81350ca3c3
Add NimbusJwkReactiveJwtDecoderTests
...
Issue: gh-5330
2018-06-25 12:13:08 -05:00
7b406e89e4
Fixes in decoder
2018-06-25 10:08:13 -05:00
a5f7713d9f
adding a test
2018-06-25 10:03:53 -05:00
d521d5e066
Add OidcReactiveAuthenticationManager
...
Fixes: gh-5330
2018-06-18 16:08:07 -05:00
f7a2a41241
Add OidcReactiveOAuth2UserService
...
Issue: gh-5330
2018-06-18 16:08:07 -05:00
5ed319b11a
Add NimbusReactiveJwtDecoder
...
Issue: gh-5330
2018-06-18 16:08:07 -05:00
0d23aad911
Add ReactiveRemoteJWKSource
...
Issue: gh-5330
2018-06-18 16:08:07 -05:00
7898ce2ded
Add JWKContextJWKSource
...
Issue: gh-5330
2018-06-18 16:08:07 -05:00
aa0ea4a8eb
Add JWKContext
...
Issue: gh-5330
2018-06-18 16:06:32 -05:00
923e23d05b
Add JWKSelectorFactory
...
Issue: gh-5330
2018-06-18 16:06:26 -05:00
3ddde473f2
Extract OidcTokenValidator
...
Issue: gh-5330
2018-06-18 16:06:19 -05:00
adb8c60173
Extract OidcUserRequestUtils
...
This logic is shared by both reactive and non-reactive clients.
Issue: gh-5330
2018-06-18 16:06:01 -05:00
a3db6fc993
Polish OidcUserService
...
Fixes: gh-5449
2018-06-18 16:03:41 -05:00
02d29887fb
Associate Refresh Token to OAuth2AuthorizedClient
...
Fixes gh-5416
2018-06-12 11:31:43 -04:00
4fc6d96073
Rename @OAuth2Client to @RegisteredOAuth2AuthorizedClient
...
Fixes gh-5360
2018-06-08 17:33:21 -04:00
dd1b1b9cc3
Use Spring Framework 5.1.0 SNAPSHOT
...
Fixes: gh-5408
2018-06-05 12:28:51 -05:00
fe979aa996
OidcUserService leverages DefaultOAuth2UserService
...
Fixes gh-5390
2018-05-31 16:17:47 -04:00
82e4abdd32
OAuth2ClientArgumentResolver uses AnnotatedElementUtils
...
Fixes gh-5335
2018-05-29 21:29:33 -04:00
32c33d1def
Add OAuth2AuthenticationException constructor that takes only OAuth2Error
...
Fixes gh-5374
2018-05-29 21:10:34 -04:00
b3ca598679
Add WebClient Bearer token support
...
Fixes: gh-5389
2018-05-25 15:17:08 -05:00
c68cf991ae
Add OAuth2AuthorizedClientExchangeFilterFunction
...
Fixes: gh-5386
2018-05-25 11:01:55 -05:00
2658577396
OAuth2AuthorizationRequestRedirectWebFilter handles ClientAuthorizationRequiredException
...
Fixes: gh-5383
2018-05-24 16:40:41 -05:00
0eedfc717a
Revert "Revert "Add ClientRegistration from OpenID Connect Discovery""
...
This reverts commit 9fe0f50e3c
2018-05-18 09:40:43 -05:00
9fe0f50e3c
Revert "Add ClientRegistration from OpenID Connect Discovery"
...
This reverts commit 0598d47732
2018-05-18 09:20:51 -05:00
0598d47732
Add ClientRegistration from OpenID Connect Discovery
...
Fixes: gh-4413
2018-05-16 12:30:04 -05:00
7013c6fd76
Add OAuth2LoginSpec
...
Issue: gh-4807
2018-05-11 04:19:50 -05:00
23f4b9d3d1
Add OAuth2AuthorizationRequestRedirectWebFilter
...
Issue: gh-4807
2018-05-11 04:19:50 -05:00
de959dbff6
Add OAuth2ClientArgumentResolver
...
Issue: gh-4807
2018-05-11 04:19:50 -05:00
c1e9785a48
Add OAuth2LoginReactiveAuthenticationManager
...
Issue: gh-4807
2018-05-11 04:19:50 -05:00
7401cb2b51
Add ServerOAuth2LoginAuthenticationTokenConverter
...
Issue: gh-4807
2018-05-11 04:19:50 -05:00
3cd2ddf793
Add NimbusReactiveAuthorizationCodeTokenResponseClient
...
