Arnaud Mergey
1cd4ffeeb7
fix typo preventing full exception to be displayed in log
...
closes gh-9901
2021-06-17 08:40:55 -06:00
Arnaud Mergey
5fd81eeaf1
fix typo preventing full exception to be displayed in log
...
closes gh-9901
2021-06-17 08:38:24 -06:00
Josh Cummings
d4c3cea0e6
Update Copyright
...
Issue gh-9901
2021-06-17 08:34:31 -06:00
Arnaud Mergey
1d606ccedb
fix typo preventing full exception to be displayed in log
...
closes gh-9901
2021-06-17 08:33:32 -06:00
Steve Riesenberg
a332e2a728
Support additional client authentication methods
...
Closes gh-9780
2021-06-16 16:03:13 -05:00
Steve Riesenberg
9daf058a6e
Handle missing authorization endpoint uri
...
Closes gh-9795
2021-06-16 16:00:53 -05:00
Steve Riesenberg
839cc5e851
Remove validation for unsupported grant types
...
Closes gh-9828
2021-06-16 15:55:45 -05:00
Steve Riesenberg
807ce30948
Support additional client authentication methods
...
Closes gh-9780
2021-06-16 15:48:03 -05:00
Steve Riesenberg
0cba0874f3
Handle missing authorization endpoint uri
...
Closes gh-9795
2021-06-16 15:38:53 -05:00
Steve Riesenberg
9b05afdee8
Remove validation for unsupported grant types
...
Closes gh-9828
2021-06-16 14:54:33 -05:00
Joe Grandja
6fbd038111
Jwt client authentication converter detects new key
...
Closes gh-9814
2021-06-16 12:58:01 -04:00
Joe Grandja
eb6ed283e0
Jwt client authentication converter detects new key
...
Closes gh-9814
2021-06-16 12:55:12 -04:00
Steve Riesenberg
67a18f564a
Store one request by default in WebSessionOAuth2ServerAuthorizationRequestRepository
...
Related to gh-9649
Closes gh-9857
2021-06-15 12:14:37 -05:00
Steve Riesenberg
b6ae11295f
Commit missing compile fix from cherry-pick conflict
2021-06-15 12:10:06 -05:00
Steve Riesenberg
ee9c8e2fd0
Store one request by default in WebSessionOAuth2ServerAuthorizationRequestRepository
...
Related to gh-9649
Closes gh-9857
2021-06-15 12:06:22 -05:00
Steve Riesenberg
a108868529
Store one request by default in WebSessionOAuth2ServerAuthorizationRequestRepository
...
Related to gh-9649
Closes gh-9857
Closes gh-9912
2021-06-15 11:44:34 -05:00
Steve Riesenberg
700bda68b7
Store one request by default in WebSessionOAuth2ServerAuthorizationRequestRepository
...
Related to gh-9649
Closes gh-9857
2021-06-15 11:32:35 -05:00
Steve Riesenberg
aed993f3e5
Store one request by default in WebSessionOAuth2ServerAuthorizationRequestRepository
...
Related to gh-9649
Closes gh-9857
2021-06-15 11:03:30 -05:00
Steve Riesenberg
c0200512a7
URL encode client credentials
...
Closes gh-9610
2021-06-08 08:27:20 -05:00
Eleftheria Stein
36805c7192
Revert "Use strict equality for timestamp comparison in JDBC tests"
...
This reverts commit 09a0670cb6
.
This appears to still be an issue in Windows
Issue gh-8782
2021-06-08 10:13:53 +03:00
Eleftheria Stein
09a0670cb6
Use strict equality for timestamp comparison in JDBC tests
...
This is possible because of the update to HSQLDB 2.6.0
This reverts commit eb7b27695d
.
Closes gh-8782
2021-06-08 09:31:55 +03:00
Steve Riesenberg
6cafa48369
URL encode client credentials
...
Closes gh-9610
2021-06-03 09:39:00 -05:00
Steve Riesenberg
5243b1b8a8
URL encode client credentials
...
Closes gh-9610
2021-06-03 09:29:25 -05:00
Steve Riesenberg
e6c268add0
URL encode client credentials
...
Closes gh-9610
2021-06-03 09:12:18 -05:00
Steve Riesenberg
ac9b137cad
URL encode client credentials
...
Closes gh-9610
2021-06-01 12:57:06 -05:00
Josh Cummings
6d816fbf85
Polish postLogoutRedirectUri encoding
...
Issue gh-9511
2021-05-26 14:38:20 -06:00
Hans Hosea Schaefer
e52b104636
Encode postLogoutRedirectUri query params
...
Now encodes already encoded queryparameters in postLogoutRedirectUrl
correctly
Closes gh-9511
2021-05-26 14:36:05 -06:00
Josh Cummings
24c3c52254
Polish postLogoutRedirectUri encoding
...
Issue gh-9511
2021-05-26 13:58:28 -06:00
Hans Hosea Schaefer
499701e67a
Encode postLogoutRedirectUri query params
...
Now encodes already encoded queryparameters in postLogoutRedirectUrl
correctly
Closes gh-9511
2021-05-26 13:58:23 -06:00
Josh Cummings
f48a006034
Polish postLogoutRedirectUri encoding
...
