Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-02-21 05:44:56 +00:00
Code Issues Packages Projects Releases Wiki Activity
8,106 Commits 33 Branches 337 Tags
Commit Graph

8106 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Joe Grandja
345bfdd437 Polish gh-7279 2019-09-26 12:33:21 -04:00
Stephen Doxsee
7dc3c8a8de Add documentation for Public Client PKCE support 
Fixes gh-7279
 2019-09-26 12:21:22 -04:00
Joe Grandja
d3b7a47ef8 Polish gh-4442 2019-09-25 21:37:31 -04:00
Mark Heckler
da9f027fa4 Add nonce to OIDC Authentication Request 
Fixes gh-4442
 2019-09-25 14:57:54 -04:00
Filip Hanik
adde18b873 Revert "Merge pull request #7432 from fhanik/feature/propagate_saml_authentication_exception" 
This reverts commit e9619fb0e7459528f7861faab3b06c7bb6b21bd0, reversing
changes made to 45a1490d5d713d39cad11ac2cdfddf7820e09f4b.
 2019-09-24 16:05:09 -07:00
Filip Hanik
e9619fb0e7
Merge pull request #7432 from fhanik/feature/propagate_saml_authentication_exception 
Propagate saml authentication exception #7375

Fixes gh-7375
 2019-09-24 15:26:38 -07:00
Filip Hanik
d472e99528 SAML Assertion validation should propagate errors: #7375 and #7375 
Fixes gh-7377
Fixes gh-7375

https://github.com/spring-projects/spring-security/issues/7377
https://github.com/spring-projects/spring-security/issues/7375
 2019-09-24 14:40:39 -07:00
Filip Hanik
20033ffd4a OpenSAML expects type long representing millis for response time validation skew 
Fixes gh-7448

https://github.com/spring-projects/spring-security/issues/7448
 2019-09-24 14:40:39 -07:00
Rob Winch
45a1490d5d Fix ClassCastException for JDK 9+ 
AuthenticationPrincipalArgumentResolverTests failed in JDK 9+ due to
its improved generic support and a ClassCastException.

Issue gh-7363
 2019-09-24 15:45:44 -05:00
Jesús Ascama
ceab56f764 Fix AuthorizationPayloadInterceptor order using PayloadInterceptorOrder.AUTHORIZATION 
Fixes gh-7434
 2019-09-24 15:39:25 -05:00
Rob Winch
b09e9f1896 Add Reactive Messaging AuthenticationPrincipalArgumentResolver 
Fixes gh-7363
 2019-09-24 15:11:23 -05:00
Joe Grandja
9f18c2e21a OAuth2AuthorizationCodeGrantWebFilter matches on registered redirect-uri 
Fixes gh-7036
 2019-09-24 11:07:36 -04:00
evfool
6f6f5a12da Fixed typo in comment 2019-09-23 10:13:49 -06:00
Eleftheria Stein
98e75eb51a Fix Javadoc for anonymous 2019-09-23 11:06:28 -04:00
Josh Cummings
4fa1d08e20
Restructure Docs 
Issue gh-5935
 2019-09-22 01:16:55 -06:00
Joe Grandja
c5fd646afc Update ref doc for OAuth2AuthorizationRequestResolver 
Fixes gh-7405
 2019-09-20 20:56:51 -04:00
Joe Grandja
324e066717 Polish ref doc for RegisteredOAuth2AuthorizedClient 2019-09-20 16:18:29 -04:00
Joe Grandja
076692ceef Polish ref doc for oauth2-client 2019-09-20 16:18:29 -04:00
Joe Grandja
52f0e5287b Update ref doc for oauth2-client WebClient integration 
Fixes gh-7404
 2019-09-20 16:18:29 -04:00
Josh Cummings
38e87568a6
Document Clear Site Data 
Fixes gh-7463
 2019-09-20 13:02:06 -06:00
Josh Cummings
124d9964d7
Document Bearer Token Propagation 
Fixes gh-7461
 2019-09-20 12:05:24 -06:00
Josh Cummings
3a9ee46719
Document RFC 8414 Support 
Fixes gh-7462
 2019-09-20 10:53:53 -06:00
Josh Cummings
b91668a34d
Break Out Resource Server Documentation 
Issue gh-5935
 2019-09-20 09:52:29 -06:00
Josh Cummings
f22fdf1bc0
Align OAuth Reactive/Servlet Resource Server Docs 
Fixes gh-7430
Fixes gh-7425
Fixes gh-7460
 2019-09-19 17:15:01 -06:00
Joe Grandja
c1ae997adc Update ref doc for OAuth2AuthorizedClientManager 
Issue gh-7403
 2019-09-19 15:33:42 -04:00
Rob Winch
ff54eb878a Use Schedulers.boundedElastic() 
Fixes gh-7457
 2019-09-19 13:51:06 -05:00
Rob Winch
cb5c58eeaa AbstractUserDetailsReactiveAuthenticationManager uses newParallel 
It is recommended to use newParallel to avoid impacting the timed
operations which all use parallel()

