Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
8,810 Commits 32 Branches 333 Tags 109 MiB
Commit Graph

202 Commits

Author SHA1 Message Date
Dávid Kováč af1c96b425
Simplify OAuth 2.0 Introspection Attribute Retrieval 
In order to simplify retrieving of OAuth 2.0 Introspection specific
attributes, OAuth2IntrospectionClaimAccessor interface was introduced
and also new OAuth2AuthenticatedPrincipal implementing this new
interface (OAuth2IntrospectionAuthenticatedPrincipal).

Also DefaultOAuth2AuthenticatedPrincipal was replaced by
OAuth2IntrospectionAuthenticatedPrincipal in cases where OAuth 2.0
Introspection is performed (NimbusOpaqueTokenIntrospector,
NimbusReactiveOpaqueTokenIntrospector).

DefaultOAuth2AuthenticatedPrincipal can be still used by applications
that introspected the token without OAuth 2.0 Introspection.

OAuth2IntrospectionAuthenticatedPrincipal will also be used as a
default principal in tests where request is post-processed/mutated
by OpaqueTokenRequestPostProcessor/OpaqueTokenMutator.

Closes gh-6489
 2020-07-09 17:26:13 -06:00
Josh Cummings 146d0b6358
Revert "Lock Dependency Versions for 5.4.0-M2" 
This reverts commit 68538897c8.
 2020-07-01 13:11:50 -06:00
Josh Cummings 68538897c8
Lock Dependency Versions for 5.4.0-M2 2020-07-01 12:40:29 -06:00
Rob Winch dac7806cf5 Test beforeTestMethod delays creation of SecurityContext 
Issue gh-6591
 2020-06-24 16:40:09 -05:00
Markus Gabriel 97ee6d66f1 Fix SecurityContext creation for TEST_EXECUTION 
Currently, there is support for setting up a SecurityContext after @Before by
using TestExecutionEvent.TEST_EXECUTION. The current implementation, however,
already creates the SecurityContext in @Before and just does not set it yet.
This leads to issues like #6591. For the case of @WithUserDetails, the
creation of the SecurityContext already looks up a user from the repository.
If the user was inserted in @Before, the user is not found despite using
TestExecutionEvent.TEST_EXECUTION. This commit changes the creation of the
SecurityContext to happen after @Before if using
TestExecutionEvent.TEST_EXECUTION.

Closes gh-6591
 2020-06-24 16:40:08 -05:00
Dávid Kovács 88028d82ed formLogin() and login() implement Mergable 
This is necessary so that default requests like Spring REST Docs work.

Closes gh-7572
 2020-06-22 14:54:32 -05:00
Josh Cummings 900f551890
Inject TestOAuth2AuthorizedClientRepository 
Fixes gh-8603
 2020-05-28 10:33:02 -06:00
Joe Grandja 86ca6b013c Unlock dependencies 
This reverts commit 206960cf44.
 2020-05-06 17:27:35 -04:00
Joe Grandja 206960cf44 Lock dependencies for 5.4.0-M1 2020-05-06 17:13:04 -04:00
Dávid Kovács 1f1ddeb025 SecurityMockMvcConfigurer$DelegateFilter is not null-safe 
This commit adds null-check to getter method, so instead of NPE an IllegalStateException will be thrown with additional details.

Fixes gh-7745
 2020-05-05 09:56:37 -05:00
Markus Engelbrecht d81321bc29
Fix typo 'properites' in documentation 
Fixes gh-8095
 2020-03-11 10:54:14 -06:00
Josh Cummings 6eadf7b140
Unlock dependencies for 5.3.0.RELEASE 
This reverts commit 147d7dadd7.
 2020-03-04 12:02:48 -07:00
Josh Cummings 147d7dadd7
Lock dependencies for 5.3.0.RELEASE 2020-03-04 10:28:39 -07:00
Josh Cummings 85b0e468ad
Add missing calls to principalName 
Issue gh-8054
 2020-03-03 17:11:42 -07:00
Josh Cummings 2064214f39
Add principal name to oauth2Client Test Support 
Fixes gh-8054
 2020-03-03 16:33:08 -07:00
Josh Cummings 3bc1b7a933
Simplify opaqueToken support 
Remove scopes convenience method to alleviate potential confusion with
the "scope" attribute.

Issue gh-7827
Issue gh-7712
 2020-03-03 16:24:43 -07:00
Josh Cummings 689fc9df0c
Align Test Support Claims 
Make all sub claims 'user' and all scopes 'read' to align with
existing support for JWT

Issue gh-7828
Issue gh-7789
Issue gh-7680
Issue gh-7618
 2020-03-03 16:24:43 -07:00
Josh Cummings 30adabb685
Simplify oauth2Login Test Support 
Remove nameAttributeKey as this is easily done by constructing
a DefaultOAuth2User instance.

