Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2026-02-25 14:45:14 +00:00
Code Issues Packages Projects Releases Wiki Activity
20,324 Commits 51 Branches 373 Tags
Commit Graph

230 Commits

Author SHA1 Message Date
Josh Cummings
410812c5bc Reduce Diff Size 
This commit reorders the originally changed boolean logic so that it returns
false early, as it did before. This allows the change to remain small and also
keeps the most complex logical statements outside of the if statement.

Signed-off-by: Josh Cummings <3627351+jzheaux@users.noreply.github.com>
 2026-02-17 16:59:55 -07:00
Tran Ngoc Nhan
17933ddab3 Resolve feedback 
Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
 2026-02-17 16:59:55 -07:00
Tran Ngoc Nhan
9323775c5f Update javadoc and apply StringUtils#hasLength 
Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
 2026-02-17 16:59:55 -07:00
Tran Ngoc Nhan
4cc5f543ab Add author 
Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
 2026-02-17 16:59:55 -07:00
Tran Ngoc Nhan
21bef947b0 Use String#isEmpty 
Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
 2026-02-17 16:59:55 -07:00
Jeongwon Been
d07d3a13d1 Fix Javadoc warnings in Argon2PasswordEncoder 
Wrap bit-shift expressions in {@code ...} so that Javadoc does not parse
'<' as HTML and emit invalid input warnings.

Signed-off-by: Jeongwon Been <congcoding@gmail.com>
 2026-01-21 16:41:34 -06:00
Robert Winch
7ca0f7723e Fix checkstyle 2026-01-12 16:28:22 -06:00
Stefano Cordio
a612522ecd Add nullability contract to PasswordEncoder#encode 
Signed-off-by: Stefano Cordio <stefano.cordio@gmail.com>
 2026-01-12 16:28:22 -06:00
Robert Winch
a32d9f04e3
Revert "Use project.artifactory(Username|Password)" 
This reverts commit 9c449000dc0508457d0e4392a46e8ca731ada0fa.
 2026-01-12 16:04:56 -06:00
Robert Winch
9c449000dc
Use project.artifactory(Username|Password) 2026-01-12 15:48:47 -06:00
Josh Cummings
63f28a7e1f Merge branch '6.5.x' 2025-11-04 14:04:56 -07:00
Josh Cummings
f988272fff Merge branch '6.4.x' into 6.5.x 2025-11-04 14:04:29 -07:00
Josh Cummings
532d0bef14 Add Test to Confirm 72-byte BCrypt Password Limit 
Closes gh-18133
 2025-11-04 14:04:02 -07:00
Mehrdad
2d74f9c334 Create a specific implementation for BalloonHashing and PBKDF2 password encoders using Password4j library 
Closes gh-17706

Signed-off-by: Mehrdad <mehrdad.bozorgmehr@gmail.com>
Signed-off-by: M.Bozorgmehr <mehrdad.bozorgmehr@gmail.com>
 2025-09-13 09:27:41 +03:30
Mehrdad
8c2ad4e4d1 Add Argon2 and BCrypt and Scrypt password encoders using Password4j library 
Closes gh-17706

Signed-off-by: Mehrdad <mehrdad.bozorgmehr@gmail.com>
Signed-off-by: M.Bozorgmehr <mehrdad.bozorgmehr@gmail.com>
 2025-09-13 09:27:41 +03:30
M.Bozorgmehr
9f5d27e8d0 Refactor Password4jPasswordEncoder to use AlgorithmFinder for algorithm selection and enhance documentation 
Closes gh-17706

Signed-off-by: M.Bozorgmehr <mehrdad.bozorgmehr@gmail.com>
Signed-off-by: Mehrdad <mehrdad.bozorgmehr@gmail.com>
Signed-off-by: M.Bozorgmehr <mehrdad.bozorgmehr@gmail.com>
 2025-09-13 09:27:40 +03:30
M.Bozorgmehr
bd593a63d0 Refactor Password4jPasswordEncoder to use AlgorithmFinder for algorithm selection and enhance documentation 
Closes gh-17706

Signed-off-by: M.Bozorgmehr <mehrdad.bozorgmehr@gmail.com>

Add Password4jPasswordEncoder for enhanced password hashing support

Signed-off-by: M.Bozorgmehr <m.bozorgmehr@emofid.com>
Signed-off-by: M.Bozorgmehr <mehrdad.bozorgmehr@gmail.com>

Add Password4jPasswordEncoder for enhanced password hashing support

Signed-off-by: M.Bozorgmehr <mehrdad.bozorgmehr@gmail.com>
Signed-off-by: Mehrdad <mehrdad.bozorgmehr@gmail.com>
Signed-off-by: M.Bozorgmehr <mehrdad.bozorgmehr@gmail.com>
 2025-09-13 09:27:40 +03:30
Rob Winch
f6cb0bd610
Merge Use 2004-present Copyright Header 
The original merge into main did not apply the changes. This fixes it.
Closes gh-17635
 2025-07-29 10:52:42 -05:00
Rob Winch
2fdca16c1a
Merge branch '6.4.x' into 6.5.x 
Closes gh-17634
 2025-07-29 09:47:52 -05:00
Rob Winch
392129b616
Use 2004-present Copyright Header 
The Spring portfolio is changing to use <inception-year>-present in
the copyright headers to simplify keeping headers up to date. This
commit updates the headers and the checkstyle accordingly.

The commit updated etc/checkstyle/header.txt

It also updated the copyright headers using the following find/replace:

Find: (Copyright \d{4})\s*(\-\d{4})? the original author or authors.
Replace: Copyright 2004-present the original author or authors.

