Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
7,283 Commits 33 Branches 333 Tags 109 MiB
Commit Graph

1199 Commits

Author SHA1 Message Date
Joe Grandja b1f3d495d9 Sec2515Tests groovy->java 
Issue: gh-4939
 2018-03-05 15:16:52 -05:00
Joe Grandja 0aa87e8501 EnableWebSecurityTests groovy->java 
Issue: gh-4939
 2018-03-05 10:23:48 -05:00
Joe Grandja 5af1d1d936 Polish HttpConfigurationTests 2018-03-05 08:36:15 -05:00
Joe Grandja 2a678ebc6e Polish WebSecurityConfigurerAdapterTests 2018-03-05 06:20:27 -05:00
Joe Grandja eae7afd9aa Add support for authorization_code grant 
Fixes gh-4928
 2018-03-02 14:30:49 -05:00
Josh Cummings 1ed51033cc Migrate config-debug groovy->java 
All tests in `org.springframework.security.config.debug` are migrated.

Note that `SecurityDebugBeanFactoryPostProceessorTest` preserves the original structure-verifying strategy used in the Groovy test. Verifying debug behavior turns out to be fairly tricky since being behaviorally invisible is in its nature.

Issue: gh-4939
 2018-03-02 08:55:07 -06:00
Josh Cummings 1b69c62d20 PortMapperConfigurerTests groovy->java 
Issue: gh-4939
 2018-02-27 11:44:21 -05:00
Josh Cummings e08d4cc90c AnonymousConfigurerTests groovy->java 
This test now checks key and principal both, which differs from the original Groovy test

In order to keep from needing to execute logic internal to `AnonymousAuthenticationToken`, this test changed from the original Groovy test. In the Groovy test, `key` is tested; however in this new test, `principal` is tested instead.

A concern was raised that if `AnonymousAuthenticationProvider` were invoked in this test, then testing only `principal` would not confirm that `key` was correctly propagated to `AnonymousAuthenticationProvider`. So, the test now configures both `key` and `principal`. The former to confirm correct wiring of `AnonymousAuthenticationProvider` and the latter to confirm correct wiring of `AnonymousAuthenticationFilter`.

Issue: gh-4939
 2018-02-27 11:30:02 -05:00
Josh Cummings bb59733736 Sec2377Tests groovy->java 
Issue: gh-4939
 2018-02-22 10:48:18 -05:00
Joe Grandja dc9248e73c NamespaceHttpTests groovy->java 
Issue: gh-4939
 2018-02-22 10:29:48 -05:00
Joe Grandja fded710e04 HttpConfigurationTests groovy->java 
Issue: gh-4939
 2018-02-16 14:16:51 -05:00
Rob Winch 210a510bba Use HttpFirewall Bean 
Fixes: gh-5022
 2018-02-15 17:18:28 -06:00
Joe Grandja 52b5423b75 WebSecurityConfigurerAdapterTests groovy->java 
Issue: gh-4939
 2018-02-15 17:50:55 -05:00
Joe Grandja 7fc88a391f SampleWebSecurityConfigurerAdapterTests groovy->java 
Issue: gh-4939
 2018-02-14 15:40:46 -05:00
Joe Grandja c31c1a4616 AbstractConfiguredSecurityBuilderTests -> remove use of reflection 
Issue gh-4939
 2018-02-14 12:47:35 -05:00
Rob Winch 780c9dd455 Fix GlobalMethodSecurityConfigurationTests checkstyle 
Issue: gh-4939
 2018-02-13 09:41:07 -06:00
Rob Winch 8b6e77e5ab Fix SpringTestContext checkstyle 
Issue: gh-5015
 2018-02-13 09:40:47 -06:00
Rob Winch 6af1ac08db GlobalMethodSecurityConfigurationTests groovy->java 
Issue: gh-4939
 2018-02-13 09:37:05 -06:00
