Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-02-25 08:58:57 +00:00
Code Issues Packages Projects Releases Wiki Activity
16,548 Commits 34 Branches 337 Tags
Commit Graph

2684 Commits

Author SHA1 Message Date
Josh Cummings
dff3780c5e
Merge branch '6.3.x' 2024-08-22 12:38:17 -06:00
Josh Cummings
4c0d969f1f
Merge branch '6.2.x' into 6.3.x 
Closes gh-15676
 2024-08-22 12:37:45 -06:00
Josh Cummings
3ee5a96e53
Merge branch '5.8.x' into 6.2.x 
Closes gh-15675
 2024-08-22 12:24:56 -06:00
Josh Cummings
5c604b95fb
Correct PostFilterAuthorizationMethodInterceptor Target Type 
Previously, `postFilterAuthorizationMethodInterceptor` mistakenly
was published as an `Advisor`. Because `MethodSecurityAdvisorRegistrar`
re-publishes each pre/post annotation interceptor also as an `Advisor`,
this resulted in a duplicate advisor for `@PostFilter`.

Closes gh-15651
 2024-08-22 12:10:25 -06:00
Josh Cummings
f398be793d
Simplify AuthorizationAdvisorProxyFactory Configuration 
Closes gh-15497
 2024-08-19 12:34:38 -06:00
Josh Cummings
6352877bc4
Merge branch '6.3.x' 2024-08-19 12:34:32 -06:00
Josh Cummings
ae8e4d148e
Produce Exactly One AuthorizationAdvisor Per Annotation 
Closes gh-15592
 2024-08-19 12:30:03 -06:00
Josh Cummings
27af1df87d
Simplify Method Interceptor Configuration 
Simplifies to use only one ObjectProvider for easier
future maintenance

Issue gh-15592
 2024-08-19 12:27:56 -06:00
Daniel Garnier-Moiroux
b731623b3a Fix checkstyle errors with @Deprecated 2024-08-19 10:55:58 -03:00
Daniel Garnier-Moiroux
b92ed92548 Fix checkstyle errors with @Deprecated 2024-08-19 10:55:28 -03:00
Marcus Hert Da Coregio
912062d307 Merge branch '6.2.x' into 6.3.x 2024-08-19 09:11:10 -03:00
Daniel Garnier-Moiroux
79fb0113c8 Bump io-spring-javaformat from 0.0.42 to 0.0.43 
Bumps `io-spring-javaformat` from 0.0.42 to 0.0.43.

Updates `io.spring.javaformat:spring-javaformat-checkstyle` from 0.0.42 to 0.0.43
- [Release notes](https://github.com/spring-io/spring-javaformat/releases)
- [Commits](spring-io/spring-javaformat@v0.0.42...v0.0.43)

Updates `io.spring.javaformat:spring-javaformat-gradle-plugin` from 0.0.42 to 0.0.43
- [Release notes](https://github.com/spring-io/spring-javaformat/releases)
- [Commits](spring-io/spring-javaformat@v0.0.42...v0.0.43)

---
updated-dependencies:
- dependency-name: io.spring.javaformat:spring-javaformat-checkstyle
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: io.spring.javaformat:spring-javaformat-gradle-plugin
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

---
Manual updates:
- Adhere to rule where `@Deprecated` annotations and `@deprecated` javadoc comments MUST
  be used together

Signed-off-by: dependabot[bot] <support@github.com>
 2024-08-19 09:11:05 -03:00
Daniel Garnier-Moiroux
2caf1fb6b4 Bump io-spring-javaformat from 0.0.42 to 0.0.43 
Bumps `io-spring-javaformat` from 0.0.42 to 0.0.43.

