1103 Commits

Author SHA1 Message Date
Josh Cummings
f755580a91
Resource Server Static Key Sample
Fixes: gh-5486
2018-12-05 10:51:24 -07:00
Rob Winch
0e5f1245a6 Remove Thymeleaf dependency management
Fixes: gh-6161
2018-11-28 08:23:01 -06:00
Rafael Dominguez
8e648deda0 Replace slf4j dependencies with logback-classic
This commit removes explicit declaration of slf4j dependencies.
Instead, logback classic is declared that will pull them transitively.

Fixes: gh-6130
2018-11-23 09:59:29 -05:00
Daniel Bustamante Ospina
808fbfa161 Update webflux-form sample to use Built in CSRF Support
Remove the CsrfControllerAdvice class and update dependencies to add
org.thymeleaf.extras:thymeleaf-extras-springsecurity5

Issue: gh-6061
2018-11-14 17:38:37 -06:00
Rafael Dominguez
ac026e23fe Updated Spring Boot version from 2.1.0.M4 to 2.1.0.RELEASE 2018-11-14 10:51:38 -06:00
Josh Cummings
42b111fba6
JDK 11 Compatibility
Upgraded dependencies and removed a test in the Java Config LDAP
sample which is arguably an integration test since it starts up an
LDAP container. This test also isn't JDK 11 compatible and the
remaining integration tests in the sample cover the same material.

Issue: gh-5860
2018-10-25 17:10:50 -06:00
Josh Cummings
bd9e3877f9 JDK 10 Compatibility
Upgrading dependencies and reconfiguring PowerMock

Issue: gh-5860
2018-10-17 15:03:42 -05:00
John Lin
fe080cadbe Fix method name in the Contact sample code 2018-10-03 16:45:18 -04:00
Joe Grandja
91f6888e9f Remove OAuth2AuthorizedClientRepository @Bean from OAuth2LoginApplication
Fixes gh-5546
2018-09-19 11:22:52 -04:00
Josh Cummings
b3d33708d1
JAXB for Authorization Server Sample
For Java 9+ compatibility

Issue: gh-5833
2018-09-14 09:21:37 -06:00
Josh Cummings
17dd95d525
Polish Authorization Server Sample
Change primary user's username to "subject" to align with
oauth2resourceserver sample.
2018-09-13 16:21:10 -06:00
Josh Cummings
f2140dd5f5
Authorization Server Sample
A simple Authorization Server sample based off of the Legacy
Authorization Server project, spring-security-oauth2.

This project is mostly useful as a utility for other samples whose
usage would be clearer if an Authorization Server were introduced.

Note that this server is a barebones OAuth 2.0 Authorization Server
configuration, but is still useful for understanding how to set up an
Authorization Server using spring-security-oauth2.

Fixes: gh-5833
2018-09-13 15:24:32 -06:00
Rob Winch
c21b2f31c6 Polish resourceserver samples
- Use ${mockserver.url} instead of mock://
- Consistency between reactive/imperative samples

Fixes: gh-5844
2018-09-13 14:31:23 -05:00
Rob Winch
f68141d42a Update to Spring Boot 2.1.0.M3
Fixes: gh-5843
2018-09-13 10:27:16 -05:00
Rob Winch
2495025845 authcodegrant samples->oauth2webclient samples
The authcodegrant samples were initially meant to be very simple
demonstration of authorization code flow. However, it has become
obvious since then that the real intent of the demo is how to use
the WebClient with OAuth (there is no other reason to do authorization
code flow unless you use the token to make a request).

The samples have been migrated to oauth2webclient and oauth2webclient-webflux
respectively. They have been improved:

* The sample demonstrates usage with annotations, webclient directly, form login
  oauth2Login, and public APIs
* The samples externalize the endpoint that is requested in the sample
  making it easier to try other endpoints
* The UI no longer relies on a data structure for the result of the
  endpoint also making it easier to try other endpoints

Issue: gh-4921
2018-09-07 08:58:50 -05:00
Rob Winch
158b8aa6d5 ServerOAuth2AuthorizedClientExchangeFilterFunction clientRegistrationId
Issue: gh-4921
2018-09-07 08:56:49 -05:00
Joe Grandja
d7bd5c0acc Remove spring.factories from oauth2login-webflux sample
Fixes gh-5723
2018-08-22 10:21:36 -04:00
Joe Grandja
ff6e1232c8 Flatten HttpSecurity.oauth2()
Fixes gh-5715
2018-08-22 05:58:04 -04:00
Joe Grandja
0f89e59707 Simplified oauth2().client() DSL
Fixes gh-5662
2018-08-22 04:45:35 -04:00
Rob Winch
0dc80aed40 Flatten ServerHttpSecurity.oauth2()
Fixes: gh-5712
2018-08-21 15:48:41 -05:00
Rob Winch
7c5c274854 Add authcodegrant-webflux sample
Issue: gh-5620
2018-08-19 21:28:08 -05:00
Rob Winch
afa2d9cbc7 Remove ExchangeFilterFunctions
Issue: gh-5612
2018-07-30 15:34:44 -05:00
Rob Winch
262c1a77c6 Remove SecurityHeaders
We no longer need this since Spring Framework now provides
HttpHeaders.setBearerAuth

