Phillip Webb
2f8e835b11
Use assertThatObject to save casting
...
Update tests that use `assertThat((Object) ...)` to use the convenience
`assertThatObject(...)` method instead.
Issue gh-8945
2020-08-24 17:33:09 -05:00
Phillip Webb
0a3eeb9c80
Remove incorrect AssertJ imports
...
Fix a few tests that were accidentally importing incorrect AssertJ
classes.
Issue gh-8945
2020-08-24 17:33:09 -05:00
Phillip Webb
a5aa6b3d7f
Remove blank lines from all tests
...
Remove all blank lines from test code so that test methods are
visually grouped together. This generally helps to make the test
classes easer to scan, however, the "given" / "when" / "then"
blocks used by some tests are now not as easy to discern.
Issue gh-8945
2020-08-24 17:33:09 -05:00
Phillip Webb
7bf6008efe
Polish spring-security-config main code
...
Manually polish `spring-security-config` following the formatting
and checkstyle fixes.
Issue gh-8945
2020-08-24 17:33:08 -05:00
Phillip Webb
ee661f7b71
Fix whitespace issues in format-off code
...
Fix a few whitespace issues in format-off code that would
otherwise fail checkstyle.
Issue gh-8945
2020-08-24 17:33:08 -05:00
Phillip Webb
834dcf5bcf
Use consistent ternary expression style
...
Update all ternary expressions so that the condition is always in
parentheses and "not equals" is used in the test. This helps to bring
consistency across the codebase which makes ternary expression easier
to scan.
For example: `a = (a != null) ? a : b`
Issue gh-8945
2020-08-24 17:33:08 -05:00
Phillip Webb
8d3f039f76
Reduce method visibility when possible
...
Reduce method visibility for package private classes when possible.
In the case of abstract classes that will eventually be made public,
the class has been made public and a package-private constructor has
been added.
Issue gh-8945
2020-08-24 17:33:08 -05:00
Phillip Webb
612fb22a7f
Remove unnecessary lambda blocks
...
Remove lambda blocks that aren't needed and replace instead with a
simple expression.
Issue gh-8945
2020-08-24 17:33:08 -05:00
Phillip Webb
52f20b5281
Use parenthesis with single-arg lambdas
...
Use regular expression search/replace to ensure all single-arg
lambdas have parenthesis. This aligns with the style used in Spring
Boot and ensure that single-arg and multi-arg lambdas are consistent.
Issue gh-8945
2020-08-24 17:33:08 -05:00
Phillip Webb
01d90c9881
Hide utility class constructors
...
Update all utility classes so that they have a private constructor. This
prevents users from accidentally creating an instance, when they should
just use the static methods directly.
Issue gh-8945
2020-08-24 17:33:08 -05:00
Phillip Webb
ff94944313
Add whitespace after copyright header
...
Add an additional lines after the copyright header and before the
`package` declaration. This aligns with the style used by Spring
Framework.
Issue gh-8945
2020-08-24 17:33:08 -05:00
Phillip Webb
31ec450d05
Remove superfluous comments
...
Remove a few comments that previously add noise but don't offer a great
deal of value.
Issue gh-8945
2020-08-24 17:33:08 -05:00
Phillip Webb
8d80166aaf
Update exception variable names
...
Consistently use `ex` for caught exception and `cause` for Exception
constructor arguments.
Issue gh-8945
2020-08-24 17:33:08 -05:00
Phillip Webb
e9130489a6
Remove restricted static imports
...
Replace static imports with class referenced methods. With the exception
of a few well known static imports, checkstyle restricts the static
imports that a class can use. For example, `asList(...)` would be
replaced with `Arrays.asList(...)`.
Issue gh-8945
2020-08-24 17:33:08 -05:00
Phillip Webb
b69825d925
Simplify boolean expression
...
Simplify boolean expression of the form `if (b == true)` to instead
just use the form `if (b)`.
