Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-06-26 22:02:41 +00:00
Code Issues Packages Projects Releases Wiki Activity
18,327 Commits 56 Branches 348 Tags
Commit Graph

18327 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Rob Winch
a47022799e
Bump com.webauthn4j:webauthn4j-core from 0.29.2.RELEASE to 0.29.3.RELEASE 2025-06-09 16:20:57 -05:00
Joe Grandja
98c3453aa4 Merge branch '6.5.x' 2025-06-06 07:19:08 -04:00
Joe Grandja
d622183e62 Merge branch '6.4.x' into 6.5.x 
Closes gh-17216
 2025-06-06 07:06:12 -04:00
Joe Grandja
a377175455 Merge branch '6.3.x' into 6.4.x 
Closes gh-17215
 2025-06-06 06:50:45 -04:00
Andrey Litvitski
b0f8aa5ea0 Fix to allow multiple AuthenticationFilter instances to process each request 
Closes gh-17173

Signed-off-by: Andrey Litvitski <andrey1010102008@gmail.com>
 2025-06-06 06:37:03 -04:00
Joe Grandja
2e913d2af9 Merge branch '6.5.x' 2025-06-05 16:22:35 -04:00
Joe Grandja
dab989d7c3 Fix NPE with DPoP tokenAuthenticationManager 
Closes gh-17172
 2025-06-05 16:06:55 -04:00
Josh Cummings
c8b843c4c5
Merge branch '6.5.x' 2025-06-05 12:36:53 -06:00
damable-nuvolex
3b12e758d3
Fix inconsistent constructor declaration 
Closes gh-16325

Signed-off-by: damable-nuvolex <damable@nuvolex.com>
 2025-06-05 12:36:27 -06:00
damable-nuvolex
a0c5504eca Fix inconsistent constructor declaration 
Closes gh-16325

Signed-off-by: damable-nuvolex <damable@nuvolex.com>
 2025-06-05 12:34:35 -06:00
Josh Cummings
eaab42a73c Polish BearerTokenAuthenticationConverter Support 
- Moved to BearerTokenAuthenticationFilter constructor to align with
AuthenticationFilter
- Undeprecated BearerTokenResolver to reduce number of migration scenarios
- Updated to 7.0 schema
- Added migration docs

Issue gh-14750
 2025-06-04 18:17:17 -06:00
Max Batischev
30577bd291 Add Additional Tests To BearerTokenAuthenticationFilterTests 
Issue gh-14750

Signed-off-by: Max Batischev <mblancer@mail.ru>
 2025-06-04 18:17:17 -06:00
Max Batischev
4967f3feee Add Support BearerTokenAuthenticationConverter 
Closes gh-14750

Signed-off-by: Max Batischev <mblancer@mail.ru>
 2025-06-04 18:17:17 -06:00
Josh Cummings
3f0326d3f1
Merge remote-tracking branch 'origin/6.5.x' 2025-06-04 12:49:12 -06:00
Evgeniy Cheban
33ae1711a7 Set Precedence Order for Spring MVC TargetVisitor 
Closes gh-17185

Signed-off-by: Evgeniy Cheban <mister.cheban@gmail.com>
 2025-06-04 12:47:36 -06:00
Josh Cummings
492444c588
Update shouldConvertGetRequests Migration Steps 
Issue gh-17099
 2025-06-03 13:12:38 -06:00
Josh Cummings
f73f253beb
Add Switch for Processing GET Requests 
Issue gh-17099
 2025-06-03 13:12:37 -06:00
Josh Cummings
32c7e8a6ee
Use Saml2Error Static Factories 2025-06-03 13:12:37 -06:00
Josh Cummings
3de7312658
Add Saml2Error Static Factories 2025-06-03 13:12:37 -06:00
Josh Cummings
4ed131f6ab Add shouldConvertGetRequests Migration Steps 
Issue gh-17099
 2025-06-03 13:10:45 -06:00
Tran Ngoc Nhan
8953f464fb Add Switch for Processing GET Requests 
Closes gh-17099

Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
 2025-06-03 13:10:45 -06:00
dae won
9654e51bd4 Include UsernameNotFoundException in BadCredentialsException 
Closes gh-16496

Signed-off-by: dae won <eodnjs01477@gmail.com>
 2025-06-02 16:12:47 -06:00
Josh Cummings
d52e0b6a05
Polish NimbusJwtDecoder 
- Aligned JwkSourceJwtDecoderBuilder's relative position with its
corresponding static factory
- Added @since to JwkSourceJwtDecoderBuilder

PR gh-17046
 2025-06-02 15:53:59 -06:00
Josh Cummings
195f933438
Allow Default Ordering for TargetVisitor 
In tests, we want to both test that functionality works and also
demonstrate common or expected usage, where possible. It is likely
incorrect to use @Order(0) for a target visitor as this states that
it should take precedence over all Spring Security visitors defined
at a lower precedence.

Also, it appears this may have been added this way because of a mock
visitor that appears to be unused by any tests. Further, when an
application has multiple visitors, they should use the TargetVisitor.of
method to publish one bean with the order determined by the order
of the method parameters instead of having two separate beans.

This commit removes the @Order(0) annotation and also the mock
visitor, deferring to the natural ordering afforded by the
framework.

