Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
10,317 Commits 32 Branches 333 Tags 109 MiB
Commit Graph

517 Commits

Author SHA1 Message Date
Marcus Da Coregio 000b87f9aa Revert "Use Spring Framework version 6.0.0-M3" 
This reverts commit b803e845e7.
 2022-05-11 08:36:14 -03:00
Marcus Da Coregio 806e05855c Replace removed context-related operators 
Closes gh-11194
 2022-05-10 14:58:02 -03:00
Marcus Da Coregio b803e845e7 Use Spring Framework version 6.0.0-M3 
Closes gh-11193
 2022-05-10 14:49:02 -03:00
Marcus Da Coregio 50f8df6f07 Use HttpStatusCode 
Closes gh-11091
 2022-04-11 09:19:56 -03:00
Marcus Da Coregio e1f649690b Adapt to changes in R2DBC 2022-04-11 09:19:47 -03:00
Steve Riesenberg 8aa7029d07 Fix checkstyle errors 
Issue gh-10989
 2022-03-18 22:53:29 -05:00
Steve Riesenberg 428216b322 Add support for customizing claims in JWT Client Assertion 
Closes gh-9855
 2022-03-17 09:50:25 -05:00
Joe Grandja 50a3bcf728 Remove unused code 2022-03-17 05:08:39 -04:00
Joe Grandja 54b033078b Allow configuring PKCE for confidential clients 
Closes gh-6548
 2022-03-16 13:36:10 -04:00
Simone Giannino 92a385ed05
OAuth 2.0 logout handler resolves uri placeholders 
- OidcClientInitiatedLogoutSuccessHandler can automatically resolve placeholders like baseUrl and registrationId inside the postLogoutRedirectUri

Closes gh-7900
 2022-03-15 14:05:26 -06:00
Josh Cummings 68e2586f06 Move UnmodifiableMapDeserializer 
Issue gh-10905
 2022-03-01 14:17:17 -07:00
Joe Grandja 525f40490c Allow Jwt assertion to be resolved 
Closes gh-9812
 2022-01-10 10:59:14 -05:00
Marcus Da Coregio 25feedb870 Fix removal of framework deprecated code 
Issue https://github.com/spring-projects/spring-framework/issues/27686
 2021-11-19 13:06:13 -03:00
Dávid Kováč 862122a267 Update clockSkew javadoc according to implementation 
Closes gh-10174
 2021-11-19 08:13:12 +01:00
Khaled Hamlaoui 498636e26b Allow custom OAuth2ErrorHttpMessageConverter with OAuth2ErrorResponseErrorHandler 
Closes gh-10425
 2021-11-16 14:52:08 -06:00
Steve Riesenberg ea352e1c59 Add missing @since 5.6 2021-11-09 14:02:35 -06:00
Marcus Da Coregio db60df2f9c Update to Spring Framework 6.0 
Issue gh-10360
 2021-11-01 09:02:42 -03:00
Marcus Da Coregio 560962649e Remove BlockHound dependency 
The dependency is not needed anymore and there is a issue when using OpenJDK 13 or higher https://github.com/reactor/BlockHound/issues/33

Issue gh-10343
 2021-11-01 09:02:42 -03:00
Rob Winch f836897190 Checkstyle Fixes 
- Javadoc tag ordering
- Private constructors before inner classes

Issue gh-10394
 2021-10-18 21:03:35 -05:00
Steve Riesenberg 3b564b2026 Add parameters converter support to AbstractWebClientReactiveOAuth2AccessTokenResponseClient 
This adds support for configuring NimbusJwtClientAuthenticationParametersConverter to any AbstractWebClientReactiveOAuth2AccessTokenResponseClient as an additional parameters converter, which in turns adds reactive support for jwt client authentication.

Closes gh-10146
 2021-10-06 13:09:33 -05:00
Steve Riesenberg 9b24f66f1c Implement reactive support for JWT as an Authorization Grant 
Closes gh-10147
 2021-10-05 16:09:24 -05:00
Joe Grandja 97c949d929 oauth2Login() AuthenticationProvider's preserve root cause exception when rethrown 
Closes gh-10228
 2021-09-24 10:41:31 -04:00
Joe Grandja 5830fda2fa Introduce JwtEncoder 
Closes gh-9208
 2021-09-24 05:13:40 -04:00
bishoy basily 860690491a Add setBodyExtractor 
Closes gh-10260
 2021-09-22 15:32:19 -06:00
Rujun Chen 9b4ddd7e0a Make AuthorizationGrantTypeConverter support custom grant type 
Closes gh-10155
 2021-08-19 13:13:20 -04:00
Steve Riesenberg 6d6dc113d8 Add converter for authentication result in OAuth2LoginAuthenticationFilter 
Closes gh-10033
 2021-08-10 16:50:19 -05:00
Steve Riesenberg fc553bf19a Add gh-10130 to tests 2021-08-09 15:33:54 -05:00
Steve Riesenberg acca3dba69 Polish gh-10131 2021-08-09 11:07:12 -05:00
Vincent Boulaye 044157061f Enable customizing headers in token requests 
Adds the possibility to customize the headers of the access token request in AbstractWebClientReactiveOAuth2AccessTokenResponseClient, similarly to what is done in the AbstractOAuth2AuthorizationGrantRequestEntityConverter.

