12867 Commits

Author SHA1 Message Date
Eleftheria Stein
e74ae71382 Update to Jetty 9.4.44.v20210927
Closes gh-10378
2021-10-14 10:55:36 +02:00
Eleftheria Stein
302da19708 Update to embedded Tomcat websocket 8.5.72
Closes gh-10379
2021-10-14 10:55:13 +02:00
Eleftheria Stein
30fbc269b9 Upgrade Reactor to Dysprosium-SR24
Closes gh-10374
2021-10-14 10:54:49 +02:00
Eleftheria Stein
27866fb767 Update to nohttp 0.0.10
Closes gh-10377
2021-10-14 10:54:23 +02:00
Eleftheria Stein
006fa5ed70 Upgrade to embedded Apache Tomcat 9.0.54
Closes gh-10376
2021-10-14 10:33:56 +02:00
Philipp Neuschwander
6db58cbf8a Conditionally resolve bearer token from request parameters
Before this commit, the DefaultBearerTokenResolver unconditionally
resolved the request parameters to check whether multiple tokens
are present in the request and reject those requests as invalid.

This commit changes this behaviour to resolve the request parameters
only if parameter token is supported for the specific request
according to spec (RFC 6750).

Closes gh-10326
2021-10-13 17:10:50 -05:00
Emil Sierżęga
37ccf3c18c Fixed link in .editorconfig 2021-10-13 15:38:01 -06:00
Emil Sierżęga
1a3e80506c Fixed link in .editorconfig 2021-10-13 15:37:32 -06:00
Emil Sierżęga
88c64b3b7b Fixed link in .editorconfig 2021-10-13 15:36:10 -06:00
Dávid Kováč
eb0597154d Update JavaDoc according to implementation
Update ClaimAccessor#getClaimAsMap and ClaimAccessor#getClaimAsStringList
JavaDoc according to the current implementation

Closes gh-10117
2021-10-13 13:13:44 -06:00
Dávid Kováč
0299808b05 Add ClaimAccessor tests
Add tests for ClaimAccessor#getClaimAsMap and ClaimAccessor#getClaimAsStringList

Issue gh-10117
2021-10-13 12:53:40 -06:00
Dávid Kováč
125d33e3cf Update JavaDoc according to implementation
Update ClaimAccessor#getClaimAsMap and ClaimAccessor#getClaimAsStringList
JavaDoc according to the current implementation

Closes gh-10117
2021-10-13 12:53:40 -06:00
Joe Grandja
e3abaf7999 Add OAuth2ErrorCodes.INVALID_REDIRECT_URI
Closes gh-10370
2021-10-13 14:12:44 -04:00
Gaurav Tiwari
33708e61fb Add postProcess support to Saml2LogoutConfigurer
Closes gh-10311
2021-10-13 12:05:48 -06:00
Josh Cummings
fbb7691be4 Polish SecurityNamespaceHandler Tests
Issue gh-8974
2021-10-13 11:50:14 -06:00
Emil Sierżęga
8daa6ec1fd SecurityNamespaceHandler: update schema version to 5.6
Closes gh-8974
2021-10-13 11:49:57 -06:00
Josh Cummings
97dfabe92e Polish SecurityNamespaceHandler Tests
Issue gh-8974
2021-10-13 11:37:06 -06:00
Emil Sierżęga
944463e19a SecurityNamespaceHandler: update schema version to 5.5
Closes gh-8974
2021-10-13 11:35:25 -06:00
Steve Riesenberg
00f466a431 Update What's New in 5.6 2021-10-13 12:06:47 -05:00
Eleftheria Stein
ba8844a67e Deprecate Kotlin methods that don't use reified types
Closes gh-10365
2021-10-13 10:16:37 +02:00
Josh Cummings
7b98c2ea95 Restructure SwitchUserFilter Logs
Issue gh-6311
2021-10-12 13:32:29 -06:00
Marcus Da Coregio
77399ee2b0 Deprecate remoting technologies support
Closes gh-10361
2021-10-12 14:59:37 -03:00
Marcus Da Coregio
86c24da38b Improve Method Security logging
Closes gh-10247
2021-10-08 14:22:09 -03:00
Marcus Da Coregio
ef01124eb9 Add reasons to AuthorizationDecisions
Closes gh-9287
2021-10-08 14:22:09 -03:00
Marcus Da Coregio
570092c467 Remove trace logs for PrePostAnnotationSecurityMetadataSource
Those logs were producing too much noise on the console without adding much value.

Issue gh-10247
2021-10-08 14:22:09 -03:00
Steve Riesenberg
3b564b2026 Add parameters converter support to AbstractWebClientReactiveOAuth2AccessTokenResponseClient
This adds support for configuring NimbusJwtClientAuthenticationParametersConverter to any AbstractWebClientReactiveOAuth2AccessTokenResponseClient as an additional parameters converter, which in turns adds reactive support for jwt client authentication.

