Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-02-22 14:24:48 +00:00
Code Issues Packages Projects Releases Wiki Activity
8,317 Commits 33 Branches 337 Tags
Commit Graph

8317 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Filip Hanik
365e6c1167 Upgrade com.fasterxml.jackson.core to 2.9.10 2019-09-26 12:07:34 -07:00
Filip Hanik
eef440e989 Upgrade io.projectreactor.tools:blockhound to 1.0.0.RC1 2019-09-26 12:07:34 -07:00
Filip Hanik
00e3d6b85e Upgrade httpclient to 4.5.10 2019-09-26 12:07:34 -07:00
Filip Hanik
8ba405b478 Upgrade gretty to 2.3.1 2019-09-26 12:07:34 -07:00
Filip Hanik
5f3e7d3a54 Upgrade hibernate-entitymanager to 5.4.5.Final 2019-09-26 12:07:34 -07:00
Filip Hanik
19891f1fa5 Upgrade slf4j to 1.7.28 2019-09-26 12:07:34 -07:00
Filip Hanik
6582b776ed Upgrade BouncyCastle to 1.6.3 2019-09-26 12:07:34 -07:00
Ivo Smid
a11e61432e Document OAuth2 Client behind proxy and redirect_uri 
Fixes gh-7312
 2019-09-26 14:09:21 -04:00
Joe Grandja
345bfdd437 Polish gh-7279 2019-09-26 12:33:21 -04:00
Stephen Doxsee
7dc3c8a8de Add documentation for Public Client PKCE support 
Fixes gh-7279
 2019-09-26 12:21:22 -04:00
Joe Grandja
d3b7a47ef8 Polish gh-4442 2019-09-25 21:37:31 -04:00
Mark Heckler
da9f027fa4 Add nonce to OIDC Authentication Request 
Fixes gh-4442
 2019-09-25 14:57:54 -04:00
Filip Hanik
adde18b873 Revert "Merge pull request #7432 from fhanik/feature/propagate_saml_authentication_exception" 
This reverts commit e9619fb0e7459528f7861faab3b06c7bb6b21bd0, reversing
changes made to 45a1490d5d713d39cad11ac2cdfddf7820e09f4b.
 2019-09-24 16:05:09 -07:00
Filip Hanik
e9619fb0e7
Merge pull request #7432 from fhanik/feature/propagate_saml_authentication_exception 
Propagate saml authentication exception #7375

Fixes gh-7375
 2019-09-24 15:26:38 -07:00
Filip Hanik
d472e99528 SAML Assertion validation should propagate errors: #7375 and #7375 
Fixes gh-7377
Fixes gh-7375

https://github.com/spring-projects/spring-security/issues/7377
https://github.com/spring-projects/spring-security/issues/7375
 2019-09-24 14:40:39 -07:00
Filip Hanik
20033ffd4a OpenSAML expects type long representing millis for response time validation skew 
Fixes gh-7448

https://github.com/spring-projects/spring-security/issues/7448
 2019-09-24 14:40:39 -07:00
Rob Winch
45a1490d5d Fix ClassCastException for JDK 9+ 
AuthenticationPrincipalArgumentResolverTests failed in JDK 9+ due to
its improved generic support and a ClassCastException.

