Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-02-28 18:39:06 +00:00
Code Issues Packages Projects Releases Wiki Activity
17,621 Commits 36 Branches 337 Tags
Commit Graph

2914 Commits

Author SHA1 Message Date
Josh Cummings
7d301f87d6
Add Opt-in PathPattern Strategy 
Closes gh-16573
 2025-02-21 13:40:24 -07:00
Josh Cummings
588220a020
Add PathPatterRequestMatcher 
Closes gh-16429
Clsoes gh-16430
 2025-02-21 13:40:23 -07:00
Josh Cummings
51ce91f07b
Merge branch '6.4.x' 2025-02-18 15:11:08 -07:00
Josh Cummings
cc2cfc62b0
Add Test Requiring serialVersionUID 
Issue gh-16276
 2025-02-18 15:06:50 -07:00
tejas-teju
c4b223266c Return Invalid Credentials message on login error 
Closes gh-16484

Signed-off-by: tejas-teju <tejas8196@gmail.com>
 2025-02-14 16:01:22 -07:00
Josh Cummings
e42865b926
Merge branch '6.4.x' 2025-02-14 13:08:17 -07:00
Josh Cummings
946812691e
Make AuthenticatorAttestation Serializable 
Issue gh-16481
 2025-02-14 13:07:56 -07:00
Max Batischev
b5a4218a0b Make WebAuthnAuthenticationRequestToken Serializable 
Closes gh-16481

Signed-off-by: Max Batischev <mblancer@mail.ru>
 2025-02-14 11:51:46 -07:00
plll0123
f9e04594a7 Refactor authorization manager variable naming 
- Renamed PERMIT_ALL_AUTHORIZATION_MANAGER to snake_case style
- Introduced AUTHORIZATION_DECISION for reuse

Signed-off-by: plll0123 <jsh951227@gmail.com>
 2025-02-14 10:02:55 -07:00
Josh Cummings
666d3a4af6
Merge branch '6.4.x' 2025-02-13 17:25:39 -07:00
Max Batischev
879b44f9a1 Make PublicKeyCredentialRequestOptions Serializable 
Closes gh-16432

Signed-off-by: Max Batischev <mblancer@mail.ru>
 2025-02-13 17:17:16 -07:00
Joe Grandja
2480d41981 Add support for OAuth 2.0 Demonstrating Proof of Possession (DPoP) 
Signed-off-by: Joe Grandja <10884212+jgrandja@users.noreply.github.com>
 2025-02-11 14:10:23 -05:00
Daniel Garnier-Moiroux
238f47ce5e One Time Token login registers the default login page 
closes gh-16414

Signed-off-by: Daniel Garnier-Moiroux <git@garnier.wf>
 2025-02-10 09:55:51 -06:00
Daniel Garnier-Moiroux
5ee6b83953 Introduce OneTimeTokenAuthenticationFilter 
closes gh-16539

Signed-off-by: Daniel Garnier-Moiroux <git@garnier.wf>
 2025-02-10 09:55:51 -06:00
Josh Cummings
8e19b8039c
Merge branch '6.4.x' 2025-02-05 15:49:20 -07:00
Josh Cummings
4776446b14
Add Missing Serialzed AuthorizationDeniedException 
Issue gh-16544
 2025-02-05 15:48:55 -07:00
Max Batischev
9676739c88 TestServerOneTimeTokenGenerationSuccessHandler.lastToken to non-static variable 
Signed-off-by: Max Batischev <mblancer@mail.ru>
 2025-02-05 14:14:16 -07:00
Max Batischev
be81377235 Add Support ServerGenerateOneTimeTokenRequestResolver 
Closes gh-16488

Signed-off-by: Max Batischev <mblancer@mail.ru>
 2025-02-05 14:14:16 -07:00
Josh Cummings
981e3fd779
Merge branch '6.4.x' 2025-02-05 13:59:12 -07:00
Josh Cummings
b4c7795699
Support Serialization for Authorization Components 
Closes gh-16544
 2025-02-05 13:58:32 -07:00
DingHao
f7e0f7fa8a Polish OneTimeTokenLoginConfigurer 
Signed-off-by: DingHao <dh.hiekn@gmail.com>
 2025-02-04 12:38:27 -07:00
Josh Cummings
5ff87128b1
Make Saml2AuthenticationToken Serializable 
Issue gh-16286
 2025-02-03 10:13:14 -07:00
Tran Ngoc Nhan
bcc4b415b3
Make RelyingPartyRegistration Serializable 
Closes gh-16286
 2025-02-03 10:13:13 -07:00
Rob Winch
10394c8f2a
OTT Tests use Mocks Instead of Comparing Expires 
Previously, expires was compared to test if a custom implementations
were used. Now the tests verify this through mocks.

