Commit Graph

8379 Commits

Author SHA1 Message Date
Rob Winch ca5cc13948 SecurityEvaluationContextExtension Signature
SecurityEvaluationContextExtension.getRootObject() should have a signature
with a return type of SecurityExpressionRoot. See
EvaluationContextExtension javadoc
eed7658ce5/src/main/java/org/springframework/data/spel/spi/EvaluationContextExtension.java (L61-L64)

This enhancement will allow for Spring Data to make certain types of
optimizations.

Fixes gh-7891
2020-02-04 07:32:16 -06:00
Eleftheria Stein 5678490c1f Add relying party registration not found exception
Fixes: gh-7865
2020-02-04 09:58:54 +01:00
Josh Cummings 3e07b35611
Polish Bearer Token Error Handling
Issue gh-7822
Issue gh-7823
2020-02-03 17:54:39 -07:00
Josh Cummings 1b15f74f57
Add InvalidBearerTokenException
Fixes gh-7822
2020-02-03 17:54:39 -07:00
Josh Cummings 7b2fcd17f5
Add BearerTokenErrors
Fixes gh-7823
2020-02-03 17:54:33 -07:00
Josh Cummings 187c76e610
Update Tests in oauth2webclient Sample
Issue gh-7886
2020-02-03 17:08:04 -07:00
Josh Cummings c367378421
Add OAuth2Client MockMvc Test Support
Fixes gh-7886
2020-02-03 15:59:58 -07:00
Eleftheria Stein 0694b621bb Manage specific version of htmlunit dependencies
This allows Spring Boot to resolve consistent versions

Fixes: gh-7888
2020-02-03 20:18:02 +01:00
James ee6df1701b
Polish SessionManagementConfigurer 2020-01-31 11:24:36 -07:00
Josh Cummings cb9fd09150
Change AuthenticationWebFilter's constructor
Fixes gh-7872
2020-01-31 09:31:28 -07:00
Josh Cummings 7550907e03
Polish OAuth2AccessTokenResponse converters
Since these converters no longer have a direct reference to the HTTP
stack, it would be better to move them into another package. Also, now
that the converters are public, we should follow the prevailing
converter naming convention, which is to call it STConverter for an
implementation of Converter<S, T>.
2020-01-30 16:42:44 -07:00
Nikita Konev 704f98688d
Make OAuth2AccessTokenResponse converters public 2020-01-30 16:42:44 -07:00
Josh Cummings d22b476983
Polish ProviderManager
Updated copyright date range and adjusted constructor order to better
match DelegatingReactiveAuthenticationManager

Fixes gh-7713
2020-01-30 16:08:01 -07:00
Thomas Vitale ace89e12f2 Make code cleaner in ProviderManagerTests 2020-01-30 16:07:24 -07:00
Thomas Vitale 5ce60022d3 ProviderManager should have a varargs constructor
- Added varargs constructor to ProviderManager.
- Added check for null values in AuthenticationProvider list.
- Updated ProviderManagerTests to test for null values using both constructors.

Fixes gh-7713
2020-01-30 16:07:24 -07:00
Josh Cummings df8feb8919
Update JettyCasService
Align with changes to Jetty's SslContextFactory

Issue gh-7874
2020-01-30 11:25:44 -07:00
Josh Cummings 50d8200348
Update cas-server-webapp to 4.0.7
Did not update to the latest as there is some work involved in
aligning the casserver sample's XML configuration with the latest
cas-server-webapp.

Fixes gh-7874
2020-01-30 11:24:16 -07:00
Eleftheria Stein a512789a93 Fix requiresAuthenticationMatcher not being used
The custom server requiresAuthenticationMatcher was not always picked up

Fixes: gh-7863
2020-01-27 16:12:27 +01:00
Eleftheria Stein 29377545d9 Fix authenticationFailureHandler not being used
The custom server authenticationFailureHandler was not always picked up

Fixes: gh-7782
2020-01-27 13:10:03 +01:00
Peter Keller e62fb755e8 Set charset of BasicAuthenticationFilter converter
Allow BasicAuthenticationFilter to pick up the given credentials charset.

Fixes: gh-7835
2020-01-23 15:34:35 +01:00
Eleftheria Stein a2fb2c91c2 Kotlin examples in documentation
Issue: gh-5558
2020-01-22 14:36:34 +01:00
Eleftheria Stein 9740b5920b Load LDIF file from classpath in unboundId mode
Fixes: gh-7833
2020-01-21 09:52:30 -06:00
Eleftheria Stein 57fba90c0e Fix LDIF file example in LDAP docs
Fixes: gh-7832
2020-01-20 10:24:20 +01:00
Rob Winch e93fb9904e Update to Gradle 6.1 2020-01-17 19:22:13 -06:00
Rob Winch a03bfe63fd Remove in favor of ManagementConfigurationPlugin 2020-01-17 19:22:13 -06:00
Johannes Edmeier bdc60a9128 Don't cache requests with `Accept: text/event-stream` by default.
The eventstream requests is typically not directly invoked by the browser.
And even more unfortunately the Browser-Api doesn't allow the set additional headers as `XMLHttpRequest`..
2020-01-17 10:42:16 -08:00
Rob Winch 1ae3ec3f8a Revert "Update to Gradle 6.1"
This reverts commit 7f9715d951.
2020-01-16 19:32:46 -06:00
Phil Clay e5fca61810 Introduce Reactive OAuth2Authorization success/failure handlers
All ReactiveOAuth2AuthorizedClientManagers now have authorization success/failure handlers.
A success handler is provided to save authorized clients for future requests.
A failure handler is provided to remove previously saved authorized clients.

