Commit Graph

220 Commits

Author SHA1 Message Date
Joe Grandja 86ca6b013c Unlock dependencies
This reverts commit 206960cf44.
2020-05-06 17:27:35 -04:00
Joe Grandja 206960cf44 Lock dependencies for 5.4.0-M1 2020-05-06 17:13:04 -04:00
Eleftheria Stein 545286188d Update SAML2 errors in integration tests 2020-05-06 11:46:54 -04:00
Eleftheria Stein 420737fa88 Add Kotlin WebFlux sample
Issue: gh-5558
2020-04-07 16:51:42 -04:00
Eleftheria Stein 8cf4ada7de Update Spring Kotlin plugin in sample 2020-04-07 16:17:42 -04:00
Josh Cummings 1a1be6a946
Polish SAML 2.0 Login Sample
Fixes gh-8163
2020-03-20 16:50:48 -06:00
Josh Cummings 6eadf7b140
Unlock dependencies for 5.3.0.RELEASE
This reverts commit 147d7dadd7.
2020-03-04 12:02:48 -07:00
Josh Cummings 147d7dadd7
Lock dependencies for 5.3.0.RELEASE 2020-03-04 10:28:39 -07:00
Josh Cummings 3bc1b7a933
Simplify opaqueToken support
Remove scopes convenience method to alleviate potential confusion with
the "scope" attribute.

Issue gh-7827
Issue gh-7712
2020-03-03 16:24:43 -07:00
Josh Cummings 689fc9df0c
Align Test Support Claims
Make all sub claims 'user' and all scopes 'read' to align with
existing support for JWT

Issue gh-7828
Issue gh-7789
Issue gh-7680
Issue gh-7618
2020-03-03 16:24:43 -07:00
Filip Hanik a51a202925 Correct signature handling for SAML2 AuthNRequest
Implements the following bindings for AuthNRequest
- REDIRECT
- POST (future PR)

Has been tested with
- Keycloak
- SSOCircle
- Okta
- SimpleSAMLPhp

Fixes gh-7711
2020-02-12 13:30:48 -08:00
Filip Hanik 43098d41cc Revert "Correct signature handling for SAML2 AuthNRequest"
This reverts commit a3e09fadd7.
Build failure on Java 9+

XML generation does not add linefeeds by default
Change since Java 8
2020-02-12 13:30:48 -08:00
Filip Hanik a3e09fadd7 Correct signature handling for SAML2 AuthNRequest
Implements the following bindings for AuthNRequest
- REDIRECT
- POST (future PR)

Has been tested with
- Keycloak
- SSOCircle
- Okta
- SimpleSAMLPhp

Fixes gh-7711
2020-02-12 11:40:19 -08:00
Josh Cummings f23ab6f716
Updated Tests for oauth2webclient-webflux Sample
Issue gh-7910
2020-02-05 15:56:18 -07:00
Eleftheria Stein 84b8a5abd7 Unlock dependencies for next development version
This reverts commit 064616f1ef.
2020-02-05 15:53:04 +01:00
Eleftheria Stein 064616f1ef Lock dependencies for 5.3.0.RC1 2020-02-05 10:20:05 +01:00
Rob Winch 1d7208f8ef Add RSocket Authentication Extension Support
Fixes gh-7935
2020-02-04 23:36:47 -06:00
Josh Cummings 187c76e610
Update Tests in oauth2webclient Sample
Issue gh-7886
2020-02-03 17:08:04 -07:00
Josh Cummings 982f3f902c
Add oauth2Login Reactive Test Support
Fixes gh-7828
2020-01-13 17:49:52 -07:00
Josh Cummings 8f1d0cf528
opaqueToken MockMvc Configuration Order
Fixes gh-7800
2020-01-10 16:47:31 -07:00
Eleftheria Stein 1e33627d87 Use standard lambda syntax in documentation
Fixes: gh-7774
2020-01-10 13:12:17 +01:00
Eleftheria Stein fcc6457bef Unlock dependencies for next development version
This reverts commit 93acf8f0f1.
2020-01-08 22:15:17 +01:00
Eleftheria Stein 93acf8f0f1 Lock dependencies for 5.3.0.M1 2020-01-08 19:41:10 +01:00
Josh Cummings 84ba3ddf26
Add oauth2Login MockMvc Support
Fixes gh-7789
2020-01-07 14:09:36 -07:00
Eleftheria Stein-Kousathana 2df1099da5
Idiomatic Kotlin DSL for configuring HTTP security
Issue: gh-5558
2020-01-07 12:08:43 -05:00
Josh Cummings e1fdb24b5d
Add opaqueToken MockMvc Test Support
Fixes gh-7712
2019-12-20 15:34:11 -07:00
Joe Grandja 24500fa3ca Remove redundant validation for redirect-uri
Fixes gh-7706
2019-12-06 11:55:31 -05:00
Josh Cummings d102cae243
oidcLogin MockMvc Documentation
Remove documentation requiring a valid ClientRegistrationRepository