Issue: gh-4807
2018-05-11 04:19:50 -05:00
3220e9560a
Add DefaultReactiveOAuth2UserService
...
Issue: gh-4807
2018-05-11 04:19:50 -05:00
b613b2d253
Add WebSessionOAuth2ReactiveAuthorizationRequestRepository
...
Issue: gh-4807
2018-05-11 04:19:50 -05:00
5e9c714ff0
Add InMemoryReactiveOAuth2AuthorizedClientService
...
Issue: gh-4807
2018-05-11 04:19:50 -05:00
a02b0c17f8
Add InMemoryReactiveClientRegistrationRepository
...
Issue: gh-4807
2018-05-11 04:19:50 -05:00
c696640276
OAuth2AuthorizationResponseUtils uses MultiMap
...
Fixes: gh-5331
2018-05-11 04:19:50 -05:00
fff64db0e2
Improve ClaimAccessor getClaimAsInstant
...
Fixes gh-5250
2018-05-03 21:03:45 -04:00
2356749cc3
Add test NimbusUserInfoResponseClient sets Accept header to JSON
...
Issue gh-5294
2018-05-03 20:18:41 -04:00
b8f225c49e
NimbusUserInfoResponseClient sets Accept header to JSON
...
Fixes gh-5294
2018-05-03 16:34:38 -04:00
4cc5705ae5
HttpSessionOAuth2AuthorizationRequestRepository removes empty Map from session
...
Fixes gh-5263
2018-05-02 11:07:26 -04:00
49b63e260d
OAuth2LoginAuthenticationFilter should handle null ClientRegistration
...
Fixes gh-5251
2018-05-02 09:16:42 -04:00
6095340e93
OAuth2AuthorizationRequestRedirectFilter -> Reuse code for baseUrl
...
Fixes gh-5153
2018-04-09 21:11:00 -04:00
d8f91e4261
Fix NPE with exp claim in NimbusJwtDecoderJwkSupport
...
Fixes gh-5168
2018-04-04 07:58:32 -04:00
2bd31c96ed
ClaimAccessor.getClaimAsInstant() converts Long or Date
...
Fixes gh-5191, Fixes gh-5192
2018-04-03 21:14:25 -04:00
526e0fdd4f
Add OAuth2 Client HandlerMethodArgumentResolver
...
Fixes gh-4651
2018-04-02 12:13:52 -04:00
982fc360b2
Add support for authorization_code grant
...
Fixes gh-4928
2018-04-02 12:13:06 -04:00
ce2f669245
Remove state assertion when loading OAuth2AuthorizationRequest
...
Fixes gh-5163
2018-03-27 20:06:30 -04:00
d07cfe655d
Use Supplier variants of Assert methods
2018-03-27 10:58:55 -05:00
bb15213091
Ensure consistency by using Collection<GrantedAuthority> type
...
Fixes gh-5143
2018-03-21 10:35:18 -04:00
90f9d728cd
Allow extension for OAuth2Error
...
Fixes gh-5148
2018-03-21 10:04:57 -04:00
bf41d48718
HttpSessionOAuth2AuthorizationRequestRepository support distributed HttpSession
...
Previously HttpSessionOAuth2AuthorizationRequestRepository
getAuthorizationRequest attempted to update the state of HttpSession as
well as getting the Map of OAuth2AuthorizationRequest. This had a few
problems
- First it was confusing that a get method updated state
- It worked when the session was in memory, but would not work when the
HttpSesson was persisted to an external store (i.e. Spring Session) since
after updating the Map, there was no invocation to update
This commit cleans up the logic and ensures that the values are explicitly
set in the HttpSession so it works with a session persisted in an external
store.
Fixes: gh-5146
2018-03-20 22:14:48 -05:00
04e2e86e6e
Polish HttpSessionOAuth2AuthorizationRequestRepositoryTests
...
Fixes: gh-5147
2018-03-20 22:14:48 -05:00
59cef7d339
HttpSessionOAuth2AuthorizationRequestRepository handle multiple OAuth2AuthorizationRequest per session
...
Fixes gh-5110
2018-03-20 22:14:48 -05:00
a5bd76b6ed
Revert authorization_code grant support
...
This reverts commit eae7afd9aa
2018-03-06 16:16:45 -05:00
eae7afd9aa
Add support for authorization_code grant
...
Fixes gh-4928
2018-03-02 14:30:49 -05:00
7eb58ee7d9
DefaultOAuth2UserService -> assert UserInfo Uri is set
...
