Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
8,409 Commits 29 Branches 320 Tags 104 MiB
Commit Graph

8409 Commits

Author SHA1 Message Date
Eleftheria Stein a2fb2c91c2 Kotlin examples in documentation 
Issue: gh-5558
 2020-01-22 14:36:34 +01:00
Eleftheria Stein 9740b5920b Load LDIF file from classpath in unboundId mode 
Fixes: gh-7833
 2020-01-21 09:52:30 -06:00
Eleftheria Stein 57fba90c0e Fix LDIF file example in LDAP docs 
Fixes: gh-7832
 2020-01-20 10:24:20 +01:00
Rob Winch e93fb9904e Update to Gradle 6.1 2020-01-17 19:22:13 -06:00
Rob Winch a03bfe63fd Remove in favor of ManagementConfigurationPlugin 2020-01-17 19:22:13 -06:00
Johannes Edmeier bdc60a9128 Don't cache requests with `Accept: text/event-stream` by default. 
The eventstream requests is typically not directly invoked by the browser.
And even more unfortunately the Browser-Api doesn't allow the set additional headers as `XMLHttpRequest`..
 2020-01-17 10:42:16 -08:00
Rob Winch 1ae3ec3f8a Revert "Update to Gradle 6.1" 
This reverts commit 7f9715d951.
 2020-01-16 19:32:46 -06:00
Phil Clay e5fca61810 Introduce Reactive OAuth2Authorization success/failure handlers 
All ReactiveOAuth2AuthorizedClientManagers now have authorization success/failure handlers.
A success handler is provided to save authorized clients for future requests.
A failure handler is provided to remove previously saved authorized clients.

ServerOAuth2AuthorizedClientExchangeFilterFunction also makes use of a
failure handler in the case of unauthorized or forbidden http status code.

The main use cases now handled are
- remove authorized client when an authorization server indicates that a refresh token is no longer valid (when authorization server returns invalid_grant)
- remove authorized client when a resource server indicates that an access token is no longer valid (when resource server returns invalid_token)

Introduced ClientAuthorizationException to capture details needed when removing an authorized client.
All ReactiveOAuth2AccessTokenResponseClients now throw a ClientAuthorizationException on failures.

Created AbstractWebClientReactiveOAuth2AccessTokenResponseClient to unify common logic between all ReactiveOAuth2AccessTokenResponseClients.

Fixes gh-7699
 2020-01-16 15:24:55 -05:00
Rob Winch 7f9715d951 Update to Gradle 6.1 
Fixes gh-7838
 2020-01-16 11:18:01 -06:00
Rob Winch a769f6a0c4 Polish LDAP Authentication 
Issue gh-7628
 2020-01-16 09:38:40 -06:00
Josh Cummings f1f158b37e AuthenticationEventPublisher DSL Lookup 
Fixes gh-4400
 2020-01-14 12:07:46 -07:00
Josh Cummings 5579846263 AuthenticationEventPublisher Bean Lookup 
Issue gh-7793
Fixes gh-7515
 2020-01-14 12:07:46 -07:00
James Howe fc9b97c94a Typo in doc 2020-01-14 08:32:26 -07:00
Josh Cummings 982f3f902c
Add oauth2Login Reactive Test Support 
Fixes gh-7828
 2020-01-13 17:49:52 -07:00
Rob Winch 841275e152 Polish Username Password Storage wording 
Issue gh-7801
 2020-01-13 16:40:12 -06:00
Rob Winch c4a0ed0db5 Fix indentation of user-details-service.adoc 
Issue gh-7801
 2020-01-13 16:40:05 -06:00
Rob Winch 2e2974fc13 Add Dependency Versions to Asciidoctor 
Add dependency versions to asciidoctor and
spring-version -> spring-core-version

Issue gh-7801
 2020-01-13 16:39:57 -06:00
Rob Winch 38c2010d21 Remove println from springVersion 
Issue gh-7801
 2020-01-13 16:39:50 -06:00
Filip Hanik 6a28d9eee7 Use latest documentation plugin 2020-01-13 12:19:57 -08:00
Vincent Ricard f0856c83a9 Migrate LDAP integration tests groovy->java 
This commit also removes BaseSpringSpec

