f2a2b469c4
Deprecate openID 2.0 support
...
This commit adds deprecation notice to xml schema, parser of the schema and removes fixme comments.
Fixes gh-7153
2020-05-09 12:04:13 +02:00
d91b153cad
Explicitly set useSuffixPatternMatch for Tests
...
Spring MVC changed their default behavior in
https://github.com/spring-projects/spring-framework/issues/23915 This
causes failures in some of Spring Security's tests.
This explicitly sets useSuffixPatternMatch=true to ensure that Spring
Security still works if users have modified their defaults.
Closes gh-8493
2020-05-08 16:43:56 -05:00
86ca6b013c
Unlock dependencies
...
This reverts commit 206960cf44
2020-05-06 17:27:35 -04:00
206960cf44
Lock dependencies for 5.4.0-M1
2020-05-06 17:13:04 -04:00
339d44b5a1
Deprecate openID 2.0 support
...
This commit puts deprecation notice on docs, sample applications and configurations (java and xml)
Fixes gh-7153
2020-05-02 10:18:31 +02:00
4a9fa0337a
Allow Configure RequestRjectedHandler in XML
...
Issue gh-5007
2020-05-01 10:51:11 -05:00
b826c798f7
Add RequestRejectedHandler
...
Closes gh-5007
2020-05-01 10:51:01 -05:00
8e8251ac5f
Add ROLE_INFRASTRUCTURE to infrastructure beans
...
Closes gh-8407
2020-04-27 08:59:24 -05:00
0f29bee1b0
Add authorize() DSL method that accepts HttpMethod
...
Fixes: gh-8307
2020-04-22 16:14:04 -04:00
16a7cbee4b
Use named arguments in Kotlin authorization rule
2020-04-22 16:14:04 -04:00
401393d756
Extract pattern type in request matcher DSL
2020-04-22 16:14:04 -04:00
5cd1ec7bb3
Add AuthoritiesMapper setter for reactive OAuth2Login
...
Allow the configuration of a custom GrantedAuthorityMapper for reactive OAuth2Login
- Add setter in OidcAuthorizationCodeReactiveAuthenticationManager
and OAuth2LoginReactiveAuthenticationManager
- Use an available GrantedAuthorityMapper bean to configure the default ReactiveAuthenticationManager
Fixes gh-8324
2020-04-17 16:55:05 -04:00
2cccf223df
Add Flag to enable searching of LDAP groups on subtrees
...
Closes gh-8939
2020-04-17 12:55:11 -05:00
146d9ba0bf
Add marker to make Kotlin DSL type safe.
...
Fixes gh-8366
2020-04-14 16:23:28 -04:00
a70d55552b
Resource Server Finds JwtAuthenticationConverter Beans
...
Fixes gh-8185
2020-04-13 22:47:20 -06:00
9a42a028e7
Logout defaults to use Global SecurityContextServerLogoutHandler
...
Closes gh-8375
2020-04-13 16:36:12 -05:00
711954e016
Deprecate Saml2AuthenticationRequestFilter Constructor
...
Removing the default usage of OpenSamlAuthenticationRequestFactory.
Otherwise, the Open SAML dependency is required, even when
Saml2AuthenticationRequestFactory is implemented without it.
Fixes gh-8359
2020-04-08 16:27:46 -06:00
39e09e4ca5
Idiomatic Kotlin DSL for server HTTP security
...
Issue: gh-5558
2020-04-07 11:04:59 -04:00
6017510fdd
Compile Kotlin tasks using JVM 1.8
2020-04-07 11:04:59 -04:00
6d45ec5d6b
Fix typo in Javadoc of ServerHttpSecurity#hasAuthority
2020-04-06 14:19:42 -05:00
dc6b8ce470
Add addFilterAfter and addFilterBefore to Kotlin DSL
...
Fixes gh-8316
2020-04-03 12:04:03 -04:00
1de0cf5057
Fix HttpSecurity Javadoc
...
Fixes gh-4404
2020-04-02 11:32:38 -04:00
91728ef53b
Fix HttpServlet3RequestFactory Logout Handlers
...
Previously there was a problem with Servlet API logout integration
when Servlet API was configured before log out.
This ensures that logout handlers is a reference to the logout handlers
vs copying the logout handlers. This ensures that the ordering does not
matter.