Fixes gh-4992
2018-02-02 13:01:18 -05:00
6b24aaf6f5
Add javadoc for spring-security-oauth2-jose
...
Fixes gh-4885
2018-01-23 21:27:47 -05:00
fe2ac00deb
Add javadoc for spring-security-oauth2-client
...
Fixes gh-4884
2018-01-23 17:07:21 -05:00
e6cac604f3
Add javadoc for spring-security-oauth2-core
...
Fixes gh-4883
2018-01-18 16:00:26 -05:00
1d32fffc1d
Make OAuth2Error Serializable
...
Fixes gh-4944
2018-01-10 10:40:54 -05:00
57353d18e5
Use diamond type
2017-12-21 15:09:00 -06:00
c16456623f
Remove unused imports
2017-12-20 16:05:38 -06:00
268a1dc06e
DefaultOAuth2User is Serializable
...
Fixes gh-4917
2017-12-19 09:07:17 -05:00
ae664c33b1
Polish
...
Fix compile warnings in ClientRegistrationTests
2017-11-27 12:12:59 -06:00
edccafca84
Create OAuth2AuthorizationResponse lazily
...
This commit creates `OAuth2AuthorizationResponse` as lazily as possible to prevent the creation when `authorizationRequest` is `null`.
Fixes gh-4848
2017-11-20 11:01:34 -05:00
c04b3b4114
Exclude well-known ports in expanded redirect-uri
...
Fixes gh-4836
2017-11-18 10:41:27 -05:00
b6895e6359
Apply Checkstyle WhitespaceAfterCheck module
2017-11-16 11:18:31 -06:00
dd33f0a7de
ClientRegistration.redirectUri -> redirectUriTemplate
...
Fixes gh-4827
2017-11-15 14:51:35 -05:00
e098c3707e
Update default redirect-uri to use 'baseUrl' template variable
...
Fixes gh-4826
2017-11-15 14:51:35 -05:00
d900f2a623
Remove unused imports
...
This commit also adds UnusedImportsCheck Checkstyle module.
2017-11-14 14:41:08 -06:00
872a8f3189
Change constructor param order in oauth2 client filters
...
Fixes gh-4818
2017-11-13 17:32:22 -05:00
426c034c01
OidcUserService uses custom userNameAttributeName
...
Fixes gh-4812
2017-11-12 14:44:57 -05:00
6775d9fdd8
OAuth2AccessTokenResponse should account for expires_in <= 0
...
Fixes gh-4810
2017-11-12 11:30:11 -05:00
63e2db72ea
Add tests to oauth2-jose
...
Fixes gh-4806
2017-11-10 17:09:48 -05:00
473ac0e37c
Add tests to oauth2-client
...
Fixes gh-4299
2017-11-10 16:03:34 -05:00
db35dc6c03
Add tests to oauth2-core
...
Fixes gh-4298
2017-11-06 11:39:17 -05:00
ef9cd76607
Polish oauth2
...
Fixes gh-4758
2017-10-30 16:49:01 -04:00
d435f149eb
Polish spring-security-oauth2-jose
...
Fixes gh-4755
2017-10-30 13:09:40 -04:00
511d702ee0
Remove JwtDecoderRegistry
...
Fixes gh-4754
2017-10-30 12:52:42 -04:00
d9584384c4
Move collectClaims to OidcUserAuthority
...
Fixes gh-4749
2017-10-29 20:41:05 -05:00
3d065b5afd
Add getIdToken getUser to OidcUser
...
Fixes gh-4748
2017-10-29 20:10:55 -05:00
c1c726f123
Polish InMemoryClientRegistrationRepository
...
Issue: gh-4745
2017-10-29 20:03:36 -05:00
a3e38fec47
Remove AuthorizationRequestUriBuilder
...
Make this API private since we don't have concrete use cases for exposing
it yet.
Fixes gh-4742
2017-10-29 19:50:02 -05:00
c3d2effc1d
Polish OAuth2AuthorizedClientService
...
Fixes gh-4746
2017-10-29 20:25:03 -04:00
b496ad4d86
Polish OAuth2LoginAuthenticationToken
...
Fixes gh-4744
2017-10-29 19:21:41 -04:00
8032baa296
Polish InMemoryClientRegistrationRepository
...
- use Map.get
- Construct with stream()
- Add tests
- Remove unnecessary unmodifiableCollection (already unmodifiable)
Fixes gh-4745
2017-10-29 18:07:49 -05:00
f0c2944377
OAuth2AuthorizationResponse getAccessToken
...
