Stephen Doxsee 
							
						 
					 
					
						
						
						
						
							
						
						
							7739a0e91a 
							
						 
					 
					
						
						
							
							Add PKCE OAuth2 client support  
						
						... 
						
						
						
						- Support has been added for "RFC7636: Proof Key for Code Exchange by OAuth Public Clients" (PKCE, pronounced "pixy") to mitigate against attacks targeting the interception of the authorization code
 - PkceParameterNames was added for the 3 additional parameters used by PKCE (i.e. code_verifier, code_challenge, and code_challenge_method)
 - Default code_verifier length has been set to 128 characters--the maximum allowed by RFC7636
 - ClientAuthenticationMethod.NONE was added to allow clients to request tokens without providing a client secret
Fixes gh-6446 
						
						
					 
					
						2019-02-28 11:38:48 -05:00 
						 
				 
			
				
					
						
							
							
								Joe Grandja 
							
						 
					 
					
						
						
						
						
							
						
						
							594a169798 
							
						 
					 
					
						
						
							
							Introduce OAuth2AuthorizationRequest.attributes  
						
						... 
						
						
						
						Fixes gh-5940 
						
						
					 
					
						2019-02-07 11:49:17 -05:00 
						 
				 
			
				
					
						
							
							
								Josh Cummings 
							
						 
					 
					
						
						
						
						
							
						
						
							d77b12d229 
							
						 
					 
					
						
						
							
							authorization_uri Uses UriComponentsBuilder  
						
						... 
						
						
						
						Because of this, authorization_uri can now be a fully-qualified url.
Fixes: gh-5760 
						
						
					 
					
						2018-12-21 13:23:47 -07:00 
						 
				 
			
				
					
						
							
							
								Joe Grandja 
							
						 
					 
					
						
						
						
						
							
						
						
							12f320851d 
							
						 
					 
					
						
						
							
							Set openid scope in OAuth2LoginTests  
						
						
						
						
					 
					
						2018-12-21 09:24:55 -06:00 
						 
				 
			
				
					
						
							
							
								Joe Grandja 
							
						 
					 
					
						
						
						
						
							
						
						
							8f4f52edb9 
							
						 
					 
					
						
						
							
							Support configurable JwtDecoder for IdToken verification  
						
						... 
						
						
						
						Fixes gh-5717 
						
						
					 
					
						2018-12-21 09:24:55 -06:00 
						 
				 
			
				
					
						
							
							
								Josh Cummings 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							2a8233d035 
							
						 
					 
					
						
						
							
							Remove PowerMock from oauth2-core and oauth2-jose  
						
						... 
						
						
						
						Issue: gh-6025 
						
						
					 
					
						2018-11-20 14:02:10 -07:00 
						 
				 
			
				
					
						
							
							
								Josh Cummings 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							39933b10ff 
							
						 
					 
					
						
						
							
							Add scopes method to TestOAuth2AccessTokens  
						
						... 
						
						
						
						Issue: gh-6025 
						
						
					 
					
						2018-11-19 18:06:40 -07:00 
						 
				 
			
				
					
						
							
							
								Rafael Dominguez 
							
						 
					 
					
						
						
						
						
							
						
						
							75a2c2b729 
							
						 
					 
					
						
						
							
							OAuth2AccessTokenResponseBodyExtractor supports Object values  
						
						... 
						
						
						
						This commit ensures the token response is parsed correctly if the values are not a String.
Fixes: gh-6087 
						
						
					 
					
						2018-11-15 13:23:36 -06:00 
						 
				 
			
				
					
						
							
							
								Josh Cummings 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							77fa495860 
							
						 
					 
					
						
						
							
							DelegatingOAuth2TokenValidator Varargs Constructor  
						
						... 
						
						
						
						Fixes: gh-5889 
						
						
					 
					
						2018-09-20 10:45:51 -06:00 
						 
				 
			
				
					
						
							
							
								Joe Grandja 
							
						 
					 
					
						
						
						
						
							
						
						
							e8d8eb59bf 
							
						 
					 
					
						
						
							
							Make OAuth2AuthorizedClient Serializable  
						
						... 
						
