Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-10-25 11:48:42 +00:00
Code Issues Packages Projects Releases Wiki Activity
18,713 Commits 44 Branches 362 Tags
Commit Graph

777 Commits

Author SHA1 Message Date
Steve Riesenberg
aed993f3e5
Store one request by default in WebSessionOAuth2ServerAuthorizationRequestRepository 
Related to gh-9649
Closes gh-9857
 2021-06-15 11:03:30 -05:00
Steve Riesenberg
c0200512a7 URL encode client credentials 
Closes gh-9610
 2021-06-08 08:27:20 -05:00
Eleftheria Stein
36805c7192 Revert "Use strict equality for timestamp comparison in JDBC tests" 
This reverts commit 09a0670cb68032beacb399e0abe6d671967f3702.

This appears to still be an issue in Windows

Issue gh-8782
 2021-06-08 10:13:53 +03:00
Eleftheria Stein
09a0670cb6 Use strict equality for timestamp comparison in JDBC tests 
This is possible because of the update to HSQLDB 2.6.0
This reverts commit eb7b27695d3f9fce869eb3fb1c0ec56c32a9cb2b.

Closes gh-8782
 2021-06-08 09:31:55 +03:00
Steve Riesenberg
6cafa48369 URL encode client credentials 
Closes gh-9610
 2021-06-03 09:39:00 -05:00
Steve Riesenberg
5243b1b8a8 URL encode client credentials 
Closes gh-9610
 2021-06-03 09:29:25 -05:00
Steve Riesenberg
e6c268add0 URL encode client credentials 
Closes gh-9610
 2021-06-03 09:12:18 -05:00
Steve Riesenberg
ac9b137cad URL encode client credentials 
Closes gh-9610
 2021-06-01 12:57:06 -05:00
Josh Cummings
6d816fbf85
Polish postLogoutRedirectUri encoding 
Issue gh-9511
 2021-05-26 14:38:20 -06:00
Hans Hosea Schaefer
e52b104636
Encode postLogoutRedirectUri query params 
Now encodes already encoded queryparameters in postLogoutRedirectUrl
correctly

Closes gh-9511
 2021-05-26 14:36:05 -06:00
Josh Cummings
24c3c52254
Polish postLogoutRedirectUri encoding 
Issue gh-9511
 2021-05-26 13:58:28 -06:00
Hans Hosea Schaefer
499701e67a
Encode postLogoutRedirectUri query params 
Now encodes already encoded queryparameters in postLogoutRedirectUrl
correctly

Closes gh-9511
 2021-05-26 13:58:23 -06:00
Josh Cummings
f48a006034
Polish postLogoutRedirectUri encoding 
Issue gh-9511
 2021-05-26 13:51:26 -06:00
Hans Hosea Schaefer
b7a0959ede
Encode postLogoutRedirectUri query params 
Now encodes already encoded queryparameters in postLogoutRedirectUrl
correctly

Closes gh-9511
 2021-05-26 13:51:15 -06:00
Josh Cummings
65ecaa0c28
Polish postLogoutRedirectUri encoding 
Issue gh-9511
 2021-05-26 12:31:41 -06:00
Hans Hosea Schaefer
b671a96073
Encode postLogoutRedirectUri query params 
Now encodes already encoded queryparameters in postLogoutRedirectUrl
correctly

Closes gh-9511
 2021-05-26 12:10:03 -06:00
Steve Riesenberg
d3a3c36ad3 Handle custom status codes in error handler 
Fixes an issue where custom status codes in the error response cause an
IllegalArgumentException to be thrown when resolving an HttpStatus.

Closes gh-9741
 2021-05-25 16:14:35 -05:00
Steve Riesenberg
22272321f2 Handle custom status codes in error handler 
Fixes an issue where custom status codes in the error response cause an
IllegalArgumentException to be thrown when resolving an HttpStatus.

Closes gh-9741
 2021-05-25 15:37:37 -05:00
Steve Riesenberg
589eccc547 Handle custom status codes in error handler 
Fixes an issue where custom status codes in the error response cause an
IllegalArgumentException to be thrown when resolving an HttpStatus.

Closes gh-9741
 2021-05-25 15:08:05 -05:00
Steve Riesenberg
de4b3a4310 Handle custom status codes in error handler 
Fixes an issue where custom status codes in the error response cause an
IllegalArgumentException to be thrown when resolving an HttpStatus.

Closes gh-9741
 2021-05-25 13:41:04 -05:00
Steve Riesenberg
36dcbe24d0 Handle custom status codes in error handler 
Fixes an issue where custom status codes in the error response cause an
IllegalArgumentException to be thrown when resolving an HttpStatus.

Closes gh-9741
 2021-05-25 13:31:34 -05:00
Josh Cummings
5b24bd1288
Adjust ClientRegistrationsTests 
Closes gh-9748
 2021-05-14 10:30:46 -06:00
Rob Winch
c9a8419e22 Additional HttpSessionOAuth2AuthorizationRequestRepository tests 
Issue gh-5145
 2021-05-13 20:12:15 -04:00
Craig Andrews
ecb4a5749a HttpSessionOAuth2AuthorizationRequestRepository: store one request by default 
Add setAllowMultipleAuthorizationRequests allowing applications to
revert to the previous functionality should they need to do so.

Closes gh-5145
Intentionally regresses gh-5110
 2021-05-13 20:12:00 -04:00
Rob Winch
a4216d0ea5 Additional HttpSessionOAuth2AuthorizationRequestRepository tests 
Issue gh-5145
 2021-05-13 19:52:00 -04:00
Craig Andrews
b8eee2002f HttpSessionOAuth2AuthorizationRequestRepository: store one request by default 
Add setAllowMultipleAuthorizationRequests allowing applications to
revert to the previous functionality should they need to do so.

