Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
11,404 Commits 32 Branches 333 Tags 112 MiB
Commit Graph

2118 Commits

Author SHA1 Message Date
Rob Winch 3c4e15264c Add @ExtendWith(SpringTestContextExtension.class) 
rg 'import org.springframework.security.config.test.SpringTestContext' -l -g "*.java" | xargs rg '@ExtendWith' --files-without-match | xargs sed -i '/^public class/i @ExtendWith(SpringTestContextExtension.class)'
 2021-07-09 14:49:46 -05:00
Rob Winch 7dfd169ece Add import ExtendWith 
rg 'import org.springframework.security.config.test.SpringTestContext' -l -g "*.java" | xargs rg '@ExtendWith' --files-without-match | xargs sed -i '/^import org.junit.jupiter.api.Test;/a import org.junit.jupiter.api.extension.ExtendWith;'
 2021-07-09 14:49:45 -05:00
Rob Winch e4b09f62f0 Add SpringTestContextExtension to existing ExtendWith 
rg 'import org.springframework.security.config.test.SpringTestContext' -l -g "*.java" | xargs rg '@ExtendWith' -l | xargs sed -E -i 's/@ExtendWith\((.*)\)/@ExtendWith({ \1, SpringTestContextExtension.class })/'
 2021-07-09 14:49:42 -05:00
Rob Winch 5133340bf8 Add import SpringTestContextExtension 
rg 'import org.springframework.security.config.test.SpringTestContext' -l -g "*.java" | xargs sed -i '/^import org.springframework.security.config.test.SpringTestContext;/a import org.springframework.security.config.test.SpringTestContextExtension;'
 2021-07-09 14:47:54 -05:00
Rob Winch 60078df62a remove @Rule 
rg '@Rule' -g '!buildSrc/**' -l | xargs sed -i '/@Rule/d'
rg 'import org.junit.Rule' -g '!buildSrc/**' -l | xargs sed -i '/import org.junit.Rule/d'
 2021-07-09 14:46:51 -05:00
Rob Winch 671040bb27 SpringTestRule to SpringTestContext 
rg 'new SpringTestRule()' -l | xargs sed -i 's/new SpringTestRule()/new SpringTestContext(this)/'
rg 'val spring = SpringTestRule()' -l | xargs sed -i 's/val spring = SpringTestRule()/val spring = SpringTestContext(this)/'
 2021-07-09 14:41:51 -05:00
Rob Winch e8c44e6390 Add SpringTestContextExtension 2021-07-09 14:35:10 -05:00
Rob Winch b6ff4d3674 Fix mockito UnnecessaryStubbingException 2021-07-09 14:35:10 -05:00
Rob Winch 2a62c4d976 Fix NamespaceHttpInterceptUrlTests 2021-07-09 14:32:52 -05:00
Rob Winch 3e93b024d6 openrewrite Junit Migration 2021-07-09 14:32:52 -05:00
Eleftheria Stein 79054093c9 Add AuthenticationManager to Kotlin ServerHttpSecurityDsl 
Closes gh-10053
 2021-07-09 10:34:57 +02:00
Rob Winch 14240b2559 Remove Powermock 
Powermock does not support JUnit5 yet, so we need to remove it
to support JUnit 5. Additionally, maintaining additional libraries
adds extra work for the team.

Mockito now supports final classes and static method mocking. This
commit replaces Powermock with mockito-inline.

Closes gh-6025
 2021-07-08 12:35:32 -05:00
Eleftheria Stein 6a09ffe113 Add AuthenticationManager to Kotlin JwtDsl 
Closes gh-10045
 2021-07-08 13:50:09 +02:00
Eleftheria Stein 5c8e409d98 Add AuthenticationManager to Kotlin OpaqueTokenDsl 
Closes gh-10044
 2021-07-08 12:46:50 +02:00
Eleftheria Stein b4f76b2314 Fix typo in Saml2Dsl 2021-07-08 12:03:29 +02:00
Eleftheria Stein 585788ad0a Add AuthenticationManager to HttpSecurity 
Closes gh-10040
 2021-07-07 15:44:42 +02:00
Evgeniy Cheban d121ab9565 Support A Well-Known URL for Changing Passwords 
Closes gh-8657
 2021-07-01 16:57:53 -06:00
Josh Cummings e91cacfdaf
Polish no-parameter authorizeHttpRequests 
- Cleaned up JavaDoc
- Updated implementation to align with no-parameter authorizeRequests
- Updated test names and content for clarity, specifically identified
tests that target no-parameter authorizeHttpRequests with noParameter in
the name
- Switched order of methods to match others in HttpSecurity
- Updated copyright year

Issue gh-9498
 2021-06-28 15:45:24 -06:00
sdratler1 3820f0f3a3
Add no-parameter authorizeHttpRequests method 
Closes gh-9498
 2021-06-28 15:34:49 -06:00
/usr/local/ΕΨΗΕΛΩΝ fe99c3b83b
https://stackoverflow.com/questions/67520600/redirect-to-different-page-after-login-based-on-user-role-with-spring-security/67531436#67531436 
Closes gh-7282
 2021-06-28 11:48:07 +02:00
Eleftheria Stein 94a3adb928 Apply DefaultLoginPageConfigurer before logout 
If they are not applied in this order, then the LogoutConfigurer cannot
set the logoutSuccessUrl, because the DefaultLoginPageGeneratingFilter
does not exist yet.
This impacts users that inject the default HttpSecurity bean.

Closes gh-9973
 2021-06-24 10:26:13 +02:00
Eleftheria Stein dfd0047f0b Disable default logout page when logout disabled 
Closes gh-9475
 2021-06-17 16:38:23 +02:00
Thomas Vitale b44d0fb319 Load ReactiveJwtAuthenticationConverter bean in OAuth2 Resource Server config 
When a bean of type ReactiveJwtAuthenticationConverter is defined,
the OAuth2 Resource Server configuration will use it automatically
when no other converter is defined through the DSL.

Closes gh-9698
 2021-06-15 14:22:15 -06:00
Eleftheria Stein aeed286e8a Add AuthenticationManager to saml2Login Kotlin DSL 
Closes gh-9905
 2021-06-15 09:53:53 +02:00
Marcus Hert da Coregio 9d2db89838 Fix Adding Filter Relative to Custom Filter 
Closes gh-9787
 2021-06-14 14:37:21 -03:00
Josh Cummings 65239e93f9
Update Copyright Header 
Issue gh-9845
 2021-06-09 11:33:48 -06:00
Josh Cummings 5b49433ed1
Add GlobalMethodSecurityConfiguration Test 
Issue gh-9845
 2021-06-09 09:29:52 -06:00
Kay-Uwe Janssen 7a233c41f0 Some infrastructure beans are not marked properly 
Added missing infrastructure role to methodSecurityMetadataSource bean
and move the post processing of the defaultMethodExpressionHandler to
the end of afterSingletonsInstantiated.

Closes gh-9845
 2021-06-09 09:28:55 -06:00
theexiile1305 3074ad4136 Migrate Kotlin tests from java Mockito to Mockk 
Closes gh-9785
 2021-06-07 13:13:31 +02:00
Eleftheria Stein 204a32aba8 Replace < and > with &lt and &gt in Javadoc 
Closes gh-9847
 2021-06-04 12:26:07 +03:00
Rob Winch 68f91edbb8 Make XsdDocumentedTests Parsing More Lenient 
Closes gh-9830
 2021-05-27 18:37:14 -05:00
Rob Winch 8400b841e9 Improve XsdDocumentedTests Error Message 
This makes it easier to compare the expected and actual values.

Closes gh-9829
 2021-05-27 18:37:02 -05:00
Eleftheria Stein fa77f4c8ff Deprecate feature-policy where not already deprecated 
Issue gh-9262
 2021-05-19 10:04:09 +02:00
Eleftheria Stein be903b8e25 Cleanup unused import 2021-05-19 10:04:09 +02:00
Eleftheria Stein 1728b06b30 Ensure Kotlin 1.3 compatibility 
Closes gh-9765
 2021-05-19 10:04:08 +02:00
Josh Cummings 67e5c05a47 Polish AuthorizationManager Method Security 
- Removed consolidated pointcut advisor in favor of each interceptor
being an advisor. This allows Spring AOP to do more of the heavy
lifting of selecting the set of interceptors that applies
- Created new method context for after interceptors instead of
modifying existing one
- Added documentation
- Added XML support
- Added AuthorizationInterceptorsOrder to simplify interceptor
ordering
- Adjusted annotation lookup to comply with JSR-250 spec
- Adjusted annotation lookup to exhaustively search for duplicate
annotations
- Separated into three @Configuration classes, one for each set of
authorization annotations

Issue gh-9289
 2021-05-18 17:34:04 -06:00
Evgeniy Cheban 84e2e80915 Consider AuthorizationManager for Method Security 
Closes gh-9289
 2021-05-18 17:34:04 -06:00
Josh Cummings d203235567
Update to Spring Security 5.6 
Closes gh-9695
 2021-05-18 10:45:17 -06:00
Rob Winch 4d251157b2 opensaml4MainCompile 2021-05-17 23:21:17 -05:00
Rob Winch eda38b8f88 opensaml fixes 2021-05-17 15:51:55 -05:00
Rob Winch e5a652e749 Update to Kotlin 1.5.0 
Closes gh-9763
 2021-05-17 10:30:26 -05:00
Joe Grandja e51ca79954 Document Jwt Client Authentication support 
Closes gh-9578
 2021-05-14 22:58:44 -04:00
Joe Grandja f874a12ddb Document jwt-bearer authorization grant 
Closes gh-9580
 2021-05-14 14:48:37 -04:00
Josh Cummings ca2bc4feb3
Bump Schema Version 
Closes gh-9694
 2021-04-29 16:52:29 -06:00
Josh Cummings 4d564ffb50
Update AuthorizationManager references 
Issue gh-9692
 2021-04-28 11:58:30 -06:00
Josh Cummings 17cfc6ade3
Inline ResourceKeyConverterAdapter 
Closes gh-9689
Closes gh-9626
 2021-04-28 09:39:12 -06:00
Eleftheria Stein de0cd11a72 Fix PreAuthorize when returning Kotlin Flow 
Closes gh-9676
 2021-04-28 12:33:18 +02:00
Joe Grandja 53e94bca45 Add oauth2Login() tests 
Issue gh-9548 gh-9660 gh-9266
 2021-04-20 08:37:19 -04:00
Joe Grandja 5afeaa3ce7 WebFlux httpBasic() matches on XHR requests 
Closes gh-9660
 2021-04-20 08:36:42 -04:00
Rob Winch a31a855146 Fix HttpSecurity.addFilter* Ordering 
Closes gh-9633
 2021-04-14 17:47:31 -05:00
Denis Washington 2b4b856b32 Limit oauth2Login() links to redirect-based flows 
This prevents the generated login page from showing links for
authorization grant types like "client_credentials" which are
not redirect-based, and thus not meant for interactive use in
the browser.

