Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
8,467 Commits 32 Branches 333 Tags 109 MiB
Commit Graph

1507 Commits

Author SHA1 Message Date
Pim Moerenhout cd0bec48de Fix typo in log message. 2019-11-21 15:55:27 -07:00
Paul Pazderski 0d35194b47 Add sessionFixation Javadoc 2019-11-15 12:17:05 +01:00
Adrian Pena ca8877c8c5 Updates javadoc for InitializeUserDetailsBeanManagerConfigurer 2019-11-13 10:34:10 +01:00
Eleftheria Stein 1188a3bb5f Polish RememberMeConfigurer 
Issue: gh-4140
 2019-11-07 15:26:59 +01:00
邓超 b13f750646 Retrieve remember-me key from service as fallback 
Fixes: gh-4140
 2019-11-07 13:55:39 +01:00
Yanming Zhou 9f6a36444a Add missing schemas 2019-11-06 08:24:20 -06:00
Josh Cummings 925bf48ec0
Polish OAuth2ResourceServerConfigurerTests 
To confirm that resource server only produces SCOPE_<scope>
authorities by default.

Issue gh-7596
 2019-11-04 11:39:54 -07:00
Filip Hanik 0cafcf37e2 Make the loginProcessingUrl configurable for saml2Login() 
Fixes gh-7565

https://github.com/spring-projects/spring-security/issues/7565
 2019-10-31 08:20:12 -07:00
Josh Cummings 5f17032ffd Restore Removed Throws Clauses 
In a recent clean-up, certain exceptions were removed from various
throws clauses.

This PR re-introduces throws clauses that are important for one of the
following reasons:

1. It's a method on a public interface
2. It's a method clearly designed for inheritance, for example, a
method stub, an abstract method, or indicated as such in the docs.

Fixes gh-7541
 2019-10-30 12:13:54 -06:00
Rob Winch 635f7e1edd CsrfWebFilter supports multipart/form-data 
Fixes gh-7576
 2019-10-28 14:06:10 -05:00
Vitalii Mahas 0ac5f5456f Fix typo 'is' -> 'if' in javadoc 2019-10-25 13:27:11 -06:00
Eleftheria Stein de7cbc82b5 Clarify in Javadoc that expressionHandler should not be null 
Fixes: gh-2665
 2019-10-23 15:10:39 -04:00
Rob Winch 3051a79188 Merge Add hasAnyAuthority method in AuthorizePayloadsSpec.Access 2019-09-30 14:33:41 -05:00
Rob Winch a911f3d52f Merge Add hasAnyRole method in AuthorizePayloadsSpec.Access 2019-09-30 14:14:59 -05:00
Rob Winch 3854afad61 Merge Add denyAll method in AuthorizePayloadsSpec.Access 2019-09-30 14:05:42 -05:00
Josh Cummings 758af54796
ObjectPostProcessor Tests groovy->java 
Issue gh-4939
 2019-09-27 16:36:33 -06:00
Josh Cummings a08be5bf6f
UrlAuthorizationsTests groovy->java 
Issue gh-4939
 2019-09-27 16:23:33 -06:00
Josh Cummings 870d83eb3e
PermitAllSupportTests groovy->java 
Issue gh-4939
 2019-09-27 16:23:33 -06:00
Luis Felipe Vega Calle 350bce761f Add hasAuthority method to RSocketSecurity 
Fixes gh-7435
 2019-09-27 16:48:25 -05:00
Josh Cummings 5f905232cb
Polish CurrentSecurityContextArgumentResolvers 
Fixes gh-7487
 2019-09-27 13:19:08 -06:00
Joe Grandja 5ef6e7ed6f Add author for SecurityReactorContextConfiguration 
Issue gh-7422
 2019-09-27 15:17:20 -04:00
Joe Grandja 0fea57d6a1 Optimize SecurityReactorContextConfiguration 
Issue gh-7422
 2019-09-27 14:46:39 -04:00
Josh Cummings 33ba292fed
Resource Server w/ SecurityReactorContextSubscriber 
Fixes gh-7423
 2019-09-27 11:01:04 -06:00
Joe Grandja 5a67971375 WebFluxSecurityConfiguration configures oauth2Client() by default 
Fixes gh-7470
 2019-09-27 10:04:19 -04:00
Joe Grandja 08d2c93713 Polish gh-7466 2019-09-26 22:11:53 -04:00
Roman Chigvintsev 9bae0a4dbd Allow to customize OAuth2AuthorizationRequestRedirectWebFilter in OAuth2LoginSpec 
Fixes gh-7466
 2019-09-26 17:19:32 -04:00
Joe Grandja 2a5bd6e719 Align Servlet ExchangeFilterFunction CoreSubscriber 
Fixes gh-7422
 2019-09-26 16:17:17 -04:00
Joe Grandja d3b7a47ef8 Polish gh-4442 2019-09-25 21:37:31 -04:00
Mark Heckler da9f027fa4 Add nonce to OIDC Authentication Request 
Fixes gh-4442
 2019-09-25 14:57:54 -04:00
Jesús Ascama ceab56f764 Fix AuthorizationPayloadInterceptor order using PayloadInterceptorOrder.AUTHORIZATION 
Fixes gh-7434
 2019-09-24 15:39:25 -05:00
Joe Grandja 9f18c2e21a OAuth2AuthorizationCodeGrantWebFilter matches on registered redirect-uri 
Fixes gh-7036
 2019-09-24 11:07:36 -04:00
Eleftheria Stein 98e75eb51a Fix Javadoc for anonymous 2019-09-23 11:06:28 -04:00
Rob Winch 00f8991fac Merge Remove Redudant Throws 
Fixes gh-7301
 2019-09-19 11:04:53 -05:00
Ebert Toribio 3a66191756 Add hasAnyAuthority method in AuthorizePayloadsSpec.Access 
See Fixes gh-7437

Co-authored-by: Eddú Meléndez <eddu.melendez@gmail.com>
 2019-09-18 21:17:09 -05:00
Onur Kagan Ozcan 034b5e9e93 Introduce LogoutSuccessEvent 
LogoutSuccessEvent is a simple AbstractAuthenticationEvent implementation which indicates successful logout.

By default, LogoutConfigurer will add a new LogoutHandler called LogoutSuccessEventPublishingLogoutHandler to publish this event.

This PR will also fix ConcurrentSessionFilter's composite logoutHandler, now will get LogoutHandler instances from LogoutConfigurer for consistency.

Fixes gh-2900
 2019-09-18 10:57:16 -05:00
Manuel Tejeda 9926ad68b8 add hasAnyRole method in AuthorizePayloadsSpec.Access 2019-09-