Issue gh-9511
2021-05-26 13:51:26 -06:00
Hans Hosea Schaefer
b7a0959ede
Encode postLogoutRedirectUri query params
...
Now encodes already encoded queryparameters in postLogoutRedirectUrl
correctly
Closes gh-9511
2021-05-26 13:51:15 -06:00
Josh Cummings
65ecaa0c28
Polish postLogoutRedirectUri encoding
...
Issue gh-9511
2021-05-26 12:31:41 -06:00
Hans Hosea Schaefer
b671a96073
Encode postLogoutRedirectUri query params
...
Now encodes already encoded queryparameters in postLogoutRedirectUrl
correctly
Closes gh-9511
2021-05-26 12:10:03 -06:00
Steve Riesenberg
d3a3c36ad3
Handle custom status codes in error handler
...
Fixes an issue where custom status codes in the error response cause an
IllegalArgumentException to be thrown when resolving an HttpStatus.
Closes gh-9741
2021-05-25 16:14:35 -05:00
Steve Riesenberg
22272321f2
Handle custom status codes in error handler
...
Fixes an issue where custom status codes in the error response cause an
IllegalArgumentException to be thrown when resolving an HttpStatus.
Closes gh-9741
2021-05-25 15:37:37 -05:00
Steve Riesenberg
589eccc547
Handle custom status codes in error handler
...
Fixes an issue where custom status codes in the error response cause an
IllegalArgumentException to be thrown when resolving an HttpStatus.
Closes gh-9741
2021-05-25 15:08:05 -05:00
Steve Riesenberg
de4b3a4310
Handle custom status codes in error handler
...
Fixes an issue where custom status codes in the error response cause an
IllegalArgumentException to be thrown when resolving an HttpStatus.
Closes gh-9741
2021-05-25 13:41:04 -05:00
Steve Riesenberg
36dcbe24d0
Handle custom status codes in error handler
...
Fixes an issue where custom status codes in the error response cause an
IllegalArgumentException to be thrown when resolving an HttpStatus.
Closes gh-9741
2021-05-25 13:31:34 -05:00
Rob Winch
372c2b805b
Update r2dbc-spi-test to 0.8.5.RELEASE
...
Closes gh-9752
2021-05-14 13:23:54 -05:00
Josh Cummings
5b24bd1288
Adjust ClientRegistrationsTests
...
Closes gh-9748
2021-05-14 10:30:46 -06:00
Rob Winch
c9a8419e22
Additional HttpSessionOAuth2AuthorizationRequestRepository tests
...
Issue gh-5145
2021-05-13 20:12:15 -04:00
Craig Andrews
ecb4a5749a
HttpSessionOAuth2AuthorizationRequestRepository: store one request by default
...
Add setAllowMultipleAuthorizationRequests allowing applications to
revert to the previous functionality should they need to do so.
Closes gh-5145
Intentionally regresses gh-5110
2021-05-13 20:12:00 -04:00
Rob Winch
a4216d0ea5
Additional HttpSessionOAuth2AuthorizationRequestRepository tests
...
Issue gh-5145
2021-05-13 19:52:00 -04:00
Craig Andrews
b8eee2002f
HttpSessionOAuth2AuthorizationRequestRepository: store one request by default
...
Add setAllowMultipleAuthorizationRequests allowing applications to
revert to the previous functionality should they need to do so.
Closes gh-5145
Intentionally regresses gh-5110
2021-05-13 19:50:47 -04:00
Rob Winch
f3436f25fb
Additional HttpSessionOAuth2AuthorizationRequestRepository tests
...
Issue gh-5145
2021-05-13 14:01:04 -04:00
Craig Andrews
e447a35cf2
HttpSessionOAuth2AuthorizationRequestRepository: store one request by default
...
Add setAllowMultipleAuthorizationRequests allowing applications to
revert to the previous functionality should they need to do so.
Closes gh-5145
Intentionally regresses gh-5110
2021-05-13 14:00:53 -04:00
Asian Malaysian Vietnamese
5f6de026a8
Update javadoc AuthorizationCodeOAuth2AuthorizedClientProvider
...
Closes gh-9708
2021-05-13 13:02:08 -04:00
Rob Winch
64b7af473d
Additional HttpSessionOAuth2AuthorizationRequestRepository tests
...
Issue gh-5145
2021-05-12 14:59:25 -05:00
Craig Andrews
35f5ebdbcf
HttpSessionOAuth2AuthorizationRequestRepository: store one request by default
...
Add setAllowMultipleAuthorizationRequests allowing applications to
revert to the previous functionality should they need to do so.
Closes gh-5145
Intentionally regresses gh-5110
2021-05-12 14:59:25 -05:00
Joe Grandja
761e3a9dd8
JwtBearerOAuth2AuthorizedClientProvider checks for access token expiry
...
Fixes gh-9700
2021-04-30 10:12:38 -04:00
Joe Grandja
26c6570b10
Revert "Lock Dependencies"
...
This reverts commit b3250c06a9
.
