86ca6b013c
Unlock dependencies
...
This reverts commit 206960cf44
2020-05-06 17:27:35 -04:00
206960cf44
Lock dependencies for 5.4.0-M1
2020-05-06 17:13:04 -04:00
1f1ddeb025
SecurityMockMvcConfigurer$DelegateFilter is not null-safe
...
This commit adds null-check to getter method, so instead of NPE an IllegalStateException will be thrown with additional details.
Fixes gh-7745
2020-05-05 09:56:37 -05:00
d81321bc29
Fix typo 'properites' in documentation
...
Fixes gh-8095
2020-03-11 10:54:14 -06:00
6eadf7b140
Unlock dependencies for 5.3.0.RELEASE
...
This reverts commit 147d7dadd7
2020-03-04 12:02:48 -07:00
147d7dadd7
Lock dependencies for 5.3.0.RELEASE
2020-03-04 10:28:39 -07:00
85b0e468ad
Add missing calls to principalName
...
Issue gh-8054
2020-03-03 17:11:42 -07:00
2064214f39
Add principal name to oauth2Client Test Support
...
Fixes gh-8054
2020-03-03 16:33:08 -07:00
3bc1b7a933
Simplify opaqueToken support
...
Remove scopes convenience method to alleviate potential confusion with
the "scope" attribute.
Issue gh-7827
Issue gh-7712
2020-03-03 16:24:43 -07:00
689fc9df0c
Align Test Support Claims
...
Make all sub claims 'user' and all scopes 'read' to align with
existing support for JWT
Issue gh-7828
Issue gh-7789
Issue gh-7680
Issue gh-7618
2020-03-03 16:24:43 -07:00
30adabb685
Simplify oauth2Login Test Support
...
Remove nameAttributeKey as this is easily done by constructing
a DefaultOAuth2User instance.
Issue gh-7789
Issue gh-7828
2020-03-03 15:48:04 -07:00
bd593a3431
Add Opaque Token WebTestClient Support
...
Fixes gh-7827
2020-02-27 11:29:55 -07:00
ffb5a3a0d4
Add oauth2Client WebTestClient Support
...
Fixes gh-7910
2020-02-05 15:33:57 -07:00
84b8a5abd7
Unlock dependencies for next development version
...
This reverts commit 064616f1ef
2020-02-05 15:53:04 +01:00
064616f1ef
Lock dependencies for 5.3.0.RC1
2020-02-05 10:20:05 +01:00
c367378421
Add OAuth2Client MockMvc Test Support
...
Fixes gh-7886
2020-02-03 15:59:58 -07:00
982f3f902c
Add oauth2Login Reactive Test Support
...
Fixes gh-7828
2020-01-13 17:49:52 -07:00
8f1d0cf528
opaqueToken MockMvc Configuration Order
...
Fixes gh-7800
2020-01-10 16:47:31 -07:00
fcc6457bef
Unlock dependencies for next development version
...
This reverts commit 93acf8f0f1
2020-01-08 22:15:17 +01:00
93acf8f0f1
Lock dependencies for 5.3.0.M1
2020-01-08 19:41:10 +01:00
09810b8df9
oidcLogin Test Configuration Flow
...
Fixes gh-7794
2020-01-07 17:37:48 -07:00
84ba3ddf26
Add oauth2Login MockMvc Support
...
Fixes gh-7789
2020-01-07 14:09:36 -07:00
e1fdb24b5d
Add opaqueToken MockMvc Test Support
...
Fixes gh-7712
2019-12-20 15:34:11 -07:00
d102cae243
oidcLogin MockMvc Documentation
...
Remove documentation requiring a valid ClientRegistrationRepository
Issue: gh-7618
2019-12-02 22:49:17 -07:00
8c32d5fe48
Add oidcLogin WebFlux Test Support
...
Fixes: gh-7680
2019-12-02 22:28:24 -07:00
b35e18ff31
Add oidcLogin MockMvc Test Support
...
Fixes gh-7618
2019-11-26 16:12:06 -07:00
7cbd1665a6
Isolate Jwt Test Support
...
Isolating Jwt test support inside JwtRequestPostProcessor and
JwtMutator.
