72a9c15278
Refactor Duplicate Security Filter Chain Doc
...
This removes the duplicate Security Filter Chain Doc and moves the
HttpFirewall to exploits portion of the documentation.
Closes gh-7979
2020-02-12 12:58:56 -06:00
ea6a0635ef
Remove exclude of nohttp svg
...
We don't use svg images in our docs anymore.
Issue gh-7973
2020-02-12 12:11:58 -06:00
a6c47120a4
Update to spring-build-conventions:0.0.30.RELEASE
...
Issue gh-7973
2020-02-12 12:11:58 -06:00
fde3ccb8b3
Add marker to make Kotlin DSL type safe
...
Fixes: gh-7971
2020-02-12 11:35:45 +01:00
1d6fdd249b
Add missing Javadoc to Kotlin class
2020-02-11 18:09:30 +01:00
f37a4557e6
Fix typo in Kotlin Javadoc
2020-02-11 18:09:30 +01:00
eb7df6416a
Fix asciidoctorPdf images
...
We need to use png and disable interlaced mode.
Issue gh-7973
2020-02-11 07:49:54 -06:00
b173877705
Fix missing asciidoctorPdf attributes
...
Issue gh-7973
2020-02-11 07:49:54 -06:00
0809c04aa2
OAuth2AuthorizationCodeGrantWebFilter matches on query parameters
...
Fixes gh-7966
2020-02-10 15:11:04 -05:00
ab37a7a280
Update to spring-build-conventions:0.0.29.RELEASE
...
Closes gh-7974
2020-02-10 13:54:28 -06:00
2909d46060
Fix Asciidoctor Warnings
...
Closes gh-7973
2020-02-10 13:30:52 -06:00
5bdf57d1e5
Remove Groovy and Spock Dependencies
...
Fixes gh-4939
2020-02-10 10:38:40 -07:00
3e46dacb4b
NamespaceHttpAccessDaniedHandlerTests groovy->java
...
Fixed broken link
Issue gh-4939
2020-02-10 10:38:40 -07:00
bae50ecc05
AbstractSecurityWebApplicationInitializerTests groovy->java
...
Issue gh-4939
2020-02-10 10:38:39 -07:00
a5210aaf9b
Support custom filter in Kotlin DSL
...
Fixes: gh-7951
2020-02-10 12:03:32 +01:00
3c86239b39
OAuth2AuthorizationCodeGrantFilter matches on query parameters
...
Fixes gh-7963
2020-02-10 05:13:47 -05:00
d3490b0f87
Prevent double-escaping of authorize URL parameters
...
If the authorization URL in the OAuth2 provider configuration contained query parameters with escaped characters, these characters were escaped a second time. This commit fixes it.
It is relevant to support the OIDC claims parameter (see https://openid.net/specs/openid-connect-core-1_0.html#ClaimsParameter ).
Fixes gh-7871
2020-02-08 16:40:15 -05:00
851be025e9
Don't force downcasting of RequestAttributes to ServletRequestAttributes
...
Fixes gh-7952
2020-02-07 20:44:19 -05:00
7c4d56319f
cassample groovy->java
...
Issue gh-4939
2020-02-07 16:44:08 -07:00
cb695ae60f
Add Dave Syer to Authors
...
Much of the content from architecture is borrowed, with permission
from Dave.
Issueh gh-7955
2020-02-07 15:54:32 -06:00
9afa95f925
Fix Checkstyle
...
Issue gh-7955
2020-02-07 15:31:09 -06:00
55f42fc153
Add High Level Servlet Architecture
...
- Review of Filters
- DelegatingFilterProxy
- FilterChainProxy
- Security Filters
Fixes gh-7955
2020-02-07 14:25:31 -06:00
0028414da7
Ignore Lock Files
2020-02-07 13:59:05 -06:00
653400edfa
Polish DefaultAuthenticationEventPublisher
...
Simplified the constructor selection logic.
Issue gh-7825
2020-02-06 14:13:05 -07:00
51b9b2f693
DefaultAuthenticationEventPublisher Default Event
...
