Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-02-28 18:39:06 +00:00
Code Issues Packages Projects Releases Wiki Activity
17,630 Commits 36 Branches 337 Tags
Commit Graph

1309 Commits

Author SHA1 Message Date
Josh Cummings
eb5252c4f0
Merge branch '6.4.x' 2025-02-24 17:03:13 -07:00
Pat McCusker
2bd3cadde8 Use possessive pronoun rather contraction 
Signed-off-by: Pat McCusker <patmccusker14@gmail.com>
 2025-02-24 17:02:45 -07:00
Pat McCusker
bfce6e438d Add fourth oauth grant type to javadoc 
Signed-off-by: Pat McCusker <patmccusker14@gmail.com>
 2025-02-24 17:02:45 -07:00
Josh Cummings
b6c813c5a2 ClientRegistrations supports hostnames with underscores 
Issue gh-15852
 2025-02-20 16:54:24 -07:00
Josh Cummings
3d15be1b06 JwtDecoders Supports Hostnames with Underscores 
In the process of verifying gh-15852, another issue with URI was discovered.
This commit adds tests to the uri-computing methods and changes them to use
UriComponents instead of URI.

Issue gh-15852
 2025-02-20 16:54:24 -07:00
Bodo Graumann
0cd6a19b87 Avoid UriComponentsBuilder.fromUri 
Closes gh-15852
 2025-02-20 16:54:24 -07:00
Steve Riesenberg
7fc5d50adf Polish gh-16551 2025-02-19 13:53:30 -06:00
Max Batischev
00cd95be76 Add setRedirectStrategy to OidcClientInitiatedServerLogoutSuccessHandler 
Closes gh-16556

Signed-off-by: Max Batischev <mblancer@mail.ru>
 2025-02-19 13:53:30 -06:00
Josh Cummings
6793334575 Polish setJwkSelector 
Make so that it runs only when selection is needed.
Require the provided selector be non-null.
Add Tests.

Issue gh-16170
 2025-02-18 09:14:45 -07:00
douxiaofeng99
e22bc11cc9 Support JWK Selection Strategy 
Closes gh-16170

Signed-off-by: douxiaofeng99 <18600127780@163.com>
 2025-02-18 09:14:45 -07:00
Joe Grandja
2480d41981 Add support for OAuth 2.0 Demonstrating Proof of Possession (DPoP) 
Signed-off-by: Joe Grandja <10884212+jgrandja@users.noreply.github.com>
 2025-02-11 14:10:23 -05:00
Josh Cummings
11113adf62 Polish Nimbus JWK Source Implementation 
Issue gh-16251
 2025-02-05 09:28:07 -07:00
Daeho Kwon
7b7abb28bb Remove Deprecated Usages of RemoteJWKSet 
Closes gh-16251

Signed-off-by: Daeho Kwon <trewq231@naver.com>
 2025-02-05 09:28:07 -07:00
Josh Cummings
f9824fd688 Polish Tests 
Issue gh-16251
 2025-02-05 09:28:07 -07:00
Tran Ngoc Nhan
e5ea75f7f4 Implement Serial 
Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
 2025-01-21 18:14:52 -06:00
Rob Winch
004f38639d
Move ClientSettings to ClientRegistration 
Initially it was proposed to put ClientSettings as a top level class, but
to be consistent with ProviderDetails, this commit moves ClientSettings to
be an inner class of ClientRegistration

Issue gh-16382


# Conflicts:
#	oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/registration/ClientSettings.java
 2025-01-17 17:26:48 -06:00
Rob Winch
4c533569bb
Ensure missing ClientRegistration.clientSettings JSON node works 
Issue gh-16382
 2025-01-17 17:26:48 -06:00
Rob Winch
f9498d3885
PKCE cannot be true and AuthorizationGrantType != AUTHORIZATION_CODE 
PKCE is only valid for AuthorizationGrantType.AUTHORIZATION_CODE so the
code should validate this.

Issue gh-16382
 2025-01-17 17:26:47 -06:00
Rob Winch
ab629cc1ca
Add AuthorizationGrantType.toString() 
This adds AuthorizationGrantType.toString() which makes debuging easier.
In particular, it will help when performing unit tests which validate the
AuthorizationGrantType.

Issue gh-16382
 2025-01-17 17:26:47 -06:00
Rob Winch
b0a4dcb89e
ClientSettings equals, hashCode, toString 
Issue gh-16382
 2025-01-17 17:26:47 -06:00
Rob Winch
2665a92107
Ensure that ClientSettings cannot be null 
This ensures that ClientRegistration.Builder.ClientSettings cannot be null.
This has a slight advantage in terms of null safety to making this check
happen in the build method since the Builder does not have a null field
either.

