Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-02-25 08:58:57 +00:00
Code Issues Packages Projects Releases Wiki Activity
8,901 Commits 34 Branches 337 Tags
Commit Graph

8901 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Eleftheria Stein
cf48f986f6 Fix typo in resource server documentation 2020-08-24 09:10:33 +02:00
Rob Winch
046cdd7f07 Update Snapshot Build to Kotlin 1.4.0 2020-08-20 10:45:53 -05:00
Martin Vietz
0486d5add9 scopes_supported metadata not used as default in ClientRegistrations 
Closes gh-8514
 2020-08-20 08:09:54 -04:00
Josh Cummings
21e9a410ee
Remove Package Tangle 
Issue gh-8876
 2020-08-19 15:52:20 -06:00
Josh Cummings
e6d1e2cf81
Restructure SAML 2.0 Documentation 
Issue gh-8763
 2020-08-19 14:59:26 -06:00
Josh Cummings
af5c55c380
Polish AuthnRequest Customization Support 
Having the application generate the AuthnRequest fresh allows Spring
Security to back away more gracefully. Using a Consumer implies that
the application will need to undo any values that Spring Security set
that the application doesn't want.

Also, if this does become a configuration burden, it can be simplified
in a separate ticket by exposing the default Converter.

Issue gh-8776
 2020-08-19 14:27:31 -06:00
Josh Cummings
3694485056
Polish SAML 2.0 Default Assertion Validator 
In several cases, taking a pre-set ValidationContext is not sufficient.
For example, the recipient is calculated via the
RelyingPartyRegistration that's currently in the context of the
request.

Instead, then, createDefaultAssertionValidator was broken up into two
different methods: One that takes no parameters and assumes the class's
default ValidationContext, and another that takes a converter to derive
the ValidationContext from the incoming authentication token.

Issue gh-8970
 2020-08-19 13:58:42 -06:00
Josh Cummings
da7477cd41
Add Response to Authentication Conversion Support 
Closes gh-8010
 2020-08-18 17:49:34 -06:00
Josh Cummings
0c696dd58b
Remove XSAnyMarshaller AttributeValue Support 
In favor of customizing the authentication converter

Closes gh-8864
 2020-08-18 17:42:04 -06:00
Josh Cummings
7b3dda161b
Generalize SAML 2.0 Assertion Validation Support 
Closes gh-8970
 2020-08-18 12:23:42 -06:00
Josh Cummings
1069e91645
RSocket Deprecations 
Stop using deprecated RSocket APIs in integration tests

Issue gh-8948
 2020-08-13 17:51:59 -06:00
Rob Winch
a4756cf62c --refresh-dependencies for snapshots 2020-08-11 09:53:18 -05:00
Eleftheria Stein
69e0552c30 Add servlet OAuth2 client Kotlin samples 
Issue gh-8172
 2020-08-11 14:25:27 +02:00
koishikawa11
be6d2f117e
Add hasAnyRole and hasAnyAuthority to authorizeRequests in Kotlin DSL 
Closes gh-8892
 2020-08-11 07:59:22 -04:00
Eleftheria Stein
5142d39079 Restrict Spring Framework version to 5.2.x 2020-08-11 13:25:30 +02:00
Eleftheria Stein
380a11566e Add registered OAuth2 authorized client Kotlin samples 
Issue gh-8172
 2020-08-11 10:24:21 +02:00
Eleftheria Stein
324d6795c9 Add WebClient samples to docs 
Issue gh-8172
 2020-08-11 08:33:46 +02:00
Eleftheria Stein
496fcbb102 Add OAuth2 resource server WebFlux samples 
Issue gh-8172
 2020-08-11 08:33:46 +02:00
Eleftheria Stein
d839e4dd71 Fix typos in resource server docs 
- Use withJwkSetUri instead of fromJwkSetUri
- Use ES512 instead of EC512
- Use NimbusReactiveOpaqueTokenIntrospector instead of NimbusOpaqueTokenIntrospector in reactive
- User authorizeExchange instead of authorizeRequests
 2020-08-11 08:33:46 +02:00
Rob Winch
94cf4d1de7 Fix SNAPSHOT builds 
- Stop using deprecated RSocket APIs
- Update SNAPSHOT build to use Boot SNAPSHOT
 2020-08-10 11:35:15 -05:00
Eleftheria Stein
12a8795c3d Fix typo in resource server docs 2020-08-06 14:11:13 +02:00
Rob Winch
7cc10ed277 Fix Email notifications 2020-08-05 14:11:57 -05:00
Joe Grandja
a30541fcd9 Next Development Version 
NOTE:
The 5.4.0-RC1 release has been tagged at 74b42ba956ededc997565edf0c73c2242b653614
as it includes a fix related to RSocket integration tests.
 2020-08-05 15:03:27 -04:00
Joe Grandja
1d74d556c2 Revert "Lock Dependency Versions for 5.4.0-RC1" 
This reverts commit f3a1e5d40c11169d4ec6c50eba30cf4ed3ba2851.
 2020-08-05 14:59:11 -04:00
Rob Winch
74b42ba956 Move RSocket integration tests to integration tests 
Closes gh-8944
5.4.0-RC1 		2020-08-05 13:23:20 -05:00
Joe Grandja
10dbe140c9 Release 5.4.0-RC1 2020-08-05 13:46:57 -04:00
Joe Grandja
f3a1e5d40c Lock Dependency Versions for 5.4.0-RC1 2020-08-05 13:46:11 -04:00
Josh Cummings
a701555318
Polish Saml2AuthenticationTokenConverter 
Issue gh-8768
 2020-08-05 10:08:47 -06:00
Josh Cummings
f82190b414
Add RelyingPartyRegistrations 
Closes gh-8484
 2020-08-05 10:08:47 -06:00
Josh Cummings
506786f46e
Replaced Spaces with Tabs 
Updated the .gradle file for SAML 2.0 Service Provider to use tabs
 2020-08-05 10:08:47 -06:00
Josh Cummings
b999faa5a0
Complete SAML 2.0 SP Metadata Endpoint 
Closes gh-8693
 2020-08-05 10:08:47 -06:00
Jakub Kubrynski
8a355240bc
SAML 2.0 SP Metadata Endpoint Support 
Issue gh-8693
 2020-08-05 10:08:47 -06:00
Josh Cummings
31bae546e2
Removed Unused Files 
Saml2Utils and Saml2ServletUtils are no longer used

