Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-02-20 21:38:48 +00:00
Code Issues Packages Projects Releases Wiki Activity
12,315 Commits 33 Branches 337 Tags
Commit Graph

12315 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Hans Lindner
ca10187fd1 Enhance JWT decoding error handling 
Previously, the `decode` method threw a `JwtException` directly when encountering an unsupported algorithm or any exception during parsing. This commit introduces a more robust error handling mechanism. Now, instead of throwing exceptions directly, it returns a `Mono.error()` with a `BadJwtException` containing detailed error information. This approach provides more flexibility and allows the caller to handle errors in a more granular way, by being able to use project reactors onError functionality.

Closes gh-14467
 2024-01-25 17:32:10 -07:00
dependabot[bot]
56f486588f Bump io.spring.ge.conventions from 0.0.14 to 0.0.15 
Bumps [io.spring.ge.conventions](https://github.com/spring-io/gradle-enterprise-conventions) from 0.0.14 to 0.0.15.
- [Release notes](https://github.com/spring-io/gradle-enterprise-conventions/releases)
- [Commits](https://github.com/spring-io/gradle-enterprise-conventions/compare/v0.0.14...v0.0.15)

---
updated-dependencies:
- dependency-name: io.spring.ge.conventions
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-01-17 14:31:01 -03:00
dependabot[bot]
3f5f79d835 Bump io.projectreactor.netty:reactor-netty from 1.0.40 to 1.0.41 
Bumps [io.projectreactor.netty:reactor-netty](https://github.com/reactor/reactor-netty) from 1.0.40 to 1.0.41.
- [Release notes](https://github.com/reactor/reactor-netty/releases)
- [Commits](https://github.com/reactor/reactor-netty/compare/v1.0.40...v1.0.41)

---
updated-dependencies:
- dependency-name: io.projectreactor.netty:reactor-netty
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-01-12 09:52:45 -06:00
dependabot[bot]
9985580534 Bump io.projectreactor:reactor-bom from 2020.0.39 to 2020.0.40 
Bumps [io.projectreactor:reactor-bom](https://github.com/reactor/reactor) from 2020.0.39 to 2020.0.40.
- [Release notes](https://github.com/reactor/reactor/releases)
- [Commits](https://github.com/reactor/reactor/compare/2020.0.39...2020.0.40)

---
updated-dependencies:
- dependency-name: io.projectreactor:reactor-bom
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-01-12 09:42:04 -06:00
dependabot[bot]
24d4abe5fd Bump io-spring-javaformat from 0.0.40 to 0.0.41 
Bumps `io-spring-javaformat` from 0.0.40 to 0.0.41.

Updates `io.spring.javaformat:spring-javaformat-checkstyle` from 0.0.40 to 0.0.41
- [Release notes](https://github.com/spring-io/spring-javaformat/releases)
- [Commits](https://github.com/spring-io/spring-javaformat/compare/v0.0.40...v0.0.41)

Updates `io.spring.javaformat:spring-javaformat-gradle-plugin` from 0.0.40 to 0.0.41
- [Release notes](https://github.com/spring-io/spring-javaformat/releases)
- [Commits](https://github.com/spring-io/spring-javaformat/compare/v0.0.40...v0.0.41)

