2b369cfe98
Added support for Anonymous Authentication
...
1. Created new WebFilter AnonymousAuthenticationWebFilter to
for anonymous authentication
2. Created class AnonymousSpec, method anonymous to configure
anonymous authentication in ServerHttpSecurity
3. Added ANONYMOUS_AUTHENTICATION order after AUTHENTICATION for
anonymous authentication in SecurityWebFiltersOrder
4. Added tests for anonymous authentication in
AnonymousAuthenticationWebFilterTests and ServerHttpSecurityTests
5. Added support for Controller in WebTestClientBuilder
Fixes: gh-5934
2018-12-12 16:05:30 -06:00
9a357f8cb6
Moved CachingUserDetailsService to spring-core
...
Made CachingUserDetailsService constructor public and moved to spring-core to make it easier to configure caching in UserDetailsService
Fixes gh-4139
2018-12-11 13:22:08 -06:00
56eb658eae
RoleVoter Configuration Defaults Prefix Using GrantedAuthorityDefauts
...
Fixes: gh-4876
2018-12-07 14:17:44 -06:00
8b3fb55aea
Added methods to add filter relatively in ServerHttpSecurity
...
Addition of two new methods addFilterBefore and addFilterAfter in
ServerHttpSecurity to allow addition of WebFilter before and after of
specified order
Fixes: gh-6138
2018-12-04 13:29:53 -06:00
6bddb38cac
Update to Gradle 5.0
...
Change project's gradle version to 5.0, this requires to make some minor
adjustments.
Fixes: gh-6148
2018-11-30 08:50:47 -06:00
b8f038e86a
Polish OAuth2ResourceServerConfigurer
2018-11-30 06:37:00 -05:00
be423debfd
ServerAuthenticationConverter should be configurable
...
Fixes gh-6186
2018-11-29 14:37:22 -07:00
3a43ed8f1c
Register NullRequestCache When Disabled
...
Fixes: gh-6102
2018-11-20 07:15:09 -07:00
f30fcdda6b
RequestCacheConfigurerTests groovy->java
...
Issue: gh-4939
2018-11-16 15:40:12 -07:00
686393ed5c
ExceptionHandlingConfigurerTests groovy->java
...
Issue: gh-4939
2018-11-16 14:51:26 -07:00
1ea73e7d8e
Jwt Decoder Local Key Configuration
...
Adds support for configuring Resource Server DSL with a local public
key.
Fixes: gh-5131
2018-11-16 13:07:19 -06:00
d28e32b000
NimbusJwtDecoder Builder
...
A Builder to simply common construction patterns for NimbusJwtDecoder
Issue: gh-6010
2018-11-14 15:53:47 -06:00
db5e54266c
#3912 lazyBean method respects @Primary annotation
2018-11-14 14:31:29 -06:00
8eedb3919e
Policy OAuth2ResourceServerSpecTests
...
Issue: gh-6052
2018-11-12 15:01:15 -07:00
3a6582d2a6
Fix csrf:token-repository-ref XSD documentation
...
The documentation of the token-repository-ref attribute of the csrf
element in the schema has been updated to make clear the default
repository is lazy. Targets versions 4.2, 5.0 and 5.1.
Fixes gh-6037
2018-11-08 10:14:49 -06:00
9a13f9acde
Custom Bearer Token Error Handling Support
...
Users can specify a custom access denied handler and authentication
entry point for reactive resource servers.
Fixes: gh-6052
2018-11-07 16:29:56 -06:00
75e7e099ab
MiscHttpConfigTests groovy->java
...
Issue: gh-4939
2018-10-30 12:58:20 -06:00
52be2839ca
Migraged unit test from groovy to java
...
Moved AbstractConfigAttributeRequestMatcherRegistryTests.groovy to AbstractConfigAttributeRequestMatcherRegistryTests.java
gh-4939
2018-10-23 20:04:42 -05:00
8ef65ce5c5
Set AuthenticationEventPublisher on each AuthenticationManagerBuilder
...
Fixes gh-6009
2018-10-23 14:08:23 -04:00
8f49ca850a
Fixing IllegalStateException message in OAuth2ResourceServerConfigurer
...
Updated message to include `http.oauth2ResourceServer()`
2018-10-17 15:14:36 -05:00
bd9e3877f9
JDK 10 Compatibility
...
Upgrading dependencies and reconfiguring PowerMock
Issue: gh-5860
2018-10-17 15:03:42 -05:00
921abefaa2
Remove address and phone scope from CommonOAuth2Provider.OKTA
...
Fixes gh-5987
2018-10-17 11:50:34 -04:00
22bd8f1c1f
Reactive Jwt Authentication Converter Support
...
Fixes: gh-5092
2018-10-15 11:55:12 -05:00
93ca455405
OAuth2LoginAuthenticationFilter ignores authenticated Users
...
This ensures that OAuth2 Client support works with the same log in URL as
oauth2 login.
Fixes: gh-5915
2018-10-12 16:29:27 -05:00
5d18bb68ed
Add @formatter to @EnableWebFluxSecurity Javadoc
...