No longer delegate to OAuth2AccessToken but add getAccessToken()
Fixes gh-4743
2017-10-29 17:12:46 -05:00
e4887057bc
Rename AuthorizationGrantTokenExchanger -> OAuth2AccessTokenResponseClient
...
Fixes gh-4741
2017-10-29 17:49:15 -04:00
2a00232a5b
Remove UserInfoRetreiver
...
Fixes gh-4740
2017-10-29 17:49:15 -04:00
6fbd435bdf
OAuth2LoginAuthenticationFilter requires collaborators
...
Fixes gh-4661
2017-10-29 04:41:23 -04:00
b471dd1c54
Remove OAuth2TokenRepository
...
Fixes gh-4727
2017-10-28 21:40:33 -04:00
b1d56b5821
NimbusAuthorizationCodeTokenExchanger uses authorizationRequest.redirectUri
...
Fixes gh-4701
2017-10-28 21:30:40 -04:00
006319f19a
UserInfoRetriever supports ParameterizedTypeReference
...
Fixes gh-4693
2017-10-28 19:26:04 -04:00
9dc4aa6c81
Make OidcUserInfo Serializable
...
Fixes gh-4733
2017-10-28 18:35:21 -04:00
83dc902ff7
Map CustomUserTypesOAuth2UserService using clientRegistrationId
...
Fixes gh-4692
2017-10-28 18:11:39 -04:00
0c68eb1821
Re-factor OAuth2AuthorizationCodeAuthenticationToken
...
Fixes gh-4730
2017-10-28 17:15:31 -04:00
64d8c8b8a9
Re-factor AuthorizationGrantTokenExchanger
...
Fixes gh-4728
2017-10-28 17:12:14 -04:00
16e69d06b4
Add OAuth2AuthorizedClientService
...
Fixes gh-4726
2017-10-28 17:12:14 -04:00
f0b0cfc4fd
Ensure Copyright header reads 2002-2017
...
fixes gh-4655
Signed-off-by: Sola <dev@sola.love>
2017-10-28 13:02:06 -05:00
67bac28481
OAuth2UserService uses OAuth2UserRequest
...
Fixes gh-4724
2017-10-27 22:34:25 -04:00
3d319f7592
Make AuthorizationRequestRepository a Generic
...
Fixes gh-4723
2017-10-27 21:31:45 -04:00
9afefef3b9
Polish class names in oauth2-client
...
Fixes gh-4722
2017-10-27 21:00:52 -04:00
34668e05af
Polish class names in oauth2-core
...
Fixes gh-4720
2017-10-27 20:42:58 -04:00
8527daa22a
Make OAuth2UserService Generic using OAuth2AuthorizedClient and OAuth2User types
...
Fixes gh-4706
2017-10-27 11:49:29 -04:00
3b80b6ded8
Move AuthorizationRequestUriBuilder to oauth2-client
...
Fixes gh-4703
2017-10-26 21:23:06 -04:00
ef197d8215
Move JwtDecoderRegistry to oauth2.client.jwt package
...
Fixes gh-4705
2017-10-26 21:06:28 -04:00
70543dcb30
Move oidc package in oauth2-core and oauth2-client
...
Fixes gh-4710
2017-10-26 21:06:28 -04:00
c5da9e08fd
Move AuthorizedClient to root package oauth2.client
...
Fixes gh-4709
2017-10-26 15:51:26 -04:00
ef83bc8dd7
Move package client.authentication.userinfo -> client.userinfo
...
Fixes gh-4708
2017-10-26 15:39:04 -04:00
35fb96a2f8
Move OAuth2AuthenticationException to oauth2-core
...
Fixes gh-4707
2017-10-26 15:12:03 -04:00
027ea78dab
Revert "Move OAuth2LoginAuthenticationProvider into userinfo package"
...
This reverts commit 54547f35b7
2017-10-26 14:55:25 -04:00
942b647c0d
OAuth2LoginAuthenticationFilter processes uri /login/oauth2/code/*
...
Issue gh-4687
2017-10-26 14:20:19 -04:00
54547f35b7
Move OAuth2LoginAuthenticationProvider into userinfo package
...
Fix package tangles. OAuth2LoginAuthenticationProvider requires
OAuth2UserService which is in a child package. We should move
OAuth2LoginAuthenticationProvider to the same package.
