Joe Grandja
6d7d34c549
Move AuthorizationRequestUriBuilder and DefaultAuthorizationRequestUriBuilder
...
Fixes gh-4658
2017-10-23 10:19:31 -04:00
Joe Grandja
f0c9f85292
spring-security-jwt-jose -> spring-security-oauth2-jose
...
Fixes gh-4595
2017-10-23 09:04:01 -04:00
Joe Grandja
c94b3f4d23
Add AuthorizationExchange
...
Fixes gh-4660
2017-10-20 20:59:32 -04:00
Joe Grandja
eb2b573426
Validate Authorization Response
...
Fixes gh-4657, Issue gh-4654
2017-10-20 20:59:32 -04:00
Joe Grandja
8e3a2a7123
Remove AuthorizationCodeAuthenticationFilter.AuthorizationResponseMatcher
...
Fixes gh-4654
2017-10-20 06:09:31 -04:00
Joe Grandja
84a1c417a3
Extract Converter from AuthorizationResponseMatcher
...
Fixes gh-4653
2017-10-20 04:56:07 -04:00
Joe Grandja
d4dac21ca5
Make ClientRegistration.Builder constructor private
...
Fixes gh-4656
2017-10-19 14:15:59 -04:00
Joe Grandja
a980e3b0d7
Remove ClientRegistrationIdentifierStrategy
...
Fixes gh-4648
2017-10-19 13:40:06 -04:00
Joe Grandja
f3756cdd07
Remove ClientRegistrationProperties
...
Fixes gh-4649
2017-10-19 13:27:54 -04:00
Joe Grandja
1f5edc98d5
ClientRegistration.Builder.scopes -> scope
...
Fixes gh-4663
2017-10-19 11:24:01 -04:00
Joe Grandja
1e891b38ab
Rename scope -> scopes for Set types
...
Fixes gh-4644
2017-10-18 17:56:39 -04:00
Joe Grandja
a77bdb0c5d
Make AuthorizationRequest serializable
...
Fixes gh-4627
2017-10-18 15:55:37 -04:00
Rob Winch
d7d6400971
DefaultStateGenerator->Base64StringKeyGenerator
...
Rename and move DefaultStateGenerator since it is more generic than just
OAuth.
Fixes gh-4645
2017-10-18 11:29:04 -05:00
Rob Winch
d554b06a43
OAuth use ConcurrentHashMap
...
Fixes gh-4647
2017-10-17 22:17:09 -05:00
Rob Winch
b764c666c6
Fix jwt package tangles
...
JWT is part of OAuth2, so it should be a subpackage of oauth2.
Fixes gh-4614
2017-10-17 21:06:27 -05:00
Rob Winch
c5abcd1fcd
DefaultAuthorizationRequestUriBuilder uses StringUtils
...
Fixes gh-4642
2017-10-17 20:24:43 -05:00
Joe Grandja
7b8d131386
Fix package tangles -> OAuth2/Oidc AuthenticationProvider's
...
Fixes gh-4614
2017-10-16 20:56:32 -04:00
Johnny Lim
25052214ae
Polish
2017-10-16 18:33:27 -05:00
Joe Grandja
a7d054c9f3
Remove AuthorizationGrantAuthenticator
2017-10-16 13:43:11 -04:00
Joe Grandja
3c824dc44b
Fix package tangles -> OAuth2UserService
...
Fixes gh-4614
2017-10-13 18:59:41 -04:00
Joe Grandja
cfa4858b04
Fix package tangles -> AuthorizationGrantTokenExchanger
...
Fixes gh-4614
2017-10-13 16:35:48 -04:00
Joe Grandja
ea64d10d95
Polish jwt-jose
2017-10-13 07:09:00 -04:00
Joe Grandja
c441f99567
Polish oauth2-client
2017-10-13 07:09:00 -04:00
Joe Grandja
d4d7199a6d
Polish oauth2-core
2017-10-13 07:09:00 -04:00
Joe Grandja
df474e04d8
Move logic from AuthorizationCodeAuthenticationFilter to OAuth2UserAuthenticationProvider
2017-10-11 17:39:21 -04:00
Joe Grandja
ca5b62abb5
Move AuthorizationResponseConverter logic to AuthorizationCodeAuthenticationFilter
2017-10-11 17:39:21 -04:00
Joe Grandja
d840090cb0
Add support for implicit grant type
...