Issue gh-15994
 2025-06-02 13:41:21 -06:00
Mark Bonnekessel
ada75e76a6 Add builder to create NimbusJwtDecoder with JwkSource 
Signed-off-by: Mark Bonnekessel <2949525+marbon87@users.noreply.github.com>
 2025-06-02 13:33:39 -06:00
dependabot[bot]
227a2cc0c7
Bump com.webauthn4j:webauthn4j-core 
Bumps [com.webauthn4j:webauthn4j-core](https://github.com/webauthn4j/webauthn4j) from 0.29.2.RELEASE to 0.29.3.RELEASE.
- [Release notes](https://github.com/webauthn4j/webauthn4j/releases)
- [Changelog](https://github.com/webauthn4j/webauthn4j/blob/master/github-release-notes-generator.yml)
- [Commits](https://github.com/webauthn4j/webauthn4j/compare/0.29.2.RELEASE...0.29.3.RELEASE)

---
updated-dependencies:
- dependency-name: com.webauthn4j:webauthn4j-core
  dependency-version: 0.29.3.RELEASE
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-06-02 03:51:03 +00:00
Pat McCusker
5517d8fe3a Deprecate the X5T JOSE Header name 
Closes gh-16979

Signed-off-by: Pat McCusker <patmccusker14@gmail.com>
 2025-05-30 06:45:02 -06:00
Evgeniy Cheban
fd4f06a66e Support Spring Data container types for AuthorizeReturnObject 
Closes gh-15994

Signed-off-by: Evgeniy Cheban <mister.cheban@gmail.com>
 2025-05-29 17:05:27 -06:00
Josh Cummings
6d3b54df21
Change Type Validation Default 
NimbusJwtDecoder and NimbusReactiveJwtDecoder now use
Spring Security's JwtTypeValidator by default instead
of Nimbus's type validator.

Closes gh-17181
 2025-05-28 16:11:13 -06:00
Josh Cummings
37a814bc29
Add 7.0 -> 8.0 Migration Guide 
Closes gh-17182
 2025-05-28 16:11:12 -06:00
Josh Cummings
215547f8c8
Use UsernameNotFoundException Factory 
Issue gh-17179
 2025-05-28 14:13:02 -06:00
Josh Cummings
da2d9aa868
Add Username Property to Exception 
Closes gh-17179
 2025-05-28 14:12:27 -06:00
Yanming Zhou
42790403da Use SpringReactiveOpaqueTokenIntrospector 
Now that NimbusReactiveOpaqueTokenIntrospector is
deprecated, this commit changes the Spring
Security default to now use SpringReactiveOpaqueTokenIntrospector.

Issue gh-15988

Signed-off-by: Yanming Zhou <zhouyanming@gmail.com>
 2025-05-27 14:25:31 -06:00
Maximilian Klose
ec05e65668 Add Equals and HashCode methods for better comparison. 
Closes gh-16394

Signed-off-by: Maximilian Klose <maximilian.klose@adesso.de>
 2025-05-27 13:53:07 -06:00
Ferenc Kemeny
bf05b8b430 Support Requiring exp and nbf in JwtTimestampsValidator 
Closes gh-17004

Signed-off-by: Ferenc Kemeny <ferenc.kemeny79+oss@gmail.com>
 2025-05-27 12:22:25 -06:00
Ferenc Kemeny
91b21663db Polish JwtTimestampValidatorTests 
This commit corrects the test that checks for both
nbf and exp missing. It also adds one for just exp
and on for just nbf.

Issue gh-17004

Signed-off-by: Ferenc Kemeny <ferenc.kemeny79+oss@gmail.com>
 2025-05-27 12:22:25 -06:00
Josh Cummings
596449d882 Polish 
Issue gh-14149
 2025-05-27 11:44:33 -06:00
Felix Hagemans
1a4de49977 Create CsrfCustomizer for SPA configuration 
Closes gh-14149

Signed-off-by: Felix Hagemans <felixhagemans@gmail.com>
 2025-05-27 11:44:33 -06:00
Josh Cummings
52394c1f07 Propagate Any AccessDeniedException 
Any time a response handler throws an exception, we want to
propagate an underlying AccessDeniedException if their is one.

Issue gh-16058
 2025-05-23 15:18:01 -06:00
Evgeniy Cheban
fae61b9426 Propagate AccessDeniedException for Authorized Objects Returned from a Controller 
Closes gh-16058

Signed-off-by: Evgeniy Cheban <mister.cheban@gmail.com>
 2025-05-23 15:18:01 -06:00
dae won
8612e952fe Make AuthorizationProxyFactory#proxy Generic 
Closes gh-16706

Signed-off-by: dae won <eodnjs01477@gmail.com>
 2025-05-23 14:48:11 -06:00
Max Batischev
f4b8e2421a Add Support Credentialless COEP Header 
Closes gh-16991

Signed-off-by: Max Batischev <mblancer@mail.ru>
 2025-05-23 14:45:59 -06:00
John Niang
9ba5c7b2ce Add SwitchUserGrantedAuthority to Web Jackson Module 
Closes gh-17041

Signed-off-by: John Niang <johnniang@foxmail.com>
 2025-05-23 14:42:54 -06:00
Tran Ngoc Nhan
8e2067bb3e Remove deprecated MemberCategory#DECLARED_FIELDS 
Issue gh-16889

Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
 2025-05-23 14:36:54 -06:00
Tran Ngoc Nhan
88369cd252 Polish 
Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
 2025-05-23 14:36:54 -06:00
Josh Cummings
c9bbf3787b
Merge branch '6.5.x' 2025-05-23 11:36:22 -06:00
Josh Cummings
8aaa9c28fa
Merge branch '6.4.x' into 6.5.x 2025-05-23 11:36:01 -06:00
Josh Cummings
2989d12743
Merge branch '6.3.x' into 6.4.x 2025-05-23 11:35:25 -06:00
Joaquin Santana
c0568ea9b0 Log Request Mismatch Only When Mismatches 
Signed-off-by: Joaquin Santana <joaquinjsb@outlook.com>
 2025-05-23 11:34:48 -06:00
universe
50f8ad55a8 Remove Redundant Punctation in JavaDoc 
Signed-off-by: universe <daofei8754@126.com>
 2025-05-23 10:05:27 -05:00