Issue: gh-4614
2017-10-26 11:22:21 -05:00
18dd49b47c
Validate ID Token
...
Fixes gh-4440
2017-10-26 11:36:44 -04:00
d0a4e49870
Map custom OAuth2User types using String
...
Fixes gh-4691
2017-10-25 17:13:44 -04:00
1a3b9c1f3f
Polish UserInfoRetriever
...
Issue gh-4695
2017-10-25 16:48:50 -04:00
43d201fa3e
Move OAuth2AuthenticationToken
...
Fixes gh-4697
2017-10-25 16:17:49 -04:00
9fbea5a11e
Refactor SecurityTokenRepository
...
Fixes gh-4650
2017-10-25 16:00:34 -04:00
5237c6e01b
Remove AuthorizedClient.getAuthorizedScopes()
...
Fixes gh-4696
2017-10-25 14:06:34 -04:00
5a584e5ccb
Rename OAuth2/OIDC ClientAuthenticationToken -> AuthorizedClient
...
Fixes gh-4695
2017-10-25 13:47:00 -04:00
9b670882b7
Rename SecurityToken -> AbstractOAuth2Token
...
Fixes gh-4646
2017-10-25 10:29:34 -04:00
1bd826897f
UserInfoRetriever.retrieve accepts the type to convert
...
Fixes gh-4688
2017-10-24 15:14:58 -05:00
4dbbcabacf
Rename AuthorizationCodeAuthenticationProvider -> OAuth2LoginAuthenticationProvider
...
Fixes gh-4690
2017-10-24 15:24:26 -04:00
049080290e
Refactor OAuth2 AuthenticationProvider's
...
Fixes gh-4689
2017-10-24 15:24:26 -04:00
0fb32a052e
OAuth2LoginAuthenticationFilter processes uri /login/oauth2/*
...
Fixes gh-4687
2017-10-24 15:24:26 -04:00
4ae24f2fbe
Rename AuthorizationCodeAuthenticationFilter -> OAuth2LoginAuthenticationFilter
...
Fixes gh-4686
2017-10-24 15:24:25 -04:00
8e7838fa64
Verify UserInfo Response sub claim
...
Fixes gh-4441
2017-10-23 11:44:29 -04:00
ff0009daed
Add AuthorizationRequest.Builder.scope(String...)
...
Fixes gh-4643
2017-10-23 11:20:15 -04:00
8a416793aa
Return AuthorizationRequest from AuthorizationRequestRepository.removeAuthorizationRequest
...
Fixes gh-4652
2017-10-23 11:02:17 -04:00
6d7d34c549
Move AuthorizationRequestUriBuilder and DefaultAuthorizationRequestUriBuilder
...
Fixes gh-4658
2017-10-23 10:19:31 -04:00
f0c9f85292
spring-security-jwt-jose -> spring-security-oauth2-jose
...
Fixes gh-4595
2017-10-23 09:04:01 -04:00
c94b3f4d23
Add AuthorizationExchange
...
Fixes gh-4660
2017-10-20 20:59:32 -04:00
eb2b573426
Validate Authorization Response
...
Fixes gh-4657, Issue gh-4654
2017-10-20 20:59:32 -04:00
8e3a2a7123
Remove AuthorizationCodeAuthenticationFilter.AuthorizationResponseMatcher
...
Fixes gh-4654
2017-10-20 06:09:31 -04:00
84a1c417a3
Extract Converter from AuthorizationResponseMatcher
...
Fixes gh-4653
2017-10-20 04:56:07 -04:00
d4dac21ca5
Make ClientRegistration.Builder constructor private
...
Fixes gh-4656
2017-10-19 14:15:59 -04:00
a980e3b0d7
Remove ClientRegistrationIdentifierStrategy
...
Fixes gh-4648
2017-10-19 13:40:06 -04:00
f3756cdd07
Remove ClientRegistrationProperties
...
Fixes gh-4649
2017-10-19 13:27:54 -04:00
1f5edc98d5
ClientRegistration.Builder.scopes -> scope
...
Fixes gh-4663
2017-10-19 11:24:01 -04:00
1e891b38ab
Rename scope -> scopes for Set types
...
Fixes gh-4644
2017-10-18 17:56:39 -04:00
a77bdb0c5d
Make AuthorizationRequest serializable
...
Fixes gh-4627
2017-10-18 15:55:37 -04:00
d7d6400971
DefaultStateGenerator->Base64StringKeyGenerator
...
Rename and move DefaultStateGenerator since it is more generic than just
OAuth.