						
						
						Fixes gh-5757 
						
						
					 
					
						2018-09-19 10:47:30 -04:00 
						 
				 
			
				
					
						
							
							
								Joe Grandja 
							
						 
					 
					
						
						
						
						
							
						
						
							2c078c5dd9 
							
						 
					 
					
						
						
							
							Remove expiresAt constructor-arg in OAuth2RefreshToken  
						
						... 
						
						
						
						Fixes gh-5854 
						
						
					 
					
						2018-09-19 10:47:30 -04:00 
						 
				 
			
				
					
						
							
							
								Rob Winch 
							
						 
					 
					
						
						
						
						
							
						
						
							72301e548a 
							
						 
					 
					
						
						
							
							Reactive OAuth2 DSL Customizations  
						
						... 
						
						
						
						Fixes: gh-5855 
						
						
					 
					
						2018-09-17 21:21:36 -05:00 
						 
				 
			
				
					
						
							
							
								Joe Grandja 
							
						 
					 
					
						
						
						
						
							
						
						
							8746e71b9a 
							
						 
					 
					
						
						
							
							Use OAuth2AuthorizationException in authorization flows  
						
						
						
						
					 
					
						2018-09-11 14:53:42 -05:00 
						 
				 
			
				
					
						
							
							
								Joe Grandja 
							
						 
					 
					
						
						
						
						
							
						
						
							b3282957a8 
							
						 
					 
					
						
						
							
							Add OAuth2AuthorizationException  
						
						
						
						
					 
					
						2018-09-11 14:53:42 -05:00 
						 
				 
			
				
					
						
							
							
								Joe Grandja 
							
						 
					 
					
						
						
						
						
							
						
						
							229b69dd35 
							
						 
					 
					
						
						
							
							Add DefaultAuthorizationCodeTokenResponseClient  
						
						... 
						
						
						
						Fixes gh-5547 
						
						
					 
					
						2018-08-27 12:44:19 -04:00 
						 
				 
			
				
					
						
							
							
								Rob Winch 
							
						 
					 
					
						
						
						
						
							
						
						
							d0ebe47cd5 
							
						 
					 
					
						
						
							
							OAuth2LoginReactiveAuthenticationManager uses OAuth2AuthorizationCodeReactiveAuthenticationManager  
						
						... 
						
						
						
						Issue: gh-5620 
						
						
					 
					
						2018-08-19 21:12:32 -05:00 
						 
				 
			
				
					
						
							
							
								Rob Winch 
							
						 
					 
					
						
						
						
						
							
						
						
							3a7083c7e9 
							
						 
					 
					
						
						
							
							Add Test<DomainObject>s For OAuth2  
						
						... 
						
						
						
						Fixes: gh-5699 
						
						
					 
					
						2018-08-19 21:08:28 -05:00 
						 
				 
			
				
					
						
							
							
								Josh Cummings 
							
						 
					 
					
						
						
						
						
							
						
						
							7c524aa0c8 
							
						 
					 
					
						
						
							
							Jwt Claim Validation  
						
						... 
						
						
						
						This introduces OAuth2TokenValidator which allows the customization of
validation steps that need to be performing when decoding a string
token to a Jwt.
At this point, two validators, JwtTimestampValidator and
JwtIssuerValidator, are available for use.
Fixes: gh-5133 
						
						
					 
					
						2018-08-16 13:19:26 -05:00 
						 
				 
			
				
					
						
							
							
								Johnny Lim 
							
						 
					 
					
						
						
						
						
							
						
						
							68878a1675 
							
						 
					 
					
						
						
							
							Replace isEqualTo(null) with isNull()  
						
						
						
						
					 
					
						2018-08-09 18:04:48 -06:00 
						 
				 
			
				
					
						
							
							
								Joe Grandja 
							
						 
					 
					
						
						
						
						
							
						
						
							952743269d 
							
						 
					 
					
						
						
							
							Add support for client_credentials grant  
						
						... 
						
