Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-07-30 14:13:32 +00:00
Code Issues Packages Projects Releases Wiki Activity
11,818 Commits 58 Branches 351 Tags
Commit Graph

687 Commits

Author SHA1 Message Date
Josh Cummings
d29ab8bcae
Merge branch '5.7.x' into 5.8.x 2022-11-01 13:43:40 -06:00
Josh Cummings
c94e33b6c8
Merge branch '5.6.x' into 5.7.x 2022-11-01 13:42:35 -06:00
Ger Roza
8315545144 Update RP-Initiated Logout target URLs. 
The URLs we're using are not actually pointing to the OIDC RP-Initiated Logout Specs.

Fixes: gh-12081
 2022-11-01 12:35:39 -06:00
Steve Riesenberg
66f2f1cde7
Merge branch '5.7.x' into 5.8.x 2022-10-31 08:55:03 -05:00
Steve Riesenberg
2915a70bf7
Merge branch '5.6.x' into 5.7.x 2022-10-28 13:05:48 -05:00
Steve Riesenberg
26a51ee198
Merge branch '5.5.x' into 5.6.x 2022-10-28 11:15:33 -05:00
Steve Riesenberg
e7fe778abc
Merge branch '5.4.x' into 5.5.x 2022-10-28 11:13:33 -05:00
Steve Riesenberg
3e2ac82612
Merge branch '5.3.x' into 5.4.x 2022-10-28 11:10:39 -05:00
Steve Riesenberg
5560bbaa80
Merge branch '5.2.x' into 5.3.x 2022-10-28 11:07:51 -05:00
Steve Riesenberg
75004587a4
Fix scope mapping 
Issue gh-12101
 2022-10-28 11:00:27 -05:00
Steve Riesenberg
bbac85e20b Reduce severity of invalid registrationId to warn 
This prevents filling the log file with error messages when routine
scans are being performed.

Closes gh-11344
 2022-09-26 09:56:20 -05:00
Daniel Garnier-Moiroux
bea7761a1c
ClientRegistrations#rest defines 30s connect and read timeouts 2022-09-14 15:10:34 -05:00
Rob Winch
32dbaceec5 Fix mockito 4.7.0 merge 
Issue gh-11748
 2022-08-24 08:58:00 -05:00
Rob Winch
2fb625db84 Remove mockito deprecations 
Issue gh-11748
 2022-08-23 15:59:52 -05:00
Igor Bolic
efaee4e56b Allow customization of redirect strategy 
The default redirect strategy will provide authorization redirect
URI within HTTP 302 response Location header.
Allowing the configuration of custom redirect strategy will provide
an option for the clients to obtain the authorization URI from e.g.
HTTP response body as JSON payload, without a need to handle
automatic redirection initiated by the HTTP Location header.

Closes gh-11373
 2022-08-08 15:35:49 -05:00
Joe Grandja
95155ddb0c Deprecate Resource Owner Password Credentials grant 
Closes gh-11590
 2022-07-15 16:28:47 -04:00
Josh Cummings
1d72a05c32
Add SecurityContextHolderStrategy to OAuth2 
Issue gh-11060
 2022-06-27 13:05:12 -06:00
Josh Cummings
539a11d0a4
Encode postLogoutRedirectUri query params 
Closes gh-11379
 2022-06-16 16:13:42 -06:00
Josh Cummings
f035c30edb
Encode postLogoutRedirectUri query params 
Closes gh-11379
 2022-06-16 16:12:13 -06:00
Josh Cummings
01513ab17e
Add placeholders to reactive post_logout_redirect_uri 
Now also supports baseScheme, baseHost, basePort, and basePath

Issue gh-11229
 2022-06-16 16:10:26 -06:00
Josh Cummings
6f69d85fcb
Reactive OAuth 2.0 logout handler resolves registrationId 
Closes gh-11378
 2022-06-16 16:09:57 -06:00
Josh Cummings
3f30de388a
Encode postLogoutRedirectUri query params 
Closes gh-11379
 2022-06-16 16:09:56 -06:00
Michael
e4505ed6c8
Add placeholders to post_logout_redirect_uri 
Now supports baseScheme, baseHost, basePort, and basePath in addition
to extant baseUrl.

