Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-02-24 16:05:15 +00:00
Code Issues Packages Projects Releases Wiki Activity
7,834 Commits 34 Branches 337 Tags
Commit Graph

7834 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Joe Grandja
9e549df1e6 Update to bcpkix-jdk15on 1.61 
Fixes gh-6787
 2019-04-15 12:39:24 -04:00
Joe Grandja
2cd52fb648 Update to org.aspectj:* to 1.9.3 
Fixes gh-6785
 2019-04-15 12:02:24 -04:00
Joe Grandja
164c18b753 Update to commons-codec 1.12 
Fixes gh-6784
 2019-04-15 11:59:01 -04:00
Joe Grandja
1112c79848 Update to com.squareup.okhttp3 3.14.1 
Fixes gh-6783
 2019-04-15 11:57:20 -04:00
Joe Grandja
84550d1a51 Update to oauth2-oidc-sdk 6.8 
Fixes gh-6782
 2019-04-15 11:53:57 -04:00
Joe Grandja
ebaab0f987 Update to nimbus-jose-jwt 7.0.1 
Fixes gh-6781
 2019-04-15 11:51:32 -04:00
Kyle Anderson
4a6e91531a Fix Broken Documentation Link 
Fixes: gh-6553
 2019-04-13 20:58:03 -06:00
Josh Cummings
20a7bc4785
Improved DigestAuthenticationFilter Test Coverage 
Issue: gh-5462
 2019-04-13 20:27:08 -06:00
Thomas Vitale
d88c2c19f0
Throw exception that was created but not thrown 
Fixes gh-5462
 2019-04-13 20:27:07 -06:00
Josh Cummings
b252371de7 Resource Server Static Sample Uses @Value For Key 
Issue: gh-6494
 2019-04-13 19:39:11 -06:00
Josh Cummings
1c25fe26c9 Introduce Support for Reading RSA Keys 
Fixes: gh-6494
 2019-04-13 19:39:11 -06:00
Dan Zheng
22c8f63390 review phase2 2019-04-13 19:22:44 -06:00
Dan Zheng
570eb01733 review phase1 2019-04-13 19:22:44 -06:00
Dan Zheng
678e0b19e0 Introduce @CurrentSecurityContext for method arguments 2019-04-13 19:22:44 -06:00
Denis Babochenko
4a286be2b9 Update samples documentation 2019-04-13 19:21:10 -06:00
Denis Babochenko
21f7148e7a Update filters documentation 
Fixes: gh-5553
 2019-04-13 19:21:10 -06:00
Joe Grandja
bed3371b80 Support symmetric key for JwtDecoder 
Fixes gh-5465
 2019-04-12 13:21:50 -04:00
Josh Cummings
fc6b66fdb3
Add JDK 12 to Jenkins Build 
Fixes: gh-6774
 2019-04-12 10:29:59 -06:00
Joe Grandja
a6cbc909b6 SecurityEvaluationContextExtension implements latest EvaluationContextExtension 
Fixes gh-6766
 2019-04-11 10:04:57 -04:00
Joe Grandja
f977a2594d Update to Spring Boot 2.2.0.M1 
Fixes gh-6770
 2019-04-11 10:00:57 -04:00
Joe Grandja
308bbf680e Update to Spring Data Moore-M3 
Fixes gh-6769
 2019-04-11 09:56:49 -04:00
Joe Grandja
4108d00827 Update to Spring 5.2.0.M1 
Fixes gh-6768
 2019-04-11 09:53:58 -04:00
Vishal Raj
45891941b0 OidcIdTokenValidator ensures clockSkew is positive number 
Fixes gh-6443
 2019-04-10 15:17:59 -04:00
MD Sayem Ahmed
462b2ecdbb Update Gradle version to 5.3.1 
Fixes gh-6745
 2019-04-08 14:02:54 -06:00
Luke Butters
19de13bdc7 Issue 6731 improve performance of checking headers 
Improves the performance of checking headers for new lines.

