Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-02-25 17:06:42 +00:00
Code Issues Packages Projects Releases Wiki Activity
7,772 Commits 34 Branches 337 Tags
Commit Graph

7772 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Josh Cummings
ecb13aa8cc
Resource Server JWE Sample 
Issue: gh-4435
 2019-06-25 16:54:15 -06:00
Josh Cummings
37d108ccc2
Remove SignedJWT Check 
JWTProcessor already does sufficient checking to confirm that the JWT
is of the appropriate type.

Fixes: gh-7034
 2019-06-25 16:49:29 -06:00
Léon van der Kaap
d2248d185b
Add extra salt length check for BCrypt 
If the salt length is 28 characters and the
version is 2{a,x,y}, an IndexOutOfBoundsException
is thrown. This commit adds an extra check that
the salt length should be at least 29 characters long
if the version is not equal to "2".

Fixes: gh-6907
 2019-06-24 14:11:30 -06:00
Josh Cummings
10a7af2d53
Add file extension to wait-for-done 2019-06-24 14:10:50 -06:00
Rob Winch
6f5a443175 ServerBearerTokenAuthenticationConverter Handles Empty Tokens 
Previously ServerBearerTokenAuthenticationConverter would throw an
IllegalArgumentException when the access token in a URI was empty String.
It also incorrectly provided HttpStatus.BAD_REQUEST for an empty String
access token in the headers.

This changes ServerBearerTokenAuthenticationConverter to consistently
throw a OAuth2AuthenticationException with an HttpStatus.UNAUTHORIZED

Fixes gh-7011
 2019-06-24 13:57:29 -06:00
Eleftheria Stein
3c240d0ce3 Migrate DefaultLoginPageConfigurerTests groovy->java 
Issue: gh-4939
 2019-06-24 10:38:20 -04:00
Eleftheria Stein
12da990b6b Allow configuration of HTTP basic through nested builder 
Issue: gh-5557
Fixes: gh-6885
 2019-06-20 13:58:13 -05:00
Joe Grandja
3f2108921e Allow configurable accessible scopes for UserInfo resource 
Fixes gh-6886
 2019-06-20 10:32:58 -04:00
Joe Grandja
6e76df8f1d Revert OAuth2AuthorizationCodeGrantWebFilter works with /{action}/ 
Issue #5856
Commit 385bdfc055854581e9e9f671d11f86a978c27c42

NOTE: This commit 'partially' reverts #5856. Only the ServerWebExchangeMatcher for OAuth2LoginSpec is reverted.

Fixes gh-6890
 2019-06-19 16:06:38 -04:00
Joe Grandja
06943d2d39 Revert OAuth2LoginAuthenticationFilter should ignore authenticated requests 
Issue #5915
Commit 93ca45540556c4e8ade7f8948883f94fb0851ebb

Fixes gh-6890
 2019-06-19 16:06:38 -04:00
Josh Cummings
e8b7d6b03a
Release Scripts 
Added a script for polling Maven Central to notify when release is
uploaded.
 2019-06-19 13:34:47 -06:00
Thomas Vitale
417ad40d10 Add generic getClaim() method in ClaimAccessor 
Fixes gh-6947
 2019-06-19 13:45:59 -04:00
Rob Winch
59dcc36dd1
Use https link to Stack Overflow 2019-06-19 12:44:43 -05:00
Rob Winch
df14e18299
Add links to Stack Overflow Reply Template 2019-06-19 11:27:57 -05:00
Rob Winch
9f52e9b5ce
Update to align with Spring Boot's Stack Overflow 2019-06-19 11:27:10 -05:00
Rob Winch
57cb52ce64
Add Stackoverflow to Contributor Guidelines 2019-06-19 11:23:11 -05:00
Bagyoni Attila
878d262a26 Reimplement some hashCodes according to the currently recommended pattern. 
These hashCode implementations seemed suspicious (field hashCodes XORed together with 31).
Included caseSensitive in AntPathRequestMatcher.hashCode() to be consistent with equals().
 2019-06-18 12:44:57 -06:00
Daniel Meier
f44eb0b7be Update Mockito-Core to version 2.27.0 
Update Mockito-Core to version 2.27.0 and Byte Buddy to version 1.9.10.

Closes #6790
 2019-06-18 08:00:01 -06:00
Dennis Devriendt
b7ea7083c9 OAuth2LoginAuthenticationFilter sets AuthenticationDetails 
Fixes gh-6866
 2019-06-17 15:44:41 -05:00
sandmannn
23a7c3010c Added jwt injection for reactive test mocks 
Added new implementation of jwt() method that
makes it possible to directly provide a previously
prepared JWT token to WebTestClient mutator.

