91832bfc8e
Add EnableWebSecurity + EnableWebSocketSecurity Test
...
Issue gh-16011
2024-11-20 13:28:06 -07:00
c2cfe92a02
Merge branch '6.3.x'
2024-11-18 05:16:16 -05:00
709103e38c
Merge branch '6.2.x' into 6.3.x
2024-11-18 04:45:38 -05:00
a8c4d6cead
Require Locale argument for toLower/toUpperCase usage
2024-11-18 04:22:26 -05:00
2639ac6545
webauthn: introduce WebAuthnConfigurer#disableDefaultRegistrationPage
2024-11-14 12:11:43 -06:00
de7c452e42
webauthn: use DefaultResourcesFilter#webauthn
...
- Unconditionally use the DefaultResourcesFilter, because the javascript file is required by the
DefaultWebAythnPageGeneratingFilter, which is always registered.
2024-11-14 12:11:43 -06:00
5a95952c95
Merge branch '6.3.x'
...
Closes gh-16063
2024-11-11 15:17:02 -06:00
e1ad989d38
Merge branch '6.2.x' into 6.3.x
...
Closes gh-16062
2024-11-11 14:58:39 -06:00
81e74e65d4
Support ServerExchangeRejectedHandler @Bean
...
Closes gh-16061
2024-11-11 14:58:00 -06:00
f46e56de78
Improve Error Message for Conflicting Filter Chains
...
Closes gh-15874
2024-11-07 13:01:16 -07:00
8a6e1297a1
Add Warning Message for Missing Leading Slashes
...
Closes gh-16020
2024-10-31 12:22:17 -06:00
d9d77bed82
Allow logout+jwt JWT type for reactive
...
The OIDC back-channel spec recommends using a logout token typ `logout+jwt`
(see [here](https://openid.net/specs/openid-connect-backchannel-1_0-final.html#LogoutToken ).
Support of this type was recently added [on the servlet side]([on the Servlet side](9101bf1f7d
2024-10-28 14:21:48 -07:00
27294b2e11
Allow RelyingPartyRegistration Placeholder Resolution in XML
...
Closes gh-14645
2024-10-25 16:12:27 -06:00
689a4141df
Remove unused import
2024-10-25 13:42:33 -07:00
ffed4ea1dc
Polish diamond usage
2024-10-25 13:42:33 -07:00
1ba6301afa
Support ServerWebExchangeFirewall @Bean
...
Closes gh-15987
2024-10-25 12:13:41 -05:00
8d5fddda9d
Merge branch '6.3.x'
...
Support ServerWebExchangeFirewall @Bean
Closes gh-15974in 6.4.x
2024-10-25 12:07:01 -05:00
adc66e134b
Merge branch '6.2.x' into 6.3.x
...
Support ServerWebExchangeFirewall @Bean
Closes gh-15991
2024-10-25 11:56:53 -05:00
3ba1263d64
Support ServerWebExchangeFirewall @Bean
...
Closes gh-15987
2024-10-24 16:47:36 -05:00
b2e0539ff5
Add localization to DefaultLoginPageConfigurerTests test in order to avoid failure when system language is different
2024-10-24 11:34:34 -05:00
8bac87fb20
Merge branch '6.3.x'
2024-10-23 15:24:32 -07:00
c104f44546
Merge branch '6.2.x' into 6.3.x
2024-10-23 15:23:15 -07:00
18dba34bde
Make RequestMatcherDelegatingAuthorizationManager Post-Processable
...
Closes gh-15948
2024-10-23 15:15:10 -07:00
b0e8730d70
Add Passkeys Support
...
Closes gh-13305
2024-10-20 22:54:53 -05:00
7f537241e7
Use SessionAuthenticationStrategy for Remember-Me authentication
...
Closes gh-2253
2024-10-15 14:07:07 -07:00
d37d41c130
Polish One-Time Token API Names and Doc
...
The names of variables and methods have been adjusted in accordance with the names of the one-time token login API components.
