Josh Cummings
2b960b074b
Polish Eager Header Config Tests
...
In the Java config tests, there is a simplified way to configure
Spring, and that is with SpringTestRule.
Also, test names typically follow the when-then convention.
Issue: gh-6501
2019-02-18 09:24:17 -07:00
Ankur Pathak
ac13b55ecd
HeaderWriterFilter writes headers at beginning
...
Add support for HeaderWriterFilter to write headers at the beginning of the request
Fixes: gh-6501
2019-02-18 07:43:08 -07:00
Josh Cummings
fba25614bf
Reactive Opaque Token Support
...
Fixes: gh-6513
2019-02-15 15:59:25 -06:00
Rafiullah Hamedy
43587b4307
Fixed broken links
...
Fixes: gh-6521
2019-02-15 15:41:16 -06:00
Rob Winch
752733e8de
Polish WebSessionOAuth2ServerAuthorizationRequestRepository Format
...
Issue: gh-6215
2019-02-15 15:01:11 -06:00
Zhanwei Wang
a60fd43534
Fix OAuth2 Client with Ditributed Session
...
Fixes: gh-6215
2019-02-15 15:01:11 -06:00
Joe Grandja
0c27f64338
ServletOAuth2AuthorizedClientExchangeFilterFunction supports chaining
...
Fixes gh-6483
2019-02-13 11:19:44 -05:00
RusZh
0c2a7e03f7
Update resource-server.adoc
...
Fix typo in the code sample
2019-02-11 12:27:28 -07:00
Stephen Doxsee
a7a9271313
Client OAuth2 properties to use scope not scopes
...
OAuth2ClientProperties.Registration (which captures .properties and
.yml for OAuth2 Client) has a member `scope` but not `scopes`. Samples
and documentation were using `scopes` and have now been updated to use
`scope`.
Fixes gh-6510
2019-02-08 11:54:18 -05:00
Fabien Arrault
17e774d8c7
Preserve existing refresh token if new refresh token not returned
...
During an oauth2 refresh if the authorization server doesn't return a new refresh token, preserve the existing one.
Fixes: gh-6503
2019-02-07 15:11:23 -05:00
Josh Cummings
0428906065
Resource Server Opaque Token Sample
...
Issue: gh-5200
2019-02-07 12:40:12 -07:00
Josh Cummings
c59d40593b
Introspect endpoint Authorization Server support
...
Issue: gh-5200
2019-02-07 12:40:12 -07:00
Josh Cummings
ef9c3e4771
Opaque Token Support
...
Fixes: gh-5200
2019-02-07 12:40:12 -07:00
Joe Grandja
594a169798
Introduce OAuth2AuthorizationRequest.attributes
...
Fixes gh-5940
2019-02-07 11:49:17 -05:00
Josh Cummings
67fb936c7e
Polish Formatting in Tests
...
Issue: gh-6454
2019-02-06 20:16:53 -07:00
Ankur Pathak
93d6a38ffd
Consider having HeaderWriters check before writing
...
All HeadersWriter only write Header if its not already
written.
Fixes: gh-6454 gh-5193
2019-02-06 20:16:52 -07:00
James
4742c18e4b
remove an unused import
2019-02-05 11:34:43 -06:00
James
ed545941c9
parameter 'pricipal' is never used
...
parameter 'pricipal' is never used
2019-02-05 11:34:43 -06:00
Josh Cummings
5c2ee09bc3
Favor RestOperations in Resource Server Configurer
...
Also polished exposure of the JWK Set Uri for the tests where
MockWebServer is preferred.
Fixes: gh-6104
2019-01-29 15:43:09 -07:00
Josh Cummings
c4b17475d9
Improve LDAP snippet formatting
...
Issue: gh-6486
2019-01-28 14:25:27 -07:00
Ankur Pathak
8e6bcc1c35
No RequestMatcher After AnyRequest
...
Don't allow any type of RequestMatchers
after any request by throwing IllegalStateException
Fixes: gh-6359
2019-01-25 11:14:33 -07:00
Gerardo Roza
95e0e7243d
Save original request on oauth2Client filter
...
When we used the oauth2Client directive and requested an endpoint that
required client authorization on the authorization server, the
SPRING_SECURITY_SAVED_REQUEST was not persisted, and therefore after
creating the authorized client we were redirected to the root page ("/").
Now we are storing the session attribute and getting redirected back to
the original URI as expected.
Note that the attribute is stored only when a
ClientAuthorizationRequiredException is thrown in the chain, we dont
want to store it as a response to the
/oauth2/authorization/{registrationId} endpoint, since we would end
up in an infinite loop
Fixes gh-6341
2019-01-25 09:15:44 -06:00
Bryan Kelly
5abe6ca718
Missing spring: prefix on jwk-set-uri example
2019-01-25 08:31:13 -06:00
Nick Bromfield
b581bb7eae
Add new configuration options for OAuth2LoginSpec
...
Fixes gh-5598
2019-01-24 10:37:52 -05:00
Aanuoluwapo Otitoola
976e763acb
Update to nimbus-jose-jwt:6.7
...
