d4c3cea0e6
Update Copyright
...
Issue gh-9901
2021-06-17 08:34:31 -06:00
1d606ccedb
fix typo preventing full exception to be displayed in log
...
closes gh-9901
2021-06-17 08:33:32 -06:00
807ce30948
Support additional client authentication methods
...
Closes gh-9780
2021-06-16 15:48:03 -05:00
0cba0874f3
Handle missing authorization endpoint uri
...
Closes gh-9795
2021-06-16 15:38:53 -05:00
9b05afdee8
Remove validation for unsupported grant types
...
Closes gh-9828
2021-06-16 14:54:33 -05:00
eb6ed283e0
Jwt client authentication converter detects new key
...
Closes gh-9814
2021-06-16 12:55:12 -04:00
aed993f3e5
Store one request by default in WebSessionOAuth2ServerAuthorizationRequestRepository
...
Related to gh-9649
Closes gh-9857
2021-06-15 11:03:30 -05:00
36805c7192
Revert "Use strict equality for timestamp comparison in JDBC tests"
...
This reverts commit 09a0670cb6
2021-06-08 10:13:53 +03:00
09a0670cb6
Use strict equality for timestamp comparison in JDBC tests
...
This is possible because of the update to HSQLDB 2.6.0
This reverts commit eb7b27695d
2021-06-08 09:31:55 +03:00
ac9b137cad
URL encode client credentials
...
Closes gh-9610
2021-06-01 12:57:06 -05:00
65ecaa0c28
Polish postLogoutRedirectUri encoding
...
Issue gh-9511
2021-05-26 12:31:41 -06:00
b671a96073
Encode postLogoutRedirectUri query params
...
Now encodes already encoded queryparameters in postLogoutRedirectUrl
correctly
Closes gh-9511
2021-05-26 12:10:03 -06:00
36dcbe24d0
Handle custom status codes in error handler
...
Fixes an issue where custom status codes in the error response cause an
IllegalArgumentException to be thrown when resolving an HttpStatus.
Closes gh-9741
2021-05-25 13:31:34 -05:00
372c2b805b
Update r2dbc-spi-test to 0.8.5.RELEASE
...
Closes gh-9752
2021-05-14 13:23:54 -05:00
5b24bd1288
Adjust ClientRegistrationsTests
...
Closes gh-9748
2021-05-14 10:30:46 -06:00
5f6de026a8
Update javadoc AuthorizationCodeOAuth2AuthorizedClientProvider
...
Closes gh-9708
2021-05-13 13:02:08 -04:00
64b7af473d
Additional HttpSessionOAuth2AuthorizationRequestRepository tests
...
Issue gh-5145
2021-05-12 14:59:25 -05:00
35f5ebdbcf
HttpSessionOAuth2AuthorizationRequestRepository: store one request by default
...
Add setAllowMultipleAuthorizationRequests allowing applications to
revert to the previous functionality should they need to do so.
Closes gh-5145
Intentionally regresses gh-5110
2021-05-12 14:59:25 -05:00
761e3a9dd8
JwtBearerOAuth2AuthorizedClientProvider checks for access token expiry
...
Fixes gh-9700
2021-04-30 10:12:38 -04:00
eff4cdc924
Polish gh-9505
2021-04-09 06:22:29 -04:00
7694aa27cf
Add jwt-bearer authorization grant
...
Closes gh-6053
2021-04-09 06:22:29 -04:00
9c97970e26
Add Jwt Client Authentication support
...
Closes gh-8175
2021-04-08 15:44:33 -04:00
8323590b6c
Update r2dbc-spi-test to 0.8.4.RELEASE
...
Closes gh-9551
2021-04-05 22:23:59 -05:00
60d3db5798
add management platform(project(":spring-security-dependencies"))
...
Closes gh-9540
2021-04-05 10:36:36 -05:00
1a76ee7442
Update Gradle configuration names
...
Closes gh-9540
2021-04-05 10:36:36 -05:00
b8e47882aa
Fix test to use non-expired token
...
Closes gh-9506
2021-03-17 17:38:08 +01:00
4a492846f1
Revert "Lock dependencies for 2.5.0-M3"
...
This reverts commit f05cc6269c
2021-03-15 23:18:45 +01:00
f05cc6269c
Lock dependencies for 2.5.0-M3
2021-03-15 11:00:19 +01:00
5e5ff27109
Configure Jackson for nanosecond precision
...
Closes gh-9461
2021-02-17 11:53:36 -07:00
a0a9718b8b
Use Instant with micro-second precision
...
Closes gh-9449
2021-02-17 11:31:23 -07:00
c4be1c6a56
Revert "Lock Dependencies"
...
This reverts commit a85caa4098
2021-02-11 15:49:59 -07:00
a85caa4098
Lock Dependencies
2021-02-11 15:00:38 -07:00
d85a7cfc4a
Make user info response status check error only
...
Closes gh-9336
2021-01-25 10:02:58 -05:00
56db058fd0
Fix NullPointerException
...
- Caused by a malformed WWW-Authenticate value
2021-01-21 16:18:23 -07:00
58e3235093
Deprecate ClientAuthenticationMethod BASIC and POST
...
Closes gh-9220
2020-11-25 15:13:28 -05:00
b95e1aa209
Revert "Lock dependencies for 5.5.0-M1"
...
This reverts commit 25a7482c8c
2020-11-03 19:53:28 -05:00
c069692ab9
Extract OAuth2Token from AbstractOAuth2Token
...
Closes gh-5502
2020-11-02 20:35:08 -05:00
25a7482c8c
Lock dependencies for 5.5.0-M1
2020-10-30 17:52:03 -05:00
6724e3e514
Provide a R2dbc implementation of ReactiveOuath2AuthorizedClientService
...
Implement R2dbcReactiveOuath2AuthorizedClientService which persists the
Oauth2AuthorizedClient in a sql database
R2dbcReactiveOuath2AuthorizedClientService is using the spring-r2dbc
module to persist/load Oauth2AuthorizedClient to/from a sql database
Add optional depedency to the spring-r2dbc module
Add test compile dependencies to r2dbc-h2 and r2dbc-test
Closes gh-7890
2020-10-29 15:44:12 -04:00
42a787d1f6
Add Postgres sql for JDBC implementation of OAuth2AuthorizedClientService
...
Postgres doesn't have a BLOB type, but it does have an equivalent BYTEA
type.
This approach and naming convention follows the convention established
in Spring Session JDBC which has sql for each RDBMS with files names in
the pattern *-{dbname}.sql, for example:
schema-db2.sql
schema-derby.sql
schema-h2.sql
schema-mysql.sql
schema-postgresql.sql
See https://github.com/spring-projects/spring-session/tree/2.3.1.RELEASE/spring-session-jdbc/src/main/resources/org/springframework/session/jdbc
Issue gh-9070
2020-10-22 09:56:20 -04:00
05dc326389
Use LobHandler in JdbcOAuth2AuthorizedClientService
...
LobHandler provides an abstraction for handling large binary fields and large text
fields in specific databases, no matter if represented as simple types or
Large OBjects.
Its use provides compatibility with many databases eliminating the need
for custom OAuth2AuthorizedClientParametersMapper and
OAuth2AuthorizedClientRowMapper implementations.
Closes gh-9070
2020-10-22 09:56:20 -04:00
c502312719
Replace expected @Test attributes with AssertJ
...
Replace JUnit expected @Test attributes with AssertJ calls.
2020-09-22 16:13:51 -06:00
20baa7d409
Replace ExpectedException @Rules with AssertJ
...
Replace JUnit ExpectedException @Rules with AssertJ calls.
2020-09-22 16:13:51 -06:00
6e6d382357
Adapt to WebClient's new exception wrapping
...
See https://github.com/spring-projects/spring-framework/issues/23842
Closes gh-9031
2020-09-17 12:21:51 -04:00
7b1f574769
Revert "Lock Dependency Versions for 5.4.0"
...
This reverts commit 3d0e459182
2020-09-09 18:14:12 -04:00
3d0e459182
Lock Dependency Versions for 5.4.0
2020-09-09 13:45:03 -04:00
2abf59b695
Merge Formatting Changes
...
Issue gh-8945
2020-08-24 17:33:23 -05:00
dc47a7575e
Polish oauth-client format
...
Issue gh-8945
2020-08-24 17:33:09 -05:00
319d3364aa
Migrate to assertThatExceptionOfType
...
Consistently use `assertThatExceptionOfType(...).isThrownBy(...)`
rather than `assertThatCode` or `assertThatThrownBy`. This aligns with
Spring Boot and Spring Cloud. It also allows the convenience
`assertThatIllegalArgument` and `assertThatIllegalState` methods to
be used.
Issue gh-8945
2020-08-24 17:33:09 -05:00
2f8e835b11
Use assertThatObject to save casting
...
Update tests that use `assertThat((Object) ...)` to use the convenience
`assertThatObject(...)` method instead.
Issue gh-8945
2020-08-24 17:33:09 -05:00
Josh Cummings
Arnaud Mergey
Steve Riesenberg
Joe Grandja
Steve Riesenberg
Eleftheria Stein
Hans Hosea Schaefer
Rob Winch
Asian Malaysian Vietnamese
Craig Andrews
Hassene Laaribi
Eleftheria Stein
Benjamin Faal
tristanessquare
Ovidiu Popa
Phillip Webb