Closes gh-4760
2020-03-30 17:50:28 -05:00
b055f8bb25
SpringTestContext returns ConfigurableWebApplicationContext
...
Closes gh-8233
2020-03-30 17:46:25 -05:00
e27e548215
oauth2Login WebFlux does not auto-redirect for XHR request
...
Fixes gh-8118
2020-03-26 04:36:23 -04:00
97085ef310
Fix rsocket test
...
Request route that exists; add additional error message verification
Fixes gh-8154
2020-03-19 17:27:14 -04:00
2d8c65db56
Support port=0 for LDAP Servers
...
Fixes gh-8138
2020-03-18 09:45:10 -06:00
4d99ee2896
Allow port=0 in XSD
...
Issue gh-8138
2020-03-18 09:45:10 -06:00
f438bdfbcf
Add spring-security-5.4.xsd
...
Issue gh-8138
2020-03-18 09:45:10 -06:00
ad9bb7f230
Fix typo in Javadoc of HttpSecurity#csrf()
...
`HttpSecurity#csrf()` obviously returns a `CsrfConfigurer`, while the Javadoc states that it returns the `ServletApiConfigurer`.
2020-03-17 12:42:11 -06:00
40b15f5a46
Rename to SessionFixationDslTests
2020-03-17 12:05:25 -04:00
bfd36d9a54
Remove Redundant ConcurrentSessionFilter Refs
...
Fixes gh-8105
2020-03-13 16:27:30 -06:00
d81321bc29
Fix typo 'properites' in documentation
...
Fixes gh-8095
2020-03-11 10:54:14 -06:00
6eadf7b140
Unlock dependencies for 5.3.0.RELEASE
...
This reverts commit 147d7dadd7
2020-03-04 12:02:48 -07:00
147d7dadd7
Lock dependencies for 5.3.0.RELEASE
2020-03-04 10:28:39 -07:00
c729fee7bc
Malformed Bearer Token Returns 401 for WebFlux
...
Fixes gh-7668
2020-03-03 15:42:02 -07:00
c111099640
Polish client-registration xsd attributes
...
Issue gh-4557
2020-03-02 15:02:46 -05:00
e97396b9c7
Add Resource Server XML Support
...
Fixes gh-5185
2020-03-02 11:51:40 -07:00
f1a2d69968
Add AuthenticationProvider List Configurability
...
Issue gh-5185
2020-03-02 11:51:40 -07:00
34b40deb38
Add By-RequestMatcher Exception Handling
...
Issue gh-5185
2020-03-02 11:51:40 -07:00
98a2ca3bbc
Add Csrf Ignore Configurability
...
Issue gh-5185
2020-03-02 11:51:40 -07:00
19584884b3
Register Authentication Provider in Init Phase
...
Fixes gh-8031
2020-02-28 15:32:27 -07:00
3257349045
Support POST binding for AuthNRequest
...
Has been tested with
- Keycloak
- SSOCircle
- Okta
- SimpleSAMLPhp
This PR extends (builds on previous commits and adds user configuration
options)
https://github.com/spring-projects/spring-security/pull/7758
2020-02-28 09:15:26 -08:00
727fee1e12
Polish HeaderWriterSpec
...
Assert.notNull(Object,Supplier) is for when then message passed in
requires concatenation and avoids doing extra work. Since this does
not require concatenation, we can use Assert.notNull(Object,String)
Issue gh-7636
2020-02-27 07:57:51 -06:00
480c5bc87e
Custom ServerHttpHeadersWriter to HeaderSpec
...
Add the ability to have a custom ServerHttpHeadersWriter to HeaderSpec
Fixes gh-7636
2020-02-27 07:55:30 -06:00
2fb3d3d5a2
Add hasRole to authorizeRequests in Kotlin DSL
...
Fixes: gh-8023
2020-02-25 08:29:26 -05:00
4cd89b584f
Polish gh-5184
2020-02-20 21:25:17 -05:00
8a4ff4452b
Add XML namespace support for oauth2-client
...
Fixes gh-5184
2020-02-20 20:05:48 -05:00
171e0d048f
Fix typo in WebSecurityConfigurer Javadoc
...
Fixes: gh-7876
2020-02-14 11:00:45 +01:00
ff8002eb2e
Polish gh-4557
2020-02-12 15:47:57 -05:00
71a5c9521c
Add XML namespace support for oauth2-login
...