Issue gh-7363
 2019-09-24 15:45:44 -05:00
Jesús Ascama
ceab56f764 Fix AuthorizationPayloadInterceptor order using PayloadInterceptorOrder.AUTHORIZATION 
Fixes gh-7434
 2019-09-24 15:39:25 -05:00
Rob Winch
b09e9f1896 Add Reactive Messaging AuthenticationPrincipalArgumentResolver 
Fixes gh-7363
 2019-09-24 15:11:23 -05:00
Joe Grandja
9f18c2e21a OAuth2AuthorizationCodeGrantWebFilter matches on registered redirect-uri 
Fixes gh-7036
 2019-09-24 11:07:36 -04:00
evfool
6f6f5a12da Fixed typo in comment 2019-09-23 10:13:49 -06:00
Eleftheria Stein
98e75eb51a Fix Javadoc for anonymous 2019-09-23 11:06:28 -04:00
Josh Cummings
4fa1d08e20
Restructure Docs 
Issue gh-5935
 2019-09-22 01:16:55 -06:00
Joe Grandja
c5fd646afc Update ref doc for OAuth2AuthorizationRequestResolver 
Fixes gh-7405
 2019-09-20 20:56:51 -04:00
Joe Grandja
324e066717 Polish ref doc for RegisteredOAuth2AuthorizedClient 2019-09-20 16:18:29 -04:00
Joe Grandja
076692ceef Polish ref doc for oauth2-client 2019-09-20 16:18:29 -04:00
Joe Grandja
52f0e5287b Update ref doc for oauth2-client WebClient integration 
Fixes gh-7404
 2019-09-20 16:18:29 -04:00
Josh Cummings
38e87568a6
Document Clear Site Data 
Fixes gh-7463
 2019-09-20 13:02:06 -06:00
Josh Cummings
124d9964d7
Document Bearer Token Propagation 
Fixes gh-7461
 2019-09-20 12:05:24 -06:00
Josh Cummings
3a9ee46719
Document RFC 8414 Support 
Fixes gh-7462
 2019-09-20 10:53:53 -06:00
Josh Cummings
b91668a34d
Break Out Resource Server Documentation 
Issue gh-5935
 2019-09-20 09:52:29 -06:00
Josh Cummings
f22fdf1bc0
Align OAuth Reactive/Servlet Resource Server Docs 
Fixes gh-7430
Fixes gh-7425
Fixes gh-7460
 2019-09-19 17:15:01 -06:00
Joe Grandja
c1ae997adc Update ref doc for OAuth2AuthorizedClientManager 
Issue gh-7403
 2019-09-19 15:33:42 -04:00
Rob Winch
ff54eb878a Use Schedulers.boundedElastic() 
Fixes gh-7457
 2019-09-19 13:51:06 -05:00
Rob Winch
cb5c58eeaa AbstractUserDetailsReactiveAuthenticationManager uses newParallel 
It is recommended to use newParallel to avoid impacting the timed
operations which all use parallel()

Fixes gh-7456
 2019-09-19 13:43:25 -05:00
Joe Grandja
eeb0f56bac Add ref doc for password grant 
Fixes gh-7397
 2019-09-19 14:00:45 -04:00
Rob Winch
00f8991fac Merge Remove Redudant Throws 
Fixes gh-7301
 2019-09-19 11:04:53 -05:00
Ebert Toribio
3a66191756 Add hasAnyAuthority method in AuthorizePayloadsSpec.Access 
See Fixes gh-7437

Co-authored-by: Eddú Meléndez <eddu.melendez@gmail.com>
 2019-09-18 21:17:09 -05:00
Joe Grandja
3425db6d16 Fix typo 2019-09-18 19:54:37 -04:00
Joe Grandja
e8d98a54b7 Add ref doc for refresh_token grant 
Fixes gh-7398
 2019-09-18 19:54:37 -04:00
Onur Kagan Ozcan
034b5e9e93 Introduce LogoutSuccessEvent 
LogoutSuccessEvent is a simple AbstractAuthenticationEvent implementation which indicates successful logout.

By default, LogoutConfigurer will add a new LogoutHandler called LogoutSuccessEventPublishingLogoutHandler to publish this event.

This PR will also fix ConcurrentSessionFilter's composite logoutHandler, now will get LogoutHandler instances from LogoutConfigurer for consistency.

Fixes gh-2900
 2019-09-18 10:57:16 -05:00
Manuel Tejeda
9926ad68b8 add hasAnyRole method in AuthorizePayloadsSpec.Access 2019-09-18 07:59:20 -05:00
Jesús Ascama
daf6b53e3a Add denyAll method in AuthorizePayloadsSpec.Access 
See gh-7437

Co-authored-by: Eddú Meléndez <eddu.melendez@gmail.com>
 2019-09-17 20:17:10 -05:00
Josh Cummings
7576dc44d7
AuthenticationFilter Session Fixation Protection 
Fixes gh-7446
 2019-09-17 08:17:09 -06:00
Josh Cummings
496a2cdc60
Make AuthenticationFilter methods private 
Fixes gh-7447
 2019-09-17 08:06:21 -06:00
Josh Cummings
05caf3d8fb
Use Jwt.Builder 
Fixes gh-7443
 2019-09-16 14:00:25 -06:00
Josh Cummings
40901fe072
Jwt.Builder#notBefore Value Is Instant 
Fixes gh-7442
 2019-09-16 14:00:25 -06:00
Josh Cummings
1176d0cfdb
Polish DefaultFilters,Issue55Tests 
Formatted HttpSecurity and WebSecurity configuration stacks
Removed unnecessary code

Issue gh-4939
 2019-09-16 13:56:17 -06:00
kostya05983
950e6422a1
Migrate DefaultFilters,Issue55Tests groovy->java 
Issue gh-4939
 2019-09-16 13:37:22 -06:00
Joe Grandja
5aa37722b9 Add ref doc for client_credentials grant 
Fixes gh-6206
 2019-09-16 15:14:34 -04:00