A reactive static builder for constructing and configuring a
ReactiveJwtDecoder via an issuer that supports the OIDC Provider
Configuration spec.
Fixes: gh-5649
NimbusReactiveJwtDecoder incorrectly referred in its class-level doc
as being an implementation of JwtDecoder. This has been corrected to
say ReactiveJwtDecoder.
Fixes: gh-5711
Previously the logic for determining if the pathInfo should be appended
was inverted.
This correctly concatenates url + pathInfo if url is a non empty String.
Fixes: gh-5473
This is necessary so that the saving of the authorized client occurs
outside of the ReactiveAuthenticationManager. It will allow for
saving with the ServerWebExchange when ReactiveOAuth2AuthorizedClientRepository
is added.
Issue: gh-5621
I feel very painful when using SQL script for Oracle database. I set datatype, number(18), number(38) is too big, all character is uppercase (because Oracle database is case-insensitive). ACL's SQL script has script for Oracle database, but section USERS, AUTHORITIES has not SQL scrip for Oracle database, therefore I add more.
- Adding an ServerAuthenticationConverter interface
- Retro-fitting ServerOAuth2LoginAuthenticationTokenConverter,
ServerBearerTokenAuthentivationConverter, ServerFormLoginAuthenticationConverter,
and ServerHttpBasicAuthenticationConverter to implement ServerAuthenticationConverter
- Deprecate existing AuthenticationWebFilter.setAuthenticationConverter
and add overloaded one which takes ServerAuthenticationConverter
Fixes gh-5338
Adding JwtDecoders#fromOidcIssuerLocation which takes an issuer
and derives from it the jwk set uri via a call to
.well-known/openid-configuration
Fixes: gh-5523
After the Feature-Policy support changes the format of the xsd did not
align with the generator which meant running the build caused changes
for the commit.
This commit ran the xsd generation so that the formatting would be
consistent with the generator.
Issue: gh-5670
Previously there was a tangle between
DefaultOAuth2AuthorizationRequestResolver and
OAuth2AuthorizationRequestRedirectFilter with
AUTHORIZATION_REQUIRED_EXCEPTION_ATTR_NAME
This commit adds a new method that can be used for resolving the
OAuth2AuthorizationRequest when the client registration id is known.
Issue: gh-4911
Josh Cummings
Rob Winch
Joe Grandja
Yuri Konotopov
Christoph Dreis
Vedran Pavic
Do Nhu Vy
Eric Deandrea