Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
7,498 Commits 30 Branches 330 Tags 114 MiB
Commit Graph

287 Commits

Author SHA1 Message Date
Johnny Lim c94f13a971 Polish tests 2019-01-08 11:16:22 -06:00
Joe Grandja 673a2adf26 Polish oauth2 client ExchangeFilterFunction's 
Fixes gh-6355
 2019-01-07 14:39:25 -05:00
Joe Grandja 993e11dcd3 Polish gh-6127 2019-01-07 13:50:17 -05:00
Warren Bailey 1c9ab9197e When expired retrieve new Client Credentials token. 
Once client credentials access token has expired retrieve a new token from the OAuth2 authorization server.
These tokens can't be refreshed because they do not have a refresh token associated with. This is standard behaviour for Oauth 2 client credentails

Fixes gh-5893
 2019-01-07 13:50:17 -05:00
Josh Cummings d77b12d229 authorization_uri Uses UriComponentsBuilder 
Because of this, authorization_uri can now be a fully-qualified url.

Fixes: gh-5760
 2018-12-21 13:23:47 -07:00
Joe Grandja 9c0d78da71 Extract OidcTokenValidator to an OAuth2TokenValidator 
Fixes gh-5930
 2018-12-21 11:06:40 -05:00
Joe Grandja 8f4f52edb9 Support configurable JwtDecoder for IdToken verification 
Fixes gh-5717
 2018-12-21 09:24:55 -06:00
Josh Cummings 1bfa38b1bd
Validate Scopes in ClientRegistrationBuilder 
Fixes: gh-6256
 2018-12-14 10:41:29 -07:00
shraiysh e25bea2cf7 Author: Shraiysh Vaishay cs17btech11050@iith.ac.in 
Add WebClientReactiveAuthorizationCodeTokenResponseClient.setWebClient

Fixes gh-6182
 2018-12-06 11:18:39 -06:00
Josh Cummings 566bc6a6e1
Test OpenID Discovery with Trailing Slash 
Fixes gh-6234
 2018-12-05 10:54:30 -07:00
jer051 fdc81822ec Add WebClientReactiveClientCredentialsTokenResponseClient setWebClient 
Added the ability to specify a custom WebClient in
WebClientReactiveClientCredentialsTokenResponseClient.
Also added testing to ensure the custom WebClient is not null and is
used.

Fixes: gh-6051
 2018-11-28 15:44:36 -06:00
Josh Cummings 2a8233d035
Remove PowerMock from oauth2-core and oauth2-jose 
Issue: gh-6025
 2018-11-20 14:02:10 -07:00
Josh Cummings 80e13bad41
Remove PowerMock from oauth2-client 
Issue: gh-6025
 2018-11-19 18:09:00 -07:00
dperezcabrera f6414e9a52 Make InMemory*ClientRegistrationRepository Consistent 
The previous builders with the list argument were inconsistent with their
respective builders of var args.
 2018-11-19 15:09:30 -06:00
Rafael Dominguez e1d68e4f6b WebClientReactiveClientCredentialsTokenResponseClient.getTokenResponse expects 2xx http status code 
This ensures that token response is only extracted when ClientResponse has a successful status

Fixes: gh-6089
 2018-11-19 10:50:33 -06:00
Josh Cummings d28e32b000 NimbusJwtDecoder Builder 
A Builder to simply common construction patterns for NimbusJwtDecoder

Issue: gh-6010
 2018-11-14 15:53:47 -06:00
Joe Grandja a96893a42a Remove charset from Accept header in UserInfo request 
Fixes gh-6017
 2018-10-25 12:56:45 -04:00
Vedran Pavic e1b095df32 Allow in-memory client registration repos to be constructed with a map 
Fixes gh-5918
 2018-10-18 14:07:12 -04:00
Joe Grandja 07d2e43d7a Deprecate NimbusAuthorizationCodeTokenResponseClient 
Fixes gh-5954
 2018-10-15 09:01:19 -04:00
Rob Winch 725b3b5482 Fix OAuth2AuthorizationCodeGrantWebFilter works w/ /{action/ 
Issue: gh-5856
 2018-09-20 21:39:09 -05:00
Joe Grandja d46f83caf4 Ensure consistent matching of redirect_uri 
Fixes gh-5890
 2018-09-20 14:30:41 -04:00
Rob Winch 410f6bae1a Fix ServerOAuth2AuthorizedClientExchangeFilterFunctionTests Merge 
Issue: gh-5872
 2018-09-19 11:53:21 -05:00
Rob Winch dcbf762a0b WebClient OAuth2 Support for defaultClientRegistrationId 
Fixes: gh-5872
 2018-09-19 11:47:04 -05:00
Joe Grandja e8d8eb59bf Make OAuth2AuthorizedClient Serializable 
Fixes gh-5757
 2018-09-19 10:47:30 -04:00
Joe Grandja 2c078c5dd9 Remove expiresAt constructor-arg in OAuth2RefreshToken 
Fixes gh-5854
 2018-09-19 10:47:30 -04:00
Rob Winch cc8935e904 Fix Reactive OIDC to add refresh token 
Fixes: gh-5858
 2018-09-17 21:21:36 -05:00
Rob Winch 385bdfc055 OAuth2AuthorizationCodeGrantWebFilter works with /{action}/ 
This ensures that the same URL can work for both log in and
authorization code which prevents having to create additional registrations
on the client and potentially on the server (GitHub only allows a single
valid redirect URL).

