Commit Graph

9396 Commits

Author SHA1 Message Date
Arvid Ottenberg d0d655e18d
Allow Customization of Bearer Token Resolution
Closes gh-8535
2020-11-03 14:34:46 -07:00
Joe Grandja 9d1637d2cd Add unsupported_token_type to OAuth2ErrorCodes
Closes gh-9184
2020-11-03 14:11:01 -05:00
Joe Grandja dafedf93fa Fix format gh-9183 2020-11-03 14:00:07 -05:00
Joe Grandja aeb999eae2 Add token and token_type_hint to OAuth2ParameterNames
Closes gh-9183
2020-11-03 13:42:28 -05:00
Joe Grandja 0c25b8c1f9 Introduce JwaAlgorithm
Closes gh-9182
2020-11-03 13:03:50 -05:00
Joe Grandja c069692ab9 Extract OAuth2Token from AbstractOAuth2Token
Closes gh-5502
2020-11-02 20:35:08 -05:00
Josh Cummings 8b7751f5f4
Polish Multiple Filter Chains Docs
Issue gh-9178
2020-11-02 13:49:24 -07:00
Guillaume Berche 69336fb3ec
Add Multiple Filter Chains Docs
Closes gh-9178
2020-11-02 13:45:04 -07:00
Guillaume Berche ab9a310485
Add Link to WebFlux Unit Tests 2020-11-02 13:45:04 -07:00
Josh Cummings b8f8fab54f
Document SigningMethod Support
Issue gh-8952
Issue gh-9177
2020-11-02 11:27:23 -07:00
Josh Cummings aba0e904f0
Read SigningMethod Elements
Closes gh-9177
2020-11-02 11:27:23 -07:00
Josh Cummings e1826a0bd8
Polish Signature Algorithm Support
- Changed name to signatureAlgorithms since method and algorithm are
synonymous
- Re-ordered methods to follow typical IDPSSODescriptor order
- Adjusted JavaDoc to refer to IDPSSODescriptor terminology

Issue gh-8952
2020-11-02 11:27:23 -07:00
Arnaud Mergey 9900658c92
support configurable signature algorithm
Closes gh-8952
2020-11-02 11:27:23 -07:00
Eleftheria Stein 5c8972b7d5 Add test for ordered WebSecurityCustomizers
Issue gh-9154
2020-11-02 14:19:14 +01:00
Rob Winch 25a7482c8c Lock dependencies for 5.5.0-M1 2020-10-30 17:52:03 -05:00
Hideaki Matsunami 6d9ee5a354 add white space before strong notation. 2020-10-30 15:44:49 -06:00
Ovidiu Popa 6724e3e514 Provide a R2dbc implementation of ReactiveOuath2AuthorizedClientService
Implement R2dbcReactiveOuath2AuthorizedClientService which persists the
Oauth2AuthorizedClient in a sql database

R2dbcReactiveOuath2AuthorizedClientService is using the spring-r2dbc
module to persist/load Oauth2AuthorizedClient to/from a sql database

Add optional depedency to the spring-r2dbc module
Add test compile dependencies to r2dbc-h2 and r2dbc-test

Closes gh-7890
2020-10-29 15:44:12 -04:00
Joe Grandja f8cc48fe2b Set rsocketVersion to 1.1.0
Closes gh-9167
2020-10-29 15:43:52 -04:00
Joe Grandja 3618cbd3eb Revert "Use reactor-netty-http for snapshot build"
This reverts commit 1361cb8790.
2020-10-29 15:43:52 -04:00
Joe Grandja 4ff53c924d Set reactorVersion to 2020.0.+
Closes gh-9166
2020-10-29 15:43:39 -04:00
Joe Grandja c0327adecb Set springVersion to 5.3.+
Closes gh-9165
2020-10-29 15:43:20 -04:00
Ayush Kohli ea68989421 Closes gh-8196
Add leveloffset
2020-10-28 14:55:30 -06:00
Christian Mouttet 6486857462 JwtIssuerValidator handles issuer (iss) claim values as Strings and URLs
- NimbusJwtDecoder uses claim set converters: issuer claim is converted to an URL object
- JwtIssuerValidator (created by JwtValidators.createDefaultWithIssuer(String)) wraps a JwtClaimValidator<String>
- because of different data types, equal() is always false

This change allows both Strings and URLs as values of the issuer

Closes gh-9136
2020-10-28 14:20:27 -06:00
Alexander Polozov a362ab53bc Change guard expressions order
Check of allowed user sessions count moved to head for avoid unnecessary fetching all user sessions.
2020-10-27 09:49:29 -04:00
Eleftheria Stein 9cf3129d7a Update Kotlin MockMvc result matchers in sample
Issue gh-9155

