Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
7,441 Commits 30 Branches 330 Tags 114 MiB
Commit Graph

7441 Commits

Author SHA1 Message Date
Daniel Bustamante Ospina 6bddb38cac Update to Gradle 5.0 
Change project's gradle version to 5.0, this requires to make some minor
adjustments.

Fixes: gh-6148
 2018-11-30 08:50:47 -06:00
Joe Grandja f808740c57 Update reference manual to use NimbusJwtDecoder 
Fixes gh-6188
 2018-11-30 06:53:35 -05:00
Joe Grandja b8f038e86a Polish OAuth2ResourceServerConfigurer 2018-11-30 06:37:00 -05:00
Bhavik Kumar 90b9cfaf55 Use SpringUtils to check scheme 
Fixes 6183
 2018-11-29 20:42:39 -06:00
Eric Deandrea be423debfd ServerAuthenticationConverter should be configurable 
Fixes gh-6186
 2018-11-29 14:37:22 -07:00
Nicolas Le Bas 63f2b6094f The "Bearer" keyword should be case-insensitive 
The Authorization header was matched for OAuth2
against the "Bearer" keyword in a case sensitive
fashion.
According to RFC 2617, it should be case insensitive
and some oauth clients (including some earlier
versions of spring-security) expect it so.
 2018-11-28 19:34:47 -07:00
jer051 fdc81822ec Add WebClientReactiveClientCredentialsTokenResponseClient setWebClient 
Added the ability to specify a custom WebClient in
WebClientReactiveClientCredentialsTokenResponseClient.
Also added testing to ensure the custom WebClient is not null and is
used.

Fixes: gh-6051
 2018-11-28 15:44:36 -06:00
Nena Raab 918a4cd323
AclClassIdUtils Default GenericConversionService 
So that String, Long, and UUID conversions are automatically
supported.
 2018-11-28 10:21:42 -07:00
Rob Winch 0e5f1245a6 Remove Thymeleaf dependency management 
Fixes: gh-6161
 2018-11-28 08:23:01 -06:00
Rob Winch cbbf15b8cb Update to GAE 1.9.68 
Fixes: gh-6160
 2018-11-28 08:23:01 -06:00
Rob Winch 0b2f241038 Update to Mockito 2.23.4 
Fixes: gh-6159
 2018-11-28 08:23:01 -06:00
Rob Winch c0370039f6 Update to AspectJ 1.9.2 
Fixes: gh-6158
 2018-11-28 08:23:01 -06:00
Rob Winch 078df64c30 Update to unboundid 4.0.9 
Fixes: gh-6157
 2018-11-28 08:23:00 -06:00
Rob Winch 44dbcbdf4c Update to Powermock 2.0.0-RC.4 
Fixes: gh-6156
 2018-11-28 08:23:00 -06:00
Rob Winch fe13571f4c Update to cglib-nodep:3.2.9 
Fixes: gh-6155
 2018-11-28 08:23:00 -06:00
Rob Winch a5abbac398 Update to Spring Data Lovelace-SR3 
Fixes: gh-6154
 2018-11-28 08:23:00 -06:00
Rob Winch 38be0849cd Update to Spring 5.1.3 
Fixes: gh-6153
 2018-11-28 08:23:00 -06:00
Rob Winch be5a368dfd Update to Reactor Californium-SR3 
Fixes: gh-6152
 2018-11-28 08:23:00 -06:00
John Coyne 7618d236c4 CookieClearingLogoutHandler updates based on comments 
Changed the implementation to use an anonymous function
Issue: gh-6078
 2018-11-26 14:33:08 -06:00
John Coyne 14c2d96c86 Clean up code to conform to basic checkstyle 
Issue: gh-6078
 2018-11-26 14:33:08 -06:00
John Coyne d05ad19276 CookieClearingLogoutHandler enhancement 
Enabled the ability to pass in an array of Cookies to support clearing cookies on a different path other than the default context path
Issue: gh-6078
 2018-11-26 14:33:08 -06:00
Joe Grandja bcee22d2f9 Update com.squareup.okhttp3 deps to 3.12.0 
Fixes gh-6142
 2018-11-26 13:26:38 -05:00
Rafael Dominguez b8a96b1f21 Enable Code Coverage Reports in Sonar 
This commit ensures that jacocoTestReport task is called when running the Sonar stage.
Additionally, a variable is passed instructing Sonar where to find the test result data.

Fixes: gh-6092
 2018-11-26 09:06:30 -07:00
Valeriy.Vyrva 0a86ed8717 Add space in exception message 2018-11-26 09:04:55 -07:00
Rafael Dominguez 8e648deda0 Replace slf4j dependencies with logback-classic 
This commit removes explicit declaration of slf4j dependencies.
Instead, logback classic is declared that will pull them transitively.