Fixes gh-4557
2020-02-12 15:26:17 -05:00
40c0a452d7
Define oauth2-login xsd elements
...
Issue gh-4557
2020-02-12 15:26:17 -05:00
fde3ccb8b3
Add marker to make Kotlin DSL type safe
...
Fixes: gh-7971
2020-02-12 11:35:45 +01:00
1d6fdd249b
Add missing Javadoc to Kotlin class
2020-02-11 18:09:30 +01:00
f37a4557e6
Fix typo in Kotlin Javadoc
2020-02-11 18:09:30 +01:00
5bdf57d1e5
Remove Groovy and Spock Dependencies
...
Fixes gh-4939
2020-02-10 10:38:40 -07:00
a5210aaf9b
Support custom filter in Kotlin DSL
...
Fixes: gh-7951
2020-02-10 12:03:32 +01:00
851be025e9
Don't force downcasting of RequestAttributes to ServletRequestAttributes
...
Fixes gh-7952
2020-02-07 20:44:19 -05:00
8c0b754a49
Fix credentials precedence over introspector in Kotlin
...
Fixes: gh-7878
2020-02-06 11:01:42 +01:00
1fed688f05
Fix JWK Set URI precedence over decoder in Kotlin
...
Fixes: gh-7877
2020-02-06 10:48:42 +01:00
84b8a5abd7
Unlock dependencies for next development version
...
This reverts commit 064616f1ef
2020-02-05 15:53:04 +01:00
064616f1ef
Lock dependencies for 5.3.0.RC1
2020-02-05 10:20:05 +01:00
1d7208f8ef
Add RSocket Authentication Extension Support
...
Fixes gh-7935
2020-02-04 23:36:47 -06:00
209c81d65d
Add BadOpaqueTokenException
...
Updated NimbusOpaqueTokenIntrospector and
NimbusReactiveOpaqueTokenIntrospector to throw.
Updated OpaqueTokenAuthenticationProvider and
OpaqueTokenReactiveAuthenticationManager to catch.
Fixes gh-7902
2020-02-04 17:33:08 -07:00
0c3754c811
Add BadJwtException
...
Updated NimbusJwtDecoder and NimbusReactiveJwtDecoder to throw.
Updated JwtAuthenticationProvider and JwtReactiveAuthenticationManager
to catch.
Fixes gh-7885
2020-02-04 17:33:08 -07:00
3e07b35611
Polish Bearer Token Error Handling
...
Issue gh-7822
Issue gh-7823
2020-02-03 17:54:39 -07:00
ee6df1701b
Polish SessionManagementConfigurer
2020-01-31 11:24:36 -07:00
cb9fd09150
Change AuthenticationWebFilter's constructor
...
Fixes gh-7872
2020-01-31 09:31:28 -07:00
a512789a93
Fix requiresAuthenticationMatcher not being used
...
The custom server requiresAuthenticationMatcher was not always picked up
Fixes: gh-7863
2020-01-27 16:12:27 +01:00
29377545d9
Fix authenticationFailureHandler not being used
...
The custom server authenticationFailureHandler was not always picked up
Fixes: gh-7782
2020-01-27 13:10:03 +01:00
bdc60a9128
Don't cache requests with `Accept: text/event-stream` by default.
...
The eventstream requests is typically not directly invoked by the browser.
And even more unfortunately the Browser-Api doesn't allow the set additional headers as `XMLHttpRequest`..
2020-01-17 10:42:16 -08:00
f1f158b37e
AuthenticationEventPublisher DSL Lookup
...
Fixes gh-4400
2020-01-14 12:07:46 -07:00
5579846263
AuthenticationEventPublisher Bean Lookup
...
Issue gh-7793
Fixes gh-7515
2020-01-14 12:07:46 -07:00
fc9b97c94a
Typo in doc
2020-01-14 08:32:26 -07:00
f0856c83a9
Migrate LDAP integration tests groovy->java
...
This commit also removes BaseSpringSpec
Issue: gh-4939
2020-01-13 14:18:25 +01:00
a35ce77451
Add missing PowerMockIgnore annotation
...
WebSecurityConfigurerAdapterPowermockTests needs to exclude
javax.xml.transform.* from Powermock configuration.