The "style" parameter is no longer supported
2020-10-27 11:20:16 +01:00
Eleftheria Stein aac6d2f56b Kotlin MockMvc result matchers use parentheses
Closes gh-9155
2020-10-27 10:57:49 +01:00
Eleftheria Stein 9b66929358 Remove unused import in sample 2020-10-27 10:09:51 +01:00
Ellie Bahadori d69032a68d Prevent PR builds from running on forks 2020-10-26 11:07:25 -05:00
Joe Grandja b182d9def1 Fix code formatting
Issue gh-9146
2020-10-22 13:30:48 -04:00
Alexey Nesterov 339da36878 Add refresh token expiration support
Closes gh-9146
2020-10-22 12:41:48 -04:00
Craig Andrews 42a787d1f6 Add Postgres sql for JDBC implementation of OAuth2AuthorizedClientService
Postgres doesn't have a BLOB type, but it does have an equivalent BYTEA
type.
This approach and naming convention follows the convention established
in Spring Session JDBC which has sql for each RDBMS with files names in
the pattern *-{dbname}.sql, for example:
schema-db2.sql
schema-derby.sql
schema-h2.sql
schema-mysql.sql
schema-postgresql.sql

See https://github.com/spring-projects/spring-session/tree/2.3.1.RELEASE/spring-session-jdbc/src/main/resources/org/springframework/session/jdbc

Issue gh-9070
2020-10-22 09:56:20 -04:00
Craig Andrews 05dc326389 Use LobHandler in JdbcOAuth2AuthorizedClientService
LobHandler provides an abstraction for handling large binary fields and large text
fields in specific databases, no matter if represented as simple types or
Large OBjects.

Its use provides compatibility with many databases eliminating the need
for custom OAuth2AuthorizedClientParametersMapper and
OAuth2AuthorizedClientRowMapper implementations.

Closes gh-9070
2020-10-22 09:56:20 -04:00
Josh Cummings 6714112961
Add SAML Response Decryption Documentation
Issue gh-9044
Issue gh-9131
2020-10-14 16:49:42 -06:00
Josh Cummings b06b17ca9b
Add Number 10 Diagram Image 2020-10-14 16:49:42 -06:00
Josh Cummings 5699670a43
Polish OpenSamlAuthenticationProvider
Remove deprecated usage

Issue gh-8769
2020-10-14 16:49:37 -06:00
Josh Cummings c8cbf06d8d
Add EncryptedAttribute support
Closes gh-9131
2020-10-14 14:58:42 -06:00
Josh Cummings d0581c9a26
Polish Configurable SAML Decryption Support
- Renamed to setResponseElementsDecrypter and
setAssertionElementsDecrypter to align with ResponseToken and
AssertionToken
- Changed contract of setAssertionElementsDecrypter to use
AssertionToken
- Changed assertions in unit test to use isEqualTo

Issue gh-9044
2020-10-14 14:58:42 -06:00
ryan.cassar 535ae3e27d
Add Configurable SAML Response Decryption
Closes gh-9044
2020-10-14 10:38:05 -06:00
Josh Cummings 1436ce493e
Update snapshot command
Closes gh-9124
2020-10-12 17:55:39 -06:00
Josh Cummings 3e95f68873
Add jackson-datatype-jsr310 Dependency
Closes gh-9123
2020-10-12 17:41:16 -06:00
Josh Cummings b1a3aef4f8
Update Test Controllers
Closes gh-9121
2020-10-12 17:41:16 -06:00
Rob Winch 01855fcce2
Update to Gradle 6.6.1
Use version ordering feature

Closes gh-9122
2020-10-12 17:41:16 -06:00
Josh Cummings e6ff57c116
Polish RelyingPartyRegistrations
Issue gh-9028
2020-10-12 13:55:16 -06:00
ryan.cassar 9a11cc84ad
Add File-based Metadata Resolution
Closes gh-9028
2020-10-12 13:55:16 -06:00
Matthias Luppi 78d5ffe60d Apply minor rewording and formatting 2020-10-12 13:18:02 -06:00
Matthias Luppi 45a86a4b4d Rework community.adoc
Fix link to CONTRIBUTING.adoc and use proper name of Stack Overflow according to their trademark guidelines (two words, capital letters)
2020-10-12 13:18:02 -06:00
Matthias Luppi 7d59595dd6 Rework CONTRIBUTING.adoc
Several fixes were applied: Syntax corrected, links updated, improved some paragraphs, restored parts that were removed in the conversion to adoc format (see: a8b438587b)
2020-10-12 13:18:02 -06:00
Josh Cummings 366146ff80
Polish JWT Signature Algorithm Discovery
- Moved support to JwtDecoders and ReactiveJwtDecoders since there is
already the expectation that those classes make an outbound connection
to complete configuration. Since there's no outbound connection when
configuring a NimbusJwtDecoder or NimbusReactiveJwtDecoder, it would be
more intrusive to change that.

Closes gh-7160
2020-10-09 14:17:30 -06:00
Nick Hitchan 290786438c
Add Support for JWK Signature Algorithm Discovery
Issue gh-7160
2020-10-09 13:09:38 -06:00
Rob Winch 4ffc3d6ceb
Update Link Text for Getting Spring Security 2020-10-08 09:48:58 -05:00