						
						
						Fixes gh-4982 
						
						
					 
					
						2018-08-08 08:06:47 -05:00 
						 
				 
			
				
					
						
							
							
								Joe Grandja 
							
						 
					 
					
						
						
						
						
							
						
						
							b5abb99908 
							
						 
					 
					
						
						
							
							ClaimAccessor.getClaimAsString() checks null claim value  
						
						... 
						
						
						
						Fixes gh-5608 
						
						
					 
					
						2018-07-30 15:31:41 -04:00 
						 
				 
			
				
					
						
							
							
								Joe Grandja 
							
						 
					 
					
						
						
						
						
							
						
						
							e243f93eed 
							
						 
					 
					
						
						
							
							Default to server_error when OAuth2Error.errorCode is null  
						
						... 
						
						
						
						Fixes gh-5594 
						
						
					 
					
						2018-07-30 13:20:58 -04:00 
						 
				 
			
				
					
						
							
							
								mhyeon.lee 
							
						 
					 
					
						
						
						
						
							
						
						
							3c461b704c 
							
						 
					 
					
						
						
							
							Add AuthenticationMethod type  
						
						... 
						
						
						
						This section defines three methods of sending bearer access tokens
in resource requests to resource servers.
Clients MUST NOT use more than
one method to transmit the token in each request.
RFC6750 Section 2 Authenticated Requests
https://tools.ietf.org/html/rfc6750#section-2 
Add AuthenticationMethod in ClientRegistration UserInfoEndpoint.
Add AuthenticationMethod for OAuth2UserService to get User.
To support the use of the POST method.
https://tools.ietf.org/html/rfc6750#section-2.2 
gh-5500 
						
						
					 
					
						2018-07-20 11:32:51 -04:00 
						 
				 
			
				
					
						
							
							
								Joe Grandja 
							
						 
					 
					
						
						
						
						
							
						
						
							779597af2a 
							
						 
					 
					
						
						
							
							Add support for custom authorization request parameters  
						
						... 
						
						
						
						Fixes gh-4911 
						
						
					 
					
						2018-07-16 09:39:06 -05:00 
						 
				 
			
				
					
						
							
							
								mhyeon.lee 
							
						 
					 
					
						
						
						
						
							
						
						
							1d920680bf 
							
						 
					 
					
						
						
							
							Enhance OAuth2AccessToken to be serializable  
						
						... 
						
						
						
						Change the TokenType to Serializable
so that the OAuth2AccessToken can be serialized.
(org.springframework.security.oauth2.core.OAuth2AccessToken.TokenType)
Fixes gh-5492 
						
						
					 
					
						2018-07-13 11:36:11 -04:00 
						 
				 
			
				
					
						
							
							
								Rob Winch 
							
						 
					 
					
						
						
						
						
							
						
						
							f7dc76de5f 
							
						 
					 
					
						
						
							
							Fix OAuth2BodyExtractorsTests for JDK9  
						
						... 
						
						
						
						Issue: gh-5475 
						
						
					 
					
						2018-07-02 16:29:07 -05:00 
						 
				 
			
				
					
						
							
							
								Rob Winch 
							
						 
					 
					
						
						
						
						
							
						
						
							73689ecfd7 
							
						 
					 
					
						
						
							
							Fix Imports of OAuth2AccessTokenResponse  
						
						... 
						
						
						
						Issue: gh-5474 
						
						
					 
					
						2018-07-02 15:46:33 -05:00 
						 
				 
			
				
					
						
							
							
								Rob Winch 
							
						 
					 
					
						
						
						
						
							
						
						
							e27e1cd637 
							
						 
					 
					
						
						
							
							Add OAuth2AccessTokenResponseBodyExtractor  
						
						... 
						
						
						
						This externalizes converting a OAuth2AccessTokenResponse from a
ReactiveHttpInputMessage.
Fixes: gh-5475 
						
						
					 
					
						2018-07-02 12:41:44 -05:00 
						 
				 
			
				
					
						
							
							
								Rob Winch 
							
						 
					 
					
						
						
						
						
							
						
						
							ab61732e17 
							
						 
					 
					
						
						
							
							Add OAuth2AccessTokenResponse.withResponse  
						
						... 
						