Closes gh-9457
 2021-04-14 05:02:30 -04:00
Josh Cummings 163b5943ca
Revert AuthorizationManager Method Security 2021-04-12 15:53:22 -06:00
Josh Cummings 404a6c5674
Revert "Publish CsrfTokenRepository as shared object" 
This reverts commit d19ff12813.
 2021-04-12 14:43:37 -06:00
Josh Cummings 4e81bbe386
Revert "Add Saml2LogoutConfigurer" 
This reverts commit 6f52baba29.
 2021-04-12 14:43:19 -06:00
Josh Cummings 6f52baba29
Add Saml2LogoutConfigurer 
Closes gh-9497
 2021-04-10 00:25:34 -06:00
Josh Cummings d19ff12813
Publish CsrfTokenRepository as shared object 
Closes gh-9595
 2021-04-10 00:25:34 -06:00
Josh Cummings df8abcfae7
Use Interceptors instead of Advice 
- Interceptor is a more descriptive term for what
method security is doing
- This also allows the code to follow a delegate
pattern that unifies both before-method and after-
method authorization

Issue gh-9289
 2021-04-09 18:45:31 -06:00
Josh Cummings 6828987b4b
Add AfterMethodAuthorizationManager 
- Removes the need to keep MethodAuthorizationContext#returnObject
in sync with other method parameters
- Restores MethodAuthorizationContext's immutability

Closes gh-9591
 2021-04-09 18:43:56 -06:00
Josh Cummings 2b494ebc5f
Polish AOP Structure 
- Changed from MethodMatcher to Pointcut since authorization
annotations also can be attached to classes
- Adjusted advice to extend Before or AfterAdvice
- Adjusted advice to extend PointcutAdvisor so
that it can share its Pointcut
- Adjusted advice to extend AopInfrastructureBean to
align with old advice classes

Issue gh-9289
 2021-04-09 17:46:33 -06:00
Josh Cummings 62d77ec97e
Add GrantedAuthorityDefaults to Expression Handler 
Issue gh-9289
 2021-04-09 17:46:33 -06:00
Josh Cummings 68cf74468c
Add check for custom advice 
- Because publishing an advice bean replaces Spring Security
defaults, the code should error if both a custom bean and
either secureEnabled or prePostEnabled are specified

Issue gh-9289
 2021-04-09 17:46:33 -06:00
Josh Cummings 45376b359b
Adjust Packaging 
Issue gh-9289
 2021-04-09 17:46:32 -06:00
Evgeniy Cheban 20778f727b
Consider AuthorizationManager for Method Security 
Closes gh-9289
 2021-04-09 17:46:32 -06:00
Josh Cummings 7ded671858
Refactor AuthenticationDetailsSource support 
- BearerTokenAuthenticationFilter exposes this directly, simplifying
configuration and removing a package tangle

Closes gh-9576
 2021-04-09 12:41:16 -06:00
Eleftheria Stein e03fe7f089 Add coroutine support to pre/post authorize 
Closes gh-8143
 2021-04-09 19:33:06 +02:00
Rob Winch 60d3db5798 add management platform(project(":spring-security-dependencies")) 
Closes gh-9540
 2021-04-05 10:36:36 -05:00
Rob Winch 1a76ee7442 Update Gradle configuration names 
Closes gh-9540
 2021-04-05 10:36:36 -05:00
Eleftheria Stein 0f3df3e714 Consider Order on SecurityFilterChain bean definitions 
Closes gh-9154
 2021-03-24 11:02:29 +02:00
Eleftheria Stein f5fe64cd5b Fix typo 2021-03-24 11:00:37 +02:00
Josh Cummings d0d0a8d958 Add OpenSAML 4 Support 
Closes gh-9095
 2021-03-23 19:07:23 -06:00
Eleftheria Stein 4a492846f1 Revert "Lock dependencies for 2.5.0-M3" 
This reverts commit f05cc6269c.
 2021-03-15 23:18:45 +01:00
Eleftheria Stein f05cc6269c Lock dependencies for 2.5.0-M3 2021-03-15 11:00:19 +01:00
Josh Cummings b774e91734
Polish BearerTokenAuthenticationConverter 
Issue gh-8840
 2021-03-12 15:05:06 -07:00
Jeongjin Kim 31f310fd22
Add BearerTokenAuthenticationConverter 
BearerTokenAuthenticationConverter is introduced to solve the
problem of not being able to change AuthenticationDetailsSource.
BearerTokenAuthenticationFilter delegates to
BearerTokenAuthenticationConverter the task of creating
BearerTokenAuthenticationToken and setting AuthenticationDetailsSource.
BearerTokenAuthenticationConverter is customizable and the customized
converter can be used in BearerTokenAuthenticationFilter.

Closes gh-8840
 2021-03-12 15:05:06 -07:00
Eleftheria Stein 92b3a7b01b Clarify in .csrf() enables CSRF protection 
Closes gh-9489
 2021-03-05 16:11:12 +01:00
wonwoo cf2bb62442 Fix typo in doc 2021-03-05 14:09:30 +01:00
Han YanJing f3fa8e8800
Polish 
Issue gh-9310
 2021-03-02 12:04:22 -07:00
Han YanJing 6e41246a2b
Throw Saml2AuthenticationException 
Closes gh-9310
 2021-03-02 12:04:22 -07:00
Ivan Pavlov 857830f695 Add RememberMeDsl 
Issue: gh-9319
 2021-02-22 09:15:40 +01:00
Josh Cummings f129410ff9
Add Java 8 Polyfill for Apache DS tests 
Closes gh-9416
 2021-02-17 11:53:51 -07:00
Josh Cummings c4be1c6a56
Revert "Lock Dependencies" 
This reverts commit a85caa4098.
 2021-02-11 15:49:59 -07:00
Josh Cummings a85caa4098
Lock Dependencies 2021-02-11 15:00:38 -07:00
Josh Cummings ccb3b02888
Bearer Token Server-side Errors Return 500 
Closes gh-9395
 2021-02-10 12:35:34 -07:00
Josh Cummings ca5e303308
Fix Test Configuration 
- Typo in PlaceholderConfig was causing Windows builds to
resolve the CLASSPATH environment variable

Closes gh-9421
 2021-02-10 11:31:30 -07:00
Josh Cummings 3e1616c311
Remove BearerTokenAuthenticationWebFilter 
Closes gh-9377
 2021-01-26 10:23:17 -07:00
Josh Cummings 76229cfab7
Migrate SAML 2.0 Tests and Docs to PCFOne 
Issue gh-9362
 2021-01-22 15:14:03 -07:00
Ihor Ilkevych 43a071a89e Add WebFlux oauth2Login with formLogin test 
Closes gh-9326
 2021-01-20 15:04:06 -05:00
Josh Cummings 65d3b0d71c
Add ResourceKeyConverterAdapter 
Simplifies publishing RsaKeyConverters with
@ConfigurationPropertiesBinding

Issue gh-9316
 2021-01-15 22:15:56 -07:00
Ivan Pavlov f4d78d00ef Extend CorsDsl with CorsConfigurationSource property 
Issue: gh-9314
 2021-01-13 10:22:07 +01:00
Evgeniy Cheban 8449df9fd2
Consider Aligning MvcRequestMatcher's matching methods 
Closes gh-9284
 2021-01-09 21:42:16 +03:00
Eleftheria Stein 8cefc8a792 Fix bug with multiple AuthenticationManager beans 
Closes gh-9256
 2021-01-06 16:26:26 +01:00
Josh Cummings 337d24e6db
Update Copyright Messages 
Issue gh-9202
 2021-01-05 15:30:51 -07:00
Mazen Aissa c907838440
Make max-session configurable 
Closes gh-9202
 2021-01-05 15:30:51 -07:00
Josh Cummings c066e23a86
Add @since attributes 
Issue gh-8900
 2020-12-16 15:58:53 -07:00
Evgeniy Cheban 34b4b1054f Add AuthorizationManager 
Closes gh-8900
 2020-12-16 15:58:36 -07:00
Nick McKinney 5306d4c4d5 Minor cleanup on Ant / Regex Request Matchers 
- Removed duplicative code for transforming String into HttpMethod
 - Removed an unnecessary array initialization
 2020-12-14 14:19:23 +01:00
Nick McKinney 6be25df1db Introduced DispatcherType request matcher 
Created a DispatcherTypeRequestMatcher and corresponding methods
for configuring an HttpSecurity object. This enables filtering of
security rules based on the dispatcher type of the incoming servlet
request.

