Commit Graph

2674 Commits

Author SHA1 Message Date
Phillip Webb 37fa94fafc Organize imports
Use "organize imports" from Eclipse to cleanup import statements so
that they appear in a consistent and well defined order.

Issue gh-8945
2020-08-24 17:33:07 -05:00
Phillip Webb 5f64f53c3f Use consistent "@" tag order in Javadoc
Ensure that Javadoc "@" tags appear in a consistent and well defined
order.

Issue gh-8945
2020-08-24 17:33:07 -05:00
Phillip Webb 71bc145ae4 Remove superfluous comments
Use '^\s+//\ \~\ .*$' and '^\s+//\ ============+$' regular expression
searches to remove superfluous comments.

Prior to this commit, many classes would have comments to indicate
blocks of code (such as constructors/methods/instance fields). These
added a lot of noise and weren't all that helpful, especially given
the outline views available in most modern IDEs.

Issue gh-8945
2020-08-24 17:33:07 -05:00
Phillip Webb b7fc18262d Reformat code using spring-javaformat
Run `./gradlew format` to reformat all java files.

Issue gh-8945
2020-08-24 17:32:56 -05:00
Phillip Webb 6979125ccf Add noformat blocks around User.withUsername
Find `User.withUsername` calls and protect them against formatting.

Issue gh-8945
2020-08-10 16:24:44 -05:00
Phillip Webb 27ac046d8a Rename *Test.java -> *Tests.java
Rename a few test classes that accidentally ended in `Test` instead of
`Tests`.

Issue gh-8945
2020-08-10 16:24:44 -05:00
Joe Grandja 1d74d556c2 Revert "Lock Dependency Versions for 5.4.0-RC1"
This reverts commit f3a1e5d40c.
2020-08-05 14:59:11 -04:00
Joe Grandja f3a1e5d40c Lock Dependency Versions for 5.4.0-RC1 2020-08-05 13:46:11 -04:00
Hurelhuyag 833151ce71
Mongolian translation for messages.properties
Closes gh-8778
2020-07-10 04:27:51 -04:00
wangsong 4269cb0d26 update comments 2020-07-07 17:11:47 -05:00
Josh Cummings 146d0b6358
Revert "Lock Dependency Versions for 5.4.0-M2"
This reverts commit 68538897c8.
2020-07-01 13:11:50 -06:00
Josh Cummings 68538897c8
Lock Dependency Versions for 5.4.0-M2 2020-07-01 12:40:29 -06:00
yukihane c177b391d4
Polish ProviderManagerTests
- Renamed test to follow naming convention
- Simplified mock with Mockito
- Added note regarding related ticket

Issue gh-8689
2020-06-16 15:56:04 -06:00
yukihane 5302fb776c
ProviderManager Uses CollectionUtils#contains
Closes gh-8689
2020-06-16 15:56:04 -06:00
Rob Winch ca1252be94 Replace whitelist with allowlist
Issue gh-8676
2020-06-10 11:49:21 -05:00
Rob Winch bb05603b3c AbstractUserDetailsReactiveAuthenticationManager uses boundidElastic()
Some JVMs have blocking operations when accessing SecureRandom and thus
this needs to be performed in a pool that is larger than the number of
CPUs

Closes gh-7522
2020-05-12 13:07:24 -05:00
Pei-Tang Huang 9dcdae3269 Update Traditional Chinese translation.
Align with commit f7b33da577.
2020-05-06 17:07:57 -05:00
Joe Grandja 86ca6b013c Unlock dependencies
This reverts commit 206960cf44.
2020-05-06 17:27:35 -04:00
Joe Grandja 206960cf44 Lock dependencies for 5.4.0-M1 2020-05-06 17:13:04 -04:00
Dávid Kovács f7b33da577 ActiveDirectoryLdapAuthenticationProvider uses InternalAuthenticationServiceException
Closes gh-2884
2020-04-24 10:15:48 -05:00
Maksim Mednik eacd212a5a Adding Map support to DefaultMethodSecurityExpressionHandler 2020-04-04 15:46:07 -04:00
Rob Winch 7ad303f0ce Replace VersionsResourceTasks with WriteProperties
VersionsResourceTasks wrote a date comment which prevented this from
producing the same result and caused misses in the cache.

