Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-02-24 16:05:15 +00:00
Code Issues Packages Projects Releases Wiki Activity
7,234 Commits 34 Branches 337 Tags
Commit Graph

7234 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Joe Grandja
54484639bb Update to htmlunit-driver:2.32.1 
Fixes gh-5784
 2018-09-07 12:19:56 -04:00
Joe Grandja
451fd50189 Update to hibernate-entitymanager:5.3.6.Final 
Fixes gh-5782
 2018-09-07 12:19:56 -04:00
Joe Grandja
7a24e7d648 Update to mockito-core:2.21.0 
Fixes gh-5781
 2018-09-07 12:19:56 -04:00
Joe Grandja
05b8457b5f Update to assertj-core:3.11.1 
Fixes gh-5780
 2018-09-07 12:19:56 -04:00
Josh Cummings
21e62683ab
Polish Commit on Reactive Http Basic Test 2018-09-07 10:01:11 -06:00
Tim Koopman
6df4dfe47b
Reactive HttpBasic Support For Coloned Passwords 
This makes so that reactive httpBasic supports passwords containing
one or more colons.
 2018-09-07 10:01:11 -06:00
Josh Cummings
9e0f171d47 Jwt Claim Mapping 
This introduces a hook for users to customize standard Jwt Claim
values in cases where the JWT issuer isn't spec compliant or where the
user needs to add or remove claims.

Fixes: gh-5223
 2018-09-07 09:48:26 -05:00
Rob Winch
2495025845 authcodegrant samples->oauth2webclient samples 
The authcodegrant samples were initially meant to be very simple
demonstration of authorization code flow. However, it has become
obvious since then that the real intent of the demo is how to use
the WebClient with OAuth (there is no other reason to do authorization
code flow unless you use the token to make a request).

The samples have been migrated to oauth2webclient and oauth2webclient-webflux
respectively. They have been improved:

* The sample demonstrates usage with annotations, webclient directly, form login
  oauth2Login, and public APIs
* The samples externalize the endpoint that is requested in the sample
  making it easier to try other endpoints
* The UI no longer relies on a data structure for the result of the
  endpoint also making it easier to try other endpoints

Issue: gh-4921
 2018-09-07 08:58:50 -05:00
Rob Winch
438d2911fb OAuth2AuthorizedClientResolver 
Extract out a private API for shared code between the argument resolver
and WebClient support. This makes it easier to make changes in both
locations. Later we will extract this out so it is not a copy/paste
effort.

Issue: gh-4921
 2018-09-07 08:58:00 -05:00
Rob Winch
23726abb1e ServerOAuth2AuthorizedClientExchangeFilterFunction default ServerWebExchange 
Leverage ServerWebExchange established by ServerWebExchangeReactorContextWebFilter

Issue: gh-4921
 2018-09-07 08:57:25 -05:00
Rob Winch
ac78258847 ServerOAuth2AuthorizedClientExchangeFilterFunction defaultOAuth2AuthorizedClient 
Defaults to use the OAuth2AuthenticationToken to resolve the authorized client

Issue: gh-4921
 2018-09-07 08:57:00 -05:00
Rob Winch
158b8aa6d5 ServerOAuth2AuthorizedClientExchangeFilterFunction clientRegistrationId 
Issue: gh-4921
 2018-09-07 08:56:49 -05:00
Rob Winch
28537fa3b6 WebClientReactiveClientCredentialsTokenResponseClient 
Fixes: gh-5607
 2018-09-07 08:53:35 -05:00
Rob Winch
89f2874bff ServerOAuth2AuthorizedClientExchangeFilterFunction clientRegistrationId 
You can now provide the clientRegistrationId and
ServerOAuth2AuthorizedClientExchangeFilterFunction will look up the authorized client automatically.

Issue: gh-4921
 2018-09-07 08:52:35 -05:00
Rob Winch
5bcbb1c40f ServerOAuth2AuthorizedClientExchangeFilterFunction uses ServerOAuth2AuthorizedClientRepository 
Issue: gh-4921
 2018-09-07 08:52:18 -05:00
Rob Winch
07b6699fd9 ServerWebExchangeReactorContextWebFilter 
Fixes: gh-5779
 2018-09-07 08:49:27 -05:00
Josh Cummings
65c81ce952
Make JwtReactiveAuthenticationManager final 2018-09-06 13:46:18 -06:00
Joe Grandja
057587ef29 ClientRegistration contains Provider Configuration Metadata 
Fixes gh-5540
 2018-09-05 17:01:23 -04:00
Sola
c60fcf263e provide test for custom principal extractor config 
Signed-off-by: Sola <dev@sola.love>
 2018-09-05 15:51:14 -05:00
Sola
2980f96b55 Allow PrincipalExtractor to be customized. 
Signed-off-by: Sola <dev@sola.love>
 2018-09-05 15:51:14 -05:00
Josh Cummings
932ea245fb AuthenticationManager for OAuth2ResourceServerSpec 
This makes the AuthenticationManager used by the OAuth2 Resource
Server configurable, focusing at this point on the Jwt use case.

