spring-security

mirror of https://github.com/spring-projects/spring-security.git synced 2025-10-29 13:49:00 +00:00

Author	SHA1	Message	Date
Steve Riesenberg	3ebcbd4375	Merge branch '6.4.x' Closes gh-16788 Closes gh-16789 Closes gh-16790 Closes gh-16791 Closes gh-16792	2025-03-20 14:47:07 -05:00
Steve Riesenberg	96cfbd1e6c	Merge branch '6.3.x' into 6.4.x Closes gh-16782 Closes gh-16783 Closes gh-16784 Closes gh-16785 Closes gh-16786	2025-03-20 14:46:18 -05:00
Tran Ngoc Nhan	a53ca7c3d0	Update ServerOAuth2AuthorizedClientExchangeFilterFunction javadoc Closes gh-16555 Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>	2025-03-20 14:38:09 -05:00
Josh Cummings	cfe70a5fc7	Restore authorizedClientParametersMapper Assertion Issue gh-16726	2025-03-19 18:13:54 -06:00
Max Batischev	6c24a1e717	Improve JdbcOAuth2AuthorizedClientService saveAuthorizedClient Closes gh-16726 Signed-off-by: Max Batischev <mblancer@mail.ru>	2025-03-19 18:13:54 -06:00
Steve Riesenberg	5bb5d0f6be	Polish gh-16589	2025-03-18 18:07:56 -05:00
Hao	fc1469ad5e	Ensure ID Token is updated after refresh token Signed-off-by: Hao <kyrieeeee2@gmail.com>	2025-03-18 18:07:56 -05:00
Rob Winch	e6223dede3	Merge branch '6.4.x' - adb303e Add testRuntimeOnly junit-platform-launcher Closes gh-16757	2025-03-17 14:34:18 -05:00
Rob Winch	05116eabbd	Merge branch '6.3.x' into 6.4.x - adb303e Add testRuntimeOnly junit-platform-launcher Closes gh-16756	2025-03-17 14:18:49 -05:00
Rob Winch	adb303e152	Add testRuntimeOnly junit-platform-launcher Closes gh-16755	2025-03-17 14:16:44 -05:00
Steve Riesenberg	0938ca01a4	Add support for automatic context-propagation with Micrometer Closes gh-16665	2025-03-13 15:29:08 -05:00
Josh Cummings	eb5252c4f0	Merge branch '6.4.x'	2025-02-24 17:03:13 -07:00
Pat McCusker	2bd3cadde8	Use possessive pronoun rather contraction Signed-off-by: Pat McCusker <patmccusker14@gmail.com>	2025-02-24 17:02:45 -07:00
Josh Cummings	b6c813c5a2	ClientRegistrations supports hostnames with underscores Issue gh-15852	2025-02-20 16:54:24 -07:00
Josh Cummings	3d15be1b06	JwtDecoders Supports Hostnames with Underscores In the process of verifying gh-15852, another issue with URI was discovered. This commit adds tests to the uri-computing methods and changes them to use UriComponents instead of URI. Issue gh-15852	2025-02-20 16:54:24 -07:00
Steve Riesenberg	7fc5d50adf	Polish gh-16551	2025-02-19 13:53:30 -06:00
Max Batischev	00cd95be76	Add setRedirectStrategy to OidcClientInitiatedServerLogoutSuccessHandler Closes gh-16556 Signed-off-by: Max Batischev <mblancer@mail.ru>	2025-02-19 13:53:30 -06:00
Tran Ngoc Nhan	e5ea75f7f4	Implement Serial Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>	2025-01-21 18:14:52 -06:00
Rob Winch	004f38639d	Move ClientSettings to ClientRegistration Initially it was proposed to put ClientSettings as a top level class, but to be consistent with ProviderDetails, this commit moves ClientSettings to be an inner class of ClientRegistration Issue gh-16382 # Conflicts: # oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/registration/ClientSettings.java	2025-01-17 17:26:48 -06:00
Rob Winch	4c533569bb	Ensure missing ClientRegistration.clientSettings JSON node works Issue gh-16382	2025-01-17 17:26:48 -06:00
Rob Winch	f9498d3885	PKCE cannot be true and AuthorizationGrantType != AUTHORIZATION_CODE PKCE is only valid for AuthorizationGrantType.AUTHORIZATION_CODE so the code should validate this. Issue gh-16382	2025-01-17 17:26:47 -06:00
Rob Winch	b0a4dcb89e	ClientSettings equals, hashCode, toString Issue gh-16382	2025-01-17 17:26:47 -06:00
Rob Winch	2665a92107	Ensure that ClientSettings cannot be null This ensures that ClientRegistration.Builder.ClientSettings cannot be null. This has a slight advantage in terms of null safety to making this check happen in the build method since the Builder does not have a null field either. Issue gh-16382	2025-01-17 17:26:47 -06:00
Rob Winch	0ed7b18f42	DefaultServerOAuth2AuthorizationRequestResolver requireProofKey support When requireProofKey=true, DefaultServerOAuth2AuthorizationRequestResolver enables PKCE support. Issue gh-16382	2025-01-17 17:26:46 -06:00