Rob Winch 6c52eb6ee1 MethodSecurityService add additional methods 
Fixes: gh-5016
 2018-02-13 09:36:57 -06:00
Rob Winch ca5fb78ee1 Authz check(boolean result) 
Issue: gh-5016
 2018-02-13 09:36:48 -06:00
Rob Winch 1ad57adccc SpringTestContext allow setting Context 
Fixes: gh-5015
 2018-02-13 09:36:39 -06:00
Rob Winch 49e5b15ce2 Extract MockEventListener 
Fixes: gh-5014
 2018-02-13 09:36:27 -06:00
Rob Winch ce5fb51b20 Remove Mono.defer in ReactorContextWebFilter 
Fixes: gh-5010
 2018-02-08 16:19:10 -06:00
Rob Winch 964a14b224 Document Reactive Method security requires Publisher return types 
Fixes: gh-4988
 2018-02-07 16:43:18 -06:00
Rob Winch ea3dd336aa Cache headers only if no cache headers set 
Fixes: gh-5004
 2018-02-07 14:56:34 -06:00
Rob Winch 2165cc72ef BaseAuthenticationConfig groovy->java 
Issue: gh-4939
 2018-02-07 14:40:55 -06:00
Rob Winch 2c519b7e74 NamespaceGlobalMethodSecurityTests groovy->java 
Issue: gh-4939
 2018-02-06 15:23:41 -06:00
Rob Winch 9587f3280e MethodSecurityServiceImpl groovy->java 
Issue: gh-4939
 2018-02-06 14:09:58 -06:00
Rob Winch 751130ba04 MethodSecurityService groovy->java 
Issue: gh-4939
 2018-02-06 14:08:43 -06:00
Rob Winch 9e23d684e7 Polish Imports in SpringTestRule 
Fixes: gh-5001
 2018-02-06 13:48:36 -06:00
Rob Winch 73f5e89e4c SpringTestRule clears SecurityContext 
Fixes: gh-5001
 2018-02-06 11:54:26 -06:00
Rob Winch 1efc7ef5d7 Issue50Tests groovy->java 
Issue: gh-4939
 2018-02-06 11:53:19 -06:00
Rob Winch d12d9ba538 SecurityConfig groovy->java 
Issue: gh-4939
 2018-02-06 11:53:07 -06:00
Rob Winch 9e3e7e9e29 ApplicationConfig groovy->java 
Issue: gh-4939
 2018-02-06 11:52:29 -06:00
Rob Winch 11c8d5ddfb UserRepository groovy->java 
Issue: gh-4939
 2018-02-06 11:51:58 -06:00
Rob Winch 1217547ebd User groovy->java 
Issue: gh-4939
 2018-02-06 11:51:38 -06:00
Rob Winch 12bd506ee7 AutowireBeanFactoryObjectPostProcessorTests groovy->java 
Issue: gh-4939
 2018-02-06 11:13:00 -06:00
Rob Winch eb6d84eb36 MyAdvisedBean groovy->java 
Issue: gh-4939
 2018-02-06 11:12:47 -06:00
Rob Winch 3cb06ec581 AroundMethodInterceptor groovy->java 
Issue: gh-4939
 2018-02-06 11:12:35 -06:00
Rob Winch 9df708dbba Add SpringTestRule.testConfigLocations 
Fixes: gh-5000
 2018-02-06 11:12:35 -06:00
Rob Winch 0d92adf1be PasswordEncoderConfigurerTests groovy->java 
Issue: gh-4939
 2018-02-05 17:13:21 -06:00
Rob Winch 886bfa3daa NamespacePasswordEncoderTests groovy->java 
Issue: gh-4939
 2018-02-05 16:46:42 -06:00
Rob Winch 70db508218 NamespaceJdbcUserServiceTests groovy->java 
Issue: gh-4939
 2018-02-05 15:27:28 -06:00
Rob Winch a0918dd6d4 NamespaceAuthenticationProviderTests groovy->java 
Issue: gh-4939
 2018-02-05 14:53:50 -06:00
Rob Winch 959f689e4e NamespaceAuthenticationManagerTests groovy->java 
Issue: gh-4939
 2018-02-02 16:56:45 -06:00
Joe Grandja 1cb581a0c6 AbstractConfiguredSecurityBuilderTests, AbstractRequestMatcherRegistryTests -> .java 
Issue gh-4939
 2018-02-02 16:45:44 -05:00
Rob Winch 87a216a6e6 AuthenticationManagerBuilderTests -> .java 
Issue: gh-4939
 2018-01-26 16:50:33 -06:00
