Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-02-24 16:05:15 +00:00
Code Issues Packages Projects Releases Wiki Activity
6,213 Commits 34 Branches 337 Tags
Commit Graph

57 Commits

Author SHA1 Message Date
Joe Grandja
5811624bbe Polish endpoint package 
* Remove ErrorResponseAttributes
* Rename AuthorizationRequestAttributes -> AuthorizationRequest
* Remove AuthorizationCodeTokenRequestAttributes
* Rename TokenResponseAttributes -> TokenResponse

Issue gh-4593
 2017-10-06 18:51:24 -04:00
Joe Grandja
ce142e50b6 Rename AuthorizationCodeAuthorizationResponseAttributes -> AuthorizationResponse 
Fixes gh-4593
 2017-10-06 18:51:24 -04:00
Joe Grandja
eca2b67137 ClientRegistration supports 'baseUrl' uri variable 
Fixes gh-4589
 2017-10-05 20:35:51 -04:00
Joe Grandja
dec0bce100 Remove authorities -> AuthorizationGrantAuthenticationToken constructor 
Fixes gh-4602
 2017-10-05 20:22:50 -04:00
Joe Grandja
1b7e761be4 Remove SecurityTokenRepository from AuthorizationCodeAuthenticationProvider constructor 
Fixes gh-4591
 2017-10-05 17:05:56 -04:00
Joe Grandja
eb320bfed4 AuthorizationCodeAuthenticationProcessingFilter -> AuthorizationCodeAuthenticationFilter 2017-10-05 16:40:12 -04:00
Joe Grandja
5c14e48b18 Add OAuth2UserAuthenticationProvider 
Moved logic from AuthorizationCodeAuthenticationProvider
to OAuth2UserAuthenticationProvider (new) related to
loading user attributes via OAuth2UserService.

This re-factor is part of the work required for Issue gh-4513
 2017-10-05 15:15:35 -04:00
Joe Grandja
f8a9077d5a Generalize AuthorizationCodeAuthenticationProvider 
The AuthorizationCodeAuthenticationProvider implements part of the
Authorization Code Grant flow as defined in
OAuth 2.0 Authorization Framework and OpenID Connect Core 1.0.
The implementation needs to be de-coupled to allow for better re-use and readability.
This commit introduces the AuthorizationGrantAuthenticator and extracts logic from
AuthorizationCodeAuthenticationProvider and provides different implementations
for OAuth 2.0 and OpenID Connect 1.0.