2020-01-09 15:48:08 -07:00
ba21c156dd
Polish WebSecurityConfigurerAdapter tests
...
Moved Powermock-dependent test over to
WebSecurityConfigurerAdapterPowermockTests.
2020-01-09 13:51:19 -07:00
fcc6457bef
Unlock dependencies for next development version
...
This reverts commit 93acf8f0f1
2020-01-08 22:15:17 +01:00
93acf8f0f1
Lock dependencies for 5.3.0.M1
2020-01-08 19:41:10 +01:00
de87675f6d
Add JwtIssuerAuthenticationManagerResolver
...
Fixes gh-7724
2020-01-07 23:30:42 -07:00
2df1099da5
Idiomatic Kotlin DSL for configuring HTTP security
...
Issue: gh-5558
2020-01-07 12:08:43 -05:00
65981444f1
Use Version Ranges
...
Fixes gh-7788
2020-01-06 14:46:48 -06:00
06d7443946
Use Gradle platform and constraints
...
This was largely generated from the following script
wget bd9f8eb541/src/main/groovy/io/spring/gradle/convention/DependencySetPlugin.groovy
2020-01-06 14:46:36 -06:00
924b9e95a1
Polish MethodSecurityEvaluationContext
...
Issue: gh-6224
2020-01-03 20:08:52 -05:00
8b8267e1fe
Fix typo in LDAP Javadoc
2020-01-02 10:58:44 -05:00
b4619f31ee
Fix return type
...
AbstractConfiguredSecurityBuilder.objectPostProcessor() should cast to
B, the type of SecurityBuilder, instead of O, the type of object being
built.
Without this change, calls like
http.objectPostProcessor(...).getFilters() will fail with a
ClassCastException.
2019-12-30 12:01:56 -07:00
2c7f2c2117
Fix Javadoc error in oauth2ResourceServer
...
Fixes: gh-7670
2019-12-27 14:24:46 +01:00
af415948b1
Allow configuration of AuthenticationManagerResolver in saml2Login()
...
Fixes gh-7654
https://github.com/spring-projects/spring-security/issues/7654
2019-12-17 13:34:27 -08:00
9aa333ca4d
Use the custom ServerRequestCache that the user configures
...
on for the default authentication entry point and authentication
success handler
Fixes gh-7721
https://github.com/spring-projects/spring-security/issues/7721
Set RequestCache on the Oauth2LoginSpec default authentication success handler
import static ReflectionTestUtils.getField
Feedback incorporated per
https://github.com/spring-projects/spring-security/pull/7734#pullrequestreview-332150359
2019-12-17 13:33:56 -08:00
02f161aba7
Use OidcIdToken.Builder
...
Issue gh-7592
2019-12-12 07:37:15 -07:00
c40a17b4d1
WebFlux oauth2Login() redirects on failed authentication
...
Fixes gh-5562 gh-6484
2019-12-05 16:50:43 -05:00
d8d59e97ac
Correctly configure authorization requests repository for OAuth2 login
...
To use custom ServerAuthorizationRequestRepository both OAuth2AuthorizationRequestRedirectWebFilter and
OAuth2LoginAuthenticationWebFilter should use the same repo provided in the configuration. Currently the former filter is
correctly configured, but the latter always uses default, WebSession based repository. So authorization code created
before redirect to authorization endpoint will never be found to complete OAuth2 login when custom
ServerAuthorizationRequestRepository is used.
This change also makes OAuth2Client and OAuth2Login authentication converters consistent.
Fixes gh-7675
2019-11-29 12:05:15 -05:00
b7cb93f671
Fix WebFlux logout disabling
...
Fixes: gh-7682
2019-11-28 14:40:25 +01:00
c38e57fa42
Fix class and variable names
2019-11-28 09:23:38 +01:00
8ebc7ca0ea
Fix InitializeAuthenticationProviderBeanManagerConfigurer Javadoc
2019-11-28 09:23:38 +01:00
8a95e5798d
Update @MessageMapping to match input/output cardinality
2019-11-22 15:07:38 -06:00
cd0bec48de
Fix typo in log message.
2019-11-21 15:55:27 -07:00
0d35194b47
Add sessionFixation Javadoc
2019-11-15 12:17:05 +01:00
ca8877c8c5
Updates javadoc for InitializeUserDetailsBeanManagerConfigurer
2019-11-13 10:34:10 +01:00
1188a3bb5f
Polish RememberMeConfigurer
...