Fixes: gh-5898
2018-09-21 08:11:50 -05:00
45a9c0fd54
Polish Automatically Add CsrfServerLogoutHandler
...
Issue: gh-5337
2018-09-21 00:59:36 -05:00
b060ec050a
Automatically add CsrfServerLogoutHandler if csrf enabled
...
The configuration DSL should automatically add CsrfServerLogoutHandler if csrf is enabled
Fixes gh-5337
2018-09-21 00:59:36 -05:00
79828d4f7b
Polish WebFlux Referrer-Policy header config
2018-09-20 17:14:16 -05:00
8a49c431c3
Add OAuth2ClientSpec.and
...
Fixes: gh-5888
2018-09-20 10:19:21 -05:00
73c1abbba0
EnableGlobalMethodSecurity Misconfiguration Check
...
This polishes the EnableGlobalMethodSecurity misconfiguration check to
not error if the user has specified a custom method security metadata
source.
Issue: gh-5341
2018-09-20 07:55:03 -06:00
1e864ad764
Validate @EnableGlobalMethodSecurity usage
...
Fixes: gh-5341
2018-09-20 07:55:03 -06:00
9e0c7f17b7
Default RequestCache should ignore favicon
...
Fixes: gh-5875
2018-09-19 14:29:14 -05:00
8b0a3a760c
Use providedSessionAuthenticationStrategy
...
Fixes gh-5763
2018-09-19 07:04:49 -04:00
501c008526
Add WebFlux Redirect to HTTPS Reference
...
Fixes: gh-5869
2018-09-18 21:12:37 -05:00
54d07b6b8b
Add WebFlux HTTP Headers Reference
...
Fixes: gh-5868
2018-09-18 17:09:41 -05:00
72301e548a
Reactive OAuth2 DSL Customizations
...
Fixes: gh-5855
2018-09-17 21:21:36 -05:00
385bdfc055
OAuth2AuthorizationCodeGrantWebFilter works with /{action}/
...
This ensures that the same URL can work for both log in and
authorization code which prevents having to create additional registrations
on the client and potentially on the server (GitHub only allows a single
valid redirect URL).
Fixes: gh-5856
2018-09-17 21:21:36 -05:00
68bc649a45
Fix XsdDocumentedTests
...
Issue: gh-5836
2018-09-12 19:56:30 -05:00
42327a0aec
Polish OAuth2ResourceServerConfigurerTests
2018-09-10 13:24:16 -06:00
2c982a4168
Reactive Redirect to Https
...
This introduces the capability to configure Reactive Spring Security
to upgrade requests to HTTPS
Fixes: gh-5749
2018-09-07 14:25:58 -05:00
f164f2f869
Polish FilterComparator
...
Extracts STEP incrementing into a separate helper class
2018-09-07 10:30:57 -06:00
438d2911fb
OAuth2AuthorizedClientResolver
...
Extract out a private API for shared code between the argument resolver
and WebClient support. This makes it easier to make changes in both
locations. Later we will extract this out so it is not a copy/paste
effort.
Issue: gh-4921
2018-09-07 08:58:00 -05:00
07b6699fd9
ServerWebExchangeReactorContextWebFilter
...
Fixes: gh-5779
2018-09-07 08:49:27 -05:00
c60fcf263e
provide test for custom principal extractor config
...
Signed-off-by: Sola <dev@sola.love>
2018-09-05 15:51:14 -05:00
2980f96b55
Allow PrincipalExtractor to be customized.
...
Signed-off-by: Sola <dev@sola.love>
2018-09-05 15:51:14 -05:00
932ea245fb
AuthenticationManager for OAuth2ResourceServerSpec
...
This makes the AuthenticationManager used by the OAuth2 Resource
Server configurable, focusing at this point on the Jwt use case.
Fixes: gh-5750
2018-09-05 09:19:11 -05:00
25d1f49d84
Remove Resource Server's Session Policy Config
...
Resource Server doesn't need to set the session policy for the
application to STATELESS since it can rely on the
SessionManagementFilter ignoring token's annotated with @Transient,
which a JwtAuthenticationToken is.
Fixes: gh-5759
2018-09-04 14:55:40 -06:00
8510e9a285
Reactive Resource Server insufficient_scope
...
This introduces an implementation of ServerAccessDeniedHandler that is
compliant with the OAuth 2.0 spec for insufficent_scope errors.
Fixes: gh-5705
2018-08-31 10:33:11 -05:00
229b69dd35
Add DefaultAuthorizationCodeTokenResponseClient
...
Fixes gh-5547
2018-08-27 12:44:19 -04:00
cb0ba58b58
Fix WhitespaceAfterCheck Checkstyle check
2018-08-27 10:45:35 -05:00
Ankur Pathak
ir73
Dongmin Shin
Daniel Bustamante Ospina
Joe Grandja
Eric Deandrea
Josh Cummings
Karl Goffin
Erik van Paassen
Bob Maertz
Brian Demers
Rob Winch
Vedran Pavic
artsiom
Johnny Lim
Sola