Commit Graph

8672 Commits

Author SHA1 Message Date
Joe Grandja c506ee6b69 Release 5.4.0-M1 2020-05-06 17:19:22 -04:00
Joe Grandja 206960cf44 Lock dependencies for 5.4.0-M1 2020-05-06 17:13:04 -04:00
Eleftheria Stein 07f8154a06 Temporarily build against Framework 5.2.x snapshot
Issue: gh-8489
2020-05-06 12:55:50 -04:00
Eleftheria Stein 545286188d Update SAML2 errors in integration tests 2020-05-06 11:46:54 -04:00
Eleftheria Stein 026a951d4f Remove JDK 9 and JDK 10 build from Jenkins pipeline
Closes gh-8482
2020-05-05 19:57:56 -04:00
Eleftheria Stein db155b3094 Clean up Javadoc
Fixes gh-8480
2020-05-05 17:31:54 -04:00
Josh Cummings d4dbe069ad Polish OpenSamlAuthenticationProvider
- Use type-safe CriteriaSet
- Keep Assertion immutable

Closes gh-8471
2020-05-05 16:33:17 -04:00
Andrii Hrytsiuk 7748fb00ba Fix typos in documentation 2020-05-05 10:45:42 -05:00
Dávid Kovács 1f1ddeb025 SecurityMockMvcConfigurer$DelegateFilter is not null-safe
This commit adds null-check to getter method, so instead of NPE an IllegalStateException will be thrown with additional details.

Fixes gh-7745
2020-05-05 09:56:37 -05:00
Daz DeBoer 6ec5f777d1 Upgrade Freefair AspectJ plugin to v5.0.1
The `io.freefair.aspectj.post-compile-weaving` plugin v5.0.1 includes [a fix](https://github.com/freefair/gradle-plugins/pull/213) that allows all tasks for `./gradlew classes` to be marked as `UP-TO-DATE` following an initial `./gradlew clean classes`. Without this fix, any compile task that is enhanced by the `io.freefair.aspectj.post-compile-weaving` plugin will incorrectly have compilation outputs configured as a _task input_, resulting in the task being out of date following a `clean compile`.
2020-05-04 17:07:08 -05:00
Eleftheria Stein 1ca47f5cd0 Fix typo in Java configuration docs 2020-05-01 14:24:40 -04:00
Rob Winch 4a9fa0337a Allow Configure RequestRjectedHandler in XML
Issue gh-5007
2020-05-01 10:51:11 -05:00
Rob Winch 0483b3e042 Polish RequestRejectedHandler
Issue gh-5007
2020-05-01 10:51:11 -05:00
Leonard Brünings b826c798f7 Add RequestRejectedHandler
Closes gh-5007
2020-05-01 10:51:01 -05:00
Stav Shamir a783fbc641 Support update when saving with JdbcOAuth2AuthorizedClientService
Before this commit, JdbcOAuth2AuthorizedClientService threw DuplicateKeyException when re-authorizing or when authorizing the same user from a different client.

This commit makes JdbcOAuth2AuthorizedClientService's saveAuthorizedClient method consistent with that of InMemoryOAuth2AuthorizedClientService.

Fixes gh-8425
2020-04-29 07:37:57 -04:00
Eleftheria Stein 4d63e2f332 AesBytesEncryptor constructor that uses secret key
Fixes: gh-8402
2020-04-28 11:16:44 -04:00
Dávid Kovács 8e8251ac5f Add ROLE_INFRASTRUCTURE to infrastructure beans
Closes gh-8407
2020-04-27 08:59:24 -05:00
Dávid Kovács f7b33da577 ActiveDirectoryLdapAuthenticationProvider uses InternalAuthenticationServiceException
Closes gh-2884
2020-04-24 10:15:48 -05:00
Adam Millerchip 0f29bee1b0 Add authorize() DSL method that accepts HttpMethod
Fixes: gh-8307
2020-04-22 16:14:04 -04:00
Adam Millerchip 16a7cbee4b Use named arguments in Kotlin authorization rule 2020-04-22 16:14:04 -04:00
Adam Millerchip 401393d756 Extract pattern type in request matcher DSL 2020-04-22 16:14:04 -04:00
Julian Müller 60d4d5b7ee Enables empty authorityPrefix
- docs stated that empty authorityPrefix are allowed but implementation denied to use `""`
- commit removes the `hasText`-limitation but restricts to `notNull`

Fixes gh-8421
2020-04-22 08:52:54 -05:00
Daniel Furtlehner 32ce94d2dd Validate ID Token Issuer
When the issuer is set in the provider metadata, we validate the iss
field of the ID Token against it.

The OpenID Connect Specification says this must always be validated.
But this would be a breaking change for applications configured other
than with ClientRegistrations.fromOidcIssuerLocation(issuer). This will
be done later with #8326

Fixes gh-8321
2020-04-21 20:30:01 -04:00
Dávid Kovács 70792a9072 Document description error
Fixes gh-8119
2020-04-21 09:17:01 -04:00
VonUniGE a88c7712d9 Fix mismatch between CONTRIBUTING.adoc and .editorconfig 2020-04-20 13:03:55 -05:00
corneliouz Bett ebc6012ec7 Rename Preface to Introduction
Closes gh-8188
2020-04-20 11:44:13 -05:00
Josh Cummings 1da694e19c
Remove TestSaml2SigningCredentials
Since TestSaml2X509Credentials is where tests get Saml2X509Credentials,
there is no reason for TestSaml2SigningCredentials.

