808fbfa161
Update webflux-form sample to use Built in CSRF Support
...
Remove the CsrfControllerAdvice class and update dependencies to add
org.thymeleaf.extras:thymeleaf-extras-springsecurity5
Issue: gh-6061
2018-11-14 17:38:37 -06:00
ac026e23fe
Updated Spring Boot version from 2.1.0.M4 to 2.1.0.RELEASE
2018-11-14 10:51:38 -06:00
42b111fba6
JDK 11 Compatibility
...
Upgraded dependencies and removed a test in the Java Config LDAP
sample which is arguably an integration test since it starts up an
LDAP container. This test also isn't JDK 11 compatible and the
remaining integration tests in the sample cover the same material.
Issue: gh-5860
2018-10-25 17:10:50 -06:00
bd9e3877f9
JDK 10 Compatibility
...
Upgrading dependencies and reconfiguring PowerMock
Issue: gh-5860
2018-10-17 15:03:42 -05:00
fe080cadbe
Fix method name in the Contact sample code
2018-10-03 16:45:18 -04:00
91f6888e9f
Remove OAuth2AuthorizedClientRepository @Bean from OAuth2LoginApplication
...
Fixes gh-5546
2018-09-19 11:22:52 -04:00
b3d33708d1
JAXB for Authorization Server Sample
...
For Java 9+ compatibility
Issue: gh-5833
2018-09-14 09:21:37 -06:00
17dd95d525
Polish Authorization Server Sample
...
Change primary user's username to "subject" to align with
oauth2resourceserver sample.
2018-09-13 16:21:10 -06:00
f2140dd5f5
Authorization Server Sample
...
A simple Authorization Server sample based off of the Legacy
Authorization Server project, spring-security-oauth2.
This project is mostly useful as a utility for other samples whose
usage would be clearer if an Authorization Server were introduced.
Note that this server is a barebones OAuth 2.0 Authorization Server
configuration, but is still useful for understanding how to set up an
Authorization Server using spring-security-oauth2.
Fixes: gh-5833
2018-09-13 15:24:32 -06:00
c21b2f31c6
Polish resourceserver samples
...
- Use ${mockserver.url} instead of mock://
- Consistency between reactive/imperative samples
Fixes: gh-5844
2018-09-13 14:31:23 -05:00
f68141d42a
Update to Spring Boot 2.1.0.M3
...
Fixes: gh-5843
2018-09-13 10:27:16 -05:00
2495025845
authcodegrant samples->oauth2webclient samples
...
The authcodegrant samples were initially meant to be very simple
demonstration of authorization code flow. However, it has become
obvious since then that the real intent of the demo is how to use
the WebClient with OAuth (there is no other reason to do authorization
code flow unless you use the token to make a request).
The samples have been migrated to oauth2webclient and oauth2webclient-webflux
respectively. They have been improved:
* The sample demonstrates usage with annotations, webclient directly, form login
oauth2Login, and public APIs
* The samples externalize the endpoint that is requested in the sample
making it easier to try other endpoints
* The UI no longer relies on a data structure for the result of the
endpoint also making it easier to try other endpoints
Issue: gh-4921
2018-09-07 08:58:50 -05:00
158b8aa6d5
ServerOAuth2AuthorizedClientExchangeFilterFunction clientRegistrationId
...
Issue: gh-4921
2018-09-07 08:56:49 -05:00
d7bd5c0acc
Remove spring.factories from oauth2login-webflux sample
...
Fixes gh-5723
2018-08-22 10:21:36 -04:00
ff6e1232c8
Flatten HttpSecurity.oauth2()
...
Fixes gh-5715
2018-08-22 05:58:04 -04:00
0f89e59707
Simplified oauth2().client() DSL
...
Fixes gh-5662
2018-08-22 04:45:35 -04:00
0dc80aed40
Flatten ServerHttpSecurity.oauth2()
...
Fixes: gh-5712
2018-08-21 15:48:41 -05:00
7c5c274854
Add authcodegrant-webflux sample
...
Issue: gh-5620
2018-08-19 21:28:08 -05:00
afa2d9cbc7
Remove ExchangeFilterFunctions
...
