92c82191c9
Merge branch '5.8.x' into 6.0.x
...
Closes gh-13882
2023-09-29 11:46:00 -03:00
64e2a2ff8b
Apply updated Code Style
...
Closes gh-13881
2023-09-29 11:44:32 -03:00
771d9cd8b6
Merge branch '5.8.x' into 6.0.x
...
Closes gh-13799
2023-09-12 17:00:47 -05:00
9b7a110704
Fix OAuth2AuthenticationExceptionMixinTests on JDK 17
...
Closes gh-11893
2023-09-12 16:51:47 -05:00
dbf0c66301
Fix Client Authentication Method Error Message
...
Closes gh-13496
2023-07-12 14:15:31 -06:00
5f26daedcb
Error On Unsupported Client Authentication Methods
...
Closes gh-13144
2023-06-12 15:13:13 -06:00
69b17f3d3f
Merge branch '5.8.x' into 6.0.x
...
Closes gh-13222
2023-05-24 15:29:39 -06:00
c1002ff745
Improve Error Handling
...
Closes gh-13143
2023-05-24 15:29:15 -06:00
b423db5f93
Merge branch '5.8.x' into 6.0.x
...
Closes gh-13005
2023-04-12 12:46:11 -06:00
28be37238d
Merge branch '5.7.x' into 5.8.x
...
Closes gh-13004
2023-04-12 12:45:28 -06:00
c4e9fb885d
Delay JWSVerificationKeySelector Construction
...
Updating the NimbusReactiveJwtDecoder.JwkSetUriReactiveJwtDecoderBuilder processor to execute the ConfigurableJWTProcessor customizations before holding a reference to the JWSKeySelector.
Closes gh-12960
2023-04-12 12:45:00 -06:00
64a1ad5cd6
Merge branch '5.8.x' into 6.0.x
2023-04-04 13:32:34 -06:00
5ffebaf12b
Merge branch '5.7.x' into 5.8.x
2023-04-04 13:32:04 -06:00
39cee36065
Use SingletonSupplier
...
Issue gh-9991
2023-04-04 13:25:31 -06:00
7409d14504
fix javax.json.bind.Jsonb to jakarta.json.bind.Jsonb
...
Closes gh-12616
2023-02-03 12:30:17 -03:00
748e912685
Merge branch '5.8.x' into 6.0.x
...
Closes gh-12495
2023-01-06 12:56:21 -07:00
5e1db6a771
Merge branch '5.7.x' into 5.8.x
...
Closes gh-12494
2023-01-06 12:55:43 -07:00
225dc593a8
Polish NimbusJwtDecoderTests
...
- Add missing mock
Closes gh-12238
2023-01-06 12:53:36 -07:00
7bd6deccc3
Revert "Disable Some R2dbc Tests"
...
This reverts commit 813179931a
2022-12-19 15:42:22 -07:00
813179931a
Disable Some R2dbc Tests
...
Issue gh-12339
2022-12-05 11:13:15 -07:00
b22bc42bb0
Merge branch '5.8.x' into 6.0.x
...
Closes gh-12325
2022-11-30 14:50:51 -07:00
29c00905ce
Merge branch '5.7.x' into 5.8.x
...
Closes gh-12324
2022-11-30 14:49:26 -07:00
667cab6cda
Merge branch '5.6.x' into 5.7.x
...
Closes gh-12323
2022-11-30 14:38:16 -07:00
52c7141aac
Save Request Before Response Is Committed
...
Specifically important for cookie-based authorization request
repositories.
Closes gh-11602
2022-11-30 14:33:08 -07:00
bb3d92e33a
Update r2dbc-h2 to 1.0.0.RELEASE
...
Closes gh-12251
2022-11-18 23:04:38 -06:00
4e88623873
Polish gh-12087 in 6.0
2022-11-17 14:31:44 -06:00
a3d35ecf3c
Merge branch '5.8.x'
...
Closes gh-12234
2022-11-17 14:27:41 -06:00
52888d6206
Warn when AuthorizationGrantType does not match
...
