Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-03-01 10:59:16 +00:00
Code Issues Packages Projects Releases Wiki Activity
17,327 Commits 36 Branches 337 Tags
Commit Graph

233 Commits

Author SHA1 Message Date
Josh Cummings
018e1ae1a4
Added Serialization Values 
Issue gh-16276
 2024-12-13 16:41:32 -07:00
Josh Cummings
b9911fd522
Add serialVersionUID to Authentication classes 
Issue gh-16276
 2024-12-13 16:41:32 -07:00
Steve Riesenberg
380e856be5
Merge branch '6.3.x' 
Closes gh-16037
 2024-11-04 13:34:57 -06:00
Steve Riesenberg
b9d5493913
Merge branch '6.2.x' into 6.3.x 
Closes gh-16036
 2024-11-04 13:34:42 -06:00
Steve Riesenberg
86f3cd6dc7
Polish gh-15940 
Closes gh-15885
 2024-11-04 13:34:12 -06:00
Hyeongi Jeong
4c6fef82b9
Fix error when Bearer token is requested with empty string 
Issue gh-15885
 2024-11-04 13:33:58 -06:00
Josh Cummings
8a972917fa Deprecate Nimbus(Reactive)OpaqueTokenIntrospector 
Issue gh-14245
 2024-10-22 21:21:07 -07:00
Tran Ngoc Nhan
31f8caec5f Polish diamond operator usage 2024-10-14 11:51:35 -07:00
Thomas Darimont
b06c40d9ef Add ExpressionJwtGrantedAuthoritiesConverter to extract authorities with an expression 
This helps to reduce custom code necessary to extract roles from deeply
nested claims.

Closes #15201

Signed-off-by: Thomas Darimont <thomas.darimont@googlemail.com>
 2024-09-23 16:59:59 -07:00
Marcus Hert Da Coregio
912062d307 Merge branch '6.2.x' into 6.3.x 2024-08-19 09:11:10 -03:00
Daniel Garnier-Moiroux
79fb0113c8 Bump io-spring-javaformat from 0.0.42 to 0.0.43 
Bumps `io-spring-javaformat` from 0.0.42 to 0.0.43.

Updates `io.spring.javaformat:spring-javaformat-checkstyle` from 0.0.42 to 0.0.43
- [Release notes](https://github.com/spring-io/spring-javaformat/releases)
- [Commits](spring-io/spring-javaformat@v0.0.42...v0.0.43)

Updates `io.spring.javaformat:spring-javaformat-gradle-plugin` from 0.0.42 to 0.0.43
- [Release notes](https://github.com/spring-io/spring-javaformat/releases)
- [Commits](spring-io/spring-javaformat@v0.0.42...v0.0.43)

---
updated-dependencies:
- dependency-name: io.spring.javaformat:spring-javaformat-checkstyle
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: io.spring.javaformat:spring-javaformat-gradle-plugin
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

---
Manual updates:
- Adhere to rule where `@Deprecated` annotations and `@deprecated` javadoc comments MUST
  be used together

Signed-off-by: dependabot[bot] <support@github.com>
 2024-08-19 09:11:05 -03:00
Daniel Garnier-Moiroux
2caf1fb6b4 Bump io-spring-javaformat from 0.0.42 to 0.0.43 
Bumps `io-spring-javaformat` from 0.0.42 to 0.0.43.

Updates `io.spring.javaformat:spring-javaformat-checkstyle` from 0.0.42 to 0.0.43
- [Release notes](https://github.com/spring-io/spring-javaformat/releases)
- [Commits](spring-io/spring-javaformat@v0.0.42...v0.0.43)

Updates `io.spring.javaformat:spring-javaformat-gradle-plugin` from 0.0.42 to 0.0.43
- [Release notes](https://github.com/spring-io/spring-javaformat/releases)
- [Commits](spring-io/spring-javaformat@v0.0.42...v0.0.43)

---
updated-dependencies:
- dependency-name: io.spring.javaformat:spring-javaformat-checkstyle
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: io.spring.javaformat:spring-javaformat-gradle-plugin
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

