Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-02-23 15:20:19 +00:00
Code Issues Packages Projects Releases Wiki Activity
17,027 Commits 33 Branches 337 Tags
Commit Graph

3099 Commits

Author SHA1 Message Date
Josh Cummings
69cbe12a7b
Register Authorization Proxied Type 
Closes gh-16106
 2024-11-15 15:07:37 -07:00
Tran Ngoc Nhan
ffed4ea1dc Polish diamond usage 2024-10-25 13:42:33 -07:00
Max Batischev
9cb81f8ad5 Polish JdbcOneTimeTokenService 2024-10-25 13:26:52 -07:00
Josh Cummings
981fbd5c2c Polish Tests 
Closes gh-14768
 2024-10-24 20:51:34 -07:00
Max Batischev
ec13b8db4b Add @FunctionalInterface to AuthorizationEventPublisher 2024-10-23 12:45:00 -07:00
Josh Cummings
95aaf3566f Use Thread-safe Map 
Closes gh-15906
 2024-10-22 16:16:17 -07:00
Steve Riesenberg
af2b84246b
Fix flaky test 
Issue gh-15735
 2024-10-18 12:22:08 -05:00
kwonyonghyun
b8aa78829c Improve readability of empty collection checks 2024-10-14 12:16:39 -07:00
Tran Ngoc Nhan
31f8caec5f Polish diamond operator usage 2024-10-14 11:51:35 -07:00
Josh Cummings
9ce5a76e8c Polish AuthorizationManager#authorize 
Issue gh-14843
 2024-10-14 11:48:57 -07:00
Max Batischev
e7644925f8 Add AuthorizationResult support for AuthorizationManager 
Closes gh-14843
 2024-10-14 11:48:57 -07:00
Josh Cummings
702538ebce AuthorizationEventPublisher Accepts AuthorizationResult 
Closes gh-15915

Co-authored-by: Max Batischev <mblancer@mail.ru>
 2024-10-14 11:48:57 -07:00
Munawar Hafiz
aa7ef1192e Replaces Date().getTime() method with System.currentTimeMillis() 2024-10-10 14:29:25 -05:00
Josh Cummings
b26f2af5d5 Polish 
Formatting as well as adding a missing defer

Issue gh-15699
 2024-10-07 16:39:54 -07:00
Max Batischev
2ca2e56383 Add Reactive One-Time Token Login support 
Closes gh-15699
 2024-10-07 16:39:54 -07:00
Rob Winch
1dd79c379b Add JdbcOneTimeTokenService 
Closes gh-15735
 2024-10-02 14:42:13 -05:00
Rob Winch
c3a5ae1254 Fix logger checkstyle 2024-10-02 14:39:58 -05:00
Rob Winch
7738e6c895 Add logger.isDebugEnabled() 
Issue gh-15735
 2024-10-02 14:24:23 -05:00
Rob Winch
c4b60cd080 Reduce visibility for JdbcOneTimeTokenServiceTests 
Issue gh-15735
 2024-10-02 14:24:23 -05:00
Rob Winch
650ec3ba82 Use Duration for calculating validity 
This improves readability.

Issue gh-15735
 2024-10-02 14:24:23 -05:00
Rob Winch
e8c71df899 Use private Inner JdbcOneTimeTokenService classes 
Issue gh-15735
 2024-10-02 14:24:23 -05:00
Rob Winch
612b15abcc JdbcOneTimeTokenService.setCleanupCron 
Spring Security uses setter methods for optional member variables. Allows
for a null cleanupCron to disable the cleanup.

In a clustered environment it is likely that users do not want all nodes
to be performing a cleanup because it will cause contention on the ott
table.

Another example is if a user wants to invoke cleanUpExpiredTokens with a
different strategy all together, they might want to disable the cron job.