2021-04-12 14:42:38 -04:00
Joe Grandja
b3250c06a9
Lock Dependencies
2021-04-12 14:19:19 -04:00
Joe Grandja
8850ccb1c6
Revert "Lock Dependencies"
...
This reverts commit 924ceac681
.
2021-04-12 13:47:04 -04:00
Joe Grandja
924ceac681
Lock Dependencies
2021-04-12 13:36:39 -04:00
Joe Grandja
eff4cdc924
Polish gh-9505
2021-04-09 06:22:29 -04:00
Hassene Laaribi
7694aa27cf
Add jwt-bearer authorization grant
...
Closes gh-6053
2021-04-09 06:22:29 -04:00
Joe Grandja
9c97970e26
Add Jwt Client Authentication support
...
Closes gh-8175
2021-04-08 15:44:33 -04:00
Rob Winch
8323590b6c
Update r2dbc-spi-test to 0.8.4.RELEASE
...
Closes gh-9551
2021-04-05 22:23:59 -05:00
Rob Winch
60d3db5798
add management platform(project(":spring-security-dependencies"))
...
Closes gh-9540
2021-04-05 10:36:36 -05:00
Rob Winch
1a76ee7442
Update Gradle configuration names
...
Closes gh-9540
2021-04-05 10:36:36 -05:00
Hassene Laaribi
b8e47882aa
Fix test to use non-expired token
...
Closes gh-9506
2021-03-17 17:38:08 +01:00
Eleftheria Stein
4a492846f1
Revert "Lock dependencies for 2.5.0-M3"
...
This reverts commit f05cc6269c
.
2021-03-15 23:18:45 +01:00
Eleftheria Stein
f05cc6269c
Lock dependencies for 2.5.0-M3
2021-03-15 11:00:19 +01:00
Josh Cummings
71e0967b53
Revert "Lock Dependencies for Release"
...
This reverts commit 8c04074264
.
2021-02-17 15:59:48 -07:00
Josh Cummings
8c04074264
Lock Dependencies for Release
2021-02-17 14:59:17 -07:00
Josh Cummings
5e5ff27109
Configure Jackson for nanosecond precision
...
Closes gh-9461
2021-02-17 11:53:36 -07:00
Josh Cummings
a0a9718b8b
Use Instant with micro-second precision
...
Closes gh-9449
2021-02-17 11:31:23 -07:00
Josh Cummings
cf032d86d6
Revert "Lock Dependencies"
...
This reverts commit 9535a41d5a
.
2021-02-11 18:38:07 -07:00
Josh Cummings
9535a41d5a
Lock Dependencies
2021-02-11 17:43:39 -07:00
Josh Cummings
f449da8b78
Revert "Lock Dependencies"
...
This reverts commit d17ebf53f9
.
2021-02-11 17:28:01 -07:00
Josh Cummings
d17ebf53f9
Lock Dependencies
2021-02-11 16:56:28 -07:00
Josh Cummings
c4be1c6a56
Revert "Lock Dependencies"
...
This reverts commit a85caa4098
.
2021-02-11 15:49:59 -07:00
Josh Cummings
a85caa4098
Lock Dependencies
2021-02-11 15:00:38 -07:00
Rob Winch
71f9876c48
Revert "Lock dependencies"
...
This reverts commit dca4858d81
.
2021-02-11 13:38:50 -06:00
Rob Winch
dca4858d81
Lock dependencies
2021-02-11 13:00:32 -06:00
Rob Winch
ec8f6014d4
Revert "Lock dependencies"
...
This reverts commit fa5f789beb
.
2021-02-11 09:51:54 -06:00
Rob Winch
fa5f789beb
Lock dependencies
2021-02-11 08:53:40 -06:00
Benjamin Faal
98399c920a
Make user info response status check error only
...
Closes gh-9336
2021-01-25 11:10:03 -05:00
Benjamin Faal
0f7360e8fa
Make user info response status check error only
...
Closes gh-9336
2021-01-25 10:46:07 -05:00
Benjamin Faal
f6b678f137
Make user info response status check error only
...
Closes gh-9336
2021-01-25 10:23:49 -05:00
Benjamin Faal
d85a7cfc4a
Make user info response status check error only
...
Closes gh-9336
2021-01-25 10:02:58 -05:00
tristanessquare
580b988e7f
Fix NullPointerException
...
- Caused by a malformed WWW-Authenticate value
Closes gh-9364
2021-01-21 16:22:29 -07:00
tristanessquare
56db058fd0
Fix NullPointerException
...
- Caused by a malformed WWW-Authenticate value
2021-01-21 16:18:23 -07:00
Josh Cummings
1af21a9d02
Revert "Lock Dependencies for 5.4.2"
...
This reverts commit 046bc9789f
.
2020-12-02 22:21:02 -07:00
Josh Cummings
7c2010f507
Revert "Lock Dependencies for 5.3.6"
...
This reverts commit a153012056
.
2020-12-02 19:32:03 -07:00
Josh Cummings
046bc9789f
Lock Dependencies for 5.4.2
2020-12-02 17:36:26 -07:00
Josh Cummings
a153012056
Lock Dependencies for 5.3.6
2020-12-02 16:31:52 -07:00
Joe Grandja
58e3235093
Deprecate ClientAuthenticationMethod BASIC and POST
...
