Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
17,238 Commits 32 Branches 333 Tags 109 MiB
Commit Graph

1820 Commits

Author SHA1 Message Date
Yoshikazu Nojima d7d5253607 Change attestation in PublicKeyCredentialCreationOptions to none 
The attestation option in PublicKeyCredentialCreationOptions is a
parameter that controls whether to request attestation from the security key.
However, Spring Security Passkeys currently doesn't implement attestation verification.
Therefore, requesting attestation is unnecessary.
Specifying `direct` to request attestation may trigger browsers to
display additional privacy related dialog to users, so it is best to
avoid specifying `direct` unnecessarily.
 2024-12-11 17:18:18 -06:00
Rob Winch cb4c7e5886 Merge branch '6.3.x' 
Closes gh-16261
 2024-12-11 15:48:18 -06:00
Rob Winch 6a0b683e60 StrictFirewallHttpRequest.buid returns StrictFirewallHttpRequest 
Closes gh-16069
 2024-12-11 15:46:31 -06:00
Josh Cummings 4cbaabb239 Added Testing 
Issue gh-16177
 2024-12-10 14:09:46 -07:00
DingHao f565b23b51 Restore Method Parameter Inheritance Support 
Closes gh-16177
 2024-12-10 14:09:46 -07:00
12OneTwo12 d39e329234 Add @inheritDoc to sessionIdChanged method 
Closes gh-16211
 2024-12-05 12:31:47 -07:00
Josh Cummings d3a95c5c1e
Merge branch '6.3.x' 2024-12-05 09:52:55 -07:00
Josh Cummings 0f85da77be
Merge branch '6.2.x' into 6.3.x 
Closes gh-16219
 2024-12-05 09:52:32 -07:00
Josh Cummings 96a9cf0d2d
Restore Previous Behavior for Servlet 5 
Closes gh-16173
 2024-12-05 09:52:06 -07:00
Rob Winch 9c3b11914d webauthn registerCredential returns transports 
The webauthn support previously did not pass the transports to webauthn4j.
This meant that the result of
Webauthn4jRelyingPartyOperations.registerCredential did not have any
transports either.

This commit ensures that the transports are passed to the webauth4j lib
and then returned in the result of registerCredential.

Closes gh-16084
 2024-12-04 15:22:26 -06:00
DingHao dc82a6e97e Remove the cache since UniqueSecurityAnnotationScanner has cached annotations internally 2024-12-04 09:18:12 -07:00
Daniel Garnier-Moiroux 46fe0124ba Add RuntimeHints for webauthn Javascript resource 2024-11-25 13:06:50 -06:00
Joe Grandja c2cfe92a02 Merge branch '6.3.x' 2024-11-18 05:16:16 -05:00
Joe Grandja fa5fc6dd62 Fix checkstyle errors for toLower/toUpperCase usage 2024-11-18 04:56:17 -05:00
Joe Grandja 709103e38c Merge branch '6.2.x' into 6.3.x 2024-11-18 04:45:38 -05:00
Joe Grandja a8c4d6cead Require Locale argument for toLower/toUpperCase usage 2024-11-18 04:22:26 -05:00
Steve Riesenberg 285d16b046
Polish IpAddressMatcher 
(cherry picked from commit 83a79159b8)
 2024-11-15 10:17:39 -06:00
Steve Riesenberg ddf4542a9e
Add hasText assertion to IpAddressMatcher constructor 
Issue gh-15527

(cherry picked from commit 3a29819651)
 2024-11-15 10:17:39 -06:00
Steve Riesenberg 554df6fab6
Fix NPE in IpAddressMatcher 
Closes gh-15527

