Commit Graph

9510 Commits

Author SHA1 Message Date
Josh Cummings d19ff12813
Publish CsrfTokenRepository as shared object
Closes gh-9595
2021-04-10 00:25:34 -06:00
Josh Cummings e807fae869
Add Single Logout Support
Closes gh-8731
2021-04-10 00:25:34 -06:00
Josh Cummings 2f734a0975
Add RelyingPartyRegistrationResolver
Closes gh-9486
2021-04-10 00:12:38 -06:00
Josh Cummings efe42b93ce
Add Registration to Saml2Authentication
Closes gh-9487
2021-04-10 00:12:38 -06:00
Josh Cummings 88c1475a3b
Polish OpenSAML 4 support
Issue gh-9095
2021-04-10 00:12:15 -06:00
Josh Cummings 4f7d529c5d
Polish Csrf Tests
Issue gh-9561
2021-04-09 22:47:31 -06:00
佚名 87ed527023
Add null check in CsrfFilter and CsrfWebFilter
Solve the problem that CsrfFilter and CsrfWebFilter
throws NPE exception when comparing two byte array
is equal in low JDK version.

When JDK version is lower than 1.8.0_45, method
java.security.MessageDigest#isEqual does not verify
whether the two arrays are null. And the above two
class call this method without null judgment.

ZiQiang Zhao<1694392889@qq.com>
2021-04-09 21:43:19 -06:00
Josh Cummings df8abcfae7
Use Interceptors instead of Advice
- Interceptor is a more descriptive term for what
method security is doing
- This also allows the code to follow a delegate
pattern that unifies both before-method and after-
method authorization

Issue gh-9289
2021-04-09 18:45:31 -06:00
Josh Cummings 122346bd27
Document AuthorizationManager for Method Security
Issue gh-9289
2021-04-09 18:45:10 -06:00
Josh Cummings 6bcf479659
Polish Javadoc
Issue gh-9289
2021-04-09 18:44:25 -06:00
Josh Cummings 6828987b4b
Add AfterMethodAuthorizationManager
- Removes the need to keep MethodAuthorizationContext#returnObject
in sync with other method parameters
- Restores MethodAuthorizationContext's immutability

Closes gh-9591
2021-04-09 18:43:56 -06:00
Josh Cummings 2b494ebc5f
Polish AOP Structure
- Changed from MethodMatcher to Pointcut since authorization
annotations also can be attached to classes
- Adjusted advice to extend Before or AfterAdvice
- Adjusted advice to extend PointcutAdvisor so
that it can share its Pointcut
- Adjusted advice to extend AopInfrastructureBean to
align with old advice classes

Issue gh-9289
2021-04-09 17:46:33 -06:00
Josh Cummings 62d77ec97e
Add GrantedAuthorityDefaults to Expression Handler
Issue gh-9289
2021-04-09 17:46:33 -06:00
Josh Cummings 68cf74468c
Add check for custom advice
- Because publishing an advice bean replaces Spring Security
defaults, the code should error if both a custom bean and
either secureEnabled or prePostEnabled are specified

Issue gh-9289
2021-04-09 17:46:33 -06:00
Josh Cummings 45376b359b
Adjust Packaging
Issue gh-9289
2021-04-09 17:46:32 -06:00
Evgeniy Cheban 20778f727b
Consider AuthorizationManager for Method Security
Closes gh-9289
2021-04-09 17:46:32 -06:00
Josh Cummings a8a7ab4ffa
Restore spring-security-web Dependency
Issue gh-9095
2021-04-09 12:42:04 -06:00
Josh Cummings 7ded671858
Refactor AuthenticationDetailsSource support
- BearerTokenAuthenticationFilter exposes this directly, simplifying
configuration and removing a package tangle

