Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
17,225 Commits 32 Branches 333 Tags 110 MiB
Commit Graph

17225 Commits

Author SHA1 Message Date
Josh Cummings 702538ebce AuthorizationEventPublisher Accepts AuthorizationResult 
Closes gh-15915

Co-authored-by: Max Batischev <mblancer@mail.ru>
 2024-10-14 11:48:57 -07:00
DingHao ef1226ddf8 Use Oauth2UserService bean in OidcReactiveOAuth2UserService 
Closes gh-15846
 2024-10-14 11:41:04 -07:00
Tran Ngoc Nhan 35cc794e80 Add whitespace to improve readability 2024-10-14 11:39:04 -07:00
github-actions[bot] b1ac9bd9ba Merge branch '6.3.x' 2024-10-14 03:28:39 +00:00
dependabot[bot] 0ee0e35b99 Bump ch.qos.logback:logback-classic from 1.5.9 to 1.5.10 
Bumps [ch.qos.logback:logback-classic](https://github.com/qos-ch/logback) from 1.5.9 to 1.5.10.
- [Commits](https://github.com/qos-ch/logback/compare/v_1.5.9...v_1.5.10)

---
updated-dependencies:
- dependency-name: ch.qos.logback:logback-classic
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-10-13 20:27:56 -07:00
dependabot[bot] f0cf58b2cc Bump ch.qos.logback:logback-classic from 1.5.9 to 1.5.10 
Bumps [ch.qos.logback:logback-classic](https://github.com/qos-ch/logback) from 1.5.9 to 1.5.10.
- [Commits](https://github.com/qos-ch/logback/compare/v_1.5.9...v_1.5.10)

---
updated-dependencies:
- dependency-name: ch.qos.logback:logback-classic
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-10-13 20:21:12 -07:00
github-actions[bot] f082494e1b Merge branch '5.8.x' into 6.2.x 2024-10-14 01:09:39 +00:00
github-actions[bot] b0a988644f Merge branch '6.2.x' into 6.3.x 2024-10-14 01:09:39 +00:00
github-actions[bot] 00c912dcfa Merge branch '6.3.x' 2024-10-14 01:09:39 +00:00
dependabot[bot] fe79766aa2 Bump @antora/collector-extension in /docs 
---
updated-dependencies:
- dependency-name: "@antora/collector-extension"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-10-13 18:08:50 -07:00
dependabot[bot] b096ca4e59 Bump @antora/collector-extension in /docs 
---
updated-dependencies:
- dependency-name: "@antora/collector-extension"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-10-13 18:04:15 -07:00
dependabot[bot] ef70561ac9 Bump @antora/collector-extension in /docs 
---
updated-dependencies:
- dependency-name: "@antora/collector-extension"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-10-13 18:03:15 -07:00
github-actions[bot] 0ec9dfaebd Merge branch '6.3.x' 2024-10-14 00:24:10 +00:00
dependabot[bot] 7570c19bb9 Bump @antora/collector-extension in /docs 
---
updated-dependencies:
- dependency-name: "@antora/collector-extension"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-10-13 17:23:21 -07:00
Munawar Hafiz aa7ef1192e Replaces Date().getTime() method with System.currentTimeMillis() 2024-10-10 14:29:25 -05:00
github-actions[bot] 567933d995 Merge branch '6.3.x' 2024-10-10 04:13:45 +00:00
dependabot[bot] 9d1a094c34 Bump io.mockk:mockk from 1.13.12 to 1.13.13 
Bumps [io.mockk:mockk](https://github.com/mockk/mockk) from 1.13.12 to 1.13.13.
- [Release notes](https://github.com/mockk/mockk/releases)
- [Commits](https://github.com/mockk/mockk/compare/1.13.12...1.13.13)

---
updated-dependencies:
- dependency-name: io.mockk:mockk
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-10-09 21:12:56 -07:00
github-actions[bot] b89c6d96a8 Merge branch '6.3.x' 2024-10-10 04:05:49 +00:00
github-actions[bot] 17b5ebd3b1 Merge branch '6.2.x' into 6.3.x 2024-10-10 04:05:48 +00:00
dependabot[bot] 48af71ae5e Bump io.mockk:mockk from 1.13.12 to 1.13.13 
Bumps [io.mockk:mockk](https://github.com/mockk/mockk) from 1.13.12 to 1.13.13.
- [Release notes](https://github.com/mockk/mockk/releases)
- [Commits](https://github.com/mockk/mockk/compare/1.13.12...1.13.13)

