bd9434882f
Add authorization events
...
Closes gh-9288
2022-03-29 15:44:21 -06:00
9792e2a0fa
Use ServletContext in AuthorizationManagerWebInvocationPrivilegeEvaluator
...
Closes gh-10908
2022-03-28 10:21:15 -03:00
c67632225d
Use ServletContext in AuthorizationManagerWebInvocationPrivilegeEvaluator
...
Closes gh-10908
2022-03-28 10:13:40 -03:00
6c52c52a68
Use ServletContext in AuthorizationManagerWebInvocationPrivilegeEvaluator
...
Closes gh-10908
2022-03-28 09:45:23 -03:00
67fd46bfa6
Add SecurityContextRepository.loadContext(HttpServletRequest)
...
This allows loading the SecurityContext lazily, without the need for the
response, and does not attempt to automatically save the request when
the response is comitted.
Closes gh-11028
2022-03-25 14:21:52 -05:00
8940719dbb
HttpSessionSecurityContextRepository support null HttpServletResponse
...
Closes gh-11029
2022-03-25 13:01:40 -05:00
987ee2e67a
Polish gh-10911
2022-03-17 12:53:56 -05:00
1b29c43a11
Use configurable charset in ServerHttpBasicAuthenticationConverter
...
Closes gh-10903
2022-03-17 12:53:55 -05:00
7955e5ac52
Polish UsernamePasswordAuthenticationFilter method
...
Closes gh-10970
2022-03-16 16:29:40 +01:00
87ed31a99c
Add SecurityContextHolderFilter
...
Closes gh-9635
2022-03-11 17:22:23 -06:00
ac9c29b2a0
Add UsernamePasswordAuthenticationToken factory methods
...
- unauthenticated factory method
- authenticated factory method
- test for unauthenticated factory method
- test for authenticated factory method
- make existing constructor protected
- use newly factory methods in rest of the project
- update copyright dates
Closes gh-10790
2022-03-09 15:23:35 -07:00
636f3e1d5d
AbstractPreAuthenticatedProcessingFilter.securityContextRepository
...
Issue gh-10953
2022-03-09 15:33:42 -06:00
e6b6104b52
DigestAuthenticationFilter.securityContextRepository
...
Issue gh-10953
2022-03-09 15:33:42 -06:00
9b0cd5a0a8
BasicAuthenticationFilter.setSecurityContextRepository
...
Issue gh-10953
2022-03-09 15:33:42 -06:00
120f2a356f
RememberMeAuthenticationFilter.securityContextRepository
...
Issue gh-10953
2022-03-09 15:33:42 -06:00
014c471ff1
AuthenticationFilter.securityContextRepository
...
Issue gh-10953
2022-03-09 15:33:42 -06:00
f11cb988a9
AbstractAuthenticationProcessingFilter.securityContextRepository
...
Issue gh-10953
2022-03-09 15:33:42 -06:00
44508df940
AuthorizationManagerWebInvocationPrivilegeEvaluator grant access when AuthorizationManager abstains
...
Closes gh-10950
2022-03-09 15:38:11 -03:00
70b67cd2f1
AuthorizationManagerWebInvocationPrivilegeEvaluator grant access when AuthorizationManager abstains
...
Closes gh-10950
2022-03-09 15:22:21 -03:00
980e0466a7
AuthorizationManagerWebInvocationPrivilegeEvaluator grant access when AuthorizationManager abstains
...
Closes gh-10950
2022-03-09 15:21:37 -03:00
65ec2659c4
HttpSessionSecurityContextRepository saves with original response
...
Previously, the HttpSessionSecurityContextRepository unnecessarily required
the HttpServletResponse from the HttpReqeustResponseHolder passed into
loadContext. This meant code that wanted to save a SecurityContext had to
have a reference to the original HttpRequestResponseHolder. Often that
implied that the code that saves the SecurityContext must also load the
SecurityContext.
This change allows any request / response to be used to save the
SecurityContext which means any code can save the SecurityContext not just
the code that loaded it. This sets up the code to be permit requiring
explicit saves. Using the request/response from the
HttpRequestResponseHolder is only necessary for implicit saves.
Closes gh-10947
2022-03-09 10:17:15 -06:00
b9f79543c5
Add RequestAttributeSecurityContextRepository
...
Closes gh-10918
2022-03-07 14:52:24 -06:00
f0c548cee7
Invert Log Messages
...