Issue gh-8945
2020-08-24 17:33:08 -05:00
Phillip Webb
db55ef4b3b
Migrate to BDD Mockito
...
Migrate Mockito imports to use the BDD variant. This aligns better with
the "given" / "when" / "then" style used in most tests since the "given"
block now uses Mockito `given(...)` calls.
The commit also updates a few tests that were accidentally using
Power Mockito when regular Mockito could be used.
Issue gh-8945
2020-08-24 17:33:08 -05:00
Phillip Webb
f1cee9500f
Ensure classes are defined in their own files
...
Ensure that all classes are defined in their own files. Mostly classes
have been changed to inner-types.
Issue gh-8945
2020-08-24 17:33:08 -05:00
Phillip Webb
053af720a4
Ensure no whitespace before lines
...
Fix a few issues cause by the automatic formatting that meant additional
leading whitespace was present.
Issue gh-8945
2020-08-24 17:33:08 -05:00
Phillip Webb
4d487e8dc3
Ensure all files end with a new line
...
Update all files to ensure that they always end with a new-line
character.
Issue gh-8945
2020-08-24 17:33:07 -05:00
Phillip Webb
218480fb7c
Reduce the number of nested if statements
...
Refactor `HeadersBeanDefinitionParser` and `AclImpl` to reduce the
number of nested if statements. A few extracted methods are now used
to hopefully improve readability.
Issue gh-8945
2020-08-24 17:33:07 -05:00
Phillip Webb
a0b9442265
Use consistent modifier order
...
Update code to use a consistent modifier order that aligns with that
used in the "Java Language specification".
Issue gh-8945
2020-08-24 17:33:07 -05:00
Phillip Webb
3e700e7571
Remove (non-Javadoc) comments
...
Search and replace using '(?s)/\*\s*\* \(non-Javadoc\).*?\*/' to remove
all "(non-Javadoc)" comments. These comments used to be added
automatically by Eclipse, but are not really necessary.
Issue gh-8945
2020-08-24 17:33:07 -05:00
Phillip Webb
a2f2e9ac8d
Move inner-types so that they are always last
...
Move all inner-types so that they are consistently the last item
defined. This aligns with the style used by Spring Framework and
the consistency generally makes it easier to scan the source.
Issue gh-8945
2020-08-24 17:33:07 -05:00
Phillip Webb
9e08b51ed3
Apply code cleanup rules to projects
...
Apply automated cleanup rules to add `@Override` and `@Deprecated`
annotations and to fix class references used with static methods.
Issue gh-8945
2020-08-24 17:33:07 -05:00
Phillip Webb
8866fa6fb0
Always use 'this.' when accessing fields
...
Apply an Eclipse cleanup rules to ensure that fields are always accessed
using `this.`. This aligns with the style used by Spring Framework and
helps users quickly see the difference between a local and member
variable.
Issue gh-8945
2020-08-24 17:33:07 -05:00
Phillip Webb
6894ff5d12
Make classes final where possible
...
Update classes that have private constructors so that they are also
declared final. In a few cases, inner-classes used private constructors
but were subclassed. These have now been changed to have package-private
constructors.
Issue gh-8945
2020-08-24 17:33:07 -05:00
Phillip Webb
b5d499e2eb
Remove empty block
...
Refactor a few classes so that empty blocks are not longer used. For
example, rather than:
if(x) {
} else {
i++;
}
use:
if(!x) {
i++;
}
Issue gh-8945
2020-08-24 17:33:07 -05:00
Phillip Webb
37fa94fafc
Organize imports
...
Use "organize imports" from Eclipse to cleanup import statements so
that they appear in a consistent and well defined order.
Issue gh-8945
2020-08-24 17:33:07 -05:00
Phillip Webb
5f64f53c3f
Use consistent "@" tag order in Javadoc
...
Ensure that Javadoc "@" tags appear in a consistent and well defined
order.
Issue gh-8945
2020-08-24 17:33:07 -05:00
Phillip Webb
8142e4046f
Use compact annotation style
...