Fixes gh-7641
2019-11-22 15:07:05 -07:00
4f82be7e68
Support URI vars in formLogin and logout MockMvc requests
2019-11-05 09:46:50 +01:00
00f8991fac
Merge Remove Redudant Throws
...
Fixes gh-7301
2019-09-19 11:04:53 -05:00
05caf3d8fb
Use Jwt.Builder
...
Fixes gh-7443
2019-09-16 14:00:25 -06:00
b55b2914c2
Mock Jwt Disables CSRF
...
Fixes gh-7170
2019-09-13 19:04:05 +01:00
95511331fa
fix checkstyle
2019-08-26 22:42:26 +02:00
34dd5fea30
Remove redundant throws clauses
...
Removes exceptions that are declared in a method's signature but never thrown by the method itself or its implementations/derivatives.
2019-08-23 01:03:54 +02:00
9d63c36f93
Fix JDK 10+
...
Issue gh-7265
2019-08-16 11:13:11 -05:00
0c6bff4afb
SecurityMockMvcConfigurer Honors Filter Order
...
Fixes gh-7265
2019-08-16 09:24:33 -05:00
c1db1aad91
Cleanup Code Style Issues
...
Cleanup Code Style Issues
2019-08-12 13:06:49 -05:00
ff1070df36
remove redundant modifiers found by checkstyle
2019-08-10 00:18:56 +02:00
38de737663
Java 8: Statement lambda can be replaced with expression lambda
2019-08-09 16:59:07 -05:00
b388976ac8
fix checkstyle
2019-08-09 02:46:20 +02:00
fe9e454978
StandardCharsets can be used
...
Reports methods and constructors where constant charset String literal is used (like "UTF-8") which could be replaced with a predefined Charset object like StandardCharsets.UTF_8. This may work a little bit faster, because charset lookup becomes unnecessary. Also catching UnsupportedEncodingException may become unnecessary as well. In this case the catch block will be removed automatically.
2019-08-09 00:39:09 +02:00
fb39d9c255
Anonymous type can be replaced with lambda
2019-08-08 17:09:09 -04:00
776a4c3760
Use org.mockito.ArgumentMatchers in favor of org.mockito.Matchers
2019-08-03 12:28:37 -04:00
c5b5cc507c
Cleanup redundant type casts
2019-07-10 09:31:09 -05:00
23a7c3010c
Added jwt injection for reactive test mocks
...
Added new implementation of jwt() method that
makes it possible to directly provide a previously
prepared JWT token to WebTestClient mutator.
Fixes: spring-projectsgh-6896
2019-06-15 10:01:57 -06:00
9323d8e821
Extended testing api for JWT
...
Added new implementation of jwt() method that
makes it possible to directly provide a previously
prepared JWT token to the MockMvc request builder.
Issue: spring-projectsgh-6896
2019-06-12 10:09:32 -06:00
d0f5b42884
Mock Jwt Test Support and Jwt.Builder Polish
...
Simplified the initial support to introduce fewer classes and only the
features described in the ticket.
Changed tests to align with existing patterns in the repository.
Added JavaDoc to remaining public methods introduced for this feature.
Issue: gh-6634
Issue: gh-6851
2019-05-22 14:23:02 -06:00
e59d8a529b
Mock Jwt Test Support and Jwt.Builder
...
Fixes: gh-6634
Fixes: gh-6851
2019-05-22 14:23:02 -06:00
b93528138e
URL Cleanup
...
This commit updates URLs to prefer the https protocol. Redirects are not followed to avoid accidentally expanding intentionally shortened URLs (i.e. if using a URL shortener).
# Fixed URLs
## Fixed Success
These URLs were switched to an https URL with a 2xx status. While the status was successful, your review is still recommended.
* http://www.apache.org/licenses/ with 1 occurrences migrated to:
https://www.apache.org/licenses/ ([https](https://www.apache.org/licenses/ ) result 200).
* http://www.apache.org/licenses/LICENSE-2.0 with 2691 occurrences migrated to:
https://www.apache.org/licenses/LICENSE-2.0 ([https](https://www.apache.org/licenses/LICENSE-2.0 ) result 200).
* http://www.apache.org/licenses/LICENSE-2.0.html with 2 occurrences migrated to:
https://www.apache.org/licenses/LICENSE-2.0.html ([https](https://www.apache.org/licenses/LICENSE-2.0.html ) result 200).
