Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
7,523 Commits 32 Branches 333 Tags 109 MiB
Commit Graph

7523 Commits

Author SHA1 Message Date
Rob Winch 158b8aa6d5 ServerOAuth2AuthorizedClientExchangeFilterFunction clientRegistrationId 
Issue: gh-4921
 2018-09-07 08:56:49 -05:00
Rob Winch 28537fa3b6 WebClientReactiveClientCredentialsTokenResponseClient 
Fixes: gh-5607
 2018-09-07 08:53:35 -05:00
Rob Winch 89f2874bff ServerOAuth2AuthorizedClientExchangeFilterFunction clientRegistrationId 
You can now provide the clientRegistrationId and
ServerOAuth2AuthorizedClientExchangeFilterFunction will look up the authorized client automatically.

Issue: gh-4921
 2018-09-07 08:52:35 -05:00
Rob Winch 5bcbb1c40f ServerOAuth2AuthorizedClientExchangeFilterFunction uses ServerOAuth2AuthorizedClientRepository 
Issue: gh-4921
 2018-09-07 08:52:18 -05:00
Rob Winch 07b6699fd9 ServerWebExchangeReactorContextWebFilter 
Fixes: gh-5779
 2018-09-07 08:49:27 -05:00
Josh Cummings 65c81ce952
Make JwtReactiveAuthenticationManager final 2018-09-06 13:46:18 -06:00
Joe Grandja 057587ef29 ClientRegistration contains Provider Configuration Metadata 
Fixes gh-5540
 2018-09-05 17:01:23 -04:00
Sola c60fcf263e provide test for custom principal extractor config 
Signed-off-by: Sola <dev@sola.love>
 2018-09-05 15:51:14 -05:00
Sola 2980f96b55 Allow PrincipalExtractor to be customized. 
Signed-off-by: Sola <dev@sola.love>
 2018-09-05 15:51:14 -05:00
Josh Cummings 932ea245fb AuthenticationManager for OAuth2ResourceServerSpec 
This makes the AuthenticationManager used by the OAuth2 Resource
Server configurable, focusing at this point on the Jwt use case.

Fixes: gh-5750
 2018-09-05 09:19:11 -05:00
Joe Grandja dfd572a4d2 Polish 2018-09-05 07:59:00 -05:00
Joe Grandja 3b480a3a05 Provide RestOperations in CustomUserTypesOAuth2UserService 
Fixes gh-5602
 2018-09-05 07:59:00 -05:00
Joe Grandja 4a8c95a3e8 Provide RestOperations in DefaultOAuth2UserService 
Fixes gh-5600
 2018-09-05 07:59:00 -05:00
Josh Cummings 25d1f49d84
Remove Resource Server's Session Policy Config 
Resource Server doesn't need to set the session policy for the
application to STATELESS since it can rely on the
SessionManagementFilter ignoring token's annotated with @Transient,
which a JwtAuthenticationToken is.

Fixes: gh-5759
 2018-09-04 14:55:40 -06:00
Johnny Lim 5141dacd95 Upgrade to Gradle Wrapper 4.10 
Closes gh-5748
 2018-09-04 14:11:15 -05:00
Rob Winch 5dd55d4936 Ensure NamingException.resolvedObj is Serializable 
Fixes: gh-5378
 2018-09-04 11:04:26 -05:00
Josh Cummings 8510e9a285 Reactive Resource Server insufficient_scope 
This introduces an implementation of ServerAccessDeniedHandler that is
compliant with the OAuth 2.0 spec for insufficent_scope errors.

Fixes: gh-5705
 2018-08-31 10:33:11 -05:00
Josh Cummings 1c74706232 Delegating ServerAccessDeniedHandler by exchange 
Fixes: gh-5747
 2018-08-31 10:33:11 -05:00
Joe Grandja 8e615d0fee Re-factor DefaultClientCredentialsTokenResponseClient 
Fixes gh-5735
 2018-08-27 15:10:17 -05:00
Rob Winch 713e1e3356 BearerTokenServerAuthenticationEntryPoint waits for subscriber 
Fixes: gh-5742
 2018-08-27 14:26:45 -05:00
Vedran Pavic 362c2ef1f2 Force snapshot repo in snapshot stage build 2018-08-27 13:35:58 -05:00
Joe Grandja 229b69dd35 Add DefaultAuthorizationCodeTokenResponseClient 
Fixes gh-5547
 2018-08-27 12:44:19 -04:00
Vedran Pavic f7cb53e9bd Upgrade spring-build-conventions to 0.0.18.RELEASE 2018-08-27 10:45:35 -05:00
Vedran Pavic cb0ba58b58 Fix WhitespaceAfterCheck Checkstyle check 2018-08-27 10:45:35 -05:00
Jason Zhekov 439538477a Add missing space in namespace.adoc 2018-08-27 10:43:53 -05:00
Johnny Lim 88181c31f1 Polish ActiveDirectoryLdapAuthenticationProviderTests 
This commit polishes ActiveDirectoryLdapAuthenticationProviderTests.contextEnvironmentPropertiesUsed() by:

- Adding fail() to prevent from going through an unexpected path.
- Asserting that the root cause is an instance of ClassNotFoundException as the current code doesn't seem to right.
 2018-08-26 21:31:39 -05:00
Rob Winch f5ad4ba0fa ServletOAuth2AuthorizedClientExchangeFilterFunction support client_credentials 
Fixes: gh-5639
 2018-08-24 11:33:02 -05:00
Rob Winch 2d497c7b0f Remove OAuth2ExchangeFilterFunctions 
Fixes: gh-5734
 2018-08-24 11:27:59 -05:00
Rob Winch 1640a1f462 Polish ServerAuthenticationConverter 
Fix package tangles

Issue: gh-5338
 2018-08-24 09:44:27 -05:00
Josh Cummings 68d836d508 Reactive Resource Server Csrf Bypass 
This makes requests identified as bearer token requests skip the csrf
filter.