Updates `io.spring.javaformat:spring-javaformat-checkstyle` from 0.0.42 to 0.0.43
- [Release notes](https://github.com/spring-io/spring-javaformat/releases)
- [Commits](spring-io/spring-javaformat@v0.0.42...v0.0.43)

Updates `io.spring.javaformat:spring-javaformat-gradle-plugin` from 0.0.42 to 0.0.43
- [Release notes](https://github.com/spring-io/spring-javaformat/releases)
- [Commits](spring-io/spring-javaformat@v0.0.42...v0.0.43)

---
updated-dependencies:
- dependency-name: io.spring.javaformat:spring-javaformat-checkstyle
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: io.spring.javaformat:spring-javaformat-gradle-plugin
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

---
Manual updates:
- Adhere to rule where `@Deprecated` annotations and `@deprecated` javadoc comments MUST
  be used together

Signed-off-by: dependabot[bot] <support@github.com>
 2024-08-19 09:08:24 -03:00
DingHao
ed16c86115 Improve @CurrentSecurityContext meta-annotations 
Closes gh-15551
 2024-08-13 13:18:15 -06:00
Josh Cummings
59ec1f6480
Revert "Polish AuthorizationAdvisorProxyFactory advisor configuration" 
This commit had some unintended consequences when the advisor
interceptor was published in a Spring Boot application. As such,
15497 will be reopened to investigate. In the meantime, this commit
reverts the previous change so as to allow the build to pass.

Issue gh-15497
 2024-08-12 10:12:14 -06:00
Josh Cummings
08b8b09066
Update Copyright 
Issue gh-15286
 2024-08-10 11:48:14 -06:00
Josh Cummings
2b33f6f04a Add Config Tests for AuthenticationPrincipal Templates 
Issue gh-15286
 2024-08-10 11:46:51 -06:00
Josh Cummings
e40c98e6d7 Deprecate PrePostTemplateDefaults 
Since there is nothing specific to configuring pre/post
annotations, there is no need for the extra class.

If a need like this does arise in the future,
either AnnotationTemplateExpressionDefaults can be sub-
classed, or it can have introduced a Map field holding
custom properties.

Issue gh-15286
 2024-08-10 11:46:51 -06:00
DingHao
2c02d8aec7 Update Copyright 2024-08-10 11:46:51 -06:00
DingHao
895978c818 Auto config AuthenticationPrincipalArgumentResolver When AnnotationTemplateExpressionDefaults bean is Present 2024-08-10 11:46:51 -06:00
Rob Winch
71f40f2bc4 Merge branch '6.3.x' 
Use explicit types instead of var

Closes gh-155537
 2024-08-08 15:30:16 -05:00
Daniel Garnier-Moiroux
3b8cdc323f Remove unused method 2024-08-08 15:29:41 -05:00
Daniel Garnier-Moiroux
109da2719f Use explicit types everywhere instead of var 2024-08-08 15:29:41 -05:00
Josh Cummings
02cca6f737
Polish AuthorizationAdvisorProxyFactory advisor configuration 
Closes gh-15497
 2024-08-07 10:09:51 -06:00
Josh Cummings
816ebe38b5
Add OpenSAML to Config Build 
Issue gh-11658
 2024-08-06 18:14:12 -06:00
Josh Cummings
1da383b360
Add OpenSAML 5 Support 
Issue gh-11658
 2024-08-06 18:14:11 -06:00
Josh Cummings
78a0173cc1
Use OpenSAML API for web 
Issue gh-11658
 2024-08-06 18:14:11 -06:00
Josh Cummings
51fc05630d
Use OpenSAML API for web.authentication.logout 
Issue gh-11658
 2024-08-06 18:14:10 -06:00
Josh Cummings
ff9a925e88
Use OpenSAML API for metadata 
Issue gh-11658
 2024-08-06 18:14:10 -06:00
Josh Cummings
416859e70e
Use OpenSAML API in authentication.logout 
Issue gh-11658
 2024-08-06 18:14:10 -06:00
Daniel Garnier-Moiroux
bc8ba7f3b7 Inline CSS for default login and logout page 
- Remove the dependency on Bootstrap CSS. Results in faster load times, no failures
  in air-gapped or offline scenarios, and no dependency on an external CDN that may
  go away some day.
 2024-08-05 09:27:18 -05:00
Josh Cummings
37a2812d1a
Mimic Annotation Fallback Logic 
For backward compatibility, this commit changes the annotation traversal
logic to match what is found in PrePostAnnotationSecurityMetadataSource.

