Commit Graph

7797 Commits

Author SHA1 Message Date
Lars Grefer c5b5cc507c Cleanup redundant type casts 2019-07-10 09:31:09 -05:00
Lars Grefer 43737a56bd Use foreach where possible 2019-07-09 06:11:45 -06:00
Lars Grefer 7dc28ff376 Use contains() instead of indexOf() != -1 2019-07-09 06:07:42 -06:00
Joe Grandja e554547593 Revert Map constructor for InMemoryReactiveClientRegistrationRepository
This commit reverts f6414e9a52 and
partial revert of e1b095df32.
NOTE: InMemoryReactiveClientRegistrationRepository should not expose a
Map constructor as it would allow the caller to pass in a 'distributed' (remote) Map,
which would result in a blocking I/O operation.
2019-07-08 15:32:52 -04:00
Joe Grandja 23d61d43e5 Polish #5994 2019-07-08 14:50:38 -04:00
Vedran Pavic 9432670f1d Allow InMemoryOAuth2AuthorizedClientService to be constructed with a Map
Fixes gh-5994
2019-07-08 12:46:26 -04:00
Eleftheria Stein d66d895e60 Migrate ServletApiConfigurerTests groovy->java
Issue: gh-4939
2019-07-04 12:14:49 -04:00
Bruno Studer 8016a193b9
Optimize IpAddressMatcher
Get rid of byte array allocation in matcher and small optimizations
2019-07-03 23:27:12 -06:00
Édouard Hue 3c1472501f Fixed validation in ClientRegistration.Builder
ClientRegistration.Builder defaulted to validating as an
authorization_code registration, though a custom grant type could be in
use. The actual grant_type is now verified for every case.
 - Fixed validation in ClientRegistration.Builder
 - New test that fails unless the issue is fixed.

Also made OAuth2AuthorizationGrantRequestEntityUtils public to help
implementing custom token response clients.

Fixes gh-7040
2019-07-03 16:07:19 -05:00
Rob Winch e1f155ba89 Polish SCrypt Upgrade Support
* Break up tests
* Rename test methods to follow conventions
* Fix checkstyle

Issue gh-7057
2019-07-03 15:50:51 -05:00
Lars Grefer e95effc839 Allow upgrading between different SCrypt encodings
Fixes gh-7057
2019-07-03 15:48:42 -05:00
Rob Winch 742df2cd1d Polish BCrypt upgrade
Issue gh-7042
2019-07-03 14:08:21 -05:00
Lars Grefer d3d6a8743e Allow upgrading between different BCrypt encodings
Fixes gh-7042
2019-07-03 14:08:04 -05:00
Lars Grefer 4b0fb19fff Use MessageDigest.isEqual() where possible
fixes #7058
2019-07-03 05:40:20 -06:00
Clement Ng cd54808718 Update Opaque Token Sample and tests
Issue: gh-6498
2019-07-02 07:45:56 -06:00
Clement Ng 491da9db03 Added OAuth2TokenAttributes to wrap attributes
To simplify access to OAuth 2.0 token attributes

Fixes gh-6498
2019-07-02 07:45:56 -06:00
Josh Cummings ee8182dceb
NamespaceSessionManagementTests groovy->java
Issue: gh-4939
2019-07-02 07:34:36 -06:00
Josh Cummings 329999b54a
Update to nimbus-jose-jwt:7.3
Fixes: gh-7061
2019-07-01 07:22:13 -06:00
Thomas Vitale f9747e6591 BearerTokenAuthenticationFilter exposes AuthenticationFailureHandler
Make BearerTokenAuthenticationFilter expose an AuthenticationFailureHandler which, by default, invokes the AuthenticationEntryPoint set in the filter.

Fixes gh-7009
2019-07-01 05:24:29 -06:00
Josh Cummings ce79ef2634 Single-key Key Selector
Fixes: gh-7049
Fixes: gh-7056
2019-06-28 15:12:00 -06:00
Behrang 3b5a4189ef Minor fix
These four items, not three items, constitute the auth process:

. A user is prompted to log in with a username and password.
. The system (successfully) verifies that the password is correct for the username.
. The context information for that user is obtained (their list of roles and so on).
. A security context is established for the user
2019-06-28 11:41:55 -05:00
Tadaya Tsuyukubo 7782e29a58 Allow custom ReactiveAuthenticationManager for basic and form auth
Prior to this change, "HttpBasicSpec#authenticationManager" and
"FormLoginSpec#authenticationManager" were always overridden by
"ServerHttpSecurity#authenticationManager".

This commit makes sure override only happens when custom authentication
manager was not specified.

Fixes: gh-5660
2019-06-28 11:04:21 -05:00
Lars Grefer 400e0c83b0 Add missing nullability annotation 2019-06-27 14:54:14 -05:00
Eleftheria Stein 39ba1006ba Migrate FormLoginConfigurerSpec groovy->java
Issue: gh-4939
2019-06-27 11:53:32 -04:00
Josh Cummings f5da63118e Add MultiTenantAuthenticationManagerResolver
A class with a number of handy request-based implementations of
AuthenticationManagerResolver targeted at common multi-tenancy
scenarios.