(cherry picked from commit 52de894c3c)
 2024-11-15 10:17:38 -06:00
Steve Riesenberg 83a79159b8
Polish IpAddressMatcher 2024-11-15 09:33:31 -06:00
Steve Riesenberg 3a29819651
Add hasText assertion to IpAddressMatcher constructor 
Issue gh-15527
 2024-11-15 09:33:31 -06:00
Steve Riesenberg 52de894c3c
Fix NPE in IpAddressMatcher 
Closes gh-15527
 2024-11-15 09:33:30 -06:00
Daniel Garnier-Moiroux a1526361b6 webauthn: introduce DefaultResourcesFilter#webauthn 2024-11-14 12:11:43 -06:00
nomoreFt 8f1c892fb7 Remove unnecessary parentheses and add static final field 2024-11-13 15:06:58 -06:00
DingHao 055ec57737 Fix not exist class in WebFilterChainProxy java doc 2024-11-07 13:03:49 -07:00
Josh Cummings f46e56de78 Improve Error Message for Conflicting Filter Chains 
Closes gh-15874
 2024-11-07 13:01:16 -07:00
Tran Ngoc Nhan 571c7c81a4 Fix typo 2024-11-04 10:23:38 -06:00
Tran Ngoc Nhan ab93541926 Simplify condition in some methods 2024-10-25 13:42:33 -07:00
Tran Ngoc Nhan e76de931ce Polish Optional usage 2024-10-25 13:42:33 -07:00
Tran Ngoc Nhan ffed4ea1dc Polish diamond usage 2024-10-25 13:42:33 -07:00
Josh Cummings 981fbd5c2c Polish Tests 
Closes gh-14768
 2024-10-24 20:51:34 -07:00
Josh Cummings 6dbbe89b83
Merge remote-tracking branch 'origin/6.3.x' 2024-10-24 21:48:10 -06:00
DingHao 308e408b13 Polish DelegatingAuthenticationConverter 2024-10-24 20:47:46 -07:00
Josh Cummings cf03f2fed9
Merge branch '6.3.x' 2024-10-24 11:57:13 -06:00
Josh Cummings 5048a68ab7
Merge branch '6.2.x' into 6.3.x 
Closes gh-15986
 2024-10-24 11:56:41 -06:00
Josh Cummings addc7c53b2
Merge branch '5.8.x' into 6.2.x 
Closes gh-15985
 2024-10-24 11:56:16 -06:00
DingHao 1399a82ea9 Return Null Request When Cookie Is Malformed 
Closes gh-15905
 2024-10-24 10:55:36 -07:00
Rob Winch fc5719d8d6 Merge branch '6.3.x' 
Add Firewall for WebFlux

Closes gh-15967
 2024-10-21 12:11:42 -05:00
Joe Grandja ec38848b20 Fix invalid windows character 2024-10-21 11:34:56 -04:00
Rob Winch 1528c421bd Merge branch '6.2.x' into 6.3.x 
Add Firewall for WebFlux

Closes gh-15967
 2024-10-21 09:43:48 -05:00
Rob Winch 0e257b56ce Add Firewall for WebFlux 
Closes gh-15967
 2024-10-21 09:42:24 -05:00
Rob Winch 542071b1f8 Merge Add Firewall for WebFlux 
Closes gh-15967
 2024-10-21 08:56:42 -05:00
Rob Winch 4ce7cde155 Add Firewall for WebFlux 
Closes gh-15967
 2024-10-21 08:46:13 -05:00
Rob Winch f689257dc4 Fix unused import 2024-10-21 00:28:57 -05:00
Rob Winch 8a0a5e2647 Format 2024-10-21 00:17:51 -05:00
Rob Winch c461abd5da Remove unnecessary WebauthnJackson2Module usage 
HttpMessageConverterAuthenticationSuccessHandler does not need to use
WebauthnJacksonModule
 2024-10-21 00:16:31 -05:00
Rob Winch 6d7df007dd Remove non-ascii characters 
Attempt fix windows format error
 2024-10-21 00:15:58 -05:00
Rob Winch 5736f0897e Remove imports for Javadoc Only Usage 2024-10-21 00:08:12 -05:00
Rob Winch 0bb406aaab Run format again 2024-10-20 23:35:50 -05:00
Rob Winch 7f26e54d07 Remove § 
See if this fixes format in windows
 2024-10-20 23:30:40 -05:00