Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2026-04-18 23:10:25 +00:00
Code Issues Packages Projects Releases Wiki Activity
8,511 Commits 49 Branches 376 Tags
Commit Graph

1105 Commits

Author SHA1 Message Date
Josh Cummings
689fc9df0c
Align Test Support Claims 
Make all sub claims 'user' and all scopes 'read' to align with
existing support for JWT

Issue gh-7828
Issue gh-7789
Issue gh-7680
Issue gh-7618
 2020-03-03 16:24:43 -07:00
Filip Hanik
3257349045 Support POST binding for AuthNRequest 
Has been tested with

- Keycloak
- SSOCircle
- Okta
- SimpleSAMLPhp

This PR extends (builds on previous commits and adds user configuration
options)
https://github.com/spring-projects/spring-security/pull/7758
 2020-02-28 09:15:26 -08:00
Filip Hanik
a51a202925 Correct signature handling for SAML2 AuthNRequest 
Implements the following bindings for AuthNRequest
- REDIRECT
- POST (future PR)

Has been tested with
- Keycloak
- SSOCircle
- Okta
- SimpleSAMLPhp

Fixes gh-7711
 2020-02-12 13:30:48 -08:00
Filip Hanik
43098d41cc Revert "Correct signature handling for SAML2 AuthNRequest" 
This reverts commit a3e09fadd77cb6bbacbd626c48deb2a4473e1e54.
Build failure on Java 9+

XML generation does not add linefeeds by default
Change since Java 8
 2020-02-12 13:30:48 -08:00
Filip Hanik
a3e09fadd7 Correct signature handling for SAML2 AuthNRequest 
Implements the following bindings for AuthNRequest
- REDIRECT
- POST (future PR)

Has been tested with
- Keycloak
- SSOCircle
- Okta
- SimpleSAMLPhp

Fixes gh-7711
 2020-02-12 11:40:19 -08:00
Josh Cummings
7c4d56319f
cassample groovy->java 
Issue gh-4939
 2020-02-07 16:44:08 -07:00
Josh Cummings
f23ab6f716
Updated Tests for oauth2webclient-webflux Sample 
Issue gh-7910
 2020-02-05 15:56:18 -07:00
Eleftheria Stein
84b8a5abd7 Unlock dependencies for next development version 
This reverts commit 064616f1ef077cf23028d64b61b1452be0ec9eb1.
 2020-02-05 15:53:04 +01:00
Eleftheria Stein
064616f1ef Lock dependencies for 5.3.0.RC1 2020-02-05 10:20:05 +01:00
Rob Winch
1d7208f8ef Add RSocket Authentication Extension Support 
Fixes gh-7935
 2020-02-04 23:36:47 -06:00
Josh Cummings
187c76e610
Update Tests in oauth2webclient Sample 
Issue gh-7886
 2020-02-03 17:08:04 -07:00
Josh Cummings
df8feb8919
Update JettyCasService 
Align with changes to Jetty's SslContextFactory

Issue gh-7874
 2020-01-30 11:25:44 -07:00
Josh Cummings
50d8200348
Update cas-server-webapp to 4.0.7 
Did not update to the latest as there is some work involved in
aligning the casserver sample's XML configuration with the latest
cas-server-webapp.

Fixes gh-7874
 2020-01-30 11:24:16 -07:00
Josh Cummings
982f3f902c
Add oauth2Login Reactive Test Support 
Fixes gh-7828
 2020-01-13 17:49:52 -07:00
Josh Cummings
8f1d0cf528
opaqueToken MockMvc Configuration Order 
Fixes gh-7800
 2020-01-10 16:47:31 -07:00
Eleftheria Stein
1e33627d87 Use standard lambda syntax in documentation 
Fixes: gh-7774
 2020-01-10 13:12:17 +01:00
Eleftheria Stein
fcc6457bef Unlock dependencies for next development version 
This reverts commit 93acf8f0f11e2811b7d4241b26f712674978f3f7.
 2020-01-08 22:15:17 +01:00
Eleftheria Stein
93acf8f0f1 Lock dependencies for 5.3.0.M1 2020-01-08 19:41:10 +01:00
Josh Cummings
84ba3ddf26
Add oauth2Login MockMvc Support 
Fixes gh-7789
 2020-01-07 14:09:36 -07:00
Eleftheria Stein-Kousathana
2df1099da5
Idiomatic Kotlin DSL for configuring HTTP security 
Issue: gh-5558
 2020-01-07 12:08:43 -05:00
Josh Cummings
e1fdb24b5d
Add opaqueToken MockMvc Test Support 
Fixes gh-7712
 2019-12-20 15:34:11 -07:00
Filip Hanik
b7eebabce6 Ensure that both matchers carry the same pattern. 
AbstractAuthenticationProcessingFilter.setRequiresAuthenticationRequestMatcher is public and final,
so there is a risk that the underlying matcher can become different if one is not careful.
 2019-12-17 13:34:27 -08:00
Joe Grandja
24500fa3ca Remove redundant validation for redirect-uri 
Fixes gh-7706
 2019-12-06 11:55:31 -05:00
Josh Cummings
d102cae243
oidcLogin MockMvc Documentation 
Remove documentation requiring a valid ClientRegistrationRepository

Issue: gh-7618
 2019-12-02 22:49:17 -07:00
Josh Cummings
8c32d5fe48
Add oidcLogin WebFlux Test Support 
Fixes: gh-7680
 2019-12-02 22:28:24 -07:00
Josh Cummings
b35e18ff31
Add oidcLogin MockMvc Test Support 
Fixes gh-7618
 2019-11-26 16:12:06 -07:00
Josh Cummings
4954a229d6
Polish oauth2Login Sample Test 
Issue: gh-7618
 2019-11-26 14:19:14 -07:00
Josh Cummings
7cbd1665a6
Isolate Jwt Test Support 
Isolating Jwt test support inside JwtRequestPostProcessor and
JwtMutator.