						
						
						Add ability to build a new OAuth2AccessTokenResponse from another
OAuth2AccessTokenResponse.
Fixes: gh-5474 
						
						
					 
					
						2018-07-02 12:37:45 -05:00 
						 
				 
			
				
					
						
							
							
								Joe Grandja 
							
						 
					 
					
						
						
						
						
							
						
						
							02d29887fb 
							
						 
					 
					
						
						
							
							Associate Refresh Token to OAuth2AuthorizedClient  
						
						... 
						
						
						
						Fixes gh-5416 
						
						
					 
					
						2018-06-12 11:31:43 -04:00 
						 
				 
			
				
					
						
							
							
								Joe Grandja 
							
						 
					 
					
						
						
						
						
							
						
						
							32c33d1def 
							
						 
					 
					
						
						
							
							Add OAuth2AuthenticationException constructor that takes only OAuth2Error  
						
						... 
						
						
						
						Fixes gh-5374 
						
						
					 
					
						2018-05-29 21:10:34 -04:00 
						 
				 
			
				
					
						
							
							
								Joe Grandja 
							
						 
					 
					
						
						
						
						
							
						
						
							fff64db0e2 
							
						 
					 
					
						
						
							
							Improve ClaimAccessor getClaimAsInstant  
						
						... 
						
						
						
						Fixes gh-5250 
						
						
					 
					
						2018-05-03 21:03:45 -04:00 
						 
				 
			
				
					
						
							
							
								Joe Grandja 
							
						 
					 
					
						
						
						
						
							
						
						
							d8f91e4261 
							
						 
					 
					
						
						
							
							Fix NPE with exp claim in NimbusJwtDecoderJwkSupport  
						
						... 
						
						
						
						Fixes gh-5168 
						
						
					 
					
						2018-04-04 07:58:32 -04:00 
						 
				 
			
				
					
						
							
							
								Joe Grandja 
							
						 
					 
					
						
						
						
						
							
						
						
							2bd31c96ed 
							
						 
					 
					
						
						
							
							ClaimAccessor.getClaimAsInstant() converts Long or Date  
						
						... 
						
						
						
						Fixes gh-5191, Fixes gh-5192 
						
						
					 
					
						2018-04-03 21:14:25 -04:00 
						 
				 
			
				
					
						
							
							
								Joe Grandja 
							
						 
					 
					
						
						
						
						
							
						
						
							bb15213091 
							
						 
					 
					
						
						
							
							Ensure consistency by using Collection<GrantedAuthority> type  
						
						... 
						
						
						
						Fixes gh-5143 
						
						
					 
					
						2018-03-21 10:35:18 -04:00 
						 
				 
			
				
					
						
							
							
								Joe Grandja 
							
						 
					 
					
						
						
						
						
							
						
						
							90f9d728cd 
							
						 
					 
					
						
						
							
							Allow extension for OAuth2Error  
						
						... 
						
						
						
						Fixes gh-5148 
						
						
					 
					
						2018-03-21 10:04:57 -04:00 
						 
				 
			
				
					
						
							
							
								Joe Grandja 
							
						 
					 
					
						
						
						
						
							
						
						
							fe2ac00deb 
							
						 
					 
					
						
						
							
							Add javadoc for spring-security-oauth2-client  
						
						... 
						
						
						
						Fixes gh-4884 
						
						
					 
					
						2018-01-23 17:07:21 -05:00 
						 
				 
			
				
					
						
							
							
								Joe Grandja 
							
						 
					 
					
						
						
						
						
							
						
						
							e6cac604f3 
							
						 
					 
					
						
						
							
							Add javadoc for spring-security-oauth2-core  
						
						... 
						
						
						
						Fixes gh-4883 
						
						
					 
					
						2018-01-18 16:00:26 -05:00 
						 
				 
			
				
					
						
							
							
								Joe Grandja 
							
						 
					 
					
						
						
						
						
							
						
						
							1d32fffc1d 
							
						 
					 
					
						
						
							
							Make OAuth2Error Serializable  
						
						... 
						
						
						
						Fixes gh-4944 
						
						
					 
					
						2018-01-10 10:40:54 -05:00 
						 
				 
			
				
					
						
							
							
								Joe Grandja 
							
						 
					 
					
						
						
						
						
							
						
						
							268a1dc06e 
							
						 
					 
					
						
						
							
							DefaultOAuth2User is Serializable  
						
						... 
						