Fixes: gh-6130
 2018-11-23 09:59:29 -05:00
Rafael Dominguez d1492afc0c
Replace deprecated Gradle Task method in AspectJPlugin.groovy 
This commit ensures that the method Task.deleteAllActions is not used

Fixes: gh-6128
 2018-11-22 23:18:14 -06:00
Rafael Dominguez e60e17109c Update to Gradle 4.10.2 
Fixes gh-6106
 2018-11-21 09:57:26 -06:00
Josh Cummings 2a8233d035
Remove PowerMock from oauth2-core and oauth2-jose 
Issue: gh-6025
 2018-11-20 14:02:10 -07:00
Josh Cummings 9ee291e659
AesBytesEncryptorTests Check Key Strength 
Fixes: gh-6121
 2018-11-20 11:45:45 -07:00
Satish Sharma 7232dabd48
Update to oauth2-oidc-sdk:6.2 
Fixes: gh-6101
 2018-11-20 11:05:27 -07:00
Josh Cummings 3a43ed8f1c Register NullRequestCache When Disabled 
Fixes: gh-6102
 2018-11-20 07:15:09 -07:00
Josh Cummings 80e13bad41
Remove PowerMock from oauth2-client 
Issue: gh-6025
 2018-11-19 18:09:00 -07:00
Josh Cummings 39933b10ff
Add scopes method to TestOAuth2AccessTokens 
Issue: gh-6025
 2018-11-19 18:06:40 -07:00
dperezcabrera f6414e9a52 Make InMemory*ClientRegistrationRepository Consistent 
The previous builders with the list argument were inconsistent with their
respective builders of var args.
 2018-11-19 15:09:30 -06:00
Rafael Dominguez e1d68e4f6b WebClientReactiveClientCredentialsTokenResponseClient.getTokenResponse expects 2xx http status code 
This ensures that token response is only extracted when ClientResponse has a successful status

Fixes: gh-6089
 2018-11-19 10:50:33 -06:00
Josh Cummings f30fcdda6b
RequestCacheConfigurerTests groovy->java 
Issue: gh-4939
 2018-11-16 15:40:12 -07:00
Josh Cummings 686393ed5c
ExceptionHandlingConfigurerTests groovy->java 
Issue: gh-4939
 2018-11-16 14:51:26 -07:00
Josh Cummings 1ea73e7d8e Jwt Decoder Local Key Configuration 
Adds support for configuring Resource Server DSL with a local public
key.

Fixes: gh-5131
 2018-11-16 13:07:19 -06:00
Rafael Dominguez 75a2c2b729 OAuth2AccessTokenResponseBodyExtractor supports Object values 
This commit ensures the token response is parsed correctly if the values are not a String.

Fixes: gh-6087
 2018-11-15 13:23:36 -06:00
Daniel Bustamante Ospina 808fbfa161 Update webflux-form sample to use Built in CSRF Support 
Remove the CsrfControllerAdvice class and update dependencies to add
org.thymeleaf.extras:thymeleaf-extras-springsecurity5

Issue: gh-6061
 2018-11-14 17:38:37 -06:00
Josh Cummings d28e32b000 NimbusJwtDecoder Builder 
A Builder to simply common construction patterns for NimbusJwtDecoder

Issue: gh-6010
 2018-11-14 15:53:47 -06:00
Josh Cummings fbcf48cea0 Low-level Nimbus Jwt Decoder 
Introduces a JwtDecoder which takes a raw Nimbus JWTProcessor
configuration.

Fixes: gh-5648
 2018-11-14 15:53:47 -06:00
Karl Goffin db5e54266c #3912 lazyBean method respects @Primary annotation 2018-11-14 14:31:29 -06:00
Dongmin Shin b2c2f84f00 Fix Typo in Reference Docs 
Fixes gh-6076
 2018-11-14 11:36:27 -06:00
Rafael Dominguez ac026e23fe Updated Spring Boot version from 2.1.0.M4 to 2.1.0.RELEASE 2018-11-14 10:51:38 -06:00
Krzysztof Szmytkowski b5455b0bec
Make AesByesEncryptor public 
Fixes: gh-5099
 2018-11-13 16:05:59 -07:00
Josh Cummings 13de580632
AesBytesEncryptorTests 
Issue: gh-5099
 2018-11-13 16:03:47 -07:00
Johnny Lim 95c824cb2a Upgrade to neko-htmlunit 2.33 2018-11-13 15:48:52 -06:00
Josh Cummings ae74f22e30 Reactive Jwt Claim Set Converter Support 
Exposes setClaimSetConverter on NimbusReactiveJwtDecoder, lining it up
with the same support on NimbusJwtDecoder.

Fixes: gh-6015
 2018-11-13 15:31:08 -06:00
Gunnar Hillert 11b6b63364 Docs: Fix Maven Property example `spring-security.version` 2018-11-13 15:08:00 -06:00