also adds MissingOverrideCheck module to Checkstyle configuration.
 2017-11-08 13:27:24 -06:00
Rob Winch
be0c6cde3d Update to Reactor-Bismuth-SNAPSHOT 
This may fix the hanging webflux-form build

Issue: gh-4803
 2017-11-08 10:37:01 -06:00
Rob Winch
f1245059ff Consistent Thymeleaf Version in Boot Samples 
Issue gh-4802
 2017-11-08 09:04:50 -06:00
Rob Winch
9d7802d71f Configure logback for webflux-form 
Issue gh-4802
 2017-11-08 08:32:32 -06:00
Rob Winch
1728e21804 Update Thymeleaf 
We can remove PatchThymleeafReactiveView now that it is fixed and released
in Thymeleaf.

Issue gh-4802
 2017-11-08 08:29:49 -06:00
Rob Winch
75e77292cf webflux-form sample 
Fixes gh-4802
 2017-11-07 22:25:56 -06:00
Rob Winch
adec62cdf2 EnableWebFluxSecurity creates CsrfRequestDataValueProcessor 
Fixes gh-4762
 2017-11-07 22:25:48 -06:00
Rob Winch
676020321e Add reactive CsrfRequestDataValueProcessor 
Fixes gh-4762
 2017-11-07 22:25:36 -06:00
Rob Winch
7622826b69 WebSessionServerCsrfTokenRepository saves on getToken 
Fixes gh-4801
 2017-11-07 22:25:23 -06:00
Rob Winch
776364d403 ServerCsrfTokenRepository.saveToken return Mono<CsrfToken> 
Fixes gh-4800
 2017-11-07 22:24:53 -06:00
Rob Winch
3f18881493 Remove additional attribute name from CsrfWebFilter 
Fixes gh-4799
 2017-11-07 22:24:42 -06:00
Rob Winch
91e27c1422 Add slf4jDependencies to hellowebflux 
Fixes gh-4798
 2017-11-07 22:24:32 -06:00
Rob Winch
c7c84e0996 Fix CustomLoginPage test 
Fixes gh-4797
 2017-11-07 22:24:21 -06:00
Rob Winch
1506dcd413 SpringTestContext.getContext() 
Add accessor method for SpringTestContext.getContext()

Fixes gh-4796
 2017-11-07 22:24:15 -06:00
Joe Grandja
db35dc6c03 Add tests to oauth2-core 
Fixes gh-4298
 2017-11-06 11:39:17 -05:00
Rob Winch
d9abd2e443 User.UserBuilder only encodes once 
Fixes gh-4794
 2017-11-06 09:47:37 -06:00
Rob Winch
21aec19d42 Add FormLoginBuilder.serverAuthenticationSuccessHandler 
Fixes: gh-4786
 2017-11-03 08:47:59 -05:00
Rob Winch
1d4c7da1e1 Fix WebTestClientWebConnection for redirects 2017-11-03 08:46:56 -05:00
Craig Walls
06c4bffc5f Use id field instead of name field for GitHub and Facebook providers. 
Fixes gh-4764
 2017-11-01 10:48:57 -04:00
Greg Turnquist
881cd0befb Fix UsernamePasswordAuthenticationTokenMixin to handle null credentials/details 
Resolves #4698
 2017-10-31 16:34:07 -05:00
Rob Winch
82adf744f5 Polish Docs 2017-10-31 10:27:34 -05:00
Rob Winch
35758fc61f Next Development Version 5.0.0.BUILD-SNAPSHOT 2017-10-30 17:06:54 -05:00
Rob Winch
e7ab2a697d Release 5.0.0.RC1 5.0.0.RC1 2017-10-30 16:47:44 -05:00
Rob Winch
e95430fa36 Polish Reactive Method Security reference 
Issue gh-4757
 2017-10-30 16:27:50 -05:00
Rob Winch
d664ff2e26 Lookup HandlerMappingIntrospector from Bean 2017-10-30 16:27:50 -05:00
Joe Grandja
ef9cd76607 Polish oauth2 
Fixes gh-4758
 2017-10-30 16:49:01 -04:00
Rob Winch
8e6c726fb2 Add WebFlux to What's New 5.0 
Fixes gh-4757
 2017-10-30 15:29:13 -05:00
Joe Grandja
d435f149eb Polish spring-security-oauth2-jose 
Fixes gh-4755
 2017-10-30 13:09:40 -04:00
Joe Grandja
511d702ee0 Remove JwtDecoderRegistry 
Fixes gh-4754
 2017-10-30 12:52:42 -04:00
Joe Grandja
727098d6c0 Fix NPE when configuring oauth2Login.loginPage 
Fixes gh-4752
 2017-10-30 06:26:07 -04:00
Rob Winch
5280ac40e9 WebMvcConfigurerAdapter->WebMvcConfigurer 
Fixes gh-4612
 2017-10-30 01:30:08 -05:00
Gajendra kumar
ec723952d5 principals and sessionIds should be set using constructor so that can be shared across node in cluster 
As principals and sessionIds are set in class itself so one can't share user session count across nodes(Cluster). Using constructor for setting principals and sessionIds we can pass Cache map to constructor which can enable common session count in cluster otherwise user would be allowed to logged in with multiple sessions. There is no point keeping principals and sessionIds completely internal.
 2017-10-30 01:08:15 -05:00
Kazuki Shimizu
3d5989dea4 Change a default realm name 
Change a default realm name of Basic Authentication for XML namespace to 'Realm'.

Fixes gh-4220
 2017-10-30 00:59:39 -05:00
Frank Pavageau
35706ad60a Deserialize the principal in a neutral way 
When the principal of the Authentication is an object, it is not necessarily
an User: it could be another implementation of UserDetails, or even a
completely unrelated type. Since the type of the object is serialized as a
property and used by the deserialization anyway, there's no point in
enforcing a stricter type.
 2017-10-30 00:53:31 -05:00
Frank Pavageau
6fd9ff254b Map values directly from the JSON nodes 
Not only is it more efficient without converting to an intermediate String,
using JsonNode.toString() may not even produce valid JSON according to its
Javadoc (ObjectMapper.writeValueAsString() should be used).
 2017-10-30 00:53:31 -05:00
SignleMR
a1fdb7dcb3 Update AbstractRememberMeServices.java 
this file`s file encode is unkown,maybe is "Eddu Melendez"
 2017-10-30 00:50:23 -05:00
Rob Winch
4295461830 ServerHttpSecurity extracts WebFilter from OrderedWebFilter 
Fixes gh-4736
 2017-10-30 00:45:26 -05:00
Jeremy Waters
832f5c39c1 SEC-3190: Add support for colons in remember-me token values 
We have an issue where token strings that contain a colon break
the existing decoding strategy, which tokenizes on colons.  so this 
change urlencodes the individual tokens when creating the cookie 
string; and urldecodes them decoding the cookie and extracting the 
tokens.  This also eliminates the need for existing code to deal with
openid tokens which contain urls, and thus colons.
 2017-10-30 00:33:14 -05:00