Closes gh-9205
 2020-12-14 14:19:23 +01:00
Christophe Gilles 54d3839f63 Add permissionsPolicy http header 2020-12-11 12:32:18 +01:00
Eleftheria Stein d3ef340b26 Fix typos 2020-12-03 11:05:22 +01:00
Joe Grandja 58e3235093 Deprecate ClientAuthenticationMethod BASIC and POST 
Closes gh-9220
 2020-11-25 15:13:28 -05:00
Josh Cummings 4602e9a661
Use HttpBasicConfigurer's Conneg Strategy 
Closes gh-9100
 2020-11-12 16:26:10 -07:00
Eleftheria Stein 5661e06e9c Fix typo UserDetailService -> UserDetailsService 2020-11-09 13:13:32 +01:00
Joe Grandja b95e1aa209 Revert "Lock dependencies for 5.5.0-M1" 
This reverts commit 25a7482c8c.
 2020-11-03 19:53:28 -05:00
Eleftheria Stein 5c8972b7d5 Add test for ordered WebSecurityCustomizers 
Issue gh-9154
 2020-11-02 14:19:14 +01:00
Rob Winch 25a7482c8c Lock dependencies for 5.5.0-M1 2020-10-30 17:52:03 -05:00
Eleftheria Stein aac6d2f56b Kotlin MockMvc result matchers use parentheses 
Closes gh-9155
 2020-10-27 10:57:49 +01:00
Josh Cummings b1a3aef4f8
Update Test Controllers 
Closes gh-9121
 2020-10-12 17:41:16 -06:00
Josh Cummings 366146ff80
Polish JWT Signature Algorithm Discovery 
- Moved support to JwtDecoders and ReactiveJwtDecoders since there is
already the expectation that those classes make an outbound connection
to complete configuration. Since there's no outbound connection when
configuring a NimbusJwtDecoder or NimbusReactiveJwtDecoder, it would be
more intrusive to change that.

Closes gh-7160
 2020-10-09 14:17:30 -06:00
Nick Hitchan 290786438c
Add Support for JWK Signature Algorithm Discovery 
Issue gh-7160
 2020-10-09 13:09:38 -06:00
Josh Cummings ce68431037
Bump Schema, Serialization, and Taglib to 5.5 2020-10-07 17:17:58 -06:00
Artem Grankin dc5f2444ae Replace expired msdn link with latest web archive copy 
Initial link expired in March, 2016. Latest copy found in web archive is from February, 2016
 2020-09-28 17:04:59 -06:00
Geonu Jeon fd615535b3 fix comment of authenticationFailureHandler 2020-09-24 05:18:22 -04:00
Phillip Webb c502312719 Replace expected @Test attributes with AssertJ 
Replace JUnit expected @Test attributes with AssertJ calls.
 2020-09-22 16:13:51 -06:00
Phillip Webb 20baa7d409 Replace ExpectedException @Rules with AssertJ 
Replace JUnit ExpectedException @Rules with AssertJ calls.
 2020-09-22 16:13:51 -06:00
Phillip Webb 910b81928f Replace try/catch with AssertJ 
Replace manual try/catch/fail blocks with AssertJ calls.
 2020-09-22 16:13:51 -06:00
Josh Cummings b667cbbb86
Align Raw Types 
Closes gh-9026
 2020-09-18 16:21:53 -06:00
Joe Grandja 7b1f574769 Revert "Lock Dependency Versions for 5.4.0" 
This reverts commit 3d0e459182.
 2020-09-09 18:14:12 -04:00
Joe Grandja 3d0e459182 Lock Dependency Versions for 5.4.0 2020-09-09 13:45:03 -04:00
Eleftheria Stein 4e2a050c14 Customizer for WebSecurity 
Closes gh-8978
 2020-09-09 09:34:52 -04:00
Josh Cummings fa7baf551d
Restructure Logs 
Followed common use cases based off of HelloWorld sample:
  - Public endpoint
  - Unauthorized endpoint
  - Undefined endpoint
  - Successful form login
  - Failed form login
  - Post-login redirect

Issue gh-6311
 2020-09-02 07:37:59 -06:00
Evgeniy Cheban 17f1540280 Resolve oauth2 client placeholders 
Closes gh-8453
 2020-09-01 08:26:44 -04:00
Eleftheria Stein 902fca65a4 Add authenticationManagerResolver to Kotlin DSL 
Closes gh-8981
 2020-08-28 11:48:55 +02:00
Rob Winch 2abf59b695 Merge Formatting Changes 
Issue gh-8945
 2020-08-24 17:33:23 -05:00
Rob Winch 254f2e2aec Polish config format 
Issue gh-8945
 2020-08-24 17:33:09 -05:00
Phillip Webb 319d3364aa Migrate to assertThatExceptionOfType 
Consistently use `assertThatExceptionOfType(...).isThrownBy(...)`
rather than `assertThatCode` or `assertThatThrownBy`. This aligns with
Spring Boot and Spring Cloud. It also allows the convenience
`assertThatIllegalArgument` and `assertThatIllegalState` methods to
be used.

Issue gh-8945
 2020-08-24 17:33:09 -05:00
Phillip Webb 2f8e835b11 Use assertThatObject to save casting 
Update tests that use `assertThat((Object) ...)` to use the convenience
`assertThatObject(...)` method instead.

Issue gh-8945
 2020-08-24 17:33:09 -05:00
Phillip Webb 0a3eeb9c80 Remove incorrect AssertJ imports 
Fix a few tests that were accidentally importing incorrect AssertJ
classes.

Issue gh-8945
 2020-08-24 17:33:09 -05:00
Phillip Webb a5aa6b3d7f Remove blank lines from all tests 
Remove all blank lines from test code so that test methods are
visually grouped together. This generally helps to make the test
classes easer to scan, however, the "given" / "when" / "then"
blocks used by some tests are now not as easy to discern.

Issue gh-8945
 2020-08-24 17:33:09 -05:00
Phillip Webb 7bf6008efe Polish spring-security-config main code 
Manually polish `spring-security-config` following the formatting
and checkstyle fixes.

Issue gh-8945
 2020-08-24 17:33:08 -05:00
Phillip Webb ee661f7b71 Fix whitespace issues in format-off code 
Fix a few whitespace issues in format-off code that would
otherwise fail checkstyle.

Issue gh-8945
 2020-08-24 17:33:08 -05:00
Phillip Webb 834dcf5bcf Use consistent ternary expression style 
Update all ternary expressions so that the condition is always in
parentheses and "not equals" is used in the test. This helps to bring
consistency across the codebase which makes ternary expression easier
to scan.

For example: `a = (a != null) ? a : b`

Issue gh-8945
 2020-08-24 17:33:08 -05:00
Phillip Webb 8d3f039f76 Reduce method visibility when possible 
Reduce method visibility for package private classes when possible.

In the case of abstract classes that will eventually be made public,
the class has been made public and a package-private constructor has
been added.

Issue gh-8945
 2020-08-24 17:33:08 -05:00
Phillip Webb 612fb22a7f Remove unnecessary lambda blocks 
Remove lambda blocks that aren't needed and replace instead with a
simple expression.

Issue gh-8945
 2020-08-24 17:33:08 -05:00
Phillip Webb 52f20b5281 Use parenthesis with single-arg lambdas 
Use regular expression search/replace to ensure all single-arg
lambdas have parenthesis. This aligns with the style used in Spring
Boot and ensure that single-arg and multi-arg lambdas are consistent.

Issue gh-8945
 2020-08-24 17:33:08 -05:00
Phillip Webb 01d90c9881 Hide utility class constructors 
Update all utility classes so that they have a private constructor. This
prevents users from accidentally creating an instance, when they should
just use the static methods directly.

Issue gh-8945
 2020-08-24 17:33:08 -05:00
Phillip Webb ff94944313 Add whitespace after copyright header 
Add an additional lines after the copyright header and before the
`package` declaration. This aligns with the style used by Spring
Framework.

Issue gh-8945
 2020-08-24 17:33:08 -05:00
Phillip Webb 31ec450d05 Remove superfluous comments 
Remove a few comments that previously add noise but don't offer a great
deal of value.

Issue gh-8945
 2020-08-24 17:33:08 -05:00
Phillip Webb 8d80166aaf Update exception variable names 
Consistently use `ex` for caught exception and `cause` for Exception
constructor arguments.

Issue gh-8945
 2020-08-24 17:33:08 -05:00
Phillip Webb e9130489a6 Remove restricted static imports 
Replace static imports with class referenced methods. With the exception
of a few well known static imports, checkstyle restricts the static
imports that a class can use. For example, `asList(...)` would be
replaced with `Arrays.asList(...)`.

Issue gh-8945
 2020-08-24 17:33:08 -05:00
Phillip Webb b69825d925 Simplify boolean expression 
Simplify boolean expression of the form `if (b == true)` to instead
just use the form `if (b)`.

Issue gh-8945
 2020-08-24 17:33:08 -05:00
Phillip Webb db55ef4b3b Migrate to BDD Mockito 
Migrate Mockito imports to use the BDD variant. This aligns better with
the "given" / "when" / "then" style used in most tests since the "given"
block now uses Mockito `given(...)` calls.

The commit also updates a few tests that were accidentally using
Power Mockito when regular Mockito could be used.

Issue gh-8945
 2020-08-24 17:33:08 -05:00
Phillip Webb f1cee9500f Ensure classes are defined in their own files 
Ensure that all classes are defined in their own files. Mostly classes
have been changed to inner-types.

Issue gh-8945
 2020-08-24 17:33:08 -05:00
Phillip Webb 053af720a4 Ensure no whitespace before lines 
Fix a few issues cause by the automatic formatting that meant additional
leading whitespace was present.

Issue gh-8945
 2020-08-24 17:33:08 -05:00
Phillip Webb 4d487e8dc3 Ensure all files end with a new line 
Update all files to ensure that they always end with a new-line
character.

Issue gh-8945
 2020-08-24 17:33:07 -05:00
Phillip Webb 218480fb7c Reduce the number of nested if statements 
Refactor `HeadersBeanDefinitionParser` and `AclImpl` to reduce the
number of nested if statements. A few extracted methods are now used
to hopefully improve readability.