Fixes: gh-6976
2019-06-25 17:21:38 -06:00
Josh Cummings ecb13aa8cc
Resource Server JWE Sample
Issue: gh-4435
2019-06-25 16:54:15 -06:00
Josh Cummings 37d108ccc2
Remove SignedJWT Check
JWTProcessor already does sufficient checking to confirm that the JWT
is of the appropriate type.

Fixes: gh-7034
2019-06-25 16:49:29 -06:00
Léon van der Kaap d2248d185b
Add extra salt length check for BCrypt
If the salt length is 28 characters and the
version is 2{a,x,y}, an IndexOutOfBoundsException
is thrown. This commit adds an extra check that
the salt length should be at least 29 characters long
if the version is not equal to "2".

Fixes: gh-6907
2019-06-24 14:11:30 -06:00
Josh Cummings 10a7af2d53
Add file extension to wait-for-done 2019-06-24 14:10:50 -06:00
Rob Winch 6f5a443175 ServerBearerTokenAuthenticationConverter Handles Empty Tokens
Previously ServerBearerTokenAuthenticationConverter would throw an
IllegalArgumentException when the access token in a URI was empty String.
It also incorrectly provided HttpStatus.BAD_REQUEST for an empty String
access token in the headers.

This changes ServerBearerTokenAuthenticationConverter to consistently
throw a OAuth2AuthenticationException with an HttpStatus.UNAUTHORIZED

Fixes gh-7011
2019-06-24 13:57:29 -06:00
Eleftheria Stein 3c240d0ce3 Migrate DefaultLoginPageConfigurerTests groovy->java
Issue: gh-4939
2019-06-24 10:38:20 -04:00
Eleftheria Stein 12da990b6b Allow configuration of HTTP basic through nested builder
Issue: gh-5557
Fixes: gh-6885
2019-06-20 13:58:13 -05:00
Joe Grandja 3f2108921e Allow configurable accessible scopes for UserInfo resource
Fixes gh-6886
2019-06-20 10:32:58 -04:00
Joe Grandja 6e76df8f1d Revert OAuth2AuthorizationCodeGrantWebFilter works with /{action}/
Issue #5856
Commit 385bdfc055

NOTE: This commit 'partially' reverts #5856. Only the ServerWebExchangeMatcher for OAuth2LoginSpec is reverted.

Fixes gh-6890
2019-06-19 16:06:38 -04:00
Joe Grandja 06943d2d39 Revert OAuth2LoginAuthenticationFilter should ignore authenticated requests
Issue #5915
Commit 93ca455405

Fixes gh-6890
2019-06-19 16:06:38 -04:00
Josh Cummings e8b7d6b03a
Release Scripts
Added a script for polling Maven Central to notify when release is
uploaded.
2019-06-19 13:34:47 -06:00
Thomas Vitale 417ad40d10 Add generic getClaim() method in ClaimAccessor
Fixes gh-6947
2019-06-19 13:45:59 -04:00
Rob Winch 59dcc36dd1
Use https link to Stack Overflow 2019-06-19 12:44:43 -05:00
Rob Winch df14e18299
Add links to Stack Overflow Reply Template 2019-06-19 11:27:57 -05:00
Rob Winch 9f52e9b5ce
Update to align with Spring Boot's Stack Overflow 2019-06-19 11:27:10 -05:00
Rob Winch 57cb52ce64
Add Stackoverflow to Contributor Guidelines 2019-06-19 11:23:11 -05:00
Bagyoni Attila 878d262a26 Reimplement some hashCodes according to the currently recommended pattern.
These hashCode implementations seemed suspicious (field hashCodes XORed together with 31).
Included caseSensitive in AntPathRequestMatcher.hashCode() to be consistent with equals().
2019-06-18 12:44:57 -06:00
Daniel Meier f44eb0b7be Update Mockito-Core to version 2.27.0
Update Mockito-Core to version 2.27.0 and Byte Buddy to version 1.9.10.

Closes #6790
2019-06-18 08:00:01 -06:00
Dennis Devriendt b7ea7083c9 OAuth2LoginAuthenticationFilter sets AuthenticationDetails
Fixes gh-6866
2019-06-17 15:44:41 -05:00
sandmannn 23a7c3010c Added jwt injection for reactive test mocks
Added new implementation of jwt() method that
makes it possible to directly provide a previously
prepared JWT token to WebTestClient mutator.

Fixes: spring-projectsgh-6896
2019-06-15 10:01:57 -06:00
Eleftheria Stein c0f64aa2d2 Next Development Version 2019-06-14 16:14:19 -04:00
Eleftheria Stein 77235e1f1d Release 5.2.0.M3 2019-06-14 14:57:10 -04:00
Eleftheria Stein a01ef4d215 Update to Spring Data Moore-RC1
Fixes gh-7008
2019-06-14 11:40:45 -04:00
Eleftheria Stein 609228de5f Jenkins build performs git clean
Fixes gh-7006
2019-06-14 07:43:22 -06:00
Eleftheria Stein b00345575b Revert "Update to org.aspectj 1.9.4"
This reverts commit 0c41ed0948.

Fixes gh-7001
2019-06-13 16:45:17 -04:00