Issue: gh-7618
2019-12-02 22:49:17 -07:00
Josh Cummings 8c32d5fe48
Add oidcLogin WebFlux Test Support
Fixes: gh-7680
2019-12-02 22:28:24 -07:00
Josh Cummings b35e18ff31
Add oidcLogin MockMvc Test Support
Fixes gh-7618
2019-11-26 16:12:06 -07:00
Josh Cummings 4954a229d6
Polish oauth2Login Sample Test
Issue: gh-7618
2019-11-26 14:19:14 -07:00
Josh Cummings 7cbd1665a6
Isolate Jwt Test Support
Isolating Jwt test support inside JwtRequestPostProcessor and
JwtMutator.

Fixes gh-7641
2019-11-22 15:07:05 -07:00
Eddú Meléndez 27aa61b02f Use LocalRSocketServerPort annotation 2019-11-06 10:10:32 +01:00
Filip Hanik 0cafcf37e2 Make the loginProcessingUrl configurable for saml2Login()
Fixes gh-7565

https://github.com/spring-projects/spring-security/issues/7565
2019-10-31 08:20:12 -07:00
Filip Hanik 4489163163 Use Spring Boot configuration for saml2Login()
Fixes gh-7521

https://github.com/spring-projects/spring-security/issues/7521
2019-10-25 08:22:40 -07:00
Filip Hanik 5345aecd7f Align RSocket sample with new Spring Boot configuration 2019-10-25 08:22:40 -07:00
Rob Winch 03e2efacf4 Add Hello RSocket Sample
Fixes gh-7504
2019-09-30 13:58:03 -05:00
Filip Hanik 83b5f5c7ae Improve the Saml2AuthenticationRequest object
- introduce the AssertionConsumerServiceURL attribute
- add javadoc
- align property name with SAML XML for AuthNRequest
2019-09-30 11:01:34 -07:00
Filip Hanik 9731386de5 Correctly set "Destination" in AuthNRequest message
Fixes gh-7494
https://github.com/spring-projects/spring-security/issues/7494
2019-09-30 11:01:34 -07:00
Filip Hanik 7adb4da3ef Always require signature on either response or assertion
Fixes gh-7490
https://github.com/spring-projects/spring-security/issues/7490
2019-09-30 09:22:36 -07:00
Filip Hanik e6d40e8280
Merge pull request #7477 from fhanik/feature/propagate_saml_authentication_exception
propagate saml authentication exception #7375
2019-09-27 09:38:57 -07:00
Filip Hanik 22da2b45c9 SAML Assertion validation should propagate errors: #7375 and #7375
Fixes gh-7377
Fixes gh-7375

https://github.com/spring-projects/spring-security/issues/7377
https://github.com/spring-projects/spring-security/issues/7375

Clean up code

- Authentication request factory should only throw Saml2Exception
- OpenSamlImplementation should only throw Saml2Exception
- Move the OpenSamlImplementation package private methods to the right
section
2019-09-27 09:07:25 -07:00
Ivo Smid a11e61432e Document OAuth2 Client behind proxy and redirect_uri
Fixes gh-7312
2019-09-26 14:09:21 -04:00
Filip Hanik adde18b873 Revert "Merge pull request #7432 from fhanik/feature/propagate_saml_authentication_exception"
This reverts commit e9619fb0e7, reversing
changes made to 45a1490d5d.
2019-09-24 16:05:09 -07:00
Filip Hanik d472e99528 SAML Assertion validation should propagate errors: #7375 and #7375
Fixes gh-7377
Fixes gh-7375

https://github.com/spring-projects/spring-security/issues/7377
https://github.com/spring-projects/spring-security/issues/7375
2019-09-24 14:40:39 -07:00
Rob Winch 00f8991fac Merge Remove Redudant Throws
Fixes gh-7301
2019-09-19 11:04:53 -05:00
Josh Cummings bdaf530511
Remove Stray @MockBean
Issue gh-7170
2019-09-16 06:56:58 -06:00
Josh Cummings b55b2914c2 Mock Jwt Disables CSRF
Fixes gh-7170
2019-09-13 19:04:05 +01:00
Joe Grandja a60446836b OAuth2AuthorizeRequest supports attributes
Fixes gh-7341
2019-09-05 21:04:25 -04:00
Filip Hanik e9a44bc0ce HttpSecurity.saml2login() - MVP Core Code
Implements minimal SAML 2.0 login/authentication functionality with the
following feature set:

  - Supports IDP initiated login at the default url of /login/saml2/sso/{registrationId}
  - Supports SP initiated login at the default url of /saml2/authenticate/{registrationId}
  - Supports basic java-configuration via DSL
  - Provides an integration sample using Spring Boot

Not implemented with this MVP

  - Single Logout
  - Dynamic Service Provider Metadata

Fixes gh-6019
2019-09-05 14:40:08 -07:00