Issue gh-8945
 2020-08-24 17:33:07 -05:00
Phillip Webb a0b9442265 Use consistent modifier order 
Update code to use a consistent modifier order that aligns with that
used in the "Java Language specification".

Issue gh-8945
 2020-08-24 17:33:07 -05:00
Phillip Webb 3e700e7571 Remove (non-Javadoc) comments 
Search and replace using '(?s)/\*\s*\* \(non-Javadoc\).*?\*/' to remove
all "(non-Javadoc)" comments. These comments used to be added
automatically by Eclipse, but are not really necessary.

Issue gh-8945
 2020-08-24 17:33:07 -05:00
Phillip Webb a2f2e9ac8d Move inner-types so that they are always last 
Move all inner-types so that they are consistently the last item
defined. This aligns with the style used by Spring Framework and
the consistency generally makes it easier to scan the source.

Issue gh-8945
 2020-08-24 17:33:07 -05:00
Phillip Webb 9e08b51ed3 Apply code cleanup rules to projects 
Apply automated cleanup rules to add `@Override` and `@Deprecated`
annotations and to fix class references used with static methods.

Issue gh-8945
 2020-08-24 17:33:07 -05:00
Phillip Webb 8866fa6fb0 Always use 'this.' when accessing fields 
Apply an Eclipse cleanup rules to ensure that fields are always accessed
using `this.`. This aligns with the style used by Spring Framework and
helps users quickly see the difference between a local and member
variable.

Issue gh-8945
 2020-08-24 17:33:07 -05:00
Phillip Webb 6894ff5d12 Make classes final where possible 
Update classes that have private constructors so that they are also
declared final. In a few cases, inner-classes used private constructors
but were subclassed. These have now been changed to have package-private
constructors.

Issue gh-8945
 2020-08-24 17:33:07 -05:00
Phillip Webb b5d499e2eb Remove empty block 
Refactor a few classes so that empty blocks are not longer used. For
example, rather than:

	if(x) {
	} else {
		i++;
	}

use:

	if(!x) {
		i++;
	}

Issue gh-8945
 2020-08-24 17:33:07 -05:00
Phillip Webb 37fa94fafc Organize imports 
Use "organize imports" from Eclipse to cleanup import statements so
that they appear in a consistent and well defined order.

Issue gh-8945
 2020-08-24 17:33:07 -05:00
Phillip Webb 5f64f53c3f Use consistent "@" tag order in Javadoc 
Ensure that Javadoc "@" tags appear in a consistent and well defined
order.

Issue gh-8945
 2020-08-24 17:33:07 -05:00
Phillip Webb 8142e4046f Use compact annotation style 
Always use compact annotations when possible. For example, replace
`@Target(value = ElementType.TYPE)` with `@Target(ElementType.TYPE)`.

Issue gh-8945
 2020-08-24 17:33:07 -05:00
Phillip Webb 71bc145ae4 Remove superfluous comments 
Use '^\s+//\ \~\ .*$' and '^\s+//\ ============+$' regular expression
searches to remove superfluous comments.

Prior to this commit, many classes would have comments to indicate
blocks of code (such as constructors/methods/instance fields). These
added a lot of noise and weren't all that helpful, especially given
the outline views available in most modern IDEs.

Issue gh-8945
 2020-08-24 17:33:07 -05:00
Phillip Webb b7fc18262d Reformat code using spring-javaformat 
Run `./gradlew format` to reformat all java files.

Issue gh-8945
 2020-08-24 17:32:56 -05:00
Martin Vietz 0486d5add9 scopes_supported metadata not used as default in ClientRegistrations 
Closes gh-8514
 2020-08-20 08:09:54 -04:00
Josh Cummings af5c55c380
Polish AuthnRequest Customization Support 
Having the application generate the AuthnRequest fresh allows Spring
Security to back away more gracefully. Using a Consumer implies that
the application will need to undo any values that Spring Security set
that the application doesn't want.

Also, if this does become a configuration burden, it can be simplified
in a separate ticket by exposing the default Converter.

Issue gh-8776
 2020-08-19 14:27:31 -06:00
Josh Cummings 1069e91645
RSocket Deprecations 
Stop using deprecated RSocket APIs in integration tests

Issue gh-8948
 2020-08-13 17:51:59 -06:00
koishikawa11 be6d2f117e
Add hasAnyRole and hasAnyAuthority to authorizeRequests in Kotlin DSL 
Closes gh-8892
 2020-08-11 07:59:22 -04:00
Phillip Webb 9caa39e370 Fix malformed formatter-on/off javadoc 
Remove the formatter-on/formatter-off comments from Javadoc examples
so that they don't confuse checkstyle. The comments are not necessary
in the Javadoc since `pre` blocks are not formatted in the same
way as code.

Issue gh-8945
 2020-08-10 16:24:44 -05:00
Phillip Webb 8e092f8d2c Add noformat blocks around withDefaultPasswordEncoder 
Find `withDefaultPasswordEncoder` calls and protect them against
formatting.

Issue gh-8945
 2020-08-10 16:24:44 -05:00
Phillip Webb 6979125ccf Add noformat blocks around User.withUsername 
Find `User.withUsername` calls and protect them against formatting.

Issue gh-8945
 2020-08-10 16:24:44 -05:00
Phillip Webb 63b5998fad Add noformat blocks around auth config 
Find `auth` config using a regex search of `^\s*auths*$` and protect
them against formatting.

Issue gh-8945
 2020-08-10 16:24:44 -05:00
Phillip Webb 103d822e46 Add noformat blocks around http config 
Find `http` config using a regex search of `^\s*https*$` and protect
them against formatting.

Issue gh-8945
 2020-08-10 16:24:44 -05:00
Phillip Webb 27ac046d8a Rename *Test.java -> *Tests.java 
Rename a few test classes that accidentally ended in `Test` instead of
`Tests`.

Issue gh-8945
 2020-08-10 16:24:44 -05:00
Joe Grandja 1d74d556c2 Revert "Lock Dependency Versions for 5.4.0-RC1" 
This reverts commit f3a1e5d40c.
 2020-08-05 14:59:11 -04:00
Rob Winch 74b42ba956 Move RSocket integration tests to integration tests 
Closes gh-8944
 2020-08-05 13:23:20 -05:00
Joe Grandja f3a1e5d40c Lock Dependency Versions for 5.4.0-RC1 2020-08-05 13:46:11 -04:00
Josh Cummings b999faa5a0
Complete SAML 2.0 SP Metadata Endpoint 
Closes gh-8693
 2020-08-05 10:08:47 -06:00
Jakub Kubrynski 8a355240bc
SAML 2.0 SP Metadata Endpoint Support 
Issue gh-8693
 2020-08-05 10:08:47 -06:00
Eleftheria Stein aeafe04260 Remove need for WebSecurityConfigurerAdapter 
Closes gh-8804
 2020-08-05 10:10:12 -04:00
Josh Cummings 5061ae9e79
Add Saml2AuthenticationTokenConverter 
Closes gh-8768
 2020-08-04 18:41:43 -06:00
Josh Cummings a10c2c6cf8
Polish DefaultSaml2AuthenticationRequestContextResolver 
Issue gh-8360
Issue gh-8887
 2020-08-04 17:29:13 -06:00
Joe Grandja 3bc0b8c144 Revert "Fix snapshot build failure related to reactor-netty" 
This reverts commit f37714a26f.
 2020-08-04 14:24:32 -04:00
Joe Grandja f37714a26f Fix snapshot build failure related to reactor-netty 
Closes gh-8909
 2020-08-04 14:17:03 -04:00
Joe Grandja 8146b1fdda Deprecate CustomUserTypesOAuth2UserService 
Closes gh-8908
 2020-08-04 13:23:44 -04:00
Joe Grandja 0ed919f072 Deprecate ClientRegistration.redirectUriTemplate 
Closes gh-8906
 2020-08-04 11:03:29 -04:00
Joe Grandja 11cc94afd8 Deprecate ImplicitGrantConfigurer 
Closes gh-8902
 2020-08-04 07:26:58 -04:00
Evgeniy Cheban 0a2006ebec Support custom filter in Server Kotlin DSL 
Closes gh-8783
 2020-07-22 05:32:16 -04:00
Dávid Kováč 37aa5f9b7c Introduce AuthenticationConverterServerWebExchangeMatcher 
AuthenticationConverterServerWebExchangeMatcher is ServerWebExchangeMatcher implementation based on AuthenticationConverter which matches if ServerWebExchange can be converted to Authentication.
It can be used as a matcher where SecurityFilterChain should be matched based on used authentication method.
BearerTokenServerWebExchangeMatcher was replaced by this matcher.

