Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-06-20 19:12:14 +00:00
Code Issues Packages Projects Releases Wiki Activity
17,626 Commits 50 Branches 348 Tags
Commit Graph

17626 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
github-actions[bot]
571644b59f Merge branch '6.4.x' 2025-02-17 03:30:33 +00:00
dependabot[bot]
06026684e5 Bump org.springframework.data:spring-data-bom from 2024.0.8 to 2024.0.9 
Bumps [org.springframework.data:spring-data-bom](https://github.com/spring-projects/spring-data-bom) from 2024.0.8 to 2024.0.9.
- [Release notes](https://github.com/spring-projects/spring-data-bom/releases)
- [Commits](https://github.com/spring-projects/spring-data-bom/compare/2024.0.8...2024.0.9)

---
updated-dependencies:
- dependency-name: org.springframework.data:spring-data-bom
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-02-16 19:29:53 -08:00
Josh Cummings
6fdfeb3413
Polish Debug Messages 
Issue gh-16484
 2025-02-14 16:05:42 -07:00
tejas-teju
291162a195 Add debug messages for auth exceptions in ProviderManager 
Issue gh-16484

Signed-off-by: tejas-teju <tejas8196@gmail.com>
 2025-02-14 16:01:22 -07:00
tejas-teju
c4b223266c Return Invalid Credentials message on login error 
Closes gh-16484

Signed-off-by: tejas-teju <tejas8196@gmail.com>
 2025-02-14 16:01:22 -07:00
Josh Cummings
e42865b926
Merge branch '6.4.x' 2025-02-14 13:08:17 -07:00
Josh Cummings
946812691e
Make AuthenticatorAttestation Serializable 
Issue gh-16481
 2025-02-14 13:07:56 -07:00
Max Batischev
b5a4218a0b Make WebAuthnAuthenticationRequestToken Serializable 
Closes gh-16481

Signed-off-by: Max Batischev <mblancer@mail.ru>
 2025-02-14 11:51:46 -07:00
plll0123
f9e04594a7 Refactor authorization manager variable naming 
- Renamed PERMIT_ALL_AUTHORIZATION_MANAGER to snake_case style
- Introduced AUTHORIZATION_DECISION for reuse

Signed-off-by: plll0123 <jsh951227@gmail.com>
 2025-02-14 10:02:55 -07:00
Tran Ngoc Nhan
92c2e21522 Use Spring Framework Url attribute 
Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
 2025-02-14 09:56:22 -07:00
Tran Ngoc Nhan
396b04f355 Update reference Spring Framwork links 
Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
 2025-02-14 09:56:22 -07:00
github-actions[bot]
a44a490f9e Merge branch '6.4.x' 2025-02-14 04:36:21 +00:00
dependabot[bot]
9e1a573531 Bump org.springframework:spring-framework-bom from 6.2.2 to 6.2.3 
Bumps [org.springframework:spring-framework-bom](https://github.com/spring-projects/spring-framework) from 6.2.2 to 6.2.3.
- [Release notes](https://github.com/spring-projects/spring-framework/releases)
- [Commits](https://github.com/spring-projects/spring-framework/compare/v6.2.2...v6.2.3)

---
updated-dependencies:
- dependency-name: org.springframework:spring-framework-bom
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-02-13 20:35:37 -08:00
github-actions[bot]
70d230dba8 Merge branch '6.4.x' 2025-02-14 04:28:55 +00:00
github-actions[bot]
309daf565d Merge branch '6.3.x' into 6.4.x 2025-02-14 04:28:55 +00:00
dependabot[bot]
c3d45ae529 Bump org.springframework:spring-framework-bom from 6.1.16 to 6.1.17 
Bumps [org.springframework:spring-framework-bom](https://github.com/spring-projects/spring-framework) from 6.1.16 to 6.1.17.
- [Release notes](https://github.com/spring-projects/spring-framework/releases)
- [Commits](https://github.com/spring-projects/spring-framework/compare/v6.1.16...v6.1.17)