Issue gh-8404
2020-04-17 15:46:19 -06:00
Josh Cummings ab772893c7
Polish DefaultSaml2AuthenticationRequestContextResolver
- Added more tests
- Standardized terminology

Issue gh-8360
2020-04-17 15:46:14 -06:00
shazin 8c0bdd50e2
Delegating Saml2AuthenticationRequestContext creation to Saml2AuthenticationRequestContextResolver
Saml2AuthenticationRequestContext creation logic is not extensible at
the moment as it is provided inside of Saml2WebSsoAuthenticationRequestFilter.
This change enables to custom logic to be used when creating Saml2AuthenticationRequestContext by
taking the logic from the aforementioned filter to a seperate extensible
API by the name Saml2AuthenticationRequestContextResolver.

This provides following API contract and implementation:

 - Saml2AuthenticationRequestContextResolver
 - DefaultSaml2AuthenticationRequestContextResolver

Fixes gh-8360
2020-04-17 15:40:24 -06:00
Philipp Gerhard b9b89035f6 Documented dependencies opaque Resource Server
Extended the documentation for the opaque Resource Server in order to clearly state which dependencies are required in order for the minimal deployment to work. Replaced dead link for Contribute guidelines in README.adoc

Closes gh-8391
2020-04-17 16:25:14 -05:00
Antonin Arquey 5cd1ec7bb3 Add AuthoritiesMapper setter for reactive OAuth2Login
Allow the configuration of a custom GrantedAuthorityMapper for reactive OAuth2Login

- Add setter in OidcAuthorizationCodeReactiveAuthenticationManager
  and OAuth2LoginReactiveAuthenticationManager

- Use an available GrantedAuthorityMapper bean to configure the default ReactiveAuthenticationManager

Fixes gh-8324
2020-04-17 16:55:05 -04:00
Roberto Paolillo 2cccf223df Add Flag to enable searching of LDAP groups on subtrees
Closes gh-8939
2020-04-17 12:55:11 -05:00
Souphorn 64a5bb053e Fix typo with correct capitalization 2020-04-17 10:22:37 -04:00
Josh Cummings 2eebfd3c92
Polish http links
Issue gh-8397
2020-04-16 17:22:32 -06:00
Josh Cummings 8904361a37
Polish Saml Tests
Fixes gh-8403
Fixes gh-8404
2020-04-16 17:10:51 -06:00
Josh Cummings 7056c2d9de
Polish OpenSamlAuthenticationProviderTests
- Added missing this keywords
- Removed unused variables
- Coded to interfaces
- Added missing JavaDoc

Issue gh-6019
2020-04-16 17:09:46 -06:00
Rob Winch b1c8affec0 Update issue templates
Remove old templates
2020-04-16 16:05:40 -05:00
Rob Winch 5eb7134ee0 Update issue templates
Improve descriptions
2020-04-16 16:03:57 -05:00
Rob Winch 27b711a0a9 Add `status: waiting-for-triage` to issue templates 2020-04-16 16:02:26 -05:00
Rob Winch 1b4f6bbe33 Link to shared CODE_OF_CONDUCT
Issue gh-8396
2020-04-15 17:17:25 -05:00
Rob Winch a8b438587b CONTRIBUTING to adoc
Closes gh-8397
2020-04-15 17:16:33 -05:00
Rob Winch 13482db003 Add LICENSE.txt
Community files don't support LICENSE

Issue gh-8396
2020-04-15 16:44:13 -05:00
Rob Winch 29e81bc730 Use Default Community Files
See https://help.github.com/en/github/building-a-strong-community/creating-a-default-community-health-file

Closes gh-8396
2020-04-15 16:37:52 -05:00
Rob Winch 71fcd5835b Remove legacy issue template
Issue gh-8395
2020-04-15 16:36:08 -05:00
Rob Winch 62fa697863 Add GitHub Issue Templates
Closes gh-8395
2020-04-15 16:12:45 -05:00
Loïc Labagnara 146d9ba0bf Add marker to make Kotlin DSL type safe.
Fixes gh-8366
2020-04-14 16:23:28 -04:00
shazin 4e5a3a76cd
Open Saml2AuthenticationRequestContext
Fixed gh-8356
2020-04-13 23:58:12 -06:00
Josh Cummings 13b2b00093
Add JwtAuthenticationConverter docs
Issue gh-8185
2020-04-13 22:47:20 -06:00
Evgeniy Cheban a70d55552b
Resource Server Finds JwtAuthenticationConverter Beans
Fixes gh-8185
2020-04-13 22:47:20 -06:00
Rob Winch 9a42a028e7 Logout defaults to use Global SecurityContextServerLogoutHandler
Closes gh-8375
2020-04-13 16:36:12 -05:00