Ruby Hartono
71a5c9521c
Add XML namespace support for oauth2-login
...
Fixes gh-4557
2020-02-12 15:26:17 -05:00
Joe Grandja
40c0a452d7
Define oauth2-login xsd elements
...
Issue gh-4557
2020-02-12 15:26:17 -05:00
Filip Hanik
a3e09fadd7
Correct signature handling for SAML2 AuthNRequest
...
Implements the following bindings for AuthNRequest
- REDIRECT
- POST (future PR)
Has been tested with
- Keycloak
- SSOCircle
- Okta
- SimpleSAMLPhp
Fixes gh-7711
2020-02-12 11:40:19 -08:00
Rob Winch
f9b783bcee
Remove Duplicate Runtime Environment From Docs
...
Closes gh-7980
2020-02-12 13:32:54 -06:00
Rob Winch
72a9c15278
Refactor Duplicate Security Filter Chain Doc
...
This removes the duplicate Security Filter Chain Doc and moves the
HttpFirewall to exploits portion of the documentation.
Closes gh-7979
2020-02-12 12:58:56 -06:00
Rob Winch
ea6a0635ef
Remove exclude of nohttp svg
...
We don't use svg images in our docs anymore.
Issue gh-7973
2020-02-12 12:11:58 -06:00
Rob Winch
a6c47120a4
Update to spring-build-conventions:0.0.30.RELEASE
...
Issue gh-7973
2020-02-12 12:11:58 -06:00
Eleftheria Stein
fde3ccb8b3
Add marker to make Kotlin DSL type safe
...
Fixes: gh-7971
2020-02-12 11:35:45 +01:00
Eleftheria Stein
1d6fdd249b
Add missing Javadoc to Kotlin class
2020-02-11 18:09:30 +01:00
Eleftheria Stein
f37a4557e6
Fix typo in Kotlin Javadoc
2020-02-11 18:09:30 +01:00
Rob Winch
eb7df6416a
Fix asciidoctorPdf images
...
We need to use png and disable interlaced mode.
Issue gh-7973
2020-02-11 07:49:54 -06:00
Rob Winch
b173877705
Fix missing asciidoctorPdf attributes
...
Issue gh-7973
2020-02-11 07:49:54 -06:00
Joe Grandja
0809c04aa2
OAuth2AuthorizationCodeGrantWebFilter matches on query parameters
...
Fixes gh-7966
2020-02-10 15:11:04 -05:00
Rob Winch
ab37a7a280
Update to spring-build-conventions:0.0.29.RELEASE
...
Closes gh-7974
2020-02-10 13:54:28 -06:00
Rob Winch
2909d46060
Fix Asciidoctor Warnings
...
Closes gh-7973
2020-02-10 13:30:52 -06:00
Josh Cummings
5bdf57d1e5
Remove Groovy and Spock Dependencies
...
Fixes gh-4939
2020-02-10 10:38:40 -07:00
Josh Cummings
3e46dacb4b
NamespaceHttpAccessDaniedHandlerTests groovy->java
...
Fixed broken link
Issue gh-4939
2020-02-10 10:38:40 -07:00
Josh Cummings
bae50ecc05
AbstractSecurityWebApplicationInitializerTests groovy->java
...
Issue gh-4939
2020-02-10 10:38:39 -07:00
Eleftheria Stein
a5210aaf9b
Support custom filter in Kotlin DSL
...
Fixes: gh-7951
2020-02-10 12:03:32 +01:00
Joe Grandja
3c86239b39
OAuth2AuthorizationCodeGrantFilter matches on query parameters
...
Fixes gh-7963
2020-02-10 05:13:47 -05:00
Manuel Bleichenbacher
d3490b0f87
Prevent double-escaping of authorize URL parameters
...
If the authorization URL in the OAuth2 provider configuration contained query parameters with escaped characters, these characters were escaped a second time. This commit fixes it.
It is relevant to support the OIDC claims parameter (see https://openid.net/specs/openid-connect-core-1_0.html#ClaimsParameter ).
Fixes gh-7871
2020-02-08 16:40:15 -05:00
Stephane Maldini
851be025e9
Don't force downcasting of RequestAttributes to ServletRequestAttributes
...
Fixes gh-7952
2020-02-07 20:44:19 -05:00
Josh Cummings
7c4d56319f
cassample groovy->java
...
Issue gh-4939
2020-02-07 16:44:08 -07:00
Rob Winch
cb695ae60f
Add Dave Syer to Authors
...
Much of the content from architecture is borrowed, with permission
from Dave.
Issueh gh-7955
2020-02-07 15:54:32 -06:00
Rob Winch
9afa95f925
Fix Checkstyle
...