Fixes gh-4645
2017-10-18 11:29:04 -05:00
d554b06a43
OAuth use ConcurrentHashMap
...
Fixes gh-4647
2017-10-17 22:17:09 -05:00
b764c666c6
Fix jwt package tangles
...
JWT is part of OAuth2, so it should be a subpackage of oauth2.
Fixes gh-4614
2017-10-17 21:06:27 -05:00
c5abcd1fcd
DefaultAuthorizationRequestUriBuilder uses StringUtils
...
Fixes gh-4642
2017-10-17 20:24:43 -05:00
7b8d131386
Fix package tangles -> OAuth2/Oidc AuthenticationProvider's
...
Fixes gh-4614
2017-10-16 20:56:32 -04:00
25052214ae
Polish
2017-10-16 18:33:27 -05:00
a7d054c9f3
Remove AuthorizationGrantAuthenticator
2017-10-16 13:43:11 -04:00
3c824dc44b
Fix package tangles -> OAuth2UserService
...
Fixes gh-4614
2017-10-13 18:59:41 -04:00
cfa4858b04
Fix package tangles -> AuthorizationGrantTokenExchanger
...
Fixes gh-4614
2017-10-13 16:35:48 -04:00
ea64d10d95
Polish jwt-jose
2017-10-13 07:09:00 -04:00
c441f99567
Polish oauth2-client
2017-10-13 07:09:00 -04:00
d4d7199a6d
Polish oauth2-core
2017-10-13 07:09:00 -04:00
df474e04d8
Move logic from AuthorizationCodeAuthenticationFilter to OAuth2UserAuthenticationProvider
2017-10-11 17:39:21 -04:00
ca5b62abb5
Move AuthorizationResponseConverter logic to AuthorizationCodeAuthenticationFilter
2017-10-11 17:39:21 -04:00
d840090cb0
Add support for implicit grant type
...
Fixes gh-4500
2017-10-11 13:54:59 -04:00
401c84b3f2
Externalize error codes from OAuth2Error
...
Fixes gh-4606
2017-10-10 20:24:33 -04:00
da0a7afa38
Polish AuthorizationCodeAuthenticationFilter
...
Fixes gh-4599
2017-10-10 14:39:47 -04:00
efa4bf409c
Remove AuthorizationCodeRequestRedirectFilter. setAuthorizationRequestMatcher
2017-10-10 14:38:06 -04:00
6b16fa0d8c
Polish OAuth Security Configurers
2017-10-10 14:38:06 -04:00
97c938e7f3
Extract authentication logic from AuthorizationCodeAuthenticationFilter
...
Fixes gh-4590
2017-10-10 14:38:06 -04:00
5811624bbe
Polish endpoint package
...
* Remove ErrorResponseAttributes
* Rename AuthorizationRequestAttributes -> AuthorizationRequest
* Remove AuthorizationCodeTokenRequestAttributes
* Rename TokenResponseAttributes -> TokenResponse
Issue gh-4593
2017-10-06 18:51:24 -04:00
ce142e50b6
Rename AuthorizationCodeAuthorizationResponseAttributes -> AuthorizationResponse
...
Fixes gh-4593
2017-10-06 18:51:24 -04:00
eca2b67137
ClientRegistration supports 'baseUrl' uri variable
...
Fixes gh-4589
2017-10-05 20:35:51 -04:00
dec0bce100
Remove authorities -> AuthorizationGrantAuthenticationToken constructor
...
Fixes gh-4602
2017-10-05 20:22:50 -04:00
1b7e761be4
Remove SecurityTokenRepository from AuthorizationCodeAuthenticationProvider constructor
...
Fixes gh-4591
2017-10-05 17:05:56 -04:00
eb320bfed4
AuthorizationCodeAuthenticationProcessingFilter -> AuthorizationCodeAuthenticationFilter
2017-10-05 16:40:12 -04:00
5c14e48b18
Add OAuth2UserAuthenticationProvider
...
Moved logic from AuthorizationCodeAuthenticationProvider
to OAuth2UserAuthenticationProvider (new) related to
loading user attributes via OAuth2UserService.
This re-factor is part of the work required for Issue gh-4513
2017-10-05 15:15:35 -04:00
f8a9077d5a
Generalize AuthorizationCodeAuthenticationProvider
...
The AuthorizationCodeAuthenticationProvider implements part of the
Authorization Code Grant flow as defined in
OAuth 2.0 Authorization Framework and OpenID Connect Core 1.0.
