e1fdb24b5d
Add opaqueToken MockMvc Test Support
...
Fixes gh-7712
2019-12-20 15:34:11 -07:00
24500fa3ca
Remove redundant validation for redirect-uri
...
Fixes gh-7706
2019-12-06 11:55:31 -05:00
d102cae243
oidcLogin MockMvc Documentation
...
Remove documentation requiring a valid ClientRegistrationRepository
Issue: gh-7618
2019-12-02 22:49:17 -07:00
8c32d5fe48
Add oidcLogin WebFlux Test Support
...
Fixes: gh-7680
2019-12-02 22:28:24 -07:00
b35e18ff31
Add oidcLogin MockMvc Test Support
...
Fixes gh-7618
2019-11-26 16:12:06 -07:00
4954a229d6
Polish oauth2Login Sample Test
...
Issue: gh-7618
2019-11-26 14:19:14 -07:00
7cbd1665a6
Isolate Jwt Test Support
...
Isolating Jwt test support inside JwtRequestPostProcessor and
JwtMutator.
Fixes gh-7641
2019-11-22 15:07:05 -07:00
27aa61b02f
Use LocalRSocketServerPort annotation
2019-11-06 10:10:32 +01:00
0cafcf37e2
Make the loginProcessingUrl configurable for saml2Login()
...
Fixes gh-7565
https://github.com/spring-projects/spring-security/issues/7565
2019-10-31 08:20:12 -07:00
4489163163
Use Spring Boot configuration for saml2Login()
...
Fixes gh-7521
https://github.com/spring-projects/spring-security/issues/7521
2019-10-25 08:22:40 -07:00
5345aecd7f
Align RSocket sample with new Spring Boot configuration
2019-10-25 08:22:40 -07:00
03e2efacf4
Add Hello RSocket Sample
...
Fixes gh-7504
2019-09-30 13:58:03 -05:00
83b5f5c7ae
Improve the Saml2AuthenticationRequest object
...
- introduce the AssertionConsumerServiceURL attribute
- add javadoc
- align property name with SAML XML for AuthNRequest
2019-09-30 11:01:34 -07:00
9731386de5
Correctly set "Destination" in AuthNRequest message
...
Fixes gh-7494
https://github.com/spring-projects/spring-security/issues/7494
2019-09-30 11:01:34 -07:00
7adb4da3ef
Always require signature on either response or assertion
...
Fixes gh-7490
https://github.com/spring-projects/spring-security/issues/7490
2019-09-30 09:22:36 -07:00
e6d40e8280
Merge pull request #7477 from fhanik/feature/propagate_saml_authentication_exception
...
propagate saml authentication exception #7375
2019-09-27 09:38:57 -07:00
22da2b45c9
SAML Assertion validation should propagate errors: #7375 and #7375
...
Fixes gh-7377
Fixes gh-7375
https://github.com/spring-projects/spring-security/issues/7377
https://github.com/spring-projects/spring-security/issues/7375
Clean up code
- Authentication request factory should only throw Saml2Exception
- OpenSamlImplementation should only throw Saml2Exception
- Move the OpenSamlImplementation package private methods to the right
section
2019-09-27 09:07:25 -07:00
a11e61432e
Document OAuth2 Client behind proxy and redirect_uri
...
Fixes gh-7312
2019-09-26 14:09:21 -04:00
adde18b873
Revert "Merge pull request #7432 from fhanik/feature/propagate_saml_authentication_exception"
...
This reverts commit e9619fb0e745a1490d5d
2019-09-24 16:05:09 -07:00
d472e99528
SAML Assertion validation should propagate errors: #7375 and #7375
...
Fixes gh-7377
Fixes gh-7375
https://github.com/spring-projects/spring-security/issues/7377
https://github.com/spring-projects/spring-security/issues/7375
2019-09-24 14:40:39 -07:00
00f8991fac
Merge Remove Redudant Throws
...
Fixes gh-7301
2019-09-19 11:04:53 -05:00
bdaf530511
Remove Stray @MockBean
...
Issue gh-7170
2019-09-16 06:56:58 -06:00
b55b2914c2
Mock Jwt Disables CSRF
...
Fixes gh-7170
2019-09-13 19:04:05 +01:00
a60446836b
OAuth2AuthorizeRequest supports attributes
...
Fixes gh-7341
2019-09-05 21:04:25 -04:00
e9a44bc0ce
HttpSecurity.saml2login() - MVP Core Code
...
Implements minimal SAML 2.0 login/authentication functionality with the
following feature set:
- Supports IDP initiated login at the default url of /login/saml2/sso/{registrationId}
- Supports SP initiated login at the default url of /saml2/authenticate/{registrationId}
- Supports basic java-configuration via DSL
- Provides an integration sample using Spring Boot
Not implemented with this MVP
- Single Logout
- Dynamic Service Provider Metadata
Fixes gh-6019
2019-09-05 14:40:08 -07:00
dcd997ea43
Add support for Resource Owner Password Credentials grant
...