Rob Winch 8d96e83767 Fix checkstyle 2018-01-26 15:31:24 -06:00
Rob Winch e5d40c0599 AuthenticationConfigurationTests -> java 
Issue: gh-4939
 2018-01-26 15:14:34 -06:00
Rob Winch 0eef5b4b42 Add StrictHttpFirewall 2018-01-24 11:06:08 -06:00
Joe Grandja 900ab1df81 Add javadoc for the OAuth 2.0 Security Configurer's 
Fixes gh-4972
 2018-01-24 06:18:08 -05:00
Joe Grandja 84679a5d64 Polish #4904 Support GrantedAuthoritiesMapper @Bean for oauth2Login 2018-01-23 12:14:57 -05:00
Kazuki Shimizu 444e2dade3 Support GrantedAuthoritiesMapper @Bean for oauth2Login 
Fixes gh-4880
 2018-01-23 09:51:14 -05:00
Rob Winch 91ef7ce1cf AuthenticationEventPublisher Bean used by Default 
Fixes: gh-4940
 2018-01-18 08:59:27 -06:00
Adolfo Eloy 196f02748d Migrate UserDetailsManagerConfigurerTests groovy->java 2018-01-10 16:13:08 -06:00
Johnny Lim f3830eec7d Rename userDetailsRepository to userDetailsService 2018-01-10 16:04:48 -06:00
Johnny Lim 921157cdcd Remove explicit super() calls 2017-12-21 15:11:51 -06:00
Johnny Lim 57353d18e5 Use diamond type 2017-12-21 15:09:00 -06:00
Aygiz Shaymardanov cfe40358bd typo in java doc 2017-12-21 14:18:41 -06:00
Johnny Lim 316fd0572f Remove @Nullable annotations in UserDetailsMapFactoryBean 2017-12-21 14:08:05 -06:00
Eddú Meléndez c16456623f Remove unused imports 2017-12-20 16:05:38 -06:00
Kazuki Shimizu 9f6af4f3b8 Remove address and phone from default scope for Google 
Fixes gh-4895
 2017-12-12 16:05:02 -05:00
Kazuki Shimizu bd5d0bc6fd Change default scope to 'read:user' for GitHub 
Fixes gh-4893
 2017-12-12 15:31:25 -05:00
Filip Hanik ab6df7d154 Format security ilters enums for readability 2017-11-28 14:06:55 -06:00
Joe Grandja 3f1b09c248 Update javadoc for HttpSecurity.oauth2Login() 
Fixes gh-4875
 2017-11-27 13:17:19 -05:00
Rob Winch 691bf2e11d PasswordEncoder Bean for AuthenticationManagerBuilder 
Issue: gh-4873
 2017-11-27 11:42:56 -06:00
Rob Winch 9afee9e4e2 PasswordEncoder as Bean default for XML 
Issue: gh-4873
 2017-11-27 11:42:56 -06:00
Rob Winch e377dcf81b Make SessionManagementConfigTests deterministic 
Fixes: gh-4871
 2017-11-27 11:42:56 -06:00
Rob Winch 5cf2883afc AuthenticationManagerBeanDefinitionParserTests uses SpringTestContext 
Issue: gh-4870
 2017-11-27 11:42:56 -06:00
Rob Winch 4d8f11a5a9 SpringTestContext improvements 
Fixes gh-4870
 2017-11-27 11:42:56 -06:00
Rob Winch d55db837e1 CsrfWebFilter places Mono<CsrfToken> 
Fixes: gh-4855
 2017-11-20 16:30:29 -06:00
Johnny Lim 701933c7f7 Fix copyright start years 
See gh-4655
See gh-4725
 2017-11-17 10:14:32 -06:00
Johnny Lim b6895e6359 Apply Checkstyle WhitespaceAfterCheck module 2017-11-16 11:18:31 -06:00
Rob Winch cf3cba8f5f Ensure Chrome Still SC_MOVED_TEMPORARILY 
Issue: gh-4831
 2017-11-16 10:33:51 -06:00
Rob Winch 3e7e80a836 Accept */* triggers 401 by Default 
Fixes gh-4831
 2017-11-16 09:58:29 -06:00
Joe Grandja dd33f0a7de ClientRegistration.redirectUri -> redirectUriTemplate 
Fixes gh-4827
 2017-11-15 14:51:35 -05:00
Joe Grandja e098c3707e Update default redirect-uri to use 'baseUrl' template variable 
Fixes gh-4826
 2017-11-15 14:51:35 -05:00