Closes gh-8114
2020-03-13 13:26:54 -05:00
Markus Engelbrecht d81321bc29
Fix typo 'properites' in documentation
Fixes gh-8095
2020-03-11 10:54:14 -06:00
Eleftheria Stein 5850a4cd73 Fix security version test 2020-03-06 18:46:00 -05:00
Eleftheria Stein b2ea0ba775 Polish SessionIdChangedEvent
Add AbstractSessionEvent; clean up license headers and Javadocs

Fixes: gh-5438
2020-03-06 12:04:49 -05:00
Venkata Jaswanth 5fc6414377 SessionRegistryImpl is now aware of SessionIdChangedEvent 2020-03-06 12:04:01 -05:00
Josh Cummings 6eadf7b140
Unlock dependencies for 5.3.0.RELEASE
This reverts commit 147d7dadd7.
2020-03-04 12:02:48 -07:00
Josh Cummings 147d7dadd7
Lock dependencies for 5.3.0.RELEASE 2020-03-04 10:28:39 -07:00
Josh Cummings 1b68cdb650
Polish DefaultAuthenticationEventPublisherTests
Fixed checkstyle violation

Issue gh-7824
2020-02-21 12:59:44 -07:00
Attoumane AHAMADI bfc2832c6c
Authentication Event Publisher Mappings
Fixes gh-7824
2020-02-21 12:49:04 -07:00
Josh Cummings 653400edfa
Polish DefaultAuthenticationEventPublisher
Simplified the constructor selection logic.

Issue gh-7825
2020-02-06 14:13:05 -07:00
Zeeshan Adnan 51b9b2f693
DefaultAuthenticationEventPublisher Default Event
Fixes gh-7825
2020-02-06 14:13:04 -07:00
Eleftheria Stein 84b8a5abd7 Unlock dependencies for next development version
This reverts commit 064616f1ef.
2020-02-05 15:53:04 +01:00
Eleftheria Stein 064616f1ef Lock dependencies for 5.3.0.RC1 2020-02-05 10:20:05 +01:00
Josh Cummings fbdecdafb8
Add Mapping to Invalid Bearer Token
Fixes gh-7793
2020-02-04 17:33:08 -07:00
Joe Grandja 04f3fe8af9 Add Jackson support for oauth2-client session related classes
Fixes gh-4886
2020-02-04 09:01:12 -05:00
Josh Cummings d22b476983
Polish ProviderManager
Updated copyright date range and adjusted constructor order to better
match DelegatingReactiveAuthenticationManager

Fixes gh-7713
2020-01-30 16:08:01 -07:00
Thomas Vitale ace89e12f2 Make code cleaner in ProviderManagerTests 2020-01-30 16:07:24 -07:00
Thomas Vitale 5ce60022d3 ProviderManager should have a varargs constructor
- Added varargs constructor to ProviderManager.
- Added check for null values in AuthenticationProvider list.
- Updated ProviderManagerTests to test for null values using both constructors.

Fixes gh-7713
2020-01-30 16:07:24 -07:00
Rob Winch 38c2010d21 Remove println from springVersion
Issue gh-7801
2020-01-13 16:39:50 -06:00
Eleftheria Stein fcc6457bef Unlock dependencies for next development version
This reverts commit 93acf8f0f1.
2020-01-08 22:15:17 +01:00
Eleftheria Stein 93acf8f0f1 Lock dependencies for 5.3.0.M1 2020-01-08 19:41:10 +01:00
Rob Winch f639e17491 Resolve Current Spring Version
Issue gh-7788
2020-01-06 15:12:04 -06:00
Rob Winch 06d7443946 Use Gradle platform and constraints
This was largely generated from the following script

wget bd9f8eb541/src/main/groovy/io/spring/gradle/convention/DependencySetPlugin.groovy ./dsp.gradle
cat gradle/dependency-management.gradle | grep 'management "' | cut -d ':' -f 2 | xargs -I{} sh -c "rg {} -l -g '*.gradle' -g '\!dependency-management.gradle' > /dev/null || echo {}" | xargs -I{} sed -iE '/.*{}.*/d' gradle/dependency-management.gradle
rm ./dps.gradle

Fixes gh-7787
2020-01-06 14:46:36 -06:00
Daniel Bustamante Ospina 150b66824d Make MethodSecurityEvaluationContext Delegate to MethodBasedEvaluationContext
Spring Security's MethodSecurityEvaluationContext should delegate to Spring Framework's
MethodBasedEvaluationContext

Fixes: gh-6224
2020-01-03 19:49:41 -05:00
Matthias Stock 5fde3044f7 Resolve JavaType only once for whitelisted class 2020-01-02 10:30:51 -05:00
Tao Sun f18d0fd1a7 Test details using isEqualTo 2019-12-18 17:35:51 +01:00
Tao Sun 6b0981549b Add test for details deserialization 2019-12-18 17:35:51 +01:00
Tao Sun 156fc294bf Deserialize details field in UsernamePasswordAuthenticationToken
Before this commit, the details field was set to a JsonNode, but now it is deserialized correctly.

