Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
6,670 Commits 32 Branches 333 Tags 109 MiB
Commit Graph

6670 Commits

Author SHA1 Message Date
Nathan Wong 02a78b17b9 Add check to see if return value is DENY 
Originally, if the return from getAllowFromValue(request) is "DENY",
then the X-Frame-Options header's value will proceed to be written as
"ALLOW FROM DENY" - an invalid value.

This commit adds a condition in the if clause that checks whether
allowFromValue is "DENY". This way, the X-Frame-Options header will be
written as "ALLOW FROM origin" or "DENY".
 2017-10-29 23:32:53 -05:00
Antoine bed4ec7d18 Fix leading space characters reported by checkstyle 2017-10-29 22:22:34 -05:00
Antoine 0771778b81 Polish more AssertJ assertions 2017-10-29 22:22:34 -05:00
Antoine e0aca04a28 Polish AssertJ assertions 
Polish AssertJ assertions
 2017-10-29 22:22:34 -05:00
Arend v. Reinersdorff a558d408a3 Minor typos PreAuthenticatedAuthenticationProvider 2017-10-29 22:12:04 -05:00
Kyle Anderson a139a0052d Fix Typo in Reference Docs 2017-10-29 22:09:46 -05:00
Rob Winch 77de91ad60 Polish unbounded support 
- Update unboundid-ldapsdk-4.0.1
- Fix ordering of dependencies

Issue gh-4672
 2017-10-29 21:59:55 -05:00
Eddú Meléndez 70165869b1 Add UnboundId LDAP inmemory support 
This commit adds the capability to run a LDAP inmemory different than
apacheds. Both providers `apacheds` and `unboundid` are supported.
 2017-10-29 21:59:55 -05:00
Joe Grandja 9a4513356d Configure default OAuth2AuthorizedClientService 
Fixes gh-4751
 2017-10-29 22:45:57 -04:00
Paul Wheeler 6decf1c8ef Allow use of non-numeric (e.g. UUID) values for ObjectIdentity.getIdentifier() 
Prior to this commit, the ObjectIdentity id had to be a number. This
commit allows for domain objects to use UUIDs as their identifier. The
fully qualified class name of the identifier type can be specified
in the acl_object_identity table and a ConversionService can be provided
to BasicLookupStrategy to convert from String to the actual identifier
type.

There are the following other changes:

 - BasicLookupStrategy has a new property, aclClassIdSupported, which
 is used to retrieve the new column from the database. This preserves
 backwards-compatibility, as it is false by default.

 - JdbcMutableAclService has the same property, aclClassIdSupported,
 which is needed to modify the insert statement to write to the
 new column. Defaults to false for backwards-compatibility.

 - Tests have been updated to verify both the existing functionality
 for backwards-compatibility and the new functionality.

Fixes gh-1224
 2017-10-29 21:29:12 -05:00
Joris Portegies Zwart de9fe3e3b1 Fix the JavaDoc for Pbkdf2PasswordEncoder so that it uses the actual values for default hash width and number of iterations 2017-10-29 21:08:38 -05:00
Rob Winch 4fa9b4dd15 Add ServerHttpSecurity.exceptionHandling() 
Fixes gh-4750
 2017-10-29 21:00:10 -05:00
Rob Winch d9584384c4 Move collectClaims to OidcUserAuthority 
Fixes gh-4749
 2017-10-29 20:41:05 -05:00
Joe Grandja 5fa822d114 Expose custom config for OidcUserService 
Fixes gh-4715
 2017-10-29 21:33:51 -04:00
Joe Grandja a261c9a047 Polish OAuth2LoginConfigurer 
Fixes gh-4747
 2017-10-29 21:33:51 -04:00
Rob Winch 3d065b5afd Add getIdToken getUser to OidcUser 
Fixes gh-4748
 2017-10-29 20:10:55 -05:00
Rob Winch c1c726f123 Polish InMemoryClientRegistrationRepository 
Issue: gh-4745
 2017-10-29 20:03:36 -05:00
Rob Winch a3e38fec47 Remove AuthorizationRequestUriBuilder 
Make this API private since we don't have concrete use cases for exposing
it yet.