Always use compact annotations when possible. For example, replace
`@Target(value = ElementType.TYPE)` with `@Target(ElementType.TYPE)`.
Issue gh-8945
2020-08-24 17:33:07 -05:00
Phillip Webb
71bc145ae4
Remove superfluous comments
...
Use '^\s+//\ \~\ .*$' and '^\s+//\ ============+$' regular expression
searches to remove superfluous comments.
Prior to this commit, many classes would have comments to indicate
blocks of code (such as constructors/methods/instance fields). These
added a lot of noise and weren't all that helpful, especially given
the outline views available in most modern IDEs.
Issue gh-8945
2020-08-24 17:33:07 -05:00
Phillip Webb
b7fc18262d
Reformat code using spring-javaformat
...
Run `./gradlew format` to reformat all java files.
Issue gh-8945
2020-08-24 17:32:56 -05:00
Martin Vietz
0486d5add9
scopes_supported metadata not used as default in ClientRegistrations
...
Closes gh-8514
2020-08-20 08:09:54 -04:00
Josh Cummings
af5c55c380
Polish AuthnRequest Customization Support
...
Having the application generate the AuthnRequest fresh allows Spring
Security to back away more gracefully. Using a Consumer implies that
the application will need to undo any values that Spring Security set
that the application doesn't want.
Also, if this does become a configuration burden, it can be simplified
in a separate ticket by exposing the default Converter.
Issue gh-8776
2020-08-19 14:27:31 -06:00
Josh Cummings
1069e91645
RSocket Deprecations
...
Stop using deprecated RSocket APIs in integration tests
Issue gh-8948
2020-08-13 17:51:59 -06:00
koishikawa11
be6d2f117e
Add hasAnyRole and hasAnyAuthority to authorizeRequests in Kotlin DSL
...
Closes gh-8892
2020-08-11 07:59:22 -04:00
Phillip Webb
9caa39e370
Fix malformed formatter-on/off javadoc
...
Remove the formatter-on/formatter-off comments from Javadoc examples
so that they don't confuse checkstyle. The comments are not necessary
in the Javadoc since `pre` blocks are not formatted in the same
way as code.
Issue gh-8945
2020-08-10 16:24:44 -05:00
Phillip Webb
8e092f8d2c
Add noformat blocks around withDefaultPasswordEncoder
...
Find `withDefaultPasswordEncoder` calls and protect them against
formatting.
Issue gh-8945
2020-08-10 16:24:44 -05:00
Phillip Webb
6979125ccf
Add noformat blocks around User.withUsername
...
Find `User.withUsername` calls and protect them against formatting.
Issue gh-8945
2020-08-10 16:24:44 -05:00
Phillip Webb
63b5998fad
Add noformat blocks around auth config
...
Find `auth` config using a regex search of `^\s*auths*$` and protect
them against formatting.
Issue gh-8945
2020-08-10 16:24:44 -05:00
Phillip Webb
103d822e46
Add noformat blocks around http config
...
Find `http` config using a regex search of `^\s*https*$` and protect
them against formatting.
Issue gh-8945
2020-08-10 16:24:44 -05:00
Phillip Webb
27ac046d8a
Rename *Test.java -> *Tests.java
...
Rename a few test classes that accidentally ended in `Test` instead of
`Tests`.
Issue gh-8945
2020-08-10 16:24:44 -05:00
Joe Grandja
1d74d556c2
Revert "Lock Dependency Versions for 5.4.0-RC1"
...
This reverts commit f3a1e5d40c
.
2020-08-05 14:59:11 -04:00
Rob Winch
74b42ba956
Move RSocket integration tests to integration tests
...
Closes gh-8944
2020-08-05 13:23:20 -05:00
Joe Grandja
f3a1e5d40c
Lock Dependency Versions for 5.4.0-RC1
2020-08-05 13:46:11 -04:00
Josh Cummings
b999faa5a0
Complete SAML 2.0 SP Metadata Endpoint
...