Issue: gh-5612
2018-07-30 15:34:44 -05:00
262c1a77c6
Remove SecurityHeaders
...
We no longer need this since Spring Framework now provides
HttpHeaders.setBearerAuth
Issue: gh-5612
2018-07-30 15:34:40 -05:00
c26d7dc859
Update to Spring Boot 2.1.0.M1
...
Fixes: gh-5613
2018-07-30 15:34:35 -05:00
dd1fa7f709
Add Sample
...
Issue: gh-5605
2018-07-30 11:39:50 -05:00
9ababf4168
Rename to ServerOAuth2AuthorizedClientExchangeFilterFunction
...
Rename OAuth2AuthorizedClientExchangeFilterFunction to
ServerOAuth2AuthorizedClientExchangeFilterFunction->
Issue: gh-5386
2018-07-20 11:48:19 -05:00
9a144d742e
Use OAuth2AuthorizedClientRepository in filters and resolver
...
Fixes gh-5544
2018-07-19 22:57:10 -04:00
40ccdb93f7
Resource Server Jwt Support
...
Introducing initial support for Jwt-Encoded Bearer Token authorization
with remote JWK set signature verification.
High-level features include:
- Accepting bearer tokens as headers and form or query parameters
- Verifying signatures from a remote Jwk set
And:
- A DSL for easy configuration
- A sample to demonstrate usage
Fixes: gh-5128
Fixes: gh-5125
Fixes: gh-5121
Fixes: gh-5130
Fixes: gh-5226
Fixes: gh-5237
2018-07-16 10:40:46 -05:00
779597af2a
Add support for custom authorization request parameters
...
Fixes gh-4911
2018-07-16 09:39:06 -05:00
05ed028f9d
Modernize Default Log In Page
...
Fixes: gh-5515
2018-07-15 19:43:42 -05:00
4fc6d96073
Rename @OAuth2Client to @RegisteredOAuth2AuthorizedClient
...
Fixes gh-5360
2018-06-08 17:33:21 -04:00
81e19ad85e
Move oauth2 samples under boot directory
...
Issue gh-5397
2018-06-06 09:37:36 -04:00
a9e6d7606e
Update WebFlux samples to use Spring Boot
...
Fixes: gh-5411
2018-06-05 11:31:15 -05:00
de95583509
Move oauth2login samples under oauth2 directory
...
Fixes gh-5397
2018-05-30 12:16:05 -04:00
f9f74b1bfc
Simplify oauth2login-webflux sample
...
Fixes gh-5396
2018-05-30 11:53:25 -04:00
6c13e18483
Simplify oauth2login sample
...
Fixes gh-5384
2018-05-30 11:29:28 -04:00
ecf6caa896
Add missing @Configuration for WebClientConfig
...
Issue: gh-5388
2018-05-25 12:48:42 -05:00
68117d7b0b
Samples use OAuth2AuthorizedClientExchangeFilterFunction
...
Issue: gh-5386
2018-05-25 12:25:13 -05:00
bc3467c118
Add oauth2login-webflux sample
...
Issue: gh-4807
2018-05-11 04:19:50 -05:00
526e0fdd4f
Add OAuth2 Client HandlerMethodArgumentResolver
...
Fixes gh-4651
2018-04-02 12:13:52 -04:00
982fc360b2
Add support for authorization_code grant
...
Fixes gh-4928
2018-04-02 12:13:06 -04:00
7a204a5f58
Fixes for SPR-16624
...
Fixes: gh-5164
2018-03-27 22:35:08 -05:00
b1d013e8f0
Fix JDK 9
...
Issue: gh-5160
2018-03-27 09:30:56 -05:00
59cef7d339
HttpSessionOAuth2AuthorizationRequestRepository handle multiple OAuth2AuthorizationRequest per session
...
Fixes gh-5110
2018-03-20 22:14:48 -05:00
c9ef2549b2
Update to appengine-gradle-plugin:1.3.5
...
Fixes: gh-5054
2018-02-27 20:45:27 -06:00
c5e6ee4563
Update Dependencies
...
Fixes: gh-4973
2018-01-24 13:48:14 -06:00
1517e9b222
Migrate xml-contacts groovy->java
...
