dfebd6d9d4
Revert "URL encode client credentials"
...
This reverts commit e6c268add0
2021-07-20 12:59:44 -05:00
5fd81eeaf1
fix typo preventing full exception to be displayed in log
...
closes gh-9901
2021-06-17 08:38:24 -06:00
a332e2a728
Support additional client authentication methods
...
Closes gh-9780
2021-06-16 16:03:13 -05:00
9daf058a6e
Handle missing authorization endpoint uri
...
Closes gh-9795
2021-06-16 16:00:53 -05:00
839cc5e851
Remove validation for unsupported grant types
...
Closes gh-9828
2021-06-16 15:55:45 -05:00
6fbd038111
Jwt client authentication converter detects new key
...
Closes gh-9814
2021-06-16 12:58:01 -04:00
700bda68b7
Store one request by default in WebSessionOAuth2ServerAuthorizationRequestRepository
...
Related to gh-9649
Closes gh-9857
2021-06-15 11:32:35 -05:00
e6c268add0
URL encode client credentials
...
Closes gh-9610
2021-06-03 09:12:18 -05:00
f48a006034
Polish postLogoutRedirectUri encoding
...
Issue gh-9511
2021-05-26 13:51:26 -06:00
b7a0959ede
Encode postLogoutRedirectUri query params
...
Now encodes already encoded queryparameters in postLogoutRedirectUrl
correctly
Closes gh-9511
2021-05-26 13:51:15 -06:00
de4b3a4310
Handle custom status codes in error handler
...
Fixes an issue where custom status codes in the error response cause an
IllegalArgumentException to be thrown when resolving an HttpStatus.
Closes gh-9741
2021-05-25 13:41:04 -05:00
372c2b805b
Update r2dbc-spi-test to 0.8.5.RELEASE
...
Closes gh-9752
2021-05-14 13:23:54 -05:00
5b24bd1288
Adjust ClientRegistrationsTests
...
Closes gh-9748
2021-05-14 10:30:46 -06:00
5f6de026a8
Update javadoc AuthorizationCodeOAuth2AuthorizedClientProvider
...
Closes gh-9708
2021-05-13 13:02:08 -04:00
64b7af473d
Additional HttpSessionOAuth2AuthorizationRequestRepository tests
...
Issue gh-5145
2021-05-12 14:59:25 -05:00
35f5ebdbcf
HttpSessionOAuth2AuthorizationRequestRepository: store one request by default
...
Add setAllowMultipleAuthorizationRequests allowing applications to
revert to the previous functionality should they need to do so.
Closes gh-5145
Intentionally regresses gh-5110
2021-05-12 14:59:25 -05:00
761e3a9dd8
JwtBearerOAuth2AuthorizedClientProvider checks for access token expiry
...
Fixes gh-9700
2021-04-30 10:12:38 -04:00
eff4cdc924
Polish gh-9505
2021-04-09 06:22:29 -04:00
7694aa27cf
Add jwt-bearer authorization grant
...
Closes gh-6053
2021-04-09 06:22:29 -04:00
9c97970e26
Add Jwt Client Authentication support
...
Closes gh-8175
2021-04-08 15:44:33 -04:00
8323590b6c
Update r2dbc-spi-test to 0.8.4.RELEASE
...
Closes gh-9551
2021-04-05 22:23:59 -05:00
60d3db5798
add management platform(project(":spring-security-dependencies"))
...
Closes gh-9540
2021-04-05 10:36:36 -05:00
1a76ee7442
Update Gradle configuration names
...
Closes gh-9540
2021-04-05 10:36:36 -05:00
b8e47882aa
Fix test to use non-expired token
...
Closes gh-9506
2021-03-17 17:38:08 +01:00
4a492846f1
Revert "Lock dependencies for 2.5.0-M3"
...
This reverts commit f05cc6269c
2021-03-15 23:18:45 +01:00
f05cc6269c
Lock dependencies for 2.5.0-M3
2021-03-15 11:00:19 +01:00
5e5ff27109
Configure Jackson for nanosecond precision
...
Closes gh-9461
2021-02-17 11:53:36 -07:00
a0a9718b8b
Use Instant with micro-second precision
...
Closes gh-9449
2021-02-17 11:31:23 -07:00
c4be1c6a56
Revert "Lock Dependencies"
...
This reverts commit a85caa4098
2021-02-11 15:49:59 -07:00
a85caa4098
Lock Dependencies
2021-02-11 15:00:38 -07:00
d85a7cfc4a
Make user info response status check error only
...
Closes gh-9336
2021-01-25 10:02:58 -05:00
56db058fd0
Fix NullPointerException
...
- Caused by a malformed WWW-Authenticate value
2021-01-21 16:18:23 -07:00
58e3235093
Deprecate ClientAuthenticationMethod BASIC and POST
...
