Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
7,752 Commits 32 Branches 333 Tags 109 MiB
Commit Graph

7752 Commits

Author SHA1 Message Date
Fabien Arrault 17e774d8c7 Preserve existing refresh token if new refresh token not returned 
During an oauth2 refresh if the authorization server doesn't return a new refresh token, preserve the existing one.

Fixes: gh-6503
 2019-02-07 15:11:23 -05:00
Josh Cummings 0428906065 Resource Server Opaque Token Sample 
Issue: gh-5200
 2019-02-07 12:40:12 -07:00
Josh Cummings c59d40593b Introspect endpoint Authorization Server support 
Issue: gh-5200
 2019-02-07 12:40:12 -07:00
Josh Cummings ef9c3e4771 Opaque Token Support 
Fixes: gh-5200
 2019-02-07 12:40:12 -07:00
Joe Grandja 594a169798 Introduce OAuth2AuthorizationRequest.attributes 
Fixes gh-5940
 2019-02-07 11:49:17 -05:00
Josh Cummings 67fb936c7e
Polish Formatting in Tests 
Issue: gh-6454
 2019-02-06 20:16:53 -07:00
Ankur Pathak 93d6a38ffd
Consider having HeaderWriters check before writing 
All HeadersWriter only write Header if its not already
written.

Fixes: gh-6454 gh-5193
 2019-02-06 20:16:52 -07:00
James 4742c18e4b remove an unused import 2019-02-05 11:34:43 -06:00
James ed545941c9 parameter 'pricipal' is never used 
parameter 'pricipal' is never used
 2019-02-05 11:34:43 -06:00
Josh Cummings 5c2ee09bc3
Favor RestOperations in Resource Server Configurer 
Also polished exposure of the JWK Set Uri for the tests where
MockWebServer is preferred.

Fixes: gh-6104
 2019-01-29 15:43:09 -07:00
Josh Cummings c4b17475d9
Improve LDAP snippet formatting 
Issue: gh-6486
 2019-01-28 14:25:27 -07:00
Ankur Pathak 8e6bcc1c35 No RequestMatcher After AnyRequest 
Don't allow any type of RequestMatchers
after any request by throwing IllegalStateException

Fixes: gh-6359
 2019-01-25 11:14:33 -07:00
Gerardo Roza 95e0e7243d Save original request on oauth2Client filter 
When we used the oauth2Client directive and requested an endpoint that
required client authorization on the authorization server, the
SPRING_SECURITY_SAVED_REQUEST was not persisted, and therefore after
creating the authorized client we were redirected to the root page ("/").

Now we are storing the session attribute and getting redirected back to
the original URI as expected.

Note that the attribute is stored only when a
ClientAuthorizationRequiredException is thrown in the chain, we dont
want to store it as a response to the
/oauth2/authorization/{registrationId} endpoint, since we would end
up in an infinite loop

Fixes gh-6341
 2019-01-25 09:15:44 -06:00
Bryan Kelly 5abe6ca718 Missing spring: prefix on jwk-set-uri example 2019-01-25 08:31:13 -06:00
Nick Bromfield b581bb7eae Add new configuration options for OAuth2LoginSpec 
Fixes gh-5598
 2019-01-24 10:37:52 -05:00
Aanuoluwapo Otitoola 976e763acb Update to nimbus-jose-jwt:6.7 
Fixes: gh-6459
 2019-01-22 16:41:08 -07:00
Ankur Pathak 2e70d66063 Improve CsrfBeanDefinitionParser xml parsing 
1. CsrfBeanDefinitionParser registers requestDataValueProcessor
if not already registered
2. Created Tests in CsrfBeanDefinitionParserTests

Fixes: gh-6423
 2019-01-22 13:56:20 -06:00
Ankur Pathak ffe602fdbe HTML markup fixed in DefaultLoginPageGeneratingFilter 
Ending div moved  out of condition.

Fixes: gh-6417
 2019-01-22 13:20:35 -06:00
Josh Cummings c82440ee82 Polish CompositeHeaderWriterTests 
Changed test to favor mocks in order to provide a stronger
guarantee that the composite delegates to its components.

Issue: gh-6453
 2019-01-21 14:50:09 -07:00
Josh Cummings bb1b9d9b86 Polish Javadoc and Whitespacing 
Issue: gh-6453
 2019-01-21 14:50:09 -07:00
Ankur Pathak 718641a1e5 Added CompositeHeaderWriter 
1. Added new CompositeHeaderWriter
2. Improvement in HeaderWriterFilter using CompositeHeaderWriter.