Closes gh-8693
2020-08-05 10:08:47 -06:00
Jakub Kubrynski
8a355240bc
SAML 2.0 SP Metadata Endpoint Support
...
Issue gh-8693
2020-08-05 10:08:47 -06:00
Eleftheria Stein
aeafe04260
Remove need for WebSecurityConfigurerAdapter
...
Closes gh-8804
2020-08-05 10:10:12 -04:00
Josh Cummings
5061ae9e79
Add Saml2AuthenticationTokenConverter
...
Closes gh-8768
2020-08-04 18:41:43 -06:00
Josh Cummings
a10c2c6cf8
Polish DefaultSaml2AuthenticationRequestContextResolver
...
Issue gh-8360
Issue gh-8887
2020-08-04 17:29:13 -06:00
Joe Grandja
3bc0b8c144
Revert "Fix snapshot build failure related to reactor-netty"
...
This reverts commit f37714a26f
.
2020-08-04 14:24:32 -04:00
Joe Grandja
f37714a26f
Fix snapshot build failure related to reactor-netty
...
Closes gh-8909
2020-08-04 14:17:03 -04:00
Joe Grandja
8146b1fdda
Deprecate CustomUserTypesOAuth2UserService
...
Closes gh-8908
2020-08-04 13:23:44 -04:00
Joe Grandja
0ed919f072
Deprecate ClientRegistration.redirectUriTemplate
...
Closes gh-8906
2020-08-04 11:03:29 -04:00
Joe Grandja
11cc94afd8
Deprecate ImplicitGrantConfigurer
...
Closes gh-8902
2020-08-04 07:26:58 -04:00
Evgeniy Cheban
0a2006ebec
Support custom filter in Server Kotlin DSL
...
Closes gh-8783
2020-07-22 05:32:16 -04:00
Dávid Kováč
37aa5f9b7c
Introduce AuthenticationConverterServerWebExchangeMatcher
...
AuthenticationConverterServerWebExchangeMatcher is ServerWebExchangeMatcher implementation based on AuthenticationConverter which matches if ServerWebExchange can be converted to Authentication.
It can be used as a matcher where SecurityFilterChain should be matched based on used authentication method.
BearerTokenServerWebExchangeMatcher was replaced by this matcher.
Closes gh-8824
2020-07-21 10:11:57 -06:00
Josh Cummings
cc44a93333
Polish WebSecurityConfigurerAdapter JavaDoc
...
Issue gh-8784
2020-07-20 15:21:18 -06:00
Romil Patel
956a6ee00c
WebSecurityConfigurerAdapter JavaDoc
...
Closes gh-8784
2020-07-20 15:21:18 -06:00
Josh Cummings
2c960d2ad1
Add AuthnRequestConsumerResolver
...
Closes gh-8141
2020-07-16 14:53:22 -06:00
Joe Grandja
7cc6509200
Polish gh-8669
2020-07-15 11:52:42 -04:00
Eleftheria Stein
78ed6c4de6
Add custom HeaderWriter in Kotlin DSL
...
Closes gh-8823
2020-07-10 14:18:48 +02:00
Eleftheria Stein
815ceae45c
Allow disabling headers in Kotlin DSL
...
Closes gh-8816
2020-07-08 10:55:01 +02:00
Josh Cummings
146d0b6358
Revert "Lock Dependency Versions for 5.4.0-M2"
...
This reverts commit 68538897c8
.
2020-07-01 13:11:50 -06:00
Josh Cummings
68538897c8
Lock Dependency Versions for 5.4.0-M2
2020-07-01 12:40:29 -06:00
Joe Grandja
0b5a14a900
Register OAuth2AuthorizedClientArgumentResolver as custom resolver for XML config
...
Issue gh-8669
2020-07-01 11:07:33 -04:00
Peer Schönhusen
3e25714dc6
Add reified function variants to security DSL
...
