spring-security

mirror of https://github.com/spring-projects/spring-security.git synced 2025-02-23 23:31:27 +00:00

Author	SHA1	Message	Date
John Coyne	7618d236c4	CookieClearingLogoutHandler updates based on comments Changed the implementation to use an anonymous function Issue: gh-6078	2018-11-26 14:33:08 -06:00
John Coyne	14c2d96c86	Clean up code to conform to basic checkstyle Issue: gh-6078	2018-11-26 14:33:08 -06:00
John Coyne	d05ad19276	CookieClearingLogoutHandler enhancement Enabled the ability to pass in an array of Cookies to support clearing cookies on a different path other than the default context path Issue: gh-6078	2018-11-26 14:33:08 -06:00
Joe Grandja	bcee22d2f9	Update com.squareup.okhttp3 deps to 3.12.0 Fixes gh-6142	2018-11-26 13:26:38 -05:00
Rafael Dominguez	b8a96b1f21	Enable Code Coverage Reports in Sonar This commit ensures that jacocoTestReport task is called when running the Sonar stage. Additionally, a variable is passed instructing Sonar where to find the test result data. Fixes: gh-6092	2018-11-26 09:06:30 -07:00
Valeriy.Vyrva	0a86ed8717	Add space in exception message	2018-11-26 09:04:55 -07:00
Rafael Dominguez	8e648deda0	Replace slf4j dependencies with logback-classic This commit removes explicit declaration of slf4j dependencies. Instead, logback classic is declared that will pull them transitively. Fixes: gh-6130	2018-11-23 09:59:29 -05:00
Rafael Dominguez	d1492afc0c	Replace deprecated Gradle Task method in AspectJPlugin.groovy This commit ensures that the method Task.deleteAllActions is not used Fixes: gh-6128	2018-11-22 23:18:14 -06:00
Rafael Dominguez	e60e17109c	Update to Gradle 4.10.2 Fixes gh-6106	2018-11-21 09:57:26 -06:00
Josh Cummings	2a8233d035	Remove PowerMock from oauth2-core and oauth2-jose Issue: gh-6025	2018-11-20 14:02:10 -07:00
Josh Cummings	9ee291e659	AesBytesEncryptorTests Check Key Strength Fixes: gh-6121	2018-11-20 11:45:45 -07:00
Satish Sharma	7232dabd48	Update to oauth2-oidc-sdk:6.2 Fixes: gh-6101	2018-11-20 11:05:27 -07:00
Josh Cummings	3a43ed8f1c	Register NullRequestCache When Disabled Fixes: gh-6102	2018-11-20 07:15:09 -07:00
Josh Cummings	80e13bad41	Remove PowerMock from oauth2-client Issue: gh-6025	2018-11-19 18:09:00 -07:00
Josh Cummings	39933b10ff	Add scopes method to TestOAuth2AccessTokens Issue: gh-6025	2018-11-19 18:06:40 -07:00
dperezcabrera	f6414e9a52	Make InMemory*ClientRegistrationRepository Consistent The previous builders with the list argument were inconsistent with their respective builders of var args.	2018-11-19 15:09:30 -06:00
Rafael Dominguez	e1d68e4f6b	WebClientReactiveClientCredentialsTokenResponseClient.getTokenResponse expects 2xx http status code This ensures that token response is only extracted when ClientResponse has a successful status Fixes: gh-6089	2018-11-19 10:50:33 -06:00
Josh Cummings	f30fcdda6b	RequestCacheConfigurerTests groovy->java Issue: gh-4939	2018-11-16 15:40:12 -07:00
Josh Cummings	686393ed5c	ExceptionHandlingConfigurerTests groovy->java Issue: gh-4939	2018-11-16 14:51:26 -07:00
Josh Cummings	1ea73e7d8e	Jwt Decoder Local Key Configuration Adds support for configuring Resource Server DSL with a local public key. Fixes: gh-5131	2018-11-16 13:07:19 -06:00
Rafael Dominguez	75a2c2b729	OAuth2AccessTokenResponseBodyExtractor supports Object values This commit ensures the token response is parsed correctly if the values are not a String. Fixes: gh-6087	2018-11-15 13:23:36 -06:00
Daniel Bustamante Ospina	808fbfa161	Update webflux-form sample to use Built in CSRF Support Remove the CsrfControllerAdvice class and update dependencies to add org.thymeleaf.extras:thymeleaf-extras-springsecurity5 Issue: gh-6061	2018-11-14 17:38:37 -06:00
Josh Cummings	d28e32b000	NimbusJwtDecoder Builder A Builder to simply common construction patterns for NimbusJwtDecoder Issue: gh-6010	2018-11-14 15:53:47 -06:00
Josh Cummings	fbcf48cea0	Low-level Nimbus Jwt Decoder Introduces a JwtDecoder which takes a raw Nimbus JWTProcessor configuration. Fixes: gh-5648	2018-11-14 15:53:47 -06:00