DingHao	8d3e0844c5	Add ClientRegistration.clientSettings.requireProofKey to Enable PKCE Closes gh-16382 Signed-off-by: DingHao <dh.hiekn@gmail.com>	2025-01-17 17:26:46 -06:00
Max Batischev	ed3f3d17b2	Add support customizing redirect URI Closes gh-14778	2025-01-16 14:14:11 -07:00
Josh Cummings	244fd2eb51	Support Serialization in Exceptions Issue gh-16276	2025-01-14 18:37:53 -07:00
Josh Cummings	8735368d9e	Don't Support Serialization of Jackson Modules Issu gh-16276	2025-01-14 17:04:36 -07:00
Josh Cummings	b9911fd522	Add serialVersionUID to Authentication classes Issue gh-16276	2024-12-13 16:41:32 -07:00
Steve Riesenberg	77233daae7	Merge branch '6.3.x' Closes gh-16139	2024-11-20 15:55:57 -06:00
Steve Riesenberg	4b41f8cb5b	Merge branch '6.2.x' into 6.3.x Closes gh-16138	2024-11-20 15:54:29 -06:00
Steve Riesenberg	0eb6acde96	Polish gh-16133	2024-11-20 15:50:29 -06:00
Kai Zander	73f3f75712	Always return current ClientRegistration in `loadAuthorizedClient` This changes `InMemoryOAuth2AuthorizedClientService.loadAuthorizedClient` (and its reactive counterpart) to always return `OAuth2AuthorizedClient` instances containing the current `ClientRegistration` as obtained from the `ClientRegistrationRepository`. Before this change, the first `ClientRegistration` instance was cached, with the effect that any changes made in the `ClientRegistrationRepository` (such as a new client secret) would not have taken effect. Closes gh-15511	2024-11-20 15:50:29 -06:00
Joe Grandja	c2cfe92a02	Merge branch '6.3.x'	2024-11-18 05:16:16 -05:00
Joe Grandja	709103e38c	Merge branch '6.2.x' into 6.3.x	2024-11-18 04:45:38 -05:00
Joe Grandja	a8c4d6cead	Require Locale argument for toLower/toUpperCase usage	2024-11-18 04:22:26 -05:00
Tran Ngoc Nhan	e76de931ce	Polish Optional usage	2024-10-25 13:42:33 -07:00
Tran Ngoc Nhan	ffed4ea1dc	Polish diamond usage	2024-10-25 13:42:33 -07:00
Steve Riesenberg	dab6950231	Move parametersCustomizer The parametersCustomizer was introduced in 6.4.0-M4 with DefaultOAuth2TokenRequestParametersConverter. However, it cannot be applied to all parameters and so does not fully solve gh-11298. This commit moves the customizer to the abstract class so it can be applied to all parameters. Closes gh-15939	2024-10-18 12:22:09 -05:00
Tran Ngoc Nhan	31f8caec5f	Polish diamond operator usage	2024-10-14 11:51:35 -07:00
Giovanni Lovato	a3fd551fb5	Add ClientRegistrations.fromOidcConfiguration method ClientRegistrations now provides the fromOidcConfiguration method to create a ClientRegistration.Builder from a map representation of an OpenID Provider Configuration Response. This is useful when the OpenID Provider Configuration is not available at a well-known location, or if custom validation is needed for the issuer location (e.g. if the issuer is only reachable via a back-channel URI that is different from the issuer value in the configuration). Fixes: gh-14633	2024-10-02 15:11:01 -05:00
Steve Riesenberg	f5991ae176	Allow access token request parameters to override defaults Closes gh-11298	2024-10-02 12:05:42 -05:00
Steve Riesenberg	9ba2435cb2	Support refresh token for Token Exchange Closes gh-15534	2024-09-27 15:57:57 -05:00
Steve Riesenberg	e11c188122	Customize the strategy for resolving the principal Closes gh-15826	2024-09-27 15:39:56 -05:00
Steve Riesenberg	c1a303bc92	Add tests for overriding parameters Issue gh-15298 Issue gh-11298	2024-09-19 13:01:09 -05:00
Steve Riesenberg	5d8cf6a8bc	Polish gh-13588	2024-09-19 12:08:48 -05:00
Steve Riesenberg	63f018eb18	Update tests using deprecated classes Issue gh-15737	2024-09-10 15:10:42 -05:00
Steve Riesenberg	7490a8162b	Deprecate default OAuth2AccessTokenResponseClients Closes gh-15737	2024-09-10 15:10:41 -05:00
Steve Riesenberg	2cead9b73f	Add RestClient implementations Issue gh-15298	2024-09-10 15:10:41 -05:00
Steve Riesenberg	e3c19ba86c	Add RestClient interceptor Closes gh-13588	2024-08-16 17:15:18 -05:00

1 2 3 4 5 ...

858 Commits