Commit Graph

9790 Commits

Author SHA1 Message Date
Rob Winch 1569ae2b75 Update junit-bom to 5.8.1
Closes gh-10400
2021-10-18 21:04:51 -05:00
Rob Winch d2bfe1c1fa Update org.jetbrains.kotlin to 1.5.31
Closes gh-10399
2021-10-18 21:04:51 -05:00
Rob Winch 289ffc3e63 Update hibernate-entitymanager to 5.6.0.Final
Closes gh-10398
2021-10-18 21:04:51 -05:00
Rob Winch ccc1c157a5 Update org.eclipse.jetty to 9.4.44.v20210927
Closes gh-10397
2021-10-18 21:04:51 -05:00
Rob Winch 7cc0c9fb1b Update assertj-core to 3.21.0
Closes gh-10396
2021-10-18 21:04:51 -05:00
Rob Winch 2bb61835a0 Update htmlunit to 2.54.0
Closes gh-10395
2021-10-18 21:04:51 -05:00
Rob Winch 4da15eea18 Update io.spring.javaformat to 0.0.29
Closes gh-10394
2021-10-18 21:04:51 -05:00
Rob Winch f836897190 Checkstyle Fixes
- Javadoc tag ordering
- Private constructors before inner classes

Issue gh-10394
2021-10-18 21:03:35 -05:00
Rob Winch 0c088e278a Update r2dbc-spi-test to 0.8.6.RELEASE
Closes gh-10393
2021-10-18 21:03:12 -05:00
Rob Winch 5f8ded6b5f Update io.projectreactor to 2020.0.12
Closes gh-10391
2021-10-18 21:03:12 -05:00
Rob Winch 8a4e640f9d Update com.nimbusds to 9.18
Closes gh-10390
2021-10-18 21:03:12 -05:00
Rob Winch de5972a062 Update jackson-bom to 2.13.0
Closes gh-10387
2021-10-18 21:03:12 -05:00
Rob Winch e1f4ec1137 Fix Jackson 2021-10-18 21:03:12 -05:00
Rob Winch 7309b8846a updateDependenciesSettings does not process AsciidoctorConventionPlugin 2021-10-18 13:54:26 -05:00
Steve Riesenberg 47087ba9c5 Revamp OAuth 2.0 Client reactive documentation
Related gh-8174
2021-10-14 14:35:25 -05:00
Steve Riesenberg a487ef2d74 Add JwtEncoder to What's New in 5.6 2021-10-14 14:26:48 -05:00
Marcus Da Coregio 7fa39c8807 Deprecate EhCache2 support
Since EhCache 3 is fully JSR-107 compliant, we should remove EhCache2 support and provide JCache implementations

Closes gh-10362
2021-10-14 14:51:27 -03:00
Dávid Kováč 64e9ac995a getClaimAsBoolean() should not be falsy
Closes gh-10148
2021-10-14 11:28:09 -05:00
Marcus Da Coregio 00084cf986 Add saml2.ValidIssuers parameter
Adds the saml2.ValidIssuers parameter into SAML 2.0 Assertion Validators

Closes gh-10335
2021-10-14 09:21:43 -06:00
Marcus Da Coregio c82722c412 Update What's New in 5.6 2021-10-14 09:27:39 -03:00
Marcus Da Coregio faec20bc69 Update DefaultWebInvocationPrivilegeEvaluator to use current ServletContext
Closes gh-10208
2021-10-14 09:27:02 -03:00
Philipp Neuschwander 6db58cbf8a Conditionally resolve bearer token from request parameters
Before this commit, the DefaultBearerTokenResolver unconditionally
resolved the request parameters to check whether multiple tokens
are present in the request and reject those requests as invalid.

This commit changes this behaviour to resolve the request parameters
only if parameter token is supported for the specific request
according to spec (RFC 6750).

Closes gh-10326
2021-10-13 17:10:50 -05:00
Emil Sierżęga 88c64b3b7b Fixed link in .editorconfig 2021-10-13 15:36:10 -06:00
Dávid Kováč 0299808b05 Add ClaimAccessor tests
Add tests for ClaimAccessor#getClaimAsMap and ClaimAccessor#getClaimAsStringList

Issue gh-10117
2021-10-13 12:53:40 -06:00
Dávid Kováč 125d33e3cf Update JavaDoc according to implementation
Update ClaimAccessor#getClaimAsMap and ClaimAccessor#getClaimAsStringList
JavaDoc according to the current implementation