2019-03-14 15:46:20 -05:00
1a80d4a66c
Fix Generics in ReactorContextTestExecutionListenerTests for JDK 9+
...
Issue: gh-6075
2018-11-30 12:07:58 -06:00
a28c677f88
ReactorContextTestExecutionListener should use named hooks
...
Fixes: gh-6075
2018-11-30 11:13:26 -06:00
12050404ad
Populate test security context with authentication
...
Add setAuthentication method on TestSecurityContextHolder.
2018-10-03 14:24:45 -04:00
cb0ba58b58
Fix WhitespaceAfterCheck Checkstyle check
2018-08-27 10:45:35 -05:00
18db425861
Polish Javadoc to remove warning
2018-07-18 09:24:59 -06:00
1137f3b46d
Add cross references to ReactorContextTestExecutionListener
...
Fixes: gh-5418
2018-06-11 17:13:24 -05:00
7a204a5f58
Fixes for SPR-16624
...
Fixes: gh-5164
2018-03-27 22:35:08 -05:00
b1d013e8f0
Fix JDK 9
...
Issue: gh-5160
2018-03-27 09:30:56 -05:00
1851aaa66d
Fix ReactorContextTestExecutionListener with custom SecurityContext
...
Fixes: gh-5137
2018-03-19 09:29:27 -05:00
76e36bd06e
fix Mock Authentication resolution
2018-03-19 09:16:55 -05:00
65193963ad
Fix Imports
...
Issue: gh-4888
2018-03-09 09:15:39 -06:00
2228485a40
WithUserDetails supports ReactiveUserDetailsService
...
Fixes: gh-4888
2018-03-08 23:13:19 -06:00
abae2f3e87
Allow WithSecurityContextTestExecutionListener to execute after @Before
...
Fixes: gh-2935
2018-03-08 14:13:07 -06:00
e1a8d250de
Add authenticated().withAuthentication(Consumer<Authentication>)
...
This allows arbitrary assertions of the authenticated user
Fixes: gh-4996
2018-02-02 16:56:45 -06:00
57353d18e5
Use diamond type
2017-12-21 15:09:00 -06:00
b6895e6359
Apply Checkstyle WhitespaceAfterCheck module
2017-11-16 11:18:31 -06:00
d900f2a623
Remove unused imports
...
This commit also adds UnusedImportsCheck Checkstyle module.
2017-11-14 14:41:08 -06:00
cdcf65de1e
Polish
...
Fixes gh-4425
2017-10-29 23:43:13 -05:00
e0aca04a28
Polish AssertJ assertions
...
Polish AssertJ assertions
2017-10-29 22:22:34 -05:00
8da2c7f657
Add WebFlux CSRF Protection
...
Fixes gh-4734
2017-10-28 22:59:24 -05:00
c467dcdbe1
SecurityMockServerConfiguers fixes
...
Issue: gh-4719
2017-10-27 18:17:36 -05:00
77aedcf502
SecurityMockServerConfigurers updates
...
Issue: gh-4719
2017-10-27 18:17:33 -05:00
3bceadd369
Only populate a Context once
...
Fixes gh-4718
2017-10-27 17:35:54 -05:00
be593b95a8
Prefer existing Context in ReactorContextTestExecutionListener
...
Issue gh-4718
2017-10-27 17:35:54 -05:00
9363e2ba41
Polish ReactorContextTestExecutionListenerTests
...
Necessary for preparing for the changes that will be made. The Context
should not necessarily be empty, but it should not contain the SecurityContext
Issue gh-4718
2017-10-27 17:35:54 -05:00
3abec60188
SecurityMockServerConfigurers checkstyle
2017-10-27 17:33:08 -05:00
747473257f
Use ReactorSecurityContextHolder
...
Issue gh-4713
2017-10-26 20:11:42 -05:00
8291f20796
DaoAuthenticationProvider uses DelegatingPasswordEncoder
...
This means that passwords will be encoded with BCrypt by default
Fixes: gh-2775
2017-10-24 07:56:28 -05:00
25052214ae
Polish
2017-10-16 18:33:27 -05:00
23f56f568c
Update MockitJunitRunner import
...