Issue: gh-4140
2019-11-07 15:26:59 +01:00
b13f750646
Retrieve remember-me key from service as fallback
...
Fixes: gh-4140
2019-11-07 13:55:39 +01:00
9f6a36444a
Add missing schemas
2019-11-06 08:24:20 -06:00
925bf48ec0
Polish OAuth2ResourceServerConfigurerTests
...
To confirm that resource server only produces SCOPE_<scope>
authorities by default.
Issue gh-7596
2019-11-04 11:39:54 -07:00
0cafcf37e2
Make the loginProcessingUrl configurable for saml2Login()
...
Fixes gh-7565
https://github.com/spring-projects/spring-security/issues/7565
2019-10-31 08:20:12 -07:00
5f17032ffd
Restore Removed Throws Clauses
...
In a recent clean-up, certain exceptions were removed from various
throws clauses.
This PR re-introduces throws clauses that are important for one of the
following reasons:
1. It's a method on a public interface
2. It's a method clearly designed for inheritance, for example, a
method stub, an abstract method, or indicated as such in the docs.
Fixes gh-7541
2019-10-30 12:13:54 -06:00
635f7e1edd
CsrfWebFilter supports multipart/form-data
...
Fixes gh-7576
2019-10-28 14:06:10 -05:00
0ac5f5456f
Fix typo 'is' -> 'if' in javadoc
2019-10-25 13:27:11 -06:00
de7cbc82b5
Clarify in Javadoc that expressionHandler should not be null
...
Fixes: gh-2665
2019-10-23 15:10:39 -04:00
3051a79188
Merge Add hasAnyAuthority method in AuthorizePayloadsSpec.Access
2019-09-30 14:33:41 -05:00
a911f3d52f
Merge Add hasAnyRole method in AuthorizePayloadsSpec.Access
2019-09-30 14:14:59 -05:00
3854afad61
Merge Add denyAll method in AuthorizePayloadsSpec.Access
2019-09-30 14:05:42 -05:00
758af54796
ObjectPostProcessor Tests groovy->java
...
Issue gh-4939
2019-09-27 16:36:33 -06:00
a08be5bf6f
UrlAuthorizationsTests groovy->java
...
Issue gh-4939
2019-09-27 16:23:33 -06:00
870d83eb3e
PermitAllSupportTests groovy->java
...
Issue gh-4939
2019-09-27 16:23:33 -06:00
350bce761f
Add hasAuthority method to RSocketSecurity
...
Fixes gh-7435
2019-09-27 16:48:25 -05:00
5f905232cb
Polish CurrentSecurityContextArgumentResolvers
...
Fixes gh-7487
2019-09-27 13:19:08 -06:00
5ef6e7ed6f
Add author for SecurityReactorContextConfiguration
...
Issue gh-7422
2019-09-27 15:17:20 -04:00
0fea57d6a1
Optimize SecurityReactorContextConfiguration
...
Issue gh-7422
2019-09-27 14:46:39 -04:00
33ba292fed
Resource Server w/ SecurityReactorContextSubscriber
...
Fixes gh-7423
2019-09-27 11:01:04 -06:00
5a67971375
WebFluxSecurityConfiguration configures oauth2Client() by default
...
Fixes gh-7470
2019-09-27 10:04:19 -04:00
08d2c93713
Polish gh-7466
2019-09-26 22:11:53 -04:00
9bae0a4dbd
Allow to customize OAuth2AuthorizationRequestRedirectWebFilter in OAuth2LoginSpec
...
Fixes gh-7466
2019-09-26 17:19:32 -04:00
2a5bd6e719
Align Servlet ExchangeFilterFunction CoreSubscriber
...
Fixes gh-7422
2019-09-26 16:17:17 -04:00
d3b7a47ef8
Polish gh-4442
2019-09-25 21:37:31 -04:00
da9f027fa4
Add nonce to OIDC Authentication Request
...
Fixes gh-4442
2019-09-25 14:57:54 -04:00
ceab56f764
Fix AuthorizationPayloadInterceptor order using PayloadInterceptorOrder.AUTHORIZATION
...
