31634e25be
Update to oauth2-oidc-sdk:6.0
...
Fixes gh-5792
2018-09-07 12:19:56 -04:00
bf2484e6fa
Update to selenium-java:3.14.0
...
Fixes gh-5791
2018-09-07 12:19:56 -04:00
0e5cbd36e6
Update to jaxb-api:2.4.0-b180830.0359
...
Fixes gh-5788
2018-09-07 12:19:56 -04:00
5728108149
Update to javax.persistence:2.2.1
...
Fixes gh-5786
2018-09-07 12:19:56 -04:00
54484639bb
Update to htmlunit-driver:2.32.1
...
Fixes gh-5784
2018-09-07 12:19:56 -04:00
451fd50189
Update to hibernate-entitymanager:5.3.6.Final
...
Fixes gh-5782
2018-09-07 12:19:56 -04:00
7a24e7d648
Update to mockito-core:2.21.0
...
Fixes gh-5781
2018-09-07 12:19:56 -04:00
05b8457b5f
Update to assertj-core:3.11.1
...
Fixes gh-5780
2018-09-07 12:19:56 -04:00
21e62683ab
Polish Commit on Reactive Http Basic Test
2018-09-07 10:01:11 -06:00
6df4dfe47b
Reactive HttpBasic Support For Coloned Passwords
...
This makes so that reactive httpBasic supports passwords containing
one or more colons.
2018-09-07 10:01:11 -06:00
9e0f171d47
Jwt Claim Mapping
...
This introduces a hook for users to customize standard Jwt Claim
values in cases where the JWT issuer isn't spec compliant or where the
user needs to add or remove claims.
Fixes: gh-5223
2018-09-07 09:48:26 -05:00
2495025845
authcodegrant samples->oauth2webclient samples
...
The authcodegrant samples were initially meant to be very simple
demonstration of authorization code flow. However, it has become
obvious since then that the real intent of the demo is how to use
the WebClient with OAuth (there is no other reason to do authorization
code flow unless you use the token to make a request).
The samples have been migrated to oauth2webclient and oauth2webclient-webflux
respectively. They have been improved:
* The sample demonstrates usage with annotations, webclient directly, form login
oauth2Login, and public APIs
* The samples externalize the endpoint that is requested in the sample
making it easier to try other endpoints
* The UI no longer relies on a data structure for the result of the
endpoint also making it easier to try other endpoints
Issue: gh-4921
2018-09-07 08:58:50 -05:00
438d2911fb
OAuth2AuthorizedClientResolver
...
Extract out a private API for shared code between the argument resolver
and WebClient support. This makes it easier to make changes in both
locations. Later we will extract this out so it is not a copy/paste
effort.
Issue: gh-4921
2018-09-07 08:58:00 -05:00
23726abb1e
ServerOAuth2AuthorizedClientExchangeFilterFunction default ServerWebExchange
...
Leverage ServerWebExchange established by ServerWebExchangeReactorContextWebFilter
Issue: gh-4921
2018-09-07 08:57:25 -05:00
ac78258847
ServerOAuth2AuthorizedClientExchangeFilterFunction defaultOAuth2AuthorizedClient
...
Defaults to use the OAuth2AuthenticationToken to resolve the authorized client
Issue: gh-4921
2018-09-07 08:57:00 -05:00
158b8aa6d5
ServerOAuth2AuthorizedClientExchangeFilterFunction clientRegistrationId
...
Issue: gh-4921
2018-09-07 08:56:49 -05:00
28537fa3b6
WebClientReactiveClientCredentialsTokenResponseClient
...
Fixes: gh-5607
2018-09-07 08:53:35 -05:00
89f2874bff
ServerOAuth2AuthorizedClientExchangeFilterFunction clientRegistrationId
...
You can now provide the clientRegistrationId and
ServerOAuth2AuthorizedClientExchangeFilterFunction will look up the authorized client automatically.
Issue: gh-4921
2018-09-07 08:52:35 -05:00
5bcbb1c40f
ServerOAuth2AuthorizedClientExchangeFilterFunction uses ServerOAuth2AuthorizedClientRepository
...
Issue: gh-4921
2018-09-07 08:52:18 -05:00
07b6699fd9
ServerWebExchangeReactorContextWebFilter
...
Fixes: gh-5779
2018-09-07 08:49:27 -05:00
65c81ce952
Make JwtReactiveAuthenticationManager final
2018-09-06 13:46:18 -06:00
057587ef29
ClientRegistration contains Provider Configuration Metadata
...
Fixes gh-5540
2018-09-05 17:01:23 -04:00
c60fcf263e
provide test for custom principal extractor config
...
Signed-off-by: Sola <dev@sola.love>
2018-09-05 15:51:14 -05:00
2980f96b55
Allow PrincipalExtractor to be customized.
...
Signed-off-by: Sola <dev@sola.love>
2018-09-05 15:51:14 -05:00
932ea245fb
AuthenticationManager for OAuth2ResourceServerSpec
...