Fixes: gh-5750
 2018-09-05 09:19:11 -05:00
Joe Grandja
dfd572a4d2 Polish 2018-09-05 07:59:00 -05:00
Joe Grandja
3b480a3a05 Provide RestOperations in CustomUserTypesOAuth2UserService 
Fixes gh-5602
 2018-09-05 07:59:00 -05:00
Joe Grandja
4a8c95a3e8 Provide RestOperations in DefaultOAuth2UserService 
Fixes gh-5600
 2018-09-05 07:59:00 -05:00
Josh Cummings
25d1f49d84
Remove Resource Server's Session Policy Config 
Resource Server doesn't need to set the session policy for the
application to STATELESS since it can rely on the
SessionManagementFilter ignoring token's annotated with @Transient,
which a JwtAuthenticationToken is.

Fixes: gh-5759
 2018-09-04 14:55:40 -06:00
Johnny Lim
5141dacd95 Upgrade to Gradle Wrapper 4.10 
Closes gh-5748
 2018-09-04 14:11:15 -05:00
Rob Winch
5dd55d4936 Ensure NamingException.resolvedObj is Serializable 
Fixes: gh-5378
 2018-09-04 11:04:26 -05:00
Josh Cummings
8510e9a285 Reactive Resource Server insufficient_scope 
This introduces an implementation of ServerAccessDeniedHandler that is
compliant with the OAuth 2.0 spec for insufficent_scope errors.

Fixes: gh-5705
 2018-08-31 10:33:11 -05:00
Josh Cummings
1c74706232 Delegating ServerAccessDeniedHandler by exchange 
Fixes: gh-5747
 2018-08-31 10:33:11 -05:00
Joe Grandja
8e615d0fee Re-factor DefaultClientCredentialsTokenResponseClient 
Fixes gh-5735
 2018-08-27 15:10:17 -05:00
Rob Winch
713e1e3356 BearerTokenServerAuthenticationEntryPoint waits for subscriber 
Fixes: gh-5742
 2018-08-27 14:26:45 -05:00
Vedran Pavic
362c2ef1f2 Force snapshot repo in snapshot stage build 2018-08-27 13:35:58 -05:00
Joe Grandja
229b69dd35 Add DefaultAuthorizationCodeTokenResponseClient 
Fixes gh-5547
 2018-08-27 12:44:19 -04:00
Vedran Pavic
f7cb53e9bd Upgrade spring-build-conventions to 0.0.18.RELEASE 2018-08-27 10:45:35 -05:00
Vedran Pavic
cb0ba58b58 Fix WhitespaceAfterCheck Checkstyle check 2018-08-27 10:45:35 -05:00
Jason Zhekov
439538477a Add missing space in namespace.adoc 2018-08-27 10:43:53 -05:00
Johnny Lim
88181c31f1 Polish ActiveDirectoryLdapAuthenticationProviderTests 
This commit polishes ActiveDirectoryLdapAuthenticationProviderTests.contextEnvironmentPropertiesUsed() by:

- Adding fail() to prevent from going through an unexpected path.
- Asserting that the root cause is an instance of ClassNotFoundException as the current code doesn't seem to right.
 2018-08-26 21:31:39 -05:00
Rob Winch
f5ad4ba0fa ServletOAuth2AuthorizedClientExchangeFilterFunction support client_credentials 
Fixes: gh-5639
 2018-08-24 11:33:02 -05:00
Rob Winch
2d497c7b0f Remove OAuth2ExchangeFilterFunctions 
Fixes: gh-5734
 2018-08-24 11:27:59 -05:00
Rob Winch
1640a1f462 Polish ServerAuthenticationConverter 
Fix package tangles

Issue: gh-5338
 2018-08-24 09:44:27 -05:00
Josh Cummings
68d836d508 Reactive Resource Server Csrf Bypass 
This makes requests identified as bearer token requests skip the csrf
filter.

Fixes: gh-5710
 2018-08-24 09:44:01 -05:00
Rob Winch
820fb7d828 Polish formatting ServerHttpSecurity JwtSpec 
Fixes: gh-5728
 2018-08-23 15:12:19 -05:00
Josh Cummings
cba2444e1a ServerHttpSecurity ReactiveJwtDecoder discovery 
This makes so that WebFlux OAuth 2.0 Resource Server configuration
will pick up a ReactiveJwtDecoder exposed as a bean.

Fixes: gh-5720
 2018-08-23 15:12:14 -05:00
Josh Cummings
0fdc081ab5 Add unit tests 
Added some unit tests around some untested parts of the code that I
will be touching for this issue.

Issue: gh-5720
 2018-08-23 15:11:40 -05:00
Rob Winch
7c14c6e48f Update to Spring Boot 2.1.0.M2 
Fixes: gh-5727
 2018-08-23 13:00:22 -05:00
Josh Cummings
416a276436
Expose Default Reactive CsrfProtectionMatcher 
Make so that users can augment the default protection logic with
their own.

Fixes: gh-5725
 2018-08-22 13:02:02 -06:00
Rob Winch
4ddaac3b8e Fix settings.gradle on Windows 
Fixes: gh-5724
 2018-08-22 10:21:41 -05:00
Joe Grandja
d7bd5c0acc Remove spring.factories from oauth2login-webflux sample 
Fixes gh-5723
 2018-08-22 10:21:36 -04:00
Joe Grandja
ff6e1232c8 Flatten HttpSecurity.oauth2() 
Fixes gh-5715
 2018-08-22 05:58:04 -04:00
Joe Grandja
0f89e59707 Simplified oauth2().client() DSL 
Fixes gh-5662
 2018-08-22 04:45:35 -04:00