Commit Graph

85 Commits

Author SHA1 Message Date
Steve Riesenberg 1eff924598
Merge branch '5.8.x' into 6.0.x 2023-02-28 16:53:33 -06:00
Steve Riesenberg b2240f376e
Merge branch '5.7.x' into 5.8.x 2023-02-28 16:53:14 -06:00
Steve Riesenberg 7b88ab289d
Add nohttp exclusion
Issue gh-12804
2023-02-28 16:52:19 -06:00
Marcus Da Coregio 7094ee3710 Add runtime hints for annotations using @WithSecurityContext
Closes gh-12215
2022-11-16 10:02:34 -03:00
Marcus Da Coregio fd25568330 Merge branch '5.8.x'
Closes gh-12159
2022-11-08 13:29:36 -03:00
Marcus Da Coregio 9195521eea Merge branch '5.7.x' into 5.8.x
Closes gh-12158
2022-11-08 13:28:28 -03:00
Marcus Da Coregio 40548eb963 Merge branch '5.6.x' into 5.7.x
Closes gh-12157
2022-11-08 13:27:51 -03:00
Marcus Da Coregio 8cde8fb363 Update Gradle to 7.5.1
Closes gh-11779
2022-11-08 13:27:25 -03:00
Josh Cummings 5afc7cb04f
Merge remote-tracking branch 'origin/5.8.x' 2022-10-13 19:48:05 -06:00
Daniel Garnier-Moiroux 200b7fecd3
Add (Server)AuthenticationEntryPointFailureHandlerAdapter
Issue gh-11932, gh-9429

(Server)AuthenticationEntryPointFailureHandler should produce HTTP 500 instead
when an AuthenticationServiceException is thrown, instead of HTTP 401.
This commit deprecates the current behavior and introduces an opt-in
(Server)AuthenticationEntryPointFailureHandlerAdapter with the expected
behavior.

BearerTokenAuthenticationFilter uses the new adapter, but with a closure
to keep the current behavior re: entrypoint.
2022-10-13 19:25:04 -06:00
Marcus Da Coregio c5e35bf32e Merge branch '5.8.x'
Closes gh-11978
2022-10-10 09:24:50 -03:00
Marcus Da Coregio 4b6fed0667 Add static factory method to AntPathRequestMather and RegexRequestMatcher
Closes gh-11938
2022-10-10 09:24:15 -03:00
Rob Winch 0efe26c1fd Merge branch '5.8.x'
Closes gh-11894
2022-09-22 13:47:04 -05:00
Rob Winch d94677f87e CsrfTokenRequestAttributeHandler -> CsrfTokenRequestHandler
This renames CsrfTokenRequestAttributeHandler to CsrfTokenRequestHandler and
moves usage from CsrfFilter into CsrfTokenRequestHandler.

Closes gh-11892
2022-09-22 11:09:44 -05:00
Steve Riesenberg 1be9be97a1
Exclude JavadocPackageCheck from Spring Checks
Issue gh-11422
2022-07-15 13:03:45 -05:00
Marcus Da Coregio ee11c3ade7 Exclude JavadocPackageCheck from Spring Checks
Issue gh-11422
2022-07-15 14:10:53 -03:00
Joe Grandja f87df42500 Remove deprecated OAuth2IntrospectionClaimAccessor
Closes gh-11499
2022-07-13 15:51:58 -04:00
Joe Grandja 7b18336c6a Change interface with constants to final class
Closes gh-10960
2022-07-13 15:51:58 -04:00
Josh Cummings a31a99b591
Add SecurityContextHolderStrategy to Default Components
Issue gh-11060
2022-06-17 11:58:36 -06:00
Josh Cummings 31e25b115e Add SecurityContextHolderStrategy to Default Components
Issue gh-11060
2022-06-17 11:28:10 -06:00
Marcus Da Coregio 1cbe7a75d3 Add SAML 2.0 Login XML Support
Closes gh-9012
2022-03-09 10:40:26 -03:00
Marcus Da Coregio 73f839312d Add SAML 2.0 Login XML Support
Closes gh-9012
2022-03-09 09:18:01 -03:00
Rob Winch f94090a59b Remove spring-security-openid
Closes gh-10773
2022-01-21 16:55:19 -06:00
Josh Cummings 4374905801 Establish new Package Tangle Baseline
Ran ./gradlew check && ./gradlew s101 -Ps101.label=baseline

Issue gh-10333
2021-11-19 11:46:08 -07:00
Marcus Da Coregio 17e0a47ef4 Revert "Fix CAS Client Java lib not working with Jakarta EE 9"
This reverts commit aa5564e240.
2021-11-01 09:02:43 -03:00
Marcus Da Coregio 5c4dd51994 Fix CAS Client Java lib not working with Jakarta EE 9
Copy the code from the library and change it to support the Jakarta classes

Issue gh-10360
2021-11-01 09:02:42 -03:00
Marcus Da Coregio e36e2b2a97 Move Saml2AuthnRequestRepository to web package
Moving to solve package tangles

Issue gh-9185
2021-09-29 14:10:39 -03:00
Josh Cummings 64f0102425 Establish Structure101 Baseline
Issue gh-6236
2021-09-27 16:06:43 -06:00
Josh Cummings 4272889dc8 Install Structure101 Plugin
Issue gh-6236
2021-09-27 14:56:03 -06:00
Joe Grandja 5830fda2fa Introduce JwtEncoder
Closes gh-9208
2021-09-24 05:13:40 -04:00
Marcus Hert da Coregio ab098f171d Propagate TestSecurityContextHolder to SecurityContextHolder
Create SecurityMockMvcResultHandlers to define security related MockMvc ResultHandlers
Create a method to allow copying the SecurityContext from the TestSecurityContextHolder to SecurityContextHolder

