Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2026-01-30 18:19:40 +00:00
Code Issues Packages Projects Releases Wiki Activity
16,174 Commits 49 Branches 370 Tags
Commit Graph

1228 Commits

Author SHA1 Message Date
Joe Grandja
148b570a98 Remove redundant validation for redirect-uri 
Fixes gh-7706
 2019-12-06 12:01:19 -05:00
Joe Grandja
24500fa3ca Remove redundant validation for redirect-uri 
Fixes gh-7706
 2019-12-06 11:55:31 -05:00
Josh Cummings
bb8706977d
Polish DefaultOAuth2AuthorizedClientManager 2019-12-02 16:05:17 -07:00
Joe Grandja
b905cb8aaa Polish OAuth2AuthorizedClientArgumentResolver 2019-11-28 10:31:29 -05:00
Joe Grandja
19c2209a12 ServerOAuth2AuthorizedClientExchangeFilterFunction works with UnAuthenticatedServerOAuth2AuthorizedClientRepository 
Fixes gh-7544
 2019-11-28 10:31:18 -05:00
Joe Grandja
18f48e4a16 DefaultReactiveOAuth2AuthorizedClientManager requires non-null serverWebExchange 
Issue gh-7544
 2019-11-28 10:31:06 -05:00
Joe Grandja
65513f2e3b Polish OAuth2AuthorizedClientArgumentResolver 2019-11-28 09:48:01 -05:00
Joe Grandja
80f256e425 ServerOAuth2AuthorizedClientExchangeFilterFunction works with UnAuthenticatedServerOAuth2AuthorizedClientRepository 
Fixes gh-7544
 2019-11-28 09:48:01 -05:00
Joe Grandja
07b8aa0b1f DefaultReactiveOAuth2AuthorizedClientManager requires non-null serverWebExchange 
Issue gh-7544
 2019-11-28 09:48:01 -05:00
Josh Cummings
6ff71d8113
Add OidcUserInfo.Builder 
Fixes gh-7593
 2019-11-26 16:12:06 -07:00
Josh Cummings
c76775159c
Add OidcIdToken.Builder 
Fixes gh-7592
 2019-11-26 16:12:06 -07:00
Josh Cummings
22ae3eb765
Polish Error-handling Tests 
Tests should assert the error message content that Spring Security
controls.

Fixes gh-7647
 2019-11-14 16:13:39 -07:00
Rafiullah Hamedy
58ca81d500 Make jwks_uri optional for RFC 8414 and Required for OpenID Connect 
OpenID Connect Discovery 1.0 expects the OpenId Provider Metadata 
response is expected to return a valid jwks_uri, however, this field is 
optional in the Authorization Server Metadata response as per RFC 8414
specification.

Fixes gh-7512
 2019-11-11 10:34:06 -07:00
Josh Cummings
ed02ef9773
Add Test for Malformed Scope 
Fixes gh-7563
 2019-10-28 16:55:56 -06:00
Josh Cummings
387f765595
Catch Malformed BearerTokenError Descriptions 
Fixes gh-7549
 2019-10-28 12:30:27 -06:00
Phil Clay
8584b12c8d Make saveAuthorizedClient save the authorized client 
Previously, saveAuthorizedClient never actually saved the authorized
client, because it ignored the Mono<Void> returned from
authorizedClientRepository.saveAuthorizedClient.

Now, it does not ignore the Mono<Void> returned from
authorizedClientRepository.saveAuthorizedClient, and includes it in
the stream, and therefore it will properly save the authorized client.

Fixes gh-7546
 2019-10-23 12:12:23 -04:00
Joe Grandja
1c53a7859b Fix access token expiry check with clock skew 
Fixes gh-7511
 2019-10-22 21:54:55 -04:00
Everett Irwin
6ad328f909 Add Clock Skew Tests 
Fixes gh-7511