---
updated-dependencies:
- dependency-name: io.mockk:mockk
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-10-09 21:05:06 -07:00
dependabot[bot] b6b60aefcf Bump io.mockk:mockk from 1.13.12 to 1.13.13 
Bumps [io.mockk:mockk](https://github.com/mockk/mockk) from 1.13.12 to 1.13.13.
- [Release notes](https://github.com/mockk/mockk/releases)
- [Commits](https://github.com/mockk/mockk/compare/1.13.12...1.13.13)

---
updated-dependencies:
- dependency-name: io.mockk:mockk
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-10-09 21:03:50 -07:00
dependabot[bot] a71fdd1401 Bump ch.qos.logback:logback-classic from 1.5.8 to 1.5.9 
Bumps [ch.qos.logback:logback-classic](https://github.com/qos-ch/logback) from 1.5.8 to 1.5.9.
- [Commits](https://github.com/qos-ch/logback/compare/v_1.5.8...v_1.5.9)

---
updated-dependencies:
- dependency-name: ch.qos.logback:logback-classic
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-10-08 21:08:07 -07:00
github-actions[bot] c8a9d03419 Merge branch '6.3.x' 2024-10-09 03:58:43 +00:00
dependabot[bot] 8e5d8d9bd5 Bump ch.qos.logback:logback-classic from 1.5.8 to 1.5.9 
Bumps [ch.qos.logback:logback-classic](https://github.com/qos-ch/logback) from 1.5.8 to 1.5.9.
- [Commits](https://github.com/qos-ch/logback/compare/v_1.5.8...v_1.5.9)

---
updated-dependencies:
- dependency-name: ch.qos.logback:logback-classic
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-10-08 20:57:56 -07:00
Max Batischev 2edaedf099 Improve encapsulation for jwtValidators 2024-10-07 16:41:50 -07:00
Josh Cummings b26f2af5d5 Polish 
Formatting as well as adding a missing defer

Issue gh-15699
 2024-10-07 16:39:54 -07:00
Max Batischev 2ca2e56383 Add Reactive One-Time Token Login support 
Closes gh-15699
 2024-10-07 16:39:54 -07:00
github-actions[bot] 1adb13db66 Merge branch '6.3.x' 2024-10-07 04:09:52 +00:00
dependabot[bot] 1e6ac83dfb Bump org.junit:junit-bom from 5.10.4 to 5.10.5 
Bumps [org.junit:junit-bom](https://github.com/junit-team/junit5) from 5.10.4 to 5.10.5.
- [Release notes](https://github.com/junit-team/junit5/releases)
- [Commits](https://github.com/junit-team/junit5/compare/r5.10.4...r5.10.5)

---
updated-dependencies:
- dependency-name: org.junit:junit-bom
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-10-06 21:09:05 -07:00
dependabot[bot] 132e559d65 Bump org.junit:junit-bom from 5.11.1 to 5.11.2 
Bumps [org.junit:junit-bom](https://github.com/junit-team/junit5) from 5.11.1 to 5.11.2.
- [Release notes](https://github.com/junit-team/junit5/releases)
- [Commits](https://github.com/junit-team/junit5/compare/r5.11.1...r5.11.2)

---
updated-dependencies:
- dependency-name: org.junit:junit-bom
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-10-06 20:40:17 -07:00
dependabot[bot] 6a0e90d6cb Bump io.freefair.gradle:aspectj-plugin from 8.10 to 8.10.2 
Bumps [io.freefair.gradle:aspectj-plugin](https://github.com/freefair/gradle-plugins) from 8.10 to 8.10.2.
- [Release notes](https://github.com/freefair/gradle-plugins/releases)
- [Commits](https://github.com/freefair/gradle-plugins/compare/8.10...8.10.2)

---
updated-dependencies:
- dependency-name: io.freefair.gradle:aspectj-plugin
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-10-06 20:35:26 -07:00
github-actions[bot] e8876fa195 Merge branch '6.2.x' into 6.3.x 2024-10-07 03:30:32 +00:00
github-actions[bot] 0ab56601b2 Merge branch '6.3.x' 2024-10-07 03:30:32 +00:00
dependabot[bot] 73ee0cf7ec Bump org.junit:junit-bom from 5.10.4 to 5.10.5 
Bumps [org.junit:junit-bom](https://github.com/junit-team/junit5) from 5.10.4 to 5.10.5.
- [Release notes](https://github.com/junit-team/junit5/releases)
- [Commits](https://github.com/junit-team/junit5/compare/r5.10.4...r5.10.5)

---
updated-dependencies:
- dependency-name: org.junit:junit-bom
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-10-06 20:29:49 -07:00
Max Batischev de104e22b7 Update javaDoc for DefaultOneTimeTokenSubmitPageGeneratingFilter 2024-10-02 15:31:43 -05:00
Giovanni Lovato a3fd551fb5 Add ClientRegistrations.fromOidcConfiguration method 
ClientRegistrations now provides the fromOidcConfiguration
method to create a ClientRegistration.Builder from a map
representation of an OpenID Provider Configuration Response.