Issue gh-15735
 2024-10-02 14:22:25 -05:00
Rob Winch
4787ac254d cleanUpExpiredTokens->cleanupExpiredTokens 
Issue gh-15735
 2024-10-02 10:59:26 -05:00
Rob Winch
4f328c9503 destroy() shuts down the taskScheduler 
Issue gh-15735
 2024-10-02 10:59:21 -05:00
Max Batischev
0c216f0b59 Add public to setClock method in InMemoryOneTimeTokenService 
Closes gh-15863
 2024-09-30 15:33:33 -05:00
Max Batischev
50cc36d53e Add support JdbcOneTimeTokenService 
Closes gh-15735
 2024-09-29 00:06:10 +03:00
DingHao
68d814e042 Polish ExpressionTemplateSecurityAnnotationScanner 2024-09-23 16:05:22 -07:00
Jonny Coddington
b90851d968 Improve Error Messages for PasswordEncoder 
Closes gh-14880

Signed-off-by: Jonny Coddington <bottlerocketjonny@protonmail.com>
 2024-09-17 14:16:08 -07:00
Josh Cummings
1760e7fac8 Cache Annotation Lookups 
Closes gh-15799
 2024-09-15 21:30:55 -07:00
Josh Cummings
d194724a04 Skip Proxying If Already Proxied 
Issue gh-15709
 2024-09-15 21:30:55 -07:00
Josh Cummings
6f5e103dec Use AnnotationTemplateExpressionDefaults in Reactive 
Issue gh-15097
 2024-09-15 21:30:55 -07:00
Marcus Hert Da Coregio
0618d4e03f Provide Runtime Hints for Beans used in Pre/PostAuthorize Expressions 
Closes gh-14652
 2024-09-13 08:42:14 -03:00
Josh Cummings
fd5d03d384 Add AuthorizeReturnObject Hints 
Closes gh-15709
 2024-09-10 11:57:31 -07:00
Josh Cummings
da38b13a17 Add SecurityHintsRegistrar 
An interface for registering hints based on Security infrastructure
beans.

Closes gh-15772
 2024-09-10 11:57:31 -07:00
Josh Cummings
927de0d3b8
Use AuthorizationProxy Interface for Class Proxying 
Issue gh-15747
 2024-09-10 07:58:21 -06:00
Marcus Hert Da Coregio
2ff29dc229 Throw AuthorizationDeniedException when AuthorizationResult is available 
Closes gh-15706
 2024-09-10 09:14:50 -03:00
Josh Cummings
fce2eb1531
Add AuthorizationProxy Interface 
Closes gh-15747
 2024-09-09 15:39:03 -06:00
Marcus Hert Da Coregio
4855287743 Merge branch '6.3.x' 
Closes gh-15768
 2024-09-09 08:54:14 -03:00
Marcus Hert Da Coregio
aeae740926 Merge branch '6.2.x' into 6.3.x 
Closes gh-15767
 2024-09-09 08:54:00 -03:00
Marcus Hert Da Coregio
a268b78473 Merge branch '5.8.x' into 6.2.x 
Closes gh-15766
 2024-09-09 08:53:39 -03:00
Marcus Hert Da Coregio
a0e6c17512 Do not log exception if CasJackson2Module is not present 
Closes gh-15749
 2024-09-09 08:32:40 -03:00
Josh Cummings
c0a10b90ba
Merge remote-tracking branch 'origin/6.3.x' 2024-09-04 14:48:23 -06:00
DingHao
5c20505b0e Support Class Attributes in Annotation Template Processing 
Closes gh-15721
 2024-09-04 13:41:46 -07:00
Josh Cummings
c53ee19a83 Polish Abstract Deserializer 2024-09-04 07:55:09 -07:00
hyunmin0317
fee79ccb51 Abstract Jackson2 Set and List Deserializers 2024-09-04 07:55:09 -07:00
Niels Basjes
2dc787a573 Fix adding more implied roles in the RoleHierarchy Builder. 
Closes gh-15717

Signed-off-by: Niels Basjes <niels@basjes.nl>
 2024-09-04 10:28:50 -03:00
Marcus Hert Da Coregio
00e4a8fb54 Add support for One-Time Token Login 
Closes gh-15114
 2024-09-03 10:07:56 -03:00
DingHao
fd05c5ad76 Remove Advised Methods from Authorization Proxy Objects 
Closes gh-15561
 2024-08-30 10:40:25 -07:00
Josh Cummings
626610a975
Polish Annotation API 
Rename to a class that isn't focused on the synthesis implementation detail.
Also add Security to the front of the name to clarify that it is only intended
for security annotations, reminiscent of SecurityMetadataSource.

Refine method signatures to better articulate supported use cases.

Issue gh-15286
 2024-08-30 08:51:49 -06:00
Josh Cummings
cc6de8fa5d
Hide MergedAnnotation Implementation Details 
Issue gh-15286
 2024-08-29 17:27:14 -06:00