539a11d0a4
Encode postLogoutRedirectUri query params
...
Closes gh-11379
2022-06-16 16:13:42 -06:00
aa1ef46d84
Update clockSkew javadoc according to implementation
...
Closes gh-10174
2021-11-19 13:33:05 +01:00
076c01daef
Add missing @since 5.6
2021-11-09 14:07:05 -06:00
f836897190
Checkstyle Fixes
...
- Javadoc tag ordering
- Private constructors before inner classes
Issue gh-10394
2021-10-18 21:03:35 -05:00
3b564b2026
Add parameters converter support to AbstractWebClientReactiveOAuth2AccessTokenResponseClient
...
This adds support for configuring NimbusJwtClientAuthenticationParametersConverter to any AbstractWebClientReactiveOAuth2AccessTokenResponseClient as an additional parameters converter, which in turns adds reactive support for jwt client authentication.
Closes gh-10146
2021-10-06 13:09:33 -05:00
9b24f66f1c
Implement reactive support for JWT as an Authorization Grant
...
Closes gh-10147
2021-10-05 16:09:24 -05:00
97c949d929
oauth2Login() AuthenticationProvider's preserve root cause exception when rethrown
...
Closes gh-10228
2021-09-24 10:41:31 -04:00
5830fda2fa
Introduce JwtEncoder
...
Closes gh-9208
2021-09-24 05:13:40 -04:00
860690491a
Add setBodyExtractor
...
Closes gh-10260
2021-09-22 15:32:19 -06:00
9b4ddd7e0a
Make AuthorizationGrantTypeConverter support custom grant type
...
Closes gh-10155
2021-08-19 13:13:20 -04:00
6d6dc113d8
Add converter for authentication result in OAuth2LoginAuthenticationFilter
...
Closes gh-10033
2021-08-10 16:50:19 -05:00
fc553bf19a
Add gh-10130 to tests
2021-08-09 15:33:54 -05:00
acca3dba69
Polish gh-10131
2021-08-09 11:07:12 -05:00
044157061f
Enable customizing headers in token requests
...
Adds the possibility to customize the headers of the access token request in AbstractWebClientReactiveOAuth2AccessTokenResponseClient, similarly to what is done in the AbstractOAuth2AuthorizationGrantRequestEntityConverter.
Closes gh-10130
2021-08-09 10:50:37 -05:00
b6ff4d3674
Fix mockito UnnecessaryStubbingException
2021-07-09 14:35:10 -05:00
3e93b024d6
openrewrite Junit Migration
2021-07-09 14:32:52 -05:00
d4c3cea0e6
Update Copyright
...
Issue gh-9901
2021-06-17 08:34:31 -06:00
1d606ccedb
fix typo preventing full exception to be displayed in log
...
closes gh-9901
2021-06-17 08:33:32 -06:00
807ce30948
Support additional client authentication methods
...
Closes gh-9780
2021-06-16 15:48:03 -05:00
0cba0874f3
Handle missing authorization endpoint uri
...
Closes gh-9795
2021-06-16 15:38:53 -05:00
9b05afdee8
Remove validation for unsupported grant types
...
Closes gh-9828
2021-06-16 14:54:33 -05:00
eb6ed283e0
Jwt client authentication converter detects new key
...
Closes gh-9814
2021-06-16 12:55:12 -04:00
aed993f3e5
Store one request by default in WebSessionOAuth2ServerAuthorizationRequestRepository
...
Related to gh-9649
Closes gh-9857
2021-06-15 11:03:30 -05:00
36805c7192
Revert "Use strict equality for timestamp comparison in JDBC tests"
...
This reverts commit 09a0670cb6
2021-06-08 10:13:53 +03:00
09a0670cb6
Use strict equality for timestamp comparison in JDBC tests
...
This is possible because of the update to HSQLDB 2.6.0
This reverts commit eb7b27695d
2021-06-08 09:31:55 +03:00
ac9b137cad
URL encode client credentials
...
Closes gh-9610
2021-06-01 12:57:06 -05:00
65ecaa0c28
Polish postLogoutRedirectUri encoding
...
Issue gh-9511
2021-05-26 12:31:41 -06:00
b671a96073
Encode postLogoutRedirectUri query params
...
Now encodes already encoded queryparameters in postLogoutRedirectUrl
correctly
Closes gh-9511
2021-05-26 12:10:03 -06:00
36dcbe24d0
Handle custom status codes in error handler
...
Fixes an issue where custom status codes in the error response cause an
IllegalArgumentException to be thrown when resolving an HttpStatus.
Closes gh-9741
2021-05-25 13:31:34 -05:00
5b24bd1288
Adjust ClientRegistrationsTests
...
Closes gh-9748
2021-05-14 10:30:46 -06:00
5f6de026a8
Update javadoc AuthorizationCodeOAuth2AuthorizedClientProvider
...