---
updated-dependencies:
- dependency-name: io.spring.javaformat:spring-javaformat-checkstyle
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: io.spring.javaformat:spring-javaformat-gradle-plugin
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-01-12 09:37:19 -06:00
Steve Riesenberg
16dc6be3c8
Update copyright year 
Issue gh-14329
 2023-12-28 12:54:29 -06:00
Geir Hedemark
c88aaedb48
Updated broken documentation link in javadocs 2023-12-28 12:54:29 -06:00
daniKir
9203567a20 improve Multitenancy Issuer Validator example Closes gh-14229 2023-12-19 18:04:50 -07:00
Josh Cummings
e058b559b8
Polish Method Security Eager-Loading 
Issue gh-11596
 2023-12-18 15:18:09 -07:00
Josh Cummings
33800c0124
Address eager-loading of infrastructure beans 
Closes gh-11596
 2023-12-18 14:25:48 -07:00
github-actions[bot]
b71962e87d Next development version 2023-12-18 19:49:40 +00:00
github-actions[bot]
b97c310aba Release 5.8.9 5.8.9 2023-12-18 19:12:02 +00:00
Josh Cummings
59461d94b0
Clarify RSocket Configuration Docs 
Closes gh-13718
 2023-12-18 12:02:49 -07:00
Josh Cummings
fc007aa373
Check OpenSAML Version in XML Support 
Closes gh-12483
 2023-12-18 11:51:15 -07:00
Josh Cummings
eaaa813ede
Fix header value typo 
Closes gh-11948
 2023-12-18 10:42:50 -07:00
dependabot[bot]
10b3a9b234 Bump Gamesight/slack-workflow-status from 1.0.1 to 1.2.0 
Bumps [Gamesight/slack-workflow-status](https://github.com/gamesight/slack-workflow-status) from 1.0.1 to 1.2.0.
- [Release notes](https://github.com/gamesight/slack-workflow-status/releases)
- [Commits](https://github.com/gamesight/slack-workflow-status/compare/v1.0.1...v1.2.0)

---
updated-dependencies:
- dependency-name: Gamesight/slack-workflow-status
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-12-14 08:58:50 -03:00
dependabot[bot]
e4cc0a4755 Bump slackapi/slack-github-action from 1.19.0 to 1.24.0 
Bumps [slackapi/slack-github-action](https://github.com/slackapi/slack-github-action) from 1.19.0 to 1.24.0.
- [Release notes](https://github.com/slackapi/slack-github-action/releases)
- [Commits](https://github.com/slackapi/slack-github-action/compare/v1.19.0...v1.24.0)

---
updated-dependencies:
- dependency-name: slackapi/slack-github-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-12-14 08:58:37 -03:00
dependabot[bot]
ff71ef46b7 Bump actions/setup-java from 3 to 4 
Bumps [actions/setup-java](https://github.com/actions/setup-java) from 3 to 4.
- [Release notes](https://github.com/actions/setup-java/releases)
- [Commits](https://github.com/actions/setup-java/compare/v3...v4)

---
updated-dependencies:
- dependency-name: actions/setup-java
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-12-14 08:58:19 -03:00
dependabot[bot]
5593655bbf Bump spring-io/spring-gradle-build-action from 1 to 2 
Bumps [spring-io/spring-gradle-build-action](https://github.com/spring-io/spring-gradle-build-action) from 1 to 2.
- [Commits](https://github.com/spring-io/spring-gradle-build-action/compare/v1...v2)

---
updated-dependencies:
- dependency-name: spring-io/spring-gradle-build-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-12-14 08:58:09 -03:00
dependabot[bot]
47812e506f Bump actions/checkout from 3 to 4 
Bumps [actions/checkout](https://github.com/actions/checkout) from 3 to 4.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v3...v4)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-12-14 08:58:00 -03:00
dependabot[bot]
89fd30f235 Bump io.projectreactor.netty:reactor-netty from 1.0.39 to 1.0.40 
Bumps [io.projectreactor.netty:reactor-netty](https://github.com/reactor/reactor-netty) from 1.0.39 to 1.0.40.
- [Release notes](https://github.com/reactor/reactor-netty/releases)
- [Commits](https://github.com/reactor/reactor-netty/compare/v1.0.39...v1.0.40)

---
updated-dependencies:
- dependency-name: io.projectreactor.netty:reactor-netty
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-12-13 09:16:42 -03:00
dependabot[bot]
c3c068376a Bump io.projectreactor:reactor-bom from 2020.0.38 to 2020.0.39 
Bumps [io.projectreactor:reactor-bom](https://github.com/reactor/reactor) from 2020.0.38 to 2020.0.39.
- [Release notes](https://github.com/reactor/reactor/releases)
- [Commits](https://github.com/reactor/reactor/compare/2020.0.38...2020.0.39)

