Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-06-25 05:22:16 +00:00
Code Issues Packages Projects Releases Wiki Activity
6,473 Commits 55 Branches 348 Tags
Commit Graph

6473 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Trygve Aasjord
8d717c62af Pass username as second parameter for search filter. 
Allows the username only (without domain) to be used in custom search filter like "sAMAccountName={1}",
in eg. situations where the userPrincipalName has a different suffix than domain.

Thanks to contributors in issue.

fixes gh-2448
 2017-10-29 23:58:58 -05:00
Johnny Lim
cdcf65de1e Polish 
Fixes gh-4425
 2017-10-29 23:43:13 -05:00
Rob Winch
93ac706d86 Polish XFrameOptionsHeaderWriter 
Issue: gh-4559
 2017-10-29 23:32:53 -05:00
Nathan Wong
02a78b17b9 Add check to see if return value is DENY 
Originally, if the return from getAllowFromValue(request) is "DENY",
then the X-Frame-Options header's value will proceed to be written as
"ALLOW FROM DENY" - an invalid value.

This commit adds a condition in the if clause that checks whether
allowFromValue is "DENY". This way, the X-Frame-Options header will be
written as "ALLOW FROM origin" or "DENY".
 2017-10-29 23:32:53 -05:00
Antoine
bed4ec7d18 Fix leading space characters reported by checkstyle 2017-10-29 22:22:34 -05:00
Antoine
0771778b81 Polish more AssertJ assertions 2017-10-29 22:22:34 -05:00
Antoine
e0aca04a28 Polish AssertJ assertions 
Polish AssertJ assertions
 2017-10-29 22:22:34 -05:00
Arend v. Reinersdorff
a558d408a3 Minor typos PreAuthenticatedAuthenticationProvider 2017-10-29 22:12:04 -05:00
Kyle Anderson
a139a0052d Fix Typo in Reference Docs 2017-10-29 22:09:46 -05:00
Rob Winch
77de91ad60 Polish unbounded support 
- Update unboundid-ldapsdk-4.0.1
- Fix ordering of dependencies

Issue gh-4672
 2017-10-29 21:59:55 -05:00
Eddú Meléndez
70165869b1 Add UnboundId LDAP inmemory support 
This commit adds the capability to run a LDAP inmemory different than
apacheds. Both providers `apacheds` and `unboundid` are supported.
 2017-10-29 21:59:55 -05:00
Joe Grandja
9a4513356d Configure default OAuth2AuthorizedClientService 
Fixes gh-4751
 2017-10-29 22:45:57 -04:00
Paul Wheeler
6decf1c8ef Allow use of non-numeric (e.g. UUID) values for ObjectIdentity.getIdentifier() 
Prior to this commit, the ObjectIdentity id had to be a number. This
commit allows for domain objects to use UUIDs as their identifier. The
fully qualified class name of the identifier type can be specified
in the acl_object_identity table and a ConversionService can be provided
to BasicLookupStrategy to convert from String to the actual identifier
type.

There are the following other changes:

 - BasicLookupStrategy has a new property, aclClassIdSupported, which
 is used to retrieve the new column from the database. This preserves
 backwards-compatibility, as it is false by default.

 - JdbcMutableAclService has the same property, aclClassIdSupported,
 which is needed to modify the insert statement to write to the
 new column. Defaults to false for backwards-compatibility.

 - Tests have been updated to verify both the existing functionality
 for backwards-compatibility and the new functionality.

Fixes gh-1224
 2017-10-29 21:29:12 -05:00
Joris Portegies Zwart
de9fe3e3b1 Fix the JavaDoc for Pbkdf2PasswordEncoder so that it uses the actual values for default hash width and number of iterations 2017-10-29 21:08:38 -05:00
Rob Winch
4fa9b4dd15 Add ServerHttpSecurity.exceptionHandling() 
Fixes gh-4750
 2017-10-29 21:00:10 -05:00
Rob Winch
d9584384c4 Move collectClaims to OidcUserAuthority 
Fixes gh-4749
 2017-10-29 20:41:05 -05:00
Joe Grandja
5fa822d114 Expose custom config for OidcUserService 
Fixes gh-4715
 2017-10-29 21:33:51 -04:00
Joe Grandja
a261c9a047 Polish OAuth2LoginConfigurer 
Fixes gh-4747
 2017-10-29 21:33:51 -04:00
Rob Winch
3d065b5afd Add getIdToken getUser to OidcUser 
Fixes gh-4748
 2017-10-29 20:10:55 -05:00
Rob Winch
c1c726f123 Polish InMemoryClientRegistrationRepository 
Issue: gh-4745
 2017-10-29 20:03:36 -05:00
Rob Winch
a3e38fec47 Remove AuthorizationRequestUriBuilder 
Make this API private since we don't have concrete use cases for exposing
it yet.

