Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-02-24 07:37:50 +00:00
Code Issues Packages Projects Releases Wiki Activity
7,971 Commits 34 Branches 337 Tags
Commit Graph

7971 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Lars Grefer
d69cd36a97 Update to Gradle 5.6 2019-08-26 14:32:07 -05:00
Eleftheria Stein
323cf9fa92 Polish OAuth2AuthorizedClientResolver 2019-08-26 11:04:19 -04:00
watsta
2c2e8e5f24 Remove internal Optional usage in favor of null checks 
Issue gh-7155
 2019-08-26 09:27:40 -04:00
Ebert Toribio
2c2d3b5d85 Use ConcurrentHashMap in InMemoryReactiveClientRegistrationRepository 
Fixes gh-7299
 2019-08-23 20:12:29 -04:00
Joe Grandja
bc38a4a3cc Provide configurable Clock in OAuth2AuthorizedClientProvider impls 
Fixes gh-7114
 2019-08-23 16:43:32 -04:00
Josh Cummings
052256db0a
Add WebSecurityConfigurerAdapter Doc Detail 
Fixes gh-6809
 2019-08-22 17:56:39 -06:00
Joe Grandja
f0515a021c Polish #7116 2019-08-22 12:01:10 -04:00
Eleftheria Stein
2ddab8b23e Use UserDetailsService bean in sample app 
Fixes: gh-7283
 2019-08-22 10:06:56 -04:00
Joe Grandja
46756d2e6b Introduce Reactive OAuth2AuthorizedClient Manager/Provider 
Fixes gh-7116
 2019-08-21 14:12:38 -04:00
Rob Winch
a377581951 Fix WebClient Memory Leaks 
WebClient exchange requires that the body is consumed. Before this commit
there were places where an Exception was thrown without consuming the body
if the status was not successful. There was also the potential for the
statusCode invocation to throw an Exception of the status code was not
defined which would cause a leak.

This commit ensures that before the Exception is thrown the body is
consumed. It also uses the http status in a way that will ensure an
Exception is not thrown.

Fixes gh-7293
 2019-08-21 12:46:11 -05:00
Angel Aguilera
11f423511d Add Catalan localization messages 2019-08-21 10:14:29 -05:00
Josh Cummings
0209fbad08 Multiple JWS Algorithms 
Fixes: gh-6883
 2019-08-20 14:19:59 -04:00
Daniel Wegener
1a233a58c7 Add OnCommittedResponseWrapper.setContentLengthLong 
Add setContentLengthLong tracking to OnCommittedResponseWrapper in
order to detect commits on servlets that use setContentLengthLong to
announce the entity size they are about to write (as used in the
Apache Tomcat's DefaultServlet).

Fixes gh-7261
 2019-08-19 21:14:41 -04:00
Andreas Falk
766c4434d4 Improve test coverage of JwtGrantedAuthoritiesConverter 
Some negative test cases were missing. Added these to have
full test coverage for JwtGrantedAuthoritiesConverter.
 2019-08-19 21:14:07 -04:00
Andreas Falk
0a058c973a Add setter for authorities claim name in JwtGrantedAuthoritiesConverter 
Prior to this change authorities are always mapped using well known
claim names ('scope' or 'scp'). To change this default behaviour the
converter had to be replaced completely with a custom one.
This commit adds an additional setter to configure a custom
claim name like e.g. 'roles'. Without specifying a custom claim name
the default claims to be used still remains to the well known ones.
This way the authorities can be mapped according to customized
token claims.