Closes gh-9220
2020-11-25 15:13:28 -05:00
b95e1aa209
Revert "Lock dependencies for 5.5.0-M1"
...
This reverts commit 25a7482c8c
2020-11-03 19:53:28 -05:00
c069692ab9
Extract OAuth2Token from AbstractOAuth2Token
...
Closes gh-5502
2020-11-02 20:35:08 -05:00
25a7482c8c
Lock dependencies for 5.5.0-M1
2020-10-30 17:52:03 -05:00
6724e3e514
Provide a R2dbc implementation of ReactiveOuath2AuthorizedClientService
...
Implement R2dbcReactiveOuath2AuthorizedClientService which persists the
Oauth2AuthorizedClient in a sql database
R2dbcReactiveOuath2AuthorizedClientService is using the spring-r2dbc
module to persist/load Oauth2AuthorizedClient to/from a sql database
Add optional depedency to the spring-r2dbc module
Add test compile dependencies to r2dbc-h2 and r2dbc-test
Closes gh-7890
2020-10-29 15:44:12 -04:00
42a787d1f6
Add Postgres sql for JDBC implementation of OAuth2AuthorizedClientService
...
Postgres doesn't have a BLOB type, but it does have an equivalent BYTEA
type.
This approach and naming convention follows the convention established
in Spring Session JDBC which has sql for each RDBMS with files names in
the pattern *-{dbname}.sql, for example:
schema-db2.sql
schema-derby.sql
schema-h2.sql
schema-mysql.sql
schema-postgresql.sql
See https://github.com/spring-projects/spring-session/tree/2.3.1.RELEASE/spring-session-jdbc/src/main/resources/org/springframework/session/jdbc
Issue gh-9070
2020-10-22 09:56:20 -04:00
05dc326389
Use LobHandler in JdbcOAuth2AuthorizedClientService
...
LobHandler provides an abstraction for handling large binary fields and large text
fields in specific databases, no matter if represented as simple types or
Large OBjects.
Its use provides compatibility with many databases eliminating the need
for custom OAuth2AuthorizedClientParametersMapper and
OAuth2AuthorizedClientRowMapper implementations.
Closes gh-9070
2020-10-22 09:56:20 -04:00
c502312719
Replace expected @Test attributes with AssertJ
...
Replace JUnit expected @Test attributes with AssertJ calls.
2020-09-22 16:13:51 -06:00
20baa7d409
Replace ExpectedException @Rules with AssertJ
...
Replace JUnit ExpectedException @Rules with AssertJ calls.
2020-09-22 16:13:51 -06:00
6e6d382357
Adapt to WebClient's new exception wrapping
...
See https://github.com/spring-projects/spring-framework/issues/23842
Closes gh-9031
2020-09-17 12:21:51 -04:00
7b1f574769
Revert "Lock Dependency Versions for 5.4.0"
...
This reverts commit 3d0e459182
2020-09-09 18:14:12 -04:00
3d0e459182
Lock Dependency Versions for 5.4.0
2020-09-09 13:45:03 -04:00
2abf59b695
Merge Formatting Changes
...
Issue gh-8945
2020-08-24 17:33:23 -05:00
dc47a7575e
Polish oauth-client format
...
Issue gh-8945
2020-08-24 17:33:09 -05:00
319d3364aa
Migrate to assertThatExceptionOfType
...
Consistently use `assertThatExceptionOfType(...).isThrownBy(...)`
rather than `assertThatCode` or `assertThatThrownBy`. This aligns with
Spring Boot and Spring Cloud. It also allows the convenience
`assertThatIllegalArgument` and `assertThatIllegalState` methods to
be used.
Issue gh-8945
2020-08-24 17:33:09 -05:00
2f8e835b11
Use assertThatObject to save casting
...
Update tests that use `assertThat((Object) ...)` to use the convenience
`assertThatObject(...)` method instead.
Issue gh-8945
2020-08-24 17:33:09 -05:00
a5aa6b3d7f
Remove blank lines from all tests
...
Remove all blank lines from test code so that test methods are
visually grouped together. This generally helps to make the test
classes easer to scan, however, the "given" / "when" / "then"
blocks used by some tests are now not as easy to discern.
Issue gh-8945
2020-08-24 17:33:09 -05:00
7a715f9086
Polish spring-security-oauth2-client main code
...
Manually polish `spring-security-oauth-cleint` following the
formatting and checkstyle fixes.
Issue gh-8945
2020-08-24 17:33:09 -05:00
Steve Riesenberg
Arnaud Mergey
Joe Grandja
Steve Riesenberg
Josh Cummings
Hans Hosea Schaefer
Rob Winch
Asian Malaysian Vietnamese
Craig Andrews
Hassene Laaribi
Eleftheria Stein
Benjamin Faal
tristanessquare
Ovidiu Popa
Phillip Webb