Closes gh-10909
2022-02-28 13:17:01 -07:00
efd5fc745c
Invert Log Messages
...
Closes gh-10909
2022-02-28 13:10:06 -07:00
371389580b
Update JavaDoc
...
Issue gh-10564
2022-02-15 12:57:32 -07:00
0fb6840db3
Make WebAuthenticationDetails constructor public
...
Closes gh-10564
2022-02-15 12:57:32 -07:00
a09f6e15ad
Polish ignoring() log messaging
...
- Public API remains unchanged
Issue gh-9334
2022-02-07 15:22:49 -07:00
7e0302be5c
Print ignore message DefaultSecurityFilterChain
...
When either `web.ignoring().mvcMatchers(...)` or
`web.ignoring().antMatchers(...)` methods are used, for all their
variations, the DefaultSecurityFilterChain class now indicates
correctly through its ouput what paths are ignored according the
`ignoring()` settings.
Closes gh-9334
2022-02-07 15:22:49 -07:00
f53c65b3a0
Polish ignoring() log messaging
...
- Public API remains unchanged
Issue gh-9334
2022-02-07 15:07:29 -07:00
0be772ff5b
Print ignore message DefaultSecurityFilterChain
...
When either `web.ignoring().mvcMatchers(...)` or
`web.ignoring().antMatchers(...)` methods are used, for all their
variations, the DefaultSecurityFilterChain class now indicates
correctly through its ouput what paths are ignored according the
`ignoring()` settings.
Closes gh-9334
2022-02-07 15:07:29 -07:00
cbd87fac89
Polish ignoring() log messaging
...
- Public API remains unchanged
Issue gh-9334
2022-02-07 14:50:28 -07:00
01ed617d5f
Print ignore message DefaultSecurityFilterChain
...
When either `web.ignoring().mvcMatchers(...)` or
`web.ignoring().antMatchers(...)` methods are used, for all their
variations, the DefaultSecurityFilterChain class now indicates
correctly through its ouput what paths are ignored according the
`ignoring()` settings.
Closes gh-9334
2022-02-07 14:50:19 -07:00
70fa8b1fdb
Add Support for @Transient SecurityContext
...
Closes gh-9995
2022-02-03 09:45:51 -06:00
893b651aea
RequestMatcherDelegatingWebInvocationPrivilegeEvaluator doesn't provided access to the ServletContext
...
Closes gh-10779
2022-01-31 09:57:34 -03:00
a041e7c943
RequestMatcherDelegatingWebInvocationPrivilegeEvaluator doesn't provided access to the ServletContext
...
Closes gh-10779
2022-01-31 09:50:17 -03:00
1c10c10f73
RequestMatcherDelegatingWebInvocationPrivilegeEvaluator doesn't provided access to the ServletContext
...
Closes gh-10779
2022-01-31 09:43:18 -03:00
9baf1134c7
Add Request-based AuthenticationManagerResolvers
...
Closes gh-6762
2022-01-26 09:09:02 -07:00
04f3bbcefa
javax.xml.bind:jaxb-api -> jakarta.xml.bind:jakarta.xml.bind-api
...
Issue gh-10501
2022-01-19 15:32:12 -06:00
c67ee6f2a8
javax.servlet:javax.servlet-api -> jakarta.servlet:jakarta.servlet-api
...
Issue gh-10501
2022-01-19 15:32:12 -06:00
0e8c03401b
javax.xml.bind:jaxb-api -> jakarta.xml.bind:jakarta.xml.bind-api
...
Issue gh-10501
2022-01-19 14:34:16 -06:00
8f64bb6c8c
javax.servlet:javax.servlet-api -> jakarta.servlet:jakarta.servlet-api
...
Issue gh-10501
2022-01-19 14:33:53 -06:00
7435da6bbf
Add serialVersionUID to DefaultSavedRequest and SavedCookie
...
Closes gh-10594
2022-01-18 09:26:56 -03:00
75f25bff82
Polish multiple RequestRejectedHandlers support
...
Issue gh-10603
2022-01-14 16:49:38 -07:00
4ea57f3e3f
Support multiple RequestRejectedHandler beans
...
Closes gh-10603
2022-01-14 16:46:15 -07:00
ca353d6781
Use noNullElements
...
Collection#contains(null) does not work for all collection types
Closes gh-10703
2022-01-14 15:19:13 -07:00
6c5ac0d8ec
Use noNullElements
...
