Commit Graph

8526 Commits

Author SHA1 Message Date
Ruby Hartono 71a5c9521c Add XML namespace support for oauth2-login
Fixes gh-4557
2020-02-12 15:26:17 -05:00
Joe Grandja 40c0a452d7 Define oauth2-login xsd elements
Issue gh-4557
2020-02-12 15:26:17 -05:00
Filip Hanik a3e09fadd7 Correct signature handling for SAML2 AuthNRequest
Implements the following bindings for AuthNRequest
- REDIRECT
- POST (future PR)

Has been tested with
- Keycloak
- SSOCircle
- Okta
- SimpleSAMLPhp

Fixes gh-7711
2020-02-12 11:40:19 -08:00
Rob Winch f9b783bcee Remove Duplicate Runtime Environment From Docs
Closes gh-7980
2020-02-12 13:32:54 -06:00
Rob Winch 72a9c15278 Refactor Duplicate Security Filter Chain Doc
This removes the duplicate Security Filter Chain Doc and moves the
HttpFirewall to exploits portion of the documentation.

Closes gh-7979
2020-02-12 12:58:56 -06:00
Rob Winch ea6a0635ef Remove exclude of nohttp svg
We don't use svg images in our docs anymore.

Issue gh-7973
2020-02-12 12:11:58 -06:00
Rob Winch a6c47120a4 Update to spring-build-conventions:0.0.30.RELEASE
Issue gh-7973
2020-02-12 12:11:58 -06:00
Eleftheria Stein fde3ccb8b3 Add marker to make Kotlin DSL type safe
Fixes: gh-7971
2020-02-12 11:35:45 +01:00
Eleftheria Stein 1d6fdd249b Add missing Javadoc to Kotlin class 2020-02-11 18:09:30 +01:00
Eleftheria Stein f37a4557e6 Fix typo in Kotlin Javadoc 2020-02-11 18:09:30 +01:00
Rob Winch eb7df6416a Fix asciidoctorPdf images
We need to use png and disable interlaced mode.

Issue gh-7973
2020-02-11 07:49:54 -06:00
Rob Winch b173877705 Fix missing asciidoctorPdf attributes
Issue gh-7973
2020-02-11 07:49:54 -06:00
Joe Grandja 0809c04aa2 OAuth2AuthorizationCodeGrantWebFilter matches on query parameters
Fixes gh-7966
2020-02-10 15:11:04 -05:00
Rob Winch ab37a7a280 Update to spring-build-conventions:0.0.29.RELEASE
Closes gh-7974
2020-02-10 13:54:28 -06:00
Rob Winch 2909d46060 Fix Asciidoctor Warnings
Closes gh-7973
2020-02-10 13:30:52 -06:00
Josh Cummings 5bdf57d1e5
Remove Groovy and Spock Dependencies
Fixes gh-4939
2020-02-10 10:38:40 -07:00
Josh Cummings 3e46dacb4b
NamespaceHttpAccessDaniedHandlerTests groovy->java
Fixed broken link

Issue gh-4939
2020-02-10 10:38:40 -07:00
Josh Cummings bae50ecc05
AbstractSecurityWebApplicationInitializerTests groovy->java
Issue gh-4939
2020-02-10 10:38:39 -07:00
Eleftheria Stein a5210aaf9b Support custom filter in Kotlin DSL
Fixes: gh-7951
2020-02-10 12:03:32 +01:00
Joe Grandja 3c86239b39 OAuth2AuthorizationCodeGrantFilter matches on query parameters
Fixes gh-7963
2020-02-10 05:13:47 -05:00
Manuel Bleichenbacher d3490b0f87 Prevent double-escaping of authorize URL parameters
If the authorization URL in the OAuth2 provider configuration contained query parameters with escaped characters, these characters were escaped a second time. This commit fixes it.

It is relevant to support the OIDC claims parameter (see https://openid.net/specs/openid-connect-core-1_0.html#ClaimsParameter).

Fixes gh-7871
2020-02-08 16:40:15 -05:00
Stephane Maldini 851be025e9 Don't force downcasting of RequestAttributes to ServletRequestAttributes
Fixes gh-7952
2020-02-07 20:44:19 -05:00
Josh Cummings 7c4d56319f
cassample groovy->java
Issue gh-4939
2020-02-07 16:44:08 -07:00
Rob Winch cb695ae60f Add Dave Syer to Authors
Much of the content from architecture is borrowed, with permission
from Dave.

