Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2026-03-30 14:08:11 +00:00
Code Issues Packages Projects Releases Wiki Activity
20,565 Commits 49 Branches 376 Tags
Commit Graph

20565 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Robert Winch
8b2ac9c99f
Merge Add Jackson Mixin for WebAuthnAuthentication 2026-03-16 10:33:52 -05:00
Toshiaki Maki
47146f375b
Add Jackson Mixin for WebAuthnAuthentication 
Closes gh-18034

Signed-off-by: Toshiaki Maki <makingx@gmail.com>
 2026-03-16 10:33:00 -05:00
github-actions[bot]
63d31d0566 Update Antora Spring UI to v0.4.26 2026-03-16 09:51:18 -04:00
Robert Winch
c23fda603f
Merge branch '7.0.x' 2026-03-16 08:50:37 -05:00
Robert Winch
e7080e8c7c
Update Antora UI Spring to v0.4.26 2026-03-16 08:50:29 -05:00
Robert Winch
29ebc1e6c3
Merge branch '7.0.x' 2026-03-16 08:48:36 -05:00
Robert Winch
c348a7aa46
Bump io.projectreactor:reactor-bom from 2025.0.3 to 2025.0.4 2026-03-16 08:44:25 -05:00
Robert Winch
f227934749
Bump org.apache.maven:maven-resolver-provider from 3.9.13 to 3.9.14 2026-03-16 08:44:19 -05:00
Robert Winch
e645aef3be
Bump org.springframework.data:spring-data-bom from 2025.1.3 to 2025.1.4 2026-03-16 08:44:13 -05:00
Robert Winch
b238632fdc
Bump org.springframework:spring-framework-bom from 7.0.5 to 7.0.6 2026-03-16 08:44:07 -05:00
Robert Winch
e1c30e088d
Merge branch '7.0.x' 2026-03-16 08:43:14 -05:00
Robert Winch
3f05f4d30c
Merge branch '6.5.x' into 7.0.x 2026-03-16 08:42:55 -05:00
Robert Winch
cdd4b36d37
Update Antora UI Spring to v0.4.26 2026-03-16 08:26:19 -05:00
Robert Winch
7672f76fde
Bump io.projectreactor:reactor-bom from 2024.0.15 to 2024.0.16 2026-03-16 08:26:12 -05:00
Robert Winch
3db4999da4
Bump org.apache.maven:maven-resolver-provider from 3.9.13 to 3.9.14 2026-03-16 08:26:04 -05:00
dependabot[bot]
59ef1c490f Bump org.springframework:spring-framework-bom from 7.0.5 to 7.0.6 
Bumps [org.springframework:spring-framework-bom](https://github.com/spring-projects/spring-framework) from 7.0.5 to 7.0.6.
- [Release notes](https://github.com/spring-projects/spring-framework/releases)
- [Commits](https://github.com/spring-projects/spring-framework/compare/v7.0.5...v7.0.6)

---
updated-dependencies:
- dependency-name: org.springframework:spring-framework-bom
  dependency-version: 7.0.6
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-03-16 03:17:36 +00:00
dependabot[bot]
5339565cbf Bump org.springframework.data:spring-data-bom from 2025.1.3 to 2025.1.4 
Bumps [org.springframework.data:spring-data-bom](https://github.com/spring-projects/spring-data-bom) from 2025.1.3 to 2025.1.4.
- [Release notes](https://github.com/spring-projects/spring-data-bom/releases)
- [Commits](https://github.com/spring-projects/spring-data-bom/compare/2025.1.3...2025.1.4)

---
updated-dependencies:
- dependency-name: org.springframework.data:spring-data-bom
  dependency-version: 2025.1.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-03-16 03:17:23 +00:00
dependabot[bot]
21593ab39f Bump org.hibernate.orm:hibernate-core from 7.2.6.Final to 7.2.7.Final 
Bumps [org.hibernate.orm:hibernate-core](https://github.com/hibernate/hibernate-orm) from 7.2.6.Final to 7.2.7.Final.
- [Release notes](https://github.com/hibernate/hibernate-orm/releases)
- [Changelog](https://github.com/hibernate/hibernate-orm/blob/7.2.7/changelog.txt)
- [Commits](https://github.com/hibernate/hibernate-orm/compare/7.2.6...7.2.7)

---
updated-dependencies:
- dependency-name: org.hibernate.orm:hibernate-core
  dependency-version: 7.2.7.Final
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-03-16 03:16:53 +00:00
dependabot[bot]
3813627a15
Bump org.springframework:spring-framework-bom from 7.0.5 to 7.0.6 
Bumps [org.springframework:spring-framework-bom](https://github.com/spring-projects/spring-framework) from 7.0.5 to 7.0.6.
- [Release notes](https://github.com/spring-projects/spring-framework/releases)
- [Commits](https://github.com/spring-projects/spring-framework/compare/v7.0.5...v7.0.6)