This makes the AuthenticationManager used by the OAuth2 Resource
Server configurable, focusing at this point on the Jwt use case.
Fixes: gh-5750
2018-09-05 09:19:11 -05:00
dfd572a4d2
Polish
2018-09-05 07:59:00 -05:00
3b480a3a05
Provide RestOperations in CustomUserTypesOAuth2UserService
...
Fixes gh-5602
2018-09-05 07:59:00 -05:00
4a8c95a3e8
Provide RestOperations in DefaultOAuth2UserService
...
Fixes gh-5600
2018-09-05 07:59:00 -05:00
25d1f49d84
Remove Resource Server's Session Policy Config
...
Resource Server doesn't need to set the session policy for the
application to STATELESS since it can rely on the
SessionManagementFilter ignoring token's annotated with @Transient,
which a JwtAuthenticationToken is.
Fixes: gh-5759
2018-09-04 14:55:40 -06:00
5141dacd95
Upgrade to Gradle Wrapper 4.10
...
Closes gh-5748
2018-09-04 14:11:15 -05:00
5dd55d4936
Ensure NamingException.resolvedObj is Serializable
...
Fixes: gh-5378
2018-09-04 11:04:26 -05:00
8510e9a285
Reactive Resource Server insufficient_scope
...
This introduces an implementation of ServerAccessDeniedHandler that is
compliant with the OAuth 2.0 spec for insufficent_scope errors.
Fixes: gh-5705
2018-08-31 10:33:11 -05:00
1c74706232
Delegating ServerAccessDeniedHandler by exchange
...
Fixes: gh-5747
2018-08-31 10:33:11 -05:00
8e615d0fee
Re-factor DefaultClientCredentialsTokenResponseClient
...
Fixes gh-5735
2018-08-27 15:10:17 -05:00
713e1e3356
BearerTokenServerAuthenticationEntryPoint waits for subscriber
...
Fixes: gh-5742
2018-08-27 14:26:45 -05:00
362c2ef1f2
Force snapshot repo in snapshot stage build
2018-08-27 13:35:58 -05:00
229b69dd35
Add DefaultAuthorizationCodeTokenResponseClient
...
Fixes gh-5547
2018-08-27 12:44:19 -04:00
f7cb53e9bd
Upgrade spring-build-conventions to 0.0.18.RELEASE
2018-08-27 10:45:35 -05:00
cb0ba58b58
Fix WhitespaceAfterCheck Checkstyle check
2018-08-27 10:45:35 -05:00
439538477a
Add missing space in namespace.adoc
2018-08-27 10:43:53 -05:00
88181c31f1
Polish ActiveDirectoryLdapAuthenticationProviderTests
...
This commit polishes ActiveDirectoryLdapAuthenticationProviderTests.contextEnvironmentPropertiesUsed() by:
- Adding fail() to prevent from going through an unexpected path.
- Asserting that the root cause is an instance of ClassNotFoundException as the current code doesn't seem to right.
2018-08-26 21:31:39 -05:00
f5ad4ba0fa
ServletOAuth2AuthorizedClientExchangeFilterFunction support client_credentials
...
Fixes: gh-5639
2018-08-24 11:33:02 -05:00
2d497c7b0f
Remove OAuth2ExchangeFilterFunctions
...
Fixes: gh-5734
2018-08-24 11:27:59 -05:00
1640a1f462
Polish ServerAuthenticationConverter
...
Fix package tangles
Issue: gh-5338
2018-08-24 09:44:27 -05:00
68d836d508
Reactive Resource Server Csrf Bypass
...
This makes requests identified as bearer token requests skip the csrf
filter.
Fixes: gh-5710
2018-08-24 09:44:01 -05:00
820fb7d828
Polish formatting ServerHttpSecurity JwtSpec
...
Fixes: gh-5728
2018-08-23 15:12:19 -05:00
cba2444e1a
ServerHttpSecurity ReactiveJwtDecoder discovery
...
This makes so that WebFlux OAuth 2.0 Resource Server configuration
will pick up a ReactiveJwtDecoder exposed as a bean.
Fixes: gh-5720
2018-08-23 15:12:14 -05:00
0fdc081ab5
Add unit tests
...
Added some unit tests around some untested parts of the code that I
will be touching for this issue.
Issue: gh-5720
2018-08-23 15:11:40 -05:00
7c14c6e48f
Update to Spring Boot 2.1.0.M2
...
Fixes: gh-5727
2018-08-23 13:00:22 -05:00
416a276436
Expose Default Reactive CsrfProtectionMatcher
...
Make so that users can augment the default protection logic with
their own.
Fixes: gh-5725
2018-08-22 13:02:02 -06:00
Joe Grandja
Josh Cummings
Tim Koopman
Rob Winch
Sola
Johnny Lim
Vedran Pavic
Jason Zhekov