Issue gh-7789
Issue gh-7828
 2020-03-03 15:48:04 -07:00
Josh Cummings bd593a3431
Add Opaque Token WebTestClient Support 
Fixes gh-7827
 2020-02-27 11:29:55 -07:00
Josh Cummings ffb5a3a0d4
Add oauth2Client WebTestClient Support 
Fixes gh-7910
 2020-02-05 15:33:57 -07:00
Eleftheria Stein 84b8a5abd7 Unlock dependencies for next development version 
This reverts commit 064616f1ef.
 2020-02-05 15:53:04 +01:00
Eleftheria Stein 064616f1ef Lock dependencies for 5.3.0.RC1 2020-02-05 10:20:05 +01:00
Josh Cummings c367378421
Add OAuth2Client MockMvc Test Support 
Fixes gh-7886
 2020-02-03 15:59:58 -07:00
Josh Cummings 982f3f902c
Add oauth2Login Reactive Test Support 
Fixes gh-7828
 2020-01-13 17:49:52 -07:00
Josh Cummings 8f1d0cf528
opaqueToken MockMvc Configuration Order 
Fixes gh-7800
 2020-01-10 16:47:31 -07:00
Eleftheria Stein fcc6457bef Unlock dependencies for next development version 
This reverts commit 93acf8f0f1.
 2020-01-08 22:15:17 +01:00
Eleftheria Stein 93acf8f0f1 Lock dependencies for 5.3.0.M1 2020-01-08 19:41:10 +01:00
Josh Cummings 09810b8df9
oidcLogin Test Configuration Flow 
Fixes gh-7794
 2020-01-07 17:37:48 -07:00
Josh Cummings 84ba3ddf26
Add oauth2Login MockMvc Support 
Fixes gh-7789
 2020-01-07 14:09:36 -07:00
Josh Cummings e1fdb24b5d
Add opaqueToken MockMvc Test Support 
Fixes gh-7712
 2019-12-20 15:34:11 -07:00
Josh Cummings d102cae243
oidcLogin MockMvc Documentation 
Remove documentation requiring a valid ClientRegistrationRepository

Issue: gh-7618
 2019-12-02 22:49:17 -07:00
Josh Cummings 8c32d5fe48
Add oidcLogin WebFlux Test Support 
Fixes: gh-7680
 2019-12-02 22:28:24 -07:00
Josh Cummings b35e18ff31
Add oidcLogin MockMvc Test Support 
Fixes gh-7618
 2019-11-26 16:12:06 -07:00
Josh Cummings 7cbd1665a6
Isolate Jwt Test Support 
Isolating Jwt test support inside JwtRequestPostProcessor and
JwtMutator.

Fixes gh-7641
 2019-11-22 15:07:05 -07:00
Drummond Dawson 4f82be7e68 Support URI vars in formLogin and logout MockMvc requests 2019-11-05 09:46:50 +01:00
Rob Winch 00f8991fac Merge Remove Redudant Throws 
Fixes gh-7301
 2019-09-19 11:04:53 -05:00
Josh Cummings 05caf3d8fb
Use Jwt.Builder 
Fixes gh-7443
 2019-09-16 14:00:25 -06:00
Josh Cummings b55b2914c2 Mock Jwt Disables CSRF 
Fixes gh-7170
 2019-09-13 19:04:05 +01:00
Lars Grefer 95511331fa fix checkstyle 2019-08-26 22:42:26 +02:00
Lars Grefer 34dd5fea30 Remove redundant throws clauses 
Removes exceptions that are declared in a method's signature but never thrown by the method itself or its implementations/derivatives.
 2019-08-23 01:03:54 +02:00
Rob Winch 9d63c36f93 Fix JDK 10+ 
Issue gh-7265
 2019-08-16 11:13:11 -05:00
Rob Winch 0c6bff4afb SecurityMockMvcConfigurer Honors Filter Order 
Fixes gh-7265
 2019-08-16 09:24:33 -05:00
Rob Winch c1db1aad91
Cleanup Code Style Issues 
Cleanup Code Style Issues
 2019-08-12 13:06:49 -05:00
Lars Grefer ff1070df36 remove redundant modifiers found by checkstyle 2019-08-10 00:18:56 +02:00
Lars Grefer 38de737663 Java 8: Statement lambda can be replaced with expression lambda 2019-08-09 16:59:07 -05:00
Lars Grefer b388976ac8 fix checkstyle 2019-08-09 02:46:20 +02:00
Lars Grefer fe9e454978 StandardCharsets can be used 
Reports methods and constructors where constant charset String literal is used (like "UTF-8") which could be replaced with a predefined Charset object like StandardCharsets.UTF_8. This may work a little bit faster, because charset lookup becomes unnecessary. Also catching UnsupportedEncodingException may become unnecessary as well. In this case the catch block will be removed automatically.
 2019-08-09 00:39:09 +02:00
Lars Grefer fb39d9c255 Anonymous type can be replaced with lambda 2019-08-08 17:09:09 -04:00
Lars Grefer 776a4c3760 Use org.mockito.ArgumentMatchers in favor of org.mockito.Matchers 2019-08-03 12:28:37 -04:00
Lars Grefer c5b5cc507c Cleanup redundant type casts 2019-07-10 09:31:09 -05:00