Fixes gh-7641
 2019-11-22 15:07:05 -07:00
Eddú Meléndez
27aa61b02f Use LocalRSocketServerPort annotation 2019-11-06 10:10:32 +01:00
Filip Hanik
0cafcf37e2 Make the loginProcessingUrl configurable for saml2Login() 
Fixes gh-7565

https://github.com/spring-projects/spring-security/issues/7565
 2019-10-31 08:20:12 -07:00
Filip Hanik
4489163163 Use Spring Boot configuration for saml2Login() 
Fixes gh-7521

https://github.com/spring-projects/spring-security/issues/7521
 2019-10-25 08:22:40 -07:00
Filip Hanik
5345aecd7f Align RSocket sample with new Spring Boot configuration 2019-10-25 08:22:40 -07:00
Rob Winch
03e2efacf4 Add Hello RSocket Sample 
Fixes gh-7504
 2019-09-30 13:58:03 -05:00
Filip Hanik
83b5f5c7ae Improve the Saml2AuthenticationRequest object 
- introduce the AssertionConsumerServiceURL attribute
- add javadoc
- align property name with SAML XML for AuthNRequest
 2019-09-30 11:01:34 -07:00
Filip Hanik
9731386de5 Correctly set "Destination" in AuthNRequest message 
Fixes gh-7494
https://github.com/spring-projects/spring-security/issues/7494
 2019-09-30 11:01:34 -07:00
Filip Hanik
7adb4da3ef Always require signature on either response or assertion 
Fixes gh-7490
https://github.com/spring-projects/spring-security/issues/7490
 2019-09-30 09:22:36 -07:00
Filip Hanik
e6d40e8280
Merge pull request #7477 from fhanik/feature/propagate_saml_authentication_exception 
propagate saml authentication exception #7375
 2019-09-27 09:38:57 -07:00
Filip Hanik
22da2b45c9 SAML Assertion validation should propagate errors: #7375 and #7375 
Fixes gh-7377
Fixes gh-7375

https://github.com/spring-projects/spring-security/issues/7377
https://github.com/spring-projects/spring-security/issues/7375

Clean up code

- Authentication request factory should only throw Saml2Exception
- OpenSamlImplementation should only throw Saml2Exception
- Move the OpenSamlImplementation package private methods to the right
section
 2019-09-27 09:07:25 -07:00
Ivo Smid
a11e61432e Document OAuth2 Client behind proxy and redirect_uri 
Fixes gh-7312
 2019-09-26 14:09:21 -04:00
Filip Hanik
adde18b873 Revert "Merge pull request #7432 from fhanik/feature/propagate_saml_authentication_exception" 
This reverts commit e9619fb0e7459528f7861faab3b06c7bb6b21bd0, reversing
changes made to 45a1490d5d713d39cad11ac2cdfddf7820e09f4b.
 2019-09-24 16:05:09 -07:00
Filip Hanik
d472e99528 SAML Assertion validation should propagate errors: #7375 and #7375 
Fixes gh-7377
Fixes gh-7375

https://github.com/spring-projects/spring-security/issues/7377
https://github.com/spring-projects/spring-security/issues/7375
 2019-09-24 14:40:39 -07:00
Rob Winch
00f8991fac Merge Remove Redudant Throws 
Fixes gh-7301
 2019-09-19 11:04:53 -05:00
Josh Cummings
bdaf530511
Remove Stray @MockBean 
Issue gh-7170
 2019-09-16 06:56:58 -06:00
Josh Cummings
b55b2914c2 Mock Jwt Disables CSRF 
Fixes gh-7170
 2019-09-13 19:04:05 +01:00
Joe Grandja
a60446836b OAuth2AuthorizeRequest supports attributes 
Fixes gh-7341
 2019-09-05 21:04:25 -04:00
Filip Hanik
e9a44bc0ce HttpSecurity.saml2login() - MVP Core Code 
Implements minimal SAML 2.0 login/authentication functionality with the
following feature set:

  - Supports IDP initiated login at the default url of /login/saml2/sso/{registrationId}
  - Supports SP initiated login at the default url of /saml2/authenticate/{registrationId}
  - Supports basic java-configuration via DSL
  - Provides an integration sample using Spring Boot

Not implemented with this MVP

  - Single Logout
  - Dynamic Service Provider Metadata

Fixes gh-6019
 2019-09-05 14:40:08 -07:00
Joe Grandja
dcd997ea43 Add support for Resource Owner Password Credentials grant 
Fixes gh-6003
 2019-09-04 14:07:45 -04:00
Josh Cummings
82ae4db4cc Update Multi Tenancy Sample to Convert Jwts 
Issue gh-7346
 2019-09-03 15:58:05 -06:00
Josh Cummings
068f4f0147 Polish Opaque Token 
Use OAuth2AuthenticatedPrincipal
Use BearerTokenAuthentication
Update names to reflect more generic approach.

Fixes gh-7344
Fixes gh-7345
 2019-09-03 15:58:05 -06:00
Lars Grefer
95511331fa fix checkstyle 2019-08-26 22:42:26 +02:00