Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2026-04-19 07:20:25 +00:00
Code Issues Packages Projects Releases Wiki Activity
10,393 Commits 49 Branches 376 Tags
Commit Graph

821 Commits

Author SHA1 Message Date
Marcus Da Coregio
ecbfa84b39 Revert "Disable failing tests until r2dbc-h2 is upgraded" 
This reverts commit 614065bb3b4eaeee5175fbde44bba9fd7f31a316.
 2022-07-13 10:55:12 -03:00
Marcus Da Coregio
8776f66fb9 Update io.r2dbc:r2dbc-h2 to 1.0.0.RC1 
Closes gh-11479
 2022-07-13 10:55:12 -03:00
Steve Riesenberg
614065bb3b
Disable failing tests until r2dbc-h2 is upgraded 
Issue gh-11479
 2022-07-11 10:32:38 -05:00
Rivaldi
757fb38147 Fix typo 
(cherry picked from commit 80c5ec459befd9292e08a43e30f4aae22f39eeed)
 2022-06-27 16:05:50 -06:00
Josh Cummings
a8ab432aea
Add placeholders to reactive post_logout_redirect_uri 
Now also supports baseScheme, baseHost, basePort, and basePath

Issue gh-11229
 2022-06-16 15:58:44 -06:00
Josh Cummings
ebb5746f6e
Reactive OAuth 2.0 logout handler resolves registrationId 
Closes gh-11378
 2022-06-16 15:58:44 -06:00
Josh Cummings
18f7cf5406
Encode postLogoutRedirectUri query params 
Closes gh-11379
 2022-06-16 15:58:43 -06:00
Michael
cb0ab49adc
Add placeholders to post_logout_redirect_uri 
Now supports baseScheme, baseHost, basePort, and basePath in addition
to extant baseUrl.

Closes gh-11229
 2022-06-16 15:58:35 -06:00
Steve Riesenberg
d18291676f
Update copyright year 
Issue gh-11372
 2022-06-15 13:14:07 -05:00
Steve Riesenberg
c7df39a3e6
Fix tests using root cause for exception messages 
Closes gh-11372
 2022-06-14 17:12:15 -05:00
Jyri-Matti Lähteenmäki
ca0a6d9777 Treat URLs as String before equals/hashcode 
java.net.URL performs DNS lookups whenever its equals/hashCode is
used. Thus attribute values of type java.net.URL need to be converted
to something else before they are used for equals/hashCode.

Closes gh-10673
 2022-06-03 11:36:00 -04:00
Kuby
e28fcbfbbe
Change phoneNumberVerified with type Boolean 
Closes: gh-11315
 2022-06-03 10:23:53 -05:00
Marcus Da Coregio
000b87f9aa Revert "Use Spring Framework version 6.0.0-M3" 
This reverts commit b803e845e75da8e8927182dd5cb392bb592d51b6.
 2022-05-11 08:36:14 -03:00
Marcus Da Coregio
806e05855c Replace removed context-related operators 
Closes gh-11194
 2022-05-10 14:58:02 -03:00
Marcus Da Coregio
b803e845e7 Use Spring Framework version 6.0.0-M3 
Closes gh-11193
 2022-05-10 14:49:02 -03:00
Marcus Da Coregio
50f8df6f07 Use HttpStatusCode 
Closes gh-11091
 2022-04-11 09:19:56 -03:00
Marcus Da Coregio
e1f649690b Adapt to changes in R2DBC 2022-04-11 09:19:47 -03:00
Steve Riesenberg
8aa7029d07 Fix checkstyle errors 
Issue gh-10989
 2022-03-18 22:53:29 -05:00
Steve Riesenberg
e81990c44e
Update io.r2dbc to 0.9.1.RELEASE 
Closes gh-10988
 2022-03-18 18:11:49 -05:00
Steve Riesenberg
428216b322 Add support for customizing claims in JWT Client Assertion 
Closes gh-9855
 2022-03-17 09:50:25 -05:00
Joe Grandja
50a3bcf728 Remove unused code 2022-03-17 05:08:39 -04:00
Jánoky László Viktor
a88b8bf980 ClientAuthenticationMethod equals and hashCode is consistent 
Closes gh-10559
 2022-03-17 05:05:47 -04:00
Joe Grandja
54b033078b Allow configuring PKCE for confidential clients 
Closes gh-6548
 2022-03-16 13:36:10 -04:00
Simone Giannino
92a385ed05
OAuth 2.0 logout handler resolves uri placeholders 
- OidcClientInitiatedLogoutSuccessHandler can automatically resolve placeholders like baseUrl and registrationId inside the postLogoutRedirectUri