Closes gh-9220
2020-11-25 15:13:28 -05:00
Joe Grandja
b95e1aa209
Revert "Lock dependencies for 5.5.0-M1"
...
This reverts commit 25a7482c8c
.
2020-11-03 19:53:28 -05:00
Joe Grandja
c069692ab9
Extract OAuth2Token from AbstractOAuth2Token
...
Closes gh-5502
2020-11-02 20:35:08 -05:00
Rob Winch
25a7482c8c
Lock dependencies for 5.5.0-M1
2020-10-30 17:52:03 -05:00
Ovidiu Popa
6724e3e514
Provide a R2dbc implementation of ReactiveOuath2AuthorizedClientService
...
Implement R2dbcReactiveOuath2AuthorizedClientService which persists the
Oauth2AuthorizedClient in a sql database
R2dbcReactiveOuath2AuthorizedClientService is using the spring-r2dbc
module to persist/load Oauth2AuthorizedClient to/from a sql database
Add optional depedency to the spring-r2dbc module
Add test compile dependencies to r2dbc-h2 and r2dbc-test
Closes gh-7890
2020-10-29 15:44:12 -04:00
Craig Andrews
42a787d1f6
Add Postgres sql for JDBC implementation of OAuth2AuthorizedClientService
...
Postgres doesn't have a BLOB type, but it does have an equivalent BYTEA
type.
This approach and naming convention follows the convention established
in Spring Session JDBC which has sql for each RDBMS with files names in
the pattern *-{dbname}.sql, for example:
schema-db2.sql
schema-derby.sql
schema-h2.sql
schema-mysql.sql
schema-postgresql.sql
See https://github.com/spring-projects/spring-session/tree/2.3.1.RELEASE/spring-session-jdbc/src/main/resources/org/springframework/session/jdbc
Issue gh-9070
2020-10-22 09:56:20 -04:00
Craig Andrews
05dc326389
Use LobHandler in JdbcOAuth2AuthorizedClientService
...
LobHandler provides an abstraction for handling large binary fields and large text
fields in specific databases, no matter if represented as simple types or
Large OBjects.
Its use provides compatibility with many databases eliminating the need
for custom OAuth2AuthorizedClientParametersMapper and
OAuth2AuthorizedClientRowMapper implementations.
Closes gh-9070
2020-10-22 09:56:20 -04:00
Josh Cummings
2dcfda7fac
Revert "Lock Dependencies for 5.3.5.RELEASE"
...
This reverts commit 846a5a962c
.
2020-10-07 16:39:28 -06:00
Josh Cummings
84737e7b23
Revert "Lock Dependencies for 5.4.1"
...
This reverts commit 48ac47418d
.
2020-10-07 16:38:48 -06:00
Josh Cummings
48ac47418d
Lock Dependencies for 5.4.1
2020-10-07 16:01:34 -06:00
Josh Cummings
846a5a962c
Lock Dependencies for 5.3.5.RELEASE
2020-10-07 13:18:01 -06:00
Phillip Webb
c502312719
Replace expected @Test attributes with AssertJ
...
Replace JUnit expected @Test attributes with AssertJ calls.
2020-09-22 16:13:51 -06:00
Phillip Webb
20baa7d409
Replace ExpectedException @Rules with AssertJ
...
Replace JUnit ExpectedException @Rules with AssertJ calls.
2020-09-22 16:13:51 -06:00
Joe Grandja
6e6d382357
Adapt to WebClient's new exception wrapping
...
See https://github.com/spring-projects/spring-framework/issues/23842
Closes gh-9031
2020-09-17 12:21:51 -04:00
Joe Grandja
7b1f574769
Revert "Lock Dependency Versions for 5.4.0"
...
This reverts commit 3d0e459182
.
2020-09-09 18:14:12 -04:00
Joe Grandja
3d0e459182
Lock Dependency Versions for 5.4.0
2020-09-09 13:45:03 -04:00
Rob Winch
2abf59b695
Merge Formatting Changes
...
Issue gh-8945
2020-08-24 17:33:23 -05:00
Rob Winch
dc47a7575e
Polish oauth-client format
...
Issue gh-8945
2020-08-24 17:33:09 -05:00
Phillip Webb
319d3364aa
Migrate to assertThatExceptionOfType
...
Consistently use `assertThatExceptionOfType(...).isThrownBy(...)`
rather than `assertThatCode` or `assertThatThrownBy`. This aligns with
Spring Boot and Spring Cloud. It also allows the convenience
`assertThatIllegalArgument` and `assertThatIllegalState` methods to
be used.
Issue gh-8945
2020-08-24 17:33:09 -05:00
Phillip Webb
2f8e835b11
Use assertThatObject to save casting
...
Update tests that use `assertThat((Object) ...)` to use the convenience
`assertThatObject(...)` method instead.
Issue gh-8945
2020-08-24 17:33:09 -05:00
Phillip Webb
a5aa6b3d7f
Remove blank lines from all tests
...
