Commit Graph

8863 Commits

Author SHA1 Message Date
Rob Winch 6e0d2f3324 Use reactorVersion 20+ for snapshot tests 2020-06-19 10:41:00 -05:00
Josh Cummings a344dbdb8c
Use AssertJ
Issue gh-3384
2020-06-18 11:54:33 -06:00
Josh Cummings 8cbdcfe756
Document SAML Attribute Support
Issue gh-8661
2020-06-18 11:42:49 -06:00
Josh Cummings 360db53dd2
Polish SAML Attribute Support
Issue gh-8661
2020-06-18 11:42:49 -06:00
Nikola Kostic eed33228f4
Add SAML Attribute Support
Closes gh-8661
2020-06-18 11:42:48 -06:00
Craig Andrews efb6953017 Reject the NULL character in paths in StrictHttpFirewall
Adds `setAllowNull`
By default, denies null in paths
2020-06-18 10:19:37 -06:00
Rob Winch 406cde8798 Use Spring Snapshots Again
Closes gh-8712
2020-06-18 09:32:11 -05:00
Ellie Bahadori ca63af4a28 Remove Travis pipeline and README badge 2020-06-17 16:07:32 -05:00
Ellie Bahadori 7319e81701 Change pipeline to run for all base branches
Issue gh-8680
2020-06-17 16:05:41 -05:00
Josh Cummings 9895d01257
Simplify Multitenancy Example
Closes gh-8713
2020-06-17 14:04:58 -06:00
Rob Winch 145bb89394 Use Spring Releases for Now
Works around https://github.com/spring-projects/spring-framework/issues/25271
2020-06-17 14:39:48 -05:00
yukihane c177b391d4
Polish ProviderManagerTests
- Renamed test to follow naming convention
- Simplified mock with Mockito
- Added note regarding related ticket

Issue gh-8689
2020-06-16 15:56:04 -06:00
yukihane 5302fb776c
ProviderManager Uses CollectionUtils#contains
Closes gh-8689
2020-06-16 15:56:04 -06:00
Ellie Bahadori 27e1c582b9
Merge pull request #8680 from elliedori/github-actions-pr-pipeline
Set up Github Actions pipeline for PRs
2020-06-16 11:19:37 -07:00
Eleftheria Stein 224361cb4a Fix typo in Javadoc 2020-06-16 09:38:09 -04:00
Rob Winch eb351f455b
Use `Closes gh-<number>`
We now use Closes because it makes sense for enhancements and bugs
2020-06-11 15:34:35 -05:00
Ellie Bahadori e213e6430a Create Github Actions pipeline for PR build workflow 2020-06-11 11:07:34 -07:00
Evgeniy Cheban 4e7be2078f DefaultWebSecurityExpressionHandler uses RoleHierarchy bean
Fixes gh-7059
2020-06-10 16:43:01 -04:00
Rob Winch ccbad61ae8 Change blacklist to blocklist
Closes gh-8676
2020-06-10 11:49:49 -05:00
Rob Winch ca1252be94 Replace whitelist with allowlist
Issue gh-8676
2020-06-10 11:49:21 -05:00
Rob Winch a907026eae Deprecate X-FRAME-OPTIONS ALLOW-FROM Directive
Closes gh-8677
2020-06-10 11:48:56 -05:00
Rob Winch 6fbe58e624 Update RSocket Sample to use RSocket 1.0.1
Fixes the integration tests from hanging.

Issue gh-8664
2020-06-10 11:44:10 -05:00
Joe Grandja da4b626bf1 OAuth2LoginAuthenticationWebFilter should handle OAuth2AuthorizationException
Issue gh-8609
2020-06-09 17:28:21 -04:00
Joe Grandja 4c902bb857 OAuth2AuthorizationCodeGrantWebFilter should handle OAuth2AuthorizationException
Fixes gh-8609
2020-06-09 17:28:21 -04:00
Robin Dupret bb0fac66d6 Fix a few typos in the documentation 2020-06-09 14:40:39 -05:00
Josh Cummings 1d821a2664
Add Ticket Number to Test
Issue gh-8650
2020-06-05 14:24:49 -06:00
Erik Bakker cd3fd6762f
Don't Consume Request Body
Per the servlet spec, getParameter(name) consumes the request body for
POST requests.