Closes gh-8697
2020-07-01 07:22:16 -04:00
Joe Grandja
edf06a3461
OAuth2AuthorizedClientArgumentResolver uses OAuth2AuthorizedClientManager @Bean
...
Closes gh-8700
2020-06-30 11:25:39 -04:00
Joe Grandja
951e64185b
Register OAuth2AuthorizedClientArgumentResolver for XML Config
...
Closes gh-8669
2020-06-25 16:10:29 -04:00
Eleftheria Stein
224361cb4a
Fix typo in Javadoc
2020-06-16 09:38:09 -04:00
Evgeniy Cheban
4e7be2078f
DefaultWebSecurityExpressionHandler uses RoleHierarchy bean
...
Fixes gh-7059
2020-06-10 16:43:01 -04:00
Rob Winch
a907026eae
Deprecate X-FRAME-OPTIONS ALLOW-FROM Directive
...
Closes gh-8677
2020-06-10 11:48:56 -05:00
Joe Grandja
da4b626bf1
OAuth2LoginAuthenticationWebFilter should handle OAuth2AuthorizationException
...
Issue gh-8609
2020-06-09 17:28:21 -04:00
Parikshit Dutta
28d2cfa14a
Add ServerRequestCache setter in OAuth2AuthorizationCodeGrantWebFilter
...
Fixes gh-8536
2020-06-02 21:54:09 -04:00
Rob Winch
748538d19f
Delay AuthenticationPrincipalArgumentResolver Creation
...
Use ObjectProvider<AuthenticationPrincipalArgumentResolver> to delay its
lookup.
Closes gh-8613
2020-05-29 16:49:01 -05:00
Eleftheria Stein
61060b3a4f
Add multipart configuration to CSRF Kotlin DSL
...
Fixes gh-8602
2020-05-27 17:01:12 -04:00
Eleftheria Stein
6f5947cab7
Fix test warnings
2020-05-27 17:00:48 -04:00
Eleftheria Stein
fa11ae3c33
Remove unused import
2020-05-27 14:27:29 -04:00
Eleftheria Stein
67d2efde1c
Resolve package tangles with security marker annotation
2020-05-27 07:33:24 -05:00
Eleftheria Stein
bc272ddf73
Resolve package tangles in Kotlin server package
2020-05-27 07:33:24 -05:00
Craig Andrews
f1db7167cb
Polish
...
Use `getBeanOrNull` in `registerDelegateApplicationListener` to simplify implementation.
This change does not alter behavior.
2020-05-22 20:33:32 -05:00
Craig Andrews
dbdeec4216
Check for an existing SessionRegistry bean
...
If a SessionRegistry is necessary, check for one in the ApplicationContext before creating one.
2020-05-22 20:33:32 -05:00
Evgeniy Cheban
0fa339f75b
Allow port=0 for ApacheDSContainer
...
Fixes gh-8144
2020-05-21 16:14:01 -05:00
Josh Cummings
51a0cffd36
Post-process AuthenticationRequestFilter
...
Fixes gh-8552
2020-05-18 21:08:23 -06:00
Josh Cummings
9241cd2892
Move TestRelyingPartyRegistrations
...
Fixes gh-8551
2020-05-18 16:38:40 -06:00
Parikshit Dutta
1e211b6558
Add RequestCache setter in OAuth2AuthorizationCodeGrantFilter
...
Fixes gh-8120
2020-05-15 15:13:15 -04:00
Joe Grandja
c1abc9b134
Polish gh-8501
2020-05-15 13:26:09 -04:00
Thomas Vitale
78fa859798
Add issuerUri to ClientRegistration.providerDetails
...
- Add "issuerUri" attribute to ClientRegistration.providerDetails for OpenID Connect Discovery 1.0 or OAuth 2.0 Authorization Server Metadata.
- Validate OidcIdToken "iss" claim against the OpenID Provider "issuerUri" value.