Remove all blank lines from test code so that test methods are
visually grouped together. This generally helps to make the test
classes easer to scan, however, the "given" / "when" / "then"
blocks used by some tests are now not as easy to discern.
Issue gh-8945
2020-08-24 17:33:09 -05:00
Phillip Webb
7a715f9086
Polish spring-security-oauth2-client main code
...
Manually polish `spring-security-oauth-cleint` following the
formatting and checkstyle fixes.
Issue gh-8945
2020-08-24 17:33:09 -05:00
Phillip Webb
834dcf5bcf
Use consistent ternary expression style
...
Update all ternary expressions so that the condition is always in
parentheses and "not equals" is used in the test. This helps to bring
consistency across the codebase which makes ternary expression easier
to scan.
For example: `a = (a != null) ? a : b`
Issue gh-8945
2020-08-24 17:33:08 -05:00
Phillip Webb
8d3f039f76
Reduce method visibility when possible
...
Reduce method visibility for package private classes when possible.
In the case of abstract classes that will eventually be made public,
the class has been made public and a package-private constructor has
been added.
Issue gh-8945
2020-08-24 17:33:08 -05:00
Phillip Webb
612fb22a7f
Remove unnecessary lambda blocks
...
Remove lambda blocks that aren't needed and replace instead with a
simple expression.
Issue gh-8945
2020-08-24 17:33:08 -05:00
Phillip Webb
52f20b5281
Use parenthesis with single-arg lambdas
...
Use regular expression search/replace to ensure all single-arg
lambdas have parenthesis. This aligns with the style used in Spring
Boot and ensure that single-arg and multi-arg lambdas are consistent.
Issue gh-8945
2020-08-24 17:33:08 -05:00
Phillip Webb
01d90c9881
Hide utility class constructors
...
Update all utility classes so that they have a private constructor. This
prevents users from accidentally creating an instance, when they should
just use the static methods directly.
Issue gh-8945
2020-08-24 17:33:08 -05:00
Phillip Webb
ff94944313
Add whitespace after copyright header
...
Add an additional lines after the copyright header and before the
`package` declaration. This aligns with the style used by Spring
Framework.
Issue gh-8945
2020-08-24 17:33:08 -05:00
Phillip Webb
8d80166aaf
Update exception variable names
...
Consistently use `ex` for caught exception and `cause` for Exception
constructor arguments.
Issue gh-8945
2020-08-24 17:33:08 -05:00
Phillip Webb
e9130489a6
Remove restricted static imports
...
Replace static imports with class referenced methods. With the exception
of a few well known static imports, checkstyle restricts the static
imports that a class can use. For example, `asList(...)` would be
replaced with `Arrays.asList(...)`.
Issue gh-8945
2020-08-24 17:33:08 -05:00
Phillip Webb
db55ef4b3b
Migrate to BDD Mockito
...
Migrate Mockito imports to use the BDD variant. This aligns better with
the "given" / "when" / "then" style used in most tests since the "given"
block now uses Mockito `given(...)` calls.
The commit also updates a few tests that were accidentally using
Power Mockito when regular Mockito could be used.
Issue gh-8945
2020-08-24 17:33:08 -05:00
Phillip Webb
18f3d13363
Fix parenthesis padding issues
...
Fix a few parenthesis padding issues caused by the formatter.
Issue gh-8945
2020-08-24 17:33:08 -05:00
Phillip Webb
a0b9442265
Use consistent modifier order
...
Update code to use a consistent modifier order that aligns with that
used in the "Java Language specification".
Issue gh-8945
2020-08-24 17:33:07 -05:00
Phillip Webb
a2f2e9ac8d
Move inner-types so that they are always last
...
Move all inner-types so that they are consistently the last item
defined. This aligns with the style used by Spring Framework and
the consistency generally makes it easier to scan the source.
Issue gh-8945
2020-08-24 17:33:07 -05:00
Phillip Webb
418c3d6808
Avoid inner assignments
...
Replace code of the form `a = b =c` with distinct statements. Although
this results in more lines of code, they are usually easier to
understand.
Issue gh-8945
2020-08-24 17:33:07 -05:00
Phillip Webb
9e08b51ed3
Apply code cleanup rules to projects
...
Apply automated cleanup rules to add `@Override` and `@Deprecated`
annotations and to fix class references used with static methods.
Issue gh-8945
2020-08-24 17:33:07 -05:00
Phillip Webb
8866fa6fb0
Always use 'this.' when accessing fields
...
Apply an Eclipse cleanup rules to ensure that fields are always accessed
using `this.`. This aligns with the style used by Spring Framework and
helps users quickly see the difference between a local and member
variable.
Issue gh-8945
2020-08-24 17:33:07 -05:00
Phillip Webb
6894ff5d12
Make classes final where possible
...
Update classes that have private constructors so that they are also
declared final. In a few cases, inner-classes used private constructors
but were subclassed. These have now been changed to have package-private
constructors.
Issue gh-8945
2020-08-24 17:33:07 -05:00
Phillip Webb
37fa94fafc
Organize imports
...
Use "organize imports" from Eclipse to cleanup import statements so
that they appear in a consistent and well defined order.