Closes gh-9565
2021-09-17 16:39:53 -03:00
Josh Cummings 194993ad1a Add Saml2ParameterNames
Closes gh-10270
2021-09-14 17:40:12 -06:00
Dávid Kováč 3ff825576b Move and rename OAuth2IntrospectionClaimAccessor/Names
Introduced OAuth2TokenIntrospectionClaimAccessor and OAuth2TokenIntrospectionClaimNames
with copied implementation from OAuth2IntrospectionClaimAccessor/Names.
OAuth2IntrospectionClaimAccessor and OAuth2IntrospectionClaimNames are
now deprecated.

Also method getScopes() returning list of scopes was introduced
and getScope() is now deprecated.

Closes gh-9647
2021-08-12 16:51:33 -06:00
Joe Grandja 9c97970e26 Add Jwt Client Authentication support
Closes gh-8175
2021-04-08 15:44:33 -04:00
Rob Winch 2abf59b695 Merge Formatting Changes
Issue gh-8945
2020-08-24 17:33:23 -05:00
Phillip Webb 319d3364aa Migrate to assertThatExceptionOfType
Consistently use `assertThatExceptionOfType(...).isThrownBy(...)`
rather than `assertThatCode` or `assertThatThrownBy`. This aligns with
Spring Boot and Spring Cloud. It also allows the convenience
`assertThatIllegalArgument` and `assertThatIllegalState` methods to
be used.

Issue gh-8945
2020-08-24 17:33:09 -05:00
Phillip Webb ee661f7b71 Fix whitespace issues in format-off code
Fix a few whitespace issues in format-off code that would
otherwise fail checkstyle.

Issue gh-8945
2020-08-24 17:33:08 -05:00
Phillip Webb 834dcf5bcf Use consistent ternary expression style
Update all ternary expressions so that the condition is always in
parentheses and "not equals" is used in the test. This helps to bring
consistency across the codebase which makes ternary expression easier
to scan.

For example: `a = (a != null) ? a : b`

Issue gh-8945
2020-08-24 17:33:08 -05:00
Phillip Webb 8d3f039f76 Reduce method visibility when possible
Reduce method visibility for package private classes when possible.

In the case of abstract classes that will eventually be made public,
the class has been made public and a package-private constructor has
been added.

Issue gh-8945
2020-08-24 17:33:08 -05:00
Phillip Webb ec6a4cb3f0 Use consistent equals/hashCode/toString order
Ensure that `equals` `hashCode` and `toString` methods always appear in
the same order. This aligns with the style used in Spring Framework.

Issue gh-8945
2020-08-24 17:33:08 -05:00
Phillip Webb 612fb22a7f Remove unnecessary lambda blocks
Remove lambda blocks that aren't needed and replace instead with a
simple expression.

Issue gh-8945
2020-08-24 17:33:08 -05:00
Phillip Webb 01d90c9881 Hide utility class constructors
Update all utility classes so that they have a private constructor. This
prevents users from accidentally creating an instance, when they should
just use the static methods directly.

Issue gh-8945
2020-08-24 17:33:08 -05:00
Phillip Webb 8559447357 Enforce checkstyle header rule
Enforce the checkstyle header rule and fix a few classes that had
malformed headers.

Issue gh-8945
2020-08-24 17:33:08 -05:00
Phillip Webb 8d80166aaf Update exception variable names
Consistently use `ex` for caught exception and `cause` for Exception
constructor arguments.

Issue gh-8945
2020-08-24 17:33:08 -05:00
Phillip Webb e9130489a6 Remove restricted static imports
Replace static imports with class referenced methods. With the exception
of a few well known static imports, checkstyle restricts the static
imports that a class can use. For example, `asList(...)` would be
replaced with `Arrays.asList(...)`.

Issue gh-8945
2020-08-24 17:33:08 -05:00
Phillip Webb 9a3fa6e812 Simplify boolean returns
Simplify boolean returns of the form:

	if (b) {
		return true;
	} else {
		return false;
	}

to:

	return b;

Issue gh-8945
2020-08-24 17:33:08 -05:00
Phillip Webb b69825d925 Simplify boolean expression
Simplify boolean expression of the form `if (b == true)` to instead
just use the form `if (b)`.

Issue gh-8945
2020-08-24 17:33:08 -05:00
Phillip Webb db55ef4b3b Migrate to BDD Mockito
Migrate Mockito imports to use the BDD variant. This aligns better with
the "given" / "when" / "then" style used in most tests since the "given"
block now uses Mockito `given(...)` calls.

The commit also updates a few tests that were accidentally using
Power Mockito when regular Mockito could be used.

Issue gh-8945
2020-08-24 17:33:08 -05:00
Phillip Webb b33cb1074f Remove "redundant import" checkstyle suppression
Remove the "redundant import" checkstyle suppression since running
"organize imports" has fixed any violations.

Issue gh-8945
2020-08-24 17:33:08 -05:00
Phillip Webb 18f3d13363 Fix parenthesis padding issues
Fix a few parenthesis padding issues caused by the formatter.

Issue gh-8945
2020-08-24 17:33:08 -05:00