Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-02-24 07:37:50 +00:00
Code Issues Packages Projects Releases Wiki Activity
9,799 Commits 34 Branches 337 Tags
Commit Graph

1695 Commits

Author SHA1 Message Date
Josh Cummings
5061ae9e79
Add Saml2AuthenticationTokenConverter 
Closes gh-8768
 2020-08-04 18:41:43 -06:00
Josh Cummings
a10c2c6cf8
Polish DefaultSaml2AuthenticationRequestContextResolver 
Issue gh-8360
Issue gh-8887
 2020-08-04 17:29:13 -06:00
Joe Grandja
3bc0b8c144 Revert "Fix snapshot build failure related to reactor-netty" 
This reverts commit f37714a26fb2cc8a93cb1d5259a00c4c0934dd59.
 2020-08-04 14:24:32 -04:00
Joe Grandja
f37714a26f Fix snapshot build failure related to reactor-netty 
Closes gh-8909
 2020-08-04 14:17:03 -04:00
Joe Grandja
8146b1fdda Deprecate CustomUserTypesOAuth2UserService 
Closes gh-8908
 2020-08-04 13:23:44 -04:00
Joe Grandja
0ed919f072 Deprecate ClientRegistration.redirectUriTemplate 
Closes gh-8906
 2020-08-04 11:03:29 -04:00
Joe Grandja
11cc94afd8 Deprecate ImplicitGrantConfigurer 
Closes gh-8902
 2020-08-04 07:26:58 -04:00
Evgeniy Cheban
0a2006ebec Support custom filter in Server Kotlin DSL 
Closes gh-8783
 2020-07-22 05:32:16 -04:00
Dávid Kováč
37aa5f9b7c Introduce AuthenticationConverterServerWebExchangeMatcher 
AuthenticationConverterServerWebExchangeMatcher is ServerWebExchangeMatcher implementation based on AuthenticationConverter which matches if ServerWebExchange can be converted to Authentication.
It can be used as a matcher where SecurityFilterChain should be matched based on used authentication method.
BearerTokenServerWebExchangeMatcher was replaced by this matcher.

Closes gh-8824
 2020-07-21 10:11:57 -06:00
Josh Cummings
cc44a93333
Polish WebSecurityConfigurerAdapter JavaDoc 
Issue gh-8784
 2020-07-20 15:21:18 -06:00
Romil Patel
956a6ee00c
WebSecurityConfigurerAdapter JavaDoc 
Closes gh-8784
 2020-07-20 15:21:18 -06:00
Josh Cummings
2c960d2ad1
Add AuthnRequestConsumerResolver 
Closes gh-8141
 2020-07-16 14:53:22 -06:00
Joe Grandja
7cc6509200 Polish gh-8669 2020-07-15 11:52:42 -04:00
Eleftheria Stein
78ed6c4de6 Add custom HeaderWriter in Kotlin DSL 
Closes gh-8823
 2020-07-10 14:18:48 +02:00
Eleftheria Stein
815ceae45c Allow disabling headers in Kotlin DSL 
Closes gh-8816
 2020-07-08 10:55:01 +02:00
Josh Cummings
146d0b6358
Revert "Lock Dependency Versions for 5.4.0-M2" 
This reverts commit 68538897c83a7ce8db0ec7275dbd10b1a548498f.
 2020-07-01 13:11:50 -06:00
Josh Cummings
68538897c8
Lock Dependency Versions for 5.4.0-M2 2020-07-01 12:40:29 -06:00
Joe Grandja
0b5a14a900 Register OAuth2AuthorizedClientArgumentResolver as custom resolver for XML config 
Issue gh-8669
 2020-07-01 11:07:33 -04:00
Peer Schönhusen
3e25714dc6 Add reified function variants to security DSL 
Closes gh-8697
 2020-07-01 07:22:16 -04:00
Joe Grandja
edf06a3461 OAuth2AuthorizedClientArgumentResolver uses OAuth2AuthorizedClientManager @Bean 
Closes gh-8700
 2020-06-30 11:25:39 -04:00
Joe Grandja
951e64185b Register OAuth2AuthorizedClientArgumentResolver for XML Config 
Closes gh-8669
 2020-06-25 16:10:29 -04:00
Eleftheria Stein
224361cb4a Fix typo in Javadoc 2020-06-16 09:38:09 -04:00
Evgeniy Cheban
4e7be2078f DefaultWebSecurityExpressionHandler uses RoleHierarchy bean 
Fixes gh-7059
 2020-06-10 16:43:01 -04:00
Rob Winch
a907026eae Deprecate X-FRAME-OPTIONS ALLOW-FROM Directive 
Closes gh-8677
 2020-06-10 11:48:56 -05:00
Joe Grandja
da4b626bf1 OAuth2LoginAuthenticationWebFilter should handle OAuth2AuthorizationException 
Issue gh-8609
 2020-06-09 17:28:21 -04:00
Parikshit Dutta
28d2cfa14a Add ServerRequestCache setter in OAuth2AuthorizationCodeGrantWebFilter 
Fixes gh-8536
 2020-06-02 21:54:09 -04:00
Rob Winch
748538d19f Delay AuthenticationPrincipalArgumentResolver Creation 
Use ObjectProvider<AuthenticationPrincipalArgumentResolver> to delay its
lookup.

