Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
16,877 Commits 32 Branches 333 Tags 110 MiB
Commit Graph

2759 Commits

Author SHA1 Message Date
Rob Winch b0e8730d70 Add Passkeys Support 
Closes gh-13305
 2024-10-20 22:54:53 -05:00
xhaggi 7f537241e7 Use SessionAuthenticationStrategy for Remember-Me authentication 
Closes gh-2253
 2024-10-15 14:07:07 -07:00
Max Batischev d37d41c130 Polish One-Time Token API Names and Doc 
The names of variables and methods have been adjusted in accordance with the names of the one-time token login API components.

Issue gh-15114
 2024-10-15 14:04:56 -07:00
Max Batischev e9fe6360bc Add Reactive One-Time Token Login Kotlin DSL Support 
Closes gh-15887
 2024-10-15 14:04:56 -07:00
Josh Cummings c40334317d
Polish One-Time Token Component Names 
Aligning parts of speech so that names are using nouns/verbs
where comparable components are using nouns/verbs.

Issue gh-15114
 2024-10-14 14:07:47 -06:00
kwonyonghyun b8aa78829c Improve readability of empty collection checks 2024-10-14 12:16:39 -07:00
Tran Ngoc Nhan 31f8caec5f Polish diamond operator usage 2024-10-14 11:51:35 -07:00
Josh Cummings 9ce5a76e8c Polish AuthorizationManager#authorize 
Issue gh-14843
 2024-10-14 11:48:57 -07:00
Max Batischev e7644925f8 Add AuthorizationResult support for AuthorizationManager 
Closes gh-14843
 2024-10-14 11:48:57 -07:00
Josh Cummings 702538ebce AuthorizationEventPublisher Accepts AuthorizationResult 
Closes gh-15915

Co-authored-by: Max Batischev <mblancer@mail.ru>
 2024-10-14 11:48:57 -07:00
DingHao ef1226ddf8 Use Oauth2UserService bean in OidcReactiveOAuth2UserService 
Closes gh-15846
 2024-10-14 11:41:04 -07:00
Max Batischev 2edaedf099 Improve encapsulation for jwtValidators 2024-10-07 16:41:50 -07:00
Josh Cummings b26f2af5d5 Polish 
Formatting as well as adding a missing defer

Issue gh-15699
 2024-10-07 16:39:54 -07:00
Max Batischev 2ca2e56383 Add Reactive One-Time Token Login support 
Closes gh-15699
 2024-10-07 16:39:54 -07:00
Cedric Montfort aceb5fa6bb Allow logout+jwt JWT type for reactive 
The OIDC back-channel spec recommends using a logout token typ `logout+jwt`
(see [here](https://openid.net/specs/openid-connect-backchannel-1_0-final.html#LogoutToken).

Support of this type was recently added [on the servlet side]([on the Servlet side](9101bf1f7d)), so back
porting the same on the reactive side to close the gap.

Closes gh-15702
 2024-09-30 16:32:45 -07:00
Josh Cummings 29331a0d8c
Merge branch '6.3.x' 2024-09-30 17:24:03 -06:00
Josh Cummings 746464e035
Merge branch '6.2.x' into 6.3.x 2024-09-30 17:21:13 -06:00
Josh Cummings c1857c0308 Fix Formatting 
Issue gh-15771
 2024-09-30 16:19:26 -07:00
chao.wang 690e012fb1 Improve OidcBackChannelLogoutTokenValidator error when provider issuer is missing 
Closes gh-15771
 2024-09-30 16:19:26 -07:00
Thomas Darimont 8b97fdde43 Polish OAuth2ClientConfiguration 2024-09-30 16:16:45 -07:00
Josh Cummings ee9a887ae5
Fix Package Tangle 
Move ObjectPostProcessor to be alongside Customizer, another
functional interface for describing Spring Security object
configuration.
 2024-09-26 14:08:25 -06:00
Josh Cummings d6b620b9f7
Make Observations Selectable 
Closes gh-15678
 2024-09-26 11:30:40 -06:00
Josh Cummings 69e3c248fa
Abstract ObservationRegistry Behind ObjectPostProcessor 
Issue gh-15678
 2024-09-26 11:30:40 -06:00
Josh Cummings 1ed20aa210
Add ObservationRegistry Tests 
Issue gh-11989
Issue gh-11990
 2024-09-26 11:30:40 -06:00
Josh Cummings 717529deb4
Add Generic Type to ObjectPostProcessor Lookups 
Issue gh-15678
 2024-09-26 11:30:39 -06:00
Tran Ngoc Nhan e618fc425d Favor ObjectProvider 
Closes gh-15805
 2024-09-23 16:11:43 -07:00
Tran Ngoc Nhan 9dda65a5e3 Polish CorsSpecTests 
Use concrete ApplicationContext to simplify future maintenance.