Closes gh-5145
Intentionally regresses gh-5110
 2021-05-13 19:50:47 -04:00
Rob Winch
f3436f25fb Additional HttpSessionOAuth2AuthorizationRequestRepository tests 
Issue gh-5145
 2021-05-13 14:01:04 -04:00
Craig Andrews
e447a35cf2 HttpSessionOAuth2AuthorizationRequestRepository: store one request by default 
Add setAllowMultipleAuthorizationRequests allowing applications to
revert to the previous functionality should they need to do so.

Closes gh-5145
Intentionally regresses gh-5110
 2021-05-13 14:00:53 -04:00
Asian Malaysian Vietnamese
5f6de026a8 Update javadoc AuthorizationCodeOAuth2AuthorizedClientProvider 
Closes gh-9708
 2021-05-13 13:02:08 -04:00
Rob Winch
64b7af473d Additional HttpSessionOAuth2AuthorizationRequestRepository tests 
Issue gh-5145
 2021-05-12 14:59:25 -05:00
Craig Andrews
35f5ebdbcf HttpSessionOAuth2AuthorizationRequestRepository: store one request by default 
Add setAllowMultipleAuthorizationRequests allowing applications to
revert to the previous functionality should they need to do so.

Closes gh-5145
Intentionally regresses gh-5110
 2021-05-12 14:59:25 -05:00
Joe Grandja
761e3a9dd8 JwtBearerOAuth2AuthorizedClientProvider checks for access token expiry 
Fixes gh-9700
 2021-04-30 10:12:38 -04:00
Joe Grandja
eff4cdc924 Polish gh-9505 2021-04-09 06:22:29 -04:00
Hassene Laaribi
7694aa27cf Add jwt-bearer authorization grant 
Closes gh-6053
 2021-04-09 06:22:29 -04:00
Joe Grandja
9c97970e26 Add Jwt Client Authentication support 
Closes gh-8175
 2021-04-08 15:44:33 -04:00
Hassene Laaribi
b8e47882aa Fix test to use non-expired token 
Closes gh-9506
 2021-03-17 17:38:08 +01:00
Josh Cummings
5e5ff27109
Configure Jackson for nanosecond precision 
Closes gh-9461
 2021-02-17 11:53:36 -07:00
Josh Cummings
a0a9718b8b
Use Instant with micro-second precision 
Closes gh-9449
 2021-02-17 11:31:23 -07:00
Benjamin Faal
98399c920a Make user info response status check error only 
Closes gh-9336
 2021-01-25 11:10:03 -05:00
Benjamin Faal
0f7360e8fa Make user info response status check error only 
Closes gh-9336
 2021-01-25 10:46:07 -05:00
Benjamin Faal
f6b678f137 Make user info response status check error only 
Closes gh-9336
 2021-01-25 10:23:49 -05:00
Benjamin Faal
d85a7cfc4a Make user info response status check error only 
Closes gh-9336
 2021-01-25 10:02:58 -05:00
tristanessquare
580b988e7f
Fix NullPointerException 
- Caused by a malformed WWW-Authenticate value

Closes gh-9364
 2021-01-21 16:22:29 -07:00
tristanessquare
56db058fd0
Fix NullPointerException 
- Caused by a malformed WWW-Authenticate value
 2021-01-21 16:18:23 -07:00
Joe Grandja
58e3235093 Deprecate ClientAuthenticationMethod BASIC and POST 
Closes gh-9220
 2020-11-25 15:13:28 -05:00
Joe Grandja
c069692ab9 Extract OAuth2Token from AbstractOAuth2Token 
Closes gh-5502
 2020-11-02 20:35:08 -05:00
Ovidiu Popa
6724e3e514 Provide a R2dbc implementation of ReactiveOuath2AuthorizedClientService 
Implement R2dbcReactiveOuath2AuthorizedClientService which persists the
Oauth2AuthorizedClient in a sql database

R2dbcReactiveOuath2AuthorizedClientService is using the spring-r2dbc
module to persist/load Oauth2AuthorizedClient to/from a sql database

Add optional depedency to the spring-r2dbc module
Add test compile dependencies to r2dbc-h2 and r2dbc-test

Closes gh-7890
 2020-10-29 15:44:12 -04:00
Craig Andrews
42a787d1f6 Add Postgres sql for JDBC implementation of OAuth2AuthorizedClientService 
Postgres doesn't have a BLOB type, but it does have an equivalent BYTEA
type.
This approach and naming convention follows the convention established
in Spring Session JDBC which has sql for each RDBMS with files names in
the pattern *-{dbname}.sql, for example:
schema-db2.sql
schema-derby.sql
schema-h2.sql
schema-mysql.sql
schema-postgresql.sql

See https://github.com/spring-projects/spring-session/tree/2.3.1.RELEASE/spring-session-jdbc/src/main/resources/org/springframework/session/jdbc

Issue gh-9070
 2020-10-22 09:56:20 -04:00
Craig Andrews
05dc326389 Use LobHandler in JdbcOAuth2AuthorizedClientService 
LobHandler provides an abstraction for handling large binary fields and large text
fields in specific databases, no matter if represented as simple types or
Large OBjects.

Its use provides compatibility with many databases eliminating the need
for custom OAuth2AuthorizedClientParametersMapper and
OAuth2AuthorizedClientRowMapper implementations.

Closes gh-9070
 2020-10-22 09:56:20 -04:00
Phillip Webb
c502312719 Replace expected @Test attributes with AssertJ 
Replace JUnit expected @Test attributes with AssertJ calls.
 2020-09-22 16:13:51 -06:00