Collection#contains(null) does not work for all collection types
Closes gh-10703
2022-01-14 15:09:21 -07:00
aaaf7d3523
Use noNullElements
...
Collection#contains(null) does not work for all collection types
Closes gh-10703
2022-01-14 15:08:38 -07:00
1ab0705b47
Fix typo
2022-01-10 16:17:42 +01:00
60595f2801
Fix @since tag
...
Issue gh-10590, gh-10554
2022-01-06 13:22:58 -03:00
e7e3f06044
Fix @since tag
...
Issue gh-10590, gh-10554
2022-01-06 13:22:13 -03:00
f04cd641b0
Fix @since tag
...
Issue gh-10590, gh-10554
2022-01-06 13:18:25 -03:00
994e93741b
Configure WebInvocationPrivilegeEvaluator bean for multiple filter chains
...
Closes gh-10554
2022-01-05 14:06:47 -03:00
04e1a11e35
Add RequestMatcherEntry
2022-01-05 14:06:47 -03:00
547056d5cc
Introduce AuthorizationManagerWebInvocationPrivilegeEvaluator
...
Closes gh-10590
2022-01-05 14:06:47 -03:00
ba810e468f
Configure WebInvocationPrivilegeEvaluator bean for multiple filter chains
...
Closes gh-10554
2022-01-05 14:01:57 -03:00
40dfe8f259
Add RequestMatcherEntry
2022-01-05 14:00:47 -03:00
b448954f43
Introduce AuthorizationManagerWebInvocationPrivilegeEvaluator
...
Closes gh-10590
2022-01-05 13:57:36 -03:00
18427b6411
Configure WebInvocationPrivilegeEvaluator bean for multiple filter chains
...
Closes gh-10554
2021-12-13 08:57:30 -03:00
7e17a00197
Add RequestMatcherEntry
2021-12-13 08:57:30 -03:00
53b8cff26f
Introduce AuthorizationManagerWebInvocationPrivilegeEvaluator
...
Closes gh-10590
2021-12-13 08:57:30 -03:00
65426a40ec
Add Cross Origin Policies headers
...
Add DSL support for Cross-Origin-Opener-Policy, Cross-Origin-Embedder-Policy and Cross-Origin-Resource-Policy headers
Closes gh-9385, gh-10118
2021-12-07 17:23:06 +01:00
62e8799a8d
Use BDD in tests
2021-12-02 17:44:47 -06:00
df0f6f83af
Polish gh-9597
2021-12-02 17:44:47 -06:00
925d531cbe
Set details on authentication token created by HttpServlet3RequestFactory
...
Currently the login mechanism when triggered by executing HttpServlet3RequestFactory#login does not set any details on the underlying authentication token that is authenticated.
This change adds an AuthenticationDetailsSource on the HttpServlet3RequestFactory, which defaults to a WebAuthenticationDetailsSource.
Closes gh-9579
2021-12-02 17:44:46 -06:00
47b8860681
Update copyright year
...
Issue gh-10557
2021-12-01 17:36:52 -06:00
c7ffd2513a
Update copyright year
...
Issue gh-10557
2021-12-01 17:36:19 -06:00
bb2d80fea3
Update copyright year
...
Issue gh-10557
2021-12-01 17:35:43 -06:00
828cac8889
Fix case sensitive headers comparison
...
Closes gh-10557
2021-12-01 15:19:33 -06:00
f49c286050
Fix case sensitive headers comparison
...
Closes gh-10557
2021-12-01 15:05:13 -06:00
b3e0f167ff
Fix case sensitive headers comparison
...
Closes gh-10557
2021-12-01 15:01:06 -06:00
1251cde04c
Add Missing Since
...
Issue gh-10482
2021-11-30 15:17:48 -07:00
a3a9de1b9b
PermitAllSupport supports AuthorizeHttpRequestsConfigurer
...
PermitAllSupport supports either an ExpressionUrlAuthorizationConfigurer or an AuthorizeHttpRequestsConfigurer. If none or both are configured an error message is thrown.
Closes gh-10482
2021-11-30 15:17:22 -07:00
204f0b4599
Polish gh-10007
2021-11-30 15:27:58 -06:00
43317c5a61
Support IP whitelist for Spring Security Webflux
...
Closes gh-7765
2021-11-30 15:27:58 -06:00
2bf7a5ae80
Improve log message when no CSRF token found
...
