- docs stated that empty authorityPrefix are allowed but implementation denied to use `""`
- commit removes the `hasText`-limitation but restricts to `notNull`
Fixes gh-8421
When the issuer is set in the provider metadata, we validate the iss
field of the ID Token against it.
The OpenID Connect Specification says this must always be validated.
But this would be a breaking change for applications configured other
than with ClientRegistrations.fromOidcIssuerLocation(issuer). This will
be done later with #8326
Fixes gh-8321
Saml2AuthenticationRequestContext creation logic is not extensible at
the moment as it is provided inside of Saml2WebSsoAuthenticationRequestFilter.
This change enables to custom logic to be used when creating Saml2AuthenticationRequestContext by
taking the logic from the aforementioned filter to a seperate extensible
API by the name Saml2AuthenticationRequestContextResolver.
This provides following API contract and implementation:
- Saml2AuthenticationRequestContextResolver
- DefaultSaml2AuthenticationRequestContextResolver
Fixes gh-8360
Extended the documentation for the opaque Resource Server in order to clearly state which dependencies are required in order for the minimal deployment to work. Replaced dead link for Contribute guidelines in README.adoc
Closes gh-8391
Allow the configuration of a custom GrantedAuthorityMapper for reactive OAuth2Login
- Add setter in OidcAuthorizationCodeReactiveAuthenticationManager
and OAuth2LoginReactiveAuthenticationManager
- Use an available GrantedAuthorityMapper bean to configure the default ReactiveAuthenticationManager
Fixes gh-8324
- Follow convention to prefix member variable references with "this."
- Reduce stack trace when IOException is thrown
- Name tests to follow conventions
Issue gh-8332
Added ability to specify the header that
ServerBearerTokenAuthenticationConverter and
DefaultBearerTokenResolver use to extract a Bearer Token.
Fixes gh-8337
Removing the default usage of OpenSamlAuthenticationRequestFactory.
Otherwise, the Open SAML dependency is required, even when
Saml2AuthenticationRequestFactory is implemented without it.
Fixes gh-8359
Dávid Kovács
Adam Millerchip
Julian Müller
Daniel Furtlehner
VonUniGE
corneliouz Bett
Josh Cummings
shazin
Philipp Gerhard
Antonin Arquey
Roberto Paolillo
Souphorn
Rob Winch
Loïc Labagnara
Evgeniy Cheban
Mykyta Bezverkhyi
Oh Myung Woon
Teddy Reinert
Eleftheria Stein
Alan Czajkowski