Issue gh-16382
 2025-01-17 17:26:47 -06:00
Rob Winch
0ed7b18f42
DefaultServerOAuth2AuthorizationRequestResolver requireProofKey support 
When requireProofKey=true, DefaultServerOAuth2AuthorizationRequestResolver
enables PKCE support.

Issue gh-16382
 2025-01-17 17:26:46 -06:00
DingHao
8d3e0844c5
Add ClientRegistration.clientSettings.requireProofKey to Enable PKCE 
Closes gh-16382

Signed-off-by: DingHao <dh.hiekn@gmail.com>
 2025-01-17 17:26:46 -06:00
Tran Ngoc Nhan
aced3bcf16 Encode Introspection clientId and clientSecret 
Closes gh-15988

Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
 2025-01-16 16:32:01 -07:00
Max Batischev
ed3f3d17b2 Add support customizing redirect URI 
Closes gh-14778
 2025-01-16 14:14:11 -07:00
Josh Cummings
6019803064
Merge branch '6.4.x' 2025-01-14 18:38:14 -07:00
Josh Cummings
244fd2eb51
Support Serialization in Exceptions 
Issue gh-16276
 2025-01-14 18:37:53 -07:00
Josh Cummings
0af4cdbf5c
Merge branch '6.4.x' 2025-01-14 17:05:21 -07:00
Josh Cummings
8735368d9e
Don't Support Serialization of Jackson Modules 
Issu gh-16276
 2025-01-14 17:04:36 -07:00
Steve Riesenberg
6bc6946ad9
Make TokenType constructor public 
Closes gh-16086
 2024-12-18 16:51:47 -06:00
Steve Riesenberg
a7b6c63442
Polish gh-16087 2024-12-18 16:48:25 -06:00
ThomasKasene
9404aaf010
Added a constant for DPOP in OAuth2AccessToken.TokenType 
Issue gh-14915
 2024-12-18 16:44:38 -06:00
Josh Cummings
018e1ae1a4
Added Serialization Values 
Issue gh-16276
 2024-12-13 16:41:32 -07:00
Josh Cummings
b9911fd522
Add serialVersionUID to Authentication classes 
Issue gh-16276
 2024-12-13 16:41:32 -07:00
Tran Ngoc Nhan
39cd8d9faf Update copyright headers 2024-12-05 14:52:59 -07:00
Steve Riesenberg
77233daae7
Merge branch '6.3.x' 
Closes gh-16139
 2024-11-20 15:55:57 -06:00
Steve Riesenberg
4b41f8cb5b
Merge branch '6.2.x' into 6.3.x 
Closes gh-16138
 2024-11-20 15:54:29 -06:00
Steve Riesenberg
0eb6acde96
Polish gh-16133 2024-11-20 15:50:29 -06:00
Kai Zander
73f3f75712
Always return current ClientRegistration in loadAuthorizedClient 
This changes `InMemoryOAuth2AuthorizedClientService.loadAuthorizedClient`
(and its reactive counterpart) to always return `OAuth2AuthorizedClient`
instances containing the current `ClientRegistration` as obtained from
the `ClientRegistrationRepository`.

Before this change, the first `ClientRegistration` instance was cached,
with the effect that any changes made in the `ClientRegistrationRepository`
(such as a new client secret) would not have taken effect.

Closes gh-15511
 2024-11-20 15:50:29 -06:00
Joe Grandja
c2cfe92a02 Merge branch '6.3.x' 2024-11-18 05:16:16 -05:00
Joe Grandja
709103e38c Merge branch '6.2.x' into 6.3.x 2024-11-18 04:45:38 -05:00
Joe Grandja
a8c4d6cead Require Locale argument for toLower/toUpperCase usage 2024-11-18 04:22:26 -05:00
Steve Riesenberg
ca1f891f25 Polish gh-15937 2024-11-13 15:53:59 -06:00
Davide Colazingari
aec5afb6eb Fix assertions in NimbusReactiveJwtDecoderTests 2024-11-13 15:53:59 -06:00
Steve Riesenberg
380e856be5
Merge branch '6.3.x' 
Closes gh-16037
 2024-11-04 13:34:57 -06:00
Steve Riesenberg
b9d5493913
Merge branch '6.2.x' into 6.3.x 
Closes gh-16036
 2024-11-04 13:34:42 -06:00
Steve Riesenberg
86f3cd6dc7
Polish gh-15940 
Closes gh-15885
 2024-11-04 13:34:12 -06:00
Hyeongi Jeong
4c6fef82b9
Fix error when Bearer token is requested with empty string 
Issue gh-15885
 2024-11-04 13:33:58 -06:00
Tran Ngoc Nhan
ab93541926 Simplify condition in some methods 2024-10-25 13:42:33 -07:00
Tran Ngoc Nhan
e76de931ce Polish Optional usage 2024-10-25 13:42:33 -07:00