Commit Graph

9515 Commits

Author SHA1 Message Date
Josh Cummings 8533312c6b
Fix SAML 2.0 Javaconfig Sample
Issue gh-9362
2021-01-22 11:19:08 -07:00
tristanessquare 56db058fd0
Fix NullPointerException
- Caused by a malformed WWW-Authenticate value
2021-01-21 16:18:23 -07:00
Eleftheria Stein 793781fb67 Add manual trigger to CI workflow
Closes gh-9360
2021-01-21 14:02:54 +01:00
Ihor Ilkevych 43a071a89e Add WebFlux oauth2Login with formLogin test
Closes gh-9326
2021-01-20 15:04:06 -05:00
Rob Winch ad4497fb72 Add https://repo.spring.io/release to reference 2021-01-19 22:50:43 -06:00
Rob Winch 51ee0de3fd Use spring-build-conventions:0.0.36 2021-01-19 17:20:12 -06:00
Rob Winch c421b3f635 spring-build-conventions:0.0.35.RELEASE 2021-01-19 17:20:12 -06:00
Rob Winch 3db112cc20 Spring Boot 2.4.0 2021-01-19 17:20:12 -06:00
Evgeniy Cheban 77484018bb Reconsider AntPathRequestMatcher matching logic
Closes gh-9285
2021-01-19 12:02:06 -07:00
Josh Cummings f36e2fca59
Remove SingleKeyJWSKeySelector
Closes gh-9348
2021-01-15 22:15:56 -07:00
Josh Cummings 65d3b0d71c
Add ResourceKeyConverterAdapter
Simplifies publishing RsaKeyConverters with
@ConfigurationPropertiesBinding

Issue gh-9316
2021-01-15 22:15:56 -07:00
Nelson Osacky 06b748c9c2 Update Gradle Enterprise Gradle Plugin 2021-01-13 12:44:03 -06:00
Ivan Pavlov f4d78d00ef Extend CorsDsl with CorsConfigurationSource property
Issue: gh-9314
2021-01-13 10:22:07 +01:00
Rob Winch 0201c31deb Fix Checkstyle for CsrfWebFilter
Issue gh-9337
2021-01-12 11:37:12 -06:00
Rob Winch a1083d9a5c Fix CsrfWebFilter error message when expected CSRF not found
Closes gh-9337
2021-01-12 11:18:29 -06:00
Josh Cummings 160a4a3676
Reformat MvcRequestMatcher
- Moved related private methods together

Issue gh-9284
2021-01-11 08:28:59 -07:00
Evgeniy Cheban 8449df9fd2
Consider Aligning MvcRequestMatcher's matching methods
Closes gh-9284
2021-01-09 21:42:16 +03:00
Josh Cummings 6499a235b0
Suppress Compiler Warnings 2021-01-08 11:30:28 -07:00
Eleftheria Stein 8cefc8a792 Fix bug with multiple AuthenticationManager beans
Closes gh-9256
2021-01-06 16:26:26 +01:00
Josh Cummings 7dde7cffda
Add Status Check
Closes gh-8955
2021-01-05 17:32:47 -07:00
Josh Cummings 337d24e6db
Update Copyright Messages
Issue gh-9202
2021-01-05 15:30:51 -07:00
Mazen Aissa c907838440
Make max-session configurable
Closes gh-9202
2021-01-05 15:30:51 -07:00
Nelson Osacky 6d59b1044a Add Revved up by Gradle Enterprise badge to README
Similar to: https://github.com/spring-projects/spring-boot/pull/24640
2021-01-05 11:00:41 -07:00
Josh Cummings cb10c9cfb6
Renew Sample Certificate
Closes gh-9320
2021-01-04 12:06:55 -07:00
Zeeshan Adnan 848bd44837
Remove unused code
Issue gh-9203
2020-12-18 11:49:52 -07:00
Rob Winch 40e027c56d Constant Time Comparison for CSRF tokens
Closes gh-9291
2020-12-17 15:01:43 -06:00
Josh Cummings c066e23a86
Add @since attributes
Issue gh-8900
2020-12-16 15:58:53 -07:00
Evgeniy Cheban 34b4b1054f Add AuthorizationManager
Closes gh-8900
2020-12-16 15:58:36 -07:00
Nick McKinney 5306d4c4d5 Minor cleanup on Ant / Regex Request Matchers
- Removed duplicative code for transforming String into HttpMethod
 - Removed an unnecessary array initialization
2020-12-14 14:19:23 +01:00
Nick McKinney 6be25df1db Introduced DispatcherType request matcher
Created a DispatcherTypeRequestMatcher and corresponding methods
for configuring an HttpSecurity object. This enables filtering of
security rules based on the dispatcher type of the incoming servlet
request.

