Commit Graph

97 Commits

Author SHA1 Message Date
Rob Winch f73f213f50 Remove DependencySetPlugin
Closes gh-10070
2021-07-12 15:31:38 -05:00
Rob Winch 14240b2559 Remove Powermock
Powermock does not support JUnit5 yet, so we need to remove it
to support JUnit 5. Additionally, maintaining additional libraries
adds extra work for the team.

Mockito now supports final classes and static method mocking. This
commit replaces Powermock with mockito-inline.

Closes gh-6025
2021-07-08 12:35:32 -05:00
Eleftheria Stein 1728b06b30 Ensure Kotlin 1.3 compatibility
Closes gh-9765
2021-05-19 10:04:08 +02:00
Evgeniy Cheban 84e2e80915 Consider AuthorizationManager for Method Security
Closes gh-9289
2021-05-18 17:34:04 -06:00
Rob Winch 4d251157b2 opensaml4MainCompile 2021-05-17 23:21:17 -05:00
Rob Winch eda38b8f88 opensaml fixes 2021-05-17 15:51:55 -05:00
Rob Winch e5a652e749 Update to Kotlin 1.5.0
Closes gh-9763
2021-05-17 10:30:26 -05:00
Eleftheria Stein de0cd11a72 Fix PreAuthorize when returning Kotlin Flow
Closes gh-9676
2021-04-28 12:33:18 +02:00
Josh Cummings 163b5943ca
Revert AuthorizationManager Method Security 2021-04-12 15:53:22 -06:00
Evgeniy Cheban 20778f727b
Consider AuthorizationManager for Method Security
Closes gh-9289
2021-04-09 17:46:32 -06:00
Eleftheria Stein e03fe7f089 Add coroutine support to pre/post authorize
Closes gh-8143
2021-04-09 19:33:06 +02:00
Rob Winch 60d3db5798 add management platform(project(":spring-security-dependencies"))
Closes gh-9540
2021-04-05 10:36:36 -05:00
Rob Winch 1a76ee7442 Update Gradle configuration names
Closes gh-9540
2021-04-05 10:36:36 -05:00
Josh Cummings d0d0a8d958 Add OpenSAML 4 Support
Closes gh-9095
2021-03-23 19:07:23 -06:00
Josh Cummings f129410ff9
Add Java 8 Polyfill for Apache DS tests
Closes gh-9416
2021-02-17 11:53:51 -07:00
Joe Grandja 3bc0b8c144 Revert "Fix snapshot build failure related to reactor-netty"
This reverts commit f37714a26f.
2020-08-04 14:24:32 -04:00
Joe Grandja f37714a26f Fix snapshot build failure related to reactor-netty
Closes gh-8909
2020-08-04 14:17:03 -04:00
Josh Cummings 9241cd2892
Move TestRelyingPartyRegistrations
Fixes gh-8551
2020-05-18 16:38:40 -06:00
Eleftheria Stein 6017510fdd Compile Kotlin tasks using JVM 1.8 2020-04-07 11:04:59 -04:00
Josh Cummings 5bdf57d1e5
Remove Groovy and Spock Dependencies
Fixes gh-4939
2020-02-10 10:38:40 -07:00
Eleftheria Stein-Kousathana 2df1099da5
Idiomatic Kotlin DSL for configuring HTTP security
Issue: gh-5558
2020-01-07 12:08:43 -05:00
Rob Winch 06d7443946 Use Gradle platform and constraints
This was largely generated from the following script

wget bd9f8eb541/src/main/groovy/io/spring/gradle/convention/DependencySetPlugin.groovy ./dsp.gradle
cat gradle/dependency-management.gradle | grep 'management "' | cut -d ':' -f 2 | xargs -I{} sh -c "rg {} -l -g '*.gradle' -g '\!dependency-management.gradle' > /dev/null || echo {}" | xargs -I{} sed -iE '/.*{}.*/d' gradle/dependency-management.gradle
rm ./dps.gradle

Fixes gh-7787
2020-01-06 14:46:36 -06:00
Josh Cummings 101e0a21a8 Bearer WebClient Filter Authentication Propagation
Fixes: gh-7418
2019-09-11 16:27:21 +01:00
Filip Hanik e9a44bc0ce HttpSecurity.saml2login() - MVP Core Code
Implements minimal SAML 2.0 login/authentication functionality with the
following feature set:

  - Supports IDP initiated login at the default url of /login/saml2/sso/{registrationId}
  - Supports SP initiated login at the default url of /saml2/authenticate/{registrationId}
  - Supports basic java-configuration via DSL
  - Provides an integration sample using Spring Boot

Not implemented with this MVP

  - Single Logout
  - Dynamic Service Provider Metadata

Fixes gh-6019
2019-09-05 14:40:08 -07:00
Rob Winch 5a4eded696 Add RSocket Support
Fixes gh-7360
2019-09-04 19:24:01 -05:00
Daniel Bustamante Ospina 6bddb38cac Update to Gradle 5.0
Change project's gradle version to 5.0, this requires to make some minor
adjustments.

