Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2026-01-20 21:36:42 +00:00
Code Issues Packages Projects Releases Wiki Activity
17,928 Commits 51 Branches 370 Tags
Commit Graph

1341 Commits

Author SHA1 Message Date
Steve Riesenberg
9d442c13de
Mark password grant for removal 
This commit also updates link to the document "Best Current Practice for
OAuth 2.0 Security" to point to RFC 9700.

Closes gh-16913
 2025-04-09 11:15:09 -05:00
Steve Riesenberg
197ee38aa0
Mark deprecated response clients for removal 
Issue gh-16913
 2025-04-09 11:15:06 -05:00
Tran Ngoc Nhan
d864e51ff6 Format OpaqueTokenIntrospector 
Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
 2025-04-08 13:56:54 -05:00
Tran Ngoc Nhan
d899bc5240 Polish javadoc 
Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
 2025-04-08 13:56:54 -05:00
Steve Riesenberg
1fb3fc80f9
Polish gh-15819 
Closes gh-15818
 2025-04-07 10:57:49 -05:00
Jonah Klöckner
9674532f4d
Add support for access token in body parameter as per rfc 6750 Sec. 2.2 
Issue gh-15818
 2025-04-07 10:57:49 -05:00
Steve Riesenberg
03e090c2d7
Merge branch '6.4.x' 
Closes gh-16902
 2025-04-07 10:57:12 -05:00
Steve Riesenberg
db34de59bc
Merge branch '6.3.x' into 6.4.x 
Closes gh-16901
 2025-04-07 10:55:51 -05:00
Steve Riesenberg
3c0fef59b5
Polish gh-16039 
Closes gh-16038
 2025-04-07 10:54:09 -05:00
Jonah Klöckner
da94fbe431
Evaluate URI query parameter only if enabled 
Issue gh-16038
 2025-04-07 10:54:07 -05:00
Josh Cummings
2885b0f75f Add valueOf 
This commit adds a static factory for returning a constant
ClientAuthenticationMethod or creating a new one when there
is no match.

Issue gh-16825
 2025-04-02 11:16:30 -06:00
Tran Ngoc Nhan
7bca17cb5a Polish 
Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
 2025-03-26 17:02:06 -06:00
Josh Cummings
99345537d6
Add RequestMatcher Migration Path for AbstractAuthenticationProcessingFilter 
Issue gh-16417
 2025-03-26 16:38:39 -06:00
Steve Riesenberg
860f130bc4
Add additional validation when refreshing ID tokens 
Issue gh-16589
 2025-03-26 15:34:17 -05:00
Steve Riesenberg
5f98ce5ecc
Polish gh-16589 2025-03-26 15:34:17 -05:00
Josh Cummings
de07b1108f
Use PathPatternRequestMatcher in Web Components 
This commit changes filters and resolvers that were using AntPathRequestMatcher as their
default to using PathPatternRequestMatcher.

Issue gh-16632
 2025-03-26 13:28:58 -06:00
Josh Cummings
56e757a2a1 Provide Authentication to AuthenticationExceptions 
Issue gh-16444
 2025-03-21 21:54:32 -06:00
Steve Riesenberg
3ebcbd4375
Merge branch '6.4.x' 
Closes gh-16788
Closes gh-16789
Closes gh-16790
Closes gh-16791
Closes gh-16792
 2025-03-20 14:47:07 -05:00
Steve Riesenberg
96cfbd1e6c
Merge branch '6.3.x' into 6.4.x 
Closes gh-16782
Closes gh-16783
Closes gh-16784
Closes gh-16785
Closes gh-16786
 2025-03-20 14:46:18 -05:00
Tran Ngoc Nhan
a53ca7c3d0
Update ServerOAuth2AuthorizedClientExchangeFilterFunction javadoc 
Closes gh-16555

Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
 2025-03-20 14:38:09 -05:00
Josh Cummings
cfe70a5fc7 Restore authorizedClientParametersMapper Assertion 
Issue gh-16726
 2025-03-19 18:13:54 -06:00
Max Batischev
6c24a1e717 Improve JdbcOAuth2AuthorizedClientService saveAuthorizedClient 
Closes gh-16726

Signed-off-by: Max Batischev <mblancer@mail.ru>
 2025-03-19 18:13:54 -06:00
Steve Riesenberg
5bb5d0f6be Polish gh-16589 2025-03-18 18:07:56 -05:00
Hao
fc1469ad5e Ensure ID Token is updated after refresh token 
Signed-off-by: Hao <kyrieeeee2@gmail.com>
 2025-03-18 18:07:56 -05:00
Rob Winch
e6223dede3
Merge branch '6.4.x' 
- adb303e Add testRuntimeOnly junit-platform-launcher

Closes gh-16757
 2025-03-17 14:34:18 -05:00
Rob Winch
05116eabbd
Merge branch '6.3.x' into 6.4.x 
- adb303e Add testRuntimeOnly junit-platform-launcher