Fixes: gh-6459
2019-01-22 16:41:08 -07:00
Ankur Pathak
2e70d66063
Improve CsrfBeanDefinitionParser xml parsing
...
1. CsrfBeanDefinitionParser registers requestDataValueProcessor
if not already registered
2. Created Tests in CsrfBeanDefinitionParserTests
Fixes: gh-6423
2019-01-22 13:56:20 -06:00
Ankur Pathak
ffe602fdbe
HTML markup fixed in DefaultLoginPageGeneratingFilter
...
Ending div moved out of condition.
Fixes: gh-6417
2019-01-22 13:20:35 -06:00
Josh Cummings
c82440ee82
Polish CompositeHeaderWriterTests
...
Changed test to favor mocks in order to provide a stronger
guarantee that the composite delegates to its components.
Issue: gh-6453
2019-01-21 14:50:09 -07:00
Josh Cummings
bb1b9d9b86
Polish Javadoc and Whitespacing
...
Issue: gh-6453
2019-01-21 14:50:09 -07:00
Ankur Pathak
718641a1e5
Added CompositeHeaderWriter
...
1. Added new CompositeHeaderWriter
2. Improvement in HeaderWriterFilter using CompositeHeaderWriter.
Fixes: gh-6453
2019-01-21 14:50:09 -07:00
Josh Cummings
ca02d8a4f8
NamespaceLogoutTests groovy->java
...
Issue: gh-4939
2019-01-18 16:56:13 -07:00
Josh Cummings
e68b6f17de
NamespaceHttpBasicTests groovy->java
...
Issue: gh-4939
2019-01-18 15:41:26 -07:00
Andy Wilkinson
95ff451193
Fix formatting in Implicit OAuth2AuthorizedClient section
2019-01-18 10:24:01 -07:00
Ankur Pathak
b7ed919cee
Add preload support to Strict-Transport-Security
...
1. Preload support in Servlet Security(XML & Java)
2. Preload support in Reactive Security
3. Test for preload support in Servlet Security
4. Test for preload support in Reactive Security
Fixes: gh-6312
2019-01-16 11:10:06 -06:00
Rob Winch
739594dee8
Next Development Version
2019-01-15 21:02:38 -06:00
Rob Winch
fdd22e5082
Release 5.2.0.M1
2019-01-15 21:02:01 -06:00
Denis Washington
3be11a22cd
Save query parameters in WebSessionServerRequestCache
...
Previously, URL query parameters were lost when saving a request
in WebSessionServerRequestCache. Now it is properly saved and
restored.
2019-01-15 13:44:29 -06:00
guo fei
c0e66a9ba1
1. add customization support for double forwardslash in StrickHttpFirewall
...
2. add getEncodedUrlBlacklist() and getDecodedUrlBlacklist() method in StrickHttpFirewall
Fixes gh-6292
2019-01-15 13:42:33 -06:00
Mohammad Sadeq Dousti
d099a62a6f
hasRole should not be called on a string with "ROLE_" prefix ( #6353 )
...
Removed "ROLE_" from UrlAuthorizationConfigurer
This fixes IllegalArgumentException: ROLE_ANONYMOUS should not start
with ROLE_ since ROLE_
2019-01-15 08:59:34 -06:00
Joe Grandja
5fbf9532e1
Update to spring-build-conventions 0.0.23.RELEASE
...
Fixes gh-6440
2019-01-15 05:44:41 -05:00
Joe Grandja
4e4321fb07
Update to htmlunit-driver 2.33.3
...
Fixes gh-6434
2019-01-15 05:40:54 -05:00
Joe Grandja
9721ee9d4e
Update to Spring Data Lovelace SR4
...
Fixes gh-6438
2019-01-14 17:43:10 -05:00
Joe Grandja
9d7f141b86
Update to Spring Framework 5.1.4
...
Fixes gh-6437
2019-01-14 17:43:10 -05:00
Joe Grandja
68e3bbdd03
Update to Reactor Californium-SR4
...
Fixes gh-6436
2019-01-14 17:43:10 -05:00
Joe Grandja
08b7479f4c
Update to Spring Boot 2.1.2
...
Fixes gh-6435
2019-01-14 17:43:10 -05:00
Joe Grandja
e864e63760
Update to org.powermock 2.0.0
...
Fixes gh-6433
2019-01-14 16:59:11 -05:00
Joe Grandja
6e14418937
Update to hibernate-entitymanager 5.4.0.Final
...
Fixes gh-6432
2019-01-14 16:56:32 -05:00
Joe Grandja
4d1a23b6b4
Update to ehcache 2.10.6
...
Fixes gh-6431
2019-01-14 16:53:59 -05:00
Joe Grandja
f97d6f41ea
Update to com.squareup.okhttp3 3.12.1
...
Fixes gh-6430
2019-01-14 16:52:00 -05:00
Joe Grandja
84a287d6ff
Update to oauth2-oidc-sdk 6.5
...
Fixes gh-6429
2019-01-14 16:48:44 -05:00