- Update documentation for client registration: it includes issuer-uri property now.
Fixes gh-8326
2020-05-14 17:13:07 -04:00
Rob Winch
e5d2aaf6fe
Deprecate OpenID 2.0 support
...
Deprecate OpenID 2.0 support
2020-05-12 09:37:56 -05:00
Eleftheria Stein
1aadbb2f4d
Remove "/path/**/other" patterns in tests
...
Fixes gh-8513
2020-05-11 17:00:25 -04:00
Dávid Kovács
f2a2b469c4
Deprecate openID 2.0 support
...
This commit adds deprecation notice to xml schema, parser of the schema and removes fixme comments.
Fixes gh-7153
2020-05-09 12:04:13 +02:00
Rob Winch
d91b153cad
Explicitly set useSuffixPatternMatch for Tests
...
Spring MVC changed their default behavior in
https://github.com/spring-projects/spring-framework/issues/23915 This
causes failures in some of Spring Security's tests.
This explicitly sets useSuffixPatternMatch=true to ensure that Spring
Security still works if users have modified their defaults.
Closes gh-8493
2020-05-08 16:43:56 -05:00
Joe Grandja
86ca6b013c
Unlock dependencies
...
This reverts commit 206960cf44
.
2020-05-06 17:27:35 -04:00
Joe Grandja
206960cf44
Lock dependencies for 5.4.0-M1
2020-05-06 17:13:04 -04:00
Dávid Kovács
339d44b5a1
Deprecate openID 2.0 support
...
This commit puts deprecation notice on docs, sample applications and configurations (java and xml)
Fixes gh-7153
2020-05-02 10:18:31 +02:00
Rob Winch
4a9fa0337a
Allow Configure RequestRjectedHandler in XML
...
Issue gh-5007
2020-05-01 10:51:11 -05:00
Leonard Brünings
b826c798f7
Add RequestRejectedHandler
...
Closes gh-5007
2020-05-01 10:51:01 -05:00
Dávid Kovács
8e8251ac5f
Add ROLE_INFRASTRUCTURE to infrastructure beans
...
Closes gh-8407
2020-04-27 08:59:24 -05:00
Adam Millerchip
0f29bee1b0
Add authorize() DSL method that accepts HttpMethod
...
Fixes: gh-8307
2020-04-22 16:14:04 -04:00
Adam Millerchip
16a7cbee4b
Use named arguments in Kotlin authorization rule
2020-04-22 16:14:04 -04:00
Adam Millerchip
401393d756
Extract pattern type in request matcher DSL
2020-04-22 16:14:04 -04:00
Antonin Arquey
5cd1ec7bb3
Add AuthoritiesMapper setter for reactive OAuth2Login
...
Allow the configuration of a custom GrantedAuthorityMapper for reactive OAuth2Login
- Add setter in OidcAuthorizationCodeReactiveAuthenticationManager
and OAuth2LoginReactiveAuthenticationManager
- Use an available GrantedAuthorityMapper bean to configure the default ReactiveAuthenticationManager
Fixes gh-8324
2020-04-17 16:55:05 -04:00
Roberto Paolillo
2cccf223df
Add Flag to enable searching of LDAP groups on subtrees
...
Closes gh-8939
2020-04-17 12:55:11 -05:00
Loïc Labagnara
146d9ba0bf
Add marker to make Kotlin DSL type safe.
...
Fixes gh-8366
2020-04-14 16:23:28 -04:00
Evgeniy Cheban
a70d55552b
Resource Server Finds JwtAuthenticationConverter Beans
...
Fixes gh-8185
2020-04-13 22:47:20 -06:00
Rob Winch
9a42a028e7
Logout defaults to use Global SecurityContextServerLogoutHandler
...
Closes gh-8375
2020-04-13 16:36:12 -05:00
Josh Cummings
711954e016
Deprecate Saml2AuthenticationRequestFilter Constructor
...
Removing the default usage of OpenSamlAuthenticationRequestFactory.
