Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-02-28 18:39:06 +00:00
Code Issues Packages Projects Releases Wiki Activity
17,613 Commits 36 Branches 337 Tags
Commit Graph

17613 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
github-actions[bot]
70d230dba8 Merge branch '6.4.x' 2025-02-14 04:28:55 +00:00
github-actions[bot]
309daf565d Merge branch '6.3.x' into 6.4.x 2025-02-14 04:28:55 +00:00
dependabot[bot]
c3d45ae529 Bump org.springframework:spring-framework-bom from 6.1.16 to 6.1.17 
Bumps [org.springframework:spring-framework-bom](https://github.com/spring-projects/spring-framework) from 6.1.16 to 6.1.17.
- [Release notes](https://github.com/spring-projects/spring-framework/releases)
- [Commits](https://github.com/spring-projects/spring-framework/compare/v6.1.16...v6.1.17)

---
updated-dependencies:
- dependency-name: org.springframework:spring-framework-bom
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-02-13 20:28:09 -08:00
github-actions[bot]
b75211110d Merge branch '6.4.x' 2025-02-14 04:22:14 +00:00
dependabot[bot]
4c06d98df1 Bump com.nimbusds:oauth2-oidc-sdk from 9.43.5 to 9.43.6 
Bumps [com.nimbusds:oauth2-oidc-sdk](https://bitbucket.org/connect2id/oauth-2.0-sdk-with-openid-connect-extensions) from 9.43.5 to 9.43.6.
- [Changelog](https://bitbucket.org/connect2id/oauth-2.0-sdk-with-openid-connect-extensions/src/master/CHANGELOG.txt)
- [Commits](https://bitbucket.org/connect2id/oauth-2.0-sdk-with-openid-connect-extensions/branches/compare/9.43.6..9.43.5)

---
updated-dependencies:
- dependency-name: com.nimbusds:oauth2-oidc-sdk
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-02-13 20:21:41 -08:00
dependabot[bot]
8e752fc70e Bump org.springframework.ldap:spring-ldap-core from 3.2.10 to 3.2.11 
Bumps [org.springframework.ldap:spring-ldap-core](https://github.com/spring-projects/spring-ldap) from 3.2.10 to 3.2.11.
- [Release notes](https://github.com/spring-projects/spring-ldap/releases)
- [Changelog](https://github.com/spring-projects/spring-ldap/blob/main/changelog.txt)
- [Commits](https://github.com/spring-projects/spring-ldap/compare/3.2.10...3.2.11)

---
updated-dependencies:
- dependency-name: org.springframework.ldap:spring-ldap-core
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-02-13 20:21:29 -08:00
github-actions[bot]
ce2a62a78d Merge branch '6.4.x' 2025-02-14 04:16:30 +00:00
github-actions[bot]
0ce72d0a90 Merge branch '6.3.x' into 6.4.x 2025-02-14 04:16:30 +00:00
dependabot[bot]
acf19c1f1f Bump org.springframework.ldap:spring-ldap-core from 3.2.10 to 3.2.11 
Bumps [org.springframework.ldap:spring-ldap-core](https://github.com/spring-projects/spring-ldap) from 3.2.10 to 3.2.11.
- [Release notes](https://github.com/spring-projects/spring-ldap/releases)
- [Changelog](https://github.com/spring-projects/spring-ldap/blob/main/changelog.txt)
- [Commits](https://github.com/spring-projects/spring-ldap/compare/3.2.10...3.2.11)

---
updated-dependencies:
- dependency-name: org.springframework.ldap:spring-ldap-core
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-02-13 20:16:07 -08:00
dependabot[bot]
b3c880cc24 Bump com.nimbusds:oauth2-oidc-sdk from 9.43.5 to 9.43.6 
Bumps [com.nimbusds:oauth2-oidc-sdk](https://bitbucket.org/connect2id/oauth-2.0-sdk-with-openid-connect-extensions) from 9.43.5 to 9.43.6.
- [Changelog](https://bitbucket.org/connect2id/oauth-2.0-sdk-with-openid-connect-extensions/src/master/CHANGELOG.txt)
- [Commits](https://bitbucket.org/connect2id/oauth-2.0-sdk-with-openid-connect-extensions/branches/compare/9.43.6..9.43.5)

