Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
16,877 Commits 32 Branches 333 Tags 109 MiB
Commit Graph

16877 Commits

Author SHA1 Message Date
dependabot[bot] b5132e9c4f Bump io.micrometer:micrometer-observation from 1.13.4 to 1.13.5 
Bumps [io.micrometer:micrometer-observation](https://github.com/micrometer-metrics/micrometer) from 1.13.4 to 1.13.5.
- [Release notes](https://github.com/micrometer-metrics/micrometer/releases)
- [Commits](https://github.com/micrometer-metrics/micrometer/compare/v1.13.4...v1.13.5)

---
updated-dependencies:
- dependency-name: io.micrometer:micrometer-observation
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-10-01 20:28:22 -07:00
dependabot[bot] fddc7768c5 Bump org.mockito:mockito-bom from 5.14.0 to 5.14.1 
Bumps [org.mockito:mockito-bom](https://github.com/mockito/mockito) from 5.14.0 to 5.14.1.
- [Release notes](https://github.com/mockito/mockito/releases)
- [Commits](https://github.com/mockito/mockito/compare/v5.14.0...v5.14.1)

---
updated-dependencies:
- dependency-name: org.mockito:mockito-bom
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-09-30 21:03:03 -07:00
nima 8a5a603c1d Fix SecurityContextPersistenceRepository Typo 2024-09-30 16:56:17 -07:00
nima cb4a85a74c Clarify UsernamePasswordAuthenticationFilter Workflow 2024-09-30 16:56:17 -07:00
Cedric Montfort aceb5fa6bb Allow logout+jwt JWT type for reactive 
The OIDC back-channel spec recommends using a logout token typ `logout+jwt`
(see [here](https://openid.net/specs/openid-connect-backchannel-1_0-final.html#LogoutToken).

Support of this type was recently added [on the servlet side]([on the Servlet side](9101bf1f7d)), so back
porting the same on the reactive side to close the gap.

Closes gh-15702
 2024-09-30 16:32:45 -07:00
Josh Cummings 29331a0d8c
Merge branch '6.3.x' 2024-09-30 17:24:03 -06:00
Josh Cummings 746464e035
Merge branch '6.2.x' into 6.3.x 2024-09-30 17:21:13 -06:00
Josh Cummings c1857c0308 Fix Formatting 
Issue gh-15771
 2024-09-30 16:19:26 -07:00
chao.wang 690e012fb1 Improve OidcBackChannelLogoutTokenValidator error when provider issuer is missing 
Closes gh-15771
 2024-09-30 16:19:26 -07:00
Thomas Darimont 8b97fdde43 Polish OAuth2ClientConfiguration 2024-09-30 16:16:45 -07:00
John Niang 7fcb42b537 Fix typo of createDefaultRequestMacher in WebSessionServerRequestCache 
createDefaultRequestMacher -> createDefaultRequestMatcher
 2024-09-30 15:24:40 -07:00
Max Batischev 0c216f0b59 Add public to setClock method in InMemoryOneTimeTokenService 
Closes gh-15863
 2024-09-30 15:33:33 -05:00
dependabot[bot] 828d316103 Bump org.mockito:mockito-bom from 5.13.0 to 5.14.0 
Bumps [org.mockito:mockito-bom](https://github.com/mockito/mockito) from 5.13.0 to 5.14.0.
- [Release notes](https://github.com/mockito/mockito/releases)
- [Commits](https://github.com/mockito/mockito/compare/v5.13.0...v5.14.0)

---
updated-dependencies:
- dependency-name: org.mockito:mockito-bom
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-09-29 21:11:51 -07:00
Max Batischev 50cc36d53e Add support JdbcOneTimeTokenService 
Closes gh-15735
 2024-09-29 00:06:10 +03:00
Steve Riesenberg 9ba2435cb2
Support refresh token for Token Exchange 
Closes gh-15534
 2024-09-27 15:57:57 -05:00
Steve Riesenberg e11c188122
Customize the strategy for resolving the principal 
Closes gh-15826
 2024-09-27 15:39:56 -05:00
dependabot[bot] 50cb051c86 Bump com.fasterxml.jackson:jackson-bom from 2.17.2 to 2.18.0 
Bumps [com.fasterxml.jackson:jackson-bom](https://github.com/FasterXML/jackson-bom) from 2.17.2 to 2.18.0.
- [Commits](https://github.com/FasterXML/jackson-bom/compare/jackson-bom-2.17.2...jackson-bom-2.18.0)

