Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-02-24 16:05:15 +00:00
Code Issues Packages Projects Releases Wiki Activity
11,344 Commits 34 Branches 337 Tags
Commit Graph

874 Commits

Author SHA1 Message Date
Rob Winch
f84f08c4b9 Default HttpSessionRequestCache.matchingRequestParameterName=continue 
Closes gh-11757
 2022-08-26 14:44:55 -05:00
Rob Winch
670b71363d Merge branch '5.8.x' 
Closes gh-11749
 2022-08-23 16:03:50 -05:00
Rob Winch
2fb625db84 Remove mockito deprecations 
Issue gh-11748
 2022-08-23 15:59:52 -05:00
Steve Riesenberg
51dc672625
Refresh remote JWK when unknown KID error occurs 
Closes gh-11621
 2022-08-18 16:48:42 -05:00
tinolazreg
d1c742d7aa
Add tests for unknown KID error 
Issue gh-11621
 2022-08-18 16:48:41 -05:00
Steve Riesenberg
9c02e835e8 Refresh remote JWK when unknown KID error occurs 
Closes gh-11621
 2022-08-18 16:42:57 -05:00
tinolazreg
3e73fa6954 Add tests for unknown KID error 
Issue gh-11621
 2022-08-18 16:42:57 -05:00
Igor Bolic
2e66b9f6cc Allow customization of redirect strategy 
The default redirect strategy will provide authorization redirect
URI within HTTP 302 response Location header.
Allowing the configuration of custom redirect strategy will provide
an option for the clients to obtain the authorization URI from e.g.
HTTP response body as JSON payload, without a need to handle
automatic redirection initiated by the HTTP Location header.

Closes gh-11373
 2022-08-08 15:44:01 -05:00
Igor Bolic
efaee4e56b Allow customization of redirect strategy 
The default redirect strategy will provide authorization redirect
URI within HTTP 302 response Location header.
Allowing the configuration of custom redirect strategy will provide
an option for the clients to obtain the authorization URI from e.g.
HTTP response body as JSON payload, without a need to handle
automatic redirection initiated by the HTTP Location header.

Closes gh-11373
 2022-08-08 15:35:49 -05:00
Joe Grandja
b5b3ddd6b4 Deprecate Resource Owner Password Credentials grant 
Closes gh-11590
 2022-07-15 16:45:00 -04:00
Joe Grandja
95155ddb0c Deprecate Resource Owner Password Credentials grant 
Closes gh-11590
 2022-07-15 16:28:47 -04:00
Joe Grandja
6ee1643bae Remove deprecations in ServerOAuth2AuthorizedClientExchangeFilterFunction 
Closes gh-11589
 2022-07-15 15:13:40 -04:00
Joe Grandja
054791c26c Remove deprecations in ServletOAuth2AuthorizedClientExchangeFilterFunction 
Closes gh-11588
 2022-07-15 15:12:39 -04:00
Joe Grandja
65db5fa028 Remove deprecations in JwtAuthenticationConverter 
Closes gh-11587
 2022-07-15 14:43:08 -04:00
Joe Grandja
1ac6054e6f Remove deprecations in OidcUserInfo 
Closes gh-11586
 2022-07-15 14:42:54 -04:00
Joe Grandja
6b41faaf55 Remove deprecations in ClaimAccessor 
Closes gh-11585
 2022-07-15 14:42:33 -04:00
Joe Grandja
0859da5590 Remove deprecations in OAuth2AuthorizedClientArgumentResolver 
Closes gh-11584
 2022-07-15 14:42:03 -04:00
Joe Grandja
743b6a5bfe Remove deprecations in OidcClientInitiatedLogoutSuccessHandler 
Closes gh-11565
 2022-07-15 14:04:09 -04:00
Joe Grandja
cae22867b2 Remove deprecated allowMultipleAuthorizationRequests 
Closes gh-11564
 2022-07-15 13:50:30 -04:00
Joe Grandja
0e291a3295 Remove deprecations in AuthorizationRequestRepository 
Closes gh-11519
 2022-07-15 08:15:52 -04:00
Joe Grandja
e12823095f Remove deprecations in ClientRegistration 
Closes gh-11518
 2022-07-15 08:15:30 -04:00
Joe Grandja
61b034bf69 Remove deprecations in AbstractOAuth2AuthorizationGrantRequest 
Closes gh-11517
 2022-07-15 08:14:56 -04:00
Joe Grandja
be58e2ac49 Remove deprecations in ClientAuthenticationMethod 
Closes gh-11516
 2022-07-15 07:45:33 -04:00
Joe Grandja
8c12c3dad0 Remove deprecated converters in OAuth2AccessTokenResponseHttpMessageConverter 
Closes gh-11513
 2022-07-14 16:55:53 -04:00
Joe Grandja
746d27eab1 Remove deprecated NimbusAuthorizationCodeTokenResponseClient 
Closes gh-11512
 2022-07-14 16:32:21 -04:00
Joe Grandja
42683693c0 Remove deprecated CustomUserTypesOAuth2UserService 
Closes gh-11511
 2022-07-14 14:28:41 -04:00
Joe Grandja
67b27a41c3 Remove deprecated UnAuthenticatedServerOAuth2AuthorizedClientRepository 
Closes gh-11508
 2022-07-14 12:10:58 -04:00
Joe Grandja
f5a436df80 Remove deprecated NimbusJwtDecoderJwkSupport 
Closes gh-11507
 2022-07-14 12:09:59 -04:00
Joe Grandja
a3326fc0ee Remove deprecated implicit authorization grant type 
Closes gh-11506
 2022-07-14 10:05:15 -04:00
Joe Grandja
7df9c6eba5 Use OAuth2Token instead of AbstractOAuth2Token 
Closes gh-10959
 2022-07-13 16:48:28 -04:00
Joe Grandja
f87df42500 Remove deprecated OAuth2IntrospectionClaimAccessor 
Closes gh-11499
 2022-07-13 15:51:58 -04:00
Joe Grandja
7b18336c6a Change interface with constants to final class 
Closes gh-10960
 2022-07-13 15:51:58 -04:00
Marcus Da Coregio
ecbfa84b39 Revert "Disable failing tests until r2dbc-h2 is upgraded" 
This reverts commit 614065bb3b4eaeee5175fbde44bba9fd7f31a316.
 2022-07-13 10:55:12 -03:00
Marcus Da Coregio
8776f66fb9 Update io.r2dbc:r2dbc-h2 to 1.0.0.RC1 
Closes gh-11479
 2022-07-13 10:55:12 -03:00
Steve Riesenberg
614065bb3b
Disable failing tests until r2dbc-h2 is upgraded 
Issue gh-11479
 2022-07-11 10:32:38 -05:00
Rivaldi
757fb38147 Fix typo 
(cherry picked from commit 80c5ec459befd9292e08a43e30f4aae22f39eeed)
 2022-06-27 16:05:50 -06:00
Josh Cummings
1d72a05c32
Add SecurityContextHolderStrategy to OAuth2 
Issue gh-11060
 2022-06-27 13:05:12 -06:00
Josh Cummings
01513ab17e
Add placeholders to reactive post_logout_redirect_uri 
Now also supports baseScheme, baseHost, basePort, and basePath