---
updated-dependencies:
- dependency-name: com.nimbusds:oauth2-oidc-sdk
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-02-13 20:15:46 -08:00
dependabot[bot]
571c6bfffb Bump org.springframework:spring-framework-bom from 6.2.2 to 6.2.3 
Bumps [org.springframework:spring-framework-bom](https://github.com/spring-projects/spring-framework) from 6.2.2 to 6.2.3.
- [Release notes](https://github.com/spring-projects/spring-framework/releases)
- [Commits](https://github.com/spring-projects/spring-framework/compare/v6.2.2...v6.2.3)

---
updated-dependencies:
- dependency-name: org.springframework:spring-framework-bom
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-02-13 19:36:51 -08:00
dependabot[bot]
4632370a28 Bump com.nimbusds:oauth2-oidc-sdk from 9.43.5 to 9.43.6 
Bumps [com.nimbusds:oauth2-oidc-sdk](https://bitbucket.org/connect2id/oauth-2.0-sdk-with-openid-connect-extensions) from 9.43.5 to 9.43.6.
- [Changelog](https://bitbucket.org/connect2id/oauth-2.0-sdk-with-openid-connect-extensions/src/master/CHANGELOG.txt)
- [Commits](https://bitbucket.org/connect2id/oauth-2.0-sdk-with-openid-connect-extensions/branches/compare/9.43.6..9.43.5)

---
updated-dependencies:
- dependency-name: com.nimbusds:oauth2-oidc-sdk
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-02-13 19:23:23 -08:00
dependabot[bot]
78a2d74271 Bump org.springframework.ldap:spring-ldap-core from 3.2.10 to 3.2.11 
Bumps [org.springframework.ldap:spring-ldap-core](https://github.com/spring-projects/spring-ldap) from 3.2.10 to 3.2.11.
- [Release notes](https://github.com/spring-projects/spring-ldap/releases)
- [Changelog](https://github.com/spring-projects/spring-ldap/blob/main/changelog.txt)
- [Commits](https://github.com/spring-projects/spring-ldap/compare/3.2.10...3.2.11)

---
updated-dependencies:
- dependency-name: org.springframework.ldap:spring-ldap-core
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-02-13 19:22:33 -08:00
Josh Cummings
666d3a4af6
Merge branch '6.4.x' 2025-02-13 17:25:39 -07:00
Max Batischev
879b44f9a1 Make PublicKeyCredentialRequestOptions Serializable 
Closes gh-16432

Signed-off-by: Max Batischev <mblancer@mail.ru>
 2025-02-13 17:17:16 -07:00
Tran Ngoc Nhan
839269dbf5 Update Spring Security javadocs 
Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
 2025-02-13 16:19:56 -07:00
Tran Ngoc Nhan
51e9f073dd Fix format 
Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
 2025-02-13 16:18:28 -07:00
Tran Ngoc Nhan
3cf1686c0b Revert Nullable annotation 
Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
 2025-02-13 16:18:28 -07:00
Tran Ngoc Nhan
5d089f680e Consistently NonNull annotation 
Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
 2025-02-13 16:18:28 -07:00
Joe Grandja
31fb7feed5 Merge branch '6.4.x' 2025-02-12 06:18:42 -05:00
Joe Grandja
17ca1de7cb Merge branch '6.3.x' into 6.4.x 
Closes gh-16583
 2025-02-12 06:13:33 -05:00
Joe Grandja
33d96d574f Update to oauth2-oidc-sdk 9.43.5 
Closes gh-16582
 2025-02-12 05:47:03 -05:00
dependabot[bot]
61dcbc4d5b Bump serialize-javascript and mocha in /javascript 
Bumps [serialize-javascript](https://github.com/yahoo/serialize-javascript) to 6.0.2 and updates ancestor dependency [mocha](https://github.com/mochajs/mocha). These dependencies need to be updated together.


Updates `serialize-javascript` from 6.0.0 to 6.0.2
- [Release notes](https://github.com/yahoo/serialize-javascript/releases)
- [Commits](https://github.com/yahoo/serialize-javascript/compare/v6.0.0...v6.0.2)

Updates `mocha` from 10.2.0 to 10.8.2
- [Release notes](https://github.com/mochajs/mocha/releases)
- [Changelog](https://github.com/mochajs/mocha/blob/main/CHANGELOG.md)
- [Commits](https://github.com/mochajs/mocha/compare/v10.2.0...v10.8.2)