Fixes: gh-5710
 2018-08-24 09:44:01 -05:00
Rob Winch 820fb7d828 Polish formatting ServerHttpSecurity JwtSpec 
Fixes: gh-5728
 2018-08-23 15:12:19 -05:00
Josh Cummings cba2444e1a ServerHttpSecurity ReactiveJwtDecoder discovery 
This makes so that WebFlux OAuth 2.0 Resource Server configuration
will pick up a ReactiveJwtDecoder exposed as a bean.

Fixes: gh-5720
 2018-08-23 15:12:14 -05:00
Josh Cummings 0fdc081ab5 Add unit tests 
Added some unit tests around some untested parts of the code that I
will be touching for this issue.

Issue: gh-5720
 2018-08-23 15:11:40 -05:00
Rob Winch 7c14c6e48f Update to Spring Boot 2.1.0.M2 
Fixes: gh-5727
 2018-08-23 13:00:22 -05:00
Josh Cummings 416a276436
Expose Default Reactive CsrfProtectionMatcher 
Make so that users can augment the default protection logic with
their own.

Fixes: gh-5725
 2018-08-22 13:02:02 -06:00
Rob Winch 4ddaac3b8e Fix settings.gradle on Windows 
Fixes: gh-5724
 2018-08-22 10:21:41 -05:00
Joe Grandja d7bd5c0acc Remove spring.factories from oauth2login-webflux sample 
Fixes gh-5723
 2018-08-22 10:21:36 -04:00
Joe Grandja ff6e1232c8 Flatten HttpSecurity.oauth2() 
Fixes gh-5715
 2018-08-22 05:58:04 -04:00
Joe Grandja 0f89e59707 Simplified oauth2().client() DSL 
Fixes gh-5662
 2018-08-22 04:45:35 -04:00
Rob Winch d7dde707a2 Jenkinsfile uses Spring 5.1.0.BUILD-SNAPSHOT 
Previously 5.+ was used. This caused problems because Spring Framework
does not use semantic versioning for milestone and rc snapshots. For
example, Spring uses 5.1.0.BUILD-SNAPSHOT, 5.1.0.M1, and then goes back
to 5.1.0.BUILD-SNAPSHOT.

Fixes: gh-5721
 2018-08-21 15:59:03 -05:00
Rob Winch 0dc80aed40 Flatten ServerHttpSecurity.oauth2() 
Fixes: gh-5712
 2018-08-21 15:48:41 -05:00
Josh Cummings 59cdfc7d6e ReactiveJwtDecoder via OIDC Provider Configuration 
A reactive static builder for constructing and configuring a
ReactiveJwtDecoder via an issuer that supports the OIDC Provider
Configuration spec.

Fixes: gh-5649
 2018-08-21 15:09:18 -05:00
Josh Cummings 01443e35b4 Reactive Jwt Validation 
This allows a user to customize the Jwt validation steps that
NimbusReactiveJwtDecoder will take for each Jwt.

Fixes: gh-5650
 2018-08-21 15:06:05 -05:00
Rob Winch 53652584b2 ResourceServerSpec->OAuth2ResourceServerSpec 
Fixes: gh-5713
 2018-08-21 14:51:22 -05:00
Joe Grandja c3e19e29b5 Remove authorizationEndpoint.baseUri in OAuth2ClientConfigurer 
Fixes gh-5661
 2018-08-21 15:33:58 -04:00
Josh Cummings b11e9ed317
Fix Javadoc Typo 
NimbusReactiveJwtDecoder incorrectly referred in its class-level doc
as being an implementation of JwtDecoder. This has been corrected to
say ReactiveJwtDecoder.

Fixes: gh-5711
 2018-08-21 12:21:23 -06:00
Rob Winch ec01657625 Polish ActiveDirectoryLdapAuthenticationProvider custom environment 
Fixes: gh-5674
 2018-08-21 12:14:43 -05:00
Yuri Konotopov 669b0ba583 ActiveDirectoryLdapAuthenticationProvider custom environment 
This change allows to inject custom environment properties for directory
context initialization.

Fixes: gh-2312
 2018-08-21 12:14:36 -05:00
Rob Winch f5701b5fe0 Fix OptimizeAntPathRequestMatcher 
Previously the logic for determining if the pathInfo should be appended
was inverted.

This correctly concatenates url + pathInfo if url is a non empty String.

Fixes: gh-5473
 2018-08-21 11:52:55 -05:00
Christoph Dreis 4ccd2f7ebd Optimize AntPathRequestMatcher.getRequestPath() 2018-08-21 11:46:37 -05:00