Fixes gh-7825
2020-02-06 14:13:04 -07:00
a90e579350
Add JwtIssuerReactiveAuthenticationManagerResolver
...
Fixes gh-7857
2020-02-06 13:45:13 -07:00
8c0b754a49
Fix credentials precedence over introspector in Kotlin
...
Fixes: gh-7878
2020-02-06 11:01:42 +01:00
1fed688f05
Fix JWK Set URI precedence over decoder in Kotlin
...
Fixes: gh-7877
2020-02-06 10:48:42 +01:00
f23ab6f716
Updated Tests for oauth2webclient-webflux Sample
...
Issue gh-7910
2020-02-05 15:56:18 -07:00
ffb5a3a0d4
Add oauth2Client WebTestClient Support
...
Fixes gh-7910
2020-02-05 15:33:57 -07:00
84b8a5abd7
Unlock dependencies for next development version
...
This reverts commit 064616f1ef
2020-02-05 15:53:04 +01:00
3806f2387b
Next development version
2020-02-05 15:51:25 +01:00
f85f2fa740
Release 5.3.0.RC1
2020-02-05 15:17:14 +01:00
064616f1ef
Lock dependencies for 5.3.0.RC1
2020-02-05 10:20:05 +01:00
7c482007de
Update to GAE 1.9.78
...
Fixes gh-7893
2020-02-05 09:42:36 +01:00
96913f4bc1
Update to Spring Boot 2.2.4.RELEASE
...
Fixes gh-7892
2020-02-05 09:41:36 +01:00
b47605266e
Update to Gradle 6.1.1
...
Fixes gh-7936
2020-02-04 23:36:47 -06:00
1d7208f8ef
Add RSocket Authentication Extension Support
...
Fixes gh-7935
2020-02-04 23:36:47 -06:00
209c81d65d
Add BadOpaqueTokenException
...
Updated NimbusOpaqueTokenIntrospector and
NimbusReactiveOpaqueTokenIntrospector to throw.
Updated OpaqueTokenAuthenticationProvider and
OpaqueTokenReactiveAuthenticationManager to catch.
Fixes gh-7902
2020-02-04 17:33:08 -07:00
0c3754c811
Add BadJwtException
...
Updated NimbusJwtDecoder and NimbusReactiveJwtDecoder to throw.
Updated JwtAuthenticationProvider and JwtReactiveAuthenticationManager
to catch.
Fixes gh-7885
2020-02-04 17:33:08 -07:00
fbdecdafb8
Add Mapping to Invalid Bearer Token
...
Fixes gh-7793
2020-02-04 17:33:08 -07:00
25d029b092
Fix test gh-7873
2020-02-04 12:00:55 -05:00
04f3fe8af9
Add Jackson support for oauth2-client session related classes
...
Fixes gh-4886
2020-02-04 09:01:12 -05:00
ca5cc13948
SecurityEvaluationContextExtension Signature
...
SecurityEvaluationContextExtension.getRootObject() should have a signature
with a return type of SecurityExpressionRoot. See
EvaluationContextExtension javadoc
eed7658ce5/src/main/java/org/springframework/data/spel/spi/EvaluationContextExtension.java (L61-L64)
2020-02-04 07:32:16 -06:00
5678490c1f
Add relying party registration not found exception
...
Fixes: gh-7865
2020-02-04 09:58:54 +01:00
3e07b35611
Polish Bearer Token Error Handling
...
Issue gh-7822
Issue gh-7823
2020-02-03 17:54:39 -07:00
1b15f74f57
Add InvalidBearerTokenException
...
Fixes gh-7822
2020-02-03 17:54:39 -07:00
7b2fcd17f5
Add BearerTokenErrors
...
Fixes gh-7823
2020-02-03 17:54:33 -07:00
187c76e610
Update Tests in oauth2webclient Sample
...
Issue gh-7886
2020-02-03 17:08:04 -07:00
c367378421
Add OAuth2Client MockMvc Test Support
...
Fixes gh-7886
2020-02-03 15:59:58 -07:00
Rob Winch
Eleftheria Stein
Joe Grandja
Josh Cummings
Manuel Bleichenbacher
Stephane Maldini
Zeeshan Adnan