Otherwise, the Open SAML dependency is required, even when
Saml2AuthenticationRequestFactory is implemented without it.
Fixes gh-8359
2020-04-08 16:27:46 -06:00
Eleftheria Stein
39e09e4ca5
Idiomatic Kotlin DSL for server HTTP security
...
Issue: gh-5558
2020-04-07 11:04:59 -04:00
Eleftheria Stein
6017510fdd
Compile Kotlin tasks using JVM 1.8
2020-04-07 11:04:59 -04:00
hotire
6d45ec5d6b
Fix typo in Javadoc of ServerHttpSecurity#hasAuthority
2020-04-06 14:19:42 -05:00
Markus Engelbrecht
dc6b8ce470
Add addFilterAfter and addFilterBefore to Kotlin DSL
...
Fixes gh-8316
2020-04-03 12:04:03 -04:00
Eleftheria Stein
1de0cf5057
Fix HttpSecurity Javadoc
...
Fixes gh-4404
2020-04-02 11:32:38 -04:00
Rob Winch
91728ef53b
Fix HttpServlet3RequestFactory Logout Handlers
...
Previously there was a problem with Servlet API logout integration
when Servlet API was configured before log out.
This ensures that logout handlers is a reference to the logout handlers
vs copying the logout handlers. This ensures that the ordering does not
matter.
Closes gh-4760
2020-03-30 17:50:28 -05:00
Rob Winch
b055f8bb25
SpringTestContext returns ConfigurableWebApplicationContext
...
Closes gh-8233
2020-03-30 17:46:25 -05:00
Joe Grandja
e27e548215
oauth2Login WebFlux does not auto-redirect for XHR request
...
Fixes gh-8118
2020-03-26 04:36:23 -04:00
Eleftheria Stein
97085ef310
Fix rsocket test
...
Request route that exists; add additional error message verification
Fixes gh-8154
2020-03-19 17:27:14 -04:00
Josh Cummings
2d8c65db56
Support port=0 for LDAP Servers
...
Fixes gh-8138
2020-03-18 09:45:10 -06:00
Josh Cummings
4d99ee2896
Allow port=0 in XSD
...
Issue gh-8138
2020-03-18 09:45:10 -06:00
Josh Cummings
f438bdfbcf
Add spring-security-5.4.xsd
...
Issue gh-8138
2020-03-18 09:45:10 -06:00
Erik van Paassen
ad9bb7f230
Fix typo in Javadoc of HttpSecurity#csrf()
...
`HttpSecurity#csrf()` obviously returns a `CsrfConfigurer`, while the Javadoc states that it returns the `ServletApiConfigurer`.
2020-03-17 12:42:11 -06:00
Eleftheria Stein
40b15f5a46
Rename to SessionFixationDslTests
2020-03-17 12:05:25 -04:00
Josh Cummings
bfd36d9a54
Remove Redundant ConcurrentSessionFilter Refs
...
Fixes gh-8105
2020-03-13 16:27:30 -06:00
Markus Engelbrecht
d81321bc29
Fix typo 'properites' in documentation
...
Fixes gh-8095
2020-03-11 10:54:14 -06:00
Josh Cummings
6eadf7b140
Unlock dependencies for 5.3.0.RELEASE
...
This reverts commit 147d7dadd7
.
2020-03-04 12:02:48 -07:00
Josh Cummings
147d7dadd7
Lock dependencies for 5.3.0.RELEASE
2020-03-04 10:28:39 -07:00
Josh Cummings
c729fee7bc
Malformed Bearer Token Returns 401 for WebFlux
...
Fixes gh-7668
2020-03-03 15:42:02 -07:00
Joe Grandja
c111099640
Polish client-registration xsd attributes
...
Issue gh-4557
2020-03-02 15:02:46 -05:00
Josh Cummings
e97396b9c7
Add Resource Server XML Support
...
