Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
9,025 Commits 32 Branches 333 Tags 112 MiB
Commit Graph

9025 Commits

Author SHA1 Message Date
Romil Patel 956a6ee00c
WebSecurityConfigurerAdapter JavaDoc 
Closes gh-8784
 2020-07-20 15:21:18 -06:00
Josh Cummings 56928f61f0
Separate RP and AP Credentials 
Closes gh-8788
 2020-07-20 14:19:33 -06:00
Rivaldi 87cd1d73df Update README.adoc 
Fix typo
 2020-07-20 04:32:45 -04:00
Josh Cummings a54e77a3c3
Saml2AuthenticationToken takes a RelyingPartyRegistration 
Closes gh-8845
 2020-07-17 12:19:27 -06:00
Josh Cummings 44ec061f05
Add AssertionConsumerServiceBinding 
Closes gh-8776
 2020-07-16 16:22:38 -06:00
Josh Cummings 2c960d2ad1
Add AuthnRequestConsumerResolver 
Closes gh-8141
 2020-07-16 14:53:22 -06:00
Josh Cummings 2e5c87dc75
Restore Binary Compatibility 
Issue gh-8835
 2020-07-16 11:10:20 -06:00
Josh Cummings b02e344c73
Move Saml2Error 
Move to core package

Closes gh-8835
 2020-07-15 20:09:45 -06:00
Josh Cummings db0d863701
Fix commons-codec Build Error 
Issue gh-8836
 2020-07-15 20:09:45 -06:00
Josh Cummings d3bea02124
Polish Bearer Token Padding 
Issue gh-8502
 2020-07-15 18:14:39 -06:00
kothasa d38dabac02
Bearer Token Padding 
Closes gh-8502
 2020-07-15 18:13:51 -06:00
Joe Grandja 7cc6509200 Polish gh-8669 2020-07-15 11:52:42 -04:00
Jay Bryant 48aa5cceda
Wording changes 
Replacing some terms
 2020-07-15 10:22:49 -04:00
Josh Cummings 5bfc6ea25a
Refactor OpenSamlAuthenticationProvider 
Refactored into collaborators in preparation for introducing setters

Issue gh-8769
 2020-07-14 18:15:18 -06:00
Eleftheria Stein 3d9de9bcb7 Set RSocket version to Snapshot in snapshot build 2020-07-14 18:37:43 +02:00
Eleftheria Stein 683cb49c9d Add Kotlin WebFlux header configuration to docs 
Issue gh-8172
 2020-07-14 16:34:30 +02:00
Eleftheria Stein f8f3302891 Restrict mockito to 3.3.+ 
Closes gh-8828
 2020-07-13 16:53:10 +02:00
Eleftheria Stein 793926b977 Add Kotlin header configuration samples to docs 
Issue gh-8172
 2020-07-10 16:08:02 +02:00
Eleftheria Stein 78ed6c4de6 Add custom HeaderWriter in Kotlin DSL 
Closes gh-8823
 2020-07-10 14:18:48 +02:00
Hurelhuyag 833151ce71
Mongolian translation for messages.properties 
Closes gh-8778
 2020-07-10 04:27:51 -04:00
Josh Cummings 19f06284cd
Update Opaque Token Sample 
Issue gh-6489
 2020-07-09 18:05:02 -06:00
Josh Cummings 221c33f558
Polish OAuth2IntrospectionAuthenticatedPrincipal 
Removed some duplication by delegating to
DefaultOAuth2AuthenticatedPrincipal

Changed order of listed interfaces to satisfy compiler issue. When
listed with OAuth2AuthenticatedPrincipal first, then
OAuth2ResourceServerBeanDefinitionParserTests would fail to import
OpaqueTokenBeanDefinitionParser. Switching
OAuth2AuthenticatedPrincipal with OAuth2IntrospectionClaimAccessor
resolved the compilation issue.

Issue gh-6489
 2020-07-09 18:01:55 -06:00
Dávid Kováč af1c96b425
Simplify OAuth 2.0 Introspection Attribute Retrieval 
In order to simplify retrieving of OAuth 2.0 Introspection specific
attributes, OAuth2IntrospectionClaimAccessor interface was introduced
and also new OAuth2AuthenticatedPrincipal implementing this new
interface (OAuth2IntrospectionAuthenticatedPrincipal).

Also DefaultOAuth2AuthenticatedPrincipal was replaced by
OAuth2IntrospectionAuthenticatedPrincipal in cases where OAuth 2.0
Introspection is performed (NimbusOpaqueTokenIntrospector,
NimbusReactiveOpaqueTokenIntrospector).

DefaultOAuth2AuthenticatedPrincipal can be still used by applications
that introspected the token without OAuth 2.0 Introspection.

OAuth2IntrospectionAuthenticatedPrincipal will also be used as a
default principal in tests where request is post-processed/mutated
by OpaqueTokenRequestPostProcessor/OpaqueTokenMutator.