This re-factor is part of the work required for Issue gh-4513
 2017-10-05 05:02:22 -04:00
Joe Grandja
0d516ca32c Rename scopes -> scope 2017-10-02 15:50:16 -04:00
Joe Grandja
fb57111ecd redirect-uri property supports 'baseRedirectUrl' uri variable 
Fixes gh-4589
 2017-10-02 15:29:03 -04:00
Joe Grandja
66647070ab Default login page supports Iterable<ClientRegistration> 
Fixes gh-4596
 2017-09-29 19:54:17 -04:00
Joe Grandja
ad91adf9dc Retrieving the UserInfo is conditional 
Fixes gh-4451
 2017-09-29 10:51:16 -04:00
Rob Winch
646b3e48b3 Avoid Exception Message in HTTP Response 
Fixes gh-4587
 2017-09-28 17:24:49 -05:00
Joe Grandja
b9258aa6ee Make AuthorizationRequestUriBuilder optional 
Fixes gh-4577
 2017-09-28 16:43:11 -04:00
Joe Grandja
bfb77a7804 Remove unnecessary dependencies 2017-09-28 15:42:12 -04:00
Joe Grandja
9a8ddebc94 Use param matching for Authorization Response 
Fixes gh-4576
 2017-09-28 10:21:01 -04:00
Joe Grandja
d191bcc8ac Remove ClientRegistrationRepository.findByClientId() 
Fixes gh-4583
 2017-09-28 09:01:58 -04:00
Joe Grandja
52f495a5ec Remove ProviderJwtDecoderRegistry 
Fixes gh-4581
 2017-09-28 08:51:43 -04:00
Joe Grandja
8448a54678 Remove ClientRegistrationRepository.getRegistrations() 
Fixes gh-4582
 2017-09-28 07:02:59 -04:00
Joe Grandja
3217582805 Introduce JwtDecoderRegistry 
Fixes gh-4584
 2017-09-28 06:07:47 -04:00
Joe Grandja
b463f8e6b5 Remove httpSecurity.oauth2Login().userInfoEndpoint().userNameAttributeName() 
Related gh-4580
 2017-09-27 15:39:39 -04:00
Joe Grandja
814742fef6 Rename ClientRegistration.clientAlias -> registrationId 
Fixes gh-4575
 2017-09-27 09:14:55 -04:00
Joe Grandja
38be35677d Add userNameAttributeName to ClientRegistration 
Fixes gh-4580
 2017-09-26 21:55:19 -04:00
Joe Grandja
7fb3093617 Fix NPE InMemoryClientRegistrationRepository 2017-09-26 14:08:01 -04:00
Joe Grandja
0e9b2807bf Split up NimbusOAuth2UserService 
Fixes gh-4447
 2017-09-26 11:32:49 -04:00
Joe Grandja
680984c242 SecurityTokenRepository associates SecurityToken to ClientRegistration 
Fixes gh-4563
 2017-09-22 09:51:00 -04:00
Joe Grandja
7fb386669f InMemoryClientRegistrationRepository -> enforce unique ClientRegistration's 
Fixes gh-4562
 2017-09-21 15:47:26 -04:00
Joe Grandja
9b61eba41d Add identifier strategy for ClientRegistration 
Fixes gh-4561
 2017-09-21 10:19:28 -04:00
Joe Grandja
991a154703 Add OIDC Client and User Authentication 
Fixes gh-4521
 2017-09-19 20:57:56 -04:00
Joe Grandja
c54c622124 Re-structure OAuth2AuthenticationToken 
Fixes gh-4553
 2017-09-19 16:35:43 -04:00
Rob Winch
e345dd106c Remove leading whitespaces 2017-09-18 11:52:31 -05:00
Joe Grandja
65b968f04a Move servlet-specific classes to 'web' package 
Fixes gh-4366
 2017-09-13 16:13:32 -04:00
Joe Grandja
4ff0b52f74 Remove HttpClientConfig 
Issue gh-4478
 2017-09-12 21:03:40 -04:00
Joe Grandja
306f81b7f7 Minor renames to oauth2 client properties 
Fixes gh-4296
 2017-08-30 11:51:06 -04:00
Joe Grandja
4951550d7d Add context path to authorization request URI 
Fixes gh-4510
 2017-08-26 18:55:23 -04:00
Joe Grandja
bc6be86aec Add in-memory AccessTokenRepository 
Fixes gh-4508
 2017-08-23 17:18:35 -04:00
Joe Grandja
d6ba348a59 Add SecurityTokenRepository abstraction 
Fixes gh-4405
 2017-08-23 17:18:19 -04:00
Joe Grandja
93c2b2533e Allow configuring request paths for oauth2 filters 
Fixes gh-4473
 2017-08-23 17:17:01 -04:00
Rob Winch
e16b8e7976 Fix logback-test.xml 2017-08-17 16:42:01 -05:00
Luander Ribeiro
65734414f7 Added HttpServletResponse to AuthorizationRequestRepository 
This change enables AuthorizationRequestRepository to possibly save the AuthorizationRequestAttributes to a cookie.

Fixes gh-4446
 2017-08-15 09:45:52 -04:00
Joe Grandja
ef1de5eda0 Remove Accept header for UserInfo request 
Fixes gh-4481
 2017-08-15 04:54:38 -04:00
Joe Grandja
c872499eee Enable custom configuration for HTTP client 
Fixes gh-4477
 2017-07-28 16:43:44 -04:00
Joe Grandja
3b42323b6d AuthorizationCodeRequestRedirectFilter -> always expand redirectUri 
Fixes gh-4444
 2017-07-28 09:31:38 -04:00
Joe Grandja
f50812c385 Renamed methods in AuthorizationCodeRequestRedirectFilter 
Fixes gh-4443
 2017-07-14 17:09:49 -04:00
Joe Grandja
598a08e2d8 Update docs AuthorizationCodeAuthenticationProvider 
Fixes gh-4450
 2017-07-14 16:58:36 -04:00
Joe Grandja
9cfb890207 Use id_token for user authentication 
Fixes gh-4410
 2017-07-07 12:44:26 -04:00
Joe Grandja
6c0ecea494 Use java.util.Function instead of Converter 
Fixes gh-4323
 2017-06-01 17:25:39 -04:00
Joe Grandja
545339c663 Change AuthorizationGrantType from enum to class 
Fixes gh-4291
 2017-05-30 16:22:53 -04:00
Joe Grandja
4476df93e9 Change ResponseType from enum to class 
Fixes gh-4292
 2017-05-30 16:11:57 -04:00
Joe Grandja
336e247e70 Change AccessToken.TokenType from enum to class 
Fixes gh-4293
 2017-05-30 15:50:58 -04:00