ServerOAuth2AuthorizedClientExchangeFilterFunction also makes use of a
failure handler in the case of unauthorized or forbidden http status code.

The main use cases now handled are
- remove authorized client when an authorization server indicates that a refresh token is no longer valid (when authorization server returns invalid_grant)
- remove authorized client when a resource server indicates that an access token is no longer valid (when resource server returns invalid_token)

Introduced ClientAuthorizationException to capture details needed when removing an authorized client.
All ReactiveOAuth2AccessTokenResponseClients now throw a ClientAuthorizationException on failures.

Created AbstractWebClientReactiveOAuth2AccessTokenResponseClient to unify common logic between all ReactiveOAuth2AccessTokenResponseClients.

Fixes gh-7699
2020-01-16 15:24:55 -05:00
Rob Winch 7f9715d951 Update to Gradle 6.1
Fixes gh-7838
2020-01-16 11:18:01 -06:00
Rob Winch a769f6a0c4 Polish LDAP Authentication
Issue gh-7628
2020-01-16 09:38:40 -06:00
Josh Cummings f1f158b37e AuthenticationEventPublisher DSL Lookup
Fixes gh-4400
2020-01-14 12:07:46 -07:00
Josh Cummings 5579846263 AuthenticationEventPublisher Bean Lookup
Issue gh-7793
Fixes gh-7515
2020-01-14 12:07:46 -07:00
James Howe fc9b97c94a Typo in doc 2020-01-14 08:32:26 -07:00
Josh Cummings 982f3f902c
Add oauth2Login Reactive Test Support
Fixes gh-7828
2020-01-13 17:49:52 -07:00
Rob Winch 841275e152 Polish Username Password Storage wording
Issue gh-7801
2020-01-13 16:40:12 -06:00
Rob Winch c4a0ed0db5 Fix indentation of user-details-service.adoc
Issue gh-7801
2020-01-13 16:40:05 -06:00
Rob Winch 2e2974fc13 Add Dependency Versions to Asciidoctor
Add dependency versions to asciidoctor and
spring-version -> spring-core-version

Issue gh-7801
2020-01-13 16:39:57 -06:00
Rob Winch 38c2010d21 Remove println from springVersion
Issue gh-7801
2020-01-13 16:39:50 -06:00
Filip Hanik 6a28d9eee7 Use latest documentation plugin 2020-01-13 12:19:57 -08:00
Vincent Ricard f0856c83a9 Migrate LDAP integration tests groovy->java
This commit also removes BaseSpringSpec

Issue: gh-4939
2020-01-13 14:18:25 +01:00
Onur Kağan Özcan 1f6381d970 Set secure on cookie when logging out
Mark cookie secure flag to ensure cookie identity is the same
2020-01-13 11:01:33 +01:00
Josh Cummings 8f1d0cf528
opaqueToken MockMvc Configuration Order
Fixes gh-7800
2020-01-10 16:47:31 -07:00
Rob Winch ad7c44f7fd Add More role=primary/secondary
Issue gh-7801
2020-01-10 10:58:24 -06:00
Rob Winch 729da6463f Fix appendix-schema id 2020-01-10 10:58:24 -06:00
Eleftheria Stein 1e33627d87 Use standard lambda syntax in documentation
Fixes: gh-7774
2020-01-10 13:12:17 +01:00
Josh Cummings a35ce77451
Add missing PowerMockIgnore annotation
WebSecurityConfigurerAdapterPowermockTests needs to exclude
javax.xml.transform.* from Powermock configuration.
2020-01-09 15:48:08 -07:00
Josh Cummings ba21c156dd
Polish WebSecurityConfigurerAdapter tests
Moved Powermock-dependent test over to
WebSecurityConfigurerAdapterPowermockTests.
2020-01-09 13:51:19 -07:00
Rob Winch ffccec953f Fix HttpHeaderWriterWebFilterTests
Ensure setComplete() is subscribed to
2020-01-09 14:24:35 -06:00
Rob Winch 3fb87d10e9 Add role=primary/secondary example
Issue gh-7801
2020-01-09 12:05:20 -06:00
Rob Winch b85b4b8643 spring-build-conventions:0.0.28.BUILD-SNAPSHOT
Fixes gh-7801
2020-01-09 12:05:06 -06:00