Issue gh-4832
 2024-09-23 16:11:43 -07:00
Steve Riesenberg cd7f6e09b0
Look up ReactiveOAuth2AccessTokenResponseClient as a bean 
Closes gh-11097
 2024-09-23 11:06:12 -05:00
Rob Winch 22dffc0a98 Run format 2024-09-20 09:06:37 -07:00
Ryan Scheidter 0a0721b030 Complete HttpSecurity Deprecation notices 2024-09-20 09:06:37 -07:00
Marcus Hert Da Coregio a88a7744ed Require GeneratedOneTimeTokenHandler on constructor 
Issue gh-15114
 2024-09-17 08:21:26 -03:00
Josh Cummings b311b811a1 Pick Up OidcSessionRegistry Bean 
Closes gh-15813
 2024-09-15 21:30:55 -07:00
Josh Cummings 590aef0af1 Configure OidcSessionRegistry in Kotlin 
Closes gh-15814
 2024-09-15 21:30:55 -07:00
Josh Cummings 8bb5875595 Expose OidcBackChannelLogoutHandler 
This component already uses by default a URI that doesn't require
a CSRF token and aalready allows for configuring a cookie name.

So, by making it public and configurable in the DSL, both
of these tickets quite naturally close.

Closes gh-13841
Closes gh-14904
 2024-09-15 21:30:55 -07:00
Josh Cummings 2d4c498c3b Test Meta-Annotation Class Type Support in Reactive 
Issue gh-15747
 2024-09-15 21:30:55 -07:00
Josh Cummings 75fd84ce16 Test Reactive Method Security Exactly-One Invocation Semantics 
Issue gh-15651
 2024-09-15 21:30:55 -07:00
Josh Cummings 1aec571a81 Test Reactive Method Security Exactly Once Semantics 
Issue gh-15592
 2024-09-15 21:30:55 -07:00
Josh Cummings 3e1f8bb960 Test Reactive Method Security with Abstract Classes 
Issue gh-15352
 2024-09-15 21:30:55 -07:00
Josh Cummings fee5dd30c0 Test AuthorizeReturnObject in Reactive 
Issue gh-14597
 2024-09-15 21:30:55 -07:00
Josh Cummings fc2ad34e5d Test meta-annotation parameter support in Reactive 
Issue gh-14480
 2024-09-15 21:30:55 -07:00
Josh Cummings 6f5e103dec Use AnnotationTemplateExpressionDefaults in Reactive 
Issue gh-15097
 2024-09-15 21:30:55 -07:00
Josh Cummings 86f64e7e86 Add Reactive Authorization Proxy Data Hints 
Issue gh-15709
 2024-09-15 21:30:55 -07:00
Josh Cummings 2bb3787d2b Use addAdvisors in Reactive Proxy Configuration 
Issue gh-15497
 2024-09-15 21:30:55 -07:00
Marcus Hert Da Coregio 0618d4e03f Provide Runtime Hints for Beans used in Pre/PostAuthorize Expressions 
Closes gh-14652
 2024-09-13 08:42:14 -03:00
Steve Riesenberg 51c226f24c
Add loginPage() to DSL in reactive oauth2Login() 
Closes gh-15674
 2024-09-11 15:56:54 -05:00
Rob Winch 9e5cc5f267 Merge remote-tracking branch 'origin/6.3.x' 2024-09-11 15:14:45 -05:00
Daniel Garnier-Moiroux 51d0a8b57d Fix getBeansWithName in global authentication configurers 2024-09-11 10:46:24 -07:00
Daniel Garnier-Moiroux 7e41785dfc Remove trailing spaces in default UIs 
- Default UIs had blank lines with only spaces. These get deleted by the
  spring-javaformat plugin. In order to avoid this behavior, an extra \s
  had been inserted in the tests. The reason for those \s is not obvious.
- This commit cleans up the \s but changing the HTML templates.
 2024-09-11 10:44:45 -07:00
Daniel Garnier-Moiroux 85693b2806 Add DefaultResourcesFitler to XML configuration 2024-09-11 10:21:12 -07:00
Steve Riesenberg 63f018eb18
Update tests using deprecated classes 
Issue gh-15737
 2024-09-10 15:10:42 -05:00