The implementation needs to be de-coupled to allow for better re-use and readability.
This commit introduces the AuthorizationGrantAuthenticator and extracts logic from
AuthorizationCodeAuthenticationProvider and provides different implementations
for OAuth 2.0 and OpenID Connect 1.0.
This re-factor is part of the work required for Issue gh-4513
2017-10-05 05:02:22 -04:00
0d516ca32c
Rename scopes -> scope
2017-10-02 15:50:16 -04:00
fb57111ecd
redirect-uri property supports 'baseRedirectUrl' uri variable
...
Fixes gh-4589
2017-10-02 15:29:03 -04:00
66647070ab
Default login page supports Iterable<ClientRegistration>
...
Fixes gh-4596
2017-09-29 19:54:17 -04:00
ad91adf9dc
Retrieving the UserInfo is conditional
...
Fixes gh-4451
2017-09-29 10:51:16 -04:00
646b3e48b3
Avoid Exception Message in HTTP Response
...
Fixes gh-4587
2017-09-28 17:24:49 -05:00
b9258aa6ee
Make AuthorizationRequestUriBuilder optional
...
Fixes gh-4577
2017-09-28 16:43:11 -04:00
bfb77a7804
Remove unnecessary dependencies
2017-09-28 15:42:12 -04:00
9a8ddebc94
Use param matching for Authorization Response
...
Fixes gh-4576
2017-09-28 10:21:01 -04:00
d191bcc8ac
Remove ClientRegistrationRepository.findByClientId()
...
Fixes gh-4583
2017-09-28 09:01:58 -04:00
52f495a5ec
Remove ProviderJwtDecoderRegistry
...
Fixes gh-4581
2017-09-28 08:51:43 -04:00
8448a54678
Remove ClientRegistrationRepository.getRegistrations()
...
Fixes gh-4582
2017-09-28 07:02:59 -04:00
3217582805
Introduce JwtDecoderRegistry
...
Fixes gh-4584
2017-09-28 06:07:47 -04:00
b463f8e6b5
Remove httpSecurity.oauth2Login().userInfoEndpoint().userNameAttributeName()
...
Related gh-4580
2017-09-27 15:39:39 -04:00
814742fef6
Rename ClientRegistration.clientAlias -> registrationId
...
Fixes gh-4575
2017-09-27 09:14:55 -04:00
38be35677d
Add userNameAttributeName to ClientRegistration
...
Fixes gh-4580
2017-09-26 21:55:19 -04:00
7fb3093617
Fix NPE InMemoryClientRegistrationRepository
2017-09-26 14:08:01 -04:00
0e9b2807bf
Split up NimbusOAuth2UserService
...
Fixes gh-4447
2017-09-26 11:32:49 -04:00
a06487c0f7
Move additionalParameters to TokenResponseAttributes
...
Fixes gh-4554
2017-09-22 15:21:22 -04:00
680984c242
SecurityTokenRepository associates SecurityToken to ClientRegistration
...
Fixes gh-4563
2017-09-22 09:51:00 -04:00
7fb386669f
InMemoryClientRegistrationRepository -> enforce unique ClientRegistration's
...
Fixes gh-4562
2017-09-21 15:47:26 -04:00
9b61eba41d
Add identifier strategy for ClientRegistration
...
Fixes gh-4561
2017-09-21 10:19:28 -04:00
991a154703
Add OIDC Client and User Authentication
...
Fixes gh-4521
2017-09-19 20:57:56 -04:00
c54c622124
Re-structure OAuth2AuthenticationToken
...
Fixes gh-4553
2017-09-19 16:35:43 -04:00
e345dd106c
Remove leading whitespaces
2017-09-18 11:52:31 -05:00
65b968f04a
Move servlet-specific classes to 'web' package
...
Fixes gh-4366
2017-09-13 16:13:32 -04:00
9133eb1b78
Revert "Provide fix for Google iss claim"
...
This reverts commit b6212cba66
2017-09-13 14:07:23 -04:00
549decf00a
Prefer `sub` claim as OIDC principal name
...
This commit removes preference for `name` claim as principal name in `DefaultOidcUser` so that the default is now `sub` claim. In addition to that, `DefaultOidcUser` now also provides constructors to explicitly define the claim to be preferred as principal name.
Fixes gh-4515
2017-09-13 13:53:14 -04:00
4ff0b52f74
Remove HttpClientConfig
...
Issue gh-4478
2017-09-12 21:03:40 -04:00
223b126de5
Remove Serializable from OAuth2User
...
