cca999c57d
Merge remote-tracking branch 'origin/5.8.x'
2022-11-01 13:46:08 -06:00
d29ab8bcae
Merge branch '5.7.x' into 5.8.x
2022-11-01 13:43:40 -06:00
c94e33b6c8
Merge branch '5.6.x' into 5.7.x
2022-11-01 13:42:35 -06:00
8315545144
Update RP-Initiated Logout target URLs.
...
The URLs we're using are not actually pointing to the OIDC RP-Initiated Logout Specs.
Fixes: gh-12081
2022-11-01 12:35:39 -06:00
801ceb0832
Merge branch '5.8.x'
2022-10-31 08:58:14 -05:00
66f2f1cde7
Merge branch '5.7.x' into 5.8.x
2022-10-31 08:55:03 -05:00
2915a70bf7
Merge branch '5.6.x' into 5.7.x
2022-10-28 13:05:48 -05:00
26a51ee198
Merge branch '5.5.x' into 5.6.x
2022-10-28 11:15:33 -05:00
e7fe778abc
Merge branch '5.4.x' into 5.5.x
2022-10-28 11:13:33 -05:00
3e2ac82612
Merge branch '5.3.x' into 5.4.x
2022-10-28 11:10:39 -05:00
5560bbaa80
Merge branch '5.2.x' into 5.3.x
2022-10-28 11:07:51 -05:00
75004587a4
Fix scope mapping
...
Issue gh-12101
2022-10-28 11:00:27 -05:00
14584b0562
Add SecurityContextHolderStrategy to OAuth2
...
Issue gh-11060
2022-10-05 23:50:54 -06:00
7f0140278e
Add native hint for OAuth2 Client's schemas
...
Closes gh-11920
2022-09-29 10:01:51 -03:00
181ee7410b
Change default authority for oauth2Login()
...
Previously, the default authority was ROLE_USER when using
oauth2Login() for both OAuth2 and OIDC providers.
* Default authority for OAuth2UserAuthority is now OAUTH2_USER
* Default authority for OidcUserAuthority is now OIDC_USER
Documentation has been updated to include this implementation detail.
Closes gh-7856
2022-09-26 10:06:31 -05:00
7527fd811c
Merge branch '5.8.x'
2022-09-26 09:56:55 -05:00
bbac85e20b
Reduce severity of invalid registrationId to warn
...
This prevents filling the log file with error messages when routine
scans are being performed.
Closes gh-11344
2022-09-26 09:56:20 -05:00
c6458c35aa
Merge branch '5.8.x'
2022-09-14 15:12:21 -05:00
bea7761a1c
ClientRegistrations#rest defines 30s connect and read timeouts
2022-09-14 15:10:34 -05:00
f84f08c4b9
Default HttpSessionRequestCache.matchingRequestParameterName=continue
...
Closes gh-11757
2022-08-26 14:44:55 -05:00
32dbaceec5
Fix mockito 4.7.0 merge
...
Issue gh-11748
2022-08-24 08:58:00 -05:00
670b71363d
Merge branch '5.8.x'
...
Closes gh-11749
2022-08-23 16:03:50 -05:00
2fb625db84
Remove mockito deprecations
...
Issue gh-11748
2022-08-23 15:59:52 -05:00
2e66b9f6cc
Allow customization of redirect strategy
...
The default redirect strategy will provide authorization redirect
URI within HTTP 302 response Location header.
Allowing the configuration of custom redirect strategy will provide
an option for the clients to obtain the authorization URI from e.g.
HTTP response body as JSON payload, without a need to handle
automatic redirection initiated by the HTTP Location header.
Closes gh-11373
2022-08-08 15:44:01 -05:00
efaee4e56b
Allow customization of redirect strategy
...
The default redirect strategy will provide authorization redirect
URI within HTTP 302 response Location header.
Allowing the configuration of custom redirect strategy will provide
an option for the clients to obtain the authorization URI from e.g.
HTTP response body as JSON payload, without a need to handle
automatic redirection initiated by the HTTP Location header.
Closes gh-11373
2022-08-08 15:35:49 -05:00
b5b3ddd6b4
Deprecate Resource Owner Password Credentials grant
...
