3159 Commits

Author SHA1 Message Date
Josh Cummings
0af4cdbf5c
Merge branch '6.4.x' 2025-01-14 17:05:21 -07:00
Josh Cummings
8735368d9e
Don't Support Serialization of Jackson Modules
Issu gh-16276
2025-01-14 17:04:36 -07:00
Rob Winch
bb38fd3483 Merge branch '6.4.x'
Closes gh-16409
2025-01-13 17:33:32 -06:00
Toshiaki Maki
5075869418 Fix for JdbcOneTimeTokenService cleanupExpiredTokens failing with PostgreSQL
Closes gh-16344
2025-01-13 17:09:57 -06:00
github-actions[bot]
95ec49a21d Support Meta-Annotation Parameters on Parameter Annotations
Closes gh-16248
2024-12-19 15:14:22 -07:00
Josh Cummings
b9f3a28678 Add UserDetailsService Constructor
Closes gh-15973
2024-12-16 17:59:16 -07:00
Josh Cummings
b9911fd522
Add serialVersionUID to Authentication classes
Issue gh-16276
2024-12-13 16:41:32 -07:00
Joe Grandja
c2cfe92a02 Merge branch '6.3.x' 2024-11-18 05:16:16 -05:00
Joe Grandja
709103e38c Merge branch '6.2.x' into 6.3.x 2024-11-18 04:45:38 -05:00
Joe Grandja
a8c4d6cead Require Locale argument for toLower/toUpperCase usage 2024-11-18 04:22:26 -05:00
Josh Cummings
69cbe12a7b
Register Authorization Proxied Type
Closes gh-16106
2024-11-15 15:07:37 -07:00
Tran Ngoc Nhan
ffed4ea1dc Polish diamond usage 2024-10-25 13:42:33 -07:00
Max Batischev
9cb81f8ad5 Polish JdbcOneTimeTokenService 2024-10-25 13:26:52 -07:00
Josh Cummings
981fbd5c2c Polish Tests
Closes gh-14768
2024-10-24 20:51:34 -07:00
Max Batischev
ec13b8db4b Add @FunctionalInterface to AuthorizationEventPublisher 2024-10-23 12:45:00 -07:00
Josh Cummings
95aaf3566f Use Thread-safe Map
Closes gh-15906
2024-10-22 16:16:17 -07:00
Steve Riesenberg
af2b84246b
Fix flaky test
Issue gh-15735
2024-10-18 12:22:08 -05:00
kwonyonghyun
b8aa78829c Improve readability of empty collection checks 2024-10-14 12:16:39 -07:00
Tran Ngoc Nhan
31f8caec5f Polish diamond operator usage 2024-10-14 11:51:35 -07:00
Josh Cummings
9ce5a76e8c Polish AuthorizationManager#authorize
Issue gh-14843
2024-10-14 11:48:57 -07:00
Max Batischev
e7644925f8 Add AuthorizationResult support for AuthorizationManager
Closes gh-14843
2024-10-14 11:48:57 -07:00
Josh Cummings
702538ebce AuthorizationEventPublisher Accepts AuthorizationResult
Closes gh-15915

Co-authored-by: Max Batischev <mblancer@mail.ru>
2024-10-14 11:48:57 -07:00
Munawar Hafiz
aa7ef1192e Replaces Date().getTime() method with System.currentTimeMillis() 2024-10-10 14:29:25 -05:00
Josh Cummings
b26f2af5d5 Polish
Formatting as well as adding a missing defer

Issue gh-15699
2024-10-07 16:39:54 -07:00
Max Batischev
2ca2e56383 Add Reactive One-Time Token Login support
Closes gh-15699
2024-10-07 16:39:54 -07:00
Rob Winch
1dd79c379b Add JdbcOneTimeTokenService
Closes gh-15735
2024-10-02 14:42:13 -05:00
Rob Winch
c3a5ae1254 Fix logger checkstyle 2024-10-02 14:39:58 -05:00
Rob Winch
7738e6c895 Add logger.isDebugEnabled()
Issue gh-15735
2024-10-02 14:24:23 -05:00
Rob Winch
c4b60cd080 Reduce visibility for JdbcOneTimeTokenServiceTests
Issue gh-15735
2024-10-02 14:24:23 -05:00
Rob Winch
650ec3ba82 Use Duration for calculating validity
This improves readability.