Closes gh-10117
2021-10-13 12:53:40 -06:00
Joe Grandja e3abaf7999 Add OAuth2ErrorCodes.INVALID_REDIRECT_URI
Closes gh-10370
2021-10-13 14:12:44 -04:00
Gaurav Tiwari 33708e61fb Add postProcess support to Saml2LogoutConfigurer
Closes gh-10311
2021-10-13 12:05:48 -06:00
Josh Cummings fbb7691be4 Polish SecurityNamespaceHandler Tests
Issue gh-8974
2021-10-13 11:50:14 -06:00
Emil Sierżęga 8daa6ec1fd SecurityNamespaceHandler: update schema version to 5.6
Closes gh-8974
2021-10-13 11:49:57 -06:00
Steve Riesenberg 00f466a431 Update What's New in 5.6 2021-10-13 12:06:47 -05:00
Eleftheria Stein ba8844a67e Deprecate Kotlin methods that don't use reified types
Closes gh-10365
2021-10-13 10:16:37 +02:00
Josh Cummings 7b98c2ea95 Restructure SwitchUserFilter Logs
Issue gh-6311
2021-10-12 13:32:29 -06:00
Marcus Da Coregio 77399ee2b0 Deprecate remoting technologies support
Closes gh-10361
2021-10-12 14:59:37 -03:00
Marcus Da Coregio 86c24da38b Improve Method Security logging
Closes gh-10247
2021-10-08 14:22:09 -03:00
Marcus Da Coregio ef01124eb9 Add reasons to AuthorizationDecisions
Closes gh-9287
2021-10-08 14:22:09 -03:00
Marcus Da Coregio 570092c467 Remove trace logs for PrePostAnnotationSecurityMetadataSource
Those logs were producing too much noise on the console without adding much value.

Issue gh-10247
2021-10-08 14:22:09 -03:00
Steve Riesenberg 3b564b2026 Add parameters converter support to AbstractWebClientReactiveOAuth2AccessTokenResponseClient
This adds support for configuring NimbusJwtClientAuthenticationParametersConverter to any AbstractWebClientReactiveOAuth2AccessTokenResponseClient as an additional parameters converter, which in turns adds reactive support for jwt client authentication.

Closes gh-10146
2021-10-06 13:09:33 -05:00
Alexander Schwartz f561499683 Fix Antora cross-references that lead to other pages.
Also using AsciiDoc style listings instead of Markdown style listings, and using explicit section IDs on all cross-references.
2021-10-06 09:53:15 -06:00
Steve Riesenberg 9b24f66f1c Implement reactive support for JWT as an Authorization Grant
Closes gh-10147
2021-10-05 16:09:24 -05:00
Marcus Da Coregio 02b2fcc6f0 Restore ManagementConfigurationPlugin
Issue gh-9615
2021-10-05 11:23:29 -03:00
Marcus Da Coregio e2e93887af Update JFrog Build Info plugin
Issue gh-9615
2021-10-04 16:01:40 -03:00
Marcus Da Coregio d2e5f2ae0d Update Gradle to 7.2
Closes gh-9615
2021-10-04 15:19:40 -03:00
Eleftheria Stein 7d81a52780 Allow AuthenticationPrincipal argument type to be primitive
Closes gh-10172
2021-10-04 16:22:21 +02:00
Marcus Da Coregio 7112ee3eaa Allow SAML 2.0 loginProcessingURL without registrationId
Closes gh-10176
2021-10-04 09:54:40 -03:00
Alexander Furer 8c74d6cea5 Fix isAssignable order
Closes gh-10236
2021-09-30 13:56:37 -06:00
Marcus Da Coregio e36e2b2a97 Move Saml2AuthnRequestRepository to web package
Moving to solve package tangles

Issue gh-9185
2021-09-29 14:10:39 -03:00
Rob Winch cff0bde1a3 GitHub Actions uses spring-builds+github user
This is more clear than spring-builds user
2021-09-28 15:09:03 -05:00
Josh Cummings 0f8fa36b93 Fix OAuth2 Error Code
Closes gh-10319
2021-09-28 13:24:51 -06:00
Darren Forsythe 5556b821e3 Check for multiple access tokens per rfc 6750
Check for multiple access tokens on the ServerHttpRequest rather than get get first. If multiples are found throw a OAuth2AuthenticationException.

Closes gh-5708
2021-09-28 08:07:06 -06:00
Josh Cummings 770c57ecc9 Add Structure101 to CI Build
Closes gh-6236
2021-09-27 16:23:19 -06:00