Fixes gh-7434
2019-09-24 15:39:25 -05:00
9f18c2e21a
OAuth2AuthorizationCodeGrantWebFilter matches on registered redirect-uri
...
Fixes gh-7036
2019-09-24 11:07:36 -04:00
98e75eb51a
Fix Javadoc for anonymous
2019-09-23 11:06:28 -04:00
00f8991fac
Merge Remove Redudant Throws
...
Fixes gh-7301
2019-09-19 11:04:53 -05:00
3a66191756
Add hasAnyAuthority method in AuthorizePayloadsSpec.Access
...
See Fixes gh-7437
Co-authored-by: Eddú Meléndez <eddu.melendez@gmail.com>
2019-09-18 21:17:09 -05:00
034b5e9e93
Introduce LogoutSuccessEvent
...
LogoutSuccessEvent is a simple AbstractAuthenticationEvent implementation which indicates successful logout.
By default, LogoutConfigurer will add a new LogoutHandler called LogoutSuccessEventPublishingLogoutHandler to publish this event.
This PR will also fix ConcurrentSessionFilter's composite logoutHandler, now will get LogoutHandler instances from LogoutConfigurer for consistency.
Fixes gh-2900
2019-09-18 10:57:16 -05:00
9926ad68b8
add hasAnyRole method in AuthorizePayloadsSpec.Access
2019-09-18 07:59:20 -05:00
daf6b53e3a
Add denyAll method in AuthorizePayloadsSpec.Access
...
See gh-7437
Co-authored-by: Eddú Meléndez <eddu.melendez@gmail.com>
2019-09-17 20:17:10 -05:00
05caf3d8fb
Use Jwt.Builder
...
Fixes gh-7443
2019-09-16 14:00:25 -06:00
1176d0cfdb
Polish DefaultFilters,Issue55Tests
...
Formatted HttpSecurity and WebSecurity configuration stacks
Removed unnecessary code
Issue gh-4939
2019-09-16 13:56:17 -06:00
950e6422a1
Migrate DefaultFilters,Issue55Tests groovy->java
...
Issue gh-4939
2019-09-16 13:37:22 -06:00
101e0a21a8
Bearer WebClient Filter Authentication Propagation
...
Fixes: gh-7418
2019-09-11 16:27:21 +01:00
96d44cd4b7
Add Default RSocketSecurity
...
Fixes gh-7361
2019-09-09 16:10:55 -05:00
5d0815bc76
Allow RSocketMessageHandlerITests to timeout
...
Fixes gh-7415
2019-09-09 16:10:50 -05:00
6296e6e896
RSocketSecurity delegates to correct matcher
...
Fixes gh-7414
2019-09-09 16:09:23 -05:00
1b699a49fb
Polish RSocket packaging
...
Fixes gh-7413
2019-09-09 16:07:14 -05:00
aa533c2565
Add missing javadoc to session fixation
2019-09-06 16:33:51 -04:00
316380e622
Allow Custom PayloadInterceptor to be Added
...
Fixes gh-7362
2019-09-06 14:52:47 -05:00
a60446836b
OAuth2AuthorizeRequest supports attributes
...
Fixes gh-7341
2019-09-05 21:04:25 -04:00
08d50868c9
Merge pull request #7260 from fhanik/feature/saml2-sp-mvp
...
Add SAML Service Provider Support
2019-09-05 17:04:14 -07:00
e9a44bc0ce
HttpSecurity.saml2login() - MVP Core Code
...
Implements minimal SAML 2.0 login/authentication functionality with the
following feature set:
- Supports IDP initiated login at the default url of /login/saml2/sso/{registrationId}
- Supports SP initiated login at the default url of /saml2/authenticate/{registrationId}
- Supports basic java-configuration via DSL
- Provides an integration sample using Spring Boot
Not implemented with this MVP
- Single Logout
- Dynamic Service Provider Metadata
Fixes gh-6019
2019-09-05 14:40:08 -07:00
9639962e27
Fix RSocket Package Tangle
...
Issue gh-7360
2019-09-05 16:27:57 -05:00
7ad641d106
RSocket Tests use Available Port
...
Issue gh-7360
2019-09-05 09:16:07 -05:00
26a65249f9
Remove invalid characters
2019-09-05 04:32:34 -06:00
5a4eded696
Add RSocket Support
...