Issue: gh-4608
2017-10-09 16:13:33 -05:00
445834784a
Update to Mockito 2.10.0
...
Issue: gh-4608
2017-10-09 16:13:11 -05:00
1f4082e754
Fix copyright lines
2017-09-18 11:11:25 -05:00
3ecf3ea034
Fix double * in Copyright headers
2017-09-18 10:47:26 -05:00
d9bad2bc9d
Mono.currentContext()->subscriberContext()
...
Fixing refactoring by Reactor
2017-09-01 17:20:47 -05:00
f59fc357b8
Polish ReactorContextTestExecutionListenerTests
...
Code Style fixes
2017-08-30 14:27:14 -05:00
4fd17e4c2e
Fix ReactorContext after changes to Reactor
2017-08-30 14:25:40 -05:00
7ae4506a88
Add ReactorContextTestExecutionListener
...
Fixes gh-4502
2017-08-17 16:42:01 -05:00
e16b8e7976
Fix logback-test.xml
2017-08-17 16:42:01 -05:00
544f39f826
Add Annotated Support for WebTestClient
...
Fixes gh-4457
2017-07-15 22:05:54 -05:00
6590fc31cd
Use withMutator
...
Fixes gh-4455
2017-07-14 11:01:52 -05:00
03f2d654ad
Fix WebTestClient Support
...
Fixes gh-4419
2017-07-13 21:02:07 -05:00
915de03f42
Polish ExchangeMutatorWebFilter Support
...
Issue gh-4343
2017-05-31 13:23:55 -05:00
7bc98db23c
Add WebTestClient test support
...
SecurityExchangeMutators
Fixes gh-4343
2017-05-19 15:09:23 -05:00
e631805635
Remove RedirectMatcher
...
This is no longer necessary now that Spring 5 is the minimum version.
Fixes gh-4092
2017-05-11 14:38:18 -05:00
d81b436e5d
Remove pom.xml from build
...
Gradle is easy enough to import into IDEs, so pom.xml should no
longer be necessary.
This commit removes the pom.xml files from the build.
Fixes gh-4283
2017-05-11 14:32:36 -05:00
85719fcd64
Use Base64 implementation provided by Java 8
2017-05-10 00:27:36 -05:00
dd6fc48dd8
Standardize Build
...
The build now uses spring build conventions to simplify the build
Fixes gh-4284
2017-04-21 10:55:05 -05:00
2ce174dbf0
Update poms to 5.0.0.BUILD-SNAPSHOT
2017-04-07 16:49:50 -04:00
d2524eadfc
Update poms to new to SNAPSHOT version
2017-03-02 09:20:34 -06:00
081f0c4d94
Release version 4.2.2.RELEASE
2017-03-02 07:29:42 +00:00
9c03571bbb
Use message in all Assert
...
This ensures compatibility with Spring 5.
Fixes gh-4193
2017-01-30 19:58:24 -06:00
7a7ce11ebb
Release version 4.2.1.RELEASE
2016-12-21 17:23:28 +00:00
24fcb6c45a
Release version 4.2.0.RELEASE
2016-11-09 23:42:11 +00:00
97b4cb0b73
Release version 4.2.0.RC1
2016-10-26 02:49:23 +00:00
6a3a5f7beb
Polish Deprecations
...
Issue gh-4080
2016-10-17 17:02:59 -05:00
52c6e3cf89
Create RedirectMatcher
...
This commit creates RedirectMatcher for binary backward compatability with
Spring 4.3.x and Spring 5 to ensure that the Spring IO tests pass.
Issue gh-4080
2016-10-17 17:02:58 -05:00
17cfd4707b
Fix deprecations
...
Issue gh-4080
2016-10-17 17:00:18 -05:00
8a7ac398e6
Remove TheController from Bean
...
It is already picked up with classpath scanning
Issue gh-4080
2016-10-17 17:00:17 -05:00
c1b8150439
Release version 4.2.0.M1
2016-09-23 19:39:33 +00:00
4d02a5c0a0
Update pom.xml dependencies
2016-08-30 11:27:29 -05:00
050198e51b
Fix csrf() when used then not used
...
Previously if csrf() was used and subsequently not used, the
TestCsrfTokenRepository was still used. This makes it difficult to test
the actual CsrfTokenRepository implementation.
