9120 Commits

Author SHA1 Message Date
Josh Cummings
b0d4e500a8
Polish Add DelegatingJwtGrantedAuthoritiesConverter
- Adjusted internal logic to follow DelegatingOAuth2TokenValidator
- Changed JavaDoc to align more closely with
JwtGrantedAuthoritiesConverter
- Polished test names to follow Spring Security naming convention
- Updated test class name to follow Spring Security naming convention
- Polished tests to use TestJwts
- Added tests to address additional use cases

Closes gh-7596
2020-11-24 15:31:07 -07:00
Ropi
97cc119d86
Add DelegatingJwtGrantedAuthoritiesConverter
Closes gh-7596
2020-11-24 14:18:40 -07:00
Joe Grandja
40b2118d36 Fix checkstyle rules could not be parsed
Closes gh-9214
2020-11-23 14:33:18 -05:00
Rob Winch
ef3b4d49d9 Add artifactoryUsername/Password to other workflow steps
Added artifactoryUsername/Password to other CI workflow steps to ensure
all steps will pass if a new dependency is added.
2020-11-16 13:11:07 -06:00
Rob Winch
47bb9b945c Add artifactoryUsername/Password to download new dependencies 2020-11-16 13:02:11 -06:00
Rob Winch
791857ba5c Update to spring-build-conventions:0.0.35.BUILD-SNAPSHOT 2020-11-16 12:26:36 -06:00
Aditya Sekhar
4cc3c25a0e removed whitespace formatting 2020-11-13 15:01:17 -06:00
Aditya Sekhar
a26975f780 cleanup compatibility method based on spring-projects#8868 2020-11-13 15:01:17 -06:00
Josh Cummings
4602e9a661
Use HttpBasicConfigurer's Conneg Strategy
Closes gh-9100
2020-11-12 16:26:10 -07:00
Josh Cummings
af669a2166
Remove Reliance on BearerTokenResolver
Closes gh-9186
2020-11-12 15:40:55 -07:00
Loic Guibert
ad489495dc Make salt length configurable in Pbkdf2PasswordEncoder
Add constructors with a salt length input parameter.
Default salt length is still 8-byte long like before when
saltGenerator was initialized with call to
KeyGenerators#secureRandom() which use
SecureRandomBytesKeyGenerator#DEFAULT_KEY_LENGTH.

Closes gh-4372
2020-11-11 10:12:17 -06:00
Angel Aguilera
d7612e346e
Fix typo in Javadoc 2020-11-11 06:48:22 -05:00
Ellie Bahadori
649443f67e
Build GitHub Actions CI pipeline 2020-11-10 10:25:16 -05:00
zhuang
ff58ac836e
Decode cookie once in AbstractRememberMeServices
Issue gh-9192
2020-11-09 08:14:20 -05:00
Eleftheria Stein
34a21cd80c Fix formatting 2020-11-09 13:46:09 +01:00
Eleftheria Stein
5661e06e9c Fix typo UserDetailService -> UserDetailsService 2020-11-09 13:13:32 +01:00
Rob Winch
4515c86beb WithSecurityContextTestExecutionListener Respects @NestedTestConfiguration
Previously WithSecurityContextTestExecutionListener did not respect
@NestedTestConfiguration.

This commit switches to using TestContextAnnotationUtils to ensure that
@NestedTestConfiguration is respected.

Closes gh-9193
2020-11-06 15:11:50 -06:00
Arnaud Mergey
2b9efccc50 Implement MessageSourceAware where missing
Closes gh-8951
2020-11-05 10:57:33 -07:00
Joe Grandja
61550f8a48 Add convenience constructor in OAuth2AuthenticationException
Closes gh-9190
2020-11-04 13:37:14 -05:00
Joe Grandja
f0a3f91f86 Next development version 2020-11-03 19:54:28 -05:00
Joe Grandja
b95e1aa209 Revert "Lock dependencies for 5.5.0-M1"
This reverts commit 25a7482c8c5fb0ee6a08878020ea46d4f90383dc.
2020-11-03 19:53:28 -05:00
Joe Grandja
3cba4eccdc Release 5.5.0-M1 5.5.0-M1 2020-11-03 19:06:19 -05:00
Rob Winch
4e1f97a525 Document WithSecurityContextTestExecutionListener Nested Support
Issue gh-9179
2020-11-03 17:53:59 -06:00
Rob Winch
87d8741730 WithSecurityContextTestExecutionListener Supports Nested Classes
WithSecurityContextTestExecutionListener now supports nested classes. If
the class is nested WithSecurityContext is not found, then the enclosing
class is looked at until there is no enclosing class.