Fixes: gh-6148
2018-11-30 08:50:47 -06:00
Rob Winch b02ce59188 TestClientRegistrations
Fixes: gh-5651
2018-08-19 21:08:02 -05:00
Josh Cummings 40ccdb93f7 Resource Server Jwt Support
Introducing initial support for Jwt-Encoded Bearer Token authorization
with remote JWK set signature verification.

High-level features include:

- Accepting bearer tokens as headers and form or query parameters
- Verifying signatures from a remote Jwk set

And:

- A DSL for easy configuration
- A sample to demonstrate usage

Fixes: gh-5128
Fixes: gh-5125
Fixes: gh-5121
Fixes: gh-5130
Fixes: gh-5226
Fixes: gh-5237
2018-07-16 10:40:46 -05:00
Rob Winch dd1b1b9cc3 Use Spring Framework 5.1.0 SNAPSHOT
Fixes: gh-5408
2018-06-05 12:28:51 -05:00
Rob Winch 0eedfc717a Revert "Revert "Add ClientRegistration from OpenID Connect Discovery""
This reverts commit 9fe0f50e3c.

The original commit was accidentally pushed prior to PR. We attempted
to revert the commit hoping the PR would open again. This did not work.
We are going to do a Polish commit instead.

Issue: gh-5355
2018-05-18 09:40:43 -05:00
Rob Winch 9fe0f50e3c Revert "Add ClientRegistration from OpenID Connect Discovery"
This reverts commit 0598d47732.
2018-05-18 09:20:51 -05:00
Rob Winch 0598d47732 Add ClientRegistration from OpenID Connect Discovery
Fixes: gh-4413
2018-05-16 12:30:04 -05:00
Rob Winch f29e4cf91f LoginPageGeneratingWebFilter conditionally renders formLogin
Issue: gh-4807
2018-05-14 16:38:13 -05:00
Rob Winch b1d013e8f0 Fix JDK 9
Issue: gh-5160
2018-03-27 09:30:56 -05:00
Joe Grandja 84679a5d64 Polish #4904 Support GrantedAuthoritiesMapper @Bean for oauth2Login 2018-01-23 12:14:57 -05:00
Kazuki Shimizu 444e2dade3 Support GrantedAuthoritiesMapper @Bean for oauth2Login
Fixes gh-4880
2018-01-23 09:51:14 -05:00
Rob Winch 77acb34bcd Add spring-security-test to spring-security-config test dependencies 2017-10-28 22:58:55 -05:00
Joe Grandja f0c9f85292 spring-security-jwt-jose -> spring-security-oauth2-jose
Fixes gh-4595
2017-10-23 09:04:01 -04:00
Rob Winch b81c1ce2c0 Move spring-security-webflux into spring-security-web
Fixes gh-4662
2017-10-18 16:20:09 -05:00
Rob Winch 445834784a Update to Mockito 2.10.0
Issue: gh-4608
2017-10-09 16:13:11 -05:00
Stephan Schroevers 9e719bc313 Drop the `aopalliance:aopalliance` dependency
As of Spring 4.3 RC1 the `org.aopalliance` interfaces are once again bundled
with `spring-aop` [1]. Moreover, all modules with a dependency on
`aopalliance:aopalliance` directly or indirectly also depend on `spring-aop`.

This change drops the `aopalliance:aopalliance` dependency in all places it's
declared. Where applicable an explicit dependency on `spring-aop` was added in
its place. (This dependency was already present in most places; in one case the
module didn't require `aopalliance:aopalliance` in the first place.)

The documentation is updated accordingly.

[1] https://jira.spring.io/browse/SPR-13984
2017-09-22 11:11:04 -05:00
Rob Winch a0a0a32bda Add WebTestClient HtmlUnit Support
Fixes gh-4534
2017-09-12 20:40:56 -05:00
Rob Winch f3737b61e8 Add logback-classic as test dependency 2017-08-17 15:42:39 -05:00
Joe Grandja 9cfb890207 Use id_token for user authentication
Fixes gh-4410
2017-07-07 12:44:26 -04:00
Rob Winch b4f2777755 Add WebFlux
Fixes gh-4128
2017-05-10 00:13:02 -05:00
Joe Grandja 829c386756 Add support for OAuth 2.0 Login
Fixes gh-3907
2017-04-28 10:58:59 -04:00
Rob Winch dd6fc48dd8 Standardize Build
The build now uses spring build conventions to simplify the build

Fixes gh-4284
2017-04-21 10:55:05 -05:00