---
updated-dependencies:
- dependency-name: org.springframework:spring-framework-bom
  dependency-version: 7.0.6
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-03-16 03:13:40 +00:00
dependabot[bot]
9616e6b640
Bump org.springframework.data:spring-data-bom from 2025.1.3 to 2025.1.4 
Bumps [org.springframework.data:spring-data-bom](https://github.com/spring-projects/spring-data-bom) from 2025.1.3 to 2025.1.4.
- [Release notes](https://github.com/spring-projects/spring-data-bom/releases)
- [Commits](https://github.com/spring-projects/spring-data-bom/compare/2025.1.3...2025.1.4)

---
updated-dependencies:
- dependency-name: org.springframework.data:spring-data-bom
  dependency-version: 2025.1.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-03-16 03:13:21 +00:00
dependabot[bot]
a708d2f61b
Bump org.springframework:spring-framework-bom from 6.2.16 to 6.2.17 
Bumps [org.springframework:spring-framework-bom](https://github.com/spring-projects/spring-framework) from 6.2.16 to 6.2.17.
- [Release notes](https://github.com/spring-projects/spring-framework/releases)
- [Commits](https://github.com/spring-projects/spring-framework/compare/v6.2.16...v6.2.17)

---
updated-dependencies:
- dependency-name: org.springframework:spring-framework-bom
  dependency-version: 6.2.17
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-03-16 03:07:46 +00:00
github-actions[bot]
2c1c50ddca Update Antora Spring UI to v0.4.26 2026-03-13 17:45:06 +00:00
github-actions[bot]
03a5de1955 Update Antora Spring UI to v0.4.26 2026-03-13 17:45:05 +00:00
Joe Grandja
22a98583f1 Enable null-safety in spring-security-oauth2-jose 
Closes gh-17821
 2026-03-13 11:58:29 -04:00
Joe Grandja
78f762fab8 Remove checkstyle suppressions for spring-security-oauth2-jose 
Issue gh-17821
 2026-03-13 11:38:08 -04:00
dependabot[bot]
a29422950a Bump org.apache.maven:maven-resolver-provider from 3.9.13 to 3.9.14 
Bumps org.apache.maven:maven-resolver-provider from 3.9.13 to 3.9.14.

---
updated-dependencies:
- dependency-name: org.apache.maven:maven-resolver-provider
  dependency-version: 3.9.14
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-03-13 03:16:31 +00:00
dependabot[bot]
91167adaa8
Bump org.apache.maven:maven-resolver-provider from 3.9.13 to 3.9.14 
Bumps org.apache.maven:maven-resolver-provider from 3.9.13 to 3.9.14.

---
updated-dependencies:
- dependency-name: org.apache.maven:maven-resolver-provider
  dependency-version: 3.9.14
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-03-13 03:09:24 +00:00
dependabot[bot]
06cbea383e
Bump org.apache.maven:maven-resolver-provider from 3.9.13 to 3.9.14 
Bumps org.apache.maven:maven-resolver-provider from 3.9.13 to 3.9.14.

---
updated-dependencies:
- dependency-name: org.apache.maven:maven-resolver-provider
  dependency-version: 3.9.14
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-03-13 03:07:50 +00:00
Andrey Litvitski
e250236279 Read relayState from authenticationRequest 
Closes gh-18243

Signed-off-by: Andrey Litvitski <andrey1010102008@gmail.com>
 2026-03-12 10:30:11 -06:00
dependabot[bot]
eae1a0a55c Bump org.mockito:mockito-bom from 5.22.0 to 5.23.0 
Bumps [org.mockito:mockito-bom](https://github.com/mockito/mockito) from 5.22.0 to 5.23.0.
- [Release notes](https://github.com/mockito/mockito/releases)
- [Commits](https://github.com/mockito/mockito/compare/v5.22.0...v5.23.0)

---
updated-dependencies:
- dependency-name: org.mockito:mockito-bom
  dependency-version: 5.23.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-03-12 03:18:20 +00:00
Josh Cummings
266d2608f1
Clarify Nullability on Saml2AuthenticationRequestRepository 
Issue gh-17823

Signed-off-by: Josh Cummings <3627351+jzheaux@users.noreply.github.com>
 2026-03-11 16:51:48 -06:00
Josh Cummings
ddb825f7a5
Merge branch '7.0.x' 2026-03-11 16:47:02 -06:00
Josh Cummings
5b4fc73878
Merge branch '6.5.x' into 7.0.x 2026-03-11 16:46:51 -06:00
Josh Cummings
ef76ba040d
Require non-null authenticationRequest 
Closes gh-18880

