Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
16,553 Commits 33 Branches 333 Tags 109 MiB
Commit Graph

2496 Commits

Author SHA1 Message Date
Josh Cummings dff3780c5e
Merge branch '6.3.x' 2024-08-22 12:38:17 -06:00
Josh Cummings 4c0d969f1f
Merge branch '6.2.x' into 6.3.x 
Closes gh-15676
 2024-08-22 12:37:45 -06:00
Josh Cummings 3ee5a96e53
Merge branch '5.8.x' into 6.2.x 
Closes gh-15675
 2024-08-22 12:24:56 -06:00
Josh Cummings 5c604b95fb
Correct PostFilterAuthorizationMethodInterceptor Target Type 
Previously, `postFilterAuthorizationMethodInterceptor` mistakenly
was published as an `Advisor`. Because `MethodSecurityAdvisorRegistrar`
re-publishes each pre/post annotation interceptor also as an `Advisor`,
this resulted in a duplicate advisor for `@PostFilter`.

Closes gh-15651
 2024-08-22 12:10:25 -06:00
Josh Cummings f398be793d
Simplify AuthorizationAdvisorProxyFactory Configuration 
Closes gh-15497
 2024-08-19 12:34:38 -06:00
Josh Cummings 6352877bc4
Merge branch '6.3.x' 2024-08-19 12:34:32 -06:00
Josh Cummings ae8e4d148e
Produce Exactly One AuthorizationAdvisor Per Annotation 
Closes gh-15592
 2024-08-19 12:30:03 -06:00
Josh Cummings 27af1df87d
Simplify Method Interceptor Configuration 
Simplifies to use only one ObjectProvider for easier
future maintenance

Issue gh-15592
 2024-08-19 12:27:56 -06:00
Daniel Garnier-Moiroux b731623b3a Fix checkstyle errors with @Deprecated 2024-08-19 10:55:58 -03:00
Daniel Garnier-Moiroux b92ed92548 Fix checkstyle errors with @Deprecated 2024-08-19 10:55:28 -03:00
Marcus Hert Da Coregio 912062d307 Merge branch '6.2.x' into 6.3.x 2024-08-19 09:11:10 -03:00
Daniel Garnier-Moiroux 79fb0113c8 Bump io-spring-javaformat from 0.0.42 to 0.0.43 
Bumps `io-spring-javaformat` from 0.0.42 to 0.0.43.

Updates `io.spring.javaformat:spring-javaformat-checkstyle` from 0.0.42 to 0.0.43
- [Release notes](https://github.com/spring-io/spring-javaformat/releases)
- [Commits](spring-io/spring-javaformat@v0.0.42...v0.0.43)

Updates `io.spring.javaformat:spring-javaformat-gradle-plugin` from 0.0.42 to 0.0.43
- [Release notes](https://github.com/spring-io/spring-javaformat/releases)
- [Commits](spring-io/spring-javaformat@v0.0.42...v0.0.43)

---
updated-dependencies:
- dependency-name: io.spring.javaformat:spring-javaformat-checkstyle
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: io.spring.javaformat:spring-javaformat-gradle-plugin
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

---
Manual updates:
- Adhere to rule where `@Deprecated` annotations and `@deprecated` javadoc comments MUST
  be used together

Signed-off-by: dependabot[bot] <support@github.com>
 2024-08-19 09:11:05 -03:00
Daniel Garnier-Moiroux 2caf1fb6b4 Bump io-spring-javaformat from 0.0.42 to 0.0.43 
Bumps `io-spring-javaformat` from 0.0.42 to 0.0.43.

