Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-05-31 01:02:14 +00:00
Code Issues Packages Projects Releases Wiki Activity
18,098 Commits 38 Branches 345 Tags
Commit Graph

18098 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
dependabot[bot]
0d3d6f75f8 Bump org-aspectj from 1.9.22.1 to 1.9.24 
Bumps `org-aspectj` from 1.9.22.1 to 1.9.24.

Updates `org.aspectj:aspectjrt` from 1.9.22.1 to 1.9.24
- [Release notes](https://github.com/eclipse/org.aspectj/releases)
- [Commits](https://github.com/eclipse/org.aspectj/commits)

Updates `org.aspectj:aspectjweaver` from 1.9.22.1 to 1.9.24
- [Release notes](https://github.com/eclipse/org.aspectj/releases)
- [Commits](https://github.com/eclipse/org.aspectj/commits)

---
updated-dependencies:
- dependency-name: org.aspectj:aspectjrt
  dependency-version: 1.9.24
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: org.aspectj:aspectjweaver
  dependency-version: 1.9.24
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-04-13 20:22:34 -07:00
Steve Riesenberg
15c2b156f1
Update Client Authentication examples 
Closes gh-16925

987d9c9788ba0343f543083c87613fb5
 2025-04-11 15:10:05 -05:00
Josh Cummings
0e70482725
Fix Formatting 2025-04-10 15:55:00 -06:00
Josh Cummings
09ba5397fb
Add Support for Authorizing Spring MVC Return Types 
Closes gh-16059
 2025-04-10 15:48:10 -06:00
Josh Cummings
6438603cb6
Pick Up TargetVisitor Beans 
Closes gh-16923
 2025-04-10 15:48:09 -06:00
Josh Cummings
5841e35cae
Invert AuthorizeReturnObjectMethodInterceptor Dependency 
Closes gh-16922
 2025-04-10 15:48:09 -06:00
Joe Grandja
1ca33cae70 Make DPoP IatClaimValidator public to allow configuring clock and clockSkew 
Issue gh-16574

Closes gh-16921
 2025-04-10 16:04:37 -04:00
github-actions[bot]
546dba7dc2 Merge branch '6.4.x' 2025-04-10 04:13:30 +00:00
dependabot[bot]
a10a35c2ac Bump io.spring.gradle:spring-security-release-plugin from 1.0.3 to 1.0.4 
Bumps [io.spring.gradle:spring-security-release-plugin](https://github.com/spring-io/spring-security-release-tools) from 1.0.3 to 1.0.4.
- [Release notes](https://github.com/spring-io/spring-security-release-tools/releases)
- [Commits](https://github.com/spring-io/spring-security-release-tools/compare/v1.0.3...v1.0.4)

---
updated-dependencies:
- dependency-name: io.spring.gradle:spring-security-release-plugin
  dependency-version: 1.0.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-04-09 21:12:41 -07:00
dependabot[bot]
923491628b Bump io.mockk:mockk from 1.13.17 to 1.14.0 
Bumps [io.mockk:mockk](https://github.com/mockk/mockk) from 1.13.17 to 1.14.0.
- [Release notes](https://github.com/mockk/mockk/releases)
- [Commits](https://github.com/mockk/mockk/compare/1.13.17...1.14.0)

---
updated-dependencies:
- dependency-name: io.mockk:mockk
  dependency-version: 1.14.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-04-09 20:52:41 -07:00
dependabot[bot]
1e6fd62bed Bump io.spring.gradle:spring-security-release-plugin from 1.0.3 to 1.0.4 
Bumps [io.spring.gradle:spring-security-release-plugin](https://github.com/spring-io/spring-security-release-tools) from 1.0.3 to 1.0.4.
- [Release notes](https://github.com/spring-io/spring-security-release-tools/releases)
- [Commits](https://github.com/spring-io/spring-security-release-tools/compare/v1.0.3...v1.0.4)

---
updated-dependencies:
- dependency-name: io.spring.gradle:spring-security-release-plugin
  dependency-version: 1.0.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-04-09 20:52:10 -07:00
github-actions[bot]
ee13d19503 Merge branch '6.3.x' into 6.4.x 2025-04-10 03:34:09 +00:00
github-actions[bot]
a9982971ae Merge branch '6.4.x' 2025-04-10 03:34:09 +00:00
dependabot[bot]
eb83c35ded Bump io.spring.gradle:spring-security-release-plugin from 1.0.3 to 1.0.4 
Bumps [io.spring.gradle:spring-security-release-plugin](https://github.com/spring-io/spring-security-release-tools) from 1.0.3 to 1.0.4.
- [Release notes](https://github.com/spring-io/spring-security-release-tools/releases)
- [Commits](https://github.com/spring-io/spring-security-release-tools/compare/v1.0.3...v1.0.4)

---
updated-dependencies:
- dependency-name: io.spring.gradle:spring-security-release-plugin
  dependency-version: 1.0.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-04-09 20:33:22 -07:00
Josh Cummings
3869b13e68
Add ResponseAuthenticationConverter 
Aside from simplifying configuration, this commit also makes it possible
to provide a response authentication converter that doesn't need the
NameID element to be present.