See #4939 .
2018-01-24 11:06:08 -06:00
4a3baad4f9
Migrate xml-ldap groovy->java
...
See #4939 .
2018-01-24 11:06:08 -06:00
8c6f965973
Migrate javaconfig-ldap groovy->java
...
See #4939 .
2018-01-24 11:06:08 -06:00
26f7b2f99f
Migrate javaconfig-helloworld groovy->java
...
See #4939 .
2018-01-24 11:06:08 -06:00
2e2b22f87e
Migrate xml-insecure groovy->java
...
See #4939 .
2018-01-24 11:06:08 -06:00
fe40952908
Revert "webflux-form sample uses Tomcat"
...
This reverts commit 67bb91bb76reactor/reactor-netty#248 has
been resolved.
Fixes: gh-4923
2018-01-23 08:31:41 -06:00
6c0b510c98
Remove hardcoded Spring versions from namespaces
...
This fixes #4945 .
2018-01-10 16:47:20 -06:00
b634b49f9f
Migrate xml-jaas groovy->java
2018-01-10 16:44:59 -06:00
cd3449b312
Migrate javaconfig-form groovy->java
...
See #4939
2018-01-10 16:41:36 -06:00
f3830eec7d
Rename userDetailsRepository to userDetailsService
2018-01-10 16:04:48 -06:00
a4701bcd52
Migrate javaconfig-jdbc groovy->java
...
See #4939 .
2018-01-10 16:03:39 -06:00
718052932a
Migrate xml-helloworld groovy->java
...
This is a suggestion how to migrate the GebSpec based tests to Java / Selenium based tests.
Issue: gh-4939
2018-01-03 09:35:28 -06:00
f9083614be
Remove duplicate dependency
2018-01-03 09:35:28 -06:00
921157cdcd
Remove explicit super() calls
2017-12-21 15:11:51 -06:00
57353d18e5
Use diamond type
2017-12-21 15:09:00 -06:00
67bb91bb76
webflux-form sample uses Tomcat
...
Work around gh-4923
2017-12-20 15:08:49 -06:00
0c708976c6
Update oauth2Login sample to use master
...
Fixes gh-4910
2017-12-12 15:31:00 -05:00
86824030f2
Update oauth2Login sample guide
...
Fixes gh-4858
2017-11-22 14:47:31 -05:00
d55db837e1
CsrfWebFilter places Mono<CsrfToken>
...
Fixes: gh-4855
2017-11-20 16:30:29 -06:00
701933c7f7
Fix copyright start years
...
See gh-4655
See gh-4725
2017-11-17 10:14:32 -06:00
b6895e6359
Apply Checkstyle WhitespaceAfterCheck module
2017-11-16 11:18:31 -06:00
4039cd285e
oauth2Login sample depends on security RC1
...
Fixes gh-4828
2017-11-15 14:51:35 -05:00
d900f2a623
Remove unused imports
...
This commit also adds UnusedImportsCheck Checkstyle module.
2017-11-14 14:41:08 -06:00
0d33864b5a
Remove redundant 'provider' property from oauth2Login sample config
...
Fixes gh-4817
2017-11-13 17:32:44 -05:00
3661cb58d6
Polish oauth2Login sample integration test
...
Fixes gh-4811
2017-11-12 12:59:58 -05:00
1dac191b19
Remove custom security config from oauth2Login sample
...
Fixes gh-4808
2017-11-11 21:15:01 -05:00
cd9e712117
Remove GlobalAuthenticationConfigurerAdapter from oauth2Login sample
...
Fixes gh-4665
2017-11-11 21:15:01 -05:00
99df632f24
Add missing @Override annotations
...
This commit also adds MissingOverrideCheck module to Checkstyle configuration.
2017-11-08 13:27:24 -06:00
f1245059ff
Consistent Thymeleaf Version in Boot Samples
...
Issue gh-4802
2017-11-08 09:04:50 -06:00
9d7802d71f
Configure logback for webflux-form
...
Issue gh-4802
2017-11-08 08:32:32 -06:00
1728e21804
Update Thymeleaf
...