Fixes gh-4742
 2017-10-29 19:50:02 -05:00
Joe Grandja
c3d2effc1d Polish OAuth2AuthorizedClientService 
Fixes gh-4746
 2017-10-29 20:25:03 -04:00
Joe Grandja
b496ad4d86 Polish OAuth2LoginAuthenticationToken 
Fixes gh-4744
 2017-10-29 19:21:41 -04:00
Rob Winch
8032baa296 Polish InMemoryClientRegistrationRepository 
- use Map.get
- Construct with stream()
- Add tests
- Remove unnecessary unmodifiableCollection (already unmodifiable)

Fixes gh-4745
 2017-10-29 18:07:49 -05:00
Rob Winch
f0c2944377 OAuth2AuthorizationResponse getAccessToken 
No longer delegate to OAuth2AccessToken but add getAccessToken()

Fixes gh-4743
 2017-10-29 17:12:46 -05:00
Joe Grandja
e4887057bc Rename AuthorizationGrantTokenExchanger -> OAuth2AccessTokenResponseClient 
Fixes gh-4741
 2017-10-29 17:49:15 -04:00
Joe Grandja
2a00232a5b Remove UserInfoRetreiver 
Fixes gh-4740
 2017-10-29 17:49:15 -04:00
Rob Winch
e2dd037b4a Default WebFlux headers and Logout 2017-10-29 15:06:06 -05:00
Rob Winch
fb632624d2 Update dependency versions 
Fixes gh-4739
 2017-10-29 14:31:57 -05:00
Rob Winch
44320447fe Update to Spring 5.0.1.RELEASE 
Issue gh-4739
 2017-10-29 14:31:45 -05:00
Joe Grandja
6fbd435bdf OAuth2LoginAuthenticationFilter requires collaborators 
Fixes gh-4661
 2017-10-29 04:41:23 -04:00
Joe Grandja
5a7466512e Expose default constructor in AbstractAuthenticationFilterConfigurer 
Fixes gh-4737
 2017-10-29 04:41:23 -04:00
Rob Winch
5a5ec58ca4 Add LogoutPageGeneratingWebFilter 
Fixes gh-4735
 2017-10-29 00:12:23 -05:00
Rob Winch
0734d70d02 Logout requires POST 
Issue: gh-4734
 2017-10-29 00:11:59 -05:00
Rob Winch
8da2c7f657 Add WebFlux CSRF Protection 
Fixes gh-4734
 2017-10-28 22:59:24 -05:00
Rob Winch
f040bd054d Javadoc @EnableWebFluxSecurity 2017-10-28 22:59:24 -05:00
Rob Winch
b394ae5d5e Polish 
Restructure WebFluxSecurityConfiguration for easier copy paste of
default ServerHttpSecurity Bean
 2017-10-28 22:59:24 -05:00
Rob Winch
192776858d HttpStatusServerAccessDeniedHandler write error message 2017-10-28 22:59:24 -05:00
Rob Winch
77acb34bcd Add spring-security-test to spring-security-config test dependencies 2017-10-28 22:58:55 -05:00
Rob Winch
e63c53e267 Add AuthorizationWebFilterTests 2017-10-28 22:58:55 -05:00
Joe Grandja
b471dd1c54 Remove OAuth2TokenRepository 
Fixes gh-4727
 2017-10-28 21:40:33 -04:00
Joe Grandja
b1d56b5821 NimbusAuthorizationCodeTokenExchanger uses authorizationRequest.redirectUri 
Fixes gh-4701
 2017-10-28 21:30:40 -04:00
Joe Grandja
006319f19a UserInfoRetriever supports ParameterizedTypeReference 
Fixes gh-4693
 2017-10-28 19:26:04 -04:00
Joe Grandja
9dc4aa6c81 Make OidcUserInfo Serializable 
Fixes gh-4733
 2017-10-28 18:35:21 -04:00
Joe Grandja
8e0d88d3e9 Remove GitHubOAuth2User from oauth2Login sample 
Fixes gh-4732
 2017-10-28 18:25:45 -04:00
Joe Grandja
83dc902ff7 Map CustomUserTypesOAuth2UserService using clientRegistrationId 
Fixes gh-4692
 2017-10-28 18:11:39 -04:00
Joe Grandja
ddf87b54f7 Polish OAuth2LoginConfigurer 
Fixes gh-4731
 2017-10-28 17:48:45 -04:00
Joe Grandja
0c68eb1821 Re-factor OAuth2AuthorizationCodeAuthenticationToken 
Fixes gh-4730
 2017-10-28 17:15:31 -04:00
Joe Grandja
64d8c8b8a9 Re-factor AuthorizationGrantTokenExchanger 
Fixes gh-4728
 2017-10-28 17:12:14 -04:00
Joe Grandja
16e69d06b4 Add OAuth2AuthorizedClientService 
Fixes gh-4726
 2017-10-28 17:12:14 -04:00