Closes gh-8613
 2020-05-29 16:49:01 -05:00
Eleftheria Stein
61060b3a4f Add multipart configuration to CSRF Kotlin DSL 
Fixes gh-8602
 2020-05-27 17:01:12 -04:00
Eleftheria Stein
6f5947cab7 Fix test warnings 2020-05-27 17:00:48 -04:00
Eleftheria Stein
fa11ae3c33 Remove unused import 2020-05-27 14:27:29 -04:00
Eleftheria Stein
67d2efde1c Resolve package tangles with security marker annotation 2020-05-27 07:33:24 -05:00
Eleftheria Stein
bc272ddf73 Resolve package tangles in Kotlin server package 2020-05-27 07:33:24 -05:00
Craig Andrews
f1db7167cb Polish 
Use `getBeanOrNull` in `registerDelegateApplicationListener` to simplify implementation.

This change does not alter behavior.
 2020-05-22 20:33:32 -05:00
Craig Andrews
dbdeec4216 Check for an existing SessionRegistry bean 
If a SessionRegistry is necessary, check for one in the ApplicationContext before creating one.
 2020-05-22 20:33:32 -05:00
Evgeniy Cheban
0fa339f75b Allow port=0 for ApacheDSContainer 
Fixes gh-8144
 2020-05-21 16:14:01 -05:00
Josh Cummings
51a0cffd36
Post-process AuthenticationRequestFilter 
Fixes gh-8552
 2020-05-18 21:08:23 -06:00
Josh Cummings
9241cd2892
Move TestRelyingPartyRegistrations 
Fixes gh-8551
 2020-05-18 16:38:40 -06:00
Parikshit Dutta
1e211b6558 Add RequestCache setter in OAuth2AuthorizationCodeGrantFilter 
Fixes gh-8120
 2020-05-15 15:13:15 -04:00
Joe Grandja
c1abc9b134 Polish gh-8501 2020-05-15 13:26:09 -04:00
Thomas Vitale
78fa859798 Add issuerUri to ClientRegistration.providerDetails 
- Add "issuerUri" attribute to ClientRegistration.providerDetails for OpenID Connect Discovery 1.0 or OAuth 2.0 Authorization Server Metadata.
- Validate OidcIdToken "iss" claim against the OpenID Provider "issuerUri" value.
- Update documentation for client registration: it includes issuer-uri property now.

Fixes gh-8326
 2020-05-14 17:13:07 -04:00
Rob Winch
e5d2aaf6fe
Deprecate OpenID 2.0 support 
Deprecate OpenID 2.0 support
 2020-05-12 09:37:56 -05:00
Eleftheria Stein
1aadbb2f4d Remove "/path/**/other" patterns in tests 
Fixes gh-8513
 2020-05-11 17:00:25 -04:00
Dávid Kovács
f2a2b469c4 Deprecate openID 2.0 support 
This commit adds deprecation notice to xml schema, parser of the schema and removes fixme comments.

Fixes gh-7153
 2020-05-09 12:04:13 +02:00
Rob Winch
d91b153cad Explicitly set useSuffixPatternMatch for Tests 
Spring MVC changed their default behavior in
https://github.com/spring-projects/spring-framework/issues/23915 This
causes failures in some of Spring Security's tests.

This explicitly sets useSuffixPatternMatch=true to ensure that Spring
Security still works if users have modified their defaults.

Closes gh-8493
 2020-05-08 16:43:56 -05:00
Joe Grandja
86ca6b013c Unlock dependencies 
This reverts commit 206960cf448b38e643045468b2291e66bfbbd4a9.
 2020-05-06 17:27:35 -04:00
Joe Grandja
206960cf44 Lock dependencies for 5.4.0-M1 2020-05-06 17:13:04 -04:00
Dávid Kovács
339d44b5a1 Deprecate openID 2.0 support 
This commit puts deprecation notice on docs, sample applications and configurations (java and xml)

Fixes gh-7153
 2020-05-02 10:18:31 +02:00
Rob Winch
4a9fa0337a Allow Configure RequestRjectedHandler in XML 
Issue gh-5007
 2020-05-01 10:51:11 -05:00
Leonard Brünings
b826c798f7 Add RequestRejectedHandler 
Closes gh-5007
 2020-05-01 10:51:01 -05:00
Dávid Kovács
8e8251ac5f Add ROLE_INFRASTRUCTURE to infrastructure beans 
Closes gh-8407
 2020-04-27 08:59:24 -05:00