---
Manual updates:
- Adhere to rule where `@Deprecated` annotations and `@deprecated` javadoc comments MUST
  be used together

Signed-off-by: dependabot[bot] <support@github.com>
 2024-08-19 09:08:24 -03:00
Josh Cummings
d887c7882d
Merge branch '6.2.x' into 6.3.x 
Closes gh-15460
 2024-07-22 15:34:18 -06:00
Josh Cummings
4406462346
Merge branch '5.8.x' into 6.2.x 
Closes gh-15459
 2024-07-22 15:34:08 -06:00
Josh Cummings
5c1a108b8b
Remove Stray JavaDoc Statement 
As of the 5.2 release, a separate registrar bean was no longer necessary

Closes gh-15425
 2024-07-22 15:33:57 -06:00
Josh Cummings
dd5edeb255
Preserve ArrayListFromString Type 
Closes gh-15165
 2024-05-28 12:43:57 -06:00
Marcus Hert Da Coregio
08f11f06ab Revert unnecessary commits from main 
Issue gh-15016
 2024-05-08 13:49:18 -03:00
Josh Cummings
d269176781
Merge branch '6.2.x' 2024-04-04 17:07:03 -06:00
Josh Cummings
01f299f7ab
Merge branch '6.1.x' into 6.2.x 
Closes gh-14848
 2024-04-04 16:56:11 -06:00
Josh Cummings
ef00312991
Merge branch '5.8.x' into 6.1.x 
Closes gh-14847
 2024-04-04 16:55:52 -06:00
Josh Cummings
0af0751cfd
Treat Map Method Parameter as Immutable 
Closes gh-14802
 2024-04-04 16:44:14 -06:00
Josh Cummings
10d88cdf28 Polish Introspection Authentication Converter 
- Added Reactive Support
- Separated SCOPE claim and authorities work
- Adjusted for style

Issue gh-14198
 2023-12-07 15:13:51 -07:00
ahmd-nabil
8279b22940 Add Introspection Authentication Converter 
Closes #14198

Signed-off-by: ahmd-nabil <ahm3dnabil99@gmail.com>
 2023-12-07 15:13:51 -07:00
Steve Riesenberg
447f40949c
Revert unnecessary merges on 6.1.x 
This commit removes unnecessary main-branch merges starting from
9f8db22b774fe78fef3598c07e184c371892c1c7 and adds the following
needed commit(s) that were made afterward:

- 4d6ff49b9d663d0f25454f3704a45c83b35da689
- ed6ff670d102736eea0ac360921c9015151ac630
- c823b007942a04a27d02c0a28bc2ad85e8790084
- 44fad21363bef1b06422be28c9bbfadde5e44804
 2023-10-31 15:22:15 -05:00
Steve Riesenberg
9db33f33c7
Revert unnecessary merges on 6.0.x 
This commit removes unnecessary main-branch merges starting from
8750608b5bca45525c99d0a41a20ed02de93d8c7 and adds the following
needed commit(s) that were made afterward:

- 5dce82c48bc0b174838501c5a111b2de70822914
 2023-10-31 15:11:45 -05:00
Marcus Da Coregio
07b6c451fd Merge branch '6.1.x' 
Closes gh-13884
 2023-09-29 11:47:38 -03:00
Marcus Da Coregio
8adfc9b463 Merge branch '6.0.x' into 6.1.x 
Closes gh-13883
 2023-09-29 11:46:48 -03:00
Marcus Da Coregio
92c82191c9 Merge branch '5.8.x' into 6.0.x 
Closes gh-13882
 2023-09-29 11:46:00 -03:00
Marcus Da Coregio
64e2a2ff8b Apply updated Code Style 
Closes gh-13881
 2023-09-29 11:44:32 -03:00
Josh Cummings
fed3de8dce Remove Logging of Untrusted Data 2023-08-08 10:02:42 -06:00
Josh Cummings
3307c656f4 Polish 
- Added JavaDoc @since attribute
- Added Predicate based test
- Adjusted test names

