Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-07-10 12:23:30 +00:00
Code Issues Packages Projects Releases Wiki Activity
10,759 Commits 38 Branches 348 Tags
Commit Graph

10759 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Steve Riesenberg
f0168c6c27
Add support for customizing claims in JWT Client Assertion 
Closes gh-9855
 2022-03-17 09:53:16 -05:00
Joe Grandja
4a8219d16c Update whats-new.adoc with gh-9812 2022-03-17 04:41:33 -04:00
Joe Grandja
50d315d833 Remove unused code 2022-03-17 04:23:44 -04:00
Joe Grandja
a2ffc88294 Allow configuring PKCE for confidential clients 
Closes gh-6548
 2022-03-16 13:33:12 -04:00
ShinDongHun1
7955e5ac52 Polish UsernamePasswordAuthenticationFilter method 
Closes gh-10970
 2022-03-16 16:29:40 +01:00
Josh Cummings
cf29bf996c
Polish InResponseTo support 
- Moved methods so methods are listed before the methods they call
- Adjusted exception handling so no exceptions are eaten
- Adjusted so that malformed_request_data is returned with request data is malformed
- Refactored methods to have only immutable method parameters
- Removed usage of Stream API
- Moved AuthnRequestUnmarshaller into static block so that only looked
up once

Issue gh-9174
 2022-03-15 14:06:58 -06:00
Elias Lousseief
3c878549b5
Add support for validation of InResponseTo 
Whenever an InResponseTo is present in the SAML2 response and / or any of its assertions, it will be validated against the stored SAML2 request. If the request is missing or the ID of the request does not match the InResponseTo, validation fails. If there is no InResponseTo, no validation of it is done (as opposed to checking whether there is a saved request or not and then failing based on that).

Closes gh-9174
 2022-03-15 14:06:57 -06:00
Elias Lousseief
836f203d44
Refactored OpenSaml4AuthenticationProviderTests 
Factored out repeatedly used code for signing a request.
 2022-03-15 14:06:57 -06:00
Simone Giannino
73003d59d6 OAuth 2.0 logout handler resolves uri placeholders 
- OidcClientInitiatedLogoutSuccessHandler can automatically resolve placeholders like baseUrl and registrationId inside the postLogoutRedirectUri

Issue gh-7900
 2022-03-15 12:54:39 -06:00
Rob Winch
fabeabd2db Fix docs SecurityContextHolder Diagram 
Issue gh-9635
 2022-03-12 13:44:45 -06:00
Rob Winch
87ed31a99c Add SecurityContextHolderFilter 
Closes gh-9635
 2022-03-11 17:22:23 -06:00
Rob Winch
dbcb5004b4 Extract createSecurityContextRepository() 
Extract out method in preparation for adding SecurityContextHolderFilter
configuration.

Issue gh-9635
 2022-03-11 17:21:49 -06:00
Rob Winch
6e45a376cd Remove "Hi ... there" From Docs 
Close gh-10963
 2022-03-11 13:42:38 -06:00
Rob Winch
e4f1826622 Remove "Hi ... there" From Docs 
Close gh-10963
 2022-03-11 13:41:19 -06:00
Rob Winch
b71b2f81e1 Add Persistence to documentation 
Closes gh-10962
 2022-03-11 13:41:19 -06:00
Rob Winch
9967078059 Antora 3.0.0 
Issue gh-10962
 2022-03-11 13:41:19 -06:00
Norbert Nowak
ac9c29b2a0 Add UsernamePasswordAuthenticationToken factory methods 
- unauthenticated factory method
 - authenticated factory method
 - test for unauthenticated factory method
 - test for authenticated factory method
 - make existing constructor protected
 - use newly factory methods in rest of the project
 - update copyright dates

Closes gh-10790
 2022-03-09 15:23:35 -07:00
Rob Winch
d2f24ae5f5 Add SecurityContextRepository to all Authentication Filters 
Closes gh-10949
 2022-03-09 15:40:17 -06:00
Rob Winch
9db79aa5d7 BearerTokenAuthenticationFilter.securityContextRepository 
Issue gh-10953
 2022-03-09 15:33:42 -06:00
Rob Winch
2e9b04ed48 CasAuthenticationFilter.securityContextRepository 
Issue gh-10953
 2022-03-09 15:33:42 -06:00
Rob Winch
636f3e1d5d AbstractPreAuthenticatedProcessingFilter.securityContextRepository 
Issue gh-10953
 2022-03-09 15:33:42 -06:00
Rob Winch
e6b6104b52 DigestAuthenticationFilter.securityContextRepository 
Issue gh-10953
 2022-03-09 15:33:42 -06:00
Rob Winch
9b0cd5a0a8 BasicAuthenticationFilter.setSecurityContextRepository 
Issue gh-10953
 2022-03-09 15:33:42 -06:00
Rob Winch
120f2a356f RememberMeAuthenticationFilter.securityContextRepository 
Issue gh-10953
 2022-03-09 15:33:42 -06:00
Rob Winch
014c471ff1 AuthenticationFilter.securityContextRepository 
Issue gh-10953
 2022-03-09 15:33:42 -06:00
Rob Winch
f11cb988a9 AbstractAuthenticationProcessingFilter.securityContextRepository 
Issue gh-10953
 2022-03-09 15:33:42 -06:00
Marcus Da Coregio
70b67cd2f1 AuthorizationManagerWebInvocationPrivilegeEvaluator grant access when AuthorizationManager abstains 
Closes gh-10950
 2022-03-09 15:22:21 -03:00
Marcus Da Coregio
980e0466a7 AuthorizationManagerWebInvocationPrivilegeEvaluator grant access when AuthorizationManager abstains 
Closes gh-10950
 2022-03-09 15:21:37 -03:00
Rob Winch
65ec2659c4 HttpSessionSecurityContextRepository saves with original response 
Previously, the HttpSessionSecurityContextRepository unnecessarily required
the HttpServletResponse from the HttpReqeustResponseHolder passed into
loadContext. This meant code that wanted to save a SecurityContext had to
have a reference to the original HttpRequestResponseHolder. Often that
implied that the code that saves the SecurityContext must also load the
SecurityContext.