Closes gh-10436
2021-11-19 08:37:25 -03:00
96a6fef820
Prevent Save @Transient Authentication with existing HttpSession
...
Previously, @Transient Authentication would get saved if an existing
HttpSession existed but it shouldn't.
This commit always prevents @Transient Authentication from being saved.
Closes gh-9992
2021-11-16 14:44:49 -06:00
caad3d57e2
Improve log message when no CSRF token found
...
Closes gh-10436
2021-10-29 14:06:17 -03:00
00f4033b9b
Update DefaultWebInvocationPrivilegeEvaluator to use current ServletContext
...
Closes gh-10208
2021-10-22 13:22:12 -03:00
e4a76b0ec9
Checkstyle Fixes
...
- Javadoc tag ordering
- Private constructors before inner classes
Issue gh-10394
2021-10-22 10:19:34 -05:00
04b47c5928
Fixed various broken links in Javadocs
2021-10-21 11:47:04 +02:00
a188138715
Javadocs author tag doesn't work in methods
2021-10-21 11:47:04 +02:00
f836897190
Checkstyle Fixes
...
- Javadoc tag ordering
- Private constructors before inner classes
Issue gh-10394
2021-10-18 21:03:35 -05:00
e1f4ec1137
Fix Jackson
2021-10-18 21:03:12 -05:00
6e86fab19d
Restructure SwitchUserFilter Logs
...
Issue gh-6311
2021-10-18 13:02:42 -05:00
faec20bc69
Update DefaultWebInvocationPrivilegeEvaluator to use current ServletContext
...
Closes gh-10208
2021-10-14 09:27:02 -03:00
7b98c2ea95
Restructure SwitchUserFilter Logs
...
Issue gh-6311
2021-10-12 13:32:29 -06:00
02b2fcc6f0
Restore ManagementConfigurationPlugin
...
Issue gh-9615
2021-10-05 11:23:29 -03:00
d2e5f2ae0d
Update Gradle to 7.2
...
Closes gh-9615
2021-10-04 15:19:40 -03:00
7d81a52780
Allow AuthenticationPrincipal argument type to be primitive
...
Closes gh-10172
2021-10-04 16:22:21 +02:00
84d173c310
Fix typo
2021-09-27 10:55:18 -03:00
a4c088a3b3
Introducing WebSessionServerLogoutHandler
...
Closes gh-4838
2021-08-16 13:08:35 -06:00
6f3e346b76
Add SecurityContextHolder#addListener
...
Closes gh-10032
2021-08-11 17:12:13 -06:00
b8d51725c7
Immutable SecurityContext
...
Issue gh-10032
2021-08-11 17:12:13 -06:00
f73f213f50
Remove DependencySetPlugin
...
Closes gh-10070
2021-07-12 15:31:38 -05:00
f800d2c993
Add hamcrest dependency
2021-07-09 15:57:21 -05:00
b6ff4d3674
Fix mockito UnnecessaryStubbingException
2021-07-09 14:35:10 -05:00
3e93b024d6
openrewrite Junit Migration
2021-07-09 14:32:52 -05:00
14240b2559
Remove Powermock
...
Powermock does not support JUnit5 yet, so we need to remove it
to support JUnit 5. Additionally, maintaining additional libraries
adds extra work for the team.
Mockito now supports final classes and static method mocking. This
commit replaces Powermock with mockito-inline.
Closes gh-6025
2021-07-08 12:35:32 -05:00
d121ab9565
Support A Well-Known URL for Changing Passwords
...
Closes gh-8657
2021-07-01 16:57:53 -06:00
3219fd554d
DigestAuthenticationFilter decodes nonce only once
...
Closes gh-8455
2021-06-18 15:25:00 -04:00
3bb8e1d200
Remove redundant translations in spring-security-web
2021-06-15 09:18:13 -05:00
7cd344acab
Add spanish translation of insufficient authentication and cookie stolen
2021-06-15 09:11:53 -05:00
ca76c54471
Polish CsrfWebFilterTests
...
Issue gh-9113
2021-06-04 16:41:08 -06:00
0c8b6df82a
Cache Mono that generate the CSRF token
...
Closes gh-9113
2021-06-04 16:41:08 -06:00
baac9e0cf2
Properly clean cookies with context path after logout
...
Closes gh-8846
2021-06-04 15:42:33 +02:00
29f4193529
Adjust createNewSessionIfAllowed to prevent NPE
...
