Commit Graph

7641 Commits

Author SHA1 Message Date
Joe Grandja c3b4a5d4c2 Next Development Version 2019-04-15 13:16:02 -04:00
Joe Grandja e66e52d08c Release 5.2.0.M2 2019-04-15 12:59:05 -04:00
Joe Grandja 8b77cce1b6 Update to net.sourceforge.htmlunit:neko-htmlunit 2.34.0
Fixes gh-6793
2019-04-15 12:39:24 -04:00
Joe Grandja bb909f1dbd Update to net.sourceforge.htmlunit:htmlunit 2.34.1
Fixes gh-6792
2019-04-15 12:39:24 -04:00
Joe Grandja 029e832e65 Update to org.apache.httpcomponents:httpclient 4.5.8
Fixes gh-6791
2019-04-15 12:39:24 -04:00
Joe Grandja 87ccd6283a Update to hibernate-entitymanager 5.4.2.Final
Fixes gh-6789
2019-04-15 12:39:24 -04:00
Joe Grandja b6822bbdad Update to bcprov-jdk15on:1.61
Fixes gh-6788
2019-04-15 12:39:24 -04:00
Joe Grandja 9e549df1e6 Update to bcpkix-jdk15on 1.61
Fixes gh-6787
2019-04-15 12:39:24 -04:00
Joe Grandja 2cd52fb648 Update to org.aspectj:* to 1.9.3
Fixes gh-6785
2019-04-15 12:02:24 -04:00
Joe Grandja 164c18b753 Update to commons-codec 1.12
Fixes gh-6784
2019-04-15 11:59:01 -04:00
Joe Grandja 1112c79848 Update to com.squareup.okhttp3 3.14.1
Fixes gh-6783
2019-04-15 11:57:20 -04:00
Joe Grandja 84550d1a51 Update to oauth2-oidc-sdk 6.8
Fixes gh-6782
2019-04-15 11:53:57 -04:00
Joe Grandja ebaab0f987 Update to nimbus-jose-jwt 7.0.1
Fixes gh-6781
2019-04-15 11:51:32 -04:00
Kyle Anderson 4a6e91531a Fix Broken Documentation Link
Fixes: gh-6553
2019-04-13 20:58:03 -06:00
Josh Cummings 20a7bc4785
Improved DigestAuthenticationFilter Test Coverage
Issue: gh-5462
2019-04-13 20:27:08 -06:00
Thomas Vitale d88c2c19f0
Throw exception that was created but not thrown
Fixes gh-5462
2019-04-13 20:27:07 -06:00
Josh Cummings b252371de7 Resource Server Static Sample Uses @Value For Key
Issue: gh-6494
2019-04-13 19:39:11 -06:00
Josh Cummings 1c25fe26c9 Introduce Support for Reading RSA Keys
Fixes: gh-6494
2019-04-13 19:39:11 -06:00
Dan Zheng 22c8f63390 review phase2 2019-04-13 19:22:44 -06:00
Dan Zheng 570eb01733 review phase1 2019-04-13 19:22:44 -06:00
Dan Zheng 678e0b19e0 Introduce @CurrentSecurityContext for method arguments 2019-04-13 19:22:44 -06:00
Denis Babochenko 4a286be2b9 Update samples documentation 2019-04-13 19:21:10 -06:00
Denis Babochenko 21f7148e7a Update filters documentation
Fixes: gh-5553
2019-04-13 19:21:10 -06:00
Joe Grandja bed3371b80 Support symmetric key for JwtDecoder
Fixes gh-5465
2019-04-12 13:21:50 -04:00
Josh Cummings fc6b66fdb3
Add JDK 12 to Jenkins Build
Fixes: gh-6774
2019-04-12 10:29:59 -06:00
Joe Grandja a6cbc909b6 SecurityEvaluationContextExtension implements latest EvaluationContextExtension
Fixes gh-6766
2019-04-11 10:04:57 -04:00
Joe Grandja f977a2594d Update to Spring Boot 2.2.0.M1
Fixes gh-6770
2019-04-11 10:00:57 -04:00
Joe Grandja 308bbf680e Update to Spring Data Moore-M3
Fixes gh-6769
2019-04-11 09:56:49 -04:00
Joe Grandja 4108d00827 Update to Spring 5.2.0.M1
Fixes gh-6768
2019-04-11 09:53:58 -04:00
Vishal Raj 45891941b0 OidcIdTokenValidator ensures clockSkew is positive number
Fixes gh-6443
2019-04-10 15:17:59 -04:00
MD Sayem Ahmed 462b2ecdbb Update Gradle version to 5.3.1
Fixes gh-6745
2019-04-08 14:02:54 -06:00
Luke Butters 19de13bdc7 Issue 6731 improve performance of checking headers
Improves the performance of checking headers for new lines.