Rob Winch 0b1618d8b4 Fix RequestCache 
Issue: gh-4789
 2017-11-15 12:50:54 -06:00
Rob Winch a6733fae50 Polish 2017-11-15 12:50:54 -06:00
Rob Winch 942b51dba7 Reactive Basic does not create session by default 
Fixes: gh-4825
 2017-11-15 12:50:29 -06:00
Rob Winch 5f79fdd3eb requiresLogoutMatcher naming polish 
Issue: gh-4822
 2017-11-14 16:42:41 -06:00
Rob Winch 11f6e0477c serverLogoutSuccessHandler->logoutSuccessHandler 
Issue: gh-4822
 2017-11-14 16:42:36 -06:00
Rob Winch bf570854b8 serverLogoutHandler->logoutHandler 
Issue: gh-4822
 2017-11-14 16:42:33 -06:00
Rob Winch 2cbdb4ba02 serverCsrfTokenRepository->csrfTokenRepository 
Issue: gh-4822
 2017-11-14 16:42:27 -06:00
Rob Winch 3bfda6cff7 serverAccessDeniedHandler->accessDeniedHandler 
Issue: gh-4822
 2017-11-14 16:42:24 -06:00
Rob Winch 9e82fc0b83 serverAuthenticationEntryPoint->authenticationEntryPoint 
Issue: gh-4822
 2017-11-14 16:42:20 -06:00
Rob Winch 520e0a5a68 serverAuthenticationSuccessHandler->authenticationSuccessHandler 
Issue: gh-4822
 2017-11-14 16:42:14 -06:00
Rob Winch 5c83f92ddc serverAuthenticationFailureHandler->authenticationFailureHandler 
Issue: gh-4822
 2017-11-14 16:42:10 -06:00
Rob Winch 692233e431 ServerSecurityContextRepository members to securityContextRepository 
Issue: gh-4822
 2017-11-14 16:42:06 -06:00
Rob Winch 9956de8f29 LogoutBuilder->LogoutSpec 
Issue: gh-4822
 2017-11-14 16:41:58 -06:00
Rob Winch 7619556066 FormLoginBuilder->FormLoginSpec 
Issue: gh-4822
 2017-11-14 16:41:55 -06:00
Rob Winch 83d4abb1c6 RequestCacheBuilder->RequestCacheSpec 
Issue: gh-4822
 2017-11-14 16:41:51 -06:00
Rob Winch eb7edf7092 HttpBasicBuilder->HttpBasicSpec 
Issue: gh-4822
 2017-11-14 16:41:47 -06:00
Rob Winch 01154614d1 ExceptionHandlingBuilder->ExceptionHandlingSpec 
Issue: gh-4822
 2017-11-14 16:41:38 -06:00
Rob Winch 903cbd7c35 CsrfBuilder->CsrfSpec 
Issue: gh-4822
 2017-11-14 16:41:31 -06:00
Rob Winch fd4726afaf HeadersBuilder-HeadersSpec 
Issue: gh-4822
 2017-11-14 16:41:25 -06:00
Rob Winch 53ddbfc0ab AuthorizedExchangeBuilder->AuthorizedExchangeSpec 
Issue: gh-4822
 2017-11-14 16:41:08 -06:00
Johnny Lim d900f2a623 Remove unused imports 
This commit also adds UnusedImportsCheck Checkstyle module.
 2017-11-14 14:41:08 -06:00
Joe Grandja 872a8f3189 Change constructor param order in oauth2 client filters 
Fixes gh-4818
 2017-11-13 17:32:22 -05:00
Rob Winch 1b70efce2b Add ServerRequestCache 
Fixes: gh-4789
 2017-11-13 15:49:34 -06:00
Rob Winch 1ea66378f5 ServerHttpSecurity uses RedirectServerAuthenticationFailureHandler 
Issue: gh-4816
 2017-11-13 15:49:26 -06:00
Rob Winch 3c7fb977fe WebTestClientHtmlUnitDriverBuilder uses WebTestClient for localhost 
Fixes gh-4815
 2017-11-13 15:48:52 -06:00
Joe Grandja aa9e057ba8 Fix CNF exception if oauth2-jose dependency not included 
Fixes gh-4753
 2017-11-12 12:27:18 -05:00
Rob Winch f2ccc53549 Add UserDetailsMapFactoryBean 
Fixes gh-4804
 2017-11-09 14:01:43 -06:00
Johnny Lim 99df632f24 Add missing @Override annotations 
This commit also adds MissingOverrideCheck module to Checkstyle configuration.
