Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-05-31 09:12:14 +00:00
Code Issues Packages Projects Releases Wiki Activity
7,103 Commits 38 Branches 345 Tags
Commit Graph

7103 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Rob Winch
c26d7dc859 Update to Spring Boot 2.1.0.M1 
Fixes: gh-5613
 2018-07-30 15:34:35 -05:00
Joe Grandja
b5abb99908 ClaimAccessor.getClaimAsString() checks null claim value 
Fixes gh-5608
 2018-07-30 15:31:41 -04:00
Joe Grandja
e243f93eed Default to server_error when OAuth2Error.errorCode is null 
Fixes gh-5594
 2018-07-30 13:20:58 -04:00
Rob Winch
aea861e2f9 Fix Imports 
Issue: gh-5599
 2018-07-30 12:15:53 -05:00
Rob Winch
6d0369647b Add OAuth2LoginSpec.and() 
Fixes: gh-5609
 2018-07-30 12:07:51 -05:00
Rob Winch
a01dc3a5f6 WebFlux Handles Undefined State Parameter 
Currently if a state exists, but an undefined state parameter is provided
a NullPointerException occurs.

This commit handles the null value.

Fixes: gh-5599
 2018-07-30 12:02:42 -05:00
Rob Winch
dd1fa7f709 Add Sample 
Issue: gh-5605
 2018-07-30 11:39:50 -05:00
Rob Winch
e215d2733f Add OAuth2Spec 
Issue: gh-5605
 2018-07-30 11:39:45 -05:00
Rob Winch
2056b3440f Add ServerBearerTokenAuthenticationConverter 
Issue: gh-5605
 2018-07-30 11:39:40 -05:00
Rob Winch
4f417f01a7 BearerTokenServerAuthenticationEntryPoint 
Issue: gh-5605
 2018-07-30 11:39:34 -05:00
Rob Winch
da73242d60 Add JwtReactiveAuthenticationManager 
Issue: gh-5605
 2018-07-30 11:39:28 -05:00
Rob Winch
b8308c9ae0 Extract JwtConverter 
Issue: gh-5605
 2018-07-30 11:37:56 -05:00
Rob Winch
e6bd5357df Next Development Version 2018-07-26 20:11:59 -05:00
Rob Winch
b5ae0c86d0 Release 5.1.0.M2 2018-07-26 19:38:11 -05:00
Rob Winch
a699cccda1 Disable Snapshot for release 2018-07-26 19:37:40 -05:00
Rob Winch
1c308ecb44 Next Development Version 2018-07-26 15:22:02 -05:00
Rob Winch
ff06fcb1ab Release 5.1.0.M2 5.1.0.M2 2018-07-26 15:21:11 -05:00
Rob Winch
f3c9cce56d Rename to WebClientAuthorizationCodeTokenResponseClient 
Rename NimbusReactiveAUthorizationCodeTokenResponseClient to
WebClientReactiveAuthorizationCodeTokenResponseClient

Fixes: gh-5529
 2018-07-26 15:14:11 -05:00
Rob Winch
1c8a931e33 Rename to OidcAuthorizationCodeReactiveAuthenticationManager 
Renamed OidcReactiveAuthenticationManager to
OidcAuthorizationCodeReactiveAuthenticationManager since it only handles
authorization code flow.

Fixes: gh-5530
 2018-07-26 15:14:11 -05:00
Rob Winch
5f20bb3d50 Update to Spring Data Lovelace RC1 
Fixes: gh-5589
 2018-07-26 15:14:11 -05:00
Rob Winch
44578e5539 Update to Spring Framework 5.1.0.RC1 
Fixes: gh-5588
 2018-07-26 15:14:11 -05:00
Rob Winch
1f3fe624c8 Update to Reactor Californium M1 
Fixes: gh-5587
 2018-07-26 15:14:11 -05:00
Rob Winch
483e25f821 HttpSessionRequestCache Allow Any SavedRequest 
Fixes: gh-5585
 2018-07-26 15:14:11 -05:00
Rob Winch
7b2b1a877d Default RequestCache as @Bean 
Fixes: gh-5583
 2018-07-26 15:14:11 -05:00
Rob Winch
8ce244f5d2 Simplify Configuring RequestCache 
Now the RequestCache is configured on any default success handler.

