7945 Commits

Author SHA1 Message Date
Lars Grefer
7dc28ff376 Use contains() instead of indexOf() != -1 2019-07-09 06:07:42 -06:00
Joe Grandja
e554547593 Revert Map constructor for InMemoryReactiveClientRegistrationRepository
This commit reverts f6414e9a52f6a66dc8d21c0455c0b9ead7edc520 and
partial revert of e1b095df3260c45c53408ef0a3360a7aa7c5073b.
NOTE: InMemoryReactiveClientRegistrationRepository should not expose a
Map constructor as it would allow the caller to pass in a 'distributed' (remote) Map,
which would result in a blocking I/O operation.
2019-07-08 15:32:52 -04:00
Joe Grandja
23d61d43e5 Polish 2019-07-08 14:50:38 -04:00
Vedran Pavic
9432670f1d Allow InMemoryOAuth2AuthorizedClientService to be constructed with a Map
Fixes gh-5994
2019-07-08 12:46:26 -04:00
Eleftheria Stein
d66d895e60 Migrate ServletApiConfigurerTests groovy->java
Issue: gh-4939
2019-07-04 12:14:49 -04:00
Bruno Studer
8016a193b9
Optimize IpAddressMatcher
Get rid of byte array allocation in matcher and small optimizations
2019-07-03 23:27:12 -06:00
Édouard Hue
3c1472501f Fixed validation in ClientRegistration.Builder
ClientRegistration.Builder defaulted to validating as an
authorization_code registration, though a custom grant type could be in
use. The actual grant_type is now verified for every case.
 - Fixed validation in ClientRegistration.Builder
 - New test that fails unless the issue is fixed.

Also made OAuth2AuthorizationGrantRequestEntityUtils public to help
implementing custom token response clients.

Fixes gh-7040
2019-07-03 16:07:19 -05:00
Rob Winch
e1f155ba89 Polish SCrypt Upgrade Support
* Break up tests
* Rename test methods to follow conventions
* Fix checkstyle

Issue gh-7057
2019-07-03 15:50:51 -05:00
Lars Grefer
e95effc839 Allow upgrading between different SCrypt encodings
Fixes gh-7057
2019-07-03 15:48:42 -05:00
Rob Winch
742df2cd1d Polish BCrypt upgrade
Issue gh-7042
2019-07-03 14:08:21 -05:00
Lars Grefer
d3d6a8743e Allow upgrading between different BCrypt encodings
Fixes gh-7042
2019-07-03 14:08:04 -05:00
Lars Grefer
4b0fb19fff Use MessageDigest.isEqual() where possible
fixes 
2019-07-03 05:40:20 -06:00
Clement Ng
cd54808718 Update Opaque Token Sample and tests
Issue: gh-6498
2019-07-02 07:45:56 -06:00
Clement Ng
491da9db03 Added OAuth2TokenAttributes to wrap attributes
To simplify access to OAuth 2.0 token attributes

Fixes gh-6498
2019-07-02 07:45:56 -06:00
Josh Cummings
ee8182dceb
NamespaceSessionManagementTests groovy->java
Issue: gh-4939
2019-07-02 07:34:36 -06:00
Josh Cummings
329999b54a
Update to nimbus-jose-jwt:7.3
Fixes: gh-7061
2019-07-01 07:22:13 -06:00
Thomas Vitale
f9747e6591 BearerTokenAuthenticationFilter exposes AuthenticationFailureHandler
Make BearerTokenAuthenticationFilter expose an AuthenticationFailureHandler which, by default, invokes the AuthenticationEntryPoint set in the filter.

Fixes gh-7009
2019-07-01 05:24:29 -06:00
Josh Cummings
ce79ef2634 Single-key Key Selector
Fixes: gh-7049
Fixes: gh-7056
2019-06-28 15:12:00 -06:00
Behrang
3b5a4189ef Minor fix
These four items, not three items, constitute the auth process:

. A user is prompted to log in with a username and password.
. The system (successfully) verifies that the password is correct for the username.
. The context information for that user is obtained (their list of roles and so on).
. A security context is established for the user
2019-06-28 11:41:55 -05:00
Tadaya Tsuyukubo
7782e29a58 Allow custom ReactiveAuthenticationManager for basic and form auth
Prior to this change, "HttpBasicSpec#authenticationManager" and
"FormLoginSpec#authenticationManager" were always overridden by
"ServerHttpSecurity#authenticationManager".

This commit makes sure override only happens when custom authentication
manager was not specified.

Fixes: gh-5660
2019-06-28 11:04:21 -05:00
Lars Grefer
400e0c83b0 Add missing nullability annotation 2019-06-27 14:54:14 -05:00
Eleftheria Stein
39ba1006ba Migrate FormLoginConfigurerSpec groovy->java
Issue: gh-4939
2019-06-27 11:53:32 -04:00
Josh Cummings
f5da63118e Add MultiTenantAuthenticationManagerResolver
A class with a number of handy request-based implementations of
AuthenticationManagerResolver targeted at common multi-tenancy
scenarios.

Fixes: gh-6976
2019-06-25 17:21:38 -06:00
Josh Cummings
ecb13aa8cc
Resource Server JWE Sample
Issue: gh-4435
2019-06-25 16:54:15 -06:00
Josh Cummings
37d108ccc2
Remove SignedJWT Check
JWTProcessor already does sufficient checking to confirm that the JWT
is of the appropriate type.

