Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
12,760 Commits 32 Branches 333 Tags 109 MiB
Commit Graph

308 Commits

Author SHA1 Message Date
Josh Cummings d5f30755d1
Merge branch '5.8.x' 
Closes gh-12149
 2022-11-07 16:07:32 -07:00
Josh Cummings 9a1fae3e8e
Add createDefaultAssertionValidatorWithParameters 
Closes gh-11675
 2022-11-07 16:06:42 -07:00
Josh Cummings e90a11b1c0
Add SecurityContextHolderStrategy to Saml2 
Issue gh-11060
 2022-10-05 23:50:55 -06:00
Josh Cummings 506e50bfd0
Move Saml2 Authentication Filters 
Issue gh-8819
 2022-09-26 10:44:27 -06:00
Josh Cummings 61c80bcac5
Move Saml2 Authentication Filters 
Closes gh-8819
 2022-09-20 17:18:05 -06:00
Rob Winch 48e31f87e4 Remove Deprecated OpenSAML 3 Support 
Closes gh-10556
 2022-09-20 16:57:38 -06:00
Marcus Da Coregio 0c96989cbe Move script tag into body element 
Closes gh-11879
 2022-09-19 15:46:23 -03:00
Marcus Da Coregio 00302c80ad
Move SAML Post inline javascript to script tag 
To avoid relying on HTML event handlers and adding unsafe-* rules to CSP, the javascript is moved to a <script> tag. This also allows a better browser compatibility

Closes gh-11676
 2022-08-16 15:11:01 -06:00
Marcus Da Coregio 7359bd5949 Move SAML Post inline javascript to script tag 
To avoid relying on HTML event handlers and adding unsafe-* rules to CSP, the javascript is moved to a <script> tag. This also allows a better browser compatibility

Closes gh-11676
 2022-08-16 15:06:10 -06:00
Scott Shidlovsky 508f7d7b8a Update OpenSamlAuthenticationRequestResolverTests from Junit 4 to Junit 5 2022-08-02 08:02:22 -06:00
Scott Shidlovsky 947445fcc5 Add ID to Saml2 Post and Redirect Requests 
Closes gh-11468
 2022-08-02 08:02:22 -06:00
Ulrich Grave 4393c2ea02
Add hash-based Content-Security-Policy for SAML pages 
Closes gh-11631
 2022-07-27 18:04:39 -06:00
Ulrich Grave 409998a3fe Add hash-based Content-Security-Policy for SAML pages 
Closes gh-11631
 2022-07-27 17:59:42 -06:00
Josh Cummings 561f65b34d
Merge Same-named Attribute Elements 
Closes gh-11042
 2022-07-20 18:40:20 -06:00
Josh Cummings e092ec780f
Merge Same-named Attribute Elements 
Closes gh-11042
 2022-07-20 18:33:24 -06:00
Joe Grandja 7b18336c6a Change interface with constants to final class 
Closes gh-10960
 2022-07-13 15:51:58 -04:00
Josh Cummings 3c8a80c364
Add SecurityContextHolderStrategy to Saml2 
Issue gh-11060
 2022-06-27 13:05:11 -06:00
Josh Cummings 89fb075e2d
Add missing KeyInfo 
Closes gh-11354
 2022-06-09 13:14:19 -06:00
Josh Cummings 3a41567a18
Add OpenSamlSigningUtilsTests 
Issue gh-11354
 2022-06-09 13:14:13 -06:00
Josh Cummings 812bb0ead0
Add missing KeyInfo 
Closes gh-11354
 2022-06-09 13:12:52 -06:00
Josh Cummings bb9c7d1b6e
Add OpenSamlSigningUtilsTests 
Issue gh-11354
 2022-06-09 13:12:33 -06:00
Jared Rufer 3ca4b06612
Support multiple SingleLogoutService bindings. 
Closes gh-11286
 2022-06-09 12:56:16 -06:00
Jared Rufer 89989722d0 Support multiple SingleLogoutService bindings. 
Closes gh-11286
 2022-06-09 12:50:33 -06:00
j3graham 29ba67b6d7 Remove dependency on commons-codec by using java.util.Base64 
Closes gh-11318
 2022-06-09 06:50:01 -06:00
j3graham f3c96fa9cd Remove dependency on commons-codec by using java.util.Base64 
Closes gh-11318
 2022-06-09 06:49:39 -06:00
Houssem BELHADJ AHMED fc653bb81a
make SAML authentication request uri configurable 
Closes gh-10840
 2022-06-06 12:49:29 -06:00
Houssem BELHADJ AHMED f4049c18b1 add SAML authentication request support to login configurer 
Closes gh-8873
 2022-06-06 08:05:33 -06:00
Houssem BELHADJ AHMED 33104269d6 make SAML authentication request uri configurable 
Closes gh-10840
 2022-06-06 08:05:33 -06:00
Marcus Da Coregio e20323e0a8 Use Java 11 Toolchain for OpenSaml4 compile 
Issue gh-10816
 2022-06-02 19:24:42 +02:00
Claudio Consolmagno b1004aff4e
Use 'md:' prefix in EntityDescriptor XML 
Create the EntityDescriptor object with
EntityDescriptor.DEFAULT_ELEMENT_NAME instead of
EntityDescriptor.ELEMENT_QNAME. That ensures the EntityDescriptor tag
is marshalled to xml with the 'md:' prefix, consistent with all other
metadata tags.