Fixes gh-4500
2017-10-11 13:54:59 -04:00
Joe Grandja
401c84b3f2
Externalize error codes from OAuth2Error
...
Fixes gh-4606
2017-10-10 20:24:33 -04:00
Joe Grandja
da0a7afa38
Polish AuthorizationCodeAuthenticationFilter
...
Fixes gh-4599
2017-10-10 14:39:47 -04:00
Joe Grandja
efa4bf409c
Remove AuthorizationCodeRequestRedirectFilter. setAuthorizationRequestMatcher
2017-10-10 14:38:06 -04:00
Joe Grandja
6b16fa0d8c
Polish OAuth Security Configurers
2017-10-10 14:38:06 -04:00
Joe Grandja
97c938e7f3
Extract authentication logic from AuthorizationCodeAuthenticationFilter
...
Fixes gh-4590
2017-10-10 14:38:06 -04:00
Joe Grandja
5811624bbe
Polish endpoint package
...
* Remove ErrorResponseAttributes
* Rename AuthorizationRequestAttributes -> AuthorizationRequest
* Remove AuthorizationCodeTokenRequestAttributes
* Rename TokenResponseAttributes -> TokenResponse
Issue gh-4593
2017-10-06 18:51:24 -04:00
Joe Grandja
ce142e50b6
Rename AuthorizationCodeAuthorizationResponseAttributes -> AuthorizationResponse
...
Fixes gh-4593
2017-10-06 18:51:24 -04:00
Joe Grandja
eca2b67137
ClientRegistration supports 'baseUrl' uri variable
...
Fixes gh-4589
2017-10-05 20:35:51 -04:00
Joe Grandja
dec0bce100
Remove authorities -> AuthorizationGrantAuthenticationToken constructor
...
Fixes gh-4602
2017-10-05 20:22:50 -04:00
Joe Grandja
1b7e761be4
Remove SecurityTokenRepository from AuthorizationCodeAuthenticationProvider constructor
...
Fixes gh-4591
2017-10-05 17:05:56 -04:00
Joe Grandja
eb320bfed4
AuthorizationCodeAuthenticationProcessingFilter -> AuthorizationCodeAuthenticationFilter
2017-10-05 16:40:12 -04:00
Joe Grandja
5c14e48b18
Add OAuth2UserAuthenticationProvider
...
Moved logic from AuthorizationCodeAuthenticationProvider
to OAuth2UserAuthenticationProvider (new) related to
loading user attributes via OAuth2UserService.
This re-factor is part of the work required for Issue gh-4513
2017-10-05 15:15:35 -04:00
Joe Grandja
f8a9077d5a
Generalize AuthorizationCodeAuthenticationProvider
...
The AuthorizationCodeAuthenticationProvider implements part of the
Authorization Code Grant flow as defined in
OAuth 2.0 Authorization Framework and OpenID Connect Core 1.0.
The implementation needs to be de-coupled to allow for better re-use and readability.
This commit introduces the AuthorizationGrantAuthenticator and extracts logic from
AuthorizationCodeAuthenticationProvider and provides different implementations
for OAuth 2.0 and OpenID Connect 1.0.
This re-factor is part of the work required for Issue gh-4513
2017-10-05 05:02:22 -04:00
Joe Grandja
0d516ca32c
Rename scopes -> scope
2017-10-02 15:50:16 -04:00
Joe Grandja
fb57111ecd
redirect-uri property supports 'baseRedirectUrl' uri variable
...
Fixes gh-4589
2017-10-02 15:29:03 -04:00
Joe Grandja
66647070ab
Default login page supports Iterable<ClientRegistration>
...
Fixes gh-4596
2017-09-29 19:54:17 -04:00
Joe Grandja
ad91adf9dc
Retrieving the UserInfo is conditional
...
Fixes gh-4451
2017-09-29 10:51:16 -04:00
Rob Winch
646b3e48b3
Avoid Exception Message in HTTP Response
...
Fixes gh-4587
2017-09-28 17:24:49 -05:00
Joe Grandja
b9258aa6ee
Make AuthorizationRequestUriBuilder optional
...