 2017-11-08 13:27:24 -06:00
Rob Winch adec62cdf2 EnableWebFluxSecurity creates CsrfRequestDataValueProcessor 
Fixes gh-4762
 2017-11-07 22:25:48 -06:00
Rob Winch 7622826b69 WebSessionServerCsrfTokenRepository saves on getToken 
Fixes gh-4801
 2017-11-07 22:25:23 -06:00
Rob Winch 3f18881493 Remove additional attribute name from CsrfWebFilter 
Fixes gh-4799
 2017-11-07 22:24:42 -06:00
Rob Winch c7c84e0996 Fix CustomLoginPage test 
Fixes gh-4797
 2017-11-07 22:24:21 -06:00
Rob Winch 1506dcd413 SpringTestContext.getContext() 
Add accessor method for SpringTestContext.getContext()

Fixes gh-4796
 2017-11-07 22:24:15 -06:00
Rob Winch 21aec19d42 Add FormLoginBuilder.serverAuthenticationSuccessHandler 
Fixes: gh-4786
 2017-11-03 08:47:59 -05:00
Rob Winch 1d4c7da1e1 Fix WebTestClientWebConnection for redirects 2017-11-03 08:46:56 -05:00
Craig Walls 06c4bffc5f Use id field instead of name field for GitHub and Facebook providers. 
Fixes gh-4764
 2017-11-01 10:48:57 -04:00
Rob Winch d664ff2e26 Lookup HandlerMappingIntrospector from Bean 2017-10-30 16:27:50 -05:00
Joe Grandja ef9cd76607 Polish oauth2 
Fixes gh-4758
 2017-10-30 16:49:01 -04:00
Joe Grandja 511d702ee0 Remove JwtDecoderRegistry 
Fixes gh-4754
 2017-10-30 12:52:42 -04:00
Joe Grandja 727098d6c0 Fix NPE when configuring oauth2Login.loginPage 
Fixes gh-4752
 2017-10-30 06:26:07 -04:00
Rob Winch 5280ac40e9 WebMvcConfigurerAdapter->WebMvcConfigurer 
Fixes gh-4612
 2017-10-30 01:30:08 -05:00
Kazuki Shimizu 3d5989dea4 Change a default realm name 
Change a default realm name of Basic Authentication for XML namespace to 'Realm'.

Fixes gh-4220
 2017-10-30 00:59:39 -05:00
Rob Winch 4295461830 ServerHttpSecurity extracts WebFilter from OrderedWebFilter 
Fixes gh-4736
 2017-10-30 00:45:26 -05:00
Antoine e0aca04a28 Polish AssertJ assertions 
Polish AssertJ assertions
 2017-10-29 22:22:34 -05:00
Eddú Meléndez 70165869b1 Add UnboundId LDAP inmemory support 
This commit adds the capability to run a LDAP inmemory different than
apacheds. Both providers `apacheds` and `unboundid` are supported.
 2017-10-29 21:59:55 -05:00
Joe Grandja 9a4513356d Configure default OAuth2AuthorizedClientService 
Fixes gh-4751
 2017-10-29 22:45:57 -04:00
Rob Winch 4fa9b4dd15 Add ServerHttpSecurity.exceptionHandling() 
Fixes gh-4750
 2017-10-29 21:00:10 -05:00
Joe Grandja 5fa822d114 Expose custom config for OidcUserService 
Fixes gh-4715
 2017-10-29 21:33:51 -04:00
Joe Grandja a261c9a047 Polish OAuth2LoginConfigurer 
Fixes gh-4747
 2017-10-29 21:33:51 -04:00
Rob Winch a3e38fec47 Remove AuthorizationRequestUriBuilder 
Make this API private since we don't have concrete use cases for exposing
it yet.

