Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
10,425 Commits 30 Branches 330 Tags 114 MiB
Commit Graph

10425 Commits

Author SHA1 Message Date
Marcus Da Coregio 3bde9f6196 Update assertj-core to 3.23.1 
Closes gh-11531
 2022-07-15 14:07:24 -03:00
Marcus Da Coregio 30c4d78653 Update htmlunit to 2.63.0 
Closes gh-11530
 2022-07-15 14:07:22 -03:00
Marcus Da Coregio 6f3bdba23b Update jakarta.servlet.jsp-api to 3.1.0 
Closes gh-11529
 2022-07-15 14:07:19 -03:00
Marcus Da Coregio 368f35a322 Update jakarta.annotation-api to 2.1.1 
Closes gh-11528
 2022-07-15 14:07:16 -03:00
Marcus Da Coregio c214c6c23e Update io.spring.javaformat to 0.0.34 
Closes gh-11527
 2022-07-15 14:07:14 -03:00
Marcus Da Coregio 64c134a47e Update io.projectreactor to 3.5.0-M4 
Closes gh-11525
 2022-07-15 14:07:08 -03:00
Marcus Da Coregio 2ce66ece0f Update aspectj-plugin to 6.5.0.3 
Closes gh-11524
 2022-07-15 14:07:05 -03:00
Marcus Da Coregio c4df4122dc Update com.nimbusds to 9.38.1 
Closes gh-11523
 2022-07-15 14:07:03 -03:00
Marcus Da Coregio dda98f333c Polish 
Make encodingAlgorithm final and add it to the constructor
Add since tags
Add more tests
 2022-07-15 10:34:36 -03:00
Marcus Da Coregio e17fe8ced9 Add SHA256 as an algorithm option for Remember Me token hashing 
Closes gh-8549
 2022-07-15 10:34:36 -03:00
Joe Grandja 0e291a3295 Remove deprecations in AuthorizationRequestRepository 
Closes gh-11519
 2022-07-15 08:15:52 -04:00
Joe Grandja e12823095f Remove deprecations in ClientRegistration 
Closes gh-11518
 2022-07-15 08:15:30 -04:00
Joe Grandja 61b034bf69 Remove deprecations in AbstractOAuth2AuthorizationGrantRequest 
Closes gh-11517
 2022-07-15 08:14:56 -04:00
Joe Grandja be58e2ac49 Remove deprecations in ClientAuthenticationMethod 
Closes gh-11516
 2022-07-15 07:45:33 -04:00
Joe Grandja 8c12c3dad0 Remove deprecated converters in OAuth2AccessTokenResponseHttpMessageConverter 
Closes gh-11513
 2022-07-14 16:55:53 -04:00
Joe Grandja 746d27eab1 Remove deprecated NimbusAuthorizationCodeTokenResponseClient 
Closes gh-11512
 2022-07-14 16:32:21 -04:00
Josh Cummings d27322c9e0
Polish HttpSecurity Formatting 
Issue gh-11360
 2022-07-14 13:00:08 -06:00
Evgeniy Cheban c4b0e9bd74
Add remaining methods from ExpressionUrlAuthorizationConfigurer to AuthorizeHttpRequestsConfigurer 
- Added fullyAuthenticated
- Added rememberMe
- Added anonymous