Closes gh-8824
 2020-07-21 10:11:57 -06:00
Josh Cummings cc44a93333
Polish WebSecurityConfigurerAdapter JavaDoc 
Issue gh-8784
 2020-07-20 15:21:18 -06:00
Romil Patel 956a6ee00c
WebSecurityConfigurerAdapter JavaDoc 
Closes gh-8784
 2020-07-20 15:21:18 -06:00
Josh Cummings 2c960d2ad1
Add AuthnRequestConsumerResolver 
Closes gh-8141
 2020-07-16 14:53:22 -06:00
Joe Grandja 7cc6509200 Polish gh-8669 2020-07-15 11:52:42 -04:00
Eleftheria Stein 78ed6c4de6 Add custom HeaderWriter in Kotlin DSL 
Closes gh-8823
 2020-07-10 14:18:48 +02:00
Eleftheria Stein 815ceae45c Allow disabling headers in Kotlin DSL 
Closes gh-8816
 2020-07-08 10:55:01 +02:00
Josh Cummings 146d0b6358
Revert "Lock Dependency Versions for 5.4.0-M2" 
This reverts commit 68538897c8.
 2020-07-01 13:11:50 -06:00
Josh Cummings 68538897c8
Lock Dependency Versions for 5.4.0-M2 2020-07-01 12:40:29 -06:00
Joe Grandja 0b5a14a900 Register OAuth2AuthorizedClientArgumentResolver as custom resolver for XML config 
Issue gh-8669
 2020-07-01 11:07:33 -04:00
Peer Schönhusen 3e25714dc6 Add reified function variants to security DSL 
Closes gh-8697
 2020-07-01 07:22:16 -04:00
Joe Grandja edf06a3461 OAuth2AuthorizedClientArgumentResolver uses OAuth2AuthorizedClientManager @Bean 
Closes gh-8700
 2020-06-30 11:25:39 -04:00
Joe Grandja 951e64185b Register OAuth2AuthorizedClientArgumentResolver for XML Config 
Closes gh-8669
 2020-06-25 16:10:29 -04:00
Eleftheria Stein 224361cb4a Fix typo in Javadoc 2020-06-16 09:38:09 -04:00
Evgeniy Cheban 4e7be2078f DefaultWebSecurityExpressionHandler uses RoleHierarchy bean 
Fixes gh-7059
 2020-06-10 16:43:01 -04:00
Rob Winch a907026eae Deprecate X-FRAME-OPTIONS ALLOW-FROM Directive 
Closes gh-8677
 2020-06-10 11:48:56 -05:00
Joe Grandja da4b626bf1 OAuth2LoginAuthenticationWebFilter should handle OAuth2AuthorizationException 
Issue gh-8609
 2020-06-09 17:28:21 -04:00
Parikshit Dutta 28d2cfa14a Add ServerRequestCache setter in OAuth2AuthorizationCodeGrantWebFilter 
Fixes gh-8536
 2020-06-02 21:54:09 -04:00
Rob Winch 748538d19f Delay AuthenticationPrincipalArgumentResolver Creation 
Use ObjectProvider<AuthenticationPrincipalArgumentResolver> to delay its
lookup.

Closes gh-8613
 2020-05-29 16:49:01 -05:00
Eleftheria Stein 61060b3a4f Add multipart configuration to CSRF Kotlin DSL 
Fixes gh-8602
 2020-05-27 17:01:12 -04:00
Eleftheria Stein 6f5947cab7 Fix test warnings 2020-05-27 17:00:48 -04:00
Eleftheria Stein fa11ae3c33 Remove unused import 2020-05-27 14:27:29 -04:00
Eleftheria Stein 67d2efde1c Resolve package tangles with security marker annotation 2020-05-27 07:33:24 -05:00
Eleftheria Stein bc272ddf73 Resolve package tangles in Kotlin server package 2020-05-27 07:33:24 -05:00
Craig Andrews f1db7167cb Polish 
Use `getBeanOrNull` in `registerDelegateApplicationListener` to simplify implementation.

This change does not alter behavior.
 2020-05-22 20:33:32 -05:00
Craig Andrews dbdeec4216 Check for an existing SessionRegistry bean 
If a SessionRegistry is necessary, check for one in the ApplicationContext before creating one.
 2020-05-22 20:33:32 -05:00
Evgeniy Cheban 0fa339f75b Allow port=0 for ApacheDSContainer 
Fixes gh-8144
 2020-05-21 16:14:01 -05:00
Josh Cummings 51a0cffd36
Post-process AuthenticationRequestFilter 
Fixes gh-8552
 2020-05-18 21:08:23 -06:00
Josh Cummings 9241cd2892
Move TestRelyingPartyRegistrations 
Fixes gh-8551
 2020-05-18 16:38:40 -06:00
Parikshit Dutta 1e211b6558 Add RequestCache setter in OAuth2AuthorizationCodeGrantFilter 
Fixes gh-8120
 2020-05-15 15:13:15 -04:00
Joe Grandja c1abc9b134 Polish gh-8501 2020-05-15 13:26:09 -04:00
Thomas Vitale 78fa859798 Add issuerUri to ClientRegistration.providerDetails 
- Add "issuerUri" attribute to ClientRegistration.providerDetails for OpenID Connect Discovery 1.0 or OAuth 2.0 Authorization Server Metadata.
- Validate OidcIdToken "iss" claim against the OpenID Provider "issuerUri" value.
- Update documentation for client registration: it includes issuer-uri property now.

Fixes gh-8326
 2020-05-14 17:13:07 -04:00
Rob Winch e5d2aaf6fe
Deprecate OpenID 2.0 support 
Deprecate OpenID 2.0 support
 2020-05-12 09:37:56 -05:00
Eleftheria Stein 1aadbb2f4d Remove "/path/**/other" patterns in tests 
Fixes gh-8513
 2020-05-11 17:00:25 -04:00
Dávid Kovács f2a2b469c4 Deprecate openID 2.0 support 
This commit adds deprecation notice to xml schema, parser of the schema and removes fixme comments.

Fixes gh-7153
 2020-05-09 12:04:13 +02:00
Rob Winch d91b153cad Explicitly set useSuffixPatternMatch for Tests 
Spring MVC changed their default behavior in
https://github.com/spring-projects/spring-framework/issues/23915 This
causes failures in some of Spring Security's tests.

This explicitly sets useSuffixPatternMatch=true to ensure that Spring
Security still works if users have modified their defaults.

Closes gh-8493
 2020-05-08 16:43:56 -05:00
Joe Grandja 86ca6b013c Unlock dependencies 
This reverts commit 206960cf44.
 2020-05-06 17:27:35 -04:00
Joe Grandja 206960cf44 Lock dependencies for 5.4.0-M1 2020-05-06 17:13:04 -04:00
Dávid Kovács 339d44b5a1 Deprecate openID 2.0 support 
This commit puts deprecation notice on docs, sample applications and configurations (java and xml)

Fixes gh-7153
 2020-05-02 10:18:31 +02:00
Rob Winch 4a9fa0337a Allow Configure RequestRjectedHandler in XML 
Issue gh-5007
 2020-05-01 10:51:11 -05:00
Leonard Brünings b826c798f7 Add RequestRejectedHandler 
Closes gh-5007
 2020-05-01 10:51:01 -05:00
Dávid Kovács 8e8251ac5f Add ROLE_INFRASTRUCTURE to infrastructure beans 
Closes gh-8407
 2020-04-27 08:59:24 -05:00
Adam Millerchip 0f29bee1b0 Add authorize() DSL method that accepts HttpMethod 
Fixes: gh-8307
 2020-04-22 16:14:04 -04:00
Adam Millerchip 16a7cbee4b Use named arguments in Kotlin authorization rule 2020-04-22 16:14:04 -04:00
Adam Millerchip 401393d756 Extract pattern type in request matcher DSL 2020-04-22 16:14:04 -04:00
Antonin Arquey 5cd1ec7bb3 Add AuthoritiesMapper setter for reactive OAuth2Login 
Allow the configuration of a custom GrantedAuthorityMapper for reactive OAuth2Login

- Add setter in OidcAuthorizationCodeReactiveAuthenticationManager
  and OAuth2LoginReactiveAuthenticationManager

- Use an available GrantedAuthorityMapper bean to configure the default ReactiveAuthenticationManager

Fixes gh-8324
 2020-04-17 16:55:05 -04:00
Roberto Paolillo 2cccf223df Add Flag to enable searching of LDAP groups on subtrees 
Closes gh-8939
 2020-04-17 12:55:11 -05:00
Loïc Labagnara 146d9ba0bf Add marker to make Kotlin DSL type safe. 
Fixes gh-8366
 2020-04-14 16:23:28 -04:00
Evgeniy Cheban a70d55552b
Resource Server Finds JwtAuthenticationConverter Beans 
Fixes gh-8185
 2020-04-13 22:47:20 -06:00
Rob Winch 9a42a028e7 Logout defaults to use Global SecurityContextServerLogoutHandler 
Closes gh-8375
 2020-04-13 16:36:12 -05:00
Josh Cummings 711954e016
Deprecate Saml2AuthenticationRequestFilter Constructor 
Removing the default usage of OpenSamlAuthenticationRequestFactory.
Otherwise, the Open SAML dependency is required, even when
Saml2AuthenticationRequestFactory is implemented without it.

Fixes gh-8359
 2020-04-08 16:27:46 -06:00
Eleftheria Stein 39e09e4ca5 Idiomatic Kotlin DSL for server HTTP security 
Issue: gh-5558
 2020-04-07 11:04:59 -04:00
Eleftheria Stein 6017510fdd Compile Kotlin tasks using JVM 1.8 2020-04-07 11:04:59 -04:00
hotire 6d45ec5d6b Fix typo in Javadoc of ServerHttpSecurity#hasAuthority 2020-04-06 14:19:42 -05:00
Markus Engelbrecht dc6b8ce470
Add addFilterAfter and addFilterBefore to Kotlin DSL 
Fixes gh-8316
 2020-04-03 12:04:03 -04:00
Eleftheria Stein 1de0cf5057 Fix HttpSecurity Javadoc 
Fixes gh-4404
 2020-04-02 11:32:38 -04:00
Rob Winch 91728ef53b Fix HttpServlet3RequestFactory Logout Handlers 
Previously there was a problem with Servlet API logout integration
when Servlet API was configured before log out.

This ensures that logout handlers is a reference to the logout handlers
vs copying the logout handlers. This ensures that the ordering does not
matter.