Fixes gh-4742
 2017-10-29 19:50:02 -05:00
Joe Grandja c3d2effc1d Polish OAuth2AuthorizedClientService 
Fixes gh-4746
 2017-10-29 20:25:03 -04:00
Joe Grandja e4887057bc Rename AuthorizationGrantTokenExchanger -> OAuth2AccessTokenResponseClient 
Fixes gh-4741
 2017-10-29 17:49:15 -04:00
Rob Winch e2dd037b4a Default WebFlux headers and Logout 2017-10-29 15:06:06 -05:00
Joe Grandja 6fbd435bdf OAuth2LoginAuthenticationFilter requires collaborators 
Fixes gh-4661
 2017-10-29 04:41:23 -04:00
Joe Grandja 5a7466512e Expose default constructor in AbstractAuthenticationFilterConfigurer 
Fixes gh-4737
 2017-10-29 04:41:23 -04:00
Rob Winch 5a5ec58ca4 Add LogoutPageGeneratingWebFilter 
Fixes gh-4735
 2017-10-29 00:12:23 -05:00
Rob Winch 0734d70d02 Logout requires POST 
Issue: gh-4734
 2017-10-29 00:11:59 -05:00
Rob Winch 8da2c7f657 Add WebFlux CSRF Protection 
Fixes gh-4734
 2017-10-28 22:59:24 -05:00
Rob Winch f040bd054d Javadoc @EnableWebFluxSecurity 2017-10-28 22:59:24 -05:00
Rob Winch b394ae5d5e Polish 
Restructure WebFluxSecurityConfiguration for easier copy paste of
default ServerHttpSecurity Bean
 2017-10-28 22:59:24 -05:00
Rob Winch 77acb34bcd Add spring-security-test to spring-security-config test dependencies 2017-10-28 22:58:55 -05:00
Joe Grandja b471dd1c54 Remove OAuth2TokenRepository 
Fixes gh-4727
 2017-10-28 21:40:33 -04:00
Joe Grandja 83dc902ff7 Map CustomUserTypesOAuth2UserService using clientRegistrationId 
Fixes gh-4692
 2017-10-28 18:11:39 -04:00
Joe Grandja ddf87b54f7 Polish OAuth2LoginConfigurer 
Fixes gh-4731
 2017-10-28 17:48:45 -04:00
Joe Grandja 0c68eb1821 Re-factor OAuth2AuthorizationCodeAuthenticationToken 
Fixes gh-4730
 2017-10-28 17:15:31 -04:00
Joe Grandja 64d8c8b8a9 Re-factor AuthorizationGrantTokenExchanger 
Fixes gh-4728
 2017-10-28 17:12:14 -04:00
Joe Grandja 16e69d06b4 Add OAuth2AuthorizedClientService 
Fixes gh-4726
 2017-10-28 17:12:14 -04:00
Joe Grandja 67bac28481 OAuth2UserService uses OAuth2UserRequest 
Fixes gh-4724
 2017-10-27 22:34:25 -04:00
Joe Grandja 3d319f7592 Make AuthorizationRequestRepository a Generic 
Fixes gh-4723
 2017-10-27 21:31:45 -04:00
Joe Grandja 9afefef3b9 Polish class names in oauth2-client 
Fixes gh-4722
 2017-10-27 21:00:52 -04:00
Joe Grandja 34668e05af Polish class names in oauth2-core 
Fixes gh-4720
 2017-10-27 20:42:58 -04:00
Rob Winch 2060125ebd ServerWebExchangeAttributeServerSecurityContextRepository->NoOpNoOpServerSecurityContextRepository 
Issue: gh-4719
 2017-10-27 18:17:52 -05:00
Rob Winch 3281cea46a Default use WebSessionServerSecurityContextRepository 
Issue: gh-4719
 2017-10-27 18:17:47 -05:00
Rob Winch faa0bd7143 Update WebFilter ordering 
Issue: gh-4719
 2017-10-27 18:17:44 -05:00
Rob Winch 9c31041dce EnableWebFluxSecurityTests fixes 
Issue: gh-4719
 2017-10-27 18:17:25 -05:00
Rob Winch 437ba56415 ReactorContextWebFilter & SecurityContextServerWebExchangeWebFilter 
Issue: gh-4719
 2017-10-27 18:17:10 -05:00