Closes gh-12136
 2025-04-09 17:38:24 -06:00
Josh Cummings
3e686abf50
Add ResponseValidator 
Issue gh-14264
Closes gh-16915
 2025-04-09 17:32:40 -06:00
Risto Virtanen
47e1fc045f Formatted 
Signed-off-by: Risto Virtanen <818702+mapsu@users.noreply.github.com>
 2025-04-09 17:09:54 -06:00
Risto Virtanen
1db557e395 Replace ClientRegistrationMixinTests with StdConvertersTest 
Signed-off-by: Risto Virtanen <818702+mapsu@users.noreply.github.com>
 2025-04-09 17:09:54 -06:00
Risto Virtanen
368fe2e7a0 Add missing ClientAuthenticationMethods to jackson2 converter 
Closes gh-16825

Signed-off-by: Risto Virtanen <818702+mapsu@users.noreply.github.com>
 2025-04-09 17:09:54 -06:00
Daeho Kwon
9908d96644
DeferredCsrfToken Implements Supplier 
Closes gh-16870

Signed-off-by: Daeho Kwon <trewq231@naver.com>
 2025-04-09 14:24:11 -06:00
Steve Riesenberg
43ef4262da
Update whats-new.adoc 
Issue gh-16913
 2025-04-09 11:19:50 -05:00
Steve Riesenberg
9d442c13de
Mark password grant for removal 
This commit also updates link to the document "Best Current Practice for
OAuth 2.0 Security" to point to RFC 9700.

Closes gh-16913
 2025-04-09 11:15:09 -05:00
Steve Riesenberg
197ee38aa0
Mark deprecated response clients for removal 
Issue gh-16913
 2025-04-09 11:15:06 -05:00
dependabot[bot]
9ca02082dc Bump org.jetbrains.kotlinx:kotlinx-coroutines-bom from 1.10.1 to 1.10.2 
Bumps [org.jetbrains.kotlinx:kotlinx-coroutines-bom](https://github.com/Kotlin/kotlinx.coroutines) from 1.10.1 to 1.10.2.
- [Release notes](https://github.com/Kotlin/kotlinx.coroutines/releases)
- [Changelog](https://github.com/Kotlin/kotlinx.coroutines/blob/master/CHANGES.md)
- [Commits](https://github.com/Kotlin/kotlinx.coroutines/compare/1.10.1...1.10.2)

---
updated-dependencies:
- dependency-name: org.jetbrains.kotlinx:kotlinx-coroutines-bom
  dependency-version: 1.10.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-04-08 20:46:41 -07:00
Michael Samborski
bfb4878e29 Update kotlin.adoc to add required spread operator(*) 
Signed-off-by: Michael Samborski <msamborski@orbiscommunications.com>
 2025-04-08 14:12:09 -05:00
Tran Ngoc Nhan
d864e51ff6 Format OpaqueTokenIntrospector 
Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
 2025-04-08 13:56:54 -05:00
Tran Ngoc Nhan
d899bc5240 Polish javadoc 
Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
 2025-04-08 13:56:54 -05:00
James Howe
8d7f6acab6 Typo in Base64StringKeyGenerator exception message 
Signed-off-by: James Howe <675056+OrangeDog@users.noreply.github.com>
 2025-04-08 09:56:14 -06:00
Josh Cummings
f93a7a2f85
Deprecate HandlerMappingIntrospectorRequestTransformer 
Closes gh-16536
 2025-04-07 13:56:18 -06:00
Steve Riesenberg
1fb3fc80f9
Polish gh-15819 
Closes gh-15818
 2025-04-07 10:57:49 -05:00
Jonah Klöckner
9674532f4d
Add support for access token in body parameter as per rfc 6750 Sec. 2.2 
Issue gh-15818
 2025-04-07 10:57:49 -05:00
Steve Riesenberg
03e090c2d7
Merge branch '6.4.x' 
Closes gh-16902
 2025-04-07 10:57:12 -05:00
Steve Riesenberg
db34de59bc
Merge branch '6.3.x' into 6.4.x 
Closes gh-16901
 2025-04-07 10:55:51 -05:00
Steve Riesenberg
3c0fef59b5
Polish gh-16039 
Closes gh-16038
 2025-04-07 10:54:09 -05:00
Jonah Klöckner
da94fbe431
Evaluate URI query parameter only if enabled 
Issue gh-16038
 2025-04-07 10:54:07 -05:00
Joe Grandja
9c073dbcde Add AuthenticationEntryPoint for DPoP 
Issue gh-16574