We can remove PatchThymleeafReactiveView now that it is fixed and released
in Thymeleaf.
Issue gh-4802
2017-11-08 08:29:49 -06:00
75e77292cf
webflux-form sample
...
Fixes gh-4802
2017-11-07 22:25:56 -06:00
91e27c1422
Add slf4jDependencies to hellowebflux
...
Fixes gh-4798
2017-11-07 22:24:32 -06:00
5280ac40e9
WebMvcConfigurerAdapter->WebMvcConfigurer
...
Fixes gh-4612
2017-10-30 01:30:08 -05:00
0771778b81
Polish more AssertJ assertions
2017-10-29 22:22:34 -05:00
e0aca04a28
Polish AssertJ assertions
...
Polish AssertJ assertions
2017-10-29 22:22:34 -05:00
6decf1c8ef
Allow use of non-numeric (e.g. UUID) values for ObjectIdentity.getIdentifier()
...
Prior to this commit, the ObjectIdentity id had to be a number. This
commit allows for domain objects to use UUIDs as their identifier. The
fully qualified class name of the identifier type can be specified
in the acl_object_identity table and a ConversionService can be provided
to BasicLookupStrategy to convert from String to the actual identifier
type.
There are the following other changes:
- BasicLookupStrategy has a new property, aclClassIdSupported, which
is used to retrieve the new column from the database. This preserves
backwards-compatibility, as it is false by default.
- JdbcMutableAclService has the same property, aclClassIdSupported,
which is needed to modify the insert statement to write to the
new column. Defaults to false for backwards-compatibility.
- Tests have been updated to verify both the existing functionality
for backwards-compatibility and the new functionality.
Fixes gh-1224
2017-10-29 21:29:12 -05:00
a261c9a047
Polish OAuth2LoginConfigurer
...
Fixes gh-4747
2017-10-29 21:33:51 -04:00
c3d2effc1d
Polish OAuth2AuthorizedClientService
...
Fixes gh-4746
2017-10-29 20:25:03 -04:00
e4887057bc
Rename AuthorizationGrantTokenExchanger -> OAuth2AccessTokenResponseClient
...
Fixes gh-4741
2017-10-29 17:49:15 -04:00
fb632624d2
Update dependency versions
...
Fixes gh-4739
2017-10-29 14:31:57 -05:00
192776858d
HttpStatusServerAccessDeniedHandler write error message
2017-10-28 22:59:24 -05:00
8e0d88d3e9
Remove GitHubOAuth2User from oauth2Login sample
...
Fixes gh-4732
2017-10-28 18:25:45 -04:00
0c68eb1821
Re-factor OAuth2AuthorizationCodeAuthenticationToken
...
Fixes gh-4730
2017-10-28 17:15:31 -04:00
64d8c8b8a9
Re-factor AuthorizationGrantTokenExchanger
...
Fixes gh-4728
2017-10-28 17:12:14 -04:00
9afefef3b9
Polish class names in oauth2-client
...
Fixes gh-4722
2017-10-27 21:00:52 -04:00
34668e05af
Polish class names in oauth2-core
...
Fixes gh-4720
2017-10-27 20:42:58 -04:00
ef83bc8dd7
Move package client.authentication.userinfo -> client.userinfo
...
Fixes gh-4708
2017-10-26 15:39:04 -04:00
942b647c0d
OAuth2LoginAuthenticationFilter processes uri /login/oauth2/code/*
...
Issue gh-4687
2017-10-26 14:20:19 -04:00
43d201fa3e
Move OAuth2AuthenticationToken
...
Fixes gh-4697
2017-10-25 16:17:49 -04:00
5a584e5ccb
Rename OAuth2/OIDC ClientAuthenticationToken -> AuthorizedClient
...
Fixes gh-4695
2017-10-25 13:47:00 -04:00
8fd0ba3bc4
Fix README authorization callback URLs
...
Issue gh-4659
2017-10-24 15:14:58 -05:00
049080290e
Refactor OAuth2 AuthenticationProvider's
...
Fixes gh-4689
2017-10-24 15:24:26 -04:00
0fb32a052e
OAuth2LoginAuthenticationFilter processes uri /login/oauth2/*
...