---
updated-dependencies:
- dependency-name: org.springframework:spring-framework-bom
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-02-13 20:28:09 -08:00
github-actions[bot]
b75211110d Merge branch '6.4.x' 2025-02-14 04:22:14 +00:00
dependabot[bot]
4c06d98df1 Bump com.nimbusds:oauth2-oidc-sdk from 9.43.5 to 9.43.6 
Bumps [com.nimbusds:oauth2-oidc-sdk](https://bitbucket.org/connect2id/oauth-2.0-sdk-with-openid-connect-extensions) from 9.43.5 to 9.43.6.
- [Changelog](https://bitbucket.org/connect2id/oauth-2.0-sdk-with-openid-connect-extensions/src/master/CHANGELOG.txt)
- [Commits](https://bitbucket.org/connect2id/oauth-2.0-sdk-with-openid-connect-extensions/branches/compare/9.43.6..9.43.5)

---
updated-dependencies:
- dependency-name: com.nimbusds:oauth2-oidc-sdk
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-02-13 20:21:41 -08:00
dependabot[bot]
8e752fc70e Bump org.springframework.ldap:spring-ldap-core from 3.2.10 to 3.2.11 
Bumps [org.springframework.ldap:spring-ldap-core](https://github.com/spring-projects/spring-ldap) from 3.2.10 to 3.2.11.
- [Release notes](https://github.com/spring-projects/spring-ldap/releases)
- [Changelog](https://github.com/spring-projects/spring-ldap/blob/main/changelog.txt)
- [Commits](https://github.com/spring-projects/spring-ldap/compare/3.2.10...3.2.11)

---
updated-dependencies:
- dependency-name: org.springframework.ldap:spring-ldap-core
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-02-13 20:21:29 -08:00
github-actions[bot]
ce2a62a78d Merge branch '6.4.x' 2025-02-14 04:16:30 +00:00
github-actions[bot]
0ce72d0a90 Merge branch '6.3.x' into 6.4.x 2025-02-14 04:16:30 +00:00
dependabot[bot]
acf19c1f1f Bump org.springframework.ldap:spring-ldap-core from 3.2.10 to 3.2.11 
Bumps [org.springframework.ldap:spring-ldap-core](https://github.com/spring-projects/spring-ldap) from 3.2.10 to 3.2.11.
- [Release notes](https://github.com/spring-projects/spring-ldap/releases)
- [Changelog](https://github.com/spring-projects/spring-ldap/blob/main/changelog.txt)
- [Commits](https://github.com/spring-projects/spring-ldap/compare/3.2.10...3.2.11)

---
updated-dependencies:
- dependency-name: org.springframework.ldap:spring-ldap-core
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-02-13 20:16:07 -08:00
dependabot[bot]
b3c880cc24 Bump com.nimbusds:oauth2-oidc-sdk from 9.43.5 to 9.43.6 
Bumps [com.nimbusds:oauth2-oidc-sdk](https://bitbucket.org/connect2id/oauth-2.0-sdk-with-openid-connect-extensions) from 9.43.5 to 9.43.6.
- [Changelog](https://bitbucket.org/connect2id/oauth-2.0-sdk-with-openid-connect-extensions/src/master/CHANGELOG.txt)
- [Commits](https://bitbucket.org/connect2id/oauth-2.0-sdk-with-openid-connect-extensions/branches/compare/9.43.6..9.43.5)

---
updated-dependencies:
- dependency-name: com.nimbusds:oauth2-oidc-sdk
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-02-13 20:15:46 -08:00
dependabot[bot]
571c6bfffb Bump org.springframework:spring-framework-bom from 6.2.2 to 6.2.3 
Bumps [org.springframework:spring-framework-bom](https://github.com/spring-projects/spring-framework) from 6.2.2 to 6.2.3.
- [Release notes](https://github.com/spring-projects/spring-framework/releases)
- [Commits](https://github.com/spring-projects/spring-framework/compare/v6.2.2...v6.2.3)

---
updated-dependencies:
- dependency-name: org.springframework:spring-framework-bom
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-02-13 19:36:51 -08:00
dependabot[bot]
4632370a28 Bump com.nimbusds:oauth2-oidc-sdk from 9.43.5 to 9.43.6 
Bumps [com.nimbusds:oauth2-oidc-sdk](https://bitbucket.org/connect2id/oauth-2.0-sdk-with-openid-connect-extensions) from 9.43.5 to 9.43.6.
- [Changelog](https://bitbucket.org/connect2id/oauth-2.0-sdk-with-openid-connect-extensions/src/master/CHANGELOG.txt)
- [Commits](https://bitbucket.org/connect2id/oauth-2.0-sdk-with-openid-connect-extensions/branches/compare/9.43.6..9.43.5)

