9c0f2cc281
AccessDeniedConfigTests groovy->java
...
Issue: gh-4939
2018-04-24 08:11:47 -06:00
7daa27874e
Merge pull request #5247 from jzheaux/gh-5242
...
Remove Default URLs and Parameters Commentary
2018-04-19 10:34:16 -06:00
f8247fa346
Remove Default URLs and Parameters Commentary
...
This paragraph was originally there to explain why Spring Security was
moving from the old default URLs and parameters to new ones.
Now that the defaults are the same in XML and well as Java Config, the
explanation is now no longer relevant.
Fixes: gh-5242
2018-04-19 08:53:23 -06:00
afdefe7b13
Fixes: gh-5190
2018-04-16 17:52:27 -05:00
6095340e93
OAuth2AuthorizationRequestRedirectFilter -> Reuse code for baseUrl
...
Fixes gh-5153
2018-04-09 21:11:00 -04:00
d8f91e4261
Fix NPE with exp claim in NimbusJwtDecoderJwkSupport
...
Fixes gh-5168
2018-04-04 07:58:32 -04:00
2bd31c96ed
ClaimAccessor.getClaimAsInstant() converts Long or Date
...
Fixes gh-5191, Fixes gh-5192
2018-04-03 21:14:25 -04:00
d4e459874a
Fix SecuredAnnotationSecurityMetadataSourceTests -> Related SPR-16677
2018-04-03 11:38:37 -04:00
526e0fdd4f
Add OAuth2 Client HandlerMethodArgumentResolver
...
Fixes gh-4651
2018-04-02 12:13:52 -04:00
982fc360b2
Add support for authorization_code grant
...
Fixes gh-4928
2018-04-02 12:13:06 -04:00
8fbec3f0f1
Polish NegatedServerWebExchangeMatcher
...
Issue: gh-5170
2018-03-29 21:17:40 -05:00
d83b67e4cb
Add NegatedServerWebExchangeMatcher
...
Fixes: gh-5170
2018-03-29 21:16:11 -05:00
234c20eb30
Polish XsdDocumentedTests
...
- NicerNoce->XmlNode
- NicerXmlSupport->XmlSupport
- NicerXmlParser->XmlParser
Issue: gh-4939
2018-03-29 16:36:41 -05:00
0c0abea3ad
XsdDocumentedTests groovy->java
...
Groovy has more extensive support for Xml parsing via XmlSlurper.
To replace it, this conversion also introduces a SAX wrapper,
NicerXmlParser, and a companion Node wrapper, NicerNode, that
allowed for less modification of the converted tests.
Issue: gh-4939
2018-03-29 16:36:41 -05:00
fb7394c1de
Polish Javadoc
...
Fixes: gh-5186
2018-03-29 15:33:57 -05:00
6e1e977778
Polish HeadersSpec
...
Fixes: gh-5187
2018-03-29 15:33:57 -05:00
9b692b9616
Update to mockito 2.17.0
...
Fixes: gh-5181
2018-03-28 14:57:12 -05:00
ffbc1f1e93
Update to hibernate-validator:6.0.9.Final
...
Fixes: gh-5180
2018-03-28 14:57:12 -05:00
6d9e9007f6
Update to hibernate-entitymanager:5.2.16.Final
...
Fixes: gh-5178
2018-03-28 14:57:12 -05:00
a006ac3bb0
Update to assertj 2.9.1
...
Fixes: gh-5177
2018-03-28 14:57:12 -05:00
692f2d343b
Update to thymeleaf-layout-dialect:2.3.0
...
Fixes: gh-5176
2018-03-28 14:57:12 -05:00
b48972cf79
Update to unbounded 4.0.5
...
Fixes: gh-5175
2018-03-28 14:57:10 -05:00
2ad90b95e1
Update to oauth2-oidc-sdk:5.57
...
Fixes: gh-5179
2018-03-28 14:55:04 -05:00
453fb24ef1
Update to nimbus-jose-jwt:5.9
...
Fixes: gh-5174
2018-03-28 14:55:04 -05:00
2ab18baa09
Update to appengine 1.9.63
...
Fixes: gh-5173
2018-03-28 14:55:04 -05:00
c0f52f73bb
Update to Jackson 2.9.5
...