This reverts gh-13783 which is a feature that unfortunately regressess
pre-existing behavior like that found in gh-15352. As such, that
functionality has been removed.

Issue gh-15352
 2024-07-31 16:17:42 -06:00
Josh Cummings
f20ae1a71c
Revert gh-13783 
This feature unfortunately regresses pre-existing behavior
like that found in gh-15352. As such, this functionality
has been removed.

Closes gh-15352
 2024-07-31 16:16:34 -06:00
Marcus Hert Da Coregio
304685521c Fix tags order 2024-07-29 15:35:48 -03:00
Marcus Hert Da Coregio
8231b8a03b Merge branch '6.3.x' 2024-07-29 14:56:16 -03:00
Marcus Hert Da Coregio
c1b3b329af Merge branch '6.2.x' into 6.3.x 2024-07-29 14:56:09 -03:00
baezzys
3d4bcf1b44 fix: Restrict automatic CORS configuration to UrlBasedCorsConfigurationSource 
- Update CORS configuration logic to automatically enable .cors() only if a UrlBasedCorsConfigurationSource bean is present.
- Modify applyCorsIfAvailable method to check for UrlBasedCorsConfigurationSource instances.
 2024-07-29 14:55:55 -03:00
Marcus Hert Da Coregio
98af8d1123 Add permissionsPolicyHeader 
This method is a replacement of `permissionsPolicy(Customizer)` that returns its own configurer instead of `HeadersConfigurer`.

Closes gh-14803
 2024-07-29 09:26:42 -03:00
Josh Cummings
9d8888c5f0 Use AssertingPartyMetadata 
Issue gh-15394
 2024-07-19 18:48:23 -07:00
Josh Cummings
fdcf3c6df9
Merge branch '6.3.x' 2024-07-18 15:51:21 -06:00
Josh Cummings
ba714d78ab
Merge branch '6.2.x' into 6.3.x 
Closes gh-15440
 2024-07-18 15:51:10 -06:00
Josh Cummings
3daeeb8789
Merge branch '5.8.x' into 6.2.x 
Closes gh-15439
 2024-07-18 15:50:58 -06:00
Josh Cummings
dab48d25b0
Improve Error Message When Registration Missing 
Closes gh-15363
 2024-07-18 15:50:41 -06:00
Josh Cummings
796e4d6b6c
Add query parameter support for authn requests 
Closes gh-15017
 2024-07-13 23:57:57 -06:00
Josh Cummings
8ee497f4c5
Merge branch '6.2.x' into 6.3.x 
Closes gh-15410
 2024-07-12 11:04:08 -06:00
Josh Cummings
7422a1134a Allow logout+jwt JWT type 
Closes gh-15003
 2024-07-12 10:03:40 -07:00
Josh Cummings
773e86701e
Add ParameterRequestMatcher 
Closes gh-15342
 2024-07-02 15:17:54 -06:00
Marcus Hert Da Coregio
aa9c1bab67 Upgrade to Spring Framework 6.2.0-M4 
Closes gh-15266
 2024-06-18 14:07:05 -03:00
Josh Cummings
0e7566ede3
Adjust any-request check 
Storing the request matcher outside of the for loop means that
if one of the SecurityFilterChain instances is not of type
DefaultSecurityFilterChain, then the error may print out an
earlier request matcher instead of the current one.

Instead, this commit changes to print out the entire filter chain
so that it can be inside of the for loop, regardless of type.

Issue gh-15220
 2024-06-17 14:34:03 -06:00
Max Batischev
4c780bf8d4 Add support checking AnyRequestMatcher securityFilterChains 
Closes gh-15220
 2024-06-17 13:05:36 -06:00