Closes gh-11590
2022-07-15 16:45:00 -04:00
95155ddb0c
Deprecate Resource Owner Password Credentials grant
...
Closes gh-11590
2022-07-15 16:28:47 -04:00
6ee1643bae
Remove deprecations in ServerOAuth2AuthorizedClientExchangeFilterFunction
...
Closes gh-11589
2022-07-15 15:13:40 -04:00
054791c26c
Remove deprecations in ServletOAuth2AuthorizedClientExchangeFilterFunction
...
Closes gh-11588
2022-07-15 15:12:39 -04:00
0859da5590
Remove deprecations in OAuth2AuthorizedClientArgumentResolver
...
Closes gh-11584
2022-07-15 14:42:03 -04:00
743b6a5bfe
Remove deprecations in OidcClientInitiatedLogoutSuccessHandler
...
Closes gh-11565
2022-07-15 14:04:09 -04:00
cae22867b2
Remove deprecated allowMultipleAuthorizationRequests
...
Closes gh-11564
2022-07-15 13:50:30 -04:00
0e291a3295
Remove deprecations in AuthorizationRequestRepository
...
Closes gh-11519
2022-07-15 08:15:52 -04:00
e12823095f
Remove deprecations in ClientRegistration
...
Closes gh-11518
2022-07-15 08:15:30 -04:00
61b034bf69
Remove deprecations in AbstractOAuth2AuthorizationGrantRequest
...
Closes gh-11517
2022-07-15 08:14:56 -04:00
be58e2ac49
Remove deprecations in ClientAuthenticationMethod
...
Closes gh-11516
2022-07-15 07:45:33 -04:00
746d27eab1
Remove deprecated NimbusAuthorizationCodeTokenResponseClient
...
Closes gh-11512
2022-07-14 16:32:21 -04:00
42683693c0
Remove deprecated CustomUserTypesOAuth2UserService
...
Closes gh-11511
2022-07-14 14:28:41 -04:00
67b27a41c3
Remove deprecated UnAuthenticatedServerOAuth2AuthorizedClientRepository
...
Closes gh-11508
2022-07-14 12:10:58 -04:00
a3326fc0ee
Remove deprecated implicit authorization grant type
...
Closes gh-11506
2022-07-14 10:05:15 -04:00
ecbfa84b39
Revert "Disable failing tests until r2dbc-h2 is upgraded"
...
This reverts commit 614065bb3b
2022-07-13 10:55:12 -03:00
8776f66fb9
Update io.r2dbc:r2dbc-h2 to 1.0.0.RC1
...
Closes gh-11479
2022-07-13 10:55:12 -03:00
614065bb3b
Disable failing tests until r2dbc-h2 is upgraded
...
Issue gh-11479
2022-07-11 10:32:38 -05:00
1d72a05c32
Add SecurityContextHolderStrategy to OAuth2
...
Issue gh-11060
2022-06-27 13:05:12 -06:00
539a11d0a4
Encode postLogoutRedirectUri query params
...
Closes gh-11379
2022-06-16 16:13:42 -06:00
f035c30edb
Encode postLogoutRedirectUri query params
...
Closes gh-11379
2022-06-16 16:12:13 -06:00
01513ab17e
Add placeholders to reactive post_logout_redirect_uri
...
Now also supports baseScheme, baseHost, basePort, and basePath
Issue gh-11229
2022-06-16 16:10:26 -06:00
6f69d85fcb
Reactive OAuth 2.0 logout handler resolves registrationId
...
Closes gh-11378
2022-06-16 16:09:57 -06:00
3f30de388a
Encode postLogoutRedirectUri query params
...
Closes gh-11379
2022-06-16 16:09:56 -06:00
e4505ed6c8
Add placeholders to post_logout_redirect_uri
...
Now supports baseScheme, baseHost, basePort, and basePath in addition
to extant baseUrl.
Closes gh-11229
2022-06-16 16:09:56 -06:00
Josh Cummings
Ger Roza
Steve Riesenberg
Marcus Da Coregio
Daniel Garnier-Moiroux
Rob Winch
Igor Bolic
Joe Grandja
Michael