Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-03-01 02:49:11 +00:00
Code Issues Packages Projects Releases Wiki Activity
16,412 Commits 36 Branches 337 Tags
Commit Graph

2668 Commits

Author SHA1 Message Date
Josh Cummings
a9f8a23e50
Merge branch '6.2.x' into 6.3.x 2024-12-19 08:55:25 -07:00
Josh Cummings
643a3f1206
Test Setting logoutRequestRepository 
Issue gh-16093
 2024-12-19 08:55:18 -07:00
Steven Williams
7aafe2ed5a
Set Saml2RelyingPartyInitiatedLogoutSuccessHandler#logoutRequestRepository 
Closes gh-16093
 2024-12-19 08:53:02 -07:00
Josh Cummings
dd8ee38194
Merge branch '6.2.x' into 6.3.x 
Closes gh-16229
 2024-12-06 15:18:42 -07:00
Josh Cummings
87de6cea1b
Use Reactive JSON Encoder 
Closes gh-16177
 2024-12-06 15:14:07 -07:00
Josh Cummings
3d1e4b5f18
Polish Tests 
Confirm that responses are a valid JSON map

Issue gh-16177
 2024-12-06 15:14:07 -07:00
DingHao
ef7b11ac01 Delay initialization UserDetailsService in Global Authentication 2024-12-05 12:26:04 -07:00
DingHao
e8ba039a61 Delay initialization AuthenticationProvider in Global Authentication 2024-11-22 17:22:14 -07:00
Joe Grandja
709103e38c Merge branch '6.2.x' into 6.3.x 2024-11-18 04:45:38 -05:00
Joe Grandja
a8c4d6cead Require Locale argument for toLower/toUpperCase usage 2024-11-18 04:22:26 -05:00
Rob Winch
e1ad989d38 Merge branch '6.2.x' into 6.3.x 
Closes gh-16062
 2024-11-11 14:58:39 -06:00
Rob Winch
81e74e65d4 Support ServerExchangeRejectedHandler @Bean 
Closes gh-16061
 2024-11-11 14:58:00 -06:00
Cedric Montfort
d9d77bed82 Allow logout+jwt JWT type for reactive 
The OIDC back-channel spec recommends using a logout token typ `logout+jwt`
(see [here](https://openid.net/specs/openid-connect-backchannel-1_0-final.html#LogoutToken).

Support of this type was recently added [on the servlet side]([on the Servlet side](9101bf1f7d)), so back
porting the same on the reactive side to close the gap.

Closes gh-15702
 2024-10-28 14:21:48 -07:00
Rob Winch
1ba6301afa Support ServerWebExchangeFirewall @Bean 
Closes gh-15987
 2024-10-25 12:13:41 -05:00
Rob Winch
adc66e134b Merge branch '6.2.x' into 6.3.x 
Support ServerWebExchangeFirewall @Bean

Closes gh-15991
 2024-10-25 11:56:53 -05:00
Rob Winch
3ba1263d64 Support ServerWebExchangeFirewall @Bean 
Closes gh-15987
 2024-10-24 16:47:36 -05:00
Josh Cummings
c104f44546 Merge branch '6.2.x' into 6.3.x 2024-10-23 15:23:15 -07:00
Scott Murphy Heiberg
18dba34bde Make RequestMatcherDelegatingAuthorizationManager Post-Processable 
Closes gh-15948
 2024-10-23 15:15:10 -07:00
Josh Cummings
746464e035
Merge branch '6.2.x' into 6.3.x 2024-09-30 17:21:13 -06:00
Josh Cummings
c1857c0308 Fix Formatting 
Issue gh-15771
 2024-09-30 16:19:26 -07:00
chao.wang
690e012fb1 Improve OidcBackChannelLogoutTokenValidator error when provider issuer is missing 
Closes gh-15771
 2024-09-30 16:19:26 -07:00
Daniel Garnier-Moiroux
51d0a8b57d Fix getBeansWithName in global authentication configurers 2024-09-11 10:46:24 -07:00
DingHao
5c20505b0e Support Class Attributes in Annotation Template Processing 
Closes gh-15721
 2024-09-04 13:41:46 -07:00
Josh Cummings
ff41521e1e
Merge branch '6.2.x' into 6.3.x 2024-09-03 16:33:46 -06:00
Josh Cummings
b22061d0b6
Merge branch '5.8.x' into 6.2.x 2024-09-03 16:33:22 -06:00
Josh Cummings
97cefa6830 Update Formatting 
Issue gh-15714
 2024-09-03 15:32:59 -07:00
tugjg
f836efb912 Address unnecessary method invocation 
Closes gh-15714
 2024-09-03 15:32:59 -07:00
Josh Cummings
279cb89eac
Merge branch '6.2.x' into 6.3.x 2024-08-26 16:32:58 -06:00
Hero Wanders
f372f5cf52 Replace OidcSessionStrategy References with OidcSessionRegistry 2024-08-26 15:32:35 -07:00
Josh Cummings
4c0d969f1f
Merge branch '6.2.x' into 6.3.x 
Closes gh-15676
 2024-08-22 12:37:45 -06:00
Josh Cummings
3ee5a96e53
Merge branch '5.8.x' into 6.2.x 
Closes gh-15675
 2024-08-22 12:24:56 -06:00
Josh Cummings
5c604b95fb
Correct PostFilterAuthorizationMethodInterceptor Target Type 
Previously, `postFilterAuthorizationMethodInterceptor` mistakenly
was published as an `Advisor`. Because `MethodSecurityAdvisorRegistrar`
re-publishes each pre/post annotation interceptor also as an `Advisor`,
this resulted in a duplicate advisor for `@PostFilter`.

