Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2026-04-17 14:30:27 +00:00
Code Issues Packages Projects Releases Wiki Activity
20,767 Commits 62 Branches 376 Tags
Commit Graph

1558 Commits

Author SHA1 Message Date
Joe Grandja
f66fb0814b Fix merge 2026-04-07 16:12:34 -04:00
Joe Grandja
3008848158 Merge branch '7.0.x' 2026-04-07 15:47:01 -04:00
Joe Grandja
41524880c6 Fix auth_time claim should represent authentication time 
Closes gh-18282
 2026-04-07 15:44:57 -04:00
Joe Grandja
4ce3fade21 Add @Nullable to DefaultOidcUser.equals() 
Issue gh-18622
 2026-04-02 11:02:22 -04:00
Joe Grandja
9527a4b281 Merge branch '7.0.x' 2026-04-02 10:58:06 -04:00
Joe Grandja
77fe9e892a Merge branch '6.5.x' into 7.0.x 
Closes gh-19022
 2026-04-02 10:52:15 -04:00
Joe Grandja
eefbb4da64 Fix DefaultOidcUser.equals() 
Closes gh-18622
 2026-04-02 10:41:32 -04:00
Joe Grandja
2ada3f00fa Polish gh-18888 2026-04-02 06:29:02 -04:00
Evgeniy Cheban
8f2a5a7b6e Add PrincipalResolver to ExchangeFilterFunctions 
Closes gh-16284

Signed-off-by: Evgeniy Cheban <mister.cheban@gmail.com>
 2026-04-02 06:28:42 -04:00
Joe Grandja
aa35db5aad Fix merge conflict 2026-04-02 05:45:17 -04:00
Josh Cummings
5b8d81828a
Add serialVersionUID 
This commit gives a serialVersionUID to the private adapter class for the Jwt
authentication principal. It also adds a SuppressWarnings annotation so that
it doesn't get picked up by config's serialization tests. This is needed since
the test cannot construct a serialization sample for a private class

Issue gh-6237

Signed-off-by: Josh Cummings <3627351+jzheaux@users.noreply.github.com>
 2026-03-31 16:19:41 -06:00
Josh Cummings
cb129d6b2d
Merge branch '7.0.x' 2026-03-31 15:56:49 -06:00
Josh Cummings
d4678c8e04
Add Missing Serialization Support 
Closes gh-19013

Signed-off-by: Josh Cummings <3627351+jzheaux@users.noreply.github.com>
 2026-03-31 15:55:09 -06:00
Josh Cummings
08fca57d12
Add Missing Serialization Support 
Closed gh-19012

Signed-off-by: Josh Cummings <3627351+jzheaux@users.noreply.github.com>
 2026-03-31 13:58:35 -06:00
Josh Cummings
067f79dde5
Merge branch 'fix-17729' into 7.0.x 2026-03-30 17:19:31 -06:00
Josh Cummings
52d98ab7af
Add Needed SuppressWarnings Annotations 
Signed-off-by: Josh Cummings <3627351+jzheaux@users.noreply.github.com>
 2026-03-30 17:14:17 -06:00
Joe Grandja
12997b6ab6 Polish oauth2-client tests with missing Content-Type header 2026-03-30 13:40:32 -04:00
Josh Cummings
95b6dc753a
Merge branch '7.0.x' 2026-03-27 12:14:47 -06:00
Josh Cummings
9fb3e14989
Merge branch '6.5.x' into 7.0.x 2026-03-27 12:14:41 -06:00
Josh Cummings
95b2cdf7f4
Clarify JavaDoc 
Removed note about DelegatingJwtGrantedAuthoritiesConverter from
ExpressionJwtGrantedAuthoritiesConverter and further explained in
DelegatingJwtGrantedAuthoritiesConverter where it comes in handy.

Issue gh-18300

Signed-off-by: Josh Cummings <3627351+jzheaux@users.noreply.github.com>
 2026-03-27 11:48:56 -06:00
Joe Grandja
db67f36492 Fix ID Token auth_time validation (reactive) 
Issue gh-18839 gh-17246
 2026-03-25 14:28:00 -04:00
Joe Grandja
a8281a9c62 Merge branch '7.0.x' 2026-03-25 13:23:11 -04:00
Joe Grandja
65cf2586c5 Merge branch '6.5.x' into 7.0.x 
Closes gh-18978
 2026-03-25 12:40:43 -04:00
Joe Grandja
6e683f2286 Fix ID Token auth_time validation 
Closes gh-18839
 2026-03-25 11:33:55 -04:00
Andrey Litvitski
2fda37de53 Fix equals nullability annotations for jspecify compliance 
In this commit, we added `@Nullable` to equals methods of classes that
support `jspecify` for consistency with other Spring projects and to
avoid bugs that caused other Spring projects to do this natively.

Closes: gh-18929, gh-18927

Signed-off-by: Andrey Litvitski <andrey1010102008@gmail.com>
 2026-03-23 09:25:57 -06:00
Joe Grandja
1db0d4f83d Enable null-safety in spring-security-oauth2-authorization-server 
Closes gh-18937
 2026-03-23 05:07:14 -04:00
Josh Cummings
ea05089443 Polish Formatting 
Closes gh-18381

Signed-off-by: Josh Cummings <3627351+jzheaux@users.noreply.github.com>
 2026-03-20 15:38:27 -06:00
Giacomo Baso
7b282c3a17 Relax client_id validation in AtJwtBuilder 
RFC 9068 requires that access token JWTs include the `client_id`
claim, but it does not require resource servers to validate it against
a specific value.