---
updated-dependencies:
- dependency-name: com.fasterxml.jackson:jackson-bom
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-09-26 21:14:50 -07:00
Josh Cummings ee9a887ae5
Fix Package Tangle 
Move ObjectPostProcessor to be alongside Customizer, another
functional interface for describing Spring Security object
configuration.
 2024-09-26 14:08:25 -06:00
Josh Cummings 24a7ad732c
Merge branch '6.3.x' 2024-09-26 13:08:57 -06:00
Josh Cummings b49051a1e6
Merge branch '6.2.x' into 6.3.x 2024-09-26 13:08:34 -06:00
Tran Ngoc Nhan f7b85ed314
Fix Broken Resource Server Doc Links 2024-09-26 13:08:12 -06:00
Tran Ngoc Nhan 4e2cb8bc25 Fix Broken Resource Server Doc Links 2024-09-26 12:07:40 -07:00
Josh Cummings d6b620b9f7
Make Observations Selectable 
Closes gh-15678
 2024-09-26 11:30:40 -06:00
Josh Cummings 69e3c248fa
Abstract ObservationRegistry Behind ObjectPostProcessor 
Issue gh-15678
 2024-09-26 11:30:40 -06:00
Josh Cummings 1ed20aa210
Add ObservationRegistry Tests 
Issue gh-11989
Issue gh-11990
 2024-09-26 11:30:40 -06:00
Josh Cummings 717529deb4
Add Generic Type to ObjectPostProcessor Lookups 
Issue gh-15678
 2024-09-26 11:30:39 -06:00
dependabot[bot] 8616044bb6 Bump org.junit:junit-bom from 5.11.0 to 5.11.1 
Bumps [org.junit:junit-bom](https://github.com/junit-team/junit5) from 5.11.0 to 5.11.1.
- [Release notes](https://github.com/junit-team/junit5/releases)
- [Commits](https://github.com/junit-team/junit5/compare/r5.11.0...r5.11.1)

---
updated-dependencies:
- dependency-name: org.junit:junit-bom
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-09-25 21:03:18 -07:00
github-actions[bot] 426e089bf8 Merge branch '6.2.x' into 6.3.x 2024-09-25 04:02:36 +00:00
github-actions[bot] 3b20844700 Merge branch '6.3.x' 2024-09-25 04:02:36 +00:00
dependabot[bot] 3ac89080ee Bump org.junit:junit-bom from 5.10.3 to 5.10.4 
Bumps [org.junit:junit-bom](https://github.com/junit-team/junit5) from 5.10.3 to 5.10.4.
- [Release notes](https://github.com/junit-team/junit5/releases)
- [Commits](https://github.com/junit-team/junit5/compare/r5.10.3...r5.10.4)

---
updated-dependencies:
- dependency-name: org.junit:junit-bom
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-09-24 21:01:58 -07:00
dependabot[bot] 8b63817f02 Bump org.junit:junit-bom from 5.10.3 to 5.10.4 
Bumps [org.junit:junit-bom](https://github.com/junit-team/junit5) from 5.10.3 to 5.10.4.
- [Release notes](https://github.com/junit-team/junit5/releases)
- [Commits](https://github.com/junit-team/junit5/compare/r5.10.3...r5.10.4)

---
updated-dependencies:
- dependency-name: org.junit:junit-bom
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-09-24 21:01:50 -07:00
Thomas Darimont b06c40d9ef Add ExpressionJwtGrantedAuthoritiesConverter to extract authorities with an expression 
This helps to reduce custom code necessary to extract roles from deeply
nested claims.

Closes #15201

Signed-off-by: Thomas Darimont <thomas.darimont@googlemail.com>
 2024-09-23 16:59:59 -07:00
jinia91 b205436948 fix minor error in docs 2024-09-23 16:12:21 -07:00
Tran Ngoc Nhan e618fc425d Favor ObjectProvider 
Closes gh-15805
 2024-09-23 16:11:43 -07:00
Tran Ngoc Nhan 9dda65a5e3 Polish CorsSpecTests 
Use concrete ApplicationContext to simplify future maintenance.