Updates `io.spring.javaformat:spring-javaformat-checkstyle` from 0.0.42 to 0.0.43
- [Release notes](https://github.com/spring-io/spring-javaformat/releases)
- [Commits](spring-io/spring-javaformat@v0.0.42...v0.0.43)

Updates `io.spring.javaformat:spring-javaformat-gradle-plugin` from 0.0.42 to 0.0.43
- [Release notes](https://github.com/spring-io/spring-javaformat/releases)
- [Commits](spring-io/spring-javaformat@v0.0.42...v0.0.43)

---
updated-dependencies:
- dependency-name: io.spring.javaformat:spring-javaformat-checkstyle
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: io.spring.javaformat:spring-javaformat-gradle-plugin
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

---
Manual updates:
- Adhere to rule where `@Deprecated` annotations and `@deprecated` javadoc comments MUST
  be used together

Signed-off-by: dependabot[bot] <support@github.com>
 2024-08-19 09:08:24 -03:00
DingHao ed16c86115 Improve @CurrentSecurityContext meta-annotations 
Closes gh-15551
 2024-08-13 13:18:15 -06:00
Josh Cummings 59ec1f6480
Revert "Polish AuthorizationAdvisorProxyFactory advisor configuration" 
This commit had some unintended consequences when the advisor
interceptor was published in a Spring Boot application. As such,
15497 will be reopened to investigate. In the meantime, this commit
reverts the previous change so as to allow the build to pass.

Issue gh-15497
 2024-08-12 10:12:14 -06:00
Josh Cummings 08b8b09066
Update Copyright 
Issue gh-15286
 2024-08-10 11:48:14 -06:00
Josh Cummings 2b33f6f04a Add Config Tests for AuthenticationPrincipal Templates 
Issue gh-15286
 2024-08-10 11:46:51 -06:00
Josh Cummings e40c98e6d7 Deprecate PrePostTemplateDefaults 
Since there is nothing specific to configuring pre/post
annotations, there is no need for the extra class.

If a need like this does arise in the future,
either AnnotationTemplateExpressionDefaults can be sub-
classed, or it can have introduced a Map field holding
custom properties.

Issue gh-15286
 2024-08-10 11:46:51 -06:00
DingHao 2c02d8aec7 Update Copyright 2024-08-10 11:46:51 -06:00
DingHao 895978c818 Auto config AuthenticationPrincipalArgumentResolver When AnnotationTemplateExpressionDefaults bean is Present 2024-08-10 11:46:51 -06:00
Rob Winch 71f40f2bc4 Merge branch '6.3.x' 
Use explicit types instead of var

Closes gh-155537
 2024-08-08 15:30:16 -05:00
Daniel Garnier-Moiroux 3b8cdc323f Remove unused method 2024-08-08 15:29:41 -05:00
Daniel Garnier-Moiroux 109da2719f Use explicit types everywhere instead of var 2024-08-08 15:29:41 -05:00
Josh Cummings 02cca6f737
Polish AuthorizationAdvisorProxyFactory advisor configuration 
Closes gh-15497
 2024-08-07 10:09:51 -06:00
Josh Cummings 816ebe38b5
Add OpenSAML to Config Build 
Issue gh-11658
 2024-08-06 18:14:12 -06:00
Josh Cummings 1da383b360
Add OpenSAML 5 Support 
Issue gh-11658
 2024-08-06 18:14:11 -06:00
Josh Cummings 78a0173cc1
Use OpenSAML API for web 
Issue gh-11658
 2024-08-06 18:14:11 -06:00
Josh Cummings 51fc05630d
Use OpenSAML API for web.authentication.logout 
Issue gh-11658
 2024-08-06 18:14:10 -06:00
Josh Cummings ff9a925e88
Use OpenSAML API for metadata 
Issue gh-11658
 2024-08-06 18:14:10 -06:00
Josh Cummings 416859e70e
Use OpenSAML API in authentication.logout 
Issue gh-11658
 2024-08-06 18:14:10 -06:00
Daniel Garnier-Moiroux bc8ba7f3b7 Inline CSS for default login and logout page 
- Remove the dependency on Bootstrap CSS. Results in faster load times, no failures
  in air-gapped or offline scenarios, and no dependency on an external CDN that may
  go away some day.
 2024-08-05 09:27:18 -05:00
Josh Cummings 37a2812d1a
Mimic Annotation Fallback Logic 
For backward compatibility, this commit changes the annotation traversal
logic to match what is found in PrePostAnnotationSecurityMetadataSource.