Closes gh-16515
 2025-01-31 16:47:50 -06:00
Josh Cummings
5af4b9a2ad
Merge branch '6.4.x' 2025-01-30 18:06:01 -07:00
Josh Cummings
4b5bacf71a
Make Saml2AuthenticationToken Serializable 
Issue gh-16286
 2025-01-30 18:05:17 -07:00
Tran Ngoc Nhan
e50415de85
Make RelyingPartyRegistration Serializable 
Closes gh-16286
 2025-01-30 17:45:41 -07:00
Josh Cummings
28615e7f64
Remove Stray Import 2025-01-24 11:47:40 -07:00
Rob Winch
a841737941
Use credPropsField.getType() 
Using the type from a field retains generics information.

Issue gh-16432
 2025-01-23 20:13:11 -06:00
Max Batischev
c7bc4c98db
Make PublicKeyCredentialRequestOptions Serializable 
Closes gh-16432

Signed-off-by: Max Batischev <mblancer@mail.ru>
 2025-01-23 20:13:10 -06:00
Josh Cummings
e1a42db845
Merge branch '6.4.x' 2025-01-23 17:03:53 -07:00
Josh Cummings
e1e5970a24
Support Serialization for LDAP Components 
Issue gh-16276
 2025-01-23 16:55:30 -07:00
Josh Cummings
36716d12ba
Serialization Support of Core Components 
Issue gh-16276
 2025-01-23 16:50:30 -07:00
Josh Cummings
d7921daa13
Support Serialization for SecurityConfig 
Issue gh-16276
 2025-01-23 16:44:53 -07:00
Josh Cummings
d043884e32
Support Serialization 
Issue gh-16276
 2025-01-23 16:44:45 -07:00
Rob Winch
177ce59a4b
Merge branch '6.4.x' 
Implement Serializable for WebAuthnAuthentication

Closes gh-16474
 2025-01-23 14:12:30 -06:00
Tran Ngoc Nhan
e557c7227b
Implement Serializable for WebAuthnAuthentication 
Closes gh-16273
Closes gh-16285

Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
 2025-01-23 13:53:26 -06:00
Rob Winch
f8132018d5
Merge branch '6.4.x' 
TestOneTimeTokenGenerationSuccessHandler.lastToken to non-static variable

Closes gh-16472
 2025-01-23 12:45:09 -06:00
Rob Winch
751b5580a1
TestOneTimeTokenGenerationSuccessHandler.lastToken to non-static variable 
Previously there were race conditions on the static member lastToken of
TestOneTimeTokenGenerationSuccessHandler. This is because the tests run in
parallel and one test may override the other tests lastToken and thus
make the assertion on it incorrect.

This commit changes lastToken to be a non-static variable to ensure that
each test has it's own lastToken for asserting the expected value.

Closes gh-16471
 2025-01-23 12:43:22 -06:00
Steve Riesenberg
4f860a5481
Merge branch '6.4.x' 
# Conflicts:
#	config/src/main/java/org/springframework/security/config/annotation/web/configurers/oauth2/client/OAuth2LoginConfigurer.java
 2025-01-22 17:30:29 -06:00
Max Batischev
474b5e151a Add Support GenerateOneTimeTokenRequestResolver 
Closes gh-16291

Signed-off-by: Max Batischev <mblancer@mail.ru>
 2025-01-22 17:09:55 -06:00
Steve Riesenberg
d97e01d1de
Merge branch '6.3.x' into 6.4.x 
Closes gh-16466
 2025-01-22 17:09:34 -06:00
Steve Riesenberg
211fa52649
Favor provided instances over shared objects 
Prior to this commit, providing oauth2Login() and oauth2Client() with
clientRegistrationRepository() and authorizedClientRepository() caused
objects to be shared across both configurers.

These configurers will now prefer explicitly provided instances of
those objects when they are available.

Closes gh-16105
 2025-01-22 17:07:44 -06:00
Rob Winch
68c8a5ad99
Remove debug test 
Issue gh-16443
 2025-01-22 16:11:25 -06:00
Rob Winch
6149489b70
Merge branch '6.4.x' 
fix flakey test in WebAuthnWebDriverTests

Closes gh-16464
 2025-01-22 14:46:05 -06:00
Daniel Garnier-Moiroux
028c212be4
fix flakey test in WebAuthnWebDriverTests 
Closes gh-16463

Signed-off-by: Daniel Garnier-Moiroux <git@garnier.wf>
 2025-01-22 14:45:44 -06:00
Rob Winch
4ee9358900
Add serializeAndDeserializeAreEqual 
Checks that serialization/deserialization can be performed.

Issue gh-16443
 2025-01-22 14:06:11 -06:00
Tran Ngoc Nhan
e5ea75f7f4 Implement Serial 
Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
 2025-01-21 18:14:52 -06:00
Rob Winch
a2abe3c33e
Add HttpMessageConverter WebAuthnDsl Support 
Issue gh-16397
 2025-01-17 21:07:46 -06:00
Rob Winch
4314e68329
Add WebAuthenticationDsl.creationOptionsRepository 
Issue gh-16396
 2025-01-17 20:51:43 -06:00