Closes gh-10130
 2021-08-09 10:50:37 -05:00
Rob Winch b6ff4d3674 Fix mockito UnnecessaryStubbingException 2021-07-09 14:35:10 -05:00
Rob Winch 3e93b024d6 openrewrite Junit Migration 2021-07-09 14:32:52 -05:00
Josh Cummings d4c3cea0e6
Update Copyright 
Issue gh-9901
 2021-06-17 08:34:31 -06:00
Arnaud Mergey 1d606ccedb fix typo preventing full exception to be displayed in log 
closes gh-9901
 2021-06-17 08:33:32 -06:00
Steve Riesenberg 807ce30948 Support additional client authentication methods 
Closes gh-9780
 2021-06-16 15:48:03 -05:00
Steve Riesenberg 0cba0874f3 Handle missing authorization endpoint uri 
Closes gh-9795
 2021-06-16 15:38:53 -05:00
Steve Riesenberg 9b05afdee8 Remove validation for unsupported grant types 
Closes gh-9828
 2021-06-16 14:54:33 -05:00
Joe Grandja eb6ed283e0 Jwt client authentication converter detects new key 
Closes gh-9814
 2021-06-16 12:55:12 -04:00
Steve Riesenberg aed993f3e5
Store one request by default in WebSessionOAuth2ServerAuthorizationRequestRepository 
Related to gh-9649
Closes gh-9857
 2021-06-15 11:03:30 -05:00
Eleftheria Stein 36805c7192 Revert "Use strict equality for timestamp comparison in JDBC tests" 
This reverts commit 09a0670cb6.

This appears to still be an issue in Windows

Issue gh-8782
 2021-06-08 10:13:53 +03:00
Eleftheria Stein 09a0670cb6 Use strict equality for timestamp comparison in JDBC tests 
This is possible because of the update to HSQLDB 2.6.0
This reverts commit eb7b27695d.

Closes gh-8782
 2021-06-08 09:31:55 +03:00
Steve Riesenberg ac9b137cad URL encode client credentials 
Closes gh-9610
 2021-06-01 12:57:06 -05:00
Josh Cummings 65ecaa0c28
Polish postLogoutRedirectUri encoding 
Issue gh-9511
 2021-05-26 12:31:41 -06:00
Hans Hosea Schaefer b671a96073
Encode postLogoutRedirectUri query params 
Now encodes already encoded queryparameters in postLogoutRedirectUrl
correctly

Closes gh-9511
 2021-05-26 12:10:03 -06:00
Steve Riesenberg 36dcbe24d0 Handle custom status codes in error handler 
Fixes an issue where custom status codes in the error response cause an
IllegalArgumentException to be thrown when resolving an HttpStatus.

Closes gh-9741
 2021-05-25 13:31:34 -05:00
Josh Cummings 5b24bd1288
Adjust ClientRegistrationsTests 
Closes gh-9748
 2021-05-14 10:30:46 -06:00
Asian Malaysian Vietnamese 5f6de026a8 Update javadoc AuthorizationCodeOAuth2AuthorizedClientProvider 
Closes gh-9708
 2021-05-13 13:02:08 -04:00
Rob Winch 64b7af473d Additional HttpSessionOAuth2AuthorizationRequestRepository tests 
Issue gh-5145
 2021-05-12 14:59:25 -05:00
Craig Andrews 35f5ebdbcf HttpSessionOAuth2AuthorizationRequestRepository: store one request by default 
Add setAllowMultipleAuthorizationRequests allowing applications to
revert to the previous functionality should they need to do so.

Closes gh-5145
Intentionally regresses gh-5110
 2021-05-12 14:59:25 -05:00
Joe Grandja 761e3a9dd8 JwtBearerOAuth2AuthorizedClientProvider checks for access token expiry 
Fixes gh-9700
 2021-04-30 10:12:38 -04:00
Joe Grandja eff4cdc924 Polish gh-9505 2021-04-09 06:22:29 -04:00