Fixes gh-4687
2017-10-24 15:24:26 -04:00
4ae24f2fbe
Rename AuthorizationCodeAuthenticationFilter -> OAuth2LoginAuthenticationFilter
...
Fixes gh-4686
2017-10-24 15:24:25 -04:00
8291f20796
DaoAuthenticationProvider uses DelegatingPasswordEncoder
...
This means that passwords will be encoded with BCrypt by default
Fixes: gh-2775
2017-10-24 07:56:28 -05:00
d19b222b55
UserDetailsRepositoryReactiveAuthenticationManager uses DelegatingPasswordEncoder
...
This means passwords will be encoded with BCrypt by default
Issue: gh-2775
2017-10-24 07:56:28 -05:00
f0c9f85292
spring-security-jwt-jose -> spring-security-oauth2-jose
...
Fixes gh-4595
2017-10-23 09:04:01 -04:00
a49047dec5
Fix OAuth2LoginApplicationTests
...
Issue gh-4659
2017-10-20 04:41:48 -04:00
ee6c1f2ddd
Add temporary GlobalAuthenticationConfigurerAdapter
...
Fixes gh-4664
2017-10-19 12:15:35 -04:00
e91da5959c
Remove auto-config classes from oauth2Login sample
...
Fixes gh-4638
2017-10-19 11:27:22 -04:00
1e891b38ab
Rename scope -> scopes for Set types
...
Fixes gh-4644
2017-10-18 17:56:39 -04:00
b81c1ce2c0
Move spring-security-webflux into spring-security-web
...
Fixes gh-4662
2017-10-18 16:20:09 -05:00
7b8d131386
Fix package tangles -> OAuth2/Oidc AuthenticationProvider's
...
Fixes gh-4614
2017-10-16 20:56:32 -04:00
3c824dc44b
Fix package tangles -> OAuth2UserService
...
Fixes gh-4614
2017-10-13 18:59:41 -04:00
cfa4858b04
Fix package tangles -> AuthorizationGrantTokenExchanger
...
Fixes gh-4614
2017-10-13 16:35:48 -04:00
211e8eae90
Remove formLogin() and httpBasic() from defaults
2017-10-12 16:41:01 -05:00
792944eee7
HttpSecurity->ServerHttpSecurity
...
Issue gh-4615
2017-10-11 13:58:24 -05:00
a5af2a07d7
HttpHeadersWriter->ServerHttpHeadersWriter
...
Issue gh-4615
2017-10-11 13:58:09 -05:00
d0de8d40dd
WebFilterChainFilter -> WebFilterChainProxy
...
Issue gh-4615
2017-10-11 13:57:50 -05:00
4681697581
UserDetailsRepository->ReactiveUserDetailsService
...
Issue gh-4615
2017-10-11 13:57:30 -05:00
d840090cb0
Add support for implicit grant type
...
Fixes gh-4500
2017-10-11 13:54:59 -04:00
bd4d814e4b
Fix bug in oauth2Login sample
2017-10-10 14:40:11 -04:00
6b16fa0d8c
Polish OAuth Security Configurers
2017-10-10 14:38:06 -04:00
97c938e7f3
Extract authentication logic from AuthorizationCodeAuthenticationFilter
...
Fixes gh-4590
2017-10-10 14:38:06 -04:00
60b5a18a49
Update thymeleaf-layout-dialect-2.2.2
...
Issue: gh-4608
2017-10-09 16:12:57 -05:00
72bbb27bf8
Update appengine-gradle-plugin to 1.3.3
...
Issue: gh-4608
2017-10-09 16:12:41 -05:00
448ee08f28
Update to Boot 2.0.0.M4
...
Issue: gh-4608
2017-10-09 16:12:22 -05:00
5811624bbe
Polish endpoint package
...
* Remove ErrorResponseAttributes
* Rename AuthorizationRequestAttributes -> AuthorizationRequest
* Remove AuthorizationCodeTokenRequestAttributes
* Rename TokenResponseAttributes -> TokenResponse
Issue gh-4593
2017-10-06 18:51:24 -04:00
eca2b67137
ClientRegistration supports 'baseUrl' uri variable
...