This commit prevents DefaultOAuth2AuthorizationRequestResolver from
consuming the request body for non-Authorization requests.

Closes gh-8650
2020-06-05 14:21:00 -06:00
Rob Winch 24a04f9c5f Add subscriberContext to PayloadSocketAcceptor delegate.accept
Closes gh-8654
2020-06-05 12:22:19 -05:00
Parikshit Dutta 28d2cfa14a Add ServerRequestCache setter in OAuth2AuthorizationCodeGrantWebFilter
Fixes gh-8536
2020-06-02 21:54:09 -04:00
Josh Cummings aa84c79e87
Use Nimbus Multiple Algorithm Support
Closes gh-8623
2020-06-02 12:49:21 -06:00
Dayan d8aa208a9f Fix broken link in spring security reference document
Fixes:#8593
2020-06-02 05:36:19 -06:00
Rob Winch 748538d19f Delay AuthenticationPrincipalArgumentResolver Creation
Use ObjectProvider<AuthenticationPrincipalArgumentResolver> to delay its
lookup.

Closes gh-8613
2020-05-29 16:49:01 -05:00
Eleftheria Stein a63a0e3765 Add reactive CSRF samples to docs
Issue gh-8172
2020-05-28 13:16:35 -04:00
Josh Cummings da05543ef6
Update OAuth 2.0 Client Testing Docs
Issue gh-8603
2020-05-28 10:33:02 -06:00
Josh Cummings 42a8635cde
Remove @MockBean ClientRegistrationRepository
Fixes gh-8606
2020-05-28 10:33:02 -06:00
Josh Cummings d5b8981678
Polish OAuth 2.0 Samples
- Favor @TestConfiguration so as to not disable Spring Boot's
auto-configuration of ClientRegistrationRepository and
OAuth2AuthorizedClientRepository
2020-05-28 10:33:02 -06:00
Josh Cummings 8d84bc58f6
Remove Unneeded OAuth2AuthorizedClientRepository
Issue gh-8603
2020-05-28 10:33:02 -06:00
Josh Cummings 900f551890
Inject TestOAuth2AuthorizedClientRepository
Fixes gh-8603
2020-05-28 10:33:02 -06:00
Josh Cummings d014d29199
Update to Spring Boot 2.3.0
Fixes gh-8605
2020-05-27 16:12:23 -06:00
Josh Cummings b6f5464fb4
Update to Latest rsocket-core
Now that the RSocket Authentication Extension is GA, it's no longer
necessary to override the version locally in the sample.

Issue gh-7935
2020-05-27 16:12:23 -06:00
Josh Cummings 23db372962
Update to Gradle 6.4.1
Fixes gh-8604
2020-05-27 16:12:23 -06:00
Eleftheria Stein 61060b3a4f Add multipart configuration to CSRF Kotlin DSL
Fixes gh-8602
2020-05-27 17:01:12 -04:00
Eleftheria Stein 6f5947cab7 Fix test warnings 2020-05-27 17:00:48 -04:00
Eleftheria Stein fa11ae3c33 Remove unused import 2020-05-27 14:27:29 -04:00
Markus Engelbrecht 7463583c1b Fix typos in BCryptPasswordEncoder documentation
Resolves gh-8585
2020-05-27 10:35:49 -05:00
Spencer Gilson 551f9114a9 Fixing typo in README
@pivotal-issuemaster This is an Obvious Fix
2020-05-27 07:50:33 -05:00
Eleftheria Stein 67d2efde1c Resolve package tangles with security marker annotation 2020-05-27 07:33:24 -05:00
Eleftheria Stein bc272ddf73 Resolve package tangles in Kotlin server package 2020-05-27 07:33:24 -05:00
Eleftheria Stein 0a42aa26c8 Mock request with non-standard HTTP method in test
Fixes gh-8594
2020-05-26 10:16:56 -04:00
Craig Andrews f1db7167cb Polish
Use `getBeanOrNull` in `registerDelegateApplicationListener` to simplify implementation.

This change does not alter behavior.
2020-05-22 20:33:32 -05:00