Closes gh-7900
 2022-03-15 14:05:26 -06:00
Rob Winch
9b380582dc BearerTokenAuthenticationFilter.securityContextRepository 
Issue gh-10953
 2022-03-09 15:47:34 -06:00
Josh Cummings
68e2586f06 Move UnmodifiableMapDeserializer 
Issue gh-10905
 2022-03-01 14:17:17 -07:00
Marcus Da Coregio
d99c08edce Fix failing test in NimbusReactiveJwtDecoderTests 2022-01-17 11:22:05 -03:00
Marcus Da Coregio
e2d1bb6998 Update io.r2dbc to 0.9.0.RELEASE 
Closes gh-10745
 2022-01-17 10:50:47 -03:00
Joe Grandja
525f40490c Allow Jwt assertion to be resolved 
Closes gh-9812
 2022-01-10 10:59:14 -05:00
Jonas Erbe
82426e20e1 Fix JwtClaimValidator wrong error code 
Previously JwtClaimValidator returned the invalid_request error on claim validation failure.
But validators have to return invalid_token errors on failure according to:
https://datatracker.ietf.org/doc/html/rfc6750#section-3.1.
Also see gh-10337

Closes gh-10337
 2021-11-29 12:02:02 -07:00
Marcus Da Coregio
25feedb870 Fix removal of framework deprecated code 
Issue https://github.com/spring-projects/spring-framework/issues/27686
 2021-11-19 13:06:13 -03:00
Dávid Kováč
862122a267 Update clockSkew javadoc according to implementation 
Closes gh-10174
 2021-11-19 08:13:12 +01:00
Khaled Hamlaoui
498636e26b Allow custom OAuth2ErrorHttpMessageConverter with OAuth2ErrorResponseErrorHandler 
Closes gh-10425
 2021-11-16 14:52:08 -06:00
Josh Cummings
2a6e00ceb0 Don't Cache ReactiveJwtDecoders Errors 
Closes gh-10444
 2021-11-10 17:33:03 -07:00
Steve Riesenberg
ea352e1c59 Add missing @since 5.6 2021-11-09 14:02:35 -06:00
Marcus Da Coregio
db60df2f9c Update to Spring Framework 6.0 
Issue gh-10360
 2021-11-01 09:02:42 -03:00
Marcus Da Coregio
010f719344 Upgrade to JDK 17 
Closes gh-10343
 2021-11-01 09:02:42 -03:00
Marcus Da Coregio
560962649e Remove BlockHound dependency 
The dependency is not needed anymore and there is a issue when using OpenJDK 13 or higher https://github.com/reactor/BlockHound/issues/33

Issue gh-10343
 2021-11-01 09:02:42 -03:00
Rob Winch
f836897190 Checkstyle Fixes 
- Javadoc tag ordering
- Private constructors before inner classes

Issue gh-10394
 2021-10-18 21:03:35 -05:00
Rob Winch
0c088e278a Update r2dbc-spi-test to 0.8.6.RELEASE 
Closes gh-10393
 2021-10-18 21:03:12 -05:00
Dávid Kováč
64e9ac995a getClaimAsBoolean() should not be falsy 
Closes gh-10148
 2021-10-14 11:28:09 -05:00
Philipp Neuschwander
6db58cbf8a Conditionally resolve bearer token from request parameters 
Before this commit, the DefaultBearerTokenResolver unconditionally
resolved the request parameters to check whether multiple tokens
are present in the request and reject those requests as invalid.

This commit changes this behaviour to resolve the request parameters
only if parameter token is supported for the specific request
according to spec (RFC 6750).

Closes gh-10326
 2021-10-13 17:10:50 -05:00
Dávid Kováč
0299808b05 Add ClaimAccessor tests 
Add tests for ClaimAccessor#getClaimAsMap and ClaimAccessor#getClaimAsStringList

Issue gh-10117
 2021-10-13 12:53:40 -06:00
Dávid Kováč
125d33e3cf Update JavaDoc according to implementation 
Update ClaimAccessor#getClaimAsMap and ClaimAccessor#getClaimAsStringList
JavaDoc according to the current implementation

Closes gh-10117
 2021-10-13 12:53:40 -06:00
Joe Grandja
e3abaf7999 Add OAuth2ErrorCodes.INVALID_REDIRECT_URI 
Closes gh-10370
 2021-10-13 14:12:44 -04:00
Steve Riesenberg
3b564b2026 Add parameters converter support to AbstractWebClientReactiveOAuth2AccessTokenResponseClient 
This adds support for configuring NimbusJwtClientAuthenticationParametersConverter to any AbstractWebClientReactiveOAuth2AccessTokenResponseClient as an additional parameters converter, which in turns adds reactive support for jwt client authentication.

Closes gh-10146
 2021-10-06 13:09:33 -05:00
Steve Riesenberg
9b24f66f1c Implement reactive support for JWT as an Authorization Grant 
Closes gh-10147
 2021-10-05 16:09:24 -05:00
Marcus Da Coregio
02b2fcc6f0 Restore ManagementConfigurationPlugin 
Issue gh-9615
 2021-10-05 11:23:29 -03:00
Marcus Da Coregio
d2e5f2ae0d Update Gradle to 7.2 
Closes gh-9615
 2021-10-04 15:19:40 -03:00
Josh Cummings
0f8fa36b93 Fix OAuth2 Error Code 
Closes gh-10319
 2021-09-28 13:24:51 -06:00