Fixes gh-5185
2020-03-02 11:51:40 -07:00
Josh Cummings
f1a2d69968
Add AuthenticationProvider List Configurability
...
Issue gh-5185
2020-03-02 11:51:40 -07:00
Josh Cummings
34b40deb38
Add By-RequestMatcher Exception Handling
...
Issue gh-5185
2020-03-02 11:51:40 -07:00
Josh Cummings
98a2ca3bbc
Add Csrf Ignore Configurability
...
Issue gh-5185
2020-03-02 11:51:40 -07:00
Josh Cummings
19584884b3
Register Authentication Provider in Init Phase
...
Fixes gh-8031
2020-02-28 15:32:27 -07:00
Filip Hanik
3257349045
Support POST binding for AuthNRequest
...
Has been tested with
- Keycloak
- SSOCircle
- Okta
- SimpleSAMLPhp
This PR extends (builds on previous commits and adds user configuration
options)
https://github.com/spring-projects/spring-security/pull/7758
2020-02-28 09:15:26 -08:00
Rob Winch
727fee1e12
Polish HeaderWriterSpec
...
Assert.notNull(Object,Supplier) is for when then message passed in
requires concatenation and avoids doing extra work. Since this does
not require concatenation, we can use Assert.notNull(Object,String)
Issue gh-7636
2020-02-27 07:57:51 -06:00
Ankur Pathak
480c5bc87e
Custom ServerHttpHeadersWriter to HeaderSpec
...
Add the ability to have a custom ServerHttpHeadersWriter to HeaderSpec
Fixes gh-7636
2020-02-27 07:55:30 -06:00
Eleftheria Stein
2fb3d3d5a2
Add hasRole to authorizeRequests in Kotlin DSL
...
Fixes: gh-8023
2020-02-25 08:29:26 -05:00
Joe Grandja
4cd89b584f
Polish gh-5184
2020-02-20 21:25:17 -05:00
Joe Grandja
8a4ff4452b
Add XML namespace support for oauth2-client
...
Fixes gh-5184
2020-02-20 20:05:48 -05:00
Eleftheria Stein
171e0d048f
Fix typo in WebSecurityConfigurer Javadoc
...
Fixes: gh-7876
2020-02-14 11:00:45 +01:00
Joe Grandja
ff8002eb2e
Polish gh-4557
2020-02-12 15:47:57 -05:00
Ruby Hartono
71a5c9521c
Add XML namespace support for oauth2-login
...
Fixes gh-4557
2020-02-12 15:26:17 -05:00
Joe Grandja
40c0a452d7
Define oauth2-login xsd elements
...
Issue gh-4557
2020-02-12 15:26:17 -05:00
Eleftheria Stein
fde3ccb8b3
Add marker to make Kotlin DSL type safe
...
Fixes: gh-7971
2020-02-12 11:35:45 +01:00
Eleftheria Stein
1d6fdd249b
Add missing Javadoc to Kotlin class
2020-02-11 18:09:30 +01:00
Eleftheria Stein
f37a4557e6
Fix typo in Kotlin Javadoc
2020-02-11 18:09:30 +01:00
Josh Cummings
5bdf57d1e5
Remove Groovy and Spock Dependencies
...
Fixes gh-4939
2020-02-10 10:38:40 -07:00
Eleftheria Stein
a5210aaf9b
Support custom filter in Kotlin DSL
...
Fixes: gh-7951
2020-02-10 12:03:32 +01:00
Stephane Maldini
851be025e9
Don't force downcasting of RequestAttributes to ServletRequestAttributes
...
Fixes gh-7952
2020-02-07 20:44:19 -05:00
Eleftheria Stein
8c0b754a49
Fix credentials precedence over introspector in Kotlin
...
Fixes: gh-7878
2020-02-06 11:01:42 +01:00
Eleftheria Stein
1fed688f05
Fix JWK Set URI precedence over decoder in Kotlin
...
Fixes: gh-7877
2020-02-06 10:48:42 +01:00