Fixes: gh-6731
2019-04-08 10:10:53 -06:00
Joe Grandja 21a0e45622 Update ISSUE_REPLY_TEMPLATES 2019-04-05 09:17:42 -04:00
Rob Winch 6c9a29acfa Update to Spring Data Lovelace-SR6
Fixes: gh-6665
2019-04-05 09:15:39 -04:00
Joe Grandja 965696302b Update to Spring 5.1.6.RELEASE
Fixes gh-6664
2019-04-05 09:15:39 -04:00
Joe Grandja a863f01a9d Update to Reactor Californium-SR6
Fixes gh-6686
2019-04-04 17:44:40 -04:00
Joe Grandja c6e6d2b26a Update to Spring Boot 2.1.3.RELEASE
Fixes gh-6679
2019-04-04 17:42:57 -04:00
Joe Grandja 2055d931fa Update to slf4j-nop 1.7.26
Fixes gh-6678
2019-04-04 17:41:26 -04:00
Joe Grandja 91bdedf328 Update to slf4j-api 1.7.26
Fixes gh-6677
2019-04-04 17:41:15 -04:00
Joe Grandja a688bbf123 Update to log4j-over-slf4j 1.7.26
Fixes gh-6676
2019-04-04 17:41:04 -04:00
Joe Grandja 2051abdea1 Update to jul-to-slf4j 1.7.26
Fixes gh-6675
2019-04-04 17:40:51 -04:00
Joe Grandja c3de1e0013 Update to jcl-over-slf4j 1.7.26
Fixes gh-6674
2019-04-04 17:40:31 -04:00
Joe Grandja 8877a4e422 Update to hibernate-validator 6.0.16.Final
Fixes gh-6670
2019-04-04 17:38:49 -04:00
Joe Grandja d94ce268b7 Update to unboundid-ldapsdk 4.0.10
Fixes gh-6668
2019-04-04 17:36:03 -04:00
Joe Grandja f89a8e97dc Update to okhttp 3.12.2
Fixes gh-6667
2019-04-04 17:35:41 -04:00
Joe Grandja 9d96b9d642 Update to mockwebserver 3.12.2
Fixes gh-6666
2019-04-04 17:33:10 -04:00
Josh Cummings 9c1eac79e2
Align Code with Javadoc
Fixes: gh-6734
2019-04-02 09:17:26 -06:00
Phil Clay 9520e3a1c0 Make UnAuthenticatedServerOAuth2AuthorizedClientRepository threadsafe
Previously UnAuthenticatedServerOAuth2AuthorizedClientRepository used a HashMap for storing OAuth2AuthorizedClients.
UnAuthenticatedServerOAuth2AuthorizedClientRepository and its HashMap are potentially accessed by multiple threads without any synchronization.
Since HashMap is not threadsafe itself, this makes UnAuthenticatedServerOAuth2AuthorizedClientRepository not threadsafe.

Now UnAuthenticatedServerOAuth2AuthorizedClientRepository uses a ConcurrentHashMap for storing OAuth2AuthorizedClients.
Since ConcurrentHashMap is threadsafe, UnAuthenticatedServerOAuth2AuthorizedClientRepository will now be threadsafe as well.

Fixes gh-6717
2019-04-01 17:03:58 -04:00
Phil Clay 9593f9cae2 Defer downstream filter execution if no OAuth2AuthorizedClient is found
Prior to this change, ServerOAuth2AuthorizedClientExchangeFilterFunction would invoke next.exchange:
- first at assembly time inside the .switchIfEmpty call.
- second at execution time inside .flatMap when a OAuth2AuthorizedClient is found.

While this double-call should not technically cause any functional problems, since the Mono returned by the first call will not be subscribed if a OAuth2AuthorizedClient is found,
it does result in a lot of unnecessary execution and object creation.  There is no technical need to invoke the downstream filters twice.

This change defers the call inside .switchIfEmpty, so that it will only execute at execution time if an OAuth2AuthorizedClient is not found.

After this change, ServerOAuth2AuthorizedClientExchangeFilterFunction will not invoke next.exchange at assembly time, and will only execute next.exchange once per subscription at execution time.

Fixes gh-6719
2019-04-01 16:15:46 -04:00
Ruslan Stelmachenko bf88e8790f Fix a typo 2019-04-01 11:06:48 -06:00