Fixes: gh-5582
 2018-07-26 15:14:11 -05:00
Rob Winch
6012bfdc6e Rename FormLoginConfigurerTests to FormLoginConfigurerSpec 
Rename so can add new Java based tests for gh-5582

Issue: gh-5582
 2018-07-26 15:14:11 -05:00
Rob Winch
fa0565109b Add SimpleSavedRequest 
Fixes: gh-5581
 2018-07-26 15:14:11 -05:00
Joe Grandja
2c1c2c78c3 Add HttpServletResponse param to removeAuthorizationRequest 
Fixes gh-5313
 2018-07-26 14:15:56 -04:00
Johnny Lim
887db71333 Fix typo (#5580) 2018-07-26 10:04:21 -04:00
Joe Grandja
3d4e5836f2 Update to selenium-support:3.13.0 
Fixes gh-5578
 2018-07-24 20:35:14 -04:00
Joe Grandja
82c9931377 Update to selenium-java:3.13.0 
Fixes gh-5577
 2018-07-24 20:35:14 -04:00
Joe Grandja
c3acdb36a6 Update to hibernate-validator:6.0.11.Final 
Fixes gh-5576
 2018-07-24 20:35:13 -04:00
Joe Grandja
21302b7e39 Update to hibernate-entitymanager:5.3.3.Final 
Fixes gh-5575
 2018-07-24 20:35:13 -04:00
Joe Grandja
c502f668da Update to bcpkix-jdk15on:1.60 
Fixes gh-5574
 2018-07-24 20:35:13 -04:00
Joe Grandja
1468fee3d5 Update to org.apache.httpcomponents:httpclient:4.5.6 
Fixes gh-5573
 2018-07-24 20:35:13 -04:00
Joe Grandja
c111f5902f Update to ehcache:2.10.5 
Fixes gh-5572
 2018-07-24 20:35:13 -04:00
Joe Grandja
67ee011866 Update to javax.servlet.jsp.jstl-api:1.2.2 
Fixes gh-5571
 2018-07-24 20:35:12 -04:00
Joe Grandja
45a2607cd0 Update to oauth2-oidc-sdk:5.64.2 
Fixes gh-5569
 2018-07-24 16:23:22 -04:00
Joe Grandja
aad66fb094 Update to nimbus-jose-jwt:5.14 
Fixes gh-5568
 2018-07-24 16:21:12 -04:00
Joe Grandja
0d9f4b3a0a Update to cglib-nodep:3.2.7 
Fixes gh-5567
 2018-07-24 16:16:52 -04:00
Josh Cummings
fc5083ae0c Bearer Token Exception Handling Configuration 
This exposes #authenticationEntryPoint(), #accessDeniedHandler, on
the Resource Server DSL.

With these, a user can customize the error responses when a bearer
token request fails.

Fixes: gh-5497
 2018-07-24 12:49:26 -06:00
Josh Cummings
6a45ecd4bb Bearer Token Resolver Configuration 
This introduces #bearerTokenResolver(BearerTokenResolver) to the
Resource Server DSL, allowing users to configure the resolver to allow
the access token as part of the request body or a query parameter. It
also allows the user to replace the resolver with a completely custom
one.

This also introduces the same ability by exposing a bean of type
BearerTokenResolver

Fixes: gh-5496
 2018-07-24 13:12:16 -04:00
mhyeon.lee
ba29b363fc Fix OAuth2AuthorizationRequestRedirectWebFilter baseurl exclude querystring 
To create redirect_uri in OAuth2AuthorizationRequestRedirectWebFilter,
queryParam is included in the current request-based baseUrl.
So when binding to the redirectUriTemplate,
the wrong type of redirect_uri may be created.

Fixed: gh-5520
 2018-07-23 15:42:15 -04:00
Josh Cummings
195a6943e2
OpenIDConfigTests groovy->java 
For the remember me test, there is some hand configuration that was
carried over from the groovy test as there isn't a way via the xml
config to achieve the same result.

For the attribute exchange test, in order to reduce the amount of
endpoint configuration, the test uses a bit of reflection to disable
the OpenID association step. This is because the xml config does not
support wiring a custom ConsumerManager, like the java configurer
does.

Issue: gh-4939
 2018-07-23 12:43:23 -06:00
Joe Grandja
36cbdfe013 Fix NPE when null Authentication in authorization_code grant 
Fixes gh-5560
 2018-07-23 12:28:48 -04:00
Joe Grandja
6c7d49759e Auto-redirect to provider login when one client configured 
Fixes gh-5347
 2018-07-23 10:24:20 -04:00
Rob Winch
88975dad41 ServletOAuth2AuthorizedClientExchangeFilterFunction handles null authorized client 
Issue: gh-5545
 2018-07-22 12:01:42 -07:00
Rob Winch
67dd3f16e9 Add static methods for ServletOAuth2AuthorizedClientExchangeFilterFunction 
This will allow us to break up
ServletOAuth2AuthorizedClientExchangeFilterFunction into multiple
components if we decide to later.

Issue: gh-5545
 2018-07-20 11:48:20 -05:00
Rob Winch
9ababf4168 Rename to ServerOAuth2AuthorizedClientExchangeFilterFunction 
Rename OAuth2AuthorizedClientExchangeFilterFunction to
ServerOAuth2AuthorizedClientExchangeFilterFunction->

Issue: gh-5386
 2018-07-20 11:48:19 -05:00
Rob Winch
1b79bbed7f Add ServletOAuth2AuthorizedClientExchangeFilterFunction 
Fixes: gh-5545
 2018-07-20 11:48:19 -05:00