						
						
						Fixes gh-4917 
						
						
					 
					
						2017-12-19 09:07:17 -05:00 
						 
				 
			
				
					
						
							
							
								Johnny Lim 
							
						 
					 
					
						
						
						
						
							
						
						
							b6895e6359 
							
						 
					 
					
						
						
							
							Apply Checkstyle WhitespaceAfterCheck module  
						
						
						
						
					 
					
						2017-11-16 11:18:31 -06:00 
						 
				 
			
				
					
						
							
							
								Joe Grandja 
							
						 
					 
					
						
						
						
						
							
						
						
							6775d9fdd8 
							
						 
					 
					
						
						
							
							OAuth2AccessTokenResponse should account for expires_in <= 0  
						
						... 
						
						
						
						Fixes gh-4810 
						
						
					 
					
						2017-11-12 11:30:11 -05:00 
						 
				 
			
				
					
						
							
							
								Joe Grandja 
							
						 
					 
					
						
						
						
						
							
						
						
							db35dc6c03 
							
						 
					 
					
						
						
							
							Add tests to oauth2-core  
						
						... 
						
						
						
						Fixes gh-4298 
						
						
					 
					
						2017-11-06 11:39:17 -05:00 
						 
				 
			
				
					
						
							
							
								Joe Grandja 
							
						 
					 
					
						
						
						
						
							
						
						
							ef9cd76607 
							
						 
					 
					
						
						
							
							Polish oauth2  
						
						... 
						
						
						
						Fixes gh-4758 
						
						
					 
					
						2017-10-30 16:49:01 -04:00 
						 
				 
			
				
					
						
							
							
								Rob Winch 
							
						 
					 
					
						
						
						
						
							
						
						
							d9584384c4 
							
						 
					 
					
						
						
							
							Move collectClaims to OidcUserAuthority  
						
						... 
						
						
						
						Fixes gh-4749 
						
						
					 
					
						2017-10-29 20:41:05 -05:00 
						 
				 
			
				
					
						
							
							
								Rob Winch 
							
						 
					 
					
						
						
						
						
							
						
						
							3d065b5afd 
							
						 
					 
					
						
						
							
							Add getIdToken getUser to OidcUser  
						
						... 
						
						
						
						Fixes gh-4748 
						
						
					 
					
						2017-10-29 20:10:55 -05:00 
						 
				 
			
				
					
						
							
							
								Rob Winch 
							
						 
					 
					
						
						
						
						
							
						
						
							f0c2944377 
							
						 
					 
					
						
						
							
							OAuth2AuthorizationResponse getAccessToken  
						
						... 
						
						
						
						No longer delegate to OAuth2AccessToken but add getAccessToken()
Fixes gh-4743 
						
						
					 
					
						2017-10-29 17:12:46 -05:00 
						 
				 
			
				
					
						
							
							
								Joe Grandja 
							
						 
					 
					
						
						
						
						
							
						
						
							9dc4aa6c81 
							
						 
					 
					
						
						
							
							Make OidcUserInfo Serializable  
						
						... 
						
						
						
						Fixes gh-4733 
						
						
					 
					
						2017-10-28 18:35:21 -04:00 
						 
				 
			
				
					
						
							
							
								Sola 
							
						 
					 
					
						
						
						
						
							
						
						
							f0b0cfc4fd 
							
						 
					 
					
						
						
							
							Ensure Copyright header reads 2002-2017  
						
						... 
						
						
						
						fixes gh-4655
Signed-off-by: Sola <dev@sola.love> 
						
						
					 
					
						2017-10-28 13:02:06 -05:00 
						 
				 
			
				
					
						
							
							
								Joe Grandja 
							
						 
					 
					
						
						
						
						
							
						
						
							9afefef3b9 
							
						 
					 
					
						
						
							
							Polish class names in oauth2-client  
						
						... 
						
						
						
						Fixes gh-4722 
						
						
					 
					
						2017-10-27 21:00:52 -04:00