Closes gh-9708
2021-05-13 13:02:08 -04:00
64b7af473d
Additional HttpSessionOAuth2AuthorizationRequestRepository tests
...
Issue gh-5145
2021-05-12 14:59:25 -05:00
35f5ebdbcf
HttpSessionOAuth2AuthorizationRequestRepository: store one request by default
...
Add setAllowMultipleAuthorizationRequests allowing applications to
revert to the previous functionality should they need to do so.
Closes gh-5145
Intentionally regresses gh-5110
2021-05-12 14:59:25 -05:00
761e3a9dd8
JwtBearerOAuth2AuthorizedClientProvider checks for access token expiry
...
Fixes gh-9700
2021-04-30 10:12:38 -04:00
eff4cdc924
Polish gh-9505
2021-04-09 06:22:29 -04:00
7694aa27cf
Add jwt-bearer authorization grant
...
Closes gh-6053
2021-04-09 06:22:29 -04:00
9c97970e26
Add Jwt Client Authentication support
...
Closes gh-8175
2021-04-08 15:44:33 -04:00
b8e47882aa
Fix test to use non-expired token
...
Closes gh-9506
2021-03-17 17:38:08 +01:00
5e5ff27109
Configure Jackson for nanosecond precision
...
Closes gh-9461
2021-02-17 11:53:36 -07:00
a0a9718b8b
Use Instant with micro-second precision
...
Closes gh-9449
2021-02-17 11:31:23 -07:00
d85a7cfc4a
Make user info response status check error only
...
Closes gh-9336
2021-01-25 10:02:58 -05:00
56db058fd0
Fix NullPointerException
...
- Caused by a malformed WWW-Authenticate value
2021-01-21 16:18:23 -07:00
58e3235093
Deprecate ClientAuthenticationMethod BASIC and POST
...
Closes gh-9220
2020-11-25 15:13:28 -05:00
c069692ab9
Extract OAuth2Token from AbstractOAuth2Token
...
Closes gh-5502
2020-11-02 20:35:08 -05:00
6724e3e514
Provide a R2dbc implementation of ReactiveOuath2AuthorizedClientService
...
Implement R2dbcReactiveOuath2AuthorizedClientService which persists the
Oauth2AuthorizedClient in a sql database
R2dbcReactiveOuath2AuthorizedClientService is using the spring-r2dbc
module to persist/load Oauth2AuthorizedClient to/from a sql database
Add optional depedency to the spring-r2dbc module
Add test compile dependencies to r2dbc-h2 and r2dbc-test
Closes gh-7890
2020-10-29 15:44:12 -04:00
42a787d1f6
Add Postgres sql for JDBC implementation of OAuth2AuthorizedClientService
...
Postgres doesn't have a BLOB type, but it does have an equivalent BYTEA
type.
This approach and naming convention follows the convention established
in Spring Session JDBC which has sql for each RDBMS with files names in
the pattern *-{dbname}.sql, for example:
schema-db2.sql
schema-derby.sql
schema-h2.sql
schema-mysql.sql
schema-postgresql.sql
See https://github.com/spring-projects/spring-session/tree/2.3.1.RELEASE/spring-session-jdbc/src/main/resources/org/springframework/session/jdbc
Issue gh-9070
2020-10-22 09:56:20 -04:00
05dc326389
Use LobHandler in JdbcOAuth2AuthorizedClientService
...
LobHandler provides an abstraction for handling large binary fields and large text
fields in specific databases, no matter if represented as simple types or
Large OBjects.
Its use provides compatibility with many databases eliminating the need
for custom OAuth2AuthorizedClientParametersMapper and
OAuth2AuthorizedClientRowMapper implementations.
Closes gh-9070
2020-10-22 09:56:20 -04:00
c502312719
Replace expected @Test attributes with AssertJ
...
Replace JUnit expected @Test attributes with AssertJ calls.
2020-09-22 16:13:51 -06:00
20baa7d409
Replace ExpectedException @Rules with AssertJ
...
Replace JUnit ExpectedException @Rules with AssertJ calls.
2020-09-22 16:13:51 -06:00
6e6d382357
Adapt to WebClient's new exception wrapping
...
See https://github.com/spring-projects/spring-framework/issues/23842
Closes gh-9031
2020-09-17 12:21:51 -04:00
Josh Cummings
Dávid Kováč
Steve Riesenberg
Rob Winch
Joe Grandja
bishoy basily
Rujun Chen
Vincent Boulaye
Arnaud Mergey
Steve Riesenberg
Eleftheria Stein
Hans Hosea Schaefer
Asian Malaysian Vietnamese
Craig Andrews
Hassene Laaribi
Benjamin Faal
tristanessquare
Ovidiu Popa
Phillip Webb