Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-02-25 00:46:42 +00:00
Code Issues Packages Projects Releases Wiki Activity
12,899 Commits 34 Branches 337 Tags
Commit Graph

1083 Commits

Author SHA1 Message Date
Joe Grandja
526e0fdd4f Add OAuth2 Client HandlerMethodArgumentResolver 
Fixes gh-4651
 2018-04-02 12:13:52 -04:00
Joe Grandja
982fc360b2 Add support for authorization_code grant 
Fixes gh-4928
 2018-04-02 12:13:06 -04:00
Joe Grandja
ce2f669245 Remove state assertion when loading OAuth2AuthorizationRequest 
Fixes gh-5163
 2018-03-27 20:06:30 -04:00
Christoph Dreis
d07cfe655d Use Supplier variants of Assert methods 2018-03-27 10:58:55 -05:00
Joe Grandja
bb15213091 Ensure consistency by using Collection<GrantedAuthority> type 
Fixes gh-5143
 2018-03-21 10:35:18 -04:00
Joe Grandja
90f9d728cd Allow extension for OAuth2Error 
Fixes gh-5148
 2018-03-21 10:04:57 -04:00
Rob Winch
bf41d48718 HttpSessionOAuth2AuthorizationRequestRepository support distributed HttpSession 
Previously HttpSessionOAuth2AuthorizationRequestRepository
getAuthorizationRequest attempted to update the state of HttpSession as
well as getting the Map of OAuth2AuthorizationRequest. This had a few
problems

- First it was confusing that a get method updated state
- It worked when the session was in memory, but would not work when the
  HttpSesson was persisted to an external store (i.e. Spring Session) since
  after updating the Map, there was no invocation to update

This commit cleans up the logic and ensures that the values are explicitly
set in the HttpSession so it works with a session persisted in an external
store.

Fixes: gh-5146
 2018-03-20 22:14:48 -05:00
Rob Winch
04e2e86e6e Polish HttpSessionOAuth2AuthorizationRequestRepositoryTests 
Fixes: gh-5147
 2018-03-20 22:14:48 -05:00
Joe Grandja
59cef7d339 HttpSessionOAuth2AuthorizationRequestRepository handle multiple OAuth2AuthorizationRequest per session 
Fixes gh-5110
 2018-03-20 22:14:48 -05:00
Joe Grandja
a5bd76b6ed Revert authorization_code grant support 
This reverts commit eae7afd9aa963581ea638a4385d49b6571fc5e74.
 2018-03-06 16:16:45 -05:00
Joe Grandja
eae7afd9aa Add support for authorization_code grant 
Fixes gh-4928
 2018-03-02 14:30:49 -05:00
Joe Grandja
7eb58ee7d9 DefaultOAuth2UserService -> assert UserInfo Uri is set 
Fixes gh-4992
 2018-02-02 13:01:18 -05:00
Joe Grandja
6b24aaf6f5 Add javadoc for spring-security-oauth2-jose 
Fixes gh-4885
 2018-01-23 21:27:47 -05:00
Joe Grandja
fe2ac00deb Add javadoc for spring-security-oauth2-client 
Fixes gh-4884
 2018-01-23 17:07:21 -05:00
Joe Grandja
e6cac604f3 Add javadoc for spring-security-oauth2-core 
Fixes gh-4883
 2018-01-18 16:00:26 -05:00
Joe Grandja
1d32fffc1d Make OAuth2Error Serializable 
Fixes gh-4944
 2018-01-10 10:40:54 -05:00
Johnny Lim
57353d18e5 Use diamond type 2017-12-21 15:09:00 -06:00
Eddú Meléndez
c16456623f Remove unused imports 2017-12-20 16:05:38 -06:00
Joe Grandja
268a1dc06e DefaultOAuth2User is Serializable 
Fixes gh-4917
 2017-12-19 09:07:17 -05:00
Rob Winch
ae664c33b1 Polish 
Fix compile warnings in ClientRegistrationTests
 2017-11-27 12:12:59 -06:00
Johnny Lim
edccafca84 Create OAuth2AuthorizationResponse lazily 
This commit creates `OAuth2AuthorizationResponse` as lazily as possible to prevent the creation when `authorizationRequest` is `null`.