Fixes gh-7482
2019-12-18 17:35:51 +01:00
Rob Winch 17449cbf60 Fix next development version 2019-11-27 08:16:23 -06:00
LeeHainie 4b4c6e612b Remove unnecessary instantiation in root
Fixes: gh-7635
2019-11-07 10:26:02 +01:00
Josh Cummings 5f17032ffd Restore Removed Throws Clauses
In a recent clean-up, certain exceptions were removed from various
throws clauses.

This PR re-introduces throws clauses that are important for one of the
following reasons:

1. It's a method on a public interface
2. It's a method clearly designed for inheritance, for example, a
method stub, an abstract method, or indicated as such in the docs.

Fixes gh-7541
2019-10-30 12:13:54 -06:00
Isaac Cummings 1081066d60 Polish AuthorityUtils
Changed parameter name to authorities
Added JavaDoc

Fixes gh-4805

Co-authored-by: Everett Irwin <everettirwin77@gmail.com>
2019-10-16 10:44:00 -06:00
Rob Winch b29106ea31 Use deamon thread for Schedulers.newParallel
Fixes gh-7492
2019-09-30 15:19:31 -05:00
Rob Winch 1bf0e70bd0 Revert "Dispose default Scheduler"
This reverts commit 39600b901f.
2019-09-30 15:19:31 -05:00
Rob Winch fc8a0184b0 Polish Dispose default Scheduler 2019-09-30 14:42:28 -05:00
Rob Winch e0414e5cbe Merge pull request #7493 from robotmrv/gh-7492
Dispose default Scheduler
2019-09-30 14:40:28 -05:00
Filip Hanik f832d08814 Upgrade Jackson JSON library to 2.10.0 2019-09-29 18:23:32 -07:00
Roman Matiushchenko 39600b901f Dispose default Scheduler
AbstractUserDetailsReactiveAuthenticationManager creates parallel
Scheduler with daemon=false Threads. It is recommended to dispose such
Schedulers to be able exit the VM

Fixes gh-7492
2019-09-29 20:23:05 +03:00
Josh Cummings 1630b3b1f3
CurrentSecurityContext JavaDoc
Fixes gh-7489
2019-09-27 16:23:33 -06:00
Rob Winch ff54eb878a Use Schedulers.boundedElastic()
Fixes gh-7457
2019-09-19 13:51:06 -05:00
Rob Winch cb5c58eeaa AbstractUserDetailsReactiveAuthenticationManager uses newParallel
It is recommended to use newParallel to avoid impacting the timed
operations which all use parallel()

Fixes gh-7456
2019-09-19 13:43:25 -05:00
Rob Winch 00f8991fac Merge Remove Redudant Throws
Fixes gh-7301
2019-09-19 11:04:53 -05:00
Onur Kagan Ozcan 034b5e9e93 Introduce LogoutSuccessEvent
LogoutSuccessEvent is a simple AbstractAuthenticationEvent implementation which indicates successful logout.

By default, LogoutConfigurer will add a new LogoutHandler called LogoutSuccessEventPublishingLogoutHandler to publish this event.

This PR will also fix ConcurrentSessionFilter's composite logoutHandler, now will get LogoutHandler instances from LogoutConfigurer for consistency.

Fixes gh-2900
2019-09-18 10:57:16 -05:00
kostya05983 f6c650db47
Replace Streams with Loops
First version of replacing streams