---
updated-dependencies:
- dependency-name: serialize-javascript
  dependency-type: indirect
- dependency-name: mocha
  dependency-type: direct:development
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-02-12 02:28:05 -08:00
dependabot[bot]
21b77b9cf7 Bump esbuild from 0.23.0 to 0.25.0 in /javascript 
Bumps [esbuild](https://github.com/evanw/esbuild) from 0.23.0 to 0.25.0.
- [Release notes](https://github.com/evanw/esbuild/releases)
- [Changelog](https://github.com/evanw/esbuild/blob/main/CHANGELOG-2024.md)
- [Commits](https://github.com/evanw/esbuild/compare/v0.23.0...v0.25.0)

---
updated-dependencies:
- dependency-name: esbuild
  dependency-type: direct:development
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-02-12 02:15:55 -08:00
dependabot[bot]
36dd74b124 Bump io.projectreactor:reactor-bom from 2023.0.14 to 2023.0.15 
Bumps [io.projectreactor:reactor-bom](https://github.com/reactor/reactor) from 2023.0.14 to 2023.0.15.
- [Release notes](https://github.com/reactor/reactor/releases)
- [Commits](https://github.com/reactor/reactor/compare/2023.0.14...2023.0.15)

---
updated-dependencies:
- dependency-name: io.projectreactor:reactor-bom
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-02-11 19:48:54 -08:00
github-actions[bot]
62c7ff3bf0 Merge branch '6.3.x' into 6.4.x 2025-02-12 03:27:54 +00:00
github-actions[bot]
58afbb494d Merge branch '6.4.x' 2025-02-12 03:27:54 +00:00
dependabot[bot]
b64d5af9c4 Bump io.projectreactor:reactor-bom from 2023.0.14 to 2023.0.15 
Bumps [io.projectreactor:reactor-bom](https://github.com/reactor/reactor) from 2023.0.14 to 2023.0.15.
- [Release notes](https://github.com/reactor/reactor/releases)
- [Commits](https://github.com/reactor/reactor/compare/2023.0.14...2023.0.15)

---
updated-dependencies:
- dependency-name: io.projectreactor:reactor-bom
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-02-11 19:27:11 -08:00
github-actions[bot]
8e969d0f47 Merge branch '6.4.x' 2025-02-12 03:26:48 +00:00
dependabot[bot]
5a30d984a0 Bump io.projectreactor:reactor-bom from 2023.0.14 to 2023.0.15 
Bumps [io.projectreactor:reactor-bom](https://github.com/reactor/reactor) from 2023.0.14 to 2023.0.15.
- [Release notes](https://github.com/reactor/reactor/releases)
- [Commits](https://github.com/reactor/reactor/compare/2023.0.14...2023.0.15)

---
updated-dependencies:
- dependency-name: io.projectreactor:reactor-bom
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-02-11 19:26:08 -08:00
Joe Grandja
2480d41981 Add support for OAuth 2.0 Demonstrating Proof of Possession (DPoP) 
Signed-off-by: Joe Grandja <10884212+jgrandja@users.noreply.github.com>
 2025-02-11 14:10:23 -05:00
dependabot[bot]
27cb1154f2 Bump io.micrometer:micrometer-observation from 1.14.3 to 1.14.4 
Bumps [io.micrometer:micrometer-observation](https://github.com/micrometer-metrics/micrometer) from 1.14.3 to 1.14.4.
- [Release notes](https://github.com/micrometer-metrics/micrometer/releases)
- [Commits](https://github.com/micrometer-metrics/micrometer/compare/v1.14.3...v1.14.4)

---
updated-dependencies:
- dependency-name: io.micrometer:micrometer-observation
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-02-10 20:04:39 -08:00
dependabot[bot]
28f842c46c Bump org.hibernate.orm:hibernate-core from 6.6.6.Final to 6.6.7.Final 
Bumps [org.hibernate.orm:hibernate-core](https://github.com/hibernate/hibernate-orm) from 6.6.6.Final to 6.6.7.Final.
- [Release notes](https://github.com/hibernate/hibernate-orm/releases)
- [Changelog](https://github.com/hibernate/hibernate-orm/blob/6.6.7/changelog.txt)
- [Commits](https://github.com/hibernate/hibernate-orm/compare/6.6.6...6.6.7)