Now the TestCsrfTokenRepository is only used if explicitly enabled.
Fixes gh-4016
2016-08-09 17:09:16 -04:00
919f000c80
Release version 4.1.1.RELEASE
2016-07-07 00:57:35 +00:00
8ad91ef6a5
WithSecurityContextTestExecutionListener > SqlScriptsTestExecutionListener
...
WithSecurityContextTestExecutionListener should order after
SqlScriptsTestExecutionListener so sql can setup the current user's info
in the database.
Fixes gh-3962
2016-07-06 16:09:17 -05:00
bbeb7f94d7
Fix checkstyle
...
Issue gh-3920
2016-06-20 19:36:51 -05:00
a2a06d19c1
Add formLogin() Accept Test
...
Issue gh-3920
2016-06-20 16:23:29 -05:00
314828859e
Added accept method call to buildRequest in SecurityMockMvcRequestBuilders with default of MediaType.APPLICATION_FORM_URLENCODED
2016-06-20 15:46:01 -05:00
a2ead4cf7a
Polish
...
Fixes gh-3892
2016-06-20 12:35:43 -05:00
2d6051625f
Update pom.xml
2016-06-17 14:30:11 -05:00
101190ad8b
Format WithSecurityContextTestExecutionListener
2016-05-20 10:46:26 -05:00
336de35874
Polish WithSecurityContextTestExecutionListener
...
Extract method for reuse
SecurityContext createSecurityContext(AnnotatedElement annotated,
WithSecurityContext withSecurityContext,
TestContext context)
Issue gh-3888
2016-05-20 10:46:26 -05:00
a53d022312
Support WithSecurityContextFactory on superclass
...
Fixes gh-3888
2016-05-20 10:46:14 -05:00
7b61a44929
Fix test .standaloneSetup
...
Previously, Spring Security's test support did not work well with the
standalone setup. This was because the springSecurityFilterChain was not
found by the WebTestUtils.
This commit ensures that the springSecurityFilterChain is added as a
servlet attribute if it is explicitly defined. WebTestUtils can then
find the springSecurityFilterChain in the ServletContext.
Fixes gh-3881
2016-05-16 11:02:40 -04:00
602bb457b8
Formatting
...
Issue gh-3881
2016-05-16 11:02:40 -04:00
001b05569a
Release version 4.1.0.RELEASE
2016-05-05 04:25:46 +00:00
78bf6e2bd5
WithSecurityContextTestExecutionListener supports generic Annotation
...
Previously Spring Security's WithSecurityContextTestExecutionListener
allowed a WithSecurityContextFactory<Annotation> to be used. This
was broken in SEC-3074.
This commit ensures that WithSecurityContextFactory<Annotation> is
supported again.
Fixes gh-3837
2016-05-03 15:41:25 -04:00
ceef70946b
Resolve springSecurityFilterChain to Filter
...
When enabling debug for spring security, the FilterChainProxy will be wrapped by the DebugFilter.
This DebugFilter will be registered as bean springSecurityFilterChain. The WebTestUtils will now search for the bean by name instead of FilterChainProxy class.
In this case we have to cast to a Java ServletFilter to support both filter...
Fixes gh-3836
2016-04-26 15:53:38 -04:00
24d0069668
Release version 4.1.0.RC2
2016-04-21 01:47:25 +00:00
b2b53f7a81
Fix unauthenitcated() and AnonymousAuthenticationToken
...
Previously if unauthenticated() experienced an AnonymousAuthenticationToken
it would not match.
This commit ensures that if the user is anonymous (not just null)
unauthenticated() works.
Fixes gh-3409
2016-04-19 15:08:47 -05:00
8a28a27225
Formatting Polish
2016-04-19 14:24:11 -05:00
d3a9cc6eae
Add CsrfTokenRepository ( #3805 )
...
* Create LazyCsrfTokenRepository
Fixes gh-3790
* Add CookieCsrfTokenRepository
Fixes gh-3009
2016-04-12 17:26:53 -04:00
b90242f2fa
Updates all POM versions to 4.1.0 snapshot build.
...
Fixes gh-3804
2016-04-12 10:35:43 -04:00
a5a5d9a1a9
Add support to subclass of GrantedAuthority in SecurityMockMvcResultMatchers withAuthorities ( #3793 )
...