Relates to gh-18381

Signed-off-by: Giacomo Baso <gbaso@users.noreply.github.com>
 2026-03-20 15:38:27 -06:00
Joe Grandja
09ce639c4b Enable null-safety in spring-security-oauth2-resource-server 
Closes gh-17822
 2026-03-19 06:21:08 -04:00
Joe Grandja
baad23caab Enable null-safety in spring-security-oauth2-client 
Closes gh-17819
 2026-03-18 05:04:30 -04:00
Joe Grandja
22a98583f1 Enable null-safety in spring-security-oauth2-jose 
Closes gh-17821
 2026-03-13 11:58:29 -04:00
Josh Cummings
c342b89760
Remove setRequestEntityConverter 
Given that RestClient does not read RequestEntity objects, let's
leave it out of a class built around using RestClient

Issue gh-18745

Signed-off-by: Josh Cummings <3627351+jzheaux@users.noreply.github.com>
 2026-03-11 15:15:15 -06:00
Joe Grandja
61177aed85 Remove NullAway SuppressWarnings in ClaimAccessor 
Issue gh-17820
 2026-03-11 13:53:30 -04:00
Joe Grandja
703ffaf143 Merge branch '7.0.x' 2026-03-10 15:59:29 -04:00
Joe Grandja
1906075b0c OAuth2DeviceVerificationEndpointFilter is applied after AuthorizationFilter 
Closes gh-18873
 2026-03-10 15:32:24 -04:00
Joe Grandja
c7235ec0a3 Allow custom token settings for OAuth 2.0 dynamic client registration 
Closes gh-18870
 2026-03-10 07:48:37 -04:00
Joe Grandja
8c0d2cccf1 Initialize RefreshOidcUserReactiveOAuth2AuthorizationSuccessHandler when jose is on classpath 
Issue gh-17246
 2026-03-09 17:03:49 -04:00
Josh Cummings
498b0cb59c Make RestClientOpaqueTokenIntrospector final 
Issue gh-18745

Signed-off-by: Josh Cummings <3627351+jzheaux@users.noreply.github.com>
 2026-03-02 16:20:22 -07:00
Andrey Litvitski
a5c0113ff0 Add postProcessr support to RestClientOpaqueTokenIntrospector 
Signed-off-by: Andrey Litvitski <andrey1010102008@gmail.com>
 2026-03-02 16:20:22 -07:00
Andrey Litvitski
bafd4034a0 Provide RestClientSpringOpaqueTokenIntrospector 
Since similar classes have alternative versions using RestClient instead
of RestTemplate, I think we should do the same with this class.

Closes: gh-18745

Signed-off-by: Andrey Litvitski <andrey1010102008@gmail.com>
 2026-03-02 16:20:22 -07:00
kimyounguk1
ca34ec26d8 This commit fixes the @param tag typo in ClientAttributes.java 
to ensure the Javadoc build passes.

Signed-off-by: kimyounguk1 <kyw020108@gmail.com>

Fix javadoc @param typo in ClientAttributes

Signed-off-by: kimyounguk1 <kyw020108@gmail.com>
 2026-03-02 13:27:21 -07:00
Josh Cummings
c208410a91 Polish Jwt Authentication Converter 
- Replace conditional logic with adapter class
- Added tests

Issue gh-6237

Signed-off-by: Josh Cummings <3627351+jzheaux@users.noreply.github.com>
 2026-02-26 12:28:50 -07:00
Andrey Litvitski
aabc9fc1cc Support Custom Principal in Jwt Authentication Flow 
Closes gh-6237

Signed-off-by: Andrey Litvitski <andrey1010102008@gmail.com>
 2026-02-26 12:28:50 -07:00
Robert Winch
2eb948d9b5
Ensure tests clear AuthorizationServerContextHolder 
Closes gh-18768
 2026-02-23 08:17:02 -06:00
Robert Winch
21978cab22 Fix Build Errors for Improve AOT RuntimeHits 
- Saml2RuntimeHints consistently uses String in separate method for
  to ensure no classpath issues
- Fix Whitespace/Checkstyle
- Add Missing Nullability Annotations
 2026-02-20 17:28:35 -06:00
Josh Long
2dd2863550 aot improvements 
Signed-off-by: Josh Long <54473+joshlong@users.noreply.github.com>
 2026-02-20 17:28:35 -06:00
Robert Winch
0dc1aa1126 Ensure tests clear AuthorizationServerContextHolder 2026-02-19 15:20:44 -06:00
Josh Cummings
fc48088759 Polish 
- Add @since version
- Change variable name to match method name

Issue gh-18623

Signed-off-by: Josh Cummings <3627351+jzheaux@users.noreply.github.com>
 2026-02-17 17:19:42 -07:00
itsmevichu
d528be38bb Add postProcessor to Introspector Builder 
Closes gh-18623

Signed-off-by: itsmevichu <vishnutheep@gmail.com>
 2026-02-17 17:19:42 -07:00
Joe Grandja
544f635e9b Polish gh-17246 2026-02-17 16:35:57 -05:00