Closes gh-11229
 2022-06-16 16:09:56 -06:00
Marcus Da Coregio
b8b0661d73
Lock Dependencies for Release 2022-05-16 14:01:51 -06:00
Steve Riesenberg
f0168c6c27
Add support for customizing claims in JWT Client Assertion 
Closes gh-9855
 2022-03-17 09:53:16 -05:00
Joe Grandja
50d315d833 Remove unused code 2022-03-17 04:23:44 -04:00
Joe Grandja
a2ffc88294 Allow configuring PKCE for confidential clients 
Closes gh-6548
 2022-03-16 13:33:12 -04:00
Simone Giannino
73003d59d6 OAuth 2.0 logout handler resolves uri placeholders 
- OidcClientInitiatedLogoutSuccessHandler can automatically resolve placeholders like baseUrl and registrationId inside the postLogoutRedirectUri

Issue gh-7900
 2022-03-15 12:54:39 -06:00
Josh Cummings
931fb6a328 Move UnmodifiableMapDeserializer 
Issue gh-10905
 2022-03-01 14:03:41 -07:00
Marcus Da Coregio
bebd615507 Update io.r2dbc to 0.9.1.RELEASE 
Closes gh-10883
 2022-02-21 10:35:20 -03:00
Marcus Da Coregio
883c480af0 Update r2dbc-h2 to 0.8.5.RELEASE 
Closes gh-10869
 2022-02-21 09:20:37 -03:00
Eleftheria Stein
d655deb718 Update r2dbc-h2 to 0.8.5.RELEASE 
Closes gh-10856
 2022-02-21 12:24:24 +01:00
Rob Winch
c67ee6f2a8 javax.servlet:javax.servlet-api -> jakarta.servlet:jakarta.servlet-api 
Issue gh-10501
 2022-01-19 15:32:12 -06:00
Rob Winch
8f64bb6c8c javax.servlet:javax.servlet-api -> jakarta.servlet:jakarta.servlet-api 
Issue gh-10501
 2022-01-19 14:33:53 -06:00
Steve Riesenberg
7c54f98944 Update io.r2dbc to 0.9.0.RELEASE 
Closes gh-10717
 2022-01-14 11:58:45 -06:00
Joe Grandja
214cfe807e Allow Jwt assertion to be resolved 
Closes gh-9812
 2022-01-10 10:42:10 -05:00
Eleftheria Stein
3389cf3ffc Revert "Lock dependencies" 
This reverts commit 83bb4603f89c27b97305f32a0237bb6c417e7843.
 2021-12-20 21:55:35 +02:00
Marcus Da Coregio
cfbf28b8ba Revert "Lock Dependencies for Release" 
This reverts commit 3d4e90ba2aa6bf026024da6c8a57672f4e08c920.
 2021-12-20 16:47:36 -03:00
Eleftheria Stein
83bb4603f8 Lock dependencies 2021-12-20 21:17:17 +02:00
Marcus Da Coregio
3d4e90ba2a Lock Dependencies for Release 2021-12-20 16:03:13 -03:00
Dávid Kováč
17e28fa7aa Update clockSkew javadoc according to implementation 
Closes gh-10174
 2021-11-19 13:48:32 +01:00
Dávid Kováč
aa1ef46d84 Update clockSkew javadoc according to implementation 
Closes gh-10174
 2021-11-19 13:33:05 +01:00
Khaled Hamlaoui
00fafd878c Allow custom OAuth2ErrorHttpMessageConverter with OAuth2ErrorResponseErrorHandler 
Closes gh-10425
 2021-11-16 15:27:48 -06:00
Steve Riesenberg
076c01daef Add missing @since 5.6 2021-11-09 14:07:05 -06:00
Rob Winch
e4a76b0ec9 Checkstyle Fixes 
- Javadoc tag ordering
- Private constructors before inner classes

Issue gh-10394
 2021-10-22 10:19:34 -05:00
Rob Winch
f836897190 Checkstyle Fixes 
- Javadoc tag ordering
- Private constructors before inner classes

Issue gh-10394
 2021-10-18 21:03:35 -05:00
Rob Winch
0c088e278a Update r2dbc-spi-test to 0.8.6.RELEASE 
Closes gh-10393
 2021-10-18 21:03:12 -05:00
Steve Riesenberg
0704c709dc Revert "Lock Dependencies for Release" 
This reverts commit 03c2c49d66fe395374ecb3bed696087e882a6bbc.
 2021-10-18 17:38:07 -05:00
Steve Riesenberg
03c2c49d66 Lock Dependencies for Release 2021-10-18 17:34:42 -05:00
Steve Riesenberg
c83bd075a2 Revert "Lock Dependencies for Release" 
This reverts commit bedb569f0d41a46a92665a4e45adcc525cc10290.
 2021-10-18 16:49:15 -05:00