Ensure that isTransientAuthentication reuses the same authentication object from saveContext
Closes gh-8947
2021-05-26 13:46:08 -03:00
2a7998d0fc
Adjust createNewSessionIfAllowed to prevent NPE
...
Ensure that isTransientAuthentication reuses the same authentication object from saveContext
Closes gh-8947
2021-05-26 10:36:44 -06:00
cf74ad3a52
Anonymous in ExceptionTranslationWebFilter
...
The ExceptionTranslationWebFilter does not support correctly when
anonymous authentication is enabled. With this enabled provoked always
the execution of the access denied handler, and with this fix it
behaves like the ExceptionTranslationFilter (servlet), executing the
access denied handler only if the principal is not empty and neither
anonymous.
Closes gh-9130
2021-05-26 09:17:41 -05:00
a7fbae8355
Add test for RequestedUrlRedirectInvalidSessionStrategy
2021-05-26 09:11:38 -05:00
0e6d47b082
Add guard around debug logging involving string concatenation
2021-05-26 09:11:38 -05:00
0af74ce134
Use ServletUriComponentsBuilder instead of UrlPathHelper
2021-05-26 09:11:38 -05:00
2bcd4627fa
Eliminate use of Optional
2021-05-26 09:11:38 -05:00
10a264c144
Add RequestedUrlRedirectInvalidSessionStrategy implemention of InvalidSessionStrategy
...
Performs a redirect to the original request URL when an invalid requested session is detected.
In effect, when a user's session times out, the user is redirected to URL they originally requested instead of some fixed URL.
2021-05-26 09:11:38 -05:00
df6ebc7051
Rename DelegatingAuthorizationManager
...
Closes gh-9692
2021-04-28 09:53:25 -06:00
e2993d93e1
Make Csrf cookie secure flag configurable (WebFlux)
...
Make the XSRF-TOKEN cookie secure flag configurable in CookieServerCsrfTokenRepository.
Closes gh-9678
2021-04-27 09:34:12 +02:00
cb6e4f4a11
Add NPE Guards
...
- Like values, names are only validated if they are not null
Closes gh-9598
2021-04-22 11:22:19 -06:00
7dc4de05b1
Add guard around logger.debug statement
...
The log message involves string concatenation, the cost of which should only be incurred if debug logging is enabled
2021-04-16 10:32:58 -06:00
4f7d529c5d
Polish Csrf Tests
...
Issue gh-9561
2021-04-09 22:47:31 -06:00
87ed527023
Add null check in CsrfFilter and CsrfWebFilter
...
Solve the problem that CsrfFilter and CsrfWebFilter
throws NPE exception when comparing two byte array
is equal in low JDK version.
When JDK version is lower than 1.8.0_45, method
java.security.MessageDigest#isEqual does not verify
whether the two arrays are null. And the above two
class call this method without null judgment.
ZiQiang Zhao<1694392889@qq.com>
2021-04-09 21:43:19 -06:00
f3f1106624
Update io.spring.javaformat to 0.0.27
...
Closes gh-9553
2021-04-05 22:23:59 -05:00
60d3db5798
add management platform(project(":spring-security-dependencies"))
...
Closes gh-9540
2021-04-05 10:36:36 -05:00
1a76ee7442
Update Gradle configuration names
...
Closes gh-9540
2021-04-05 10:36:36 -05:00
4a492846f1
Revert "Lock dependencies for 2.5.0-M3"
...
This reverts commit f05cc6269c
2021-03-15 23:18:45 +01:00
f05cc6269c
Lock dependencies for 2.5.0-M3
2021-03-15 11:00:19 +01:00
95da12110b
Additional Test for HttpSessionSecurityContextRepository
...
Issue gh-9387
2021-02-11 15:58:29 -07:00
3116369f02
Optimize HttpSessionSecurityContextRepository
...
Closes gh-9387
2021-02-11 15:58:28 -07:00
c4be1c6a56
Revert "Lock Dependencies"
...
This reverts commit a85caa4098
2021-02-11 15:49:59 -07:00
a85caa4098
Lock Dependencies
2021-02-11 15:00:38 -07:00
107f38fff9
Polish Tests
...
Issue gh-9331
2021-02-03 09:05:31 -07:00
873b9bdbca
Configure CurrentSecurityContextArgumentResolver BeanResolver
...
Closes gh-9331
2021-02-03 09:05:31 -07:00
77484018bb
Reconsider AntPathRequestMatcher matching logic
...