Fixes gh-4577
2017-09-28 16:43:11 -04:00
Joe Grandja
bfb77a7804
Remove unnecessary dependencies
2017-09-28 15:42:12 -04:00
Joe Grandja
9a8ddebc94
Use param matching for Authorization Response
...
Fixes gh-4576
2017-09-28 10:21:01 -04:00
Joe Grandja
d191bcc8ac
Remove ClientRegistrationRepository.findByClientId()
...
Fixes gh-4583
2017-09-28 09:01:58 -04:00
Joe Grandja
52f495a5ec
Remove ProviderJwtDecoderRegistry
...
Fixes gh-4581
2017-09-28 08:51:43 -04:00
Joe Grandja
8448a54678
Remove ClientRegistrationRepository.getRegistrations()
...
Fixes gh-4582
2017-09-28 07:02:59 -04:00
Joe Grandja
3217582805
Introduce JwtDecoderRegistry
...
Fixes gh-4584
2017-09-28 06:07:47 -04:00
Joe Grandja
b463f8e6b5
Remove httpSecurity.oauth2Login().userInfoEndpoint().userNameAttributeName()
...
Related gh-4580
2017-09-27 15:39:39 -04:00
Joe Grandja
814742fef6
Rename ClientRegistration.clientAlias -> registrationId
...
Fixes gh-4575
2017-09-27 09:14:55 -04:00
Joe Grandja
38be35677d
Add userNameAttributeName to ClientRegistration
...
Fixes gh-4580
2017-09-26 21:55:19 -04:00
Joe Grandja
7fb3093617
Fix NPE InMemoryClientRegistrationRepository
2017-09-26 14:08:01 -04:00
Joe Grandja
0e9b2807bf
Split up NimbusOAuth2UserService
...
Fixes gh-4447
2017-09-26 11:32:49 -04:00
Joe Grandja
a06487c0f7
Move additionalParameters to TokenResponseAttributes
...
Fixes gh-4554
2017-09-22 15:21:22 -04:00
Joe Grandja
680984c242
SecurityTokenRepository associates SecurityToken to ClientRegistration
...
Fixes gh-4563
2017-09-22 09:51:00 -04:00
Joe Grandja
7fb386669f
InMemoryClientRegistrationRepository -> enforce unique ClientRegistration's
...
Fixes gh-4562
2017-09-21 15:47:26 -04:00
Joe Grandja
9b61eba41d
Add identifier strategy for ClientRegistration
...
Fixes gh-4561
2017-09-21 10:19:28 -04:00
Joe Grandja
991a154703
Add OIDC Client and User Authentication
...
Fixes gh-4521
2017-09-19 20:57:56 -04:00
Joe Grandja
c54c622124
Re-structure OAuth2AuthenticationToken
...
Fixes gh-4553
2017-09-19 16:35:43 -04:00
Rob Winch
e345dd106c
Remove leading whitespaces
2017-09-18 11:52:31 -05:00
Joe Grandja
65b968f04a
Move servlet-specific classes to 'web' package
...
Fixes gh-4366
2017-09-13 16:13:32 -04:00
Joe Grandja
9133eb1b78
Revert "Provide fix for Google iss claim"
...
This reverts commit b6212cba66
.
2017-09-13 14:07:23 -04:00
Vedran Pavic
549decf00a
Prefer `sub` claim as OIDC principal name
...
This commit removes preference for `name` claim as principal name in `DefaultOidcUser` so that the default is now `sub` claim. In addition to that, `DefaultOidcUser` now also provides constructors to explicitly define the claim to be preferred as principal name.
Fixes gh-4515
2017-09-13 13:53:14 -04:00
Joe Grandja
4ff0b52f74
Remove HttpClientConfig
...
Issue gh-4478
2017-09-12 21:03:40 -04:00
Joe Grandja
223b126de5
Remove Serializable from OAuth2User
...
Fixes gh-4514
2017-09-05 09:24:25 -04:00
Joe Grandja
306f81b7f7
Minor renames to oauth2 client properties
...
Fixes gh-4296
2017-08-30 11:51:06 -04:00
Joe Grandja
b6212cba66
Provide fix for Google iss claim
...
Fixes gh-4511
2017-08-26 18:55:23 -04:00
Joe Grandja
4951550d7d
Add context path to authorization request URI
...
Fixes gh-4510
2017-08-26 18:55:23 -04:00
Luander Ribeiro
ec908bb700
Add unit tests for endpoints package
...