This change allows any request / response to be used to save the
SecurityContext which means any code can save the SecurityContext not just
the code that loaded it. This sets up the code to be permit requiring
explicit saves. Using the request/response from the
HttpRequestResponseHolder is only necessary for implicit saves.

Closes gh-10947
 2022-03-09 10:17:15 -06:00
Lijamaija
bc2bb8cb96 Add Kotlin example for SecuritySocketAcceptorInterceptor of RSocket 
Closes gh-10932
 2022-03-09 16:18:09 +01:00
Marcus Da Coregio
93d4fd3559 Add SAML 2.0 Single Logout XML Support 
Closes gh-10842
 2022-03-09 09:18:01 -03:00
Marcus Da Coregio
73f839312d Add SAML 2.0 Login XML Support 
Closes gh-9012
 2022-03-09 09:18:01 -03:00
Rob Winch
b9f79543c5 Add RequestAttributeSecurityContextRepository 
Closes gh-10918
 2022-03-07 14:52:24 -06:00
Josh Cummings
ff87cfce3a Polish EntityDescriptor Customizer 
Issue gh-10839
 2022-03-04 10:42:04 -07:00
Ulrich Grave
d225205bf2 Add method to customize EntityDescriptor 
Closes gh-10839
 2022-03-04 10:42:04 -07:00
Josh Cummings
304e89041c Polish Formatting 
Issue gh-10799
 2022-03-02 16:40:13 -07:00
Sander van Schouwenburg
f1a76efc2d Preserve order of RelyingPartRegistration credentials 
Issue gh-10799
 2022-03-02 16:40:13 -07:00
Josh Cummings
963251314b Replace Apache Commons Base64 Decoding 
Issue gh-10923
 2022-03-02 16:40:11 -07:00
Josh Cummings
ee061f3659 Use RFC2045 Encoding for SAML 2.0 Logout 
Closes gh-10923
 2022-03-02 16:39:31 -07:00
Josh Cummings
923c61e9d2 Polish Formatting 
Issue gh-10799
 2022-03-02 16:37:58 -07:00
Sander van Schouwenburg
14d0663ae2 Preserve order of RelyingPartRegistration credentials 
Issue gh-10799
 2022-03-02 16:37:58 -07:00
Josh Cummings
7a02bd14c1 Replace Apache Commons Base64 Decoding 
Issue gh-10923
 2022-03-02 16:19:03 -07:00
Josh Cummings
238616da80 Use RFC2045 Encoding for SAML 2.0 Logout 
Closes gh-10923
 2022-03-02 16:18:34 -07:00
Josh Cummings
931fb6a328 Move UnmodifiableMapDeserializer 
Issue gh-10905
 2022-03-01 14:03:41 -07:00
Josh Cummings
6c3d183a94 Polish Saml2 Jackson Support 
Issue gh-10905
 2022-03-01 13:56:02 -07:00
Ulrich Grave
df84826c95 Add Jackson Support for Saml2 Module 
Closes gh-10905
 2022-03-01 12:07:55 -07:00
Talerngpong Virojwutikul
440ffce2eb Update PasswordEncoder declaration 
Closes gh-10910
 2022-03-01 07:50:55 -07:00
Talerngpong Virojwutikul
ff15bec02d update PasswordEncoder declaration 2022-03-01 07:48:31 -07:00
m0k045e
3aa7a65cb4 OAuth2AuthorizedClientArgumentResolver resolves ReactiveOAuth2AuthorizedClientManager 
Closes gh-10846
 2022-02-28 15:30:19 -07:00
Filip Hanik
47871562ca Change HashSet to LinkedHashSet 
For various RelyingPartyRegistration.credentials to preserve order of insertion.

Issue gh-10799
 2022-02-28 15:02:03 -07:00