Issueh gh-7955
2020-02-07 15:54:32 -06:00
Rob Winch 9afa95f925 Fix Checkstyle
Issue gh-7955
2020-02-07 15:31:09 -06:00
Rob Winch 55f42fc153 Add High Level Servlet Architecture
- Review of Filters
- DelegatingFilterProxy
- FilterChainProxy
- Security Filters

Fixes gh-7955
2020-02-07 14:25:31 -06:00
Rob Winch 0028414da7 Ignore Lock Files 2020-02-07 13:59:05 -06:00
Josh Cummings 653400edfa
Polish DefaultAuthenticationEventPublisher
Simplified the constructor selection logic.

Issue gh-7825
2020-02-06 14:13:05 -07:00
Zeeshan Adnan 51b9b2f693
DefaultAuthenticationEventPublisher Default Event
Fixes gh-7825
2020-02-06 14:13:04 -07:00
Josh Cummings a90e579350 Add JwtIssuerReactiveAuthenticationManagerResolver
Fixes gh-7857
2020-02-06 13:45:13 -07:00
Eleftheria Stein 8c0b754a49 Fix credentials precedence over introspector in Kotlin
Fixes: gh-7878
2020-02-06 11:01:42 +01:00
Eleftheria Stein 1fed688f05 Fix JWK Set URI precedence over decoder in Kotlin
Fixes: gh-7877
2020-02-06 10:48:42 +01:00
Josh Cummings f23ab6f716
Updated Tests for oauth2webclient-webflux Sample
Issue gh-7910
2020-02-05 15:56:18 -07:00
Josh Cummings ffb5a3a0d4
Add oauth2Client WebTestClient Support
Fixes gh-7910
2020-02-05 15:33:57 -07:00
Eleftheria Stein 84b8a5abd7 Unlock dependencies for next development version
This reverts commit 064616f1ef.
2020-02-05 15:53:04 +01:00
Eleftheria Stein 3806f2387b Next development version 2020-02-05 15:51:25 +01:00
Eleftheria Stein f85f2fa740 Release 5.3.0.RC1 2020-02-05 15:17:14 +01:00
Eleftheria Stein 064616f1ef Lock dependencies for 5.3.0.RC1 2020-02-05 10:20:05 +01:00
Eleftheria Stein 7c482007de Update to GAE 1.9.78
Fixes gh-7893
2020-02-05 09:42:36 +01:00
Eleftheria Stein 96913f4bc1 Update to Spring Boot 2.2.4.RELEASE
Fixes gh-7892
2020-02-05 09:41:36 +01:00
Rob Winch b47605266e Update to Gradle 6.1.1
Fixes gh-7936
2020-02-04 23:36:47 -06:00
Rob Winch 1d7208f8ef Add RSocket Authentication Extension Support
Fixes gh-7935
2020-02-04 23:36:47 -06:00
Josh Cummings 209c81d65d
Add BadOpaqueTokenException
Updated NimbusOpaqueTokenIntrospector and
NimbusReactiveOpaqueTokenIntrospector to throw.
Updated OpaqueTokenAuthenticationProvider and
OpaqueTokenReactiveAuthenticationManager to catch.

Fixes gh-7902
2020-02-04 17:33:08 -07:00
Josh Cummings 0c3754c811
Add BadJwtException
Updated NimbusJwtDecoder and NimbusReactiveJwtDecoder to throw.
Updated JwtAuthenticationProvider and JwtReactiveAuthenticationManager
to catch.

Fixes gh-7885
2020-02-04 17:33:08 -07:00
Josh Cummings fbdecdafb8
Add Mapping to Invalid Bearer Token
Fixes gh-7793
2020-02-04 17:33:08 -07:00
Joe Grandja 25d029b092 Fix test gh-7873 2020-02-04 12:00:55 -05:00
Joe Grandja 04f3fe8af9 Add Jackson support for oauth2-client session related classes
Fixes gh-4886
2020-02-04 09:01:12 -05:00
Rob Winch ca5cc13948 SecurityEvaluationContextExtension Signature
SecurityEvaluationContextExtension.getRootObject() should have a signature
with a return type of SecurityExpressionRoot. See
EvaluationContextExtension javadoc
eed7658ce5/src/main/java/org/springframework/data/spel/spi/EvaluationContextExtension.java (L61-L64)

This enhancement will allow for Spring Data to make certain types of
optimizations.

Fixes gh-7891
2020-02-04 07:32:16 -06:00
Eleftheria Stein 5678490c1f Add relying party registration not found exception
Fixes: gh-7865
2020-02-04 09:58:54 +01:00
Josh Cummings 3e07b35611
Polish Bearer Token Error Handling
Issue gh-7822
Issue gh-7823
2020-02-03 17:54:39 -07:00