Fixes: gh-5172
2018-03-28 14:55:04 -05:00
512fcf6094
Update mockwebserver 3.10.0
...
Fixes: gh-5171
2018-03-28 14:55:04 -05:00
7a204a5f58
Fixes for SPR-16624
...
Fixes: gh-5164
2018-03-27 22:35:08 -05:00
ce2f669245
Remove state assertion when loading OAuth2AuthorizationRequest
...
Fixes gh-5163
2018-03-27 20:06:30 -04:00
ec46b7dbe1
WebSocketMessageBrokerConfigTests groovy->java
...
Of note is that this commit unrolls three Spock @Unroll-parameterized
tests into a separate test for each parameter.
Issue: gh-4939
2018-03-27 12:38:06 -05:00
3c07d99b0a
Close quoted expected path in log when matching
2018-03-27 11:14:14 -05:00
d20ed9f5c9
Fix @since for StrictHttpFirewall
2018-03-27 11:01:26 -05:00
d07cfe655d
Use Supplier variants of Assert methods
2018-03-27 10:58:55 -05:00
7d4e7bf42d
Add JDK 10 & 11 Builds
...
Issue: gh-5160
2018-03-27 09:38:04 -05:00
b1d013e8f0
Fix JDK 9
...
Issue: gh-5160
2018-03-27 09:30:56 -05:00
6f6aadbcff
Add JDK 9 Build
...
Issue: gh-5160
2018-03-26 16:50:46 -05:00
0e37c0912e
Update User.java
...
fixed a typo; replaced "User.witUsername("user")" with "User.withUsername("user")"
2018-03-22 08:19:44 -05:00
bb15213091
Ensure consistency by using Collection<GrantedAuthority> type
...
Fixes gh-5143
2018-03-21 10:35:18 -04:00
90f9d728cd
Allow extension for OAuth2Error
...
Fixes gh-5148
2018-03-21 10:04:57 -04:00
e4255c9793
Add Security Vulnerabilities
2018-03-20 22:42:46 -05:00
332c395875
Add Security Vulnerabilities Location
2018-03-20 22:42:15 -05:00
bf41d48718
HttpSessionOAuth2AuthorizationRequestRepository support distributed HttpSession
...
Previously HttpSessionOAuth2AuthorizationRequestRepository
getAuthorizationRequest attempted to update the state of HttpSession as
well as getting the Map of OAuth2AuthorizationRequest. This had a few
problems
- First it was confusing that a get method updated state
- It worked when the session was in memory, but would not work when the
HttpSesson was persisted to an external store (i.e. Spring Session) since
after updating the Map, there was no invocation to update
This commit cleans up the logic and ensures that the values are explicitly
set in the HttpSession so it works with a session persisted in an external
store.
Fixes: gh-5146
2018-03-20 22:14:48 -05:00
04e2e86e6e
Polish HttpSessionOAuth2AuthorizationRequestRepositoryTests
...
Fixes: gh-5147
2018-03-20 22:14:48 -05:00
59cef7d339
HttpSessionOAuth2AuthorizationRequestRepository handle multiple OAuth2AuthorizationRequest per session
...
Fixes gh-5110
2018-03-20 22:14:48 -05:00
7e6ed52603
CookieClearingLogoutHandler adds uses contextPath + "/"
...
Fixes: gh-2325
2018-03-19 16:51:22 -05:00
018ab7d92c
Fix Javadoc Typo uses->use
...
Issue: gh-5113
2018-03-19 15:36:31 -05:00
01152ede41
Clarify HttpSecurity.registerFilterAt
...
Fixes: gh-5113
2018-03-19 14:41:03 -05:00
1851aaa66d
Fix ReactorContextTestExecutionListener with custom SecurityContext
...
Fixes: gh-5137
2018-03-19 09:29:27 -05:00
76e36bd06e
fix Mock Authentication resolution
2018-03-19 09:16:55 -05:00
b640d84b12
Improve EditorConfig file
2018-03-16 15:50:34 -05:00
Josh Cummings
Rob Winch
Joe Grandja
Tao Qian
Mark Hobson
Johnny Lim
Christoph Dreis
Alter Ego
Oleh Dokuka
Vedran Pavic