Fixes gh-7360
2019-09-04 19:24:01 -05:00
dcd997ea43
Add support for Resource Owner Password Credentials grant
...
Fixes gh-6003
2019-09-04 14:07:45 -04:00
de672e3ae9
Polish oauth2ResourceServer() Error Messaging
...
Fixes: gh-6876
2019-09-04 11:49:22 -06:00
1fc5b27fa2
Update LogoutConfigurerClearSiteData Tests
...
Issue gh-7347
2019-09-04 03:30:37 -06:00
068f4f0147
Polish Opaque Token
...
Use OAuth2AuthenticatedPrincipal
Use BearerTokenAuthentication
Update names to reflect more generic approach.
Fixes gh-7344
Fixes gh-7345
2019-09-03 15:58:05 -06:00
8773c7994f
Allow to set default securityContextRepository for each authentication mechanisms
...
Fixes gh-7249
2019-09-03 07:46:59 -06:00
f6c650db47
Replace Streams with Loops
...
First version of replacing streams
fix wwwAuthenticate and codestyle
fix errors in implementation to pass tests
Fix review notes
Remove uneccessary final to align with cb
Short circuit way to authorize
Simplify error message, make code readably
Return error while duplicate key found
Delete check for duplicate, checkstyle issues
Return duplicate error
Fixes gh-7154
2019-09-02 15:30:48 -06:00
d6d0d89ff8
NamespaceRememberMeTests groovy->java
...
Issue gh-4939
2019-09-02 13:08:21 -06:00
bf5b693549
NamespaceHttpOpenIDLoginTests groovy->java
...
Issue gh-4939
2019-08-30 15:54:43 -06:00
95511331fa
fix checkstyle
2019-08-26 22:42:26 +02:00
2c2e8e5f24
Remove internal Optional usage in favor of null checks
...
Issue gh-7155
2019-08-26 09:27:40 -04:00
34dd5fea30
Remove redundant throws clauses
...
Removes exceptions that are declared in a method's signature but never thrown by the method itself or its implementations/derivatives.
2019-08-23 01:03:54 +02:00
46756d2e6b
Introduce Reactive OAuth2AuthorizedClient Manager/Provider
...
Fixes gh-7116
2019-08-21 14:12:38 -04:00
9876b66f99
Polish GlobalMethodSecurityConfiguration
...
Initialize ExpressionBasedPreInvocationAdvice for
PreInvocationAuthorizationAdviceVoter only when needed.
2019-08-17 16:35:30 -06:00
71444ff5dc
RequestCache ignores multipart requests
...
Fixes gh-7060
2019-08-15 09:21:41 -05:00
08ea2348d6
Polish RequestCache ignores multipart requests
2019-08-15 09:20:45 -05:00
1ab05dae02
added test
2019-08-14 21:35:34 +02:00
abc90280e0
Add unbounid support in xml
...
Add unbounid support in xml
Fixes gh-6011
2019-08-14 10:05:49 -05:00
cb4f3d2f44
Use UTF-8 for Java sources and XML
2019-08-14 08:47:00 -05:00
2e63def05b
Add tests
2019-08-14 00:56:26 -05:00
93142f3e30
Remove unboundid dependency
2019-08-13 20:39:25 -05:00
c03fb701ce
Improve logic to pick embedded server
2019-08-13 20:36:46 -05:00
3511c0ea4f
Update xsd
2019-08-13 20:17:51 -05:00
4ed197e515
Rename OAuth2TokenIntrospectionClient
...
Renamed to OpaqueTokenIntrospector
Fixes gh-7245
2019-08-12 18:05:28 -04:00
c1db1aad91
Cleanup Code Style Issues
...
Cleanup Code Style Issues
2019-08-12 13:06:49 -05:00
9b2af944fa
Add unbounid support in xml
...
Currently, spring-security provides apacheds integration by default. This
commit introduces a new `mode` in the `ldap-server` tag which allows to choose
beetween `apacheds` and `unboundid`. In order to keep backward compatibility
if `mode` is not set and apacheds jars are in the classpath apacheds is used
as a embedded ldap.
Fixes gh-6011
Currently, unboundid was added as a support for embbeded LDAP and it
is used on the Java Config. This commit introduces support from XML side.
Also, give the chance to users to move from apacheds to unboundid using
a new attribute `mode`.