Issue gh-13427
 2023-08-08 10:02:42 -06:00
Baljit Singh
e1bae73703 add factory methods for Jwt issuer resolvers 
Closes gh-13427
 2023-08-08 10:02:42 -06:00
Baljit Singh
7a713cab6f improve performance of Jwt issuer resolvers 2023-08-08 10:02:42 -06:00
Baljit Singh
da35fa0485 make logging consistent for Jwt issuer resolvers 2023-08-08 10:02:42 -06:00
Baljit Singh
af00be8a3d fix Javadocs for Jwt issuer resolvers 2023-08-08 10:02:42 -06:00
Josh Cummings
6c3636d780
Update Removed Usages 
Issue gh-13544
 2023-07-14 18:38:58 -06:00
Claudio Nave
52e12ad64b Replace deprecated methods 2023-06-22 13:19:55 -06:00
Krzysztof Krason
9b603b99ab Using modern Java features 2023-06-22 11:24:25 -06:00
Vedran Pavic
6f8ec3df60
Ensure access token isn't resolved from query for form-encoded requests 
Closes gh-5668
 2023-04-10 17:06:47 -06:00
Marcus Kainth
f0ef54050e Add ability to set principalClaimName in ReactiveJwtAuthenticationConverter 
Closes #12907
 2023-03-27 16:43:30 -06:00
ch4mpy
7ad4ebd07a
Allow authentication details to be set by converter 
Prevent JwtAuthenticationProvider from setting authentication details
when jwtAuthenticationConverter returned an authentication instance
with non null details.

Closes gh-11822
 2022-12-12 18:55:08 -06:00
Josh Cummings
cd0f02de49
Polish authorities claim delimiter 
PR gh-12074
 2022-12-02 14:30:31 -07:00
Patrick Walter
9c9fd9f4bd
Add configurable authorities split regex 
Before this commit splitting the authorities claim was done by a
hardcoded regex " ". This commit allows to configure to set any regex
to split the authorities claim while keeping the previously
hardcoded regex as a default.

Closes gh-12074
 2022-12-02 14:30:30 -07:00
Josh Cummings
5fe59cc635
Revert "Add configurable authorities split regex" 
This reverts commit e93ed6d94c6d0329ce375e20175454c2962d3b5e.

This can't be merged until after the 6.0 release
 2022-11-01 17:39:26 -06:00
Patrick Walter
e93ed6d94c Add configurable authorities split regex 
Before this commit splitting the authorities claim was done by a
hardcoded regex " ". This commit allows to configure to set any regex
to split the authorities claim while keeping the previously
hardcoded regex as a default.
 2022-11-01 17:38:47 -06:00
Josh Cummings
f4cc27c375
Change Default for (Server)AuthenticationEntryPointFailureHandler 
Closes gh-9429
 2022-10-13 20:03:03 -06:00
Josh Cummings
5afc7cb04f
Merge remote-tracking branch 'origin/5.8.x' 2022-10-13 19:48:05 -06:00
Josh Cummings
099aaa33ff
Remove Deprecation Markers 
Since Spring Security still needs these methods and classes, we
should wait on deprecating them if we can.

Instead, this commit changes the original classes to have a
boolean property that is currently false, but will switch to true
in 6.0.

At that time, BearerTokenAuthenticationFilter can change to use
the handler.

Closes gh-11932
 2022-10-13 19:47:22 -06:00
Daniel Garnier-Moiroux
200b7fecd3
Add (Server)AuthenticationEntryPointFailureHandlerAdapter 
Issue gh-11932, gh-9429

(Server)AuthenticationEntryPointFailureHandler should produce HTTP 500 instead
when an AuthenticationServiceException is thrown, instead of HTTP 401.
This commit deprecates the current behavior and introduces an opt-in
(Server)AuthenticationEntryPointFailureHandlerAdapter with the expected
behavior.

BearerTokenAuthenticationFilter uses the new adapter, but with a closure
to keep the current behavior re: entrypoint.
 2022-10-13 19:25:04 -06:00
Josh Cummings
14584b0562
Add SecurityContextHolderStrategy to OAuth2 
Issue gh-11060
 2022-10-05 23:50:54 -06:00