Issue gh-8945
2020-08-24 17:33:07 -05:00
Phillip Webb
5f64f53c3f
Use consistent "@" tag order in Javadoc
...
Ensure that Javadoc "@" tags appear in a consistent and well defined
order.
Issue gh-8945
2020-08-24 17:33:07 -05:00
Phillip Webb
b7fc18262d
Reformat code using spring-javaformat
...
Run `./gradlew format` to reformat all java files.
Issue gh-8945
2020-08-24 17:32:56 -05:00
Martin Vietz
0486d5add9
scopes_supported metadata not used as default in ClientRegistrations
...
Closes gh-8514
2020-08-20 08:09:54 -04:00
Phillip Webb
27ac046d8a
Rename *Test.java -> *Tests.java
...
Rename a few test classes that accidentally ended in `Test` instead of
`Tests`.
Issue gh-8945
2020-08-10 16:24:44 -05:00
Joe Grandja
1d74d556c2
Revert "Lock Dependency Versions for 5.4.0-RC1"
...
This reverts commit f3a1e5d40c
.
2020-08-05 14:59:11 -04:00
Joe Grandja
f3a1e5d40c
Lock Dependency Versions for 5.4.0-RC1
2020-08-05 13:46:11 -04:00
Eleftheria Stein
d8bef76a0f
Unlock dependencies
...
This reverts commit b619d298aa
.
2020-08-05 18:18:02 +02:00
Eleftheria Stein
b619d298aa
Lock Dependencies for 5.3.4.RELEASE
2020-08-05 12:33:31 +02:00
Joe Grandja
3bc0b8c144
Revert "Fix snapshot build failure related to reactor-netty"
...
This reverts commit f37714a26f
.
2020-08-04 14:24:32 -04:00
Joe Grandja
f37714a26f
Fix snapshot build failure related to reactor-netty
...
Closes gh-8909
2020-08-04 14:17:03 -04:00
Joe Grandja
8146b1fdda
Deprecate CustomUserTypesOAuth2UserService
...
Closes gh-8908
2020-08-04 13:23:44 -04:00
Joe Grandja
73e550a867
Polish gh-8906
2020-08-04 11:16:26 -04:00
Joe Grandja
0ed919f072
Deprecate ClientRegistration.redirectUriTemplate
...
Closes gh-8906
2020-08-04 11:03:29 -04:00
Joe Grandja
a0c10f2df6
Allow for custom ClientRegistration.clientAuthenticationMethod
...
Closes gh-8903
2020-08-04 08:48:56 -04:00
Joe Grandja
4e5a304a8a
Remove use of Mono.deferWithContext()
...
Closes gh-8901
2020-08-04 07:26:32 -04:00
Dennis Neufeld
57db8e5d4a
Add OAuth2AuthenticationException to allowlist
...
Add mixins for
- OAuth2AuthenticationException
- OAuth2Error
Closes gh-8797
2020-07-21 10:15:44 -04:00
Dennis Neufeld
de572be8e9
Add OAuth2AuthenticationException to allowlist
...
Add mixins for
- OAuth2AuthenticationException
- OAuth2Error
Closes gh-8797
2020-07-21 10:14:45 -04:00
Joe Grandja
b69bcf88e0
Improve error message when invalid content-type for UserInfo response
...
Closes gh-8764
2020-07-09 14:10:14 -04:00
Josh Cummings
146d0b6358
Revert "Lock Dependency Versions for 5.4.0-M2"
...
This reverts commit 68538897c8
.
2020-07-01 13:11:50 -06:00
Josh Cummings
68538897c8
Lock Dependency Versions for 5.4.0-M2
2020-07-01 12:40:29 -06:00
Eleftheria Stein
7af5804d56
Compare Timestamps up to the millisecond
...
Issue gh-8782
2020-07-01 11:30:27 +02:00
Eleftheria Stein
eb7b27695d
Compare Timestamps up to the millisecond
...
Issue gh-8782
2020-07-01 11:12:55 +02:00
Joe Grandja
da4b626bf1
OAuth2LoginAuthenticationWebFilter should handle OAuth2AuthorizationException
...
Issue gh-8609
2020-06-09 17:28:21 -04:00
Joe Grandja
4c902bb857
OAuth2AuthorizationCodeGrantWebFilter should handle OAuth2AuthorizationException
...
Fixes gh-8609
2020-06-09 17:28:21 -04:00
Joe Grandja
674e2c0a8e
OAuth2LoginAuthenticationWebFilter should handle OAuth2AuthorizationException
...
Issue gh-8609
2020-06-09 16:24:00 -04:00
Joe Grandja
11c1236261
OAuth2AuthorizationCodeGrantWebFilter should handle OAuth2AuthorizationException
...
Fixes gh-8609
2020-06-09 16:24:00 -04:00
Joe Grandja
38c1e3ffa8
OAuth2LoginAuthenticationWebFilter should handle OAuth2AuthorizationException
...
Issue gh-8609
2020-06-09 15:27:32 -04:00
Joe Grandja
acf56f24a6
OAuth2AuthorizationCodeGrantWebFilter should handle OAuth2AuthorizationException
...