Fixes gh-6011
2019-08-10 19:07:45 -05:00
0410bac559
Add support for oauth2Login().securityContextRepository(...)
...
Fixes gh-7222
2019-08-10 15:56:20 -04:00
ff1070df36
remove redundant modifiers found by checkstyle
2019-08-10 00:18:56 +02:00
bbefc491b2
unused imports
2019-08-09 16:59:07 -05:00
38de737663
Java 8: Statement lambda can be replaced with expression lambda
2019-08-09 16:59:07 -05:00
3a5d8ba696
Java 8: Collections.sort() can be replaced with List.sort()
2019-08-09 16:59:07 -05:00
91c846756e
Java 5: Unnecessary Boxing
2019-08-09 16:59:07 -05:00
578d628774
'Collection.toArray()' call style
2019-08-09 16:57:31 -05:00
40bee457f9
Unnecessary enum modifier
2019-08-09 00:42:07 +02:00
eddcd1622f
Type parameter extends Object
...
Reports any type parameters and wildcard type arguments explicitly declared to extend java.lang.Object.
2019-08-09 00:40:13 +02:00
fb39d9c255
Anonymous type can be replaced with lambda
2019-08-08 17:09:09 -04:00
05f42a4995
Remove unused imports
2019-08-08 14:22:31 -04:00
65f6025cef
Polish OAuth2LoginConfigurer
...
Improve way of accessing ApplicationContext to ensure backward
compatibility.
Issue gh-7232
2019-08-07 13:25:38 -06:00
a00ad37168
OAuth2LoginConfigurer UserService Beans
...
Fixes gh-7232
2019-08-07 10:58:23 -06:00
f5cd0ec302
Use try-with-resources instead of try-finally
2019-08-06 15:33:04 -05:00
2056834432
Cleanup unnecessary unboxing
...
Unboxing is unnecessary under Java 5 and newer, and can be safely removed.
2019-08-06 10:17:38 -04:00
2306d987e9
Cleanup unnecessary boxing
2019-08-06 10:17:38 -04:00
2c836a171a
Add authenticationFailureHandler method in OAuth2LoginSpec
...
Allow to customize the failure handler.
Fixes gh-7051
2019-08-05 14:09:11 -05:00
776a4c3760
Use org.mockito.ArgumentMatchers in favor of org.mockito.Matchers
2019-08-03 12:28:37 -04:00
50adb6abcb
Fix javadoc
2019-07-31 15:36:30 -04:00
e88c5c0eee
Fix CSRF session authentication strategy since version
2019-07-31 07:45:51 -05:00
0591403dea
ignore Multipart requests in HttpSessionRequestCache.requestMatcher
2019-07-31 12:17:55 +02:00
0b4502b2c5
Remove exceptions from lambda security configuration
...
Fixes: gh-7128
2019-07-30 08:31:37 -05:00
c05b0765c1
Introduce OAuth2AuthorizedClient Manager/Provider
...
Fixes gh-6845
2019-07-25 11:12:54 -04:00
7e845409f1
Fix Javadoc for headers configurer methods
...
Fixes: gh-7123
2019-07-24 09:11:44 -04:00
a288ce4b00
Support nested builder in DSL for reactive apps
...
Fixes: gh-7107
2019-07-23 15:57:10 -05:00
Dávid Kovács
Rob Winch
Joe Grandja
Leonard Brünings
Adam Millerchip
Antonin Arquey
Roberto Paolillo
Loïc Labagnara
Evgeniy Cheban
Josh Cummings
Eleftheria Stein
hotire
Markus Engelbrecht
Erik van Paassen
Filip Hanik
Ankur Pathak
Ruby Hartono
Stephane Maldini
James
Johannes Edmeier
Vincent Ricard
BELHAKEL Ammar
Alexey Nesterov
Ruslan Stelmachenko
Pim Moerenhout
Paul Pazderski
Adrian Pena
邓超
Yanming Zhou
Vitalii Mahas
Luis Felipe Vega Calle
Roman Chigvintsev
Mark Heckler
Jesús Ascama
Ebert Toribio
Onur Kagan Ozcan
Manuel Tejeda
kostya05983
Eddú Meléndez
Lars Grefer
watsta
John Lin
Ahmed Sayed
Francesco Chicchiriccò
Sam Simmons