Fixes gh-7456
 2019-09-19 13:43:25 -05:00
Joe Grandja
eeb0f56bac Add ref doc for password grant 
Fixes gh-7397
 2019-09-19 14:00:45 -04:00
Rob Winch
00f8991fac Merge Remove Redudant Throws 
Fixes gh-7301
 2019-09-19 11:04:53 -05:00
Joe Grandja
3425db6d16 Fix typo 2019-09-18 19:54:37 -04:00
Joe Grandja
e8d98a54b7 Add ref doc for refresh_token grant 
Fixes gh-7398
 2019-09-18 19:54:37 -04:00
Onur Kagan Ozcan
034b5e9e93 Introduce LogoutSuccessEvent 
LogoutSuccessEvent is a simple AbstractAuthenticationEvent implementation which indicates successful logout.

By default, LogoutConfigurer will add a new LogoutHandler called LogoutSuccessEventPublishingLogoutHandler to publish this event.

This PR will also fix ConcurrentSessionFilter's composite logoutHandler, now will get LogoutHandler instances from LogoutConfigurer for consistency.

Fixes gh-2900
 2019-09-18 10:57:16 -05:00
Josh Cummings
7576dc44d7
AuthenticationFilter Session Fixation Protection 
Fixes gh-7446
 2019-09-17 08:17:09 -06:00
Josh Cummings
496a2cdc60
Make AuthenticationFilter methods private 
Fixes gh-7447
 2019-09-17 08:06:21 -06:00
Josh Cummings
05caf3d8fb
Use Jwt.Builder 
Fixes gh-7443
 2019-09-16 14:00:25 -06:00
Josh Cummings
40901fe072
Jwt.Builder#notBefore Value Is Instant 
Fixes gh-7442
 2019-09-16 14:00:25 -06:00
Josh Cummings
1176d0cfdb
Polish DefaultFilters,Issue55Tests 
Formatted HttpSecurity and WebSecurity configuration stacks
Removed unnecessary code

Issue gh-4939
 2019-09-16 13:56:17 -06:00
kostya05983
950e6422a1
Migrate DefaultFilters,Issue55Tests groovy->java 
Issue gh-4939
 2019-09-16 13:37:22 -06:00
Joe Grandja
5aa37722b9 Add ref doc for client_credentials grant 
Fixes gh-6206
 2019-09-16 15:14:34 -04:00
Joe Grandja
8aa55fe81b Update auth_code ref doc for oauth2-client 2019-09-16 09:37:37 -04:00
Josh Cummings
338b637ab5
Document Mock Jwt Testing 
Fixes gh-7242
 2019-09-16 07:34:37 -06:00
Josh Cummings
bdaf530511
Remove Stray @MockBean 
Issue gh-7170
 2019-09-16 06:56:58 -06:00
Andreas Falk
a085a12c99 Fix wrong java runtime version mentioned in reference doc 
The reference documentation still referred to Java 5.0 as minimum
runtime version which is wrong.
This commit changes this to the correct
Java 8 runtime version as required minimum version.
In addition it corrects a fuzzy wording regarding stripping down the
`spring-security-core` jar.

Fixes gh-7440
 2019-09-16 13:09:57 +01:00
Joe Grandja
1c257afa79 Update ref doc for oauth2-client 2019-09-13 21:07:26 -04:00
Josh Cummings
b55b2914c2 Mock Jwt Disables CSRF 
Fixes gh-7170
 2019-09-13 19:04:05 +01:00
Josh Cummings
aa12748c9b Add Request-level CSRF Skip 
Fixes gh-7367
 2019-09-13 19:04:05 +01:00
Joe Grandja
9920cb41d1 Update ref doc copyright year 2019-09-12 19:28:01 -04:00
Joe Grandja
88c749263b Polish javadoc for OAuth2AuthorizedClientManager 2019-09-12 19:25:49 -04:00
Joe Grandja
33837d21be Polish oauth2-client ref doc 2019-09-12 18:57:57 -04:00
Joe Grandja
cb5f9856fe Reorganize ref doc sections for oauth2-client 
Fixes gh-7428
 2019-09-12 18:42:23 -04:00