Joe Grandja 8527daa22a Make OAuth2UserService Generic using OAuth2AuthorizedClient and OAuth2User types 
Fixes gh-4706
 2017-10-27 11:49:29 -04:00
Joe Grandja 3b80b6ded8 Move AuthorizationRequestUriBuilder to oauth2-client 
Fixes gh-4703
 2017-10-26 21:23:06 -04:00
Rob Winch 747473257f Use ReactorSecurityContextHolder 
Issue gh-4713
 2017-10-26 20:11:42 -05:00
Rob Winch e23134c3ed Add LogoutBuilder ServerLogoutSuccessHandler 
Fixes gh-4714
 2017-10-26 20:11:42 -05:00
Joe Grandja ef197d8215 Move JwtDecoderRegistry to oauth2.client.jwt package 
Fixes gh-4705
 2017-10-26 21:06:28 -04:00
Joe Grandja 70543dcb30 Move oidc package in oauth2-core and oauth2-client 
Fixes gh-4710
 2017-10-26 21:06:28 -04:00
Rob Winch 86875e117b Prevent ServerHttpSecurity from being built twice 
Issue: gh-4711
 2017-10-26 19:48:38 -05:00
Rob Winch 36501f4530 Remove ServerHttpSecurity duplicate build 
WebFluxSecurityConfiguration invoked build twice
which caused each WebFilter to be added twice

Fixes gh-4711
 2017-10-26 19:48:32 -05:00
Joe Grandja ef83bc8dd7 Move package client.authentication.userinfo -> client.userinfo 
Fixes gh-4708
 2017-10-26 15:39:04 -04:00
Joe Grandja 027ea78dab Revert "Move OAuth2LoginAuthenticationProvider into userinfo package" 
This reverts commit 54547f35b7.
 2017-10-26 14:55:25 -04:00
Joe Grandja 942b647c0d OAuth2LoginAuthenticationFilter processes uri /login/oauth2/code/* 
Issue gh-4687
 2017-10-26 14:20:19 -04:00
Rob Winch 54547f35b7 Move OAuth2LoginAuthenticationProvider into userinfo package 
Fix package tangles. OAuth2LoginAuthenticationProvider requires
OAuth2UserService which is in a child package. We should move
OAuth2LoginAuthenticationProvider to the same package.

Issue: gh-4614
 2017-10-26 11:22:21 -05:00
Johnny Lim 875aae012b Polish 2017-10-26 07:50:32 -05:00
Joe Grandja d0a4e49870 Map custom OAuth2User types using String 
Fixes gh-4691
 2017-10-25 17:13:44 -04:00
Joe Grandja 9fbea5a11e Refactor SecurityTokenRepository 
Fixes gh-4650
 2017-10-25 16:00:34 -04:00
Rob Winch 44b41e78cd Flux member variables in favor of Collections 
Fix gh-4694
 2017-10-25 07:41:37 -05:00
Rob Winch 3b85512e48 Polish 
Issue gh-4694
 2017-10-25 07:41:29 -05:00
Joe Grandja 4dbbcabacf Rename AuthorizationCodeAuthenticationProvider -> OAuth2LoginAuthenticationProvider 
Fixes gh-4690
 2017-10-24 15:24:26 -04:00
Joe Grandja 049080290e Refactor OAuth2 AuthenticationProvider's 
Fixes gh-4689
 2017-10-24 15:24:26 -04:00
Joe Grandja 0fb32a052e OAuth2LoginAuthenticationFilter processes uri /login/oauth2/* 
Fixes gh-4687
 2017-10-24 15:24:26 -04:00
Joe Grandja 4ae24f2fbe Rename AuthorizationCodeAuthenticationFilter -> OAuth2LoginAuthenticationFilter 
Fixes gh-4686
 2017-10-24 15:24:25 -04:00
Joe Grandja 09a94a4ef4 Merge AuthorizationCodeGrantConfigurer -> OAuth2LoginConfigurer 
Fixes gh-4684
 2017-10-24 15:24:25 -04:00
Rob Winch 8291f20796 DaoAuthenticationProvider uses DelegatingPasswordEncoder 