This is useful when the OpenID Provider Configuration is not
available at a well-known location, or if custom validation
is needed for the issuer location (e.g. if the issuer is only
reachable via a back-channel URI that is different from the
issuer value in the configuration).

Fixes: gh-14633
 2024-10-02 15:11:01 -05:00
Rob Winch 1dd79c379b Add JdbcOneTimeTokenService 
Closes gh-15735
 2024-10-02 14:42:13 -05:00
Rob Winch f002fedb73 Document JdbcOneTimeTokenService 
Issue gh-15735
 2024-10-02 14:41:06 -05:00
Rob Winch c3a5ae1254 Fix logger checkstyle 2024-10-02 14:39:58 -05:00
Rob Winch 7738e6c895 Add logger.isDebugEnabled() 
Issue gh-15735
 2024-10-02 14:24:23 -05:00
Rob Winch c4b60cd080 Reduce visibility for JdbcOneTimeTokenServiceTests 
Issue gh-15735
 2024-10-02 14:24:23 -05:00
Rob Winch 650ec3ba82 Use Duration for calculating validity 
This improves readability.

Issue gh-15735
 2024-10-02 14:24:23 -05:00
Rob Winch e8c71df899 Use private Inner JdbcOneTimeTokenService classes 
Issue gh-15735
 2024-10-02 14:24:23 -05:00
Rob Winch 612b15abcc JdbcOneTimeTokenService.setCleanupCron 
Spring Security uses setter methods for optional member variables. Allows
for a null cleanupCron to disable the cleanup.

In a clustered environment it is likely that users do not want all nodes
to be performing a cleanup because it will cause contention on the ott
table.

Another example is if a user wants to invoke cleanUpExpiredTokens with a
different strategy all together, they might want to disable the cron job.

Issue gh-15735
 2024-10-02 14:22:25 -05:00
Steve Riesenberg f5991ae176 Allow access token request parameters to override defaults 
Closes gh-11298
 2024-10-02 12:05:42 -05:00
Rob Winch 4787ac254d cleanUpExpiredTokens->cleanupExpiredTokens 
Issue gh-15735
 2024-10-02 10:59:26 -05:00
Rob Winch 4f328c9503 destroy() shuts down the taskScheduler 
Issue gh-15735
 2024-10-02 10:59:21 -05:00
dependabot[bot] 8c2485cb47 Bump io.spring.develocity.conventions from 0.0.21 to 0.0.22 
Bumps [io.spring.develocity.conventions](https://github.com/spring-io/develocity-conventions) from 0.0.21 to 0.0.22.
- [Release notes](https://github.com/spring-io/develocity-conventions/releases)
- [Commits](https://github.com/spring-io/develocity-conventions/compare/v0.0.21...v0.0.22)

---
updated-dependencies:
- dependency-name: io.spring.develocity.conventions
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-10-01 20:37:00 -07:00
dependabot[bot] b5132e9c4f Bump io.micrometer:micrometer-observation from 1.13.4 to 1.13.5 
Bumps [io.micrometer:micrometer-observation](https://github.com/micrometer-metrics/micrometer) from 1.13.4 to 1.13.5.
- [Release notes](https://github.com/micrometer-metrics/micrometer/releases)
- [Commits](https://github.com/micrometer-metrics/micrometer/compare/v1.13.4...v1.13.5)

---
updated-dependencies:
- dependency-name: io.micrometer:micrometer-observation
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-10-01 20:28:22 -07:00
dependabot[bot] fddc7768c5 Bump org.mockito:mockito-bom from 5.14.0 to 5.14.1 
Bumps [org.mockito:mockito-bom](https://github.com/mockito/mockito) from 5.14.0 to 5.14.1.
- [Release notes](https://github.com/mockito/mockito/releases)
- [Commits](https://github.com/mockito/mockito/compare/v5.14.0...v5.14.1)

---
updated-dependencies:
- dependency-name: org.mockito:mockito-bom
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-09-30 21:03:03 -07:00