Issue gh-15735
2024-10-02 14:24:23 -05:00
Rob Winch
e8c71df899 Use private Inner JdbcOneTimeTokenService classes
Issue gh-15735
2024-10-02 14:24:23 -05:00
Rob Winch
612b15abcc JdbcOneTimeTokenService.setCleanupCron
Spring Security uses setter methods for optional member variables. Allows
for a null cleanupCron to disable the cleanup.

In a clustered environment it is likely that users do not want all nodes
to be performing a cleanup because it will cause contention on the ott
table.

Another example is if a user wants to invoke cleanUpExpiredTokens with a
different strategy all together, they might want to disable the cron job.

Issue gh-15735
2024-10-02 14:22:25 -05:00
Rob Winch
4787ac254d cleanUpExpiredTokens->cleanupExpiredTokens
Issue gh-15735
2024-10-02 10:59:26 -05:00
Rob Winch
4f328c9503 destroy() shuts down the taskScheduler
Issue gh-15735
2024-10-02 10:59:21 -05:00
Max Batischev
0c216f0b59 Add public to setClock method in InMemoryOneTimeTokenService
Closes gh-15863
2024-09-30 15:33:33 -05:00
Max Batischev
50cc36d53e Add support JdbcOneTimeTokenService
Closes gh-15735
2024-09-29 00:06:10 +03:00
DingHao
68d814e042 Polish ExpressionTemplateSecurityAnnotationScanner 2024-09-23 16:05:22 -07:00
Jonny Coddington
b90851d968 Improve Error Messages for PasswordEncoder
Closes gh-14880

Signed-off-by: Jonny Coddington <bottlerocketjonny@protonmail.com>
2024-09-17 14:16:08 -07:00
Josh Cummings
1760e7fac8 Cache Annotation Lookups
Closes gh-15799
2024-09-15 21:30:55 -07:00
Josh Cummings
d194724a04 Skip Proxying If Already Proxied
Issue gh-15709
2024-09-15 21:30:55 -07:00
Josh Cummings
6f5e103dec Use AnnotationTemplateExpressionDefaults in Reactive
Issue gh-15097
2024-09-15 21:30:55 -07:00
Marcus Hert Da Coregio
0618d4e03f Provide Runtime Hints for Beans used in Pre/PostAuthorize Expressions
Closes gh-14652
2024-09-13 08:42:14 -03:00
Josh Cummings
fd5d03d384 Add AuthorizeReturnObject Hints
Closes gh-15709
2024-09-10 11:57:31 -07:00
Josh Cummings
da38b13a17 Add SecurityHintsRegistrar
An interface for registering hints based on Security infrastructure
beans.

Closes gh-15772
2024-09-10 11:57:31 -07:00
Josh Cummings
927de0d3b8
Use AuthorizationProxy Interface for Class Proxying
Issue gh-15747
2024-09-10 07:58:21 -06:00
Marcus Hert Da Coregio
2ff29dc229 Throw AuthorizationDeniedException when AuthorizationResult is available
Closes gh-15706
2024-09-10 09:14:50 -03:00
Josh Cummings
fce2eb1531
Add AuthorizationProxy Interface
Closes gh-15747
2024-09-09 15:39:03 -06:00
Marcus Hert Da Coregio
4855287743 Merge branch '6.3.x'
Closes gh-15768
2024-09-09 08:54:14 -03:00
Marcus Hert Da Coregio
aeae740926 Merge branch '6.2.x' into 6.3.x
Closes gh-15767
2024-09-09 08:54:00 -03:00
Marcus Hert Da Coregio
a268b78473 Merge branch '5.8.x' into 6.2.x
Closes gh-15766
2024-09-09 08:53:39 -03:00