Log a warning when AuthorizationGrantType does not exactly match a
pre-defined constant.
Closes gh-11905
2022-11-17 14:17:54 -06:00
ce065a87da
Merge branch '5.8.x'
...
Closes gh-12207
2022-11-14 12:25:05 -06:00
71eb71d185
Merge branch '5.7.x' into 5.8.x
...
Closes gh-12206
2022-11-14 12:11:59 -06:00
67a1f0836b
Merge branch '5.6.x' into 5.7.x
...
Closes gh-12205
2022-11-14 12:10:55 -06:00
fde26e003a
Request user info when AS returns no scopes
...
Closes gh-12144
2022-11-10 16:29:43 -06:00
5fe59cc635
Revert "Add configurable authorities split regex"
...
This reverts commit e93ed6d94c
2022-11-01 17:39:26 -06:00
e93ed6d94c
Add configurable authorities split regex
...
Before this commit splitting the authorities claim was done by a
hardcoded regex " ". This commit allows to configure to set any regex
to split the authorities claim while keeping the previously
hardcoded regex as a default.
2022-11-01 17:38:47 -06:00
cca999c57d
Merge remote-tracking branch 'origin/5.8.x'
2022-11-01 13:46:08 -06:00
d29ab8bcae
Merge branch '5.7.x' into 5.8.x
2022-11-01 13:43:40 -06:00
c94e33b6c8
Merge branch '5.6.x' into 5.7.x
2022-11-01 13:42:35 -06:00
8315545144
Update RP-Initiated Logout target URLs.
...
The URLs we're using are not actually pointing to the OIDC RP-Initiated Logout Specs.
Fixes: gh-12081
2022-11-01 12:35:39 -06:00
801ceb0832
Merge branch '5.8.x'
2022-10-31 08:58:14 -05:00
66f2f1cde7
Merge branch '5.7.x' into 5.8.x
2022-10-31 08:55:03 -05:00
2915a70bf7
Merge branch '5.6.x' into 5.7.x
2022-10-28 13:05:48 -05:00
26a51ee198
Merge branch '5.5.x' into 5.6.x
2022-10-28 11:15:33 -05:00
e7fe778abc
Merge branch '5.4.x' into 5.5.x
2022-10-28 11:13:33 -05:00
3e2ac82612
Merge branch '5.3.x' into 5.4.x
2022-10-28 11:10:39 -05:00
5560bbaa80
Merge branch '5.2.x' into 5.3.x
2022-10-28 11:07:51 -05:00
75004587a4
Fix scope mapping
...
Issue gh-12101
2022-10-28 11:00:27 -05:00
f4cc27c375
Change Default for (Server)AuthenticationEntryPointFailureHandler
...
Closes gh-9429
2022-10-13 20:03:03 -06:00
5afc7cb04f
Merge remote-tracking branch 'origin/5.8.x'
2022-10-13 19:48:05 -06:00
099aaa33ff
Remove Deprecation Markers
...
Since Spring Security still needs these methods and classes, we
should wait on deprecating them if we can.
Instead, this commit changes the original classes to have a
boolean property that is currently false, but will switch to true
in 6.0.
At that time, BearerTokenAuthenticationFilter can change to use
the handler.
Closes gh-11932
2022-10-13 19:47:22 -06:00
200b7fecd3
Add (Server)AuthenticationEntryPointFailureHandlerAdapter
...
Issue gh-11932, gh-9429
(Server)AuthenticationEntryPointFailureHandler should produce HTTP 500 instead
when an AuthenticationServiceException is thrown, instead of HTTP 401.
This commit deprecates the current behavior and introduces an opt-in
(Server)AuthenticationEntryPointFailureHandlerAdapter with the expected
behavior.
BearerTokenAuthenticationFilter uses the new adapter, but with a closure
to keep the current behavior re: entrypoint.
2022-10-13 19:25:04 -06:00
Marcus Da Coregio
Steve Riesenberg
Josh Cummings
Nick Meverden
luamas
Jon Kjennbakken
이경욱
Michael Sosa
Patrick Walter
Ger Roza
Daniel Garnier-Moiroux