This reverts gh-13783 which is a feature that unfortunately regressess
pre-existing behavior like that found in gh-15352. As such, that
functionality has been removed.

Issue gh-15352
 2024-07-31 16:17:42 -06:00
Josh Cummings f20ae1a71c
Revert gh-13783 
This feature unfortunately regresses pre-existing behavior
like that found in gh-15352. As such, this functionality
has been removed.

Closes gh-15352
 2024-07-31 16:16:34 -06:00
Marcus Hert Da Coregio 304685521c Fix tags order 2024-07-29 15:35:48 -03:00
Marcus Hert Da Coregio 8231b8a03b Merge branch '6.3.x' 2024-07-29 14:56:16 -03:00
Marcus Hert Da Coregio c1b3b329af Merge branch '6.2.x' into 6.3.x 2024-07-29 14:56:09 -03:00
baezzys 3d4bcf1b44 fix: Restrict automatic CORS configuration to UrlBasedCorsConfigurationSource 
- Update CORS configuration logic to automatically enable .cors() only if a UrlBasedCorsConfigurationSource bean is present.
- Modify applyCorsIfAvailable method to check for UrlBasedCorsConfigurationSource instances.
 2024-07-29 14:55:55 -03:00
Marcus Hert Da Coregio 98af8d1123 Add permissionsPolicyHeader 
This method is a replacement of `permissionsPolicy(Customizer)` that returns its own configurer instead of `HeadersConfigurer`.

Closes gh-14803
 2024-07-29 09:26:42 -03:00
Josh Cummings 9d8888c5f0 Use AssertingPartyMetadata 
Issue gh-15394
 2024-07-19 18:48:23 -07:00
Josh Cummings fdcf3c6df9
Merge branch '6.3.x' 2024-07-18 15:51:21 -06:00
Josh Cummings ba714d78ab
Merge branch '6.2.x' into 6.3.x 
Closes gh-15440
 2024-07-18 15:51:10 -06:00
Josh Cummings 3daeeb8789
Merge branch '5.8.x' into 6.2.x 
Closes gh-15439
 2024-07-18 15:50:58 -06:00
Josh Cummings dab48d25b0
Improve Error Message When Registration Missing 
Closes gh-15363
 2024-07-18 15:50:41 -06:00
Josh Cummings 796e4d6b6c
Add query parameter support for authn requests 
Closes gh-15017
 2024-07-13 23:57:57 -06:00
Josh Cummings 8ee497f4c5
Merge branch '6.2.x' into 6.3.x 
Closes gh-15410
 2024-07-12 11:04:08 -06:00
Josh Cummings 7422a1134a Allow logout+jwt JWT type 
Closes gh-15003
 2024-07-12 10:03:40 -07:00
Josh Cummings 773e86701e
Add ParameterRequestMatcher 
Closes gh-15342
 2024-07-02 15:17:54 -06:00
Marcus Hert Da Coregio aa9c1bab67 Upgrade to Spring Framework 6.2.0-M4 
Closes gh-15266
 2024-06-18 14:07:05 -03:00
Josh Cummings 0e7566ede3
Adjust any-request check 
Storing the request matcher outside of the for loop means that
if one of the SecurityFilterChain instances is not of type
DefaultSecurityFilterChain, then the error may print out an
earlier request matcher instead of the current one.

Instead, this commit changes to print out the entire filter chain
so that it can be inside of the for loop, regardless of type.

Issue gh-15220
 2024-06-17 14:34:03 -06:00
Max Batischev 4c780bf8d4 Add support checking AnyRequestMatcher securityFilterChains 
Closes gh-15220
 2024-06-17 13:05:36 -06:00