Fixes gh-4499
This commit contains unit tests for the endpoints package in oauth2-core.
2017-08-24 18:26:33 -04:00
Joe Grandja
bc6be86aec
Add in-memory AccessTokenRepository
...
Fixes gh-4508
2017-08-23 17:18:35 -04:00
Joe Grandja
d6ba348a59
Add SecurityTokenRepository abstraction
...
Fixes gh-4405
2017-08-23 17:18:19 -04:00
Joe Grandja
93c2b2533e
Allow configuring request paths for oauth2 filters
...
Fixes gh-4473
2017-08-23 17:17:01 -04:00
Rob Winch
e16b8e7976
Fix logback-test.xml
2017-08-17 16:42:01 -05:00
Luander Ribeiro
65734414f7
Added HttpServletResponse to AuthorizationRequestRepository
...
This change enables AuthorizationRequestRepository to possibly save the AuthorizationRequestAttributes to a cookie.
Fixes gh-4446
2017-08-15 09:45:52 -04:00
Joe Grandja
ef1de5eda0
Remove Accept header for UserInfo request
...
Fixes gh-4481
2017-08-15 04:54:38 -04:00
Joe Grandja
c872499eee
Enable custom configuration for HTTP client
...
Fixes gh-4477
2017-07-28 16:43:44 -04:00
Joe Grandja
3b42323b6d
AuthorizationCodeRequestRedirectFilter -> always expand redirectUri
...
Fixes gh-4444
2017-07-28 09:31:38 -04:00
Joe Grandja
c204cc2c31
Completed implementation in ClaimAccessor's
...
Fixes gh-4449
2017-07-28 09:31:38 -04:00
Joe Grandja
33423c46d3
Rename AbstractToken to SecurityToken
...
Fixes gh-4466
2017-07-28 09:31:37 -04:00
Joe Grandja
f50812c385
Renamed methods in AuthorizationCodeRequestRedirectFilter
...
Fixes gh-4443
2017-07-14 17:09:49 -04:00
Joe Grandja
598a08e2d8
Update docs AuthorizationCodeAuthenticationProvider
...
Fixes gh-4450
2017-07-14 16:58:36 -04:00
Joe Grandja
9cfb890207
Use id_token for user authentication
...
Fixes gh-4410
2017-07-07 12:44:26 -04:00
Joe Grandja
c986b6f4b5
Add support for JWT/JWS
...
Fixes gh-4434
2017-07-05 16:23:32 -04:00
Joe Grandja
6c0ecea494
Use java.util.Function instead of Converter
...
Fixes gh-4323
2017-06-01 17:25:39 -04:00
Joe Grandja
545339c663
Change AuthorizationGrantType from enum to class
...
Fixes gh-4291
2017-05-30 16:22:53 -04:00
Joe Grandja
4476df93e9
Change ResponseType from enum to class
...
Fixes gh-4292
2017-05-30 16:11:57 -04:00
Joe Grandja
336e247e70
Change AccessToken.TokenType from enum to class
...
Fixes gh-4293
2017-05-30 15:50:58 -04:00
Joe Grandja
435e389609
Change ClientAuthenticationMethod from enum to class
...
Fixes gh-4313
2017-05-30 14:41:59 -04:00
Joe Grandja
3ccf6764c1
Handle unsuccessful UserInfo response
...
Fixes gh-4351
2017-05-24 15:43:21 -04:00
Joe Grandja
521feb9a1b
Update Boot samples to 2.0.0.M1
...
Fixes gh-4339
2017-05-24 11:32:00 -04:00
Rob Winch
d81b436e5d
Remove pom.xml from build
...
Gradle is easy enough to import into IDEs, so pom.xml should no
longer be necessary.
This commit removes the pom.xml files from the build.
Fixes gh-4283
2017-05-11 14:32:36 -05:00
Vedran Pavic
85719fcd64
Use Base64 implementation provided by Java 8
2017-05-10 00:27:36 -05:00
Joe Grandja
a458b682d6
Add package/class level javadoc in oauth2-client
...
Fixes gh-4295
2017-05-04 12:37:35 -04:00
Joe Grandja
829c386756
Add support for OAuth 2.0 Login
...
Fixes gh-3907
2017-04-28 10:58:59 -04:00