Fixes gh-4589
2017-10-05 20:35:51 -04:00
eb320bfed4
AuthorizationCodeAuthenticationProcessingFilter -> AuthorizationCodeAuthenticationFilter
2017-10-05 16:40:12 -04:00
5c14e48b18
Add OAuth2UserAuthenticationProvider
...
Moved logic from AuthorizationCodeAuthenticationProvider
to OAuth2UserAuthenticationProvider (new) related to
loading user attributes via OAuth2UserService.
This re-factor is part of the work required for Issue gh-4513
2017-10-05 15:15:35 -04:00
0d516ca32c
Rename scopes -> scope
2017-10-02 15:50:16 -04:00
fb57111ecd
redirect-uri property supports 'baseRedirectUrl' uri variable
...
Fixes gh-4589
2017-10-02 15:29:03 -04:00
66647070ab
Default login page supports Iterable<ClientRegistration>
...
Fixes gh-4596
2017-09-29 19:54:17 -04:00
ad91adf9dc
Retrieving the UserInfo is conditional
...
Fixes gh-4451
2017-09-29 10:51:16 -04:00
8448a54678
Remove ClientRegistrationRepository.getRegistrations()
...
Fixes gh-4582
2017-09-28 07:02:59 -04:00
814742fef6
Rename ClientRegistration.clientAlias -> registrationId
...
Fixes gh-4575
2017-09-27 09:14:55 -04:00
38be35677d
Add userNameAttributeName to ClientRegistration
...
Fixes gh-4580
2017-09-26 21:55:19 -04:00
0e9b2807bf
Split up NimbusOAuth2UserService
...
Fixes gh-4447
2017-09-26 11:32:49 -04:00
71b1720cfe
Use WebHttpHandlerBuilder in samples
...
DispatcherHandler.toHttpHandler was removed
2017-09-22 20:36:34 -05:00
c54c622124
Re-structure OAuth2AuthenticationToken
...
Fixes gh-4553
2017-09-19 16:35:43 -04:00
c46243594a
Use appengine-gradle-plugin
...
The com.google.appengine:gradle-appengine-plugin is deprecated
2017-09-18 12:00:50 -05:00
f8ee9944ff
Copyright date range
2017-09-18 11:18:46 -05:00
1f4082e754
Fix copyright lines
2017-09-18 11:11:25 -05:00
3ecf3ea034
Fix double * in Copyright headers
2017-09-18 10:47:26 -05:00
455e2bab90
Update to Gradle 4.1
2017-09-18 10:19:59 -05:00
404a8e793e
Add WithMockUser & mutateWith to WebFlux Samples
2017-09-18 10:18:11 -05:00
21f8ee7f36
Use basicAuthenticationCredentials
2017-09-13 15:31:32 -05:00
65b968f04a
Move servlet-specific classes to 'web' package
...
Fixes gh-4366
2017-09-13 16:13:32 -04:00
0a36359f11
WebFlux HTTP Basic & Form Login Sessions
...
By default both HTTP Basic and form log are enabled. Now HTTP Session will
not be used for HTTP Basic, but will be for form log in.
2017-09-13 14:47:44 -05:00
e31684bcf5
Update google defaults
2017-09-13 14:04:18 -04:00
1fe414379c
Simplify hellowebfluxfn
...
This sample should be absolute minimal example
2017-09-13 10:45:11 -05:00
164404c7d3
Simplify hellowebflux
...
This sample should be absolute minimal example.
2017-09-13 10:40:50 -05:00
306f81b7f7
Minor renames to oauth2 client properties
...
Fixes gh-4296
2017-08-30 11:51:06 -04:00
4951550d7d
Add context path to authorization request URI
...
Fixes gh-4510
2017-08-26 18:55:23 -04:00
91b0bd4ba5
Provide oauth2login.tokenEndpoint config
...
Fixes gh-4506
2017-08-23 17:18:01 -04:00
Daniel Bustamante Ospina
Rafael Dominguez
Josh Cummings
John Lin
Joe Grandja
Rob Winch
Michael J. Simons
Johnny Lim
Antoine
Paul Wheeler