Fixes: gh-5856
 2018-09-17 21:21:36 -05:00
Joe Grandja ed9cd478ba Polish 
Issue gh-5776
 2018-09-12 11:57:53 -04:00
Joe Grandja 8746e71b9a Use OAuth2AuthorizationException in authorization flows 2018-09-11 14:53:42 -05:00
Joe Grandja ef02ab2f8a DefaultOAuth2UserService handles OAuth2AuthorizationException 2018-09-11 14:53:42 -05:00
Joe Grandja 7474d6524e DefaultAuthorizationCodeTokenResponseClient throws OAuth2AuthorizationException 2018-09-11 14:53:42 -05:00
Joe Grandja 56b4576396 DefaultClientCredentialsTokenResponseClient throws OAuth2AuthorizationException 
Fixes gh-5726
 2018-09-11 14:53:42 -05:00
Joe Grandja e56c048db3 Remove OAuth2ClientException 2018-09-11 14:53:42 -05:00
Rob Winch 26e577b0fa UnauthenticatedServerOAuth2AuthorizedClientRepository->UnAuthenticatedServerOAuth2AuthorizedClientRepository 
Issue: gh-5817
 2018-09-07 15:29:35 -05:00
Rob Winch 11ea92ef1c Add UnauthenticatedServerOAuth2AuthorizedClientRepository 
Fixes: gh-5817
 2018-09-07 15:28:40 -05:00
Rob Winch 438d2911fb OAuth2AuthorizedClientResolver 
Extract out a private API for shared code between the argument resolver
and WebClient support. This makes it easier to make changes in both
locations. Later we will extract this out so it is not a copy/paste
effort.

Issue: gh-4921
 2018-09-07 08:58:00 -05:00
Rob Winch 23726abb1e ServerOAuth2AuthorizedClientExchangeFilterFunction default ServerWebExchange 
Leverage ServerWebExchange established by ServerWebExchangeReactorContextWebFilter

Issue: gh-4921
 2018-09-07 08:57:25 -05:00
Rob Winch ac78258847 ServerOAuth2AuthorizedClientExchangeFilterFunction defaultOAuth2AuthorizedClient 
Defaults to use the OAuth2AuthenticationToken to resolve the authorized client

Issue: gh-4921
 2018-09-07 08:57:00 -05:00
Rob Winch 158b8aa6d5 ServerOAuth2AuthorizedClientExchangeFilterFunction clientRegistrationId 
Issue: gh-4921
 2018-09-07 08:56:49 -05:00
Rob Winch 28537fa3b6 WebClientReactiveClientCredentialsTokenResponseClient 
Fixes: gh-5607
 2018-09-07 08:53:35 -05:00
Rob Winch 89f2874bff ServerOAuth2AuthorizedClientExchangeFilterFunction clientRegistrationId 
You can now provide the clientRegistrationId and
ServerOAuth2AuthorizedClientExchangeFilterFunction will look up the authorized client automatically.

Issue: gh-4921
 2018-09-07 08:52:35 -05:00
Rob Winch 5bcbb1c40f ServerOAuth2AuthorizedClientExchangeFilterFunction uses ServerOAuth2AuthorizedClientRepository 
Issue: gh-4921
 2018-09-07 08:52:18 -05:00
Joe Grandja 057587ef29 ClientRegistration contains Provider Configuration Metadata 
Fixes gh-5540
 2018-09-05 17:01:23 -04:00
Joe Grandja dfd572a4d2 Polish 2018-09-05 07:59:00 -05:00
Joe Grandja 3b480a3a05 Provide RestOperations in CustomUserTypesOAuth2UserService 
Fixes gh-5602
 2018-09-05 07:59:00 -05:00
Joe Grandja 4a8c95a3e8 Provide RestOperations in DefaultOAuth2UserService 
Fixes gh-5600
 2018-09-05 07:59:00 -05:00
Joe Grandja 8e615d0fee Re-factor DefaultClientCredentialsTokenResponseClient 
Fixes gh-5735
 2018-08-27 15:10:17 -05:00
Joe Grandja 229b69dd35 Add DefaultAuthorizationCodeTokenResponseClient 
Fixes gh-5547
 2018-08-27 12:44:19 -04:00
Rob Winch f5ad4ba0fa ServletOAuth2AuthorizedClientExchangeFilterFunction support client_credentials 
Fixes: gh-5639
 2018-08-24 11:33:02 -05:00
Rob Winch 2d497c7b0f Remove OAuth2ExchangeFilterFunctions 
Fixes: gh-5734
 2018-08-24 11:27:59 -05:00