Co-authored-by: Isaac Cummings <josh.cummings+zac@gmail.com>
 2019-10-17 20:19:47 -06:00
Josh Cummings
adf9769eed
Add ClientRegistration.withClientRegistration 
Fixes gh-7486
 2019-09-27 14:17:50 -06:00
Josh Cummings
33ba292fed
Resource Server w/ SecurityReactorContextSubscriber 
Fixes gh-7423
 2019-09-27 11:01:04 -06:00
Joe Grandja
7217bb5eb0 Remove FIXME in OAuth2LoginReactiveAuthenticationManager 2019-09-27 12:13:13 -04:00
Joe Grandja
2a5bd6e719 Align Servlet ExchangeFilterFunction CoreSubscriber 
Fixes gh-7422
 2019-09-26 16:17:17 -04:00
Joe Grandja
d3b7a47ef8 Polish gh-4442 2019-09-25 21:37:31 -04:00
Mark Heckler
da9f027fa4 Add nonce to OIDC Authentication Request 
Fixes gh-4442
 2019-09-25 14:57:54 -04:00
Joe Grandja
9f18c2e21a OAuth2AuthorizationCodeGrantWebFilter matches on registered redirect-uri 
Fixes gh-7036
 2019-09-24 11:07:36 -04:00
Rob Winch
ff54eb878a Use Schedulers.boundedElastic() 
Fixes gh-7457
 2019-09-19 13:51:06 -05:00
Rob Winch
00f8991fac Merge Remove Redudant Throws 
Fixes gh-7301
 2019-09-19 11:04:53 -05:00
Josh Cummings
05caf3d8fb
Use Jwt.Builder 
Fixes gh-7443
 2019-09-16 14:00:25 -06:00
Josh Cummings
40901fe072
Jwt.Builder#notBefore Value Is Instant 
Fixes gh-7442
 2019-09-16 14:00:25 -06:00
Joe Grandja
88c749263b Polish javadoc for OAuth2AuthorizedClientManager 2019-09-12 19:25:49 -04:00
Josh Cummings
101e0a21a8 Bearer WebClient Filter Authentication Propagation 
Fixes: gh-7418
 2019-09-11 16:27:21 +01:00
Joe Grandja
dcdeab596d DefaultReactiveOAuth2AuthorizedClientManager defaults ServerWebExchange 
Fixes gh-7390
 2019-09-10 11:40:28 -04:00
Eddú Meléndez
91bf1c782a Make OAuth2User extends OAuth2AuthenticatedPrincipal 
Fixes gh-7378
 2019-09-09 14:36:35 +01:00
Joe Grandja
93cda94969 Add attributes Consumer to OAuth2AuthorizationContext 
Fixes gh-7385
 2019-09-06 08:01:59 -04:00
Joe Grandja
f7d03858f1 OAuth2AuthorizedClientManager implementation works outside of request 
Fixes gh-6780
 2019-09-06 06:10:36 -04:00
Joe Grandja
a60446836b OAuth2AuthorizeRequest supports attributes 
Fixes gh-7341
 2019-09-05 21:04:25 -04:00
Rob Winch
2a3bf9b6bb DefaultReactiveOAuth2UserService IOException 
Improve handling of IOException to report an
AuthenticationServiceExceptionThere are many reasons that a
DefaultReactiveOAuth2UserService might fail due to an IOException
(i.e. SSLHandshakeException). In those cases we should use a
AuthenticationServiceException so that users are aware there is likely
some misconfiguration.

Fixes gh-7370
 2019-09-05 13:31:30 -05:00
Andreas Kluth
c46b224ec4 Remove OAuth2AuthorizationRequest when a distributed session is used 
Dirties the WebSession by putting the amended AUTHORIZATION_REQUEST map into
the WebSession even it was already in the map. This causes common SessionRepository
implementations like Redis to persist the updated attribute.

Fixes gh-7327

Author: Andreas Kluth <mail@andreaskluth.net>
 2019-09-05 09:31:32 -04:00
Josh Cummings
099d49aa40 Simplify currentAuthentication() 2019-09-04 15:33:41 -06:00
Josh Cummings
40ff837713 Polish Server|ServletBearerExchangeFilterFunction 
Fixes gh-7353
 2019-09-04 15:33:41 -06:00
Joe Grandja
e6618d4d50 Removed unused OAuth2AuthorizedClientResolver 
Fixes gh-7357
 2019-09-04 16:56:40 -04:00
Josh Cummings
833bfd0c22 Add Authorities from Access Token 2019-09-04 14:15:28 -06:00
Josh Cummings
aa1c80c801 Grant Individual Authorities From Claims 
Fixes gh-7339
 2019-09-04 14:15:28 -06:00
Joe Grandja
409285fb3d Fix test 
Issue gh-7350
 2019-09-04 14:27:01 -04:00
Joe Grandja
0ac8618eac Align DefaultOAuth2AuthorizedClientManager.DefaultContextAttributesMapper 
Fixes gh-7350
 2019-09-04 14:07:45 -04:00
Joe Grandja
dcd997ea43 Add support for Resource Owner Password Credentials grant 
Fixes gh-6003
 2019-09-04 14:07:45 -04:00
Josh Cummings
d7f7e9d4b7 Add Jwt to BearerTokenAuthentication Converter 
Fixes gh-7346
 2019-09-03 15:58:05 -06:00
Josh Cummings
068f4f0147 Polish Opaque Token 
Use OAuth2AuthenticatedPrincipal
Use BearerTokenAuthentication
Update names to reflect more generic approach.

Fixes gh-7344
Fixes gh-7345
 2019-09-03 15:58:05 -06:00
Josh Cummings
c019507770 Add BearerTokenAuthentication 
Fixes gh-7343
 2019-09-03 15:58:05 -06:00
Josh Cummings
346b8c2cff Add OAuth2AuthenticatedPrincipal 
Fixes gh-7342
 2019-09-03 15:58:05 -06:00