c94b3f4d23
Add AuthorizationExchange
...
Fixes gh-4660
2017-10-20 20:59:32 -04:00
eb2b573426
Validate Authorization Response
...
Fixes gh-4657, Issue gh-4654
2017-10-20 20:59:32 -04:00
8e3a2a7123
Remove AuthorizationCodeAuthenticationFilter.AuthorizationResponseMatcher
...
Fixes gh-4654
2017-10-20 06:09:31 -04:00
84a1c417a3
Extract Converter from AuthorizationResponseMatcher
...
Fixes gh-4653
2017-10-20 04:56:07 -04:00
d4dac21ca5
Make ClientRegistration.Builder constructor private
...
Fixes gh-4656
2017-10-19 14:15:59 -04:00
a980e3b0d7
Remove ClientRegistrationIdentifierStrategy
...
Fixes gh-4648
2017-10-19 13:40:06 -04:00
f3756cdd07
Remove ClientRegistrationProperties
...
Fixes gh-4649
2017-10-19 13:27:54 -04:00
1f5edc98d5
ClientRegistration.Builder.scopes -> scope
...
Fixes gh-4663
2017-10-19 11:24:01 -04:00
1e891b38ab
Rename scope -> scopes for Set types
...
Fixes gh-4644
2017-10-18 17:56:39 -04:00
d7d6400971
DefaultStateGenerator->Base64StringKeyGenerator
...
Rename and move DefaultStateGenerator since it is more generic than just
OAuth.
Fixes gh-4645
2017-10-18 11:29:04 -05:00
d554b06a43
OAuth use ConcurrentHashMap
...
Fixes gh-4647
2017-10-17 22:17:09 -05:00
b764c666c6
Fix jwt package tangles
...
JWT is part of OAuth2, so it should be a subpackage of oauth2.
Fixes gh-4614
2017-10-17 21:06:27 -05:00
c5abcd1fcd
DefaultAuthorizationRequestUriBuilder uses StringUtils
...
Fixes gh-4642
2017-10-17 20:24:43 -05:00
7b8d131386
Fix package tangles -> OAuth2/Oidc AuthenticationProvider's
...
Fixes gh-4614
2017-10-16 20:56:32 -04:00
25052214ae
Polish
2017-10-16 18:33:27 -05:00
a7d054c9f3
Remove AuthorizationGrantAuthenticator
2017-10-16 13:43:11 -04:00
3c824dc44b
Fix package tangles -> OAuth2UserService
...
Fixes gh-4614
2017-10-13 18:59:41 -04:00
cfa4858b04
Fix package tangles -> AuthorizationGrantTokenExchanger
...
Fixes gh-4614
2017-10-13 16:35:48 -04:00
c441f99567
Polish oauth2-client
2017-10-13 07:09:00 -04:00
d4d7199a6d
Polish oauth2-core
2017-10-13 07:09:00 -04:00
df474e04d8
Move logic from AuthorizationCodeAuthenticationFilter to OAuth2UserAuthenticationProvider
2017-10-11 17:39:21 -04:00
ca5b62abb5
Move AuthorizationResponseConverter logic to AuthorizationCodeAuthenticationFilter
2017-10-11 17:39:21 -04:00
d840090cb0
Add support for implicit grant type
...
Fixes gh-4500
2017-10-11 13:54:59 -04:00
401c84b3f2
Externalize error codes from OAuth2Error
...
Fixes gh-4606
2017-10-10 20:24:33 -04:00
da0a7afa38
Polish AuthorizationCodeAuthenticationFilter
...
Fixes gh-4599
2017-10-10 14:39:47 -04:00
efa4bf409c
Remove AuthorizationCodeRequestRedirectFilter. setAuthorizationRequestMatcher
2017-10-10 14:38:06 -04:00
6b16fa0d8c
Polish OAuth Security Configurers
2017-10-10 14:38:06 -04:00
97c938e7f3
Extract authentication logic from AuthorizationCodeAuthenticationFilter
...
Fixes gh-4590
2017-10-10 14:38:06 -04:00
5811624bbe
Polish endpoint package
...
