Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-02-24 16:05:15 +00:00
Code Issues Packages Projects Releases Wiki Activity
7,156 Commits 34 Branches 337 Tags
Commit Graph

75 Commits

Author SHA1 Message Date
Josh Cummings
7c524aa0c8 Jwt Claim Validation 
This introduces OAuth2TokenValidator which allows the customization of
validation steps that need to be performing when decoding a string
token to a Jwt.

At this point, two validators, JwtTimestampValidator and
JwtIssuerValidator, are available for use.

Fixes: gh-5133
 2018-08-16 13:19:26 -05:00
Johnny Lim
68878a1675 Replace isEqualTo(null) with isNull() 2018-08-09 18:04:48 -06:00
Joe Grandja
952743269d Add support for client_credentials grant 
Fixes gh-4982
 2018-08-08 08:06:47 -05:00
Joe Grandja
b5abb99908 ClaimAccessor.getClaimAsString() checks null claim value 
Fixes gh-5608
 2018-07-30 15:31:41 -04:00
Joe Grandja
e243f93eed Default to server_error when OAuth2Error.errorCode is null 
Fixes gh-5594
 2018-07-30 13:20:58 -04:00
mhyeon.lee
3c461b704c Add AuthenticationMethod type 
This section defines three methods of sending bearer access tokens
in resource requests to resource servers.
Clients MUST NOT use more than
one method to transmit the token in each request.

RFC6750 Section 2 Authenticated Requests
https://tools.ietf.org/html/rfc6750#section-2

Add AuthenticationMethod in ClientRegistration UserInfoEndpoint.

Add AuthenticationMethod for OAuth2UserService to get User.

To support the use of the POST method.
https://tools.ietf.org/html/rfc6750#section-2.2

gh-5500
 2018-07-20 11:32:51 -04:00
Joe Grandja
779597af2a Add support for custom authorization request parameters 
Fixes gh-4911
 2018-07-16 09:39:06 -05:00
mhyeon.lee
1d920680bf Enhance OAuth2AccessToken to be serializable 
Change the TokenType to Serializable
so that the OAuth2AccessToken can be serialized.
(org.springframework.security.oauth2.core.OAuth2AccessToken.TokenType)

Fixes gh-5492
 2018-07-13 11:36:11 -04:00
Rob Winch
f7dc76de5f Fix OAuth2BodyExtractorsTests for JDK9 
Issue: gh-5475
 2018-07-02 16:29:07 -05:00
Rob Winch
73689ecfd7 Fix Imports of OAuth2AccessTokenResponse 
Issue: gh-5474
 2018-07-02 15:46:33 -05:00
Rob Winch
e27e1cd637 Add OAuth2AccessTokenResponseBodyExtractor 
This externalizes converting a OAuth2AccessTokenResponse from a
ReactiveHttpInputMessage.

Fixes: gh-5475
 2018-07-02 12:41:44 -05:00
Rob Winch
ab61732e17 Add OAuth2AccessTokenResponse.withResponse 
Add ability to build a new OAuth2AccessTokenResponse from another
OAuth2AccessTokenResponse.

Fixes: gh-5474
 2018-07-02 12:37:45 -05:00
Joe Grandja
02d29887fb Associate Refresh Token to OAuth2AuthorizedClient 
Fixes gh-5416
 2018-06-12 11:31:43 -04:00
Joe Grandja
32c33d1def Add OAuth2AuthenticationException constructor that takes only OAuth2Error 
Fixes gh-5374
 2018-05-29 21:10:34 -04:00
Joe Grandja
fff64db0e2 Improve ClaimAccessor getClaimAsInstant 
Fixes gh-5250
 2018-05-03 21:03:45 -04:00
Joe Grandja
d8f91e4261 Fix NPE with exp claim in NimbusJwtDecoderJwkSupport 
Fixes gh-5168
 2018-04-04 07:58:32 -04:00
Joe Grandja
2bd31c96ed ClaimAccessor.getClaimAsInstant() converts Long or Date 
Fixes gh-5191, Fixes gh-5192
 2018-04-03 21:14:25 -04:00
Joe Grandja
bb15213091 Ensure consistency by using Collection<GrantedAuthority> type 
Fixes gh-5143
 2018-03-21 10:35:18 -04:00
Joe Grandja
90f9d728cd Allow extension for OAuth2Error 
Fixes gh-5148
 2018-03-21 10:04:57 -04:00
Joe Grandja
fe2ac00deb Add javadoc for spring-security-oauth2-client 
Fixes gh-4884
 2018-01-23 17:07:21 -05:00
Joe Grandja
e6cac604f3 Add javadoc for spring-security-oauth2-core 
Fixes gh-4883
 2018-01-18 16:00:26 -05:00
Joe Grandja
1d32fffc1d Make OAuth2Error Serializable 
Fixes gh-4944
 2018-01-10 10:40:54 -05:00
Joe Grandja
268a1dc06e DefaultOAuth2User is Serializable 
Fixes gh-4917
 2017-12-19 09:07:17 -05:00
Johnny Lim
b6895e6359 Apply Checkstyle WhitespaceAfterCheck module 2017-11-16 11:18:31 -06:00
Joe Grandja
6775d9fdd8 OAuth2AccessTokenResponse should account for expires_in <= 0 
Fixes gh-4810
 2017-11-12 11:30:11 -05:00
Joe Grandja
db35dc6c03 Add tests to oauth2-core 
Fixes gh-4298
 2017-11-06 11:39:17 -05:00
Joe Grandja
ef9cd76607 Polish oauth2 
Fixes gh-4758
 2017-10-30 16:49:01 -04:00
Rob Winch
d9584384c4 Move collectClaims to OidcUserAuthority 
Fixes gh-4749
 2017-10-29 20:41:05 -05:00
Rob Winch
3d065b5afd Add getIdToken getUser to OidcUser 
Fixes gh-4748
 2017-10-29 20:10:55 -05:00
Rob Winch
f0c2944377 OAuth2AuthorizationResponse getAccessToken 
No longer delegate to OAuth2AccessToken but add getAccessToken()