SecurityMockMvcResultMatchers.withAuthorities(Collection<? extends GrantedAuthority>)
Fixes gh-3791
2016-04-08 08:55:53 -05:00
8abb882927
Rename poorly named withUser variable
...
WithSecurityContextTestExecutionListener used the variable name withUser
in mulitple places when it should have been named withSecurityContext.
This commit renames the variables to withSecurityContext.
Fixes gh-3775
2016-04-01 10:27:14 -05:00
044acf7e27
Release version 4.1.0.RC1
2016-03-23 07:15:15 -07:00
ec4e6c7453
Update pom.xml to 4.1.0.BUILD-SNAPSHOT
2016-03-14 00:51:35 -05:00
f221920a19
Clean up code to conform to basic checkstyle
...
Issue gh-3746
2016-03-14 00:15:12 -05:00
df5e3ba6ee
Polish Imports
2016-03-09 16:24:50 -06:00
835ac0a217
Add @WithUserDetails userDetailsServiceBeanName
...
Fixes gh-3346
2016-03-09 15:59:23 -06:00
618b8a2d83
Fix WebTestUtils when no matching HttpSecurity found
...
Previously a NullPointerException would be thrown if no HttpSecurity
matched on the request passed in. This was because findFilters would
return null rather than an empty List.
This commit returns null if findFilters gets a null result.
Fixes gh-3343
2016-03-09 15:20:10 -06:00
71d4ce96ad
Convert to assertj
...
Fixes gh-3175
2016-03-09 14:30:17 -06:00
bb600a473e
Start AssertJ Migration
...
Issue gh-3175
2016-03-09 14:26:30 -06:00
dd092431a0
SEC-2941: Default RequestPostProcessor overrides
...
Previously a default RequestPostProcessor overrode additional
RequestPostProcessor instances added to the request. This was due to
SPR-12945. Now that SPR-12945 is fixed, this commit adds a test to
ensure this stays fixed.
2015-10-21 16:06:49 -05:00
29f2cc0ab1
snasphot -> snapshot
2015-09-25 15:28:39 -05:00
81e2778106
SEC-3097: Change CsrfRequestPostProcessor to use TestCsrfTokenRepository
...
This ensures that when using a wrapped HttpServletRequest (i.e. Spring
Session) that the CSRF token test support still works.
2015-09-02 00:21:40 -05:00
ea94706319
SEC-3097: Use MockMvc for SecurityMockMVcRequestPostProcessorsCsrfTests
...
This is necessary because the changes for this issue are going to make
the mocked version of the tests invalid.
2015-09-02 00:21:39 -05:00
35393098f8
SEC-3094: Add @WithAnonymousUser & anonymous() MockMvcRequestPostProcessor
2015-08-27 15:17:44 -05:00
5f328b1178
SEC-2709: Fix WithSecurityContextTestExecutionListener Order
2015-08-20 10:41:09 -05:00
327695ab0c
SEC-3084: Doc SecurityContextRequestPostProcessorSupport & SecurityContextHolder
2015-08-20 09:30:24 -05:00
567c51e109
SEC-3074: Add Test Meta Annotation Support
2015-08-19 16:05:54 -05:00
969f3a7d1b
Update pom.xml to latest snapshots
2015-08-03 09:46:01 -05:00
ad1d858e2b
SEC-3056 - Fix JavaDoc errors.
...
Fixed JavaDoc errors accross multiple modules in order to make javadoc happy with Java 8.
2015-08-03 08:02:24 -05:00
e8c9f75f9c
Update pom.xml to latest versions
2015-07-22 12:51:04 -05:00
Joe Grandja
Dávid Kovács
Markus Engelbrecht
Josh Cummings
Eleftheria Stein
Drummond Dawson
Rob Winch
Lars Grefer
sandmannn
Jérôme Wacongne
Spring Operator
Aanuoluwapo Otitoola
Tadaya Tsuyukubo
Vedran Pavic
mhyeon.lee
Oleh Dokuka
Johnny Lim
Antoine
Rob Winch
Spring Buildmaster
Micah Silverman
Eddú Meléndez
Jens Goldhammer
Billy Korando
zhanhb
Thomas Darimont