Closes gh-11360
 2022-07-14 13:00:07 -06:00
Joe Grandja 42683693c0 Remove deprecated CustomUserTypesOAuth2UserService 
Closes gh-11511
 2022-07-14 14:28:41 -04:00
Joe Grandja 67b27a41c3 Remove deprecated UnAuthenticatedServerOAuth2AuthorizedClientRepository 
Closes gh-11508
 2022-07-14 12:10:58 -04:00
Joe Grandja f5a436df80 Remove deprecated NimbusJwtDecoderJwkSupport 
Closes gh-11507
 2022-07-14 12:09:59 -04:00
Josh Cummings 35fc437559
Add AuthorizationManager for protect-pointcut 
Closes gh-11323
 2022-07-14 09:25:49 -06:00
Josh Cummings 20def5e25d
Consolidate ExpressionAuthorizationDecision 
Issue gh-11493
 2022-07-14 09:25:17 -06:00
Josh Cummings 8d0084842b
Add MethodExpressionAuthorizationManager 
Closes gh-11493
 2022-07-14 09:25:16 -06:00
Josh Cummings 9b43316f4d
Polish InterceptMethodsBeanDefinitionDecorator 
Issue gh-11328
 2022-07-14 09:25:16 -06:00
Joe Grandja a3326fc0ee Remove deprecated implicit authorization grant type 
Closes gh-11506
 2022-07-14 10:05:15 -04:00
Marcus Da Coregio 9608eaa138 Clarify authorize-http-requests docs 
Issue gh-11467
 2022-07-14 10:19:31 -03:00
Marcus Da Coregio 64ba31aebb Improve docs on dispatcherTypeMatcher 
Closes gh-11467
 2022-07-14 10:08:19 -03:00
Joe Grandja 7df9c6eba5 Use OAuth2Token instead of AbstractOAuth2Token 
Closes gh-10959
 2022-07-13 16:48:28 -04:00
Joe Grandja f87df42500 Remove deprecated OAuth2IntrospectionClaimAccessor 
Closes gh-11499
 2022-07-13 15:51:58 -04:00
Joe Grandja 7b18336c6a Change interface with constants to final class 
Closes gh-10960
 2022-07-13 15:51:58 -04:00
Steve Riesenberg 92d4f1237d
Use JDK 17 for Antora 
Issue gh-11430
Issue gh-11324
 2022-07-13 14:11:31 -05:00
Joe Grandja d85abc7bbb Update javadoc in CommonOAuth2Provider 
Closes gh-11490
 2022-07-13 11:20:04 -04:00
Marcus Da Coregio ecbfa84b39 Revert "Disable failing tests until r2dbc-h2 is upgraded" 
This reverts commit 614065bb3b.
 2022-07-13 10:55:12 -03:00
Marcus Da Coregio 8776f66fb9 Update io.r2dbc:r2dbc-h2 to 1.0.0.RC1 
Closes gh-11479
 2022-07-13 10:55:12 -03:00
Marcus Da Coregio 7abea4a964 Add RuntimeHints suffix for RuntimeHintsRegistrar 
Closes gh-11497
 2022-07-13 10:14:43 -03:00
Joe Grandja 177baba8c9 RuntimeHintsPredicates moved to predicate package 2022-07-12 16:00:50 -04:00
Marcus Da Coregio 6455e98745 FilterSecurityInterceptor applies to every request by default 
Closes gh-11466
 2022-07-12 10:53:03 -03:00
Tim te Beek 2c0a4337a8
Clearly end sentence in note before next sentence 2022-07-11 17:36:30 -06:00
Tim te Beek 9f4b0ca8b5
Use Collection<ConfigAttribute> in examples 
To match `org.springframework.security.access.ConfigAttribute`.
 2022-07-11 17:36:30 -06:00
Josh Cummings 60652afb32
Polish InterceptMethodsBeanDefinitionDecorator 
Issue gh-11328
 2022-07-11 16:54:59 -06:00
Josh Cummings bc6f494af8
Correct input validation for 31 rounds 
Closes gh-11470
 2022-07-11 14:04:39 -06:00
Steve Riesenberg 614065bb3b
Disable failing tests until r2dbc-h2 is upgraded 
Issue gh-11479
 2022-07-11 10:32:38 -05:00
Steve Riesenberg 206c6ffb54
Remove deprecation warnings with Context.putAll 
Closes gh-11476
 2022-07-08 16:03:45 -05:00
Rob Winch 7da34cfa2c Fix logging for AnonymousAuthenticationFilter 
Currently if trace logging is enabled a StackOverflowException is thrown
when trying to resolve toString of the authentication.