Fixes gh-4743
 2017-10-29 17:12:46 -05:00
Joe Grandja
9dc4aa6c81 Make OidcUserInfo Serializable 
Fixes gh-4733
 2017-10-28 18:35:21 -04:00
Sola
f0b0cfc4fd Ensure Copyright header reads 2002-2017 
fixes gh-4655

Signed-off-by: Sola <dev@sola.love>
 2017-10-28 13:02:06 -05:00
Joe Grandja
9afefef3b9 Polish class names in oauth2-client 
Fixes gh-4722
 2017-10-27 21:00:52 -04:00
Joe Grandja
34668e05af Polish class names in oauth2-core 
Fixes gh-4720
 2017-10-27 20:42:58 -04:00
Joe Grandja
3b80b6ded8 Move AuthorizationRequestUriBuilder to oauth2-client 
Fixes gh-4703
 2017-10-26 21:23:06 -04:00
Joe Grandja
70543dcb30 Move oidc package in oauth2-core and oauth2-client 
Fixes gh-4710
 2017-10-26 21:06:28 -04:00
Joe Grandja
35fb96a2f8 Move OAuth2AuthenticationException to oauth2-core 
Fixes gh-4707
 2017-10-26 15:12:03 -04:00
Joe Grandja
9b670882b7 Rename SecurityToken -> AbstractOAuth2Token 
Fixes gh-4646
 2017-10-25 10:29:34 -04:00
Joe Grandja
ff0009daed Add AuthorizationRequest.Builder.scope(String...) 
Fixes gh-4643
 2017-10-23 11:20:15 -04:00
Joe Grandja
6d7d34c549 Move AuthorizationRequestUriBuilder and DefaultAuthorizationRequestUriBuilder 
Fixes gh-4658
 2017-10-23 10:19:31 -04:00
Joe Grandja
c94b3f4d23 Add AuthorizationExchange 
Fixes gh-4660
 2017-10-20 20:59:32 -04:00
Joe Grandja
1e891b38ab Rename scope -> scopes for Set types 
Fixes gh-4644
 2017-10-18 17:56:39 -04:00
Joe Grandja
a77bdb0c5d Make AuthorizationRequest serializable 
Fixes gh-4627
 2017-10-18 15:55:37 -04:00
Joe Grandja
c441f99567 Polish oauth2-client 2017-10-13 07:09:00 -04:00
Joe Grandja
d4d7199a6d Polish oauth2-core 2017-10-13 07:09:00 -04:00
Joe Grandja
d840090cb0 Add support for implicit grant type 
Fixes gh-4500
 2017-10-11 13:54:59 -04:00
Joe Grandja
401c84b3f2 Externalize error codes from OAuth2Error 
Fixes gh-4606
 2017-10-10 20:24:33 -04:00
Joe Grandja
97c938e7f3 Extract authentication logic from AuthorizationCodeAuthenticationFilter 
Fixes gh-4590
 2017-10-10 14:38:06 -04:00
Joe Grandja
5811624bbe Polish endpoint package 
* Remove ErrorResponseAttributes
* Rename AuthorizationRequestAttributes -> AuthorizationRequest
* Remove AuthorizationCodeTokenRequestAttributes
* Rename TokenResponseAttributes -> TokenResponse

Issue gh-4593
 2017-10-06 18:51:24 -04:00
Joe Grandja
ce142e50b6 Rename AuthorizationCodeAuthorizationResponseAttributes -> AuthorizationResponse 
Fixes gh-4593
 2017-10-06 18:51:24 -04:00