Fixes gh-4742
 2017-10-29 19:50:02 -05:00
Joe Grandja c3d2effc1d Polish OAuth2AuthorizedClientService 
Fixes gh-4746
 2017-10-29 20:25:03 -04:00
Joe Grandja b496ad4d86 Polish OAuth2LoginAuthenticationToken 
Fixes gh-4744
 2017-10-29 19:21:41 -04:00
Rob Winch 8032baa296 Polish InMemoryClientRegistrationRepository 
- use Map.get
- Construct with stream()
- Add tests
- Remove unnecessary unmodifiableCollection (already unmodifiable)

Fixes gh-4745
 2017-10-29 18:07:49 -05:00
Rob Winch f0c2944377 OAuth2AuthorizationResponse getAccessToken 
No longer delegate to OAuth2AccessToken but add getAccessToken()

Fixes gh-4743
 2017-10-29 17:12:46 -05:00
Joe Grandja e4887057bc Rename AuthorizationGrantTokenExchanger -> OAuth2AccessTokenResponseClient 
Fixes gh-4741
 2017-10-29 17:49:15 -04:00
Joe Grandja 2a00232a5b Remove UserInfoRetreiver 
Fixes gh-4740
 2017-10-29 17:49:15 -04:00
Rob Winch e2dd037b4a Default WebFlux headers and Logout 2017-10-29 15:06:06 -05:00
Rob Winch fb632624d2 Update dependency versions 
Fixes gh-4739
 2017-10-29 14:31:57 -05:00
Rob Winch 44320447fe Update to Spring 5.0.1.RELEASE 
Issue gh-4739
 2017-10-29 14:31:45 -05:00
Joe Grandja 6fbd435bdf OAuth2LoginAuthenticationFilter requires collaborators 
Fixes gh-4661
 2017-10-29 04:41:23 -04:00
Joe Grandja 5a7466512e Expose default constructor in AbstractAuthenticationFilterConfigurer 
Fixes gh-4737
 2017-10-29 04:41:23 -04:00
Rob Winch 5a5ec58ca4 Add LogoutPageGeneratingWebFilter 
Fixes gh-4735
 2017-10-29 00:12:23 -05:00
Rob Winch 0734d70d02 Logout requires POST 
Issue: gh-4734
 2017-10-29 00:11:59 -05:00
Rob Winch 8da2c7f657 Add WebFlux CSRF Protection 
Fixes gh-4734
 2017-10-28 22:59:24 -05:00
Rob Winch f040bd054d Javadoc @EnableWebFluxSecurity 2017-10-28 22:59:24 -05:00
Rob Winch b394ae5d5e Polish 
Restructure WebFluxSecurityConfiguration for easier copy paste of
default ServerHttpSecurity Bean
 2017-10-28 22:59:24 -05:00
Rob Winch 192776858d HttpStatusServerAccessDeniedHandler write error message 2017-10-28 22:59:24 -05:00
Rob Winch 77acb34bcd Add spring-security-test to spring-security-config test dependencies 2017-10-28 22:58:55 -05:00
Rob Winch e63c53e267 Add AuthorizationWebFilterTests 2017-10-28 22:58:55 -05:00
Joe Grandja b471dd1c54 Remove OAuth2TokenRepository 
Fixes gh-4727
 2017-10-28 21:40:33 -04:00
Joe Grandja b1d56b5821 NimbusAuthorizationCodeTokenExchanger uses authorizationRequest.redirectUri 
Fixes gh-4701
 2017-10-28 21:30:40 -04:00
Joe Grandja 006319f19a UserInfoRetriever supports ParameterizedTypeReference 
Fixes gh-4693
 2017-10-28 19:26:04 -04:00
Joe Grandja 9dc4aa6c81 Make OidcUserInfo Serializable 
Fixes gh-4733
 2017-10-28 18:35:21 -04:00
Joe Grandja 8e0d88d3e9 Remove GitHubOAuth2User from oauth2Login sample 
Fixes gh-4732
 2017-10-28 18:25:45 -04:00
Joe Grandja 83dc902ff7 Map CustomUserTypesOAuth2UserService using clientRegistrationId 
Fixes gh-4692
 2017-10-28 18:11:39 -04:00
Joe Grandja ddf87b54f7 Polish OAuth2LoginConfigurer 
Fixes gh-4731
 2017-10-28 17:48:45 -04:00
Joe Grandja 0c68eb1821 Re-factor OAuth2AuthorizationCodeAuthenticationToken 
Fixes gh-4730
 2017-10-28 17:15:31 -04:00
Joe Grandja 64d8c8b8a9 Re-factor AuthorizationGrantTokenExchanger 
Fixes gh-4728
 2017-10-28 17:12:14 -04:00
Joe Grandja 16e69d06b4 Add OAuth2AuthorizedClientService 
Fixes gh-4726
 2017-10-28 17:12:14 -04:00
Sola f0b0cfc4fd Ensure Copyright header reads 2002-2017 
fixes gh-4655

Signed-off-by: Sola <dev@sola.love>
 2017-10-28 13:02:06 -05:00
Joe Grandja 67bac28481 OAuth2UserService uses OAuth2UserRequest 
Fixes gh-4724
 2017-10-27 22:34:25 -04:00
Joe Grandja 3d319f7592 Make AuthorizationRequestRepository a Generic 
Fixes gh-4723
 2017-10-27 21:31:45 -04:00