This means that passwords will be encoded with BCrypt by default

Fixes: gh-2775
 2017-10-24 07:56:28 -05:00
Rob Winch d19b222b55 UserDetailsRepositoryReactiveAuthenticationManager uses DelegatingPasswordEncoder 
This means passwords will be encoded with BCrypt by default

Issue: gh-2775
 2017-10-24 07:56:28 -05:00
Rob Winch cdc992b132 Remove SaltSource 
Fixes gh-4681
 2017-10-24 07:56:28 -05:00
Rob Winch 4529e09339 Remove PasswordEncoder from core 
Issue: gh-4674
 2017-10-24 07:56:28 -05:00
Rob Winch 3a4a32e654 Remove LdapShaPasswordEncoder from core 
Issue: gh-4674
 2017-10-24 07:56:20 -05:00
Rob Winch 6a3e981c80 Remove BaseDigestPasswordEncoder from core 
Issue: gh-4674
 2017-10-24 07:55:40 -05:00
Rob Winch a8aa65b828 Remove Md4PasswordEncoder from core 
Issue: gh-4674
 2017-10-24 07:55:32 -05:00
Rob Winch 12dbf2e961 Remove PlainTextPasswordEncoder from core 
Issue: gh-4674
 2017-10-23 22:27:16 -05:00
Rob Winch 40fd8d7aa7 Remove ShaPasswordEncoder from core 
Issue: gh-4674
 2017-10-23 22:27:16 -05:00
Rob Winch e98fc3556e Remove Md5PasswordEncoder from core 
Issue: gh-4674
 2017-10-23 22:27:16 -05:00
Rob Winch 7c95c88601 Add User/UserBuilder in UserDetailsManagerConfigurer 
Fixes gh-4679
 2017-10-23 22:27:16 -05:00
Rob Winch c5d4041ca8 Add 5.0.xsd 
Fixes gh-4675
 2017-10-23 22:27:16 -05:00
Joe Grandja 6d7d34c549 Move AuthorizationRequestUriBuilder and DefaultAuthorizationRequestUriBuilder 
Fixes gh-4658
 2017-10-23 10:19:31 -04:00
Joe Grandja f0c9f85292 spring-security-jwt-jose -> spring-security-oauth2-jose 
Fixes gh-4595
 2017-10-23 09:04:01 -04:00
Joe Grandja 8e3a2a7123 Remove AuthorizationCodeAuthenticationFilter.AuthorizationResponseMatcher 
Fixes gh-4654
 2017-10-20 06:09:31 -04:00
Joe Grandja eb82a79068 OAuth2 login url starts with /login/ 
Fixes gh-4659
 2017-10-19 17:32:21 -04:00
Joe Grandja d4dac21ca5 Make ClientRegistration.Builder constructor private 
Fixes gh-4656
 2017-10-19 14:15:59 -04:00
Joe Grandja 1f5edc98d5 ClientRegistration.Builder.scopes -> scope 
Fixes gh-4663
 2017-10-19 11:24:01 -04:00
Joe Grandja 1e891b38ab Rename scope -> scopes for Set types 
Fixes gh-4644
 2017-10-18 17:56:39 -04:00
Rob Winch b81c1ce2c0 Move spring-security-webflux into spring-security-web 
Fixes gh-4662
 2017-10-18 16:20:09 -05:00
Rob Winch d231441cc0 EnableWebFluxSecurityTests uses SpringTestRule 
This will hopefully resolve the periodic failures in
EnableWebFluxSecurityTests
 2017-10-18 15:14:43 -05:00
Rob Winch 9d46af3d7c Introduce SpringTestContext 
This adds support for testing different configurations per method.
 2017-10-18 15:14:43 -05:00
Joe Grandja 7b8d131386 Fix package tangles -> OAuth2/Oidc AuthenticationProvider's 
Fixes gh-4614
 2017-10-16 20:56:32 -04:00
Johnny Lim 25052214ae Polish 2017-10-16 18:33:27 -05:00
Rob Winch a74f7c6faa Fix CSRF / DefaultLoginPageGeneratingFilter package tangle 
Issue: gh-4636
 2017-10-16 16:36:49 -05:00