Issue gh-4832
 2024-09-23 16:11:43 -07:00
DingHao 68d814e042 Polish ExpressionTemplateSecurityAnnotationScanner 2024-09-23 16:05:22 -07:00
Steve Riesenberg cd7f6e09b0
Look up ReactiveOAuth2AccessTokenResponseClient as a bean 
Closes gh-11097
 2024-09-23 11:06:12 -05:00
dependabot[bot] 2763bbed33 Bump org.seleniumhq.selenium:selenium-java from 4.24.0 to 4.25.0 
Bumps [org.seleniumhq.selenium:selenium-java](https://github.com/SeleniumHQ/selenium) from 4.24.0 to 4.25.0.
- [Release notes](https://github.com/SeleniumHQ/selenium/releases)
- [Commits](https://github.com/SeleniumHQ/selenium/compare/selenium-4.24.0...selenium-4.25.0)

---
updated-dependencies:
- dependency-name: org.seleniumhq.selenium:selenium-java
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-09-22 20:38:38 -07:00
github-actions[bot] 083d02c9dd Merge branch '6.2.x' into 6.3.x 2024-09-23 01:07:45 +00:00
github-actions[bot] 893f0ccdeb Merge branch '6.3.x' 2024-09-23 01:07:45 +00:00
dependabot[bot] 95cee40224 Bump @springio/asciidoctor-extensions in /docs 
Bumps [@springio/asciidoctor-extensions](https://github.com/spring-io/asciidoctor-extensions) from 1.0.0-alpha.13 to 1.0.0-alpha.14.
- [Changelog](https://github.com/spring-io/asciidoctor-extensions/blob/main/CHANGELOG.adoc)
- [Commits](https://github.com/spring-io/asciidoctor-extensions/compare/v1.0.0-alpha.13...v1.0.0-alpha.14)

---
updated-dependencies:
- dependency-name: "@springio/asciidoctor-extensions"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-09-22 18:06:59 -07:00
github-actions[bot] fe2b94ea2d Merge branch '6.3.x' 2024-09-23 00:55:52 +00:00
github-actions[bot] fb5d6a9add Merge branch '6.2.x' into 6.3.x 2024-09-23 00:55:51 +00:00
github-actions[bot] bcf0a7f55d Merge branch '5.8.x' into 6.2.x 2024-09-23 00:55:51 +00:00
dependabot[bot] 755e9f2f69 Bump @springio/asciidoctor-extensions in /docs 
Bumps [@springio/asciidoctor-extensions](https://github.com/spring-io/asciidoctor-extensions) from 1.0.0-alpha.13 to 1.0.0-alpha.14.
- [Changelog](https://github.com/spring-io/asciidoctor-extensions/blob/main/CHANGELOG.adoc)
- [Commits](https://github.com/spring-io/asciidoctor-extensions/compare/v1.0.0-alpha.13...v1.0.0-alpha.14)

---
updated-dependencies:
- dependency-name: "@springio/asciidoctor-extensions"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-09-22 17:55:03 -07:00
github-actions[bot] 54bf595178 Merge branch '6.3.x' 2024-09-23 00:40:18 +00:00
dependabot[bot] 7fec535718 Bump @springio/asciidoctor-extensions in /docs 
Bumps [@springio/asciidoctor-extensions](https://github.com/spring-io/asciidoctor-extensions) from 1.0.0-alpha.13 to 1.0.0-alpha.14.
- [Changelog](https://github.com/spring-io/asciidoctor-extensions/blob/main/CHANGELOG.adoc)
- [Commits](https://github.com/spring-io/asciidoctor-extensions/compare/v1.0.0-alpha.13...v1.0.0-alpha.14)

---
updated-dependencies:
- dependency-name: "@springio/asciidoctor-extensions"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-09-22 17:39:30 -07:00
dependabot[bot] 77c5dbec7b Bump @springio/asciidoctor-extensions in /docs 
Bumps [@springio/asciidoctor-extensions](https://github.com/spring-io/asciidoctor-extensions) from 1.0.0-alpha.13 to 1.0.0-alpha.14.
- [Changelog](https://github.com/spring-io/asciidoctor-extensions/blob/main/CHANGELOG.adoc)
- [Commits](https://github.com/spring-io/asciidoctor-extensions/compare/v1.0.0-alpha.13...v1.0.0-alpha.14)

---
updated-dependencies:
- dependency-name: "@springio/asciidoctor-extensions"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-09-22 17:18:32 -07:00
Rob Winch 22dffc0a98 Run format 2024-09-20 09:06:37 -07:00
Ryan Scheidter 0a0721b030 Complete HttpSecurity Deprecation notices 2024-09-20 09:06:37 -07:00