Fixes gh-8609
2020-06-09 15:21:07 -04:00
Josh Cummings
1d821a2664
Add Ticket Number to Test
...
Issue gh-8650
2020-06-05 14:24:49 -06:00
Erik Bakker
cd3fd6762f
Don't Consume Request Body
...
Per the servlet spec, getParameter(name) consumes the request body for
POST requests.
This commit prevents DefaultOAuth2AuthorizationRequestResolver from
consuming the request body for non-Authorization requests.
Closes gh-8650
2020-06-05 14:21:00 -06:00
Josh Cummings
bbd2a9ebae
Revert "Lock Dependencies for 5.3.3.RELEASE"
...
This reverts commit 116bfe01e6
.
2020-06-03 16:11:59 -06:00
Josh Cummings
116bfe01e6
Lock Dependencies for 5.3.3.RELEASE
2020-06-03 13:14:07 -06:00
Parikshit Dutta
28d2cfa14a
Add ServerRequestCache setter in OAuth2AuthorizationCodeGrantWebFilter
...
Fixes gh-8536
2020-06-02 21:54:09 -04:00
Parikshit Dutta
1e211b6558
Add RequestCache setter in OAuth2AuthorizationCodeGrantFilter
...
Fixes gh-8120
2020-05-15 15:13:15 -04:00
Joe Grandja
c1abc9b134
Polish gh-8501
2020-05-15 13:26:09 -04:00
Thomas Vitale
78fa859798
Add issuerUri to ClientRegistration.providerDetails
...
- Add "issuerUri" attribute to ClientRegistration.providerDetails for OpenID Connect Discovery 1.0 or OAuth 2.0 Authorization Server Metadata.
- Validate OidcIdToken "iss" claim against the OpenID Provider "issuerUri" value.
- Update documentation for client registration: it includes issuer-uri property now.
Fixes gh-8326
2020-05-14 17:13:07 -04:00
Joe Grandja
86ca6b013c
Unlock dependencies
...
This reverts commit 206960cf44
.
2020-05-06 17:27:35 -04:00
Joe Grandja
206960cf44
Lock dependencies for 5.4.0-M1
2020-05-06 17:13:04 -04:00
Joe Grandja
413dfc8679
Unlock dependencies
...
This reverts commit a61145f74c
.
2020-05-06 15:29:45 -04:00
Joe Grandja
a61145f74c
Lock dependencies for 5.3.2.RELEASE
2020-05-06 15:06:08 -04:00
Stav Shamir
6f2359ccae
Support update when saving with JdbcOAuth2AuthorizedClientService
...
Before this commit, JdbcOAuth2AuthorizedClientService threw DuplicateKeyException when re-authorizing or when authorizing the same user from a different client.
This commit makes JdbcOAuth2AuthorizedClientService's saveAuthorizedClient method consistent with that of InMemoryOAuth2AuthorizedClientService.
Fixes gh-8425
2020-04-29 09:18:54 -04:00
Stav Shamir
a783fbc641
Support update when saving with JdbcOAuth2AuthorizedClientService
...
Before this commit, JdbcOAuth2AuthorizedClientService threw DuplicateKeyException when re-authorizing or when authorizing the same user from a different client.
This commit makes JdbcOAuth2AuthorizedClientService's saveAuthorizedClient method consistent with that of InMemoryOAuth2AuthorizedClientService.
Fixes gh-8425
2020-04-29 07:37:57 -04:00
Daniel Furtlehner
32ce94d2dd
Validate ID Token Issuer
...
When the issuer is set in the provider metadata, we validate the iss
field of the ID Token against it.
The OpenID Connect Specification says this must always be validated.
But this would be a breaking change for applications configured other
than with ClientRegistrations.fromOidcIssuerLocation(issuer). This will
be done later with #8326
Fixes gh-8321
2020-04-21 20:30:01 -04:00
Antonin Arquey
5cd1ec7bb3
Add AuthoritiesMapper setter for reactive OAuth2Login
...
Allow the configuration of a custom GrantedAuthorityMapper for reactive OAuth2Login
- Add setter in OidcAuthorizationCodeReactiveAuthenticationManager
and OAuth2LoginReactiveAuthenticationManager
- Use an available GrantedAuthorityMapper bean to configure the default ReactiveAuthenticationManager
Fixes gh-8324
2020-04-17 16:55:05 -04:00
Joe Grandja
a78872f268
Unlock dependencies for 5.3.1.RELEASE
...
This reverts commit 88c02684bb
.
2020-03-31 17:53:13 -04:00
Joe Grandja
88c02684bb
Lock dependencies for 5.3.1.RELEASE
2020-03-31 17:28:36 -04:00
Ruby Hartono
401597c673
Improve OAuth2LoginAuthenticationProvider
...
1. update OAuth2LoginAuthenticationProvider to use
OAuth2AuthorizationCodeAuthenticationProvider
2. apply fix gh-5368 for OAuth2AuthorizationCodeAuthenticationProvider
to return additionalParameters value from accessTokenResponse
Fixes gh-5633
2020-03-30 21:09:17 -04:00
Ruby Hartono
45eb34c9a6
Improve OAuth2LoginAuthenticationProvider
...