Fixes gh-6003
2019-09-04 14:07:45 -04:00
82ae4db4cc
Update Multi Tenancy Sample to Convert Jwts
...
Issue gh-7346
2019-09-03 15:58:05 -06:00
068f4f0147
Polish Opaque Token
...
Use OAuth2AuthenticatedPrincipal
Use BearerTokenAuthentication
Update names to reflect more generic approach.
Fixes gh-7344
Fixes gh-7345
2019-09-03 15:58:05 -06:00
34dd5fea30
Remove redundant throws clauses
...
Removes exceptions that are declared in a method's signature but never thrown by the method itself or its implementations/derivatives.
2019-08-23 01:03:54 +02:00
2ddab8b23e
Use UserDetailsService bean in sample app
...
Fixes: gh-7283
2019-08-22 10:06:56 -04:00
46756d2e6b
Introduce Reactive OAuth2AuthorizedClient Manager/Provider
...
Fixes gh-7116
2019-08-21 14:12:38 -04:00
95caa4715f
Add Reactive Mock Jwt Sample Tests
...
Fixes gh-7278
2019-08-19 13:14:58 -06:00
10a9207cd5
Pivot Resource Server Sample
...
Changed sample to manage its own JwtDecoder, allowing the Nimbus
Jwt Decoder Builder API to evolve during milestone development.
2019-08-17 00:26:39 -06:00
0ecffb0840
Multi-tenancy Sample AuthenticationManagers
...
Fixes gh-7272
2019-08-17 00:26:39 -06:00
9735a718cc
Remove MultiTenantAuthenticationManagerResolver
...
Fixes gh-7259
2019-08-14 11:14:47 -06:00
4ed197e515
Rename OAuth2TokenIntrospectionClient
...
Renamed to OpaqueTokenIntrospector
Fixes gh-7245
2019-08-12 18:05:28 -04:00
ff1070df36
remove redundant modifiers found by checkstyle
2019-08-10 00:18:56 +02:00
da62c31fdc
Add test examples for the resource server sample
...
- Add a post endpoint in /messages
- Changes the security config to require the read scope to GET a message and the write scope
to POST a new message.
- Changes the jwks of the mock server so I could create a new access token with the write scope.
- Creates tests and integration-tests for the POST endpoint.
- Changes the README to add an example of a POST request.
Fixes gh-7118
2019-08-06 14:27:29 -04:00
776a4c3760
Use org.mockito.ArgumentMatchers in favor of org.mockito.Matchers
2019-08-03 12:28:37 -04:00
0b4502b2c5
Remove exceptions from lambda security configuration
...
Fixes: gh-7128
2019-07-30 08:31:37 -05:00
c05b0765c1
Introduce OAuth2AuthorizedClient Manager/Provider
...
Fixes gh-6845
2019-07-25 11:12:54 -04:00
a288ce4b00
Support nested builder in DSL for reactive apps
...
Fixes: gh-7107
2019-07-23 15:57:10 -05:00
ea54d9014d
DSL nested builder for HTTP security
...
DSL nested builder for HTTP security
Fixes gh-5557
2019-07-12 16:09:19 -05:00
a0ca45e4b8
Use http security nested builder in samples
...
Issue: gh-5557
2019-07-12 14:00:07 -04:00
3ea9d376b2
Cleanup explicit type arguments
2019-07-10 09:32:41 -05:00
c5b5cc507c
Cleanup redundant type casts
2019-07-10 09:31:09 -05:00
cd54808718
Update Opaque Token Sample and tests
...
Issue: gh-6498
2019-07-02 07:45:56 -06:00
f5da63118e
Add MultiTenantAuthenticationManagerResolver
...
A class with a number of handy request-based implementations of
AuthenticationManagerResolver targeted at common multi-tenancy
scenarios.
Fixes: gh-6976
2019-06-25 17:21:38 -06:00
ecb13aa8cc
Resource Server JWE Sample
...
Issue: gh-4435
2019-06-25 16:54:15 -06:00
d0f5b42884
Mock Jwt Test Support and Jwt.Builder Polish
...
Simplified the initial support to introduce fewer classes and only the
features described in the ticket.
Changed tests to align with existing patterns in the repository.
Added JavaDoc to remaining public methods introduced for this feature.
Issue: gh-6634
Issue: gh-6851
2019-05-22 14:23:02 -06:00
Josh Cummings
Joe Grandja
Eddú Meléndez
Filip Hanik
Rob Winch
Ivo Smid
Lars Grefer
Eleftheria Stein
Henrique Luis Schmidt
Clement Ng