Issue gh-8768
 2020-08-05 10:08:46 -06:00
Joe Grandja
1361cb8790 Use reactor-netty-http for snapshot build 
Closes gh-8909
 2020-08-05 11:50:50 -04:00
Eleftheria Stein
aeafe04260 Remove need for WebSecurityConfigurerAdapter 
Closes gh-8804
 2020-08-05 10:10:12 -04:00
Josh Cummings
5061ae9e79
Add Saml2AuthenticationTokenConverter 
Closes gh-8768
 2020-08-04 18:41:43 -06:00
Josh Cummings
a10c2c6cf8
Polish DefaultSaml2AuthenticationRequestContextResolver 
Issue gh-8360
Issue gh-8887
 2020-08-04 17:29:13 -06:00
Josh Cummings
015281ff53
Add DefaultRelyingPartyRegistrationResolver 
Closes gh-8887
 2020-08-04 17:29:10 -06:00
Josh Cummings
a402c3884a
Add ConditionValidator Support 
Closes gh-8769
 2020-08-04 13:05:23 -06:00
Josh Cummings
d9d8253603
Polish OpenSamlAuthenticationProvider 
Issue gh-8769
 2020-08-04 13:05:23 -06:00
Joe Grandja
3bc0b8c144 Revert "Fix snapshot build failure related to reactor-netty" 
This reverts commit f37714a26fb2cc8a93cb1d5259a00c4c0934dd59.
 2020-08-04 14:24:32 -04:00
Joe Grandja
f37714a26f Fix snapshot build failure related to reactor-netty 
Closes gh-8909
 2020-08-04 14:17:03 -04:00
Joe Grandja
8146b1fdda Deprecate CustomUserTypesOAuth2UserService 
Closes gh-8908
 2020-08-04 13:23:44 -04:00
Joe Grandja
73e550a867 Polish gh-8906 2020-08-04 11:16:26 -04:00
Joe Grandja
0ed919f072 Deprecate ClientRegistration.redirectUriTemplate 
Closes gh-8906
 2020-08-04 11:03:29 -04:00
Joe Grandja
a0c10f2df6 Allow for custom ClientRegistration.clientAuthenticationMethod 
Closes gh-8903
 2020-08-04 08:48:56 -04:00
Joe Grandja
11cc94afd8 Deprecate ImplicitGrantConfigurer 
Closes gh-8902
 2020-08-04 07:26:58 -04:00
Joe Grandja
4e5a304a8a Remove use of Mono.deferWithContext() 
Closes gh-8901
 2020-08-04 07:26:32 -04:00
Dávid Kováč
dfaf251970 Resolve Bearer token after subscribing to publisher 
Bearer token was resolved immediately after calling method convert. In situations when malformed token was provided or authorization header and access token query param were present in request exception was thrown instead of signalling error.
After this change Bearer token is resolved on subscription and invalid states are handled by signaling error to subscriber.

Closes gh-8865
 2020-08-03 11:04:21 -05:00
Rob Winch
e770a21589 Revert "Fix build error related to Mono.deferWithContext()" 
This reverts commit 104d785210efc310b990e5206cca8acd25ecb35d.
 2020-07-31 13:02:25 -05:00