Fixes: gh-7034
2019-06-25 16:49:29 -06:00
Léon van der Kaap
d2248d185b
Add extra salt length check for BCrypt
If the salt length is 28 characters and the
version is 2{a,x,y}, an IndexOutOfBoundsException
is thrown. This commit adds an extra check that
the salt length should be at least 29 characters long
if the version is not equal to "2".

Fixes: gh-6907
2019-06-24 14:11:30 -06:00
Josh Cummings
10a7af2d53
Add file extension to wait-for-done 2019-06-24 14:10:50 -06:00
Rob Winch
6f5a443175 ServerBearerTokenAuthenticationConverter Handles Empty Tokens
Previously ServerBearerTokenAuthenticationConverter would throw an
IllegalArgumentException when the access token in a URI was empty String.
It also incorrectly provided HttpStatus.BAD_REQUEST for an empty String
access token in the headers.

This changes ServerBearerTokenAuthenticationConverter to consistently
throw a OAuth2AuthenticationException with an HttpStatus.UNAUTHORIZED

Fixes gh-7011
2019-06-24 13:57:29 -06:00
Eleftheria Stein
3c240d0ce3 Migrate DefaultLoginPageConfigurerTests groovy->java
Issue: gh-4939
2019-06-24 10:38:20 -04:00
Eleftheria Stein
12da990b6b Allow configuration of HTTP basic through nested builder
Issue: gh-5557
Fixes: gh-6885
2019-06-20 13:58:13 -05:00
Joe Grandja
3f2108921e Allow configurable accessible scopes for UserInfo resource
Fixes gh-6886
2019-06-20 10:32:58 -04:00
Joe Grandja
6e76df8f1d Revert OAuth2AuthorizationCodeGrantWebFilter works with /{action}/
Issue 
Commit 385bdfc055854581e9e9f671d11f86a978c27c42

NOTE: This commit 'partially' reverts . Only the ServerWebExchangeMatcher for OAuth2LoginSpec is reverted.

Fixes gh-6890
2019-06-19 16:06:38 -04:00
Joe Grandja
06943d2d39 Revert OAuth2LoginAuthenticationFilter should ignore authenticated requests
Issue 
Commit 93ca45540556c4e8ade7f8948883f94fb0851ebb

Fixes gh-6890
2019-06-19 16:06:38 -04:00
Josh Cummings
e8b7d6b03a
Release Scripts
Added a script for polling Maven Central to notify when release is
uploaded.
2019-06-19 13:34:47 -06:00
Thomas Vitale
417ad40d10 Add generic getClaim() method in ClaimAccessor
Fixes gh-6947
2019-06-19 13:45:59 -04:00
Rob Winch
59dcc36dd1
Use https link to Stack Overflow 2019-06-19 12:44:43 -05:00
Rob Winch
df14e18299
Add links to Stack Overflow Reply Template 2019-06-19 11:27:57 -05:00
Rob Winch
9f52e9b5ce
Update to align with Spring Boot's Stack Overflow 2019-06-19 11:27:10 -05:00
Rob Winch
57cb52ce64
Add Stackoverflow to Contributor Guidelines 2019-06-19 11:23:11 -05:00
Bagyoni Attila
878d262a26 Reimplement some hashCodes according to the currently recommended pattern.
These hashCode implementations seemed suspicious (field hashCodes XORed together with 31).
Included caseSensitive in AntPathRequestMatcher.hashCode() to be consistent with equals().
2019-06-18 12:44:57 -06:00
Daniel Meier
f44eb0b7be Update Mockito-Core to version 2.27.0
Update Mockito-Core to version 2.27.0 and Byte Buddy to version 1.9.10.

Closes 
2019-06-18 08:00:01 -06:00
Dennis Devriendt
b7ea7083c9 OAuth2LoginAuthenticationFilter sets AuthenticationDetails
Fixes gh-6866
2019-06-17 15:44:41 -05:00
sandmannn
23a7c3010c Added jwt injection for reactive test mocks
Added new implementation of jwt() method that
makes it possible to directly provide a previously
prepared JWT token to WebTestClient mutator.

Fixes: spring-projectsgh-6896
2019-06-15 10:01:57 -06:00
Eleftheria Stein
c0f64aa2d2 Next Development Version 2019-06-14 16:14:19 -04:00
Eleftheria Stein
77235e1f1d Release 5.2.0.M3 5.2.0.M3 2019-06-14 14:57:10 -04:00
Eleftheria Stein
a01ef4d215 Update to Spring Data Moore-RC1
Fixes gh-7008
2019-06-14 11:40:45 -04:00
Eleftheria Stein
609228de5f Jenkins build performs git clean
Fixes gh-7006
2019-06-14 07:43:22 -06:00
Eleftheria Stein
b00345575b Revert "Update to org.aspectj 1.9.4"
This reverts commit 0c41ed0948b1367c7cb1991469792a1928b848bf.

Fixes gh-7001
2019-06-13 16:45:17 -04:00
Eleftheria Stein
32d964334e Revert "Release 5.2.0.M3"
This reverts commit 0e1bd178d2f789f1db0f316675432e06ec430dbb.
2019-06-13 16:03:47 -04:00
Eleftheria Stein
0e1bd178d2 Release 5.2.0.M3 2019-06-13 15:48:13 -04:00