java.lang.StackOverflowError: null
        at java.base/java.lang.AbstractStringBuilder.append(AbstractStringBuilder.java:538) ~[na:na]
        at java.base/java.lang.StringBuilder.append(StringBuilder.java:174) ~[na:na]
        at org.springframework.security.web.authentication.AnonymousAuthenticationFilter.lambda$defaultWithAnonymous$2(AnonymousAuthenticationFilter.java:125) ~[spring-security-web-5.8.0-SNAPSHOT.jar:5.8.0-SNAPSHOT]
        at org.springframework.core.log.LogMessage$SupplierMessage.buildString(LogMessage.java:155) ~[spring-core-5.3.12.jar:5.3.12]
        at org.springframework.core.log.LogMessage.toString(LogMessage.java:70) ~[spring-core-5.3.12.jar:5.3.12]
        at java.base/java.lang.String.valueOf(String.java:2951) ~[na:na]
        at org.apache.commons.logging.LogAdapter$Slf4jLocationAwareLog.trace(LogAdapter.java:482) ~[spring-jcl-5.3.12.jar:5.3.12]
        at org.springframework.security.web.authentication.AnonymousAuthenticationFilter.defaultWithAnonymous(AnonymousAuthenticationFilter.java:125) ~[spring-security-web-5.8.0-SNAPSHOT.jar:5.8.0-SNAPSHOT]
        at org.springframework.security.web.authentication.AnonymousAuthenticationFilter.lambda$defaultWithAnonymous$0(AnonymousAuthenticationFilter.java:105) ~[spring-security-web-5.8.0-SNAPSHOT.jar:5.8.0-SNAPSHOT]
        at org.springframework.security.core.context.ThreadLocalSecurityContextHolderStrategy.lambda$setDeferredContext$2(ThreadLocalSecurityContextHolderStrategy.java:67) ~[spring-security-core-5.8.0-SNAPSHOT.jar:5.8.0-SNAPSHOT]
        at org.springframework.security.core.context.ThreadLocalSecurityContextHolderStrategy.getContext(ThreadLocalSecurityContextHolderStrategy.java:43) ~[spring-security-core-5.8.0-SNAPSHOT.jar:5.8.0-SNAPSHOT]
        at org.springframework.security.web.authentication.AnonymousAuthenticationFilter.lambda$defaultWithAnonymous$2(AnonymousAuthenticationFilter.java:126) ~[spring-security-web-5.8.0-SNAPSHOT.jar:5.8.0-SNAPSHOT]
        at org.springframework.core.log.LogMessage$SupplierMessage.buildString(LogMessage.java:155) ~[spring-core-5.3.12.jar:5.3.12]
        at org.springframework.core.log.LogMessage.toString(LogMessage.java:70) ~[spring-core-5.3.12.jar:5.3.12]
        at java.base/java.lang.String.valueOf(String.java:2951) ~[na:na]
        at org.apache.commons.logging.LogAdapter$Slf4jLocationAwareLog.trace(LogAdapter.java:482) ~[spring-jcl-5.3.12.jar:5.3.12]
        at org.springframework.security.web.authentication.AnonymousAuthenticationFilter.defaultWithAnonymous(AnonymousAuthenticationFilter.java:125)

Issue gh-11457
 2022-07-08 15:44:21 -05:00
Rob Winch 4a5c0ac904 Fix Formatting 
Issue gh-11474
 2022-07-08 12:35:40 -05:00
Rob Winch 03cd9920aa DelegatingSecurityContextTaskScheduler implements new Methods 
Closes gh-11474
 2022-07-08 12:32:09 -05:00
Rob Winch d2d5313bba Fix Formatting 
Issue gh-11327
 2022-07-08 09:21:53 -05:00
Josh Cummings e8a7b654b4
Add Configuration Test 
Issue gh-11327
 2022-07-07 14:42:07 -06:00
Josh Cummings 01ffc93062
Add AuthorizationFilter to filter chain validator 
Closes gh-11327
 2022-07-07 14:40:53 -06:00