Closes gh-17633
 2025-07-29 09:45:23 -05:00
Rob Winch
7c887d2da1
Add nullability to spring-security-core 
Closes gh-17534
 2025-07-22 16:29:13 -05:00
Rob Winch
9db1ffbd79
Add Nullability to spring-security-crypto 
Closes gh-17533
 2025-07-22 16:29:13 -05:00
Soumik Sarker
2f53a2edb3 Removed deprecated Base64 of crypto package 
Signed-off-by: Soumik Sarker <ronodhirsoumik@gmail.com>
 2025-06-27 14:24:54 -05:00
Andrey Litvitski
3b492a9628 remove 32-byte minimum keyLength restriction in Base64StringKeyGenerator (#17012) 
Signed-off-by: Andrey Litvitski <andrey1010102008@gmail.com>
 2025-05-14 11:41:30 -05:00
Rob Winch
d52289bd7a Remove Unnecessary Backwards Compatability 
Since this is going to be merged into Spring Security 7 (a major release) and AESFastEngine is deprecated,
we should no longer support it (as it will likely be removed from Bouncy Castle)
 2025-05-07 11:19:27 -05:00
Steve Riesenberg
5eb232cd3d Polish gh-16164 2025-05-07 11:19:27 -05:00
Ferdinand Jacobs
2b22cf2877 Replace BouncyCastle's deprecated AESFastEngine with the default AESEngine 
- Update AESEngine to use the default AES engine, following BouncyCastle's recommendations
  (see release-1-56 of changelog: https://www.bouncycastle.org/download/bouncy-castle-java/?filter=java%3Drelease-1-56).
- Migrate to the latest API 'newInstance()' method to allow removal of @SuppressWarnings("deprecation")
- Remove @SuppressWarnings("deprecation")
 2025-05-07 11:19:27 -05:00
Josh Cummings
eda9142b6b
Merge branch '6.4.x' 2025-04-28 11:13:50 -06:00
Josh Cummings
e6957bb854
Merge branch '6.3.x' into 6.4.x 2025-04-28 11:13:09 -06:00
Josh Cummings
547d174f3e Fix Formatting 2025-04-24 10:43:03 -06:00
Roman Trapickin
d2d1275b39 Fix IllegalArgumentException message for unknown Argon2 types 
Array index 0 points to an empty string. Use index 1 instead.

Signed-off-by: Roman Trapickin <8594293+rntrp@users.noreply.github.com>
 2025-04-24 10:43:03 -06:00
Joe Grandja
ef4479a554 Merge branch '6.4.x' 2025-04-17 05:31:29 -04:00
Joe Grandja
cb60d8b3ed Merge branch '6.3.x' into 6.4.x 
Closes gh-16951
 2025-04-17 05:17:38 -04:00
Joe Grandja
c1aa99fdd2 Enforce BCrypt password length for new passwords only 
Closes gh-16802
 2025-04-17 04:53:33 -04:00
James Howe
8d7f6acab6 Typo in Base64StringKeyGenerator exception message 
Signed-off-by: James Howe <675056+OrangeDog@users.noreply.github.com>
 2025-04-08 09:56:14 -06:00
Joe Grandja
b97b555fde Merge branch '6.4.x' 2025-03-17 14:05:46 -04:00
Joe Grandja
806a0474f4 Merge branch '6.3.x' into 6.4.x 2025-03-17 13:52:36 -04:00
Joe Grandja
46f0dc6dfc Enforce BCrypt password length 2025-03-17 13:23:27 -04:00
Christian
b56650100a
Removes the use of StringUtils from DelegatingPasswordEncoder 
Closes gh-16442

Signed-off-by: Christian Hösel <ChristianHoesel@users.noreply.github.com>
 2025-01-31 15:43:24 -06:00
Josh Cummings
244fd2eb51
Support Serialization in Exceptions 
Issue gh-16276
 2025-01-14 18:37:53 -07:00
Joe Grandja
c2cfe92a02 Merge branch '6.3.x' 2024-11-18 05:16:16 -05:00
Joe Grandja
709103e38c Merge branch '6.2.x' into 6.3.x 2024-11-18 04:45:38 -05:00
Joe Grandja
a8c4d6cead Require Locale argument for toLower/toUpperCase usage 2024-11-18 04:22:26 -05:00
Jonny Coddington
b90851d968 Improve Error Messages for PasswordEncoder 
Closes gh-14880

Signed-off-by: Jonny Coddington <bottlerocketjonny@protonmail.com>
 2024-09-17 14:16:08 -07:00
Marcus Hert Da Coregio
08f11f06ab Revert unnecessary commits from main 
Issue gh-15016
 2024-05-08 13:49:18 -03:00
Josh Cummings
9d486ee4f4
Merge branch '6.1.x' into 6.2.x 2024-04-26 17:21:14 -06:00
Josh Cummings
1b8cf6cc55
Merge branch '5.8.x' into 6.1.x 2024-04-26 17:21:06 -06:00
Josh Cummings
e5ee45d568
Fix Import Error 
Issue gh-14880
 2024-04-26 17:20:53 -06:00
Josh Cummings
e7610027ae
Merge branch '6.1.x' into 6.2.x 
Closes gh-14974
 2024-04-26 17:13:52 -06:00
Josh Cummings
38ae090d3d
Merge branch '5.8.x' into 6.1.x 
Closes gh-14973
 2024-04-26 17:13:39 -06:00