---
updated-dependencies:
- dependency-name: org.hibernate.orm:hibernate-core
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-02-10 20:03:17 -08:00
github-actions[bot]
9c51507785 Merge branch '6.4.x' 2025-02-11 03:28:27 +00:00
dependabot[bot]
8ebd893d01 Bump org.hibernate.orm:hibernate-core from 6.6.6.Final to 6.6.7.Final 
Bumps [org.hibernate.orm:hibernate-core](https://github.com/hibernate/hibernate-orm) from 6.6.6.Final to 6.6.7.Final.
- [Release notes](https://github.com/hibernate/hibernate-orm/releases)
- [Changelog](https://github.com/hibernate/hibernate-orm/blob/6.6.7/changelog.txt)
- [Commits](https://github.com/hibernate/hibernate-orm/compare/6.6.6...6.6.7)

---
updated-dependencies:
- dependency-name: org.hibernate.orm:hibernate-core
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-02-10 19:28:16 -08:00
dependabot[bot]
3e496c0260 Bump io.micrometer:micrometer-observation from 1.14.3 to 1.14.4 
Bumps [io.micrometer:micrometer-observation](https://github.com/micrometer-metrics/micrometer) from 1.14.3 to 1.14.4.
- [Release notes](https://github.com/micrometer-metrics/micrometer/releases)
- [Commits](https://github.com/micrometer-metrics/micrometer/compare/v1.14.3...v1.14.4)

---
updated-dependencies:
- dependency-name: io.micrometer:micrometer-observation
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-02-10 19:27:42 -08:00
ying.li
6494ea9b18 fix for typo 2025-02-10 12:22:57 -06:00
patpatpat123
b6f8046b2f Fix type for rest-client-access-token-response-client.adoc 
In line 260, there is the mention of "=== Customizing the `WebClient`" while it should be "=== Customizing the `RestClient`"

Signed-off-by: patpatpat123 <43899031+patpatpat123@users.noreply.github.com>
 2025-02-10 10:11:06 -06:00
Daniel Garnier-Moiroux
238f47ce5e One Time Token login registers the default login page 
closes gh-16414

Signed-off-by: Daniel Garnier-Moiroux <git@garnier.wf>
 2025-02-10 09:55:51 -06:00
Daniel Garnier-Moiroux
5ee6b83953 Introduce OneTimeTokenAuthenticationFilter 
closes gh-16539

Signed-off-by: Daniel Garnier-Moiroux <git@garnier.wf>
 2025-02-10 09:55:51 -06:00
dependabot[bot]
8e2a4bf356 Bump org.seleniumhq.selenium:htmlunit3-driver from 4.27.0 to 4.28.0 
Bumps [org.seleniumhq.selenium:htmlunit3-driver](https://github.com/SeleniumHQ/htmlunit-driver) from 4.27.0 to 4.28.0.
- [Release notes](https://github.com/SeleniumHQ/htmlunit-driver/releases)
- [Commits](https://github.com/SeleniumHQ/htmlunit-driver/compare/4.27.0...4.28.0)

---
updated-dependencies:
- dependency-name: org.seleniumhq.selenium:htmlunit3-driver
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-02-05 15:06:50 -08:00
Josh Cummings
8e19b8039c
Merge branch '6.4.x' 2025-02-05 15:49:20 -07:00
Josh Cummings
4776446b14
Add Missing Serialzed AuthorizationDeniedException 
Issue gh-16544
 2025-02-05 15:48:55 -07:00
Max Batischev
9676739c88 TestServerOneTimeTokenGenerationSuccessHandler.lastToken to non-static variable 
Signed-off-by: Max Batischev <mblancer@mail.ru>
 2025-02-05 14:14:16 -07:00
Max Batischev
be81377235 Add Support ServerGenerateOneTimeTokenRequestResolver 
Closes gh-16488

Signed-off-by: Max Batischev <mblancer@mail.ru>
 2025-02-05 14:14:16 -07:00
Josh Cummings
981e3fd779
Merge branch '6.4.x' 2025-02-05 13:59:12 -07:00
Josh Cummings
b4c7795699
Support Serialization for Authorization Components 
Closes gh-16544
 2025-02-05 13:58:32 -07:00
Josh Cummings
11113adf62 Polish Nimbus JWK Source Implementation 
Issue gh-16251
 2025-02-05 09:28:07 -07:00
Daeho Kwon
7b7abb28bb Remove Deprecated Usages of RemoteJWKSet 
Closes gh-16251

Signed-off-by: Daeho Kwon <trewq231@naver.com>
 2025-02-05 09:28:07 -07:00
Josh Cummings
f9824fd688 Polish Tests 
Issue gh-16251
 2025-02-05 09:28:07 -07:00