Closes gh-4760
 2020-03-30 17:50:28 -05:00
Rob Winch b055f8bb25 SpringTestContext returns ConfigurableWebApplicationContext 
Closes gh-8233
 2020-03-30 17:46:25 -05:00
Joe Grandja e27e548215 oauth2Login WebFlux does not auto-redirect for XHR request 
Fixes gh-8118
 2020-03-26 04:36:23 -04:00
Eleftheria Stein 97085ef310 Fix rsocket test 
Request route that exists; add additional error message verification

Fixes gh-8154
 2020-03-19 17:27:14 -04:00
Josh Cummings 2d8c65db56
Support port=0 for LDAP Servers 
Fixes gh-8138
 2020-03-18 09:45:10 -06:00
Josh Cummings 4d99ee2896
Allow port=0 in XSD 
Issue gh-8138
 2020-03-18 09:45:10 -06:00
Josh Cummings f438bdfbcf
Add spring-security-5.4.xsd 
Issue gh-8138
 2020-03-18 09:45:10 -06:00
Erik van Paassen ad9bb7f230 Fix typo in Javadoc of HttpSecurity#csrf() 
`HttpSecurity#csrf()` obviously returns a `CsrfConfigurer`, while the Javadoc states that it returns the `ServletApiConfigurer`.
 2020-03-17 12:42:11 -06:00
Eleftheria Stein 40b15f5a46 Rename to SessionFixationDslTests 2020-03-17 12:05:25 -04:00
Josh Cummings bfd36d9a54
Remove Redundant ConcurrentSessionFilter Refs 
Fixes gh-8105
 2020-03-13 16:27:30 -06:00
Markus Engelbrecht d81321bc29
Fix typo 'properites' in documentation 
Fixes gh-8095
 2020-03-11 10:54:14 -06:00
Josh Cummings 6eadf7b140
Unlock dependencies for 5.3.0.RELEASE 
This reverts commit 147d7dadd7.
 2020-03-04 12:02:48 -07:00
Josh Cummings 147d7dadd7
Lock dependencies for 5.3.0.RELEASE 2020-03-04 10:28:39 -07:00
Josh Cummings c729fee7bc
Malformed Bearer Token Returns 401 for WebFlux 
Fixes gh-7668
 2020-03-03 15:42:02 -07:00
Joe Grandja c111099640 Polish client-registration xsd attributes 
Issue gh-4557
 2020-03-02 15:02:46 -05:00
Josh Cummings e97396b9c7 Add Resource Server XML Support 
Fixes gh-5185
 2020-03-02 11:51:40 -07:00
Josh Cummings f1a2d69968 Add AuthenticationProvider List Configurability 
Issue gh-5185
 2020-03-02 11:51:40 -07:00
Josh Cummings 34b40deb38 Add By-RequestMatcher Exception Handling 
Issue gh-5185
 2020-03-02 11:51:40 -07:00
Josh Cummings 98a2ca3bbc Add Csrf Ignore Configurability 
Issue gh-5185
 2020-03-02 11:51:40 -07:00
Josh Cummings 19584884b3
Register Authentication Provider in Init Phase 
Fixes gh-8031
 2020-02-28 15:32:27 -07:00
Filip Hanik 3257349045 Support POST binding for AuthNRequest 
Has been tested with

- Keycloak
- SSOCircle
- Okta
- SimpleSAMLPhp

This PR extends (builds on previous commits and adds user configuration
options)
https://github.com/spring-projects/spring-security/pull/7758
 2020-02-28 09:15:26 -08:00
Rob Winch 727fee1e12 Polish HeaderWriterSpec 
Assert.notNull(Object,Supplier) is for when then message passed in
requires concatenation and avoids doing extra work. Since this does
not require concatenation, we can use Assert.notNull(Object,String)

Issue gh-7636
 2020-02-27 07:57:51 -06:00
Ankur Pathak 480c5bc87e Custom ServerHttpHeadersWriter to HeaderSpec 
Add the ability to have a custom ServerHttpHeadersWriter to HeaderSpec
Fixes gh-7636
 2020-02-27 07:55:30 -06:00
Eleftheria Stein 2fb3d3d5a2 Add hasRole to authorizeRequests in Kotlin DSL 
Fixes: gh-8023
 2020-02-25 08:29:26 -05:00
Joe Grandja 4cd89b584f Polish gh-5184 2020-02-20 21:25:17 -05:00
Joe Grandja 8a4ff4452b Add XML namespace support for oauth2-client 
Fixes gh-5184
 2020-02-20 20:05:48 -05:00
Eleftheria Stein 171e0d048f Fix typo in WebSecurityConfigurer Javadoc 
Fixes: gh-7876
 2020-02-14 11:00:45 +01:00
Joe Grandja ff8002eb2e Polish gh-4557 2020-02-12 15:47:57 -05:00
Ruby Hartono 71a5c9521c Add XML namespace support for oauth2-login 
Fixes gh-4557
 2020-02-12 15:26:17 -05:00
Joe Grandja 40c0a452d7 Define oauth2-login xsd elements 
Issue gh-4557
 2020-02-12 15:26:17 -05:00
Eleftheria Stein fde3ccb8b3 Add marker to make Kotlin DSL type safe 
Fixes: gh-7971
 2020-02-12 11:35:45 +01:00
Eleftheria Stein 1d6fdd249b Add missing Javadoc to Kotlin class 2020-02-11 18:09:30 +01:00
Eleftheria Stein f37a4557e6 Fix typo in Kotlin Javadoc 2020-02-11 18:09:30 +01:00
Josh Cummings 5bdf57d1e5
Remove Groovy and Spock Dependencies 
Fixes gh-4939
 2020-02-10 10:38:40 -07:00
Eleftheria Stein a5210aaf9b Support custom filter in Kotlin DSL 
Fixes: gh-7951
 2020-02-10 12:03:32 +01:00
Stephane Maldini 851be025e9 Don't force downcasting of RequestAttributes to ServletRequestAttributes 
Fixes gh-7952
 2020-02-07 20:44:19 -05:00
Eleftheria Stein 8c0b754a49 Fix credentials precedence over introspector in Kotlin 
Fixes: gh-7878
 2020-02-06 11:01:42 +01:00
Eleftheria Stein 1fed688f05 Fix JWK Set URI precedence over decoder in Kotlin 
Fixes: gh-7877
 2020-02-06 10:48:42 +01:00
Eleftheria Stein 84b8a5abd7 Unlock dependencies for next development version 
This reverts commit 064616f1ef.
 2020-02-05 15:53:04 +01:00
Eleftheria Stein 064616f1ef Lock dependencies for 5.3.0.RC1 2020-02-05 10:20:05 +01:00
Rob Winch 1d7208f8ef Add RSocket Authentication Extension Support 
Fixes gh-7935
 2020-02-04 23:36:47 -06:00
Josh Cummings 209c81d65d
Add BadOpaqueTokenException 
Updated NimbusOpaqueTokenIntrospector and
NimbusReactiveOpaqueTokenIntrospector to throw.
Updated OpaqueTokenAuthenticationProvider and
OpaqueTokenReactiveAuthenticationManager to catch.

Fixes gh-7902
 2020-02-04 17:33:08 -07:00
Josh Cummings 0c3754c811
Add BadJwtException 
Updated NimbusJwtDecoder and NimbusReactiveJwtDecoder to throw.
Updated JwtAuthenticationProvider and JwtReactiveAuthenticationManager
to catch.

Fixes gh-7885
 2020-02-04 17:33:08 -07:00
Josh Cummings 3e07b35611
Polish Bearer Token Error Handling 
Issue gh-7822
Issue gh-7823
 2020-02-03 17:54:39 -07:00
James ee6df1701b
Polish SessionManagementConfigurer 2020-01-31 11:24:36 -07:00
Josh Cummings cb9fd09150
Change AuthenticationWebFilter's constructor 
Fixes gh-7872
 2020-01-31 09:31:28 -07:00
Eleftheria Stein a512789a93 Fix requiresAuthenticationMatcher not being used 
The custom server requiresAuthenticationMatcher was not always picked up

Fixes: gh-7863
 2020-01-27 16:12:27 +01:00
Eleftheria Stein 29377545d9 Fix authenticationFailureHandler not being used 
The custom server authenticationFailureHandler was not always picked up

Fixes: gh-7782
 2020-01-27 13:10:03 +01:00
Johannes Edmeier bdc60a9128 Don't cache requests with `Accept: text/event-stream` by default. 
The eventstream requests is typically not directly invoked by the browser.
And even more unfortunately the Browser-Api doesn't allow the set additional headers as `XMLHttpRequest`..
 2020-01-17 10:42:16 -08:00
Josh Cummings f1f158b37e AuthenticationEventPublisher DSL Lookup 
Fixes gh-4400
 2020-01-14 12:07:46 -07:00
Josh Cummings 5579846263 AuthenticationEventPublisher Bean Lookup 
Issue gh-7793
Fixes gh-7515
 2020-01-14 12:07:46 -07:00
James Howe fc9b97c94a Typo in doc 2020-01-14 08:32:26 -07:00
Vincent Ricard f0856c83a9 Migrate LDAP integration tests groovy->java 
This commit also removes BaseSpringSpec

Issue: gh-4939
 2020-01-13 14:18:25 +01:00
Josh Cummings a35ce77451
Add missing PowerMockIgnore annotation 
WebSecurityConfigurerAdapterPowermockTests needs to exclude
javax.xml.transform.* from Powermock configuration.
 2020-01-09 15:48:08 -07:00
Josh Cummings ba21c156dd
Polish WebSecurityConfigurerAdapter tests 
Moved Powermock-dependent test over to
WebSecurityConfigurerAdapterPowermockTests.
 2020-01-09 13:51:19 -07:00
Eleftheria Stein fcc6457bef Unlock dependencies for next development version 
This reverts commit 93acf8f0f1.
 2020-01-08 22:15:17 +01:00
Eleftheria Stein 93acf8f0f1 Lock dependencies for 5.3.0.M1 2020-01-08 19:41:10 +01:00
Josh Cummings de87675f6d Add JwtIssuerAuthenticationManagerResolver 
Fixes gh-7724
 2020-01-07 23:30:42 -07:00
Eleftheria Stein-Kousathana 2df1099da5
Idiomatic Kotlin DSL for configuring HTTP security 
Issue: gh-5558
 2020-01-07 12:08:43 -05:00
Rob Winch 65981444f1 Use Version Ranges 
Fixes gh-7788
 2020-01-06 14:46:48 -06:00
Rob Winch 06d7443946 Use Gradle platform and constraints 
This was largely generated from the following script

wget bd9f8eb541/src/main/groovy/io/spring/gradle/convention/DependencySetPlugin.groovy ./dsp.gradle
cat gradle/dependency-management.gradle | grep 'management "' | cut -d ':' -f 2 | xargs -I{} sh -c "rg {} -l -g '*.gradle' -g '\!dependency-management.gradle' > /dev/null || echo {}" | xargs -I{} sed -iE '/.*{}.*/d' gradle/dependency-management.gradle
rm ./dps.gradle

Fixes gh-7787
 2020-01-06 14:46:36 -06:00
Eleftheria Stein 924b9e95a1 Polish MethodSecurityEvaluationContext 
Issue: gh-6224
 2020-01-03 20:08:52 -05:00
Eleftheria Stein 8b8267e1fe Fix typo in LDAP Javadoc 2020-01-02 10:58:44 -05:00
BELHAKEL Ammar b4619f31ee
Fix return type 
AbstractConfiguredSecurityBuilder.objectPostProcessor() should cast to
B, the type of SecurityBuilder, instead of O, the type of object being
built.