Fixes: gh-6453
 2019-01-21 14:50:09 -07:00
Josh Cummings ca02d8a4f8
NamespaceLogoutTests groovy->java 
Issue: gh-4939
 2019-01-18 16:56:13 -07:00
Josh Cummings e68b6f17de
NamespaceHttpBasicTests groovy->java 
Issue: gh-4939
 2019-01-18 15:41:26 -07:00
Andy Wilkinson 95ff451193 Fix formatting in Implicit OAuth2AuthorizedClient section 2019-01-18 10:24:01 -07:00
Ankur Pathak b7ed919cee Add preload support to Strict-Transport-Security 
1. Preload support in Servlet Security(XML & Java)
2. Preload support in Reactive Security
3. Test for preload support in Servlet Security
4. Test for preload support in Reactive Security

Fixes: gh-6312
 2019-01-16 11:10:06 -06:00
Rob Winch 739594dee8 Next Development Version 2019-01-15 21:02:38 -06:00
Rob Winch fdd22e5082 Release 5.2.0.M1 2019-01-15 21:02:01 -06:00
Denis Washington 3be11a22cd Save query parameters in WebSessionServerRequestCache 
Previously, URL query parameters were lost when saving a request
in WebSessionServerRequestCache. Now it is properly saved and
restored.
 2019-01-15 13:44:29 -06:00
guo fei c0e66a9ba1 1. add customization support for double forwardslash in StrickHttpFirewall 
2. add getEncodedUrlBlacklist() and getDecodedUrlBlacklist() method in StrickHttpFirewall

Fixes gh-6292
 2019-01-15 13:42:33 -06:00
Mohammad Sadeq Dousti d099a62a6f hasRole should not be called on a string with "ROLE_" prefix (#6353) 
Removed "ROLE_" from UrlAuthorizationConfigurer

This fixes IllegalArgumentException: ROLE_ANONYMOUS should not start
with ROLE_ since ROLE_
 2019-01-15 08:59:34 -06:00
Joe Grandja 5fbf9532e1 Update to spring-build-conventions 0.0.23.RELEASE 
Fixes gh-6440
 2019-01-15 05:44:41 -05:00
Joe Grandja 4e4321fb07 Update to htmlunit-driver 2.33.3 
Fixes gh-6434
 2019-01-15 05:40:54 -05:00
Joe Grandja 9721ee9d4e Update to Spring Data Lovelace SR4 
Fixes gh-6438
 2019-01-14 17:43:10 -05:00
Joe Grandja 9d7f141b86 Update to Spring Framework 5.1.4 
Fixes gh-6437
 2019-01-14 17:43:10 -05:00
Joe Grandja 68e3bbdd03 Update to Reactor Californium-SR4 
Fixes gh-6436
 2019-01-14 17:43:10 -05:00
Joe Grandja 08b7479f4c Update to Spring Boot 2.1.2 
Fixes gh-6435
 2019-01-14 17:43:10 -05:00
Joe Grandja e864e63760 Update to org.powermock 2.0.0 
Fixes gh-6433
 2019-01-14 16:59:11 -05:00
Joe Grandja 6e14418937 Update to hibernate-entitymanager 5.4.0.Final 
Fixes gh-6432
 2019-01-14 16:56:32 -05:00
Joe Grandja 4d1a23b6b4 Update to ehcache 2.10.6 
Fixes gh-6431
 2019-01-14 16:53:59 -05:00
Joe Grandja f97d6f41ea Update to com.squareup.okhttp3 3.12.1 
Fixes gh-6430
 2019-01-14 16:52:00 -05:00
Joe Grandja 84a287d6ff Update to oauth2-oidc-sdk 6.5 
Fixes gh-6429
 2019-01-14 16:48:44 -05:00
Joe Grandja ce4a48e9c9 Update to nimbus-jose-jwt 6.5.1 
Fixes gh-6428
 2019-01-14 16:47:19 -05:00
Joe Grandja c725d220aa Update to jackson.core 2.9.8 
Fixes gh-6427
 2019-01-14 16:43:27 -05:00
Joe Grandja 5d72cdc104 Update to cglib-nodep 3.2.10 
Fixes gh-6426
 2019-01-14 16:40:59 -05:00
Rob Winch 802f3186a7 Fix ApacheDSContainer Checkstyle 
Issue: gh-6376
 2019-01-14 13:29:11 -06:00
Luke Butters 0b40d09fe6 Mark as ApacheDSContainer as deprecated 
Mark ApacheDSContainer as deprecated because ApacheDS have not released
a recent 'GA' version and the current 'GA' version does not work under
JDK11.

Fixes: gh-6002
 2019-01-14 13:29:11 -06:00
Joe Grandja 2a867997e2 Polish gh-6415 2019-01-14 13:33:58 -05:00
Rafael Dominguez fe5f10e9a2 Extract the ID Token JwtDecoderFactory to enable user customization 
This commit ensures that the JwtDecoderFactory is not a private field inside
the Oidc authentication provider by extracting this class and giving the
possibility to customize the way different providers are validated.

Fixes: gh-6379
 2019-01-14 13:33:58 -05:00
Adrian Javorski dd45a49f02 Update JwtTimestampValidator.java 
Changed MaxClockSkew variable to clockSkew to simplify the name.

Fixes gh-6380
 2019-01-14 10:33:38 -07:00
Ankur Pathak 4ff51491d7 fixes setting paramName only when it is not null 
Fixes: gh-6223
 2019-01-10 10:13:44 -06:00