Closes gh-9285
2021-01-19 12:02:06 -07:00
0201c31deb
Fix Checkstyle for CsrfWebFilter
...
Issue gh-9337
2021-01-12 11:37:12 -06:00
a1083d9a5c
Fix CsrfWebFilter error message when expected CSRF not found
...
Closes gh-9337
2021-01-12 11:18:29 -06:00
160a4a3676
Reformat MvcRequestMatcher
...
- Moved related private methods together
Issue gh-9284
2021-01-11 08:28:59 -07:00
8449df9fd2
Consider Aligning MvcRequestMatcher's matching methods
...
Closes gh-9284
2021-01-09 21:42:16 +03:00
848bd44837
Remove unused code
...
Issue gh-9203
2020-12-18 11:49:52 -07:00
40e027c56d
Constant Time Comparison for CSRF tokens
...
Closes gh-9291
2020-12-17 15:01:43 -06:00
c066e23a86
Add @since attributes
...
Issue gh-8900
2020-12-16 15:58:53 -07:00
34b4b1054f
Add AuthorizationManager
...
Closes gh-8900
2020-12-16 15:58:36 -07:00
5306d4c4d5
Minor cleanup on Ant / Regex Request Matchers
...
- Removed duplicative code for transforming String into HttpMethod
- Removed an unnecessary array initialization
2020-12-14 14:19:23 +01:00
6be25df1db
Introduced DispatcherType request matcher
...
Created a DispatcherTypeRequestMatcher and corresponding methods
for configuring an HttpSecurity object. This enables filtering of
security rules based on the dispatcher type of the incoming servlet
request.
Closes gh-9205
2020-12-14 14:19:23 +01:00
54d3839f63
Add permissionsPolicy http header
2020-12-11 12:32:18 +01:00
48ef27b80a
Make assertion messages in CookieCsrfTokenRepository clearer
...
Changes assertion message format from 'X is not null' to
'X cannot be null' since this is more meaningful when the error
occurs and the message is printed in the logs.
Closes gh-9195
2020-12-09 10:45:22 -06:00
76e117a67a
Allow maximum age of csrf cookie to be configured
...
Allows maxAge of the generated cookie by CookieCsrfTokenRepository
to be configurable.
Prior to this commit, maximum age was set with a value of -1.
After this commit, it will be configured by the user with an either
positive or negative value. If the user does not provide a value,
it will be set -1.
An IllegalArgumentException will be thrown when
this value is set to zero.
Closes gh-9195
2020-12-09 10:45:22 -06:00
f614a8230c
Polish getRemoteUser
...
- Corrected instanceof check
Issue gh-3357
2020-12-03 13:08:40 -07:00
9c373ef4f8
getRemoteUser() returns principal name
...
Closes gh-3357
2020-12-03 13:08:40 -07:00
7f482eda7d
Fix CookieRequestCache for URL encoded query parameters
...
Avoid populating the saved request parameters with encoded values. Since the query strings of the request and saved URL are compared and must be equal, we can just use the parameters from the incoming request.
Closes gh-9203
2020-11-26 18:16:42 +01:00
4cc3c25a0e
removed whitespace formatting
2020-11-13 15:01:17 -06:00
a26975f780
cleanup compatibility method based on spring-projects#8868
2020-11-13 15:01:17 -06:00
ff58ac836e
Decode cookie once in AbstractRememberMeServices
...
Issue gh-9192
2020-11-09 08:14:20 -05:00
Parikshit Dutta
Marcus Da Coregio
Rob Winch
Steve Riesenberg
David Kirstein
ShinDongHun1
Norbert Nowak
Josh Cummings
Yuriy Savchenko
Manuel Jordan
Juan Carlos
Adam Ostrožlík
heowc
Karl Tinawi
Igor Pelesic
Guirong Hu
Emil Sierżęga
Eleftheria Stein
Bogdan Ilchyshyn
Hiroshi Shirosaki
Evgeniy Cheban
Alexey Markevich
Ruben Suarez Alvarez
Tomoki Tsubaki
AlexeyAnufriev
César Revert
Craig Andrews
Thomas Vitale
佚名
Eleftheria Stein
happier233
Zeeshan Adnan
Rob Winch
Nick McKinney
Christophe Gilles
Serdar Kuzucu
Stephen Joyner
Aditya Sekhar
zhuang