Without this change, calls like
http.objectPostProcessor(...).getFilters() will fail with a
ClassCastException.
 2019-12-30 12:01:56 -07:00
Eleftheria Stein 2c7f2c2117 Fix Javadoc error in oauth2ResourceServer 
Fixes: gh-7670
 2019-12-27 14:24:46 +01:00
Filip Hanik af415948b1 Allow configuration of AuthenticationManagerResolver in saml2Login() 
Fixes gh-7654

https://github.com/spring-projects/spring-security/issues/7654
 2019-12-17 13:34:27 -08:00
Filip Hanik 9aa333ca4d Use the custom ServerRequestCache that the user configures 
on for the default authentication entry point and authentication
success handler

Fixes gh-7721

https://github.com/spring-projects/spring-security/issues/7721

Set RequestCache on the Oauth2LoginSpec default authentication success handler

import static ReflectionTestUtils.getField

Feedback incorporated per

https://github.com/spring-projects/spring-security/pull/7734#pullrequestreview-332150359
 2019-12-17 13:33:56 -08:00
Josh Cummings 02f161aba7
Use OidcIdToken.Builder 
Issue gh-7592
 2019-12-12 07:37:15 -07:00
Joe Grandja c40a17b4d1 WebFlux oauth2Login() redirects on failed authentication 
Fixes gh-5562 gh-6484
 2019-12-05 16:50:43 -05:00
Alexey Nesterov d8d59e97ac Correctly configure authorization requests repository for OAuth2 login 
To use custom ServerAuthorizationRequestRepository both OAuth2AuthorizationRequestRedirectWebFilter and
OAuth2LoginAuthenticationWebFilter should use the same repo provided in the configuration. Currently the former filter is
correctly configured, but the latter always uses default, WebSession based repository. So authorization code created
before redirect to authorization endpoint will never be found to complete OAuth2 login when custom
ServerAuthorizationRequestRepository is used.

This change also makes OAuth2Client and OAuth2Login authentication converters consistent.

Fixes gh-7675
 2019-11-29 12:05:15 -05:00
Eleftheria Stein b7cb93f671 Fix WebFlux logout disabling 
Fixes: gh-7682
 2019-11-28 14:40:25 +01:00
Ruslan Stelmachenko c38e57fa42 Fix class and variable names 2019-11-28 09:23:38 +01:00
Ruslan Stelmachenko 8ebc7ca0ea Fix InitializeAuthenticationProviderBeanManagerConfigurer Javadoc 2019-11-28 09:23:38 +01:00
Eleftheria Stein 8a95e5798d Update @MessageMapping to match input/output cardinality 2019-11-22 15:07:38 -06:00
Pim Moerenhout cd0bec48de Fix typo in log message. 2019-11-21 15:55:27 -07:00
Paul Pazderski 0d35194b47 Add sessionFixation Javadoc 2019-11-15 12:17:05 +01:00
Adrian Pena ca8877c8c5 Updates javadoc for InitializeUserDetailsBeanManagerConfigurer 2019-11-13 10:34:10 +01:00
Eleftheria Stein 1188a3bb5f Polish RememberMeConfigurer 
Issue: gh-4140
 2019-11-07 15:26:59 +01:00
邓超 b13f750646 Retrieve remember-me key from service as fallback 
Fixes: gh-4140
 2019-11-07 13:55:39 +01:00
Yanming Zhou 9f6a36444a Add missing schemas 2019-11-06 08:24:20 -06:00
Josh Cummings 925bf48ec0
Polish OAuth2ResourceServerConfigurerTests 
To confirm that resource server only produces SCOPE_<scope>
authorities by default.

Issue gh-7596
 2019-11-04 11:39:54 -07:00
Filip Hanik 0cafcf37e2 Make the loginProcessingUrl configurable for saml2Login() 
Fixes gh-7565

https://github.com/spring-projects/spring-security/issues/7565
 2019-10-31 08:20:12 -07:00
Josh Cummings 5f17032ffd Restore Removed Throws Clauses 
In a recent clean-up, certain exceptions were removed from various
throws clauses.

This PR re-introduces throws clauses that are important for one of the
following reasons:

1. It's a method on a public interface
2. It's a method clearly designed for inheritance, for example, a
method stub, an abstract method, or indicated as such in the docs.

Fixes gh-7541
 2019-10-30 12:13:54 -06:00
Rob Winch 635f7e1edd CsrfWebFilter supports multipart/form-data 
Fixes gh-7576
 2019-10-28 14:06:10 -05:00
Vitalii Mahas 0ac5f5456f Fix typo 'is' -> 'if' in javadoc 2019-10-25 13:27:11 -06:00
Eleftheria Stein de7cbc82b5 Clarify in Javadoc that expressionHandler should not be null 
Fixes: gh-2665
 2019-10-23 15:10:39 -04:00
Rob Winch 3051a79188 Merge Add hasAnyAuthority method in AuthorizePayloadsSpec.Access 2019-09-30 14:33:41 -05:00
Rob Winch a911f3d52f Merge Add hasAnyRole method in AuthorizePayloadsSpec.Access 2019-09-30 14:14:59 -05:00
Rob Winch 3854afad61 Merge Add denyAll method in AuthorizePayloadsSpec.Access 2019-09-30 14:05:42 -05:00
Josh Cummings 758af54796
ObjectPostProcessor Tests groovy->java 
Issue gh-4939
 2019-09-27 16:36:33 -06:00
Josh Cummings a08be5bf6f
UrlAuthorizationsTests groovy->java 
Issue gh-4939
 2019-09-27 16:23:33 -06:00
Josh Cummings 870d83eb3e
PermitAllSupportTests groovy->java 
Issue gh-4939
 2019-09-27 16:23:33 -06:00
Luis Felipe Vega Calle 350bce761f Add hasAuthority method to RSocketSecurity 
Fixes gh-7435
 2019-09-27 16:48:25 -05:00
Josh Cummings 5f905232cb
Polish CurrentSecurityContextArgumentResolvers 
Fixes gh-7487
 2019-09-27 13:19:08 -06:00
Joe Grandja 5ef6e7ed6f Add author for SecurityReactorContextConfiguration 
Issue gh-7422
 2019-09-27 15:17:20 -04:00
Joe Grandja 0fea57d6a1 Optimize SecurityReactorContextConfiguration 
Issue gh-7422
 2019-09-27 14:46:39 -04:00
Josh Cummings 33ba292fed
Resource Server w/ SecurityReactorContextSubscriber 
Fixes gh-7423
 2019-09-27 11:01:04 -06:00
Joe Grandja 5a67971375 WebFluxSecurityConfiguration configures oauth2Client() by default 
Fixes gh-7470
 2019-09-27 10:04:19 -04:00
Joe Grandja 08d2c93713 Polish gh-7466 2019-09-26 22:11:53 -04:00
Roman Chigvintsev 9bae0a4dbd Allow to customize OAuth2AuthorizationRequestRedirectWebFilter in OAuth2LoginSpec 
Fixes gh-7466
 2019-09-26 17:19:32 -04:00
Joe Grandja 2a5bd6e719 Align Servlet ExchangeFilterFunction CoreSubscriber 
Fixes gh-7422
 2019-09-26 16:17:17 -04:00
Joe Grandja d3b7a47ef8 Polish gh-4442 2019-09-25 21:37:31 -04:00
Mark Heckler da9f027fa4 Add nonce to OIDC Authentication Request 
Fixes gh-4442
 2019-09-25 14:57:54 -04:00
Jesús Ascama ceab56f764 Fix AuthorizationPayloadInterceptor order using PayloadInterceptorOrder.AUTHORIZATION 
Fixes gh-7434
 2019-09-24 15:39:25 -05:00
Joe Grandja 9f18c2e21a OAuth2AuthorizationCodeGrantWebFilter matches on registered redirect-uri 
Fixes gh-7036
 2019-09-24 11:07:36 -04:00
Eleftheria Stein 98e75eb51a Fix Javadoc for anonymous 2019-09-23 11:06:28 -04:00
Rob Winch 00f8991fac Merge Remove Redudant Throws 
Fixes gh-7301
 2019-09-19 11:04:53 -05:00
Ebert Toribio 3a66191756 Add hasAnyAuthority method in AuthorizePayloadsSpec.Access 
See Fixes gh-7437

Co-authored-by: Eddú Meléndez <eddu.melendez@gmail.com>
 2019-09-18 21:17:09 -05:00
Onur Kagan Ozcan 034b5e9e93 Introduce LogoutSuccessEvent 
LogoutSuccessEvent is a simple AbstractAuthenticationEvent implementation which indicates successful logout.