fix wwwAuthenticate and codestyle

fix errors in implementation to pass tests

Fix review notes

Remove uneccessary final to align with cb

Short circuit way to authorize

Simplify error message, make code readably

Return error while duplicate key found

Delete check for duplicate, checkstyle issues

Return duplicate error

Fixes gh-7154
2019-09-02 15:30:48 -06:00
Lars Grefer 95511331fa fix checkstyle 2019-08-26 22:42:26 +02:00
Lars Grefer 34dd5fea30 Remove redundant throws clauses
Removes exceptions that are declared in a method's signature but never thrown by the method itself or its implementations/derivatives.
2019-08-23 01:03:54 +02:00
Angel Aguilera 11f423511d Add Catalan localization messages 2019-08-21 10:14:29 -05:00
Rob Winch 4166c6e493 Fix UserDetailsPasswordService Checkstyle
Issue gh-7266
2019-08-16 06:46:09 -05:00
Michael J. Simons 5903f2dd9b Fix UserDetailsPasswordService JavaDoc
* Fix typo
* Clarify that `newPassword` is already an encoded password
2019-08-16 06:45:28 -05:00
Lars Grefer cb4f3d2f44 Use UTF-8 for Java sources and XML 2019-08-14 08:47:00 -05:00
Rob Winch c1db1aad91
Cleanup Code Style Issues
Cleanup Code Style Issues
2019-08-12 13:06:49 -05:00
Lars Grefer ec6ca97226 Fix tests 2019-08-11 21:09:10 +02:00
Lars Grefer ff1070df36 remove redundant modifiers found by checkstyle 2019-08-10 00:18:56 +02:00
Lars Grefer bbefc491b2 unused imports 2019-08-09 16:59:07 -05:00
Lars Grefer 25c06be1eb Java 7: Identical 'catch' branches in 'try' statement 2019-08-09 16:59:07 -05:00
Lars Grefer 5e44a249f8 Java 5: while-loop replaceable with foreach 2019-08-09 16:59:07 -05:00
Lars Grefer d9c1f03b84 Unnecessary interface modifier 2019-08-09 00:42:35 +02:00
Lars Grefer 8d0ca14e55 Unnecessary conversion to String 2019-08-09 00:41:46 +02:00
Lars Grefer eddcd1622f Type parameter extends Object
Reports any type parameters and wildcard type arguments explicitly declared to extend java.lang.Object.
2019-08-09 00:40:13 +02:00
Lars Grefer fb39d9c255 Anonymous type can be replaced with lambda 2019-08-08 17:09:09 -04:00
Lars Grefer f5cd0ec302 Use try-with-resources instead of try-finally 2019-08-06 15:33:04 -05:00
Jeffrey Morlan a17d66463d Fix race condition in SessionRegistryImpl
Adding/removing sessions from principals wasn't atomic. If one thread
removed the last session from a principal while another thread added a
new one, the addition could be lost.

Fixes gh-3189
2019-08-06 13:45:50 -05:00
Lars Grefer 2056834432 Cleanup unnecessary unboxing
Unboxing is unnecessary under Java 5 and newer, and can be safely removed.
2019-08-06 10:17:38 -04:00
Lars Grefer 2306d987e9 Cleanup unnecessary boxing 2019-08-06 10:17:38 -04:00
Lars Grefer 776a4c3760 Use org.mockito.ArgumentMatchers in favor of org.mockito.Matchers 2019-08-03 12:28:37 -04:00
Lars Grefer 09a119978c Migrate VersionsResourceTasks groovy->java
Issue: gh-4939
2019-08-02 15:53:49 -04:00
Eddú Meléndez Gonzales 8e6e975e86 Prevent authentication when user is inactive for reactive apps
Currently, reactive applications doesn't perform validation when user
is locked, disabled or expired. This commit introduces these validations.

Fixes gh-7113
2019-07-29 11:03:05 -04:00
Pavel Horal be0ad673c2 Make RoleHierarchyImpl internals a bit simpler.
Issue: gh-7035
2019-07-12 18:42:44 +02:00
Karel Maxa d3eaef66fc Fix infinite loop in role hierarchy resolving
Issue: gh-7035
2019-07-11 15:43:26 +02:00
Karel Maxa 2d36062846 Remove unnecessary authority comparison.
Issue: gh-7035
2019-07-11 15:37:34 +02:00
Pei-Tang Huang 0fea2fb256 Add Chinese Traditional localized messages. 2019-07-10 12:01:22 -05:00
Lars Grefer 3ea9d376b2 Cleanup explicit type arguments 2019-07-10 09:32:41 -05:00
Lars Grefer c5b5cc507c Cleanup redundant type casts 2019-07-10 09:31:09 -05:00
Lars Grefer 43737a56bd Use foreach where possible 2019-07-09 06:11:45 -06:00
Lars Grefer 7dc28ff376 Use contains() instead of indexOf() != -1 2019-07-09 06:07:42 -06:00
Bagyoni Attila 878d262a26 Reimplement some hashCodes according to the currently recommended pattern.
These hashCode implementations seemed suspicious (field hashCodes XORed together with 31).
Included caseSensitive in AntPathRequestMatcher.hashCode() to be consistent with equals().
2019-06-18 12:44:57 -06:00
joos-edia 0e7462272f Move log statement
Moved after removeSessionInformation() is called for comprehensible output to log file. The log statements are now written in correct order. Before the change, this could be confusing when debugging an application, since it seemed that the registered session was immediately removed when only looking at the logs.
2019-06-13 11:19:51 -05:00
Rafiullah Hamedy f6ed1db702 Introduced ReactiveAuthenticationManagerResolver
Suitable for multi-tenant reactive applications needing to branch
authentication strategies based on request details.
2019-06-13 08:52:19 -06:00
Fan Zhang 78cde52194 FIX #6954(RoleHierarchy Comments are misleading) 2019-06-12 10:14:31 -05:00