Fixes gh-4514
2017-09-05 09:24:25 -04:00
306f81b7f7
Minor renames to oauth2 client properties
...
Fixes gh-4296
2017-08-30 11:51:06 -04:00
b6212cba66
Provide fix for Google iss claim
...
Fixes gh-4511
2017-08-26 18:55:23 -04:00
4951550d7d
Add context path to authorization request URI
...
Fixes gh-4510
2017-08-26 18:55:23 -04:00
ec908bb700
Add unit tests for endpoints package
...
Fixes gh-4499
This commit contains unit tests for the endpoints package in oauth2-core.
2017-08-24 18:26:33 -04:00
bc6be86aec
Add in-memory AccessTokenRepository
...
Fixes gh-4508
2017-08-23 17:18:35 -04:00
d6ba348a59
Add SecurityTokenRepository abstraction
...
Fixes gh-4405
2017-08-23 17:18:19 -04:00
93c2b2533e
Allow configuring request paths for oauth2 filters
...
Fixes gh-4473
2017-08-23 17:17:01 -04:00
e16b8e7976
Fix logback-test.xml
2017-08-17 16:42:01 -05:00
65734414f7
Added HttpServletResponse to AuthorizationRequestRepository
...
This change enables AuthorizationRequestRepository to possibly save the AuthorizationRequestAttributes to a cookie.
Fixes gh-4446
2017-08-15 09:45:52 -04:00
ef1de5eda0
Remove Accept header for UserInfo request
...
Fixes gh-4481
2017-08-15 04:54:38 -04:00
c872499eee
Enable custom configuration for HTTP client
...
Fixes gh-4477
2017-07-28 16:43:44 -04:00
3b42323b6d
AuthorizationCodeRequestRedirectFilter -> always expand redirectUri
...
Fixes gh-4444
2017-07-28 09:31:38 -04:00
c204cc2c31
Completed implementation in ClaimAccessor's
...
Fixes gh-4449
2017-07-28 09:31:38 -04:00
33423c46d3
Rename AbstractToken to SecurityToken
...
Fixes gh-4466
2017-07-28 09:31:37 -04:00
f50812c385
Renamed methods in AuthorizationCodeRequestRedirectFilter
...
Fixes gh-4443
2017-07-14 17:09:49 -04:00
598a08e2d8
Update docs AuthorizationCodeAuthenticationProvider
...
Fixes gh-4450
2017-07-14 16:58:36 -04:00
9cfb890207
Use id_token for user authentication
...
Fixes gh-4410
2017-07-07 12:44:26 -04:00
c986b6f4b5
Add support for JWT/JWS
...
Fixes gh-4434
2017-07-05 16:23:32 -04:00
6c0ecea494
Use java.util.Function instead of Converter
...
Fixes gh-4323
2017-06-01 17:25:39 -04:00
545339c663
Change AuthorizationGrantType from enum to class
...
Fixes gh-4291
2017-05-30 16:22:53 -04:00
4476df93e9
Change ResponseType from enum to class
...
Fixes gh-4292
2017-05-30 16:11:57 -04:00
336e247e70
Change AccessToken.TokenType from enum to class
...
Fixes gh-4293
2017-05-30 15:50:58 -04:00
435e389609
Change ClientAuthenticationMethod from enum to class
...
Fixes gh-4313
2017-05-30 14:41:59 -04:00
3ccf6764c1
Handle unsuccessful UserInfo response
...
Fixes gh-4351
2017-05-24 15:43:21 -04:00
521feb9a1b
Update Boot samples to 2.0.0.M1
...
Fixes gh-4339
2017-05-24 11:32:00 -04:00
d81b436e5d
Remove pom.xml from build
...
Gradle is easy enough to import into IDEs, so pom.xml should no
longer be necessary.
This commit removes the pom.xml files from the build.
Fixes gh-4283
2017-05-11 14:32:36 -05:00
85719fcd64
Use Base64 implementation provided by Java 8
2017-05-10 00:27:36 -05:00
a458b682d6
Add package/class level javadoc in oauth2-client
...
Fixes gh-4295
2017-05-04 12:37:35 -04:00
829c386756
Add support for OAuth 2.0 Login
...
Fixes gh-3907
2017-04-28 10:58:59 -04:00
Rob Winch
Joe Grandja
Christoph Dreis
Johnny Lim
Eddú Meléndez
Sola
Vedran Pavic
Luander Ribeiro