---
updated-dependencies:
- dependency-name: com.nimbusds:oauth2-oidc-sdk
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-02-13 19:23:23 -08:00
dependabot[bot]
78a2d74271 Bump org.springframework.ldap:spring-ldap-core from 3.2.10 to 3.2.11 
Bumps [org.springframework.ldap:spring-ldap-core](https://github.com/spring-projects/spring-ldap) from 3.2.10 to 3.2.11.
- [Release notes](https://github.com/spring-projects/spring-ldap/releases)
- [Changelog](https://github.com/spring-projects/spring-ldap/blob/main/changelog.txt)
- [Commits](https://github.com/spring-projects/spring-ldap/compare/3.2.10...3.2.11)

---
updated-dependencies:
- dependency-name: org.springframework.ldap:spring-ldap-core
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-02-13 19:22:33 -08:00
Josh Cummings
666d3a4af6
Merge branch '6.4.x' 2025-02-13 17:25:39 -07:00
Max Batischev
879b44f9a1 Make PublicKeyCredentialRequestOptions Serializable 
Closes gh-16432

Signed-off-by: Max Batischev <mblancer@mail.ru>
 2025-02-13 17:17:16 -07:00
Tran Ngoc Nhan
839269dbf5 Update Spring Security javadocs 
Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
 2025-02-13 16:19:56 -07:00
Tran Ngoc Nhan
51e9f073dd Fix format 
Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
 2025-02-13 16:18:28 -07:00
Tran Ngoc Nhan
3cf1686c0b Revert Nullable annotation 
Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
 2025-02-13 16:18:28 -07:00
Tran Ngoc Nhan
5d089f680e Consistently NonNull annotation 
Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
 2025-02-13 16:18:28 -07:00
Joe Grandja
31fb7feed5 Merge branch '6.4.x' 2025-02-12 06:18:42 -05:00
Joe Grandja
17ca1de7cb Merge branch '6.3.x' into 6.4.x 
Closes gh-16583
 2025-02-12 06:13:33 -05:00
Joe Grandja
33d96d574f Update to oauth2-oidc-sdk 9.43.5 
Closes gh-16582
 2025-02-12 05:47:03 -05:00
dependabot[bot]
61dcbc4d5b Bump serialize-javascript and mocha in /javascript 
Bumps [serialize-javascript](https://github.com/yahoo/serialize-javascript) to 6.0.2 and updates ancestor dependency [mocha](https://github.com/mochajs/mocha). These dependencies need to be updated together.


Updates `serialize-javascript` from 6.0.0 to 6.0.2
- [Release notes](https://github.com/yahoo/serialize-javascript/releases)
- [Commits](https://github.com/yahoo/serialize-javascript/compare/v6.0.0...v6.0.2)

Updates `mocha` from 10.2.0 to 10.8.2
- [Release notes](https://github.com/mochajs/mocha/releases)
- [Changelog](https://github.com/mochajs/mocha/blob/main/CHANGELOG.md)
- [Commits](https://github.com/mochajs/mocha/compare/v10.2.0...v10.8.2)

---
updated-dependencies:
- dependency-name: serialize-javascript
  dependency-type: indirect
- dependency-name: mocha
  dependency-type: direct:development
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-02-12 02:28:05 -08:00
dependabot[bot]
21b77b9cf7 Bump esbuild from 0.23.0 to 0.25.0 in /javascript 
Bumps [esbuild](https://github.com/evanw/esbuild) from 0.23.0 to 0.25.0.
- [Release notes](https://github.com/evanw/esbuild/releases)
- [Changelog](https://github.com/evanw/esbuild/blob/main/CHANGELOG-2024.md)
- [Commits](https://github.com/evanw/esbuild/compare/v0.23.0...v0.25.0)

---
updated-dependencies:
- dependency-name: esbuild
  dependency-type: direct:development
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-02-12 02:15:55 -08:00
dependabot[bot]
36dd74b124 Bump io.projectreactor:reactor-bom from 2023.0.14 to 2023.0.15 
Bumps [io.projectreactor:reactor-bom](https://github.com/reactor/reactor) from 2023.0.14 to 2023.0.15.
- [Release notes](https://github.com/reactor/reactor/releases)
- [Commits](https://github.com/reactor/reactor/compare/2023.0.14...2023.0.15)