Issue: gh-4939
 2020-01-13 14:18:25 +01:00
Onur Kağan Özcan 1f6381d970 Set secure on cookie when logging out 
Mark cookie secure flag to ensure cookie identity is the same
 2020-01-13 11:01:33 +01:00
Josh Cummings 8f1d0cf528
opaqueToken MockMvc Configuration Order 
Fixes gh-7800
 2020-01-10 16:47:31 -07:00
Rob Winch ad7c44f7fd Add More role=primary/secondary 
Issue gh-7801
 2020-01-10 10:58:24 -06:00
Rob Winch 729da6463f Fix appendix-schema id 2020-01-10 10:58:24 -06:00
Eleftheria Stein 1e33627d87 Use standard lambda syntax in documentation 
Fixes: gh-7774
 2020-01-10 13:12:17 +01:00
Josh Cummings a35ce77451
Add missing PowerMockIgnore annotation 
WebSecurityConfigurerAdapterPowermockTests needs to exclude
javax.xml.transform.* from Powermock configuration.
 2020-01-09 15:48:08 -07:00
Josh Cummings ba21c156dd
Polish WebSecurityConfigurerAdapter tests 
Moved Powermock-dependent test over to
WebSecurityConfigurerAdapterPowermockTests.
 2020-01-09 13:51:19 -07:00
Rob Winch ffccec953f Fix HttpHeaderWriterWebFilterTests 
Ensure setComplete() is subscribed to
 2020-01-09 14:24:35 -06:00
Rob Winch 3fb87d10e9 Add role=primary/secondary example 
Issue gh-7801
 2020-01-09 12:05:20 -06:00
Rob Winch b85b4b8643 spring-build-conventions:0.0.28.BUILD-SNAPSHOT 
Fixes gh-7801
 2020-01-09 12:05:06 -06:00
Rob Winch 04b6096d19 Fix Asciidoctor Warnings 
Issue gh-7801
 2020-01-09 12:04:58 -06:00
Eleftheria Stein fcc6457bef Unlock dependencies for next development version 
This reverts commit 93acf8f0f1.
 2020-01-08 22:15:17 +01:00
Eleftheria Stein d68a82e716 Next Development Version 2020-01-08 22:10:35 +01:00
Eleftheria Stein 7af26f12dc Release 5.3.0.M1 2020-01-08 21:42:46 +01:00
Eleftheria Stein 3cc9dfcd9f Disable locks in snapshot pipeline task 
Fixes: gh-7798
 2020-01-08 21:12:19 +01:00
Eleftheria Stein c0d78a32f1 Allow disabling dependency locking 
Fixes: gh-7799
 2020-01-08 21:11:00 +01:00
Eleftheria Stein 93acf8f0f1 Lock dependencies for 5.3.0.M1 2020-01-08 19:41:10 +01:00
Eleftheria Stein 2cf9e57fa4 Restrict cas-server version 
Issue: gh-7788
 2020-01-08 17:18:30 +01:00
Eleftheria Stein 20483c2314 Update to Spring Boot 2.2.2.RELEASE 
Fixes: gh-7797
 2020-01-08 17:01:23 +01:00
Josh Cummings de87675f6d Add JwtIssuerAuthenticationManagerResolver 
Fixes gh-7724
 2020-01-07 23:30:42 -07:00
Josh Cummings 09810b8df9
oidcLogin Test Configuration Flow 
Fixes gh-7794
 2020-01-07 17:37:48 -07:00
Josh Cummings 84ba3ddf26
Add oauth2Login MockMvc Support 
Fixes gh-7789
 2020-01-07 14:09:36 -07:00
Eleftheria Stein-Kousathana 2df1099da5
Idiomatic Kotlin DSL for configuring HTTP security 
Issue: gh-5558
 2020-01-07 12:08:43 -05:00
artmiar e306482a96 Fix description of PasswordEncoder 2020-01-07 06:17:39 -05:00
Rob Winch f639e17491 Resolve Current Spring Version 
Issue gh-7788
 2020-01-06 15:12:04 -06:00
Rob Winch 65981444f1 Use Version Ranges 
Fixes gh-7788
 2020-01-06 14:46:48 -06:00
Rob Winch 1bb1e74a9d Add Gradle Lock Plugin 
Issue gh-7788
 2020-01-06 14:46:48 -06:00
Rob Winch 06d7443946 Use Gradle platform and constraints 
This was largely generated from the following script

wget bd9f8eb541/src/main/groovy/io/spring/gradle/convention/DependencySetPlugin.groovy ./dsp.gradle
cat gradle/dependency-management.gradle | grep 'management "' | cut -d ':' -f 2 | xargs -I{} sh -c "rg {} -l -g '*.gradle' -g '\!dependency-management.gradle' > /dev/null || echo {}" | xargs -I{} sed -iE '/.*{}.*/d' gradle/dependency-management.gradle
rm ./dps.gradle

Fixes gh-7787
 2020-01-06 14:46:36 -06:00
Eleftheria Stein 924b9e95a1 Polish MethodSecurityEvaluationContext 
Issue: gh-6224
 2020-01-03 20:08:52 -05:00
Daniel Bustamante Ospina 150b66824d Make MethodSecurityEvaluationContext Delegate to MethodBasedEvaluationContext 
Spring Security's MethodSecurityEvaluationContext should delegate to Spring Framework's
MethodBasedEvaluationContext

Fixes: gh-6224
 2020-01-03 19:49:41 -05:00