Issue: gh-5612
2018-07-30 15:34:40 -05:00
Rob Winch
c26d7dc859 Update to Spring Boot 2.1.0.M1
Fixes: gh-5613
2018-07-30 15:34:35 -05:00
Rob Winch
dd1fa7f709 Add Sample
Issue: gh-5605
2018-07-30 11:39:50 -05:00
Rob Winch
9ababf4168 Rename to ServerOAuth2AuthorizedClientExchangeFilterFunction
Rename OAuth2AuthorizedClientExchangeFilterFunction to
ServerOAuth2AuthorizedClientExchangeFilterFunction->

Issue: gh-5386
2018-07-20 11:48:19 -05:00
Joe Grandja
9a144d742e Use OAuth2AuthorizedClientRepository in filters and resolver
Fixes gh-5544
2018-07-19 22:57:10 -04:00
Josh Cummings
40ccdb93f7 Resource Server Jwt Support
Introducing initial support for Jwt-Encoded Bearer Token authorization
with remote JWK set signature verification.

High-level features include:

- Accepting bearer tokens as headers and form or query parameters
- Verifying signatures from a remote Jwk set

And:

- A DSL for easy configuration
- A sample to demonstrate usage

Fixes: gh-5128
Fixes: gh-5125
Fixes: gh-5121
Fixes: gh-5130
Fixes: gh-5226
Fixes: gh-5237
2018-07-16 10:40:46 -05:00
Joe Grandja
779597af2a Add support for custom authorization request parameters
Fixes gh-4911
2018-07-16 09:39:06 -05:00
Rob Winch
05ed028f9d Modernize Default Log In Page
Fixes: gh-5515
2018-07-15 19:43:42 -05:00
Joe Grandja
4fc6d96073 Rename @OAuth2Client to @RegisteredOAuth2AuthorizedClient
Fixes gh-5360
2018-06-08 17:33:21 -04:00
Joe Grandja
81e19ad85e Move oauth2 samples under boot directory
Issue gh-5397
2018-06-06 09:37:36 -04:00
Rob Winch
a9e6d7606e Update WebFlux samples to use Spring Boot
Fixes: gh-5411
2018-06-05 11:31:15 -05:00
Joe Grandja
de95583509 Move oauth2login samples under oauth2 directory
Fixes gh-5397
2018-05-30 12:16:05 -04:00
Joe Grandja
f9f74b1bfc Simplify oauth2login-webflux sample
Fixes gh-5396
2018-05-30 11:53:25 -04:00
Joe Grandja
6c13e18483 Simplify oauth2login sample
Fixes gh-5384
2018-05-30 11:29:28 -04:00
Rob Winch
ecf6caa896 Add missing @Configuration for WebClientConfig
Issue: gh-5388
2018-05-25 12:48:42 -05:00
Rob Winch
68117d7b0b Samples use OAuth2AuthorizedClientExchangeFilterFunction
Issue: gh-5386
2018-05-25 12:25:13 -05:00
Rob Winch
bc3467c118 Add oauth2login-webflux sample
Issue: gh-4807
2018-05-11 04:19:50 -05:00
Joe Grandja
526e0fdd4f Add OAuth2 Client HandlerMethodArgumentResolver
Fixes gh-4651
2018-04-02 12:13:52 -04:00
Joe Grandja
982fc360b2 Add support for authorization_code grant
Fixes gh-4928
2018-04-02 12:13:06 -04:00
Rob Winch
7a204a5f58 Fixes for SPR-16624
Fixes: gh-5164
2018-03-27 22:35:08 -05:00
Rob Winch
b1d013e8f0 Fix JDK 9
Issue: gh-5160
2018-03-27 09:30:56 -05:00
Joe Grandja
59cef7d339 HttpSessionOAuth2AuthorizationRequestRepository handle multiple OAuth2AuthorizationRequest per session
Fixes gh-5110
2018-03-20 22:14:48 -05:00
Rob Winch
c9ef2549b2 Update to appengine-gradle-plugin:1.3.5
Fixes: gh-5054
2018-02-27 20:45:27 -06:00
Rob Winch
c5e6ee4563 Update Dependencies
Fixes: gh-4973
2018-01-24 13:48:14 -06:00
Michael J. Simons
1517e9b222 Migrate xml-contacts groovy->java
See .
2018-01-24 11:06:08 -06:00
Michael J. Simons
4a3baad4f9 Migrate xml-ldap groovy->java
See .
2018-01-24 11:06:08 -06:00
Michael J. Simons
8c6f965973 Migrate javaconfig-ldap groovy->java
See .
2018-01-24 11:06:08 -06:00
Michael J. Simons
26f7b2f99f Migrate javaconfig-helloworld groovy->java
See .
2018-01-24 11:06:08 -06:00