Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-02-25 00:35:58 +00:00
Code Issues Packages Projects Releases Wiki Activity
13,278 Commits 34 Branches 337 Tags
Commit Graph

1099 Commits

Author SHA1 Message Date
Joe Grandja
8850ccb1c6 Revert "Lock Dependencies" 
This reverts commit 924ceac681eae11cabdf1af1d37ff4550b9d350d.
 2021-04-12 13:47:04 -04:00
Joe Grandja
924ceac681 Lock Dependencies 2021-04-12 13:36:39 -04:00
Josh Cummings
7ded671858
Refactor AuthenticationDetailsSource support 
- BearerTokenAuthenticationFilter exposes this directly, simplifying
configuration and removing a package tangle

Closes gh-9576
 2021-04-09 12:41:16 -06:00
Joe Grandja
b556655290 Make OAuth2AuthorizationResponseType constructor public 
Closes gh-9584
 2021-04-09 08:01:08 -04:00
Joe Grandja
dca7e03b91 Deprecate OAuth2AuthorizationResponseType.TOKEN 
Closes gh-9582
 2021-04-09 07:46:21 -04:00
Joe Grandja
eff4cdc924 Polish gh-9505 2021-04-09 06:22:29 -04:00
Hassene Laaribi
7694aa27cf Add jwt-bearer authorization grant 
Closes gh-6053
 2021-04-09 06:22:29 -04:00
Joe Grandja
9c97970e26 Add Jwt Client Authentication support 
Closes gh-8175
 2021-04-08 15:44:33 -04:00
Rob Winch
f3f1106624 Update io.spring.javaformat to 0.0.27 
Closes gh-9553
 2021-04-05 22:23:59 -05:00
Rob Winch
8323590b6c Update r2dbc-spi-test to 0.8.4.RELEASE 
Closes gh-9551
 2021-04-05 22:23:59 -05:00
Rob Winch
60d3db5798 add management platform(project(":spring-security-dependencies")) 
Closes gh-9540
 2021-04-05 10:36:36 -05:00
Rob Winch
1a76ee7442 Update Gradle configuration names 
Closes gh-9540
 2021-04-05 10:36:36 -05:00
Hassene Laaribi
b8e47882aa Fix test to use non-expired token 
Closes gh-9506
 2021-03-17 17:38:08 +01:00
Eleftheria Stein
4a492846f1 Revert "Lock dependencies for 2.5.0-M3" 
This reverts commit f05cc6269c8f4c9531d512ed7939a37d94a815e4.
 2021-03-15 23:18:45 +01:00
Eleftheria Stein
f05cc6269c Lock dependencies for 2.5.0-M3 2021-03-15 11:00:19 +01:00
Josh Cummings
b774e91734
Polish BearerTokenAuthenticationConverter 
Issue gh-8840
 2021-03-12 15:05:06 -07:00
Jeongjin Kim
31f310fd22
Add BearerTokenAuthenticationConverter 
BearerTokenAuthenticationConverter is introduced to solve the
problem of not being able to change AuthenticationDetailsSource.
BearerTokenAuthenticationFilter delegates to
BearerTokenAuthenticationConverter the task of creating
BearerTokenAuthenticationToken and setting AuthenticationDetailsSource.
BearerTokenAuthenticationConverter is customizable and the customized
converter can be used in BearerTokenAuthenticationFilter.

Closes gh-8840
 2021-03-12 15:05:06 -07:00
Josh Cummings
71e0967b53
Revert "Lock Dependencies for Release" 
This reverts commit 8c04074264e95f670503c63d6501eb5cc0aa4966.
 2021-02-17 15:59:48 -07:00
Josh Cummings
8c04074264
Lock Dependencies for Release 2021-02-17 14:59:17 -07:00
Josh Cummings
5e5ff27109
Configure Jackson for nanosecond precision 
Closes gh-9461
 2021-02-17 11:53:36 -07:00
Josh Cummings
a0a9718b8b
Use Instant with micro-second precision 
Closes gh-9449
 2021-02-17 11:31:23 -07:00
Josh Cummings
cf032d86d6
Revert "Lock Dependencies" 
This reverts commit 9535a41d5a5867a5766aebb72470587eb1c5be52.
 2021-02-11 18:38:07 -07:00
Josh Cummings
9535a41d5a
Lock Dependencies 2021-02-11 17:43:39 -07:00
Josh Cummings
f449da8b78
Revert "Lock Dependencies" 
This reverts commit d17ebf53f95586a009bc9464a92dfcd4a283f6c7.
 2021-02-11 17:28:01 -07:00
Josh Cummings
d17ebf53f9
Lock Dependencies 2021-02-11 16:56:28 -07:00
Josh Cummings
c4be1c6a56
Revert "Lock Dependencies" 
This reverts commit a85caa4098589b0080d75e428f0d262090b6a1f1.
 2021-02-11 15:49:59 -07:00
Josh Cummings
a85caa4098
Lock Dependencies 2021-02-11 15:00:38 -07:00
Rob Winch
71f9876c48 Revert "Lock dependencies" 
This reverts commit dca4858d812e2beb1263cac4d85be01416178f3d.
 2021-02-11 13:38:50 -06:00
Rob Winch
dca4858d81 Lock dependencies 2021-02-11 13:00:32 -06:00
Rob Winch
ec8f6014d4 Revert "Lock dependencies" 
This reverts commit fa5f789bebe26da0e9b49dde0b0563755b43a25d.
 2021-02-11 09:51:54 -06:00
Rob Winch
fa5f789beb Lock dependencies 2021-02-11 08:53:40 -06:00
Josh Cummings
02d017abf7
Adjust Test Assertion 
- Netty returns a slightly different exception on Windows,
so adjusted assertion accordingly.

Issue gh-9421
 2021-02-10 13:20:51 -07:00
Josh Cummings
ccb3b02888
Bearer Token Server-side Errors Return 500 
Closes gh-9395
 2021-02-10 12:35:34 -07:00
Josh Cummings
e79141a188
Downgrade nimbus-jose-jwt to 8.+ 
Closes gh-9399
 2021-02-03 13:18:18 -07:00
Joe Grandja
542c625d7d Allow null or empty authorities for DefaultOAuth2User 
Make DefaultOAuth2User more inline with other part of
spring-security.
For example,
- DefaultOAuth2AuthenticatedPrincipal
- AbstractAuthenticationToken

Closes gh-9366
 2021-02-02 04:43:29 -05:00
Joe Grandja
e7acd1219d Allow null or empty authorities for DefaultOAuth2User 
Make DefaultOAuth2User more inline with other part of
spring-security.
For example,
- DefaultOAuth2AuthenticatedPrincipal
- AbstractAuthenticationToken

Closes gh-9366
 2021-02-02 04:35:39 -05:00
Mayur Patel
fc24c7991c Allow null or empty authorities for DefaultOAuth2User 
Make DefaultOAuth2User more inline with other part of
spring-security.
For example,
- DefaultOAuth2AuthenticatedPrincipal
- AbstractAuthenticationToken

Closes gh-9366
 2021-02-01 17:26:56 -05:00
Mayur Patel
75706f118c Allow null or empty authorities for DefaultOAuth2User 
Make DefaultOAuth2User more inline with other part of
spring-security.
For example,
- DefaultOAuth2AuthenticatedPrincipal
- AbstractAuthenticationToken

Closes gh-9366
 2021-02-01 17:09:07 -05:00
Benjamin Faal
98399c920a Make user info response status check error only 
Closes gh-9336
 2021-01-25 11:10:03 -05:00
Benjamin Faal
0f7360e8fa Make user info response status check error only 
Closes gh-9336
 2021-01-25 10:46:07 -05:00
Benjamin Faal
f6b678f137 Make user info response status check error only 
Closes gh-9336
 2021-01-25 10:23:49 -05:00
Benjamin Faal
d85a7cfc4a Make user info response status check error only 
Closes gh-9336
 2021-01-25 10:02:58 -05:00
tristanessquare
580b988e7f
Fix NullPointerException 
- Caused by a malformed WWW-Authenticate value

Closes gh-9364
 2021-01-21 16:22:29 -07:00
tristanessquare
56db058fd0
Fix NullPointerException 
- Caused by a malformed WWW-Authenticate value
 2021-01-21 16:18:23 -07:00
Josh Cummings
f36e2fca59
Remove SingleKeyJWSKeySelector 
Closes gh-9348
 2021-01-15 22:15:56 -07:00
Josh Cummings
6499a235b0
Suppress Compiler Warnings 2021-01-08 11:30:28 -07:00
Josh Cummings
2566abec31
Add Type Parameter 
Closes gh-8412
 2020-12-11 10:20:18 -07:00
Ovidiu Popa
174b71c017 OidcIdToken cannot be serialized to JSON if token contains claim of type JSONArray or JSONObject 
ObjectToListStringConverter and ObjectToMapStringObjectConverter were checking if the source object is of type List or Map and if the first element or key is a String. If we have a JSONArray containing Strings the above check will pass, meaning that a JSONArray will be returned which is not serializable (same applies to JSONObject)

With this change, even if the check is passing a new List or Map will be returned.

Closes gh-9210
 2020-12-03 11:42:00 -05:00
Ovidiu Popa
7d31837af3 OidcIdToken cannot be serialized to JSON if token contains claim of type JSONArray or JSONObject 
ObjectToListStringConverter and ObjectToMapStringObjectConverter were checking if the source object is of type List or Map and if the first element or key is a String. If we have a JSONArray containing Strings the above check will pass, meaning that a JSONArray will be returned which is not serializable (same applies to JSONObject)

With this change, even if the check is passing a new List or Map will be returned.

Closes gh-9210
 2020-12-03 11:20:11 -05:00
Ovidiu Popa
b8175bccd2 OidcIdToken cannot be serialized to JSON if token contains claim of type JSONArray or JSONObject 
ObjectToListStringConverter and ObjectToMapStringObjectConverter were checking if the source object is of type List or Map and if the first element or key is a String. If we have a JSONArray containing Strings the above check will pass, meaning that a JSONArray will be returned which is not serializable (same applies to JSONObject)

With this change, even if the check is passing a new List or Map will be returned.

Closes gh-9210
 2020-12-03 10:54:00 -05:00