Issue gh-11229
 2022-06-16 16:10:26 -06:00
Josh Cummings
6f69d85fcb
Reactive OAuth 2.0 logout handler resolves registrationId 
Closes gh-11378
 2022-06-16 16:09:57 -06:00
Josh Cummings
3f30de388a
Encode postLogoutRedirectUri query params 
Closes gh-11379
 2022-06-16 16:09:56 -06:00
Michael
e4505ed6c8
Add placeholders to post_logout_redirect_uri 
Now supports baseScheme, baseHost, basePort, and basePath in addition
to extant baseUrl.

Closes gh-11229
 2022-06-16 16:09:56 -06:00
Josh Cummings
a8ab432aea
Add placeholders to reactive post_logout_redirect_uri 
Now also supports baseScheme, baseHost, basePort, and basePath

Issue gh-11229
 2022-06-16 15:58:44 -06:00
Josh Cummings
ebb5746f6e
Reactive OAuth 2.0 logout handler resolves registrationId 
Closes gh-11378
 2022-06-16 15:58:44 -06:00
Josh Cummings
18f7cf5406
Encode postLogoutRedirectUri query params 
Closes gh-11379
 2022-06-16 15:58:43 -06:00
Michael
cb0ab49adc
Add placeholders to post_logout_redirect_uri 
Now supports baseScheme, baseHost, basePort, and basePath in addition
to extant baseUrl.

Closes gh-11229
 2022-06-16 15:58:35 -06:00
Steve Riesenberg
d18291676f
Update copyright year 
Issue gh-11372
 2022-06-15 13:14:07 -05:00
Steve Riesenberg
c7df39a3e6
Fix tests using root cause for exception messages 
Closes gh-11372
 2022-06-14 17:12:15 -05:00
Jyri-Matti Lähteenmäki
ca0a6d9777 Treat URLs as String before equals/hashcode 
java.net.URL performs DNS lookups whenever its equals/hashCode is
used. Thus attribute values of type java.net.URL need to be converted
to something else before they are used for equals/hashCode.

Closes gh-10673
 2022-06-03 11:36:00 -04:00
Kuby
e28fcbfbbe
Change phoneNumberVerified with type Boolean 
Closes: gh-11315
 2022-06-03 10:23:53 -05:00
Kuby
759d799ddd Change phoneNumberVerified with type Boolean 
Closes: gh-11315
 2022-06-03 09:46:00 -05:00