Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
9,070 Commits 30 Branches 330 Tags 114 MiB
Commit Graph

9070 Commits

Author SHA1 Message Date
Phillip Webb 9e08b51ed3 Apply code cleanup rules to projects 
Apply automated cleanup rules to add `@Override` and `@Deprecated`
annotations and to fix class references used with static methods.

Issue gh-8945
 2020-08-24 17:33:07 -05:00
Phillip Webb 8866fa6fb0 Always use 'this.' when accessing fields 
Apply an Eclipse cleanup rules to ensure that fields are always accessed
using `this.`. This aligns with the style used by Spring Framework and
helps users quickly see the difference between a local and member
variable.

Issue gh-8945
 2020-08-24 17:33:07 -05:00
Phillip Webb 6894ff5d12 Make classes final where possible 
Update classes that have private constructors so that they are also
declared final. In a few cases, inner-classes used private constructors
but were subclassed. These have now been changed to have package-private
constructors.

Issue gh-8945
 2020-08-24 17:33:07 -05:00
Phillip Webb b5d499e2eb Remove empty block 
Refactor a few classes so that empty blocks are not longer used. For
example, rather than:

	if(x) {
	} else {
		i++;
	}

use:

	if(!x) {
		i++;
	}

Issue gh-8945
 2020-08-24 17:33:07 -05:00
Phillip Webb 37fa94fafc Organize imports 
Use "organize imports" from Eclipse to cleanup import statements so
that they appear in a consistent and well defined order.

Issue gh-8945
 2020-08-24 17:33:07 -05:00
Phillip Webb 5f64f53c3f Use consistent "@" tag order in Javadoc 
Ensure that Javadoc "@" tags appear in a consistent and well defined
order.

Issue gh-8945
 2020-08-24 17:33:07 -05:00
Phillip Webb 7f0653fa34 Remove array style checkstyle suppression 
Remove the array style rules suppression since it doesn't cause any
checkstyle violations.

Issue gh-8945
 2020-08-24 17:33:07 -05:00
Phillip Webb 863c0873dd Suppress third-party code from checkstyle 
Suppress `BCrypt` and `ComparableVersion` from checkstyle since these
source files were developed by a third-party.

Issue gh-8945
 2020-08-24 17:33:07 -05:00
Phillip Webb 8142e4046f Use compact annotation style 
Always use compact annotations when possible. For example, replace
`@Target(value = ElementType.TYPE)` with `@Target(ElementType.TYPE)`.

Issue gh-8945
 2020-08-24 17:33:07 -05:00
Phillip Webb aea0fea5d9 Add Spring Checkstyle with all checks disabled 
Introduce checkstyle rules from spring-javaformat, but keep them
disabled so that fixes can be introduced one commit at a time.

Issue gh-8945
 2020-08-24 17:33:07 -05:00
Phillip Webb 71bc145ae4 Remove superfluous comments 
Use '^\s+//\ \~\ .*$' and '^\s+//\ ============+$' regular expression
searches to remove superfluous comments.

Prior to this commit, many classes would have comments to indicate
blocks of code (such as constructors/methods/instance fields). These
added a lot of noise and weren't all that helpful, especially given
the outline views available in most modern IDEs.

Issue gh-8945
 2020-08-24 17:33:07 -05:00
Phillip Webb b7fc18262d Reformat code using spring-javaformat 
Run `./gradlew format` to reformat all java files.

Issue gh-8945
 2020-08-24 17:32:56 -05:00
Eleftheria Stein cf48f986f6 Fix typo in resource server documentation 2020-08-24 09:10:33 +02:00
Rob Winch 046cdd7f07 Update Snapshot Build to Kotlin 1.4.0 2020-08-20 10:45:53 -05:00
Martin Vietz 0486d5add9 scopes_supported metadata not used as default in ClientRegistrations 
Closes gh-8514
 2020-08-20 08:09:54 -04:00
Josh Cummings 21e9a410ee
Remove Package Tangle 
Issue gh-8876
 2020-08-19 15:52:20 -06:00
Josh Cummings e6d1e2cf81
Restructure SAML 2.0 Documentation 
Issue gh-8763
 2020-08-19 14:59:26 -06:00
Josh Cummings af5c55c380
Polish AuthnRequest Customization Support 
Having the application generate the AuthnRequest fresh allows Spring
Security to back away more gracefully. Using a Consumer implies that
the application will need to undo any values that Spring Security set
that the application doesn't want.

Also, if this does become a configuration burden, it can be simplified
in a separate ticket by exposing the default Converter.

Issue gh-8776
 2020-08-19 14:27:31 -06:00
Josh Cummings 3694485056
Polish SAML 2.0 Default Assertion Validator 
In several cases, taking a pre-set ValidationContext is not sufficient.
For example, the recipient is calculated via the
RelyingPartyRegistration that's currently in the context of the
request.

Instead, then, createDefaultAssertionValidator was broken up into two
different methods: One that takes no parameters and assumes the class's
default ValidationContext, and another that takes a converter to derive
the ValidationContext from the incoming authentication token.