Signed-off-by: Josh Cummings <3627351+jzheaux@users.noreply.github.com>
 2026-03-11 16:45:23 -06:00
Josh Cummings
c342b89760
Remove setRequestEntityConverter 
Given that RestClient does not read RequestEntity objects, let's
leave it out of a class built around using RestClient

Issue gh-18745

Signed-off-by: Josh Cummings <3627351+jzheaux@users.noreply.github.com>
 2026-03-11 15:15:15 -06:00
Josh Cummings
5687867a09
Fix Checkstyle 
Issue gh-18874

Signed-off-by: Josh Cummings <3627351+jzheaux@users.noreply.github.com>
 2026-03-11 14:46:24 -06:00
Joe Grandja
61177aed85 Remove NullAway SuppressWarnings in ClaimAccessor 
Issue gh-17820
 2026-03-11 13:53:30 -04:00
Joe Grandja
36450d6c26 Fix checkstyle error 
Issue gh-18874
 2026-03-11 12:25:13 -04:00
dependabot[bot]
763a8d4691
Bump io.projectreactor:reactor-bom from 2025.0.3 to 2025.0.4 
Bumps [io.projectreactor:reactor-bom](https://github.com/reactor/reactor) from 2025.0.3 to 2025.0.4.
- [Release notes](https://github.com/reactor/reactor/releases)
- [Commits](https://github.com/reactor/reactor/compare/2025.0.3...2025.0.4)

---
updated-dependencies:
- dependency-name: io.projectreactor:reactor-bom
  dependency-version: 2025.0.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-03-11 03:08:26 +00:00
dependabot[bot]
d69af716c8
Bump io.projectreactor:reactor-bom from 2024.0.15 to 2024.0.16 
Bumps [io.projectreactor:reactor-bom](https://github.com/reactor/reactor) from 2024.0.15 to 2024.0.16.
- [Release notes](https://github.com/reactor/reactor/releases)
- [Commits](https://github.com/reactor/reactor/compare/2024.0.15...2024.0.16)

---
updated-dependencies:
- dependency-name: io.projectreactor:reactor-bom
  dependency-version: 2024.0.16
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-03-11 03:06:57 +00:00
Josh Cummings
a980368f26 Move Integration Test from Spring LDAP 
Closes gh-18874

Signed-off-by: Josh Cummings <3627351+jzheaux@users.noreply.github.com>
 2026-03-10 15:44:07 -06:00
Josh Cummings
37992d896b Add to What's New 
Issue gh-18745

Signed-off-by: Josh Cummings <3627351+jzheaux@users.noreply.github.com>
 2026-03-10 15:44:05 -06:00
Joe Grandja
703ffaf143 Merge branch '7.0.x' 2026-03-10 15:59:29 -04:00
Joe Grandja
1906075b0c OAuth2DeviceVerificationEndpointFilter is applied after AuthorizationFilter 
Closes gh-18873
 2026-03-10 15:32:24 -04:00
Josh Cummings
8dcaa6dfcb Polish Documentation 
Signed-off-by: Josh Cummings <3627351+jzheaux@users.noreply.github.com>
 2026-03-10 07:57:43 -06:00
Andrey Litvitski
d1ce69ca99 Specify charset in WWW-Authenticate for Basic Auth 
In this commit, we add support for the charset from RFC-7617, which
definitely solves the problem when the client does not know what charset
we are parsing with.

Closes: gh-18755

Signed-off-by: Andrey Litvitski <andrey1010102008@gmail.com>
 2026-03-10 07:57:43 -06:00
Joe Grandja
c7235ec0a3 Allow custom token settings for OAuth 2.0 dynamic client registration 
Closes gh-18870
 2026-03-10 07:48:37 -04:00
dependabot[bot]
16cc1dd8d6 Bump io.micrometer:micrometer-observation from 1.16.3 to 1.16.4 
Bumps [io.micrometer:micrometer-observation](https://github.com/micrometer-metrics/micrometer) from 1.16.3 to 1.16.4.
- [Release notes](https://github.com/micrometer-metrics/micrometer/releases)
- [Commits](https://github.com/micrometer-metrics/micrometer/compare/v1.16.3...v1.16.4)

---
updated-dependencies:
- dependency-name: io.micrometer:micrometer-observation
  dependency-version: 1.16.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-03-10 03:19:43 +00:00
Josh Cummings
17d2131fe9 Merge remote-tracking branch 'origin/7.0.x' 2026-03-09 17:13:45 -06:00
Ronny Perinke
e8e0da1ec6 Add Null Guard for Setting ReactiveUserDetailsPasswordService 
This use case specifically arises when using `ReactiveUserDetailsService`
without `ReactiveUserDetailsPasswordService`.

Closes gh-17986

Signed-off-by: Ronny Perinke <23166289+sephiroth-j@users.noreply.github.com>
 2026-03-09 17:12:59 -06:00