Karl Goffin	db5e54266c	#3912 lazyBean method respects @Primary annotation	2018-11-14 14:31:29 -06:00
Dongmin Shin	b2c2f84f00	Fix Typo in Reference Docs Fixes gh-6076	2018-11-14 11:36:27 -06:00
Rafael Dominguez	ac026e23fe	Updated Spring Boot version from 2.1.0.M4 to 2.1.0.RELEASE	2018-11-14 10:51:38 -06:00
Krzysztof Szmytkowski	b5455b0bec	Make AesByesEncryptor public Fixes: gh-5099	2018-11-13 16:05:59 -07:00
Josh Cummings	13de580632	AesBytesEncryptorTests Issue: gh-5099	2018-11-13 16:03:47 -07:00
Johnny Lim	95c824cb2a	Upgrade to neko-htmlunit 2.33	2018-11-13 15:48:52 -06:00
Josh Cummings	ae74f22e30	Reactive Jwt Claim Set Converter Support Exposes setClaimSetConverter on NimbusReactiveJwtDecoder, lining it up with the same support on NimbusJwtDecoder. Fixes: gh-6015	2018-11-13 15:31:08 -06:00
Gunnar Hillert	11b6b63364	Docs: Fix Maven Property example `spring-security.version`	2018-11-13 15:08:00 -06:00
Josh Cummings	2769b7ffb0	Leave Issuer As String - Documentation Update documentation that indicated the iss claim is proactively coerced into a URL. Issue: gh-6073	2018-11-13 12:40:41 -07:00
Josh Cummings	19649db9ce	Leave Issuer As String Since StringOrURI is a valid issuer, MappedJwtClaimSetConverter and JwtIssuerValidator no longer assume it. Issue: gh-6073	2018-11-13 11:39:15 -07:00
Josh Cummings	c70b65c5df	Favor URL.toExternalForm Converts URLs to Strings before comparing them. Uses toString(), which delegates to toExternalForm(). Fixes: gh-6073	2018-11-13 08:20:18 -07:00
Josh Cummings	a32d19ec7d	Polish NimbusReactiveJwtDecoderTests Issue: gh-5650	2018-11-12 15:04:00 -07:00
Josh Cummings	8eedb3919e	Policy OAuth2ResourceServerSpecTests Issue: gh-6052	2018-11-12 15:01:15 -07:00
Josh Cummings	dca3645850	Update to spring-build-conventions:0.0.22.RELEASE Fixes: gh-6064	2018-11-09 10:55:35 -07:00
dperezcabrera	898d005a53	InMemoryUserDetailsManager.updatePassword case-insenstive Previously updatePassword was case sensitive which was inconsistent with the rest of the class. This commit updates updatePassword to be case insensitive. Fixes: gh-6039	2018-11-09 11:39:58 -06:00
Erik van Paassen	3a6582d2a6	Fix csrf:token-repository-ref XSD documentation The documentation of the token-repository-ref attribute of the csrf element in the schema has been updated to make clear the default repository is lazy. Targets versions 4.2, 5.0 and 5.1. Fixes gh-6037	2018-11-08 10:14:49 -06:00
Josh Cummings	9a13f9acde	Custom Bearer Token Error Handling Support Users can specify a custom access denied handler and authentication entry point for reactive resource servers. Fixes: gh-6052	2018-11-07 16:29:56 -06:00
Josh Cummings	78e27ca17f	Update Reactive Resource Server Docs Resource Server documentation for both Servlet and Reactive now have a similar feel and offer deeper exposure to common use cases. Fixes: gh-6054	2018-11-07 12:05:21 -07:00
Josh Cummings	8a475e39be	Write Security Headers Before Servlet Include HeaderWriterFilter wraps request dispatcher so it can write security headers before the include occurs. Fixes: gh-5499	2018-10-31 09:27:25 -05:00
Paul Wheeler	ccc4e1c876	Made AclClassIdUtils genuinely package level by injecting the conversionService instead of AclClassIdUtils Fixes gh-4814	2018-10-31 09:24:35 -05:00
Paul Wheeler	2c362456fd	AclClassIdUtils should be public Fixes gh-4814	2018-10-31 09:24:35 -05:00
Josh Cummings	75e7e099ab	MiscHttpConfigTests groovy->java Issue: gh-4939	2018-10-30 12:58:20 -06:00
Josh Cummings	7d3302f52b	Polish Test Name So that it adheres to methodNameWhenConditionThenVerification naming convention. Issue: gh-3743	2018-10-30 10:20:37 -06:00
Karl Goffin	50d26c9d28	Polish Logging and Tests Removing debug statements which would have prematurely terminated the stream, changing to AssertJ, and adding another test. Issue: gh-3743	2018-10-30 10:18:16 -06:00
Karl Goffin	92e68a589a	PostFilter Support for Streams Users can return a Stream from a @PostFilter-annotated method. Fixes: gh-3743	2018-10-30 10:17:16 -06:00
Josh Cummings	e1c7dd6480	Add JDK 11 to Jenkins Fixes: gh-5860	2018-10-25 17:10:50 -06:00

1 2 3 4 5 ...

7423 Commits