Issue gh-8970
 2020-08-19 13:58:42 -06:00
Josh Cummings da7477cd41
Add Response to Authentication Conversion Support 
Closes gh-8010
 2020-08-18 17:49:34 -06:00
Josh Cummings 0c696dd58b
Remove XSAnyMarshaller AttributeValue Support 
In favor of customizing the authentication converter

Closes gh-8864
 2020-08-18 17:42:04 -06:00
Josh Cummings 7b3dda161b
Generalize SAML 2.0 Assertion Validation Support 
Closes gh-8970
 2020-08-18 12:23:42 -06:00
Josh Cummings 1069e91645
RSocket Deprecations 
Stop using deprecated RSocket APIs in integration tests

Issue gh-8948
 2020-08-13 17:51:59 -06:00
Rob Winch a4756cf62c --refresh-dependencies for snapshots 2020-08-11 09:53:18 -05:00
Eleftheria Stein 69e0552c30 Add servlet OAuth2 client Kotlin samples 
Issue gh-8172
 2020-08-11 14:25:27 +02:00
koishikawa11 be6d2f117e
Add hasAnyRole and hasAnyAuthority to authorizeRequests in Kotlin DSL 
Closes gh-8892
 2020-08-11 07:59:22 -04:00
Eleftheria Stein 5142d39079 Restrict Spring Framework version to 5.2.x 2020-08-11 13:25:30 +02:00
Eleftheria Stein 380a11566e Add registered OAuth2 authorized client Kotlin samples 
Issue gh-8172
 2020-08-11 10:24:21 +02:00
Eleftheria Stein 324d6795c9 Add WebClient samples to docs 
Issue gh-8172
 2020-08-11 08:33:46 +02:00
Eleftheria Stein 496fcbb102 Add OAuth2 resource server WebFlux samples 
Issue gh-8172
 2020-08-11 08:33:46 +02:00
Eleftheria Stein d839e4dd71 Fix typos in resource server docs 
- Use withJwkSetUri instead of fromJwkSetUri
- Use ES512 instead of EC512
- Use NimbusReactiveOpaqueTokenIntrospector instead of NimbusOpaqueTokenIntrospector in reactive
- User authorizeExchange instead of authorizeRequests
 2020-08-11 08:33:46 +02:00
Phillip Webb 81d9c6cac5 Add spring-javaformat plugin 
Add spring-javaformat plugin but disable it for all sample projects.

Issue gh-8945
 2020-08-10 16:24:44 -05:00
Phillip Webb 9caa39e370 Fix malformed formatter-on/off javadoc 
Remove the formatter-on/formatter-off comments from Javadoc examples
so that they don't confuse checkstyle. The comments are not necessary
in the Javadoc since `pre` blocks are not formatted in the same
way as code.

Issue gh-8945
 2020-08-10 16:24:44 -05:00
Phillip Webb 8e092f8d2c Add noformat blocks around withDefaultPasswordEncoder 
Find `withDefaultPasswordEncoder` calls and protect them against
formatting.

Issue gh-8945
 2020-08-10 16:24:44 -05:00
Phillip Webb 6979125ccf Add noformat blocks around User.withUsername 
Find `User.withUsername` calls and protect them against formatting.

Issue gh-8945
 2020-08-10 16:24:44 -05:00
Phillip Webb 63b5998fad Add noformat blocks around auth config 
Find `auth` config using a regex search of `^\s*auths*$` and protect
them against formatting.

Issue gh-8945
 2020-08-10 16:24:44 -05:00
Phillip Webb 103d822e46 Add noformat blocks around http config 
Find `http` config using a regex search of `^\s*https*$` and protect
them against formatting.

Issue gh-8945
 2020-08-10 16:24:44 -05:00
Phillip Webb 27ac046d8a Rename *Test.java -> *Tests.java 
Rename a few test classes that accidentally ended in `Test` instead of
`Tests`.

Issue gh-8945
 2020-08-10 16:24:44 -05:00
Rob Winch 94cf4d1de7 Fix SNAPSHOT builds 
- Stop using deprecated RSocket APIs
- Update SNAPSHOT build to use Boot SNAPSHOT
 2020-08-10 11:35:15 -05:00
Eleftheria Stein 12a8795c3d Fix typo in resource server docs 2020-08-06 14:11:13 +02:00
Rob Winch 7cc10ed277 Fix Email notifications 2020-08-05 14:11:57 -05:00
Joe Grandja a30541fcd9 Next Development Version 
NOTE:
The 5.4.0-RC1 release has been tagged at 74b42ba956
as it includes a fix related to RSocket integration tests.
 2020-08-05 15:03:27 -04:00
Joe Grandja 1d74d556c2 Revert "Lock Dependency Versions for 5.4.0-RC1" 
This reverts commit f3a1e5d40c.
 2020-08-05 14:59:11 -04:00
Rob Winch 74b42ba956 Move RSocket integration tests to integration tests 
Closes gh-8944
 2020-08-05 13:23:20 -05:00
Joe Grandja 10dbe140c9 Release 5.4.0-RC1 2020-08-05 13:46:57 -04:00
Joe Grandja f3a1e5d40c Lock Dependency Versions for 5.4.0-RC1 2020-08-05 13:46:11 -04:00
Josh Cummings a701555318
Polish Saml2AuthenticationTokenConverter 
Issue gh-8768
 2020-08-05 10:08:47 -06:00
Josh Cummings f82190b414
Add RelyingPartyRegistrations 
Closes gh-8484
 2020-08-05 10:08:47 -06:00
Josh Cummings 506786f46e
Replaced Spaces with Tabs 
Updated the .gradle file for SAML 2.0 Service Provider to use tabs
 2020-08-05 10:08:47 -06:00
Josh Cummings b999faa5a0
Complete SAML 2.0 SP Metadata Endpoint 
Closes gh-8693
 2020-08-05 10:08:47 -06:00