---
updated-dependencies:
- dependency-name: io.projectreactor:reactor-bom
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-12-13 09:15:35 -03:00
Marcus Hert Da Coregio
6d68f403fc Document that Shibboleth Repository is Required for SAML Support 
Closes gh-14286
 2023-12-13 09:11:27 -03:00
Josh Cummings
74d06f020d
Update to Latest Boot Property 
Closes gh-14252
 2023-12-11 11:44:08 -07:00
Candelario
e896b14046 Dropped Nimbus Error Message 
Closes gh-13730
 2023-12-11 10:19:02 -07:00
Josh Cummings
be11812fe4
Account for Super-super-interface Inheritance 
Closes gh-13625
 2023-12-09 11:41:02 -07:00
Steve Riesenberg
9c44b700f5
Add Gradle Enterprise creds to PR builds 
Closes gh-14249
 2023-12-07 14:28:51 -06:00
dependabot[bot]
40e8b20257 Bump ch.qos.logback:logback-classic from 1.2.12 to 1.2.13 
Bumps [ch.qos.logback:logback-classic](https://github.com/qos-ch/logback) from 1.2.12 to 1.2.13.
- [Commits](https://github.com/qos-ch/logback/compare/v_1.2.12...v_1.2.13)

---
updated-dependencies:
- dependency-name: ch.qos.logback:logback-classic
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-12-04 08:51:58 -07:00
Josh Cummings
c336ca49fb
Update Spring MVC Docs 
Closes gh-14220
 2023-12-01 12:57:46 -07:00
Josh Cummings
c623303ca5
Add Logging 
Now if the ServletRegistration API available message is shown, it will
also be accompanied with a startup warning in the logs.

Closes gh-14221
 2023-12-01 12:57:46 -07:00
Josh Cummings
a98baa7522
Polish ServletRegistration API Deferral 
Tomcat uses different ServletContext instances from startup- and request-time.
This commit ensures that if the programmatic API isn't available at startup-time,
then use the ServletContext attached to the HttpServletRequest at runtime.

Issue gh-13794
 2023-12-01 12:57:45 -07:00
dependabot[bot]
bb0987db80 Bump org.springframework.data:spring-data-bom 
Bumps [org.springframework.data:spring-data-bom](https://github.com/spring-projects/spring-data-bom) from 2021.2.17 to 2021.2.18.
- [Release notes](https://github.com/spring-projects/spring-data-bom/releases)
- [Commits](https://github.com/spring-projects/spring-data-bom/compare/2021.2.17...2021.2.18)

---
updated-dependencies:
- dependency-name: org.springframework.data:spring-data-bom
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-11-20 08:51:36 -03:00
Josh Cummings
d961307044
Polish RequestMatcher Description 
Issue gh-13794
 2023-11-17 12:24:38 -07:00
Josh Cummings
4ca54683ae
Defer requestMatchers Validation to Runtime 
Closes gh-13794
 2023-11-17 11:23:21 -07:00
Marcus Hert Da Coregio
a7da9491d9 Use assertj assertions 2023-11-17 09:03:36 -03:00
dependabot[bot]
382cfd63ed Bump io-spring-javaformat from 0.0.39 to 0.0.40 
Bumps `io-spring-javaformat` from 0.0.39 to 0.0.40.

Updates `io.spring.javaformat:spring-javaformat-checkstyle` from 0.0.39 to 0.0.40
- [Release notes](https://github.com/spring-io/spring-javaformat/releases)
- [Commits](https://github.com/spring-io/spring-javaformat/compare/v0.0.39...v0.0.40)

Updates `io.spring.javaformat:spring-javaformat-gradle-plugin` from 0.0.39 to 0.0.40
- [Release notes](https://github.com/spring-io/spring-javaformat/releases)
- [Commits](https://github.com/spring-io/spring-javaformat/compare/v0.0.39...v0.0.40)