Issue gh-7955
2020-02-07 15:31:09 -06:00
Rob Winch
55f42fc153
Add High Level Servlet Architecture
...
- Review of Filters
- DelegatingFilterProxy
- FilterChainProxy
- Security Filters
Fixes gh-7955
2020-02-07 14:25:31 -06:00
Rob Winch
0028414da7
Ignore Lock Files
2020-02-07 13:59:05 -06:00
Josh Cummings
653400edfa
Polish DefaultAuthenticationEventPublisher
...
Simplified the constructor selection logic.
Issue gh-7825
2020-02-06 14:13:05 -07:00
Zeeshan Adnan
51b9b2f693
DefaultAuthenticationEventPublisher Default Event
...
Fixes gh-7825
2020-02-06 14:13:04 -07:00
Josh Cummings
a90e579350
Add JwtIssuerReactiveAuthenticationManagerResolver
...
Fixes gh-7857
2020-02-06 13:45:13 -07:00
Eleftheria Stein
8c0b754a49
Fix credentials precedence over introspector in Kotlin
...
Fixes: gh-7878
2020-02-06 11:01:42 +01:00
Eleftheria Stein
1fed688f05
Fix JWK Set URI precedence over decoder in Kotlin
...
Fixes: gh-7877
2020-02-06 10:48:42 +01:00
Josh Cummings
f23ab6f716
Updated Tests for oauth2webclient-webflux Sample
...
Issue gh-7910
2020-02-05 15:56:18 -07:00
Josh Cummings
ffb5a3a0d4
Add oauth2Client WebTestClient Support
...
Fixes gh-7910
2020-02-05 15:33:57 -07:00
Eleftheria Stein
84b8a5abd7
Unlock dependencies for next development version
...
This reverts commit 064616f1ef
.
2020-02-05 15:53:04 +01:00
Eleftheria Stein
3806f2387b
Next development version
2020-02-05 15:51:25 +01:00
Eleftheria Stein
f85f2fa740
Release 5.3.0.RC1
2020-02-05 15:17:14 +01:00
Eleftheria Stein
064616f1ef
Lock dependencies for 5.3.0.RC1
2020-02-05 10:20:05 +01:00
Eleftheria Stein
7c482007de
Update to GAE 1.9.78
...
Fixes gh-7893
2020-02-05 09:42:36 +01:00
Eleftheria Stein
96913f4bc1
Update to Spring Boot 2.2.4.RELEASE
...
Fixes gh-7892
2020-02-05 09:41:36 +01:00
Rob Winch
b47605266e
Update to Gradle 6.1.1
...
Fixes gh-7936
2020-02-04 23:36:47 -06:00
Rob Winch
1d7208f8ef
Add RSocket Authentication Extension Support
...
Fixes gh-7935
2020-02-04 23:36:47 -06:00
Josh Cummings
209c81d65d
Add BadOpaqueTokenException
...
Updated NimbusOpaqueTokenIntrospector and
NimbusReactiveOpaqueTokenIntrospector to throw.
Updated OpaqueTokenAuthenticationProvider and
OpaqueTokenReactiveAuthenticationManager to catch.
Fixes gh-7902
2020-02-04 17:33:08 -07:00
Josh Cummings
0c3754c811
Add BadJwtException
...
Updated NimbusJwtDecoder and NimbusReactiveJwtDecoder to throw.
Updated JwtAuthenticationProvider and JwtReactiveAuthenticationManager
to catch.
Fixes gh-7885
2020-02-04 17:33:08 -07:00
Josh Cummings
fbdecdafb8
Add Mapping to Invalid Bearer Token
...
Fixes gh-7793
2020-02-04 17:33:08 -07:00
Joe Grandja
25d029b092
Fix test gh-7873
2020-02-04 12:00:55 -05:00
Joe Grandja
04f3fe8af9
Add Jackson support for oauth2-client session related classes
...
Fixes gh-4886
2020-02-04 09:01:12 -05:00
Rob Winch
ca5cc13948
SecurityEvaluationContextExtension Signature
...
SecurityEvaluationContextExtension.getRootObject() should have a signature
with a return type of SecurityExpressionRoot. See
EvaluationContextExtension javadoc
eed7658ce5/src/main/java/org/springframework/data/spel/spi/EvaluationContextExtension.java (L61-L64)
This enhancement will allow for Spring Data to make certain types of
optimizations.
Fixes gh-7891
2020-02-04 07:32:16 -06:00
Eleftheria Stein
5678490c1f
Add relying party registration not found exception
...
Fixes: gh-7865
2020-02-04 09:58:54 +01:00
Josh Cummings
3e07b35611
Polish Bearer Token Error Handling
...
Issue gh-7822
Issue gh-7823
2020-02-03 17:54:39 -07:00