Closes gh-16756
 2025-03-17 14:18:49 -05:00
Rob Winch
adb303e152
Add testRuntimeOnly junit-platform-launcher 
Closes gh-16755
 2025-03-17 14:16:44 -05:00
Steve Riesenberg
0938ca01a4
Add support for automatic context-propagation with Micrometer 
Closes gh-16665
 2025-03-13 15:29:08 -05:00
Vedran Pavic
401e237082 Introduce JwtAudienceValidator 
Signed-off-by: Vedran Pavic <vedran@vedranpavic.com>
 2025-02-28 12:38:18 -07:00
Josh Cummings
7df85a2ed9 Polish NimbusJwtDecoder 2025-02-27 12:40:01 -07:00
Josh Cummings
ab43a660b9 Add RFC 9068 Support 
Closes gh-13185
 2025-02-27 12:40:01 -07:00
Josh Cummings
81e2fd2fe8 Add Type Validation 
Closes gh-16672
 2025-02-27 12:40:01 -07:00
Josh Cummings
eb5252c4f0
Merge branch '6.4.x' 2025-02-24 17:03:13 -07:00
Pat McCusker
2bd3cadde8 Use possessive pronoun rather contraction 
Signed-off-by: Pat McCusker <patmccusker14@gmail.com>
 2025-02-24 17:02:45 -07:00
Pat McCusker
bfce6e438d Add fourth oauth grant type to javadoc 
Signed-off-by: Pat McCusker <patmccusker14@gmail.com>
 2025-02-24 17:02:45 -07:00
Josh Cummings
b6c813c5a2 ClientRegistrations supports hostnames with underscores 
Issue gh-15852
 2025-02-20 16:54:24 -07:00
Josh Cummings
3d15be1b06 JwtDecoders Supports Hostnames with Underscores 
In the process of verifying gh-15852, another issue with URI was discovered.
This commit adds tests to the uri-computing methods and changes them to use
UriComponents instead of URI.

Issue gh-15852
 2025-02-20 16:54:24 -07:00
Bodo Graumann
0cd6a19b87 Avoid UriComponentsBuilder.fromUri 
Closes gh-15852
 2025-02-20 16:54:24 -07:00
Steve Riesenberg
7fc5d50adf Polish gh-16551 2025-02-19 13:53:30 -06:00
Max Batischev
00cd95be76 Add setRedirectStrategy to OidcClientInitiatedServerLogoutSuccessHandler 
Closes gh-16556

Signed-off-by: Max Batischev <mblancer@mail.ru>
 2025-02-19 13:53:30 -06:00
Josh Cummings
6793334575 Polish setJwkSelector 
Make so that it runs only when selection is needed.
Require the provided selector be non-null.
Add Tests.

Issue gh-16170
 2025-02-18 09:14:45 -07:00
douxiaofeng99
e22bc11cc9 Support JWK Selection Strategy 
Closes gh-16170

Signed-off-by: douxiaofeng99 <18600127780@163.com>
 2025-02-18 09:14:45 -07:00
Joe Grandja
2480d41981 Add support for OAuth 2.0 Demonstrating Proof of Possession (DPoP) 
Signed-off-by: Joe Grandja <10884212+jgrandja@users.noreply.github.com>
 2025-02-11 14:10:23 -05:00
Josh Cummings
11113adf62 Polish Nimbus JWK Source Implementation 
Issue gh-16251
 2025-02-05 09:28:07 -07:00
Daeho Kwon
7b7abb28bb Remove Deprecated Usages of RemoteJWKSet 
Closes gh-16251

Signed-off-by: Daeho Kwon <trewq231@naver.com>
 2025-02-05 09:28:07 -07:00
Josh Cummings
f9824fd688 Polish Tests 
Issue gh-16251
 2025-02-05 09:28:07 -07:00
Tran Ngoc Nhan
e5ea75f7f4 Implement Serial 
Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
 2025-01-21 18:14:52 -06:00
Rob Winch
004f38639d
Move ClientSettings to ClientRegistration 
Initially it was proposed to put ClientSettings as a top level class, but
to be consistent with ProviderDetails, this commit moves ClientSettings to
be an inner class of ClientRegistration

Issue gh-16382


# Conflicts:
#	oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/registration/ClientSettings.java
 2025-01-17 17:26:48 -06:00
Rob Winch
4c533569bb
Ensure missing ClientRegistration.clientSettings JSON node works 
Issue gh-16382
 2025-01-17 17:26:48 -06:00
Rob Winch
f9498d3885
PKCE cannot be true and AuthorizationGrantType != AUTHORIZATION_CODE 
PKCE is only valid for AuthorizationGrantType.AUTHORIZATION_CODE so the
code should validate this.

Issue gh-16382
 2025-01-17 17:26:47 -06:00