* Remove ErrorResponseAttributes
* Rename AuthorizationRequestAttributes -> AuthorizationRequest
* Remove AuthorizationCodeTokenRequestAttributes
* Rename TokenResponseAttributes -> TokenResponse
Issue gh-4593
2017-10-06 18:51:24 -04:00
ce142e50b6
Rename AuthorizationCodeAuthorizationResponseAttributes -> AuthorizationResponse
...
Fixes gh-4593
2017-10-06 18:51:24 -04:00
eca2b67137
ClientRegistration supports 'baseUrl' uri variable
...
Fixes gh-4589
2017-10-05 20:35:51 -04:00
dec0bce100
Remove authorities -> AuthorizationGrantAuthenticationToken constructor
...
Fixes gh-4602
2017-10-05 20:22:50 -04:00
1b7e761be4
Remove SecurityTokenRepository from AuthorizationCodeAuthenticationProvider constructor
...
Fixes gh-4591
2017-10-05 17:05:56 -04:00
eb320bfed4
AuthorizationCodeAuthenticationProcessingFilter -> AuthorizationCodeAuthenticationFilter
2017-10-05 16:40:12 -04:00
5c14e48b18
Add OAuth2UserAuthenticationProvider
...
Moved logic from AuthorizationCodeAuthenticationProvider
to OAuth2UserAuthenticationProvider (new) related to
loading user attributes via OAuth2UserService.
This re-factor is part of the work required for Issue gh-4513
2017-10-05 15:15:35 -04:00
f8a9077d5a
Generalize AuthorizationCodeAuthenticationProvider
...
The AuthorizationCodeAuthenticationProvider implements part of the
Authorization Code Grant flow as defined in
OAuth 2.0 Authorization Framework and OpenID Connect Core 1.0.
The implementation needs to be de-coupled to allow for better re-use and readability.
This commit introduces the AuthorizationGrantAuthenticator and extracts logic from
AuthorizationCodeAuthenticationProvider and provides different implementations
for OAuth 2.0 and OpenID Connect 1.0.
This re-factor is part of the work required for Issue gh-4513
2017-10-05 05:02:22 -04:00
0d516ca32c
Rename scopes -> scope
2017-10-02 15:50:16 -04:00
fb57111ecd
redirect-uri property supports 'baseRedirectUrl' uri variable
...
Fixes gh-4589
2017-10-02 15:29:03 -04:00
66647070ab
Default login page supports Iterable<ClientRegistration>
...
Fixes gh-4596
2017-09-29 19:54:17 -04:00
ad91adf9dc
Retrieving the UserInfo is conditional
...
Fixes gh-4451
2017-09-29 10:51:16 -04:00
646b3e48b3
Avoid Exception Message in HTTP Response
...
Fixes gh-4587
2017-09-28 17:24:49 -05:00
b9258aa6ee
Make AuthorizationRequestUriBuilder optional
...
Fixes gh-4577
2017-09-28 16:43:11 -04:00
bfb77a7804
Remove unnecessary dependencies
2017-09-28 15:42:12 -04:00
9a8ddebc94
Use param matching for Authorization Response
...
Fixes gh-4576
2017-09-28 10:21:01 -04:00
d191bcc8ac
Remove ClientRegistrationRepository.findByClientId()
...
Fixes gh-4583
2017-09-28 09:01:58 -04:00
52f495a5ec
Remove ProviderJwtDecoderRegistry
...
Fixes gh-4581
2017-09-28 08:51:43 -04:00
8448a54678
Remove ClientRegistrationRepository.getRegistrations()
...
Fixes gh-4582
2017-09-28 07:02:59 -04:00
3217582805
Introduce JwtDecoderRegistry
...
Fixes gh-4584
2017-09-28 06:07:47 -04:00
b463f8e6b5
Remove httpSecurity.oauth2Login().userInfoEndpoint().userNameAttributeName()
...
Related gh-4580
2017-09-27 15:39:39 -04:00
814742fef6
Rename ClientRegistration.clientAlias -> registrationId
...
Fixes gh-4575
2017-09-27 09:14:55 -04:00
Joe Grandja
Rob Winch
Johnny Lim