Fixes gh-4848
 2017-11-20 11:01:34 -05:00
Joe Grandja
c04b3b4114 Exclude well-known ports in expanded redirect-uri 
Fixes gh-4836
 2017-11-18 10:41:27 -05:00
Johnny Lim
b6895e6359 Apply Checkstyle WhitespaceAfterCheck module 2017-11-16 11:18:31 -06:00
Joe Grandja
dd33f0a7de ClientRegistration.redirectUri -> redirectUriTemplate 
Fixes gh-4827
 2017-11-15 14:51:35 -05:00
Joe Grandja
e098c3707e Update default redirect-uri to use 'baseUrl' template variable 
Fixes gh-4826
 2017-11-15 14:51:35 -05:00
Johnny Lim
d900f2a623 Remove unused imports 
This commit also adds UnusedImportsCheck Checkstyle module.
 2017-11-14 14:41:08 -06:00
Joe Grandja
872a8f3189 Change constructor param order in oauth2 client filters 
Fixes gh-4818
 2017-11-13 17:32:22 -05:00
Joe Grandja
426c034c01 OidcUserService uses custom userNameAttributeName 
Fixes gh-4812
 2017-11-12 14:44:57 -05:00
Joe Grandja
6775d9fdd8 OAuth2AccessTokenResponse should account for expires_in <= 0 
Fixes gh-4810
 2017-11-12 11:30:11 -05:00
Joe Grandja
63e2db72ea Add tests to oauth2-jose 
Fixes gh-4806
 2017-11-10 17:09:48 -05:00
Joe Grandja
473ac0e37c Add tests to oauth2-client 
Fixes gh-4299
 2017-11-10 16:03:34 -05:00
Joe Grandja
db35dc6c03 Add tests to oauth2-core 
Fixes gh-4298
 2017-11-06 11:39:17 -05:00
Joe Grandja
ef9cd76607 Polish oauth2 
Fixes gh-4758
 2017-10-30 16:49:01 -04:00
Joe Grandja
d435f149eb Polish spring-security-oauth2-jose 
Fixes gh-4755
 2017-10-30 13:09:40 -04:00
Joe Grandja
511d702ee0 Remove JwtDecoderRegistry 
Fixes gh-4754
 2017-10-30 12:52:42 -04:00
Rob Winch
d9584384c4 Move collectClaims to OidcUserAuthority 
Fixes gh-4749
 2017-10-29 20:41:05 -05:00
Rob Winch
3d065b5afd Add getIdToken getUser to OidcUser 
Fixes gh-4748
 2017-10-29 20:10:55 -05:00
Rob Winch
c1c726f123 Polish InMemoryClientRegistrationRepository 
Issue: gh-4745
 2017-10-29 20:03:36 -05:00
Rob Winch
a3e38fec47 Remove AuthorizationRequestUriBuilder 
Make this API private since we don't have concrete use cases for exposing
it yet.

Fixes gh-4742
 2017-10-29 19:50:02 -05:00
Joe Grandja
c3d2effc1d Polish OAuth2AuthorizedClientService 
Fixes gh-4746
 2017-10-29 20:25:03 -04:00
Joe Grandja
b496ad4d86 Polish OAuth2LoginAuthenticationToken 
Fixes gh-4744
 2017-10-29 19:21:41 -04:00
Rob Winch
8032baa296 Polish InMemoryClientRegistrationRepository 
- use Map.get
- Construct with stream()
- Add tests
- Remove unnecessary unmodifiableCollection (already unmodifiable)

Fixes gh-4745
 2017-10-29 18:07:49 -05:00
Rob Winch
f0c2944377 OAuth2AuthorizationResponse getAccessToken 
No longer delegate to OAuth2AccessToken but add getAccessToken()

Fixes gh-4743
 2017-10-29 17:12:46 -05:00
Joe Grandja
e4887057bc Rename AuthorizationGrantTokenExchanger -> OAuth2AccessTokenResponseClient 
Fixes gh-4741
 2017-10-29 17:49:15 -04:00
Joe Grandja
2a00232a5b Remove UserInfoRetreiver 
Fixes gh-4740
 2017-10-29 17:49:15 -04:00
Joe Grandja
6fbd435bdf OAuth2LoginAuthenticationFilter requires collaborators 
Fixes gh-4661
 2017-10-29 04:41:23 -04:00
Joe Grandja
b471dd1c54 Remove OAuth2TokenRepository 
Fixes gh-4727
 2017-10-28 21:40:33 -04:00
Joe Grandja
b1d56b5821 NimbusAuthorizationCodeTokenExchanger uses authorizationRequest.redirectUri 
Fixes gh-4701
 2017-10-28 21:30:40 -04:00
Joe Grandja
006319f19a UserInfoRetriever supports ParameterizedTypeReference 
Fixes gh-4693
 2017-10-28 19:26:04 -04:00
Joe Grandja
9dc4aa6c81 Make OidcUserInfo Serializable 
Fixes gh-4733
 2017-10-28 18:35:21 -04:00