This introduces a hook for users to customize standard Jwt Claim
values in cases where the JWT issuer isn't spec compliant or where the
user needs to add or remove claims.
Fixes: gh-5223
The authcodegrant samples were initially meant to be very simple
demonstration of authorization code flow. However, it has become
obvious since then that the real intent of the demo is how to use
the WebClient with OAuth (there is no other reason to do authorization
code flow unless you use the token to make a request).
The samples have been migrated to oauth2webclient and oauth2webclient-webflux
respectively. They have been improved:
* The sample demonstrates usage with annotations, webclient directly, form login
oauth2Login, and public APIs
* The samples externalize the endpoint that is requested in the sample
making it easier to try other endpoints
* The UI no longer relies on a data structure for the result of the
endpoint also making it easier to try other endpoints
Issue: gh-4921
Extract out a private API for shared code between the argument resolver
and WebClient support. This makes it easier to make changes in both
locations. Later we will extract this out so it is not a copy/paste
effort.
Issue: gh-4921
You can now provide the clientRegistrationId and
ServerOAuth2AuthorizedClientExchangeFilterFunction will look up the authorized client automatically.
Issue: gh-4921
Resource Server doesn't need to set the session policy for the
application to STATELESS since it can rely on the
SessionManagementFilter ignoring token's annotated with @Transient,
which a JwtAuthenticationToken is.
Fixes: gh-5759
This commit polishes ActiveDirectoryLdapAuthenticationProviderTests.contextEnvironmentPropertiesUsed() by:
- Adding fail() to prevent from going through an unexpected path.
- Asserting that the root cause is an instance of ClassNotFoundException as the current code doesn't seem to right.
Previously 5.+ was used. This caused problems because Spring Framework
does not use semantic versioning for milestone and rc snapshots. For
example, Spring uses 5.1.0.BUILD-SNAPSHOT, 5.1.0.M1, and then goes back
to 5.1.0.BUILD-SNAPSHOT.
Fixes: gh-5721
A reactive static builder for constructing and configuring a
ReactiveJwtDecoder via an issuer that supports the OIDC Provider
Configuration spec.
Fixes: gh-5649
Josh Cummings
Tim Koopman
Rob Winch
Joe Grandja
Sola
Johnny Lim
Vedran Pavic
Jason Zhekov