---
updated-dependencies:
- dependency-name: io.projectreactor:reactor-bom
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-02-11 19:48:54 -08:00
github-actions[bot]
62c7ff3bf0 Merge branch '6.3.x' into 6.4.x 2025-02-12 03:27:54 +00:00
github-actions[bot]
58afbb494d Merge branch '6.4.x' 2025-02-12 03:27:54 +00:00
dependabot[bot]
b64d5af9c4 Bump io.projectreactor:reactor-bom from 2023.0.14 to 2023.0.15 
Bumps [io.projectreactor:reactor-bom](https://github.com/reactor/reactor) from 2023.0.14 to 2023.0.15.
- [Release notes](https://github.com/reactor/reactor/releases)
- [Commits](https://github.com/reactor/reactor/compare/2023.0.14...2023.0.15)

---
updated-dependencies:
- dependency-name: io.projectreactor:reactor-bom
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-02-11 19:27:11 -08:00
github-actions[bot]
8e969d0f47 Merge branch '6.4.x' 2025-02-12 03:26:48 +00:00
dependabot[bot]
5a30d984a0 Bump io.projectreactor:reactor-bom from 2023.0.14 to 2023.0.15 
Bumps [io.projectreactor:reactor-bom](https://github.com/reactor/reactor) from 2023.0.14 to 2023.0.15.
- [Release notes](https://github.com/reactor/reactor/releases)
- [Commits](https://github.com/reactor/reactor/compare/2023.0.14...2023.0.15)

---
updated-dependencies:
- dependency-name: io.projectreactor:reactor-bom
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-02-11 19:26:08 -08:00
Joe Grandja
2480d41981 Add support for OAuth 2.0 Demonstrating Proof of Possession (DPoP) 
Signed-off-by: Joe Grandja <10884212+jgrandja@users.noreply.github.com>
 2025-02-11 14:10:23 -05:00
dependabot[bot]
27cb1154f2 Bump io.micrometer:micrometer-observation from 1.14.3 to 1.14.4 
Bumps [io.micrometer:micrometer-observation](https://github.com/micrometer-metrics/micrometer) from 1.14.3 to 1.14.4.
- [Release notes](https://github.com/micrometer-metrics/micrometer/releases)
- [Commits](https://github.com/micrometer-metrics/micrometer/compare/v1.14.3...v1.14.4)

---
updated-dependencies:
- dependency-name: io.micrometer:micrometer-observation
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-02-10 20:04:39 -08:00
dependabot[bot]
28f842c46c Bump org.hibernate.orm:hibernate-core from 6.6.6.Final to 6.6.7.Final 
Bumps [org.hibernate.orm:hibernate-core](https://github.com/hibernate/hibernate-orm) from 6.6.6.Final to 6.6.7.Final.
- [Release notes](https://github.com/hibernate/hibernate-orm/releases)
- [Changelog](https://github.com/hibernate/hibernate-orm/blob/6.6.7/changelog.txt)
- [Commits](https://github.com/hibernate/hibernate-orm/compare/6.6.6...6.6.7)

---
updated-dependencies:
- dependency-name: org.hibernate.orm:hibernate-core
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-02-10 20:03:17 -08:00
github-actions[bot]
9c51507785 Merge branch '6.4.x' 2025-02-11 03:28:27 +00:00
dependabot[bot]
8ebd893d01 Bump org.hibernate.orm:hibernate-core from 6.6.6.Final to 6.6.7.Final 
Bumps [org.hibernate.orm:hibernate-core](https://github.com/hibernate/hibernate-orm) from 6.6.6.Final to 6.6.7.Final.
- [Release notes](https://github.com/hibernate/hibernate-orm/releases)
- [Changelog](https://github.com/hibernate/hibernate-orm/blob/6.6.7/changelog.txt)
- [Commits](https://github.com/hibernate/hibernate-orm/compare/6.6.6...6.6.7)

---
updated-dependencies:
- dependency-name: org.hibernate.orm:hibernate-core
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-02-10 19:28:16 -08:00
dependabot[bot]
3e496c0260 Bump io.micrometer:micrometer-observation from 1.14.3 to 1.14.4 
Bumps [io.micrometer:micrometer-observation](https://github.com/micrometer-metrics/micrometer) from 1.14.3 to 1.14.4.
- [Release notes](https://github.com/micrometer-metrics/micrometer/releases)
- [Commits](https://github.com/micrometer-metrics/micrometer/compare/v1.14.3...v1.14.4)

---
updated-dependencies:
- dependency-name: io.micrometer:micrometer-observation
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-02-10 19:27:42 -08:00
ying.li
6494ea9b18 fix for typo 2025-02-10 12:22:57 -06:00