Fixes: gh-6731
 2019-04-08 10:10:53 -06:00
Joe Grandja
21a0e45622 Update ISSUE_REPLY_TEMPLATES 2019-04-05 09:17:42 -04:00
Rob Winch
6c9a29acfa Update to Spring Data Lovelace-SR6 
Fixes: gh-6665
 2019-04-05 09:15:39 -04:00
Joe Grandja
965696302b Update to Spring 5.1.6.RELEASE 
Fixes gh-6664
 2019-04-05 09:15:39 -04:00
Joe Grandja
a863f01a9d Update to Reactor Californium-SR6 
Fixes gh-6686
 2019-04-04 17:44:40 -04:00
Joe Grandja
c6e6d2b26a Update to Spring Boot 2.1.3.RELEASE 
Fixes gh-6679
 2019-04-04 17:42:57 -04:00
Joe Grandja
2055d931fa Update to slf4j-nop 1.7.26 
Fixes gh-6678
 2019-04-04 17:41:26 -04:00
Joe Grandja
91bdedf328 Update to slf4j-api 1.7.26 
Fixes gh-6677
 2019-04-04 17:41:15 -04:00
Joe Grandja
a688bbf123 Update to log4j-over-slf4j 1.7.26 
Fixes gh-6676
 2019-04-04 17:41:04 -04:00
Joe Grandja
2051abdea1 Update to jul-to-slf4j 1.7.26 
Fixes gh-6675
 2019-04-04 17:40:51 -04:00
Joe Grandja
c3de1e0013 Update to jcl-over-slf4j 1.7.26 
Fixes gh-6674
 2019-04-04 17:40:31 -04:00
Joe Grandja
8877a4e422 Update to hibernate-validator 6.0.16.Final 
Fixes gh-6670
 2019-04-04 17:38:49 -04:00
Joe Grandja
d94ce268b7 Update to unboundid-ldapsdk 4.0.10 
Fixes gh-6668
 2019-04-04 17:36:03 -04:00
Joe Grandja
f89a8e97dc Update to okhttp 3.12.2 
Fixes gh-6667
 2019-04-04 17:35:41 -04:00
Joe Grandja
9d96b9d642 Update to mockwebserver 3.12.2 
Fixes gh-6666
 2019-04-04 17:33:10 -04:00
Josh Cummings
9c1eac79e2
Align Code with Javadoc 
Fixes: gh-6734
 2019-04-02 09:17:26 -06:00
Phil Clay
9520e3a1c0 Make UnAuthenticatedServerOAuth2AuthorizedClientRepository threadsafe 
Previously UnAuthenticatedServerOAuth2AuthorizedClientRepository used a HashMap for storing OAuth2AuthorizedClients.
UnAuthenticatedServerOAuth2AuthorizedClientRepository and its HashMap are potentially accessed by multiple threads without any synchronization.
Since HashMap is not threadsafe itself, this makes UnAuthenticatedServerOAuth2AuthorizedClientRepository not threadsafe.

Now UnAuthenticatedServerOAuth2AuthorizedClientRepository uses a ConcurrentHashMap for storing OAuth2AuthorizedClients.
Since ConcurrentHashMap is threadsafe, UnAuthenticatedServerOAuth2AuthorizedClientRepository will now be threadsafe as well.

Fixes gh-6717
 2019-04-01 17:03:58 -04:00
Phil Clay
9593f9cae2 Defer downstream filter execution if no OAuth2AuthorizedClient is found 
Prior to this change, ServerOAuth2AuthorizedClientExchangeFilterFunction would invoke next.exchange:
- first at assembly time inside the .switchIfEmpty call.
- second at execution time inside .flatMap when a OAuth2AuthorizedClient is found.

While this double-call should not technically cause any functional problems, since the Mono returned by the first call will not be subscribed if a OAuth2AuthorizedClient is found,
it does result in a lot of unnecessary execution and object creation.  There is no technical need to invoke the downstream filters twice.

This change defers the call inside .switchIfEmpty, so that it will only execute at execution time if an OAuth2AuthorizedClient is not found.

After this change, ServerOAuth2AuthorizedClientExchangeFilterFunction will not invoke next.exchange at assembly time, and will only execute next.exchange once per subscription at execution time.

Fixes gh-6719
 2019-04-01 16:15:46 -04:00
Ruslan Stelmachenko
bf88e8790f Fix a typo 2019-04-01 11:06:48 -06:00
Josh Cummings
92e1da3a32
Update to NimbusJwtDecoder Builder 
Issue: gh-5351
 2019-03-29 15:08:46 -06:00
Josh Cummings
7e8aadeb96 Multi-tenancy for Resource Server 
Fixes: gh-5351
 2019-03-29 15:00:48 -06:00
Josh Cummings
e5249bd746 Introduce AuthenticationManagerResolver 
Suitable for multi-tenant applications needing to branch
authentication strategies based on request details.

Fixes: gh-6722
 2019-03-29 15:00:48 -06:00
Joe Grandja
4e9c37b1ae Manual URL Cleanup 2019-03-29 13:24:11 -04:00
Joe Grandja
9b09201679 Update to Spring 5.1.6.BUILD-SNAPSHOT 2019-03-29 12:46:15 -04:00
Dan Zheng
a9a86cd826
Simplify MediaTypeRequestMatcher construction 
Fixes: gh-6612
 2019-03-28 22:02:12 -06:00
Josh Cummings
2daed8c003
Readability Polish 
Heavily nested parentheses and lots of indentation can get hard to
read, so we should simplify this where we can.

Issue: gh-6639
 2019-03-28 15:12:59 -06:00