1. update OAuth2LoginAuthenticationProvider to use
OAuth2AuthorizationCodeAuthenticationProvider
2. apply fix gh-5368 for OAuth2AuthorizationCodeAuthenticationProvider
to return additionalParameters value from accessTokenResponse
Fixes gh-5633
2020-03-30 21:08:59 -04:00
Ruby Hartono
71b4248fe6
Improve OAuth2LoginAuthenticationProvider
...
1. update OAuth2LoginAuthenticationProvider to use
OAuth2AuthorizationCodeAuthenticationProvider
2. apply fix gh-5368 for OAuth2AuthorizationCodeAuthenticationProvider
to return additionalParameters value from accessTokenResponse
Fixes gh-5633
2020-03-30 20:55:43 -04:00
Martin Nemec
a9a9c2c0fd
OAuth2 ClientRegistrations NPE fix when userinfo missing
...
Fixes gh-8187
2020-03-27 06:15:25 -04:00
Martin Nemec
dfc25dc245
OAuth2 ClientRegistrations NPE fix when userinfo missing
...
Fixes gh-8187
2020-03-27 06:13:50 -04:00
Martin Nemec
75c05d0bb4
OAuth2 ClientRegistrations NPE fix when userinfo missing
...
Fixes gh-8187
2020-03-27 05:58:28 -04:00
Joe Grandja
a1bcd4ed00
Fix OAuth2AuthorizationRequest additionalParameters/attributes Consumer
...
Fixes gh-8177
2020-03-24 13:59:36 -04:00
Joe Grandja
46baf38f59
Fix OAuth2AuthorizationRequest additionalParameters/attributes Consumer
...
Fixes gh-8177
2020-03-24 13:44:09 -04:00
Joe Grandja
2d8242c5c1
Assign sensible default for OAuth2AuthorizedClientProvider
...
Fixes gh-8150
2020-03-19 11:50:48 -04:00
Joe Grandja
a9dabf6efb
Assign sensible default for OAuth2AuthorizedClientProvider
...
Fixes gh-8150
2020-03-19 11:44:30 -04:00
Josh Cummings
6eadf7b140
Unlock dependencies for 5.3.0.RELEASE
...
This reverts commit 147d7dadd7
.
2020-03-04 12:02:48 -07:00
Josh Cummings
147d7dadd7
Lock dependencies for 5.3.0.RELEASE
2020-03-04 10:28:39 -07:00
Josh Cummings
968ebb194b
baseUrl placeholder for OidcLogoutSuccessHandlers
...
Fixes gh-7842
2020-02-25 13:35:50 -07:00
Joe Grandja
fa73b1397a
Add missing @FunctionalInterface in oauth2 modules
...
Fixes gh-8020
2020-02-24 11:53:30 -05:00
Joe Grandja
3e5600f83f
Add configurable Clock in OidcIdTokenValidator
...
Fixes gh-8019
2020-02-24 11:21:03 -05:00
Joe Grandja
7734d049eb
Polish javadoc gh-7511
2020-02-24 10:35:58 -05:00
Joe Grandja
d32c98b1c5
Add OAuth2AuthorizeRequest.Builder.principal(String)
...
Fixes gh-8018
2020-02-24 09:58:38 -05:00
Joe Grandja
c6da7b2dd6
Polish gh-7840
2020-02-24 09:28:00 -05:00
Joe Grandja
65b5d468fb
Deprecate UnAuthenticatedServerOAuth2AuthorizedClientRepository
...
Fixes gh-8016
2020-02-24 06:50:58 -05:00
Joe Grandja
4e2f1988f2
Polish Fix package tangles
...
Issue #7699 #7840
2020-02-24 06:42:00 -05:00
Joe Grandja
82cd203791
Remove unnecessary mocking
...
Fixes gh-8012
2020-02-23 19:35:16 -05:00
Joe Grandja
c8cc9717c9
Fix package tangles
...
Issue #7699 #7840
2020-02-23 07:24:36 -05:00
Joe Grandja
f2da2c56be
Resolve OAuth2Error from WWW-Authenticate header
...
Issue gh-7699
2020-02-21 15:12:58 -05:00
Joe Grandja
69156b741d
Add OAuth2Authorization success/failure handlers
...
Fixes gh-7840
2020-02-21 15:12:58 -05:00
Joe Grandja
23ce717380
Simplify customizing OAuth2AuthorizationRequest
...
Fixes gh-7696
2020-02-19 06:22:07 -05:00
Joe Grandja
de8b558561
Add JDBC implementation of OAuth2AuthorizedClientService
...
Fixes gh-7655
2020-02-13 12:17:29 -05:00
Joe Grandja
8acdb82e6a
OAuth2AuthorizationCodeGrantWebFilter matches on query parameters
...
Fixes gh-7966
2020-02-10 15:28:06 -05:00
Joe Grandja
0809c04aa2
OAuth2AuthorizationCodeGrantWebFilter matches on query parameters
...
Fixes gh-7966
2020-02-10 15:11:04 -05:00