By default, LogoutConfigurer will add a new LogoutHandler called LogoutSuccessEventPublishingLogoutHandler to publish this event.

This PR will also fix ConcurrentSessionFilter's composite logoutHandler, now will get LogoutHandler instances from LogoutConfigurer for consistency.

Fixes gh-2900
 2019-09-18 10:57:16 -05:00
Manuel Tejeda 9926ad68b8 add hasAnyRole method in AuthorizePayloadsSpec.Access 2019-09-18 07:59:20 -05:00
Jesús Ascama daf6b53e3a Add denyAll method in AuthorizePayloadsSpec.Access 
See gh-7437

Co-authored-by: Eddú Meléndez <eddu.melendez@gmail.com>
 2019-09-17 20:17:10 -05:00
Josh Cummings 05caf3d8fb
Use Jwt.Builder 
Fixes gh-7443
 2019-09-16 14:00:25 -06:00
Josh Cummings 1176d0cfdb
Polish DefaultFilters,Issue55Tests 
Formatted HttpSecurity and WebSecurity configuration stacks
Removed unnecessary code

Issue gh-4939
 2019-09-16 13:56:17 -06:00
kostya05983 950e6422a1
Migrate DefaultFilters,Issue55Tests groovy->java 
Issue gh-4939
 2019-09-16 13:37:22 -06:00
Josh Cummings 101e0a21a8 Bearer WebClient Filter Authentication Propagation 
Fixes: gh-7418
 2019-09-11 16:27:21 +01:00
Rob Winch 96d44cd4b7 Add Default RSocketSecurity 
Fixes gh-7361
 2019-09-09 16:10:55 -05:00
Rob Winch 5d0815bc76 Allow RSocketMessageHandlerITests to timeout 
Fixes gh-7415
 2019-09-09 16:10:50 -05:00
Rob Winch 6296e6e896 RSocketSecurity delegates to correct matcher 
Fixes gh-7414
 2019-09-09 16:09:23 -05:00
Rob Winch 1b699a49fb Polish RSocket packaging 
Fixes gh-7413
 2019-09-09 16:07:14 -05:00
Eleftheria Stein aa533c2565 Add missing javadoc to session fixation 2019-09-06 16:33:51 -04:00
Rob Winch 316380e622 Allow Custom PayloadInterceptor to be Added 
Fixes gh-7362
 2019-09-06 14:52:47 -05:00
Joe Grandja a60446836b OAuth2AuthorizeRequest supports attributes 
Fixes gh-7341
 2019-09-05 21:04:25 -04:00
Filip Hanik 08d50868c9
Merge pull request #7260 from fhanik/feature/saml2-sp-mvp 
Add SAML Service Provider Support
 2019-09-05 17:04:14 -07:00
Filip Hanik e9a44bc0ce HttpSecurity.saml2login() - MVP Core Code 
Implements minimal SAML 2.0 login/authentication functionality with the
following feature set:

  - Supports IDP initiated login at the default url of /login/saml2/sso/{registrationId}
  - Supports SP initiated login at the default url of /saml2/authenticate/{registrationId}
  - Supports basic java-configuration via DSL
  - Provides an integration sample using Spring Boot

Not implemented with this MVP

  - Single Logout
  - Dynamic Service Provider Metadata

Fixes gh-6019
 2019-09-05 14:40:08 -07:00
Rob Winch 9639962e27 Fix RSocket Package Tangle 
Issue gh-7360
 2019-09-05 16:27:57 -05:00
Rob Winch 7ad641d106 RSocket Tests use Available Port 
Issue gh-7360
 2019-09-05 09:16:07 -05:00
Josh Cummings 26a65249f9
Remove invalid characters 2019-09-05 04:32:34 -06:00
Rob Winch 5a4eded696 Add RSocket Support 
Fixes gh-7360
 2019-09-04 19:24:01 -05:00
Joe Grandja dcd997ea43 Add support for Resource Owner Password Credentials grant 
Fixes gh-6003
 2019-09-04 14:07:45 -04:00
Josh Cummings de672e3ae9
Polish oauth2ResourceServer() Error Messaging 
Fixes: gh-6876
 2019-09-04 11:49:22 -06:00
Josh Cummings 1fc5b27fa2
Update LogoutConfigurerClearSiteData Tests 
Issue gh-7347
 2019-09-04 03:30:37 -06:00
Josh Cummings 068f4f0147 Polish Opaque Token 
Use OAuth2AuthenticatedPrincipal
Use BearerTokenAuthentication
Update names to reflect more generic approach.

Fixes gh-7344
Fixes gh-7345
 2019-09-03 15:58:05 -06:00
Eddú Meléndez 8773c7994f Allow to set default securityContextRepository for each authentication mechanisms 
Fixes gh-7249
 2019-09-03 07:46:59 -06:00
kostya05983 f6c650db47
Replace Streams with Loops 
First version of replacing streams

fix wwwAuthenticate and codestyle

fix errors in implementation to pass tests

Fix review notes

Remove uneccessary final to align with cb

Short circuit way to authorize

Simplify error message, make code readably

Return error while duplicate key found

Delete check for duplicate, checkstyle issues

Return duplicate error

Fixes gh-7154
 2019-09-02 15:30:48 -06:00
Josh Cummings d6d0d89ff8
NamespaceRememberMeTests groovy->java 
Issue gh-4939
 2019-09-02 13:08:21 -06:00
Josh Cummings bf5b693549
NamespaceHttpOpenIDLoginTests groovy->java 
Issue gh-4939
 2019-08-30 15:54:43 -06:00
Lars Grefer 95511331fa fix checkstyle 2019-08-26 22:42:26 +02:00
watsta 2c2e8e5f24 Remove internal Optional usage in favor of null checks 
Issue gh-7155
 2019-08-26 09:27:40 -04:00
Lars Grefer 34dd5fea30 Remove redundant throws clauses 
Removes exceptions that are declared in a method's signature but never thrown by the method itself or its implementations/derivatives.
 2019-08-23 01:03:54 +02:00
Joe Grandja 46756d2e6b Introduce Reactive OAuth2AuthorizedClient Manager/Provider 
Fixes gh-7116
 2019-08-21 14:12:38 -04:00
John Lin 9876b66f99
Polish GlobalMethodSecurityConfiguration 
Initialize ExpressionBasedPreInvocationAdvice for
PreInvocationAuthorizationAdviceVoter only when needed.
 2019-08-17 16:35:30 -06:00
Rob Winch 71444ff5dc RequestCache ignores multipart requests 
Fixes gh-7060
 2019-08-15 09:21:41 -05:00
Rob Winch 08ea2348d6 Polish RequestCache ignores multipart requests 2019-08-15 09:20:45 -05:00
Ahmed Sayed 1ab05dae02 added test 2019-08-14 21:35:34 +02:00
Rob Winch abc90280e0
Add unbounid support in xml 
Add unbounid support in xml

Fixes gh-6011
 2019-08-14 10:05:49 -05:00
Lars Grefer cb4f3d2f44 Use UTF-8 for Java sources and XML 2019-08-14 08:47:00 -05:00
Eddú Meléndez 2e63def05b Add tests 2019-08-14 00:56:26 -05:00
Eddú Meléndez 93142f3e30 Remove unboundid dependency 2019-08-13 20:39:25 -05:00
Eddú Meléndez c03fb701ce Improve logic to pick embedded server 2019-08-13 20:36:46 -05:00
Eddú Meléndez 3511c0ea4f Update xsd 2019-08-13 20:17:51 -05:00
Josh Cummings 4ed197e515 Rename OAuth2TokenIntrospectionClient 
Renamed to OpaqueTokenIntrospector

Fixes gh-7245
 2019-08-12 18:05:28 -04:00
Rob Winch c1db1aad91
Cleanup Code Style Issues 
Cleanup Code Style Issues
 2019-08-12 13:06:49 -05:00
Eddú Meléndez 9b2af944fa Add unbounid support in xml 
Currently, spring-security provides apacheds integration by default. This
commit introduces a new `mode` in the `ldap-server` tag which allows to choose
beetween `apacheds` and `unboundid`. In order to keep backward compatibility
if `mode` is not set and apacheds jars are in the classpath apacheds is used
as a embedded ldap.

Fixes gh-6011
Currently, unboundid was added as a support for embbeded LDAP and it
is used on the Java Config. This commit introduces support from XML side.
Also, give the chance to users to move from apacheds to unboundid using
a new attribute `mode`.

Fixes gh-6011
 2019-08-10 19:07:45 -05:00
Francesco Chicchiriccò 0410bac559 Add support for oauth2Login().securityContextRepository(...) 
Fixes gh-7222
 2019-08-10 15:56:20 -04:00
Lars Grefer ff1070df36 remove redundant modifiers found by checkstyle 2019-08-10 00:18:56 +02:00
Lars Grefer bbefc491b2 unused imports 2019-08-09 16:59:07 -05:00
Lars Grefer 38de737663 Java 8: Statement lambda can be replaced with expression lambda 2019-08-09 16:59:07 -05:00
Lars Grefer 3a5d8ba696 Java 8: Collections.sort() can be replaced with List.sort() 2019-08-09 16:59:07 -05:00
Lars Grefer 91c846756e Java 5: Unnecessary Boxing 2019-08-09 16:59:07 -05:00
Lars Grefer 578d628774 'Collection.toArray()' call style 2019-08-09 16:57:31 -05:00
Lars Grefer 40bee457f9 Unnecessary enum modifier 2019-08-09 00:42:07 +02:00
Lars Grefer eddcd1622f Type parameter extends Object 
Reports any type parameters and wildcard type arguments explicitly declared to extend java.lang.Object.
 2019-08-09 00:40:13 +02:00
Lars Grefer fb39d9c255 Anonymous type can be replaced with lambda 2019-08-08 17:09:09 -04:00