Closes #11283
 2022-05-31 17:07:18 -06:00
Claudio Consolmagno b470f29cf8 Use 'md:' prefix with EntityDescriptor tag in the metadata xml 
Create the EntityDescriptor object with EntityDescriptor.DEFAULT_ELEMENT_NAME instead of EntityDescriptor.ELEMENT_QNAME. That ensures the EntityDescriptor tag is marshalled to xml with the 'md:' prefix, consistent with all other metadata tags.

Closes #11283
 2022-05-31 17:06:00 -06:00
Juny Tse 16664dcdbd
Use Base64 encoder with no CRLF in output for SAML 2.0 messages 
Closes gh-11262
 2022-05-25 11:43:50 -06:00
Juny Tse f2d6ead398 Use Base64 encoder with no CRLF in output for SAML 2.0 messages 
Closes gh-11262
 2022-05-25 11:42:54 -06:00
Josh Cummings bcd104763e
Remove duplicate check 
Closes gh-11192
 2022-05-23 16:01:37 -06:00
Josh Cummings 53e509f0c6
Remove duplicate check 
Closes gh-11192
 2022-05-23 16:00:15 -06:00
Josh Cummings 5cbc1a47da
Use original query string to verify signature 
Closes gh-11235
 2022-05-23 15:30:07 -06:00
Josh Cummings b51c71c3b3
Use original query string to verify signature 
Closes gh-11235
 2022-05-23 13:56:28 -06:00
Ulrich Grave 7f5c31995e
Add relyingPartyRegistrationId to AbstractSaml2AuthenticationRequest 
Closes gh-11195
 2022-05-17 16:41:44 -06:00
Ulrich Grave 9b874bcde2 Add relyingPartyRegistrationId to AbstractSaml2AuthenticationRequest 
Closes gh-11195
 2022-05-17 16:21:54 -06:00
Marcus Da Coregio 995b2918bb Remove SAML Deprecations 
Closes gh-11077
 2022-05-06 10:15:42 -03:00
Josh Cummings c93c6b928e
Polish Relay State Resolver 
Issue gh-11065
 2022-05-05 17:42:02 -06:00
sebastiano f7a43e4989
Allow custom relay state 
Closes gh-11065
 2022-05-05 17:42:01 -06:00
Josh Cummings 13795cdec1
Polish Relay State Resolver 
Issue gh-11065
 2022-05-05 17:28:30 -06:00
sebastiano 4dfc349914
Allow custom relay state 
Closes gh-11065
 2022-05-05 17:26:39 -06:00
Ulrich Grave 3cbb60750d Add Jackson Support for Saml2AuthenticationException 
Closes gh-11169
 2022-05-02 17:41:52 -05:00
Ulrich Grave c6038b1ea3 Add Jackson Support for Saml2AuthenticationException 
Closes gh-11169
 2022-05-02 16:24:43 -05:00
Marcus Da Coregio cfb1745906 Deprecate Saml2AuthenticationRequestFactory 
Closes gh-11080
 2022-04-08 09:33:41 -03:00
Marcus Da Coregio bb0c336ae8 Deprecate Saml2AuthenticationRequestFactory 
Closes gh-11080
 2022-04-08 09:32:03 -03:00
Steve Riesenberg 8aa7029d07 Fix checkstyle errors 
Issue gh-10989
 2022-03-18 22:53:29 -05:00
Josh Cummings cf29bf996c
Polish InResponseTo support 
- Moved methods so methods are listed before the methods they call
- Adjusted exception handling so no exceptions are eaten
- Adjusted so that malformed_request_data is returned with request data is malformed
- Refactored methods to have only immutable method parameters
- Removed usage of Stream API
- Moved AuthnRequestUnmarshaller into static block so that only looked
up once

Issue gh-9174
 2022-03-15 14:06:58 -06:00