Closes gh-9205
2020-12-14 14:19:23 +01:00
Josh Cummings 2566abec31
Add Type Parameter
Closes gh-8412
2020-12-11 10:20:18 -07:00
Christophe Gilles 54d3839f63 Add permissionsPolicy http header 2020-12-11 12:32:18 +01:00
Serdar Kuzucu 48ef27b80a Make assertion messages in CookieCsrfTokenRepository clearer
Changes assertion message format from 'X is not null' to
'X cannot be null' since this is more meaningful when the error
occurs and the message is printed in the logs.

Closes gh-9195
2020-12-09 10:45:22 -06:00
Serdar Kuzucu 76e117a67a Allow maximum age of csrf cookie to be configured
Allows maxAge of the generated cookie by CookieCsrfTokenRepository
to be configurable.

Prior to this commit, maximum age was set with a value of -1.

After this commit, it will be configured by the user with an either
positive or negative value. If the user does not provide a value,
it will be set -1.

An IllegalArgumentException will be thrown when
this value is set to zero.

Closes gh-9195
2020-12-09 10:45:22 -06:00
Eleftheria Stein 90b48554e4 Fix Custom DSL sample in docs 2020-12-09 10:48:15 +01:00
Josh Cummings f614a8230c
Polish getRemoteUser
- Corrected instanceof check

Issue gh-3357
2020-12-03 13:08:40 -07:00
Stephen Joyner 9c373ef4f8
getRemoteUser() returns principal name
Closes gh-3357
2020-12-03 13:08:40 -07:00
Ovidiu Popa d5d0be36f4 OidcIdToken cannot be serialized to JSON if token contains claim of type JSONArray or JSONObject
ObjectToListStringConverter and ObjectToMapStringObjectConverter were checking if the source object is of type List or Map and if the first element or key is a String. If we have a JSONArray containing Strings the above check will pass, meaning that a JSONArray will be returned which is not serializable (same applies to JSONObject)

With this change, even if the check is passing a new List or Map will be returned.

Closes gh-9210
2020-12-03 09:58:30 -05:00
Eleftheria Stein d3ef340b26 Fix typos 2020-12-03 11:05:22 +01:00
olivier.antoine 808b8c3256 Avoid ClassCastException if principalClaim value is not a String
Closes gh-9212
2020-12-02 16:15:10 -07:00
Josh Cummings fe93326087
Update SAML 2.0 Metadata URL Docs
Closes gh-9133
2020-12-02 14:13:02 -07:00
Eleftheria Stein 7f482eda7d Fix CookieRequestCache for URL encoded query parameters
Avoid populating the saved request parameters with encoded values. Since the query strings of the request and saved URL are compared and must be equal, we can just use the parameters from the incoming request.

Closes gh-9203
2020-11-26 18:16:42 +01:00
Joe Grandja 58e3235093 Deprecate ClientAuthenticationMethod BASIC and POST
Closes gh-9220
2020-11-25 15:13:28 -05:00
grimsa c002c6f9f3
Add ClaimAccessor#hasClaim
The new method is intended to replace ClaimAccessor#containsClaim, the
return type of which was non-primitive Boolean. The existing
containsClaim method is now deprecated.

Closes gh-9201
2020-11-25 11:58:17 -07:00
Loic Guibert 050e4a98b4 Fix javadoc in Pbkdf2PasswordEncoder
- Add @author Loïc Guibert
- Add @since 5.5 to new constructors

See PR gh-9147
2020-11-25 11:45:21 -07:00
Josh Cummings b0d4e500a8
Polish Add DelegatingJwtGrantedAuthoritiesConverter
- Adjusted internal logic to follow DelegatingOAuth2TokenValidator
- Changed JavaDoc to align more closely with
JwtGrantedAuthoritiesConverter
- Polished test names to follow Spring Security naming convention
- Updated test class name to follow Spring Security naming convention
- Polished tests to use TestJwts
- Added tests to address additional use cases

Closes gh-7596
2020-11-24 15:31:07 -07:00
Ropi 97cc119d86
Add DelegatingJwtGrantedAuthoritiesConverter
Closes gh-7596
2020-11-24 14:18:40 -07:00
Joe Grandja 40b2118d36 Fix checkstyle rules could not be parsed
Closes gh-9214
2020-11-23 14:33:18 -05:00
Rob Winch ef3b4d49d9 Add artifactoryUsername/Password to other workflow steps
Added artifactoryUsername/Password to other CI workflow steps to ensure
all steps will pass if a new dependency is added.
2020-11-16 13:11:07 -06:00
Rob Winch 47bb9b945c Add artifactoryUsername/Password to download new dependencies 2020-11-16 13:02:11 -06:00