Issue gh-15114
2024-10-15 14:04:56 -07:00
e9fe6360bc
Add Reactive One-Time Token Login Kotlin DSL Support
...
Closes gh-15887
2024-10-15 14:04:56 -07:00
c40334317d
Polish One-Time Token Component Names
...
Aligning parts of speech so that names are using nouns/verbs
where comparable components are using nouns/verbs.
Issue gh-15114
2024-10-14 14:07:47 -06:00
b8aa78829c
Improve readability of empty collection checks
2024-10-14 12:16:39 -07:00
31f8caec5f
Polish diamond operator usage
2024-10-14 11:51:35 -07:00
9ce5a76e8c
Polish AuthorizationManager#authorize
...
Issue gh-14843
2024-10-14 11:48:57 -07:00
e7644925f8
Add AuthorizationResult support for AuthorizationManager
...
Closes gh-14843
2024-10-14 11:48:57 -07:00
702538ebce
AuthorizationEventPublisher Accepts AuthorizationResult
...
Closes gh-15915
Co-authored-by: Max Batischev <mblancer@mail.ru>
2024-10-14 11:48:57 -07:00
ef1226ddf8
Use Oauth2UserService bean in OidcReactiveOAuth2UserService
...
Closes gh-15846
2024-10-14 11:41:04 -07:00
2edaedf099
Improve encapsulation for jwtValidators
2024-10-07 16:41:50 -07:00
b26f2af5d5
Polish
...
Formatting as well as adding a missing defer
Issue gh-15699
2024-10-07 16:39:54 -07:00
2ca2e56383
Add Reactive One-Time Token Login support
...
Closes gh-15699
2024-10-07 16:39:54 -07:00
aceb5fa6bb
Allow logout+jwt JWT type for reactive
...
The OIDC back-channel spec recommends using a logout token typ `logout+jwt`
(see [here](https://openid.net/specs/openid-connect-backchannel-1_0-final.html#LogoutToken ).
Support of this type was recently added [on the servlet side]([on the Servlet side](9101bf1f7d
2024-09-30 16:32:45 -07:00
29331a0d8c
Merge branch '6.3.x'
2024-09-30 17:24:03 -06:00
746464e035
Merge branch '6.2.x' into 6.3.x
2024-09-30 17:21:13 -06:00
c1857c0308
Fix Formatting
...
Issue gh-15771
2024-09-30 16:19:26 -07:00
690e012fb1
Improve OidcBackChannelLogoutTokenValidator error when provider issuer is missing
...
Closes gh-15771
2024-09-30 16:19:26 -07:00
8b97fdde43
Polish OAuth2ClientConfiguration
2024-09-30 16:16:45 -07:00
ee9a887ae5
Fix Package Tangle
...
Move ObjectPostProcessor to be alongside Customizer, another
functional interface for describing Spring Security object
configuration.
2024-09-26 14:08:25 -06:00
d6b620b9f7
Make Observations Selectable
...
Closes gh-15678
2024-09-26 11:30:40 -06:00
69e3c248fa
Abstract ObservationRegistry Behind ObjectPostProcessor
...
Issue gh-15678
2024-09-26 11:30:40 -06:00
1ed20aa210
Add ObservationRegistry Tests
...
Issue gh-11989
Issue gh-11990
2024-09-26 11:30:40 -06:00
717529deb4
Add Generic Type to ObjectPostProcessor Lookups
...
Issue gh-15678
2024-09-26 11:30:39 -06:00
e618fc425d
Favor ObjectProvider
...
Closes gh-15805
2024-09-23 16:11:43 -07:00
9dda65a5e3
Polish CorsSpecTests
...
Use concrete ApplicationContext to simplify future maintenance.
Issue gh-4832
2024-09-23 16:11:43 -07:00
Josh Cummings
Joe Grandja
Daniel Garnier-Moiroux
Rob Winch
Josh Cummings
Cedric Montfort
Tran Ngoc Nhan
Tomasz Letachowicz
Scott Murphy Heiberg
xhaggi
Max Batischev
kwonyonghyun
DingHao
chao.wang
Thomas Darimont