Closes gh-9576
2021-04-09 12:41:16 -06:00
Eleftheria Stein 21f9876d87 Add WebFlux section to What's New
Closes gh-9590
2021-04-09 19:36:43 +02:00
Eleftheria Stein e03fe7f089 Add coroutine support to pre/post authorize
Closes gh-8143
2021-04-09 19:33:06 +02:00
Josh Cummings 3641756692 Add package-list
Closes gh-9528
2021-04-09 08:41:59 -06:00
Eleftheria Stein 65b3f6769c Add Kotlin DSL section to What's New
Closes gh-9589
2021-04-09 16:36:47 +02:00
Eleftheria Stein c3739ff799 Add Configuration section to What's New
Closes gh-9588
2021-04-09 16:35:41 +02:00
Joe Grandja b225ab3bbe Add OAuth 2.0 Client section to What's New
Closes gh-9587
2021-04-09 10:15:14 -04:00
Joe Grandja b556655290 Make OAuth2AuthorizationResponseType constructor public
Closes gh-9584
2021-04-09 08:01:08 -04:00
Joe Grandja dca7e03b91 Deprecate OAuth2AuthorizationResponseType.TOKEN
Closes gh-9582
2021-04-09 07:46:21 -04:00
Joe Grandja eff4cdc924 Polish gh-9505 2021-04-09 06:22:29 -04:00
Hassene Laaribi 7694aa27cf Add jwt-bearer authorization grant
Closes gh-6053
2021-04-09 06:22:29 -04:00
Rob Winch 1a082357d3 Add sagan(Create|Delete)Release
Closes gh-9577
2021-04-08 17:56:21 -05:00
Rob Winch eb47aa79e2 Groovy Plugin compile buildSrc java files
This is necessary for java plugins to use the Groovy source code.

Issue gh-9577
2021-04-08 17:55:50 -05:00
Joe Grandja 9c97970e26 Add Jwt Client Authentication support
Closes gh-8175
2021-04-08 15:44:33 -04:00
Rob Winch 224160f1ee Update spring-data-bom to 2020.0.7
Closes gh-9574
2021-04-08 12:29:06 -05:00
Rob Winch 57f463dcf0 Update mockito-core to 3.9.0
Closes gh-9573
2021-04-08 12:16:31 -05:00
Rob Winch 43f30a37a8 Update hsqldb to 2.6.0
Closes gh-9572
2021-04-08 12:16:29 -05:00
Rob Winch 0b2540c8b0 Update blockhound to 1.0.6.RELEASE
Closes gh-9571
2021-04-08 12:16:27 -05:00
Rob Winch 1038732ebc Update aspectj-plugin to 5.3.3.3
Closes gh-9570
2021-04-08 12:16:24 -05:00
Rob Winch 7c37745a41 Update com.nimbusds to 9.3.1
Closes gh-9569
2021-04-08 12:16:22 -05:00
Josh Cummings 6f79921750
Default to OpenSAML 3
- To make upgrade passive

Issue gh-9095
2021-04-06 17:11:33 -06:00
Josh Cummings 951202e797
Polish SAML 2.0 Artifacts
- Produce sources jar
- Produce Javadoc jar

Issue gh-9095
2021-04-06 17:10:53 -06:00
Rob Winch ba5de76fb3 Update org.jetbrains.kotlin to 1.4.32
Closes gh-9555
2021-04-05 22:23:59 -05:00
Rob Winch 49498b7e7d Update nohttp-checkstyle to 0.0.5.RELEASE
Closes gh-9554
2021-04-05 22:23:59 -05:00
Rob Winch f3f1106624 Update io.spring.javaformat to 0.0.27
Closes gh-9553
2021-04-05 22:23:59 -05:00
Rob Winch 7cc8dac37d Update spring-doc-resources to 0.2.5
Closes gh-9552
2021-04-05 22:23:59 -05:00
Rob Winch 8323590b6c Update r2dbc-spi-test to 0.8.4.RELEASE
Closes gh-9551
2021-04-05 22:23:59 -05:00
Rob Winch 2bad807471 Update aspectj-plugin to 5.3.0
Closes gh-9550
2021-04-05 22:23:59 -05:00
Rob Winch df710e44ea updateDependencies creates issues at spring-projects
Issue gh-9542
2021-04-05 22:23:59 -05:00
Rob Winch 38a230e5f3 Reject org.opensaml updates
There are two versions of org.opensaml that are supported, so we need
to manually update opensaml dependencies.

Issue gh-9542
2021-04-05 22:23:59 -05:00
Rob Winch 9b94e616c8 updateDepencencies support for nimbus-jose-jwt
Keep nimbus-jose-jwt aligned with the version in nimbus-oauth2-sdk

Issue gh-9542
2021-04-05 21:27:40 -05:00
Rob Winch 230c39e42a Reject com.nimbusds:nimbus-jose-jwt updates
Ensures consistency between nimbus-jose-jwt and oauth2-oidc-sdk

Issue gh-9542
2021-04-05 21:27:29 -05:00
Rob Winch 457435bfd0 Reject jython updates
Issue gh-9542
2021-04-05 21:27:16 -05:00