Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
8,305 Commits 30 Branches 330 Tags 114 MiB
Commit Graph

1085 Commits

Author SHA1 Message Date
Josh Cummings e1fdb24b5d
Add opaqueToken MockMvc Test Support 
Fixes gh-7712
 2019-12-20 15:34:11 -07:00
Filip Hanik b7eebabce6 Ensure that both matchers carry the same pattern. 
AbstractAuthenticationProcessingFilter.setRequiresAuthenticationRequestMatcher is public and final,
so there is a risk that the underlying matcher can become different if one is not careful.
 2019-12-17 13:34:27 -08:00
Joe Grandja 24500fa3ca Remove redundant validation for redirect-uri 
Fixes gh-7706
 2019-12-06 11:55:31 -05:00
Josh Cummings d102cae243
oidcLogin MockMvc Documentation 
Remove documentation requiring a valid ClientRegistrationRepository

Issue: gh-7618
 2019-12-02 22:49:17 -07:00
Josh Cummings 8c32d5fe48
Add oidcLogin WebFlux Test Support 
Fixes: gh-7680
 2019-12-02 22:28:24 -07:00
Josh Cummings b35e18ff31
Add oidcLogin MockMvc Test Support 
Fixes gh-7618
 2019-11-26 16:12:06 -07:00
Josh Cummings 4954a229d6
Polish oauth2Login Sample Test 
Issue: gh-7618
 2019-11-26 14:19:14 -07:00
Josh Cummings 7cbd1665a6
Isolate Jwt Test Support 
Isolating Jwt test support inside JwtRequestPostProcessor and
JwtMutator.

Fixes gh-7641
 2019-11-22 15:07:05 -07:00
Eddú Meléndez 27aa61b02f Use LocalRSocketServerPort annotation 2019-11-06 10:10:32 +01:00
Filip Hanik 0cafcf37e2 Make the loginProcessingUrl configurable for saml2Login() 
Fixes gh-7565

https://github.com/spring-projects/spring-security/issues/7565
 2019-10-31 08:20:12 -07:00
Filip Hanik 4489163163 Use Spring Boot configuration for saml2Login() 
Fixes gh-7521

https://github.com/spring-projects/spring-security/issues/7521
 2019-10-25 08:22:40 -07:00
Filip Hanik 5345aecd7f Align RSocket sample with new Spring Boot configuration 2019-10-25 08:22:40 -07:00
Rob Winch 03e2efacf4 Add Hello RSocket Sample 
Fixes gh-7504
 2019-09-30 13:58:03 -05:00
Filip Hanik 83b5f5c7ae Improve the Saml2AuthenticationRequest object 
- introduce the AssertionConsumerServiceURL attribute
- add javadoc
- align property name with SAML XML for AuthNRequest
 2019-09-30 11:01:34 -07:00
Filip Hanik 9731386de5 Correctly set "Destination" in AuthNRequest message 
Fixes gh-7494
https://github.com/spring-projects/spring-security/issues/7494
 2019-09-30 11:01:34 -07:00
Filip Hanik 7adb4da3ef Always require signature on either response or assertion 
Fixes gh-7490
https://github.com/spring-projects/spring-security/issues/7490
 2019-09-30 09:22:36 -07:00
Filip Hanik e6d40e8280
Merge pull request #7477 from fhanik/feature/propagate_saml_authentication_exception 
propagate saml authentication exception #7375
 2019-09-27 09:38:57 -07:00
Filip Hanik 22da2b45c9 SAML Assertion validation should propagate errors: #7375 and #7375 
Fixes gh-7377
Fixes gh-7375

https://github.com/spring-projects/spring-security/issues/7377
https://github.com/spring-projects/spring-security/issues/7375

Clean up code

- Authentication request factory should only throw Saml2Exception
- OpenSamlImplementation should only throw Saml2Exception
- Move the OpenSamlImplementation package private methods to the right
section
 2019-09-27 09:07:25 -07:00
Ivo Smid a11e61432e Document OAuth2 Client behind proxy and redirect_uri 
Fixes gh-7312
 2019-09-26 14:09:21 -04:00
Filip Hanik adde18b873 Revert "Merge pull request #7432 from fhanik/feature/propagate_saml_authentication_exception" 
This reverts commit e9619fb0e7, reversing
changes made to 45a1490d5d.
 2019-09-24 16:05:09 -07:00
Filip Hanik d472e99528 SAML Assertion validation should propagate errors: #7375 and #7375 
Fixes gh-7377
Fixes gh-7375

https://github.com/spring-projects/spring-security/issues/7377
https://github.com/spring-projects/spring-security/issues/7375
 2019-09-24 14:40:39 -07:00
Rob Winch 00f8991fac Merge Remove Redudant Throws 
Fixes gh-7301
 2019-09-19 11:04:53 -05:00
Josh Cummings bdaf530511
Remove Stray @MockBean 
Issue gh-7170
 2019-09-16 06:56:58 -06:00
Josh Cummings b55b2914c2 Mock Jwt Disables CSRF 
Fixes gh-7170
 2019-09-13 19:04:05 +01:00
Joe Grandja a60446836b OAuth2AuthorizeRequest supports attributes 
Fixes gh-7341
 2019-09-05 21:04:25 -04:00
Filip Hanik e9a44bc0ce HttpSecurity.saml2login() - MVP Core Code 
Implements minimal SAML 2.0 login/authentication functionality with the
following feature set:

  - Supports IDP initiated login at the default url of /login/saml2/sso/{registrationId}
  - Supports SP initiated login at the default url of /saml2/authenticate/{registrationId}
  - Supports basic java-configuration via DSL
  - Provides an integration sample using Spring Boot

Not implemented with this MVP

  - Single Logout
  - Dynamic Service Provider Metadata

Fixes gh-6019
 2019-09-05 14:40:08 -07:00
Joe Grandja dcd997ea43 Add support for Resource Owner Password Credentials grant 
Fixes gh-6003
 2019-09-04 14:07:45 -04:00
Josh Cummings 82ae4db4cc Update Multi Tenancy Sample to Convert Jwts 
Issue gh-7346
 2019-09-03 15:58:05 -06:00
Josh Cummings 068f4f0147 Polish Opaque Token 
Use OAuth2AuthenticatedPrincipal
Use BearerTokenAuthentication
Update names to reflect more generic approach.

Fixes gh-7344
Fixes gh-7345
 2019-09-03 15:58:05 -06:00
Lars Grefer 95511331fa fix checkstyle 2019-08-26 22:42:26 +02:00
Lars Grefer 34dd5fea30 Remove redundant throws clauses 
Removes exceptions that are declared in a method's signature but never thrown by the method itself or its implementations/derivatives.
 2019-08-23 01:03:54 +02:00
Eleftheria Stein 2ddab8b23e Use UserDetailsService bean in sample app 
Fixes: gh-7283
 2019-08-22 10:06:56 -04:00
Joe Grandja 46756d2e6b Introduce Reactive OAuth2AuthorizedClient Manager/Provider 
Fixes gh-7116
 2019-08-21 14:12:38 -04:00
Josh Cummings 95caa4715f
Add Reactive Mock Jwt Sample Tests 
Fixes gh-7278
 2019-08-19 13:14:58 -06:00
Josh Cummings 10a9207cd5
Pivot Resource Server Sample 
Changed sample to manage its own JwtDecoder, allowing the Nimbus
Jwt Decoder Builder API to evolve during milestone development.
 2019-08-17 00:26:39 -06:00
Josh Cummings 0ecffb0840
Multi-tenancy Sample AuthenticationManagers 
Fixes gh-7272
 2019-08-17 00:26:39 -06:00
Josh Cummings 9735a718cc
Remove MultiTenantAuthenticationManagerResolver 
Fixes gh-7259
 2019-08-14 11:14:47 -06:00
Lars Grefer cb4f3d2f44 Use UTF-8 for Java sources and XML 2019-08-14 08:47:00 -05:00
Josh Cummings 4ed197e515 Rename OAuth2TokenIntrospectionClient 
Renamed to OpaqueTokenIntrospector

Fixes gh-7245
 2019-08-12 18:05:28 -04:00
Rob Winch 39d2b32603 Polish io.freefair.aspectj Usage 
Consistent aspectj version throughout
 2019-08-12 14:19:50 -05:00
Rob Winch c1db1aad91
Cleanup Code Style Issues 
Cleanup Code Style Issues
 2019-08-12 13:06:49 -05:00
Lars Grefer a51318eb95 Use the 'io.freefair.aspectj' gradle plugin 2019-08-12 11:46:28 -05:00
Lars Grefer ff1070df36 remove redundant modifiers found by checkstyle 2019-08-10 00:18:56 +02:00
Lars Grefer 25c06be1eb Java 7: Identical 'catch' branches in 'try' statement 2019-08-09 16:59:07 -05:00
Lars Grefer 35bdf1f009 Unnecessary semicolon 2019-08-09 00:43:13 +02:00
Lars Grefer d9c1f03b84 Unnecessary interface modifier 2019-08-09 00:42:35 +02:00
Lars Grefer fb39d9c255 Anonymous type can be replaced with lambda 2019-08-08 17:09:09 -04:00
Henrique Luis Schmidt da62c31fdc Add test examples for the resource server sample 
- Add a post endpoint in /messages
- Changes the security config to require the read scope to GET a message and the write scope
to POST a new message.
- Changes the jwks of the mock server so I could create a new access token with the write scope.
- Creates tests and integration-tests for the POST endpoint.
- Changes the README to add an example of a POST request.

Fixes gh-7118
 2019-08-06 14:27:29 -04:00
Lars Grefer 2056834432 Cleanup unnecessary unboxing 
Unboxing is unnecessary under Java 5 and newer, and can be safely removed.
 2019-08-06 10:17:38 -04:00
Lars Grefer 2306d987e9 Cleanup unnecessary boxing 2019-08-06 10:17:38 -04:00