Fixes gh-7100
 2019-08-19 21:14:07 -04:00
Josh Cummings
95caa4715f
Add Reactive Mock Jwt Sample Tests 
Fixes gh-7278
 2019-08-19 13:14:58 -06:00
Hideaki Matsunami
712dfbdabd Fix typo in docs 2019-08-19 12:53:54 -05:00
John Lin
9876b66f99
Polish GlobalMethodSecurityConfiguration 
Initialize ExpressionBasedPreInvocationAdvice for
PreInvocationAuthorizationAdviceVoter only when needed.
 2019-08-17 16:35:30 -06:00
Josh Cummings
aa026f8526
Nimbus JWK Set Builders Take SignatureAlgorithm 
Fixes gh-7270
 2019-08-17 01:10:12 -06:00
Josh Cummings
10a9207cd5
Pivot Resource Server Sample 
Changed sample to manage its own JwtDecoder, allowing the Nimbus
Jwt Decoder Builder API to evolve during milestone development.
 2019-08-17 00:26:39 -06:00
Josh Cummings
0ecffb0840
Multi-tenancy Sample AuthenticationManagers 
Fixes gh-7272
 2019-08-17 00:26:39 -06:00
Josh Cummings
efe8205985
Revert "Nimbus JWK Set Configs Take SignatureAlgorithm" 
This reverts commit 9617ff60542d91d63bf6e2713300392a920c0b54.
 2019-08-16 17:33:09 -06:00
Josh Cummings
9617ff6054
Nimbus JWK Set Configs Take SignatureAlgorithm 
Fixes gh-7270
 2019-08-16 14:49:19 -06:00
Rob Winch
9d63c36f93 Fix JDK 10+ 
Issue gh-7265
 2019-08-16 11:13:11 -05:00
Rob Winch
0c6bff4afb SecurityMockMvcConfigurer Honors Filter Order 
Fixes gh-7265
 2019-08-16 09:24:33 -05:00
Rob Winch
4166c6e493 Fix UserDetailsPasswordService Checkstyle 
Issue gh-7266
 2019-08-16 06:46:09 -05:00
Michael J. Simons
5903f2dd9b Fix UserDetailsPasswordService JavaDoc 
* Fix typo
* Clarify that `newPassword` is already an encoded password
 2019-08-16 06:45:28 -05:00
Eleftheria Stein
4bc231872f Expire as many sessions as exceed maximum allowed 
Fixes: gh-7166
 2019-08-15 09:48:42 -05:00
Rob Winch
71444ff5dc RequestCache ignores multipart requests 
Fixes gh-7060
 2019-08-15 09:21:41 -05:00
Rob Winch
08ea2348d6 Polish RequestCache ignores multipart requests 2019-08-15 09:20:45 -05:00
Ahmed Sayed
1ab05dae02 added test 2019-08-14 21:35:34 +02:00
Josh Cummings
9735a718cc
Remove MultiTenantAuthenticationManagerResolver 
Fixes gh-7259
 2019-08-14 11:14:47 -06:00
Andreas Falk
b45e57cc40 Add setter for authority prefix in JwtGrantedAuthoritiesConverter 
Prior to this change mapped authorities are always prefixed
with default value 'SCOPE_'. To change this default behaviour the
converter had to be replaced completely with a custom one.
This commit adds an additional setter to configure a custom
authority prefix like e.g. 'ROLE_'. Without specifying a custom prefix
the default prefix still remains 'SCOPE_'.
This way existing authorization checks using the standard 'ROLE_'
prefix can be reused without lots of effort.

Fixes gh-7101
 2019-08-14 11:25:42 -04:00
Rob Winch
abc90280e0
Add unbounid support in xml 
Add unbounid support in xml

Fixes gh-6011
 2019-08-14 10:05:49 -05:00
Eleftheria Stein
f396e0197e Fix websocket configuration documentation 
Fixes: gh-4845
 2019-08-14 10:24:59 -04:00
Lars Grefer
cb4f3d2f44 Use UTF-8 for Java sources and XML 2019-08-14 08:47:00 -05:00
Lars Grefer
1048601f3d Use correct encoding for compilation 2019-08-14 08:47:00 -05:00
Eddú Meléndez
2e63def05b Add tests 2019-08-14 00:56:26 -05:00
Eddú Meléndez
93142f3e30 Remove unboundid dependency 2019-08-13 20:39:25 -05:00
Eddú Meléndez
c03fb701ce Improve logic to pick embedded server 2019-08-13 20:36:46 -05:00
Eddú Meléndez
3511c0ea4f Update xsd 2019-08-13 20:17:51 -05:00
Lars Grefer
ee9a3a2fa8 Prevent IntelliJ IDEA from generating spaces for indentation 2019-08-13 13:43:44 -05:00
Josh Cummings
4ed197e515 Rename OAuth2TokenIntrospectionClient 
Renamed to OpaqueTokenIntrospector

Fixes gh-7245
 2019-08-12 18:05:28 -04:00
Rob Winch
cfef52f50c Revert OpenJDK for Jenkinsfile 
Unable to download the openjdk installations that are setup
 2019-08-12 14:28:57 -05:00
Rob Winch
39d2b32603 Polish io.freefair.aspectj Usage 
Consistent aspectj version throughout
 2019-08-12 14:19:50 -05:00
Rob Winch
caeae6aa5b Jenkinsfile use jdk8 
Jenkins does not have openjdk8 defined
 2019-08-12 13:48:00 -05:00
Rob Winch
cd79818454 Jenkins use openjdk 2019-08-12 13:37:43 -05:00
Rob Winch
c1db1aad91
Cleanup Code Style Issues 
Cleanup Code Style Issues
 2019-08-12 13:06:49 -05:00
Lars Grefer
a51318eb95 Use the 'io.freefair.aspectj' gradle plugin 2019-08-12 11:46:28 -05:00
Lars Grefer
ec6ca97226 Fix tests 2019-08-11 21:09:10 +02:00