---
updated-dependencies:
- dependency-name: io.spring.javaformat:spring-javaformat-checkstyle
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: io.spring.javaformat:spring-javaformat-gradle-plugin
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-11-17 09:03:36 -03:00
dependabot[bot]
7c98a39770 Bump org.springframework:spring-framework-bom from 5.3.30 to 5.3.31 
Bumps [org.springframework:spring-framework-bom](https://github.com/spring-projects/spring-framework) from 5.3.30 to 5.3.31.
- [Release notes](https://github.com/spring-projects/spring-framework/releases)
- [Commits](https://github.com/spring-projects/spring-framework/compare/v5.3.30...v5.3.31)

---
updated-dependencies:
- dependency-name: org.springframework:spring-framework-bom
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-11-17 09:03:29 -03:00
dependabot[bot]
6afcc02ef3 Bump io.projectreactor:reactor-bom from 2020.0.37 to 2020.0.38 
Bumps [io.projectreactor:reactor-bom](https://github.com/reactor/reactor) from 2020.0.37 to 2020.0.38.
- [Release notes](https://github.com/reactor/reactor/releases)
- [Commits](https://github.com/reactor/reactor/compare/2020.0.37...2020.0.38)

---
updated-dependencies:
- dependency-name: io.projectreactor:reactor-bom
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-11-16 08:35:55 -03:00
dependabot[bot]
773673ac2c Bump io.projectreactor.netty:reactor-netty from 1.0.38 to 1.0.39 
Bumps [io.projectreactor.netty:reactor-netty](https://github.com/reactor/reactor-netty) from 1.0.38 to 1.0.39.
- [Release notes](https://github.com/reactor/reactor-netty/releases)
- [Commits](https://github.com/reactor/reactor-netty/compare/v1.0.38...v1.0.39)

---
updated-dependencies:
- dependency-name: io.projectreactor.netty:reactor-netty
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-11-16 08:35:05 -03:00
Steve Riesenberg
7335c5745c
Document authentication helper method in WebClient integration 
This commit re-applies 49f3c0ce534254ea4b5f5a674c5afb8322c1736c
which was lost while splitting pages for Antora.

Issue gh-13816
Issue gh-10120
 2023-11-09 10:46:32 -06:00
Josh Cummings
52675c80b3
Check For Null Exception Message 
Closes gh-13768
 2023-11-07 17:19:35 -07:00
Josh Cummings
b919ece045
Change Idempotent to Read-Only 
Closes gh-13644
 2023-11-07 16:25:28 -07:00
Josh Cummings
11a21896dd
Defer SecurityContextHolderStrategy Lookup 
Due to how early method interceptors are loaded during startup
it's reasonable to consider scenarios where applications are
changing the global security context holder strategy during
startup.

Closes gh-12877
 2023-11-07 12:36:16 -07:00
Marcus Hert Da Coregio
eff9814d7b Add links to WebFlux section where referenced 
Closes gh-14100
 2023-11-07 13:13:41 -03:00
Dong, Xue-Han
058495d463 Add the Authorization Section to Nav List 
Closes gh-14099
 2023-11-07 13:11:52 -03:00
Josh Cummings
ffd12ee3b9
Refine requestMatcher Validation Rules 
Closes gh-14078
 2023-10-31 17:08:24 -06:00
Marcus Hert Da Coregio
3f64c6d745 Use version catalog to resolve nimbus dependency versions 
Issue gh-14047
 2023-10-30 16:11:51 -03:00
Marcus Hert Da Coregio
2cd302fb1b Revert "Use lenient configuration for prohibited dependencies check" 
This reverts commit 602d4189d11a3cd59d07f77b81721731f191534e.
 2023-10-30 16:11:02 -03:00
Marcus Hert Da Coregio
e8ec49b4c5 Resolve versions without downloading dependencies 
Issue gh-14047
 2023-10-30 14:46:12 -03:00
Marcus Hert Da Coregio
602d4189d1 Use lenient configuration for prohibited dependencies check 
Issue gh-14047
 2023-10-30 12:10:32 -03:00