Fixes: spring-projectsgh-6896
 2019-06-15 10:01:57 -06:00
Eleftheria Stein
c0f64aa2d2 Next Development Version 2019-06-14 16:14:19 -04:00
Eleftheria Stein
77235e1f1d Release 5.2.0.M3 5.2.0.M3 2019-06-14 14:57:10 -04:00
Eleftheria Stein
a01ef4d215 Update to Spring Data Moore-RC1 
Fixes gh-7008
 2019-06-14 11:40:45 -04:00
Eleftheria Stein
609228de5f Jenkins build performs git clean 
Fixes gh-7006
 2019-06-14 07:43:22 -06:00
Eleftheria Stein
b00345575b Revert "Update to org.aspectj 1.9.4" 
This reverts commit 0c41ed0948b1367c7cb1991469792a1928b848bf.

Fixes gh-7001
 2019-06-13 16:45:17 -04:00
Eleftheria Stein
32d964334e Revert "Release 5.2.0.M3" 
This reverts commit 0e1bd178d2f789f1db0f316675432e06ec430dbb.
 2019-06-13 16:03:47 -04:00
Eleftheria Stein
0e1bd178d2 Release 5.2.0.M3 2019-06-13 15:48:13 -04:00
Eleftheria Stein
d3bcae475c Update to org.seleniumhq.selenium:htmlunit-driver 2.35.1 
Fixes gh-6981
 2019-06-13 13:30:24 -06:00
Eleftheria Stein
dc9a2eacf8 Update to hsqldb 2.5.0 
Fixes gh-6982
 2019-06-13 13:30:24 -06:00
Eleftheria Stein
d4af16d52b Update to Jetty 9.4.19.v20190610 
Fixes gh-6983
 2019-06-13 13:30:24 -06:00
Eleftheria Stein
a6491c944c Update to org.bouncycastle 1.62 
Fixes gh-6984
 2019-06-13 13:30:24 -06:00
Eleftheria Stein
2fb45201d5 Update to thymeleaf-layout-dialect 2.4.1 
Fixes gh-6985
 2019-06-13 13:30:24 -06:00
Eleftheria Stein
b62e69b94f Update to net.sourceforge.htmlunit:htmlunit 2.35.0 
Fixes gh-6986
 2019-06-13 13:30:24 -06:00
Eleftheria Stein
ebb5ca955a Update to unboundid-ldapsdk 4.0.11 
Fixes gh-6987
 2019-06-13 13:30:24 -06:00
Eleftheria Stein
be4f85b7f6 Update to jaxb-impl 2.3.2 
Fixes gh-6988
 2019-06-13 13:30:24 -06:00
Eleftheria Stein
225786a1d7 Update to mockwebserver 3.14.2 
Fixes gh-6989
 2019-06-13 13:30:24 -06:00
Eleftheria Stein
488277e978 Update to oauth2-oidc-sdk 6.13 
Fixes gh-6990
 2019-06-13 13:30:24 -06:00
Eleftheria Stein
602fcb05b2 Update to hibernate-entitymanager 5.4.3.Final 
Fixes gh-6991
 2019-06-13 13:30:24 -06:00
Eleftheria Stein
351e3aa881 Update to Spring Data Moore-M4 
Fixes gh-6992
 2019-06-13 13:30:24 -06:00
Eleftheria Stein
81b28d9afa Update to Spring Boot 2.2.0.M3 
Fixes gh-6993
 2019-06-13 13:30:24 -06:00
Eleftheria Stein
7450bd1334 Update to org.powermock 2.0.2 
Fixes gh-6994
 2019-06-13 13:30:24 -06:00
Eleftheria Stein
0c41ed0948 Update to org.aspectj 1.9.4 
Fixes gh-6995
 2019-06-13 13:30:24 -06:00
Eleftheria Stein
57ffaded72 Update to nimbus-jose-jwt 7.2.1 
Fixes gh-6996
 2019-06-13 13:30:24 -06:00
Eleftheria Stein
72a3044d1d Update to GAE 1.9.75 
Fixes gh-6997
 2019-06-13 13:30:24 -06:00
Eleftheria Stein
8fb464857c Update to jackson.core 2.9.9 
Fixes gh-6998
 2019-06-13 13:30:24 -06:00
Eleftheria Stein
e34a0e345c Update to cglib-nodep 3.2.12 
Fixes gh-6999
 2019-06-13 13:30:24 -06:00
joos-edia
0e7462272f Move log statement 
Moved after removeSessionInformation() is called for comprehensible output to log file. The log statements are now written in correct order. Before the change, this could be confusing when debugging an application, since it seemed that the registered session was immediately removed when only looking at the logs.
 2019-06-13 11:19:51 -05:00
Rafiullah Hamedy
f6ed1db702 Introduced ReactiveAuthenticationManagerResolver 
Suitable for multi-tenant reactive applications needing to branch
authentication strategies based on request details.
 2019-06-13 08:52:19 -06:00
Eleftheria Stein
e0e66c62fc Update to Spring 5.2.0.M3 
Fixes gh-6961
 2019-06-13 10:45:09 -04:00
Eleftheria Stein
759e47ba84 Migrate OpenIDLoginConfigurerTests groovy->java 
Issue: gh-4939
 2019-06-12 15:23:47 -04:00