Closes gh-15651
 2024-08-22 12:10:25 -06:00
Josh Cummings
ae8e4d148e
Produce Exactly One AuthorizationAdvisor Per Annotation 
Closes gh-15592
 2024-08-19 12:30:03 -06:00
Josh Cummings
27af1df87d
Simplify Method Interceptor Configuration 
Simplifies to use only one ObjectProvider for easier
future maintenance

Issue gh-15592
 2024-08-19 12:27:56 -06:00
Daniel Garnier-Moiroux
b731623b3a Fix checkstyle errors with @Deprecated 2024-08-19 10:55:58 -03:00
Daniel Garnier-Moiroux
b92ed92548 Fix checkstyle errors with @Deprecated 2024-08-19 10:55:28 -03:00
Marcus Hert Da Coregio
912062d307 Merge branch '6.2.x' into 6.3.x 2024-08-19 09:11:10 -03:00
Daniel Garnier-Moiroux
79fb0113c8 Bump io-spring-javaformat from 0.0.42 to 0.0.43 
Bumps `io-spring-javaformat` from 0.0.42 to 0.0.43.

Updates `io.spring.javaformat:spring-javaformat-checkstyle` from 0.0.42 to 0.0.43
- [Release notes](https://github.com/spring-io/spring-javaformat/releases)
- [Commits](spring-io/spring-javaformat@v0.0.42...v0.0.43)

Updates `io.spring.javaformat:spring-javaformat-gradle-plugin` from 0.0.42 to 0.0.43
- [Release notes](https://github.com/spring-io/spring-javaformat/releases)
- [Commits](spring-io/spring-javaformat@v0.0.42...v0.0.43)

---
updated-dependencies:
- dependency-name: io.spring.javaformat:spring-javaformat-checkstyle
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: io.spring.javaformat:spring-javaformat-gradle-plugin
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

---
Manual updates:
- Adhere to rule where `@Deprecated` annotations and `@deprecated` javadoc comments MUST
  be used together

Signed-off-by: dependabot[bot] <support@github.com>
 2024-08-19 09:11:05 -03:00
Daniel Garnier-Moiroux
3b8cdc323f Remove unused method 2024-08-08 15:29:41 -05:00
Daniel Garnier-Moiroux
109da2719f Use explicit types everywhere instead of var 2024-08-08 15:29:41 -05:00
Josh Cummings
f20ae1a71c
Revert gh-13783 
This feature unfortunately regresses pre-existing behavior
like that found in gh-15352. As such, this functionality
has been removed.

Closes gh-15352
 2024-07-31 16:16:34 -06:00
Marcus Hert Da Coregio
c1b3b329af Merge branch '6.2.x' into 6.3.x 2024-07-29 14:56:09 -03:00
baezzys
3d4bcf1b44 fix: Restrict automatic CORS configuration to UrlBasedCorsConfigurationSource 
- Update CORS configuration logic to automatically enable .cors() only if a UrlBasedCorsConfigurationSource bean is present.
- Modify applyCorsIfAvailable method to check for UrlBasedCorsConfigurationSource instances.
 2024-07-29 14:55:55 -03:00
Josh Cummings
ba714d78ab
Merge branch '6.2.x' into 6.3.x 
Closes gh-15440
 2024-07-18 15:51:10 -06:00
Josh Cummings
3daeeb8789
Merge branch '5.8.x' into 6.2.x 
Closes gh-15439
 2024-07-18 15:50:58 -06:00
Josh Cummings
dab48d25b0
Improve Error Message When Registration Missing 
Closes gh-15363
 2024-07-18 15:50:41 -06:00
Josh Cummings
8ee497f4c5
Merge branch '6.2.x' into 6.3.x 
Closes gh-15410
 2024-07-12 11:04:08 -06:00
Josh Cummings
7422a1134a Allow logout+jwt JWT type 
Closes gh-15003
 2024-07-12 10:03:40 -07:00
Josh Cummings
22c7b8760a
Merge branch '6.2.x' into 6.3.x 
Closes gh-15211
 2024-06-06 13:36:20 -06:00
Josh Cummings
f231ea277d
Merge branch '5.8.x' into 6.2.x 
Closes gh-15210
 2024-06-06 13:35:56 -06:00