Closes gh-9179
2020-11-03 17:36:37 -06:00
Arvid Ottenberg
d0d655e18d
Allow Customization of Bearer Token Resolution
Closes gh-8535
2020-11-03 14:34:46 -07:00
Joe Grandja
9d1637d2cd Add unsupported_token_type to OAuth2ErrorCodes
Closes gh-9184
2020-11-03 14:11:01 -05:00
Joe Grandja
dafedf93fa Fix format gh-9183 2020-11-03 14:00:07 -05:00
Joe Grandja
aeb999eae2 Add token and token_type_hint to OAuth2ParameterNames
Closes gh-9183
2020-11-03 13:42:28 -05:00
Joe Grandja
0c25b8c1f9 Introduce JwaAlgorithm
Closes gh-9182
2020-11-03 13:03:50 -05:00
Joe Grandja
c069692ab9 Extract OAuth2Token from AbstractOAuth2Token
Closes gh-5502
2020-11-02 20:35:08 -05:00
Josh Cummings
8b7751f5f4
Polish Multiple Filter Chains Docs
Issue gh-9178
2020-11-02 13:49:24 -07:00
Guillaume Berche
69336fb3ec
Add Multiple Filter Chains Docs
Closes gh-9178
2020-11-02 13:45:04 -07:00
Guillaume Berche
ab9a310485
Add Link to WebFlux Unit Tests 2020-11-02 13:45:04 -07:00
Josh Cummings
b8f8fab54f
Document SigningMethod Support
Issue gh-8952
Issue gh-9177
2020-11-02 11:27:23 -07:00
Josh Cummings
aba0e904f0
Read SigningMethod Elements
Closes gh-9177
2020-11-02 11:27:23 -07:00
Josh Cummings
e1826a0bd8
Polish Signature Algorithm Support
- Changed name to signatureAlgorithms since method and algorithm are
synonymous
- Re-ordered methods to follow typical IDPSSODescriptor order
- Adjusted JavaDoc to refer to IDPSSODescriptor terminology

Issue gh-8952
2020-11-02 11:27:23 -07:00
Arnaud Mergey
9900658c92
support configurable signature algorithm
Closes gh-8952
2020-11-02 11:27:23 -07:00
Eleftheria Stein
5c8972b7d5 Add test for ordered WebSecurityCustomizers
Issue gh-9154
2020-11-02 14:19:14 +01:00
Rob Winch
25a7482c8c Lock dependencies for 5.5.0-M1 2020-10-30 17:52:03 -05:00
Hideaki Matsunami
6d9ee5a354 add white space before strong notation. 2020-10-30 15:44:49 -06:00
Ovidiu Popa
6724e3e514 Provide a R2dbc implementation of ReactiveOuath2AuthorizedClientService
Implement R2dbcReactiveOuath2AuthorizedClientService which persists the
Oauth2AuthorizedClient in a sql database

R2dbcReactiveOuath2AuthorizedClientService is using the spring-r2dbc
module to persist/load Oauth2AuthorizedClient to/from a sql database

Add optional depedency to the spring-r2dbc module
Add test compile dependencies to r2dbc-h2 and r2dbc-test

Closes gh-7890
2020-10-29 15:44:12 -04:00
Joe Grandja
f8cc48fe2b Set rsocketVersion to 1.1.0
Closes gh-9167
2020-10-29 15:43:52 -04:00
Joe Grandja
3618cbd3eb Revert "Use reactor-netty-http for snapshot build"
This reverts commit 1361cb8790a5b9dc76a6896c465ac84d0760d7de.
2020-10-29 15:43:52 -04:00
Joe Grandja
4ff53c924d Set reactorVersion to 2020.0.+
Closes gh-9166
2020-10-29 15:43:39 -04:00
Joe Grandja
c0327adecb Set springVersion to 5.3.+
Closes gh-9165
2020-10-29 15:43:20 -04:00
Ayush Kohli
ea68989421 Closes gh-8196
Add leveloffset
2020-10-28 14:55:30 -06:00
Christian Mouttet
6486857462 JwtIssuerValidator handles issuer (iss) claim values as Strings and URLs
- NimbusJwtDecoder uses claim set converters: issuer claim is converted to an URL object
- JwtIssuerValidator (created by JwtValidators.createDefaultWithIssuer(String)) wraps a JwtClaimValidator<String>
- because of different data types, equal() is always false

This change allows both Strings and URLs as values of the issuer

Closes gh-9136
2020-10-28 14:20:27 -06:00
Alexander Polozov
a362ab53bc Change guard expressions order
Check of allowed user sessions count moved to head for avoid unnecessary fetching all user sessions.
2020-10-27 09:49:29 -04:00
Eleftheria Stein
9cf3129d7a Update Kotlin MockMvc result matchers in sample
Issue gh-9155

The "style" parameter is no longer supported
2020-10-27 11:20:16 +01:00
Eleftheria Stein
aac6d2f56b Kotlin MockMvc result matchers use parentheses
Closes gh-9155
2020-10-27 10:57:49 +01:00