Closes gh-16900
 2025-04-07 09:38:51 -04:00
dependabot[bot]
21a85e3520 Bump org.mockito:mockito-bom from 5.16.1 to 5.17.0 
Bumps [org.mockito:mockito-bom](https://github.com/mockito/mockito) from 5.16.1 to 5.17.0.
- [Release notes](https://github.com/mockito/mockito/releases)
- [Commits](https://github.com/mockito/mockito/compare/v5.16.1...v5.17.0)

---
updated-dependencies:
- dependency-name: org.mockito:mockito-bom
  dependency-version: 5.17.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-04-06 21:00:37 -07:00
dependabot[bot]
0a2b9d4978 Bump org.hibernate.orm:hibernate-core from 6.6.12.Final to 6.6.13.Final 
Bumps [org.hibernate.orm:hibernate-core](https://github.com/hibernate/hibernate-orm) from 6.6.12.Final to 6.6.13.Final.
- [Release notes](https://github.com/hibernate/hibernate-orm/releases)
- [Changelog](https://github.com/hibernate/hibernate-orm/blob/6.6.13/changelog.txt)
- [Commits](https://github.com/hibernate/hibernate-orm/compare/6.6.12...6.6.13)

---
updated-dependencies:
- dependency-name: org.hibernate.orm:hibernate-core
  dependency-version: 6.6.13.Final
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-04-06 20:59:30 -07:00
dependabot[bot]
ff29c1b547 Bump org.seleniumhq.selenium:selenium-java from 4.30.0 to 4.31.0 
Bumps [org.seleniumhq.selenium:selenium-java](https://github.com/SeleniumHQ/selenium) from 4.30.0 to 4.31.0.
- [Release notes](https://github.com/SeleniumHQ/selenium/releases)
- [Commits](https://github.com/SeleniumHQ/selenium/compare/selenium-4.30.0...selenium-4.31.0)

---
updated-dependencies:
- dependency-name: org.seleniumhq.selenium:selenium-java
  dependency-version: 4.31.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-04-06 20:59:24 -07:00
github-actions[bot]
16527fec06 Merge branch '6.4.x' 2025-04-07 03:56:36 +00:00
dependabot[bot]
a081402383 Bump org.hibernate.orm:hibernate-core from 6.6.12.Final to 6.6.13.Final 
Bumps [org.hibernate.orm:hibernate-core](https://github.com/hibernate/hibernate-orm) from 6.6.12.Final to 6.6.13.Final.
- [Release notes](https://github.com/hibernate/hibernate-orm/releases)
- [Changelog](https://github.com/hibernate/hibernate-orm/blob/6.6.13/changelog.txt)
- [Commits](https://github.com/hibernate/hibernate-orm/compare/6.6.12...6.6.13)

---
updated-dependencies:
- dependency-name: org.hibernate.orm:hibernate-core
  dependency-version: 6.6.13.Final
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-04-06 20:55:51 -07:00
github-actions[bot]
87300c491d Merge branch '6.4.x' 2025-04-07 00:23:05 +00:00
dependabot[bot]
f3c8262a00 Bump spring-io/spring-doc-actions from 0.0.19 to 0.0.20 
Bumps [spring-io/spring-doc-actions](https://github.com/spring-io/spring-doc-actions) from 0.0.19 to 0.0.20.
- [Commits](c203826512...e28269199d)

---
updated-dependencies:
- dependency-name: spring-io/spring-doc-actions
  dependency-version: 0.0.20
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-04-06 17:22:18 -07:00
dependabot[bot]
1eff176776 Bump spring-io/spring-doc-actions from 0.0.19 to 0.0.20 
Bumps [spring-io/spring-doc-actions](https://github.com/spring-io/spring-doc-actions) from 0.0.19 to 0.0.20.
- [Commits](c203826512...e28269199d)

---
updated-dependencies:
- dependency-name: spring-io/spring-doc-actions
  dependency-version: 0.0.20
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-04-06 17:17:16 -07:00
Josh Cummings
a283700ef8
Add CacheSaml2AuthenticationRequestRepository 
Closes gh-14793
 2025-04-03 17:43:48 -06:00
chu3la
8cbe02e3aa Update WebAuthn Test Objects Class Names 
Closes gh-16604

Signed-off-by: chu3la <elmansouri.houssam@gmail.com>
 2025-04-03 16:33:34 -06:00
Josh Cummings
67c21de1cf
Support Continue Filter Chain When No Relying Party 
Closes gh-16000
 2025-04-03 15:32:23 -06:00
Josh Cummings
5436fd5574
Remove Unecessary Code 2025-04-03 14:28:54 -06:00
Josh Cummings
4cdc6dab21
Fix Formatting 
Issue gh-16604
 2025-04-03 12:55:51 -06:00
Vasanth
04d7130975
Update WebAuthn Test Objects Class Names 
Renamed the WebAuthn test object class names

Closes gh-16604

Signed-off-by: Vasanth <76898064+vasanth-79@users.noreply.github.com>
 2025-04-03 12:55:50 -06:00