Closes gh-6489
 2020-07-09 17:26:13 -06:00
Joe Grandja b69bcf88e0 Improve error message when invalid content-type for UserInfo response 
Closes gh-8764
 2020-07-09 14:10:14 -04:00
Roman Sydorov 896b324722 Updated SimpleSavedRequest#getMethod 
Before:
1. SimpleSavedRequest#getMethod returned null
2. SimpleSavedRequest(SavedRequest request) constructor did not set the method field from request

After:
1. SimpleSavedRequest#getMethod returns method property value
2. SimpleSavedRequest(SavedRequest request) constructor sets the method field from request

Closes gh-8675
 2020-07-08 14:47:51 -06:00
Eleftheria Stein 815ceae45c Allow disabling headers in Kotlin DSL 
Closes gh-8816
 2020-07-08 10:55:01 +02:00
Josh Cummings 8e8a642e5a
Use Spec Language in RelyingPartyRegistration 
Changed conventions to better follow the metadata descriptors that
the registration is meant to represent.

Closes gh-8777
 2020-07-07 17:12:39 -06:00
wangsong 4269cb0d26 update comments 2020-07-07 17:11:47 -05:00
Rob Winch 9c33a862d4 tutorial hasRole->hasAuthority 
Closes gh-8796
 2020-07-07 15:06:20 -05:00
Rob Winch 09fe6071e1 LoginPageGeneratingWebFilter honors context path 
Closes gh-8807
 2020-07-07 13:34:55 -05:00
Eleftheria Stein f479f0ea49 Add Kotlin expression-based authorization 
Issue gh-8172
 2020-07-06 13:13:57 +02:00
Eleftheria Stein 0bdf6859be Add Kotlin logout samples to docs 
Issue gh-8172
 2020-07-06 12:45:41 +02:00
Eleftheria Stein 4fb5ff35db Polish CookieRequestCache 
Issue gh-8034
 2020-07-02 13:41:37 +02:00
Zeeshan Adnan 9708a2d63f Adds cookie based RequestCache 
fixes spring-projectsgh-8034
 2020-07-02 07:11:16 -04:00
Josh Cummings d3dc8b055b
Next Development Version 2020-07-01 13:12:37 -06:00
Josh Cummings 146d0b6358
Revert "Lock Dependency Versions for 5.4.0-M2" 
This reverts commit 68538897c8.
 2020-07-01 13:11:50 -06:00
Josh Cummings cb9d524e16
Release 5.4.0-M2 2020-07-01 12:40:29 -06:00
Josh Cummings 68538897c8
Lock Dependency Versions for 5.4.0-M2 2020-07-01 12:40:29 -06:00
Josh Cummings c04ebe3d56
Update to Spring Boot 2.4.0-M1 
Closes gh-8787
 2020-07-01 12:40:46 -06:00
Josh Cummings 609e6de101
Update to Kotlin 1.3.72 
Closes gh-8786
 2020-07-01 12:40:40 -06:00
Josh Cummings 5178cc7d65
Update to Google App Enging 1.7.80 
Closes gh-8785
 2020-07-01 12:40:29 -06:00
Joe Grandja 0b5a14a900 Register OAuth2AuthorizedClientArgumentResolver as custom resolver for XML config 
Issue gh-8669
 2020-07-01 11:07:33 -04:00
Peer Schönhusen 3e25714dc6 Add reified function variants to security DSL 
Closes gh-8697
 2020-07-01 07:22:16 -04:00
Eleftheria Stein eb7b27695d Compare Timestamps up to the millisecond 
Issue gh-8782
 2020-07-01 11:12:55 +02:00
Benjamin Bargeton 497ef5e74e OAuth2AccessTokenResponse.Builder.expiresIn works after withResponse 
Closes gh-8702
 2020-06-30 15:15:10 -04:00
Joe Grandja edf06a3461 OAuth2AuthorizedClientArgumentResolver uses OAuth2AuthorizedClientManager @Bean 
Closes gh-8700
 2020-06-30 11:25:39 -04:00
Eleftheria Stein f5e0fe5907 Polish documentation formatting 
Issue gh-8199
 2020-06-29 18:16:59 +02:00
Heinz Wittig 08b69e77d2
Merge Project Modules and Dependencies Section of the docs 
Closes gh-8199
 2020-06-29 12:11:04 -04:00
Jan Oopkaup d31fff11b3
Add Post-Processor for JWTProcessor Configuration 
Extends all existing builders in NimbusJwtDecoder and NimbusReactiveJwtDecoder with a
post-processor hook to apply changes on the JWTProcessor used for token verification.
Test cases added show how this is used to configure the JWTProcessor to allow additional
JWT typ headers.

Closes gh-8730
 2020-06-26 07:52:16 -06:00
Сергей Цыпанов 3c2a97ed29 Use more efficient singletonList in JdbcAclService 2020-06-26 06:19:54 -04:00