Closes gh-10146
2021-10-06 13:09:33 -05:00
Alexander Schwartz
f561499683 Fix Antora cross-references that lead to other pages.
Also using AsciiDoc style listings instead of Markdown style listings, and using explicit section IDs on all cross-references.
2021-10-06 09:53:15 -06:00
Steve Riesenberg
9b24f66f1c Implement reactive support for JWT as an Authorization Grant
Closes gh-10147
2021-10-05 16:09:24 -05:00
Marcus Da Coregio
f45b990b4b Allow SAML 2.0 loginProcessingURL without registrationId
Closes gh-10176
2021-10-05 13:30:20 -03:00
Marcus Da Coregio
816e847af2 Allow SAML 2.0 loginProcessingURL without registrationId
Closes gh-10176
2021-10-05 12:54:39 -03:00
Marcus Da Coregio
02b2fcc6f0 Restore ManagementConfigurationPlugin
Issue gh-9615
2021-10-05 11:23:29 -03:00
Marcus Da Coregio
e2e93887af Update JFrog Build Info plugin
Issue gh-9615
2021-10-04 16:01:40 -03:00
Marcus Da Coregio
d2e5f2ae0d Update Gradle to 7.2
Closes gh-9615
2021-10-04 15:19:40 -03:00
Eleftheria Stein
7d81a52780 Allow AuthenticationPrincipal argument type to be primitive
Closes gh-10172
2021-10-04 16:22:21 +02:00
Marcus Da Coregio
7112ee3eaa Allow SAML 2.0 loginProcessingURL without registrationId
Closes gh-10176
2021-10-04 09:54:40 -03:00
Alexander Furer
8c74d6cea5 Fix isAssignable order
Closes gh-10236
2021-09-30 13:56:37 -06:00
Marcus Da Coregio
e36e2b2a97 Move Saml2AuthnRequestRepository to web package
Moving to solve package tangles

Issue gh-9185
2021-09-29 14:10:39 -03:00
Josh Cummings
dc95d8d705 Fix OAuth2 Error Code
Closes gh-10319
2021-09-28 15:23:53 -06:00
Josh Cummings
4df9b4547f Fix OAuth2 Error Code
Closes gh-10319
2021-09-28 14:56:25 -06:00
Josh Cummings
1f919bc791 Fix OAuth2 Error Code
Closes gh-10319
2021-09-28 14:55:37 -06:00
Rob Winch
cff0bde1a3 GitHub Actions uses spring-builds+github user
This is more clear than spring-builds user
2021-09-28 15:09:03 -05:00
Rob Winch
cae8990046 GitHub Actions uses spring-builds+github 2021-09-28 15:08:55 -05:00
Josh Cummings
0f8fa36b93 Fix OAuth2 Error Code
Closes gh-10319
2021-09-28 13:24:51 -06:00
Darren Forsythe
5556b821e3 Check for multiple access tokens per rfc 6750
Check for multiple access tokens on the ServerHttpRequest rather than get get first. If multiples are found throw a OAuth2AuthenticationException.

Closes gh-5708
2021-09-28 08:07:06 -06:00
Josh Cummings
770c57ecc9 Add Structure101 to CI Build
Closes gh-6236
2021-09-27 16:23:19 -06:00
Josh Cummings
64f0102425 Establish Structure101 Baseline
Issue gh-6236
2021-09-27 16:06:43 -06:00
Josh Cummings
4272889dc8 Install Structure101 Plugin
Issue gh-6236
2021-09-27 14:56:03 -06:00
Josh Cummings
6978f51f19 Structure101 Build Plugin
Issue gh-6236
2021-09-27 14:56:03 -06:00
Rob Winch
f6f351f419 Remove Unsupported JDKs
The JDKs 9 and 10 are no longer supported by Oracle and the
CAs are not up to date, so removing from the build.

18:13:02  * What went wrong:
18:13:02  Execution failed for task ':buildSrc:compileJava'.
18:13:02  > Could not resolve all files for configuration ':buildSrc:compileClasspath'.
18:13:02     > Could not resolve com.thaiopensource:trang:20091111.
18:13:02       Required by:
18:13:02           project :buildSrc
18:13:02        > Could not resolve com.thaiopensource:trang:20091111.
18:13:02           > Could not get resource 'https://repo.maven.apache.org/maven2/com/thaiopensource/trang/20091111/trang-20091111.pom'.
18:13:02              > Could not GET 'https://repo.maven.apache.org/maven2/com/thaiopensource/trang/20091111/trang-20091111.pom'.
18:13:02                 > sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
18:13:02     > Could not resolve net.sourceforge.saxon:saxon:9.1.0.8.
18:13:02       Required by:
18:13:02           project :buildSrc
18:13:02        > Could not resolve net.sourceforge.saxon:saxon:9.1.0.8.
18:13:02           > Could not get resource 'https://repo.maven.apache.org/maven2/net/sourceforge/saxon/saxon/9.1.0.8/saxon-9.1.0.8.pom'.
18:13:02              > Could not GET 'https://repo.maven.apache.org/maven2/net/sourceforge/saxon/saxon/9.1.0.8/saxon-9.1.0.8.pom'.
18:13:02                 > sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to request
2021-09-27 14:23:18 -05:00
Rob Winch
b57caf22af Use GH_ACTIONS_REPO_TOKEN 2021-09-27 13:29:29 -05:00