Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-06-25 21:42:17 +00:00
Code Issues Packages Projects Releases Wiki Activity
7,583 Commits 36 Branches 348 Tags
Commit Graph

7583 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Eleftheria Stein
5decfb1ece Update Encryptors documentation 
Fixes gh-8208
 2020-03-27 10:48:45 -04:00
Joe Grandja
a24d67375b oauth2Login WebFlux does not auto-redirect for XHR request 
Fixes gh-8118
 2020-03-26 05:27:43 -04:00
Joe Grandja
3a46ba8a85 OAuth2ErrorHttpMessageConverter handles JSON object parameters 
Fixes gh-8157
 2020-03-24 14:57:52 -04:00
Erik van Paassen
a4851095df
Fix typo in Javadoc of HttpSecurity#csrf() 
`HttpSecurity#csrf()` obviously returns a `CsrfConfigurer`, while the Javadoc states that it returns the `ServletApiConfigurer`.
 2020-03-17 13:37:01 -06:00
Markus Engelbrecht
633e5b85b4
Fix typo 'properites' in documentation 
Fixes gh-8095
 2020-03-11 11:02:05 -06:00
Josh Cummings
bfa5830e3d
Update to Jetty 9.4.27 
Fixes gh-7507
 2020-03-09 10:10:04 -06:00
Pim Moerenhout
e43fab518c
Fix typo in log message. 2020-03-04 10:33:36 -07:00
AmitB
c9f676739b Fix typo in AntPathRequestMatcher contructor comment 
Closes gh-8042
 2020-03-02 07:20:50 -06:00
Josh Cummings
b7ce65b284
Register Authentication Provider in Init Phase 
Fixes gh-8031
 2020-02-29 13:07:39 -07:00
Joe Grandja
67d561b5f7 OAuth2AccessTokenResponseHttpMessageConverter handles JSON object parameters 
Fixes gh-6463
 2020-02-24 16:10:18 -05:00
LeeHainie
4dd2b1dfe1 Remove unwanted code 
Remove unwanted code
 2020-02-20 12:33:55 -07:00
Joe Grandja
aa28a0b453 OAuth2AuthorizationCodeGrantWebFilter matches on query parameters 
Fixes gh-7966
 2020-02-10 16:09:57 -05:00
Joe Grandja
8145cb557b OAuth2AuthorizationCodeGrantFilter matches on query parameters 
Fixes gh-7963
 2020-02-10 05:41:34 -05:00
Joe Grandja
ef4109358a Add release-notes-sections.yml 2020-02-05 15:19:57 -05:00
Joe Grandja
6d6fd09665 Next Development Version 2020-02-05 10:04:48 -05:00
Joe Grandja
84f5713d26 Release 5.1.8.RELEASE 5.1.8.RELEASE 2020-02-05 09:45:19 -05:00
Joe Grandja
137c211667 Update to Spring Boot 2.1.12 
Fixes gh-7923
 2020-02-04 16:56:11 -05:00
Joe Grandja
4e4785c6c2 Update to org.slf4j 1.7.30 
Fixes gh-7922
 2020-02-04 16:55:11 -05:00
Joe Grandja
ec0e03cff2 Update to org.powermock 2.0.5 
Fixes gh-7921
 2020-02-04 16:43:49 -05:00
Joe Grandja
e3a50c5039 Update to hibernate-validator 6.0.18.Final 
Fixes gh-7920
 2020-02-04 16:39:50 -05:00
Joe Grandja
b2476915e2 Update to hibernate-entitymanager 5.3.15.Final 
Fixes gh-7919
 2020-02-04 16:37:35 -05:00
Joe Grandja
90b1c877f1 Update to org.bouncycastle:bcpkix-jdk15on 1.64 
Fixes gh-7918
 2020-02-04 16:35:24 -05:00
Joe Grandja
57e69156c5 Update to org.aspectj 1.9.5 
Fixes gh-7917
 2020-02-04 16:32:43 -05:00
Joe Grandja
4c3ac0a1a4 Update to httpclient 4.5.11 
Fixes gh-7916
 2020-02-04 16:30:23 -05:00
Joe Grandja
d9521cb880 Update to com.squareup.okhttp3 3.12.8 
Fixes gh-7915
 2020-02-04 16:27:09 -05:00
Joe Grandja
7d7cdbb09c Update to Jackson 2.9.10 
Fixes gh-7914
 2020-02-04 16:23:13 -05:00
Joe Grandja
c2129d3812 Update to Reactor Californium-SR15 
Fixes gh-7913
 2020-02-04 16:16:33 -05:00
Joe Grandja
097c4bf2a1 Update to Spring Data Lovelace SR15 
Fixes gh-7912
 2020-02-04 16:14:57 -05:00
Joe Grandja
b8938c98d3 Update to Spring Framework 5.1.13 
Fixes gh-7911
 2020-02-04 16:12:24 -05:00
Eleftheria Stein
0520810a0d Load LDIF file from classpath in unboundId mode 
Fixes: gh-7833
 2020-01-21 17:17:18 +01:00
Filip Hanik
8711ba5a30
Build using openjdk8 
Fixes gh-7169

[closes #7169]
 2020-01-13 10:32:10 -07:00
Rob Winch
0f8927b500 CompositeServerHttpHeadersWriter Executes Sequentially 
Fixes gh-7731
 2019-12-12 12:20:09 -06:00
Rob Winch
1136660518 DelegatingServerAuthenticationSuccessHandler Executes Sequentially 
Fixes gh-7728
 2019-12-12 09:31:43 -06:00
Rob Winch
c395da3e04 DelegatingServerLogoutHandler Executes Sequentially 
Fixes gh-7723
 2019-12-12 07:48:58 -06:00
Joe Grandja
798c48eee3 Remove redundant validation for redirect-uri 
Fixes gh-7706
 2019-12-06 12:09:09 -05:00
Joe Grandja
b7f1bdae64 Display general error message when WebFlux oauth2Login() fails 
Issue gh-5562 gh-6484
 2019-12-05 20:45:18 -05:00
Joe Grandja
459e8f1a11 WebFlux oauth2Login() redirects on failed authentication 
Fixes gh-5562 gh-6484
 2019-12-05 20:42:23 -05:00
Warren Bailey
450a20add4 When expired retrieve new Client Credentials token. 
Once client credentials access token has expired retrieve a new token from the OAuth2 authorization server.
These tokens can't be refreshed because they do not have a refresh token associated with. This is standard behaviour for Oauth 2 client credentails

Fixes gh-5893
 2019-11-28 16:02:06 -05:00
Rob Winch
f3f84e1aff Next Development Version 2019-11-04 13:58:52 -06:00
Rob Winch
4a9d13dc5c Release 5.1.7.RELEASE 5.1.7.RELEASE 2019-11-04 13:56:38 -06:00
Rob Winch
62529278b5 Update to Spring Data Lovelace-SR12 
Fixes gh-7617
 2019-11-04 13:04:01 -06:00
Rob Winch
dcb3b6940f Update to Spring 5.1.11.RELEASE 
Fixes gh-7616
 2019-11-04 13:03:48 -06:00
Rob Winch
a82047e61b Update Californium-SR13 
Fixes gh-7615
 2019-11-04 13:03:36 -06:00
Rob Winch
6c54e5f278 Update to Spring Boot 2.1.9.RELEASE 
Fixes gh-7614
 2019-11-04 13:03:14 -06:00
Josh Cummings
8589580aa2
CookieServerCsrfTokenRepositoryTests Leading Dot 
ResponseCookie removed support for having a leading dot in the cookie
domain.

Fixes gh-7500
 2019-09-30 08:52:42 -06:00
Joe Grandja
1749c8df9c OAuth2AuthorizationCodeGrantWebFilter matches on registered redirect-uri 
Fixes gh-7036
 2019-09-24 15:50:19 -04:00
Roman Matiushchenko
a5391b629e Fix NPE in RequestContextSubscriber 
RequestContextSubscriber could cause NPE if Mono/Flux.subscribe()
was invoked outside of Web Context.
In addition it replaced source Context with its own without respect
to old data.
Now Request Context Data is Propagated within holder class and
it is added to existing reactor Context if Holder is not empty.

Fixes gh-7228
 2019-09-08 20:35:09 -04:00
Andreas Kluth
57f3c76801 Remove OAuth2AuthorizationRequest when a distributed session is used 
Dirties the WebSession by putting the amended AUTHORIZATION_REQUEST map into
the WebSession even it was already in the map. This causes common SessionRepository
implementations like Redis to persist the updated attribute.

Fixes gh-7327

Author: Andreas Kluth <mail@andreaskluth.net>
 2019-09-05 10:04:14 -04:00
Rob Winch
f8f1e9a3d4 Use ConcurrentHashMap in InMemoryReactiveClientRegistrationRepository 
Fixes gh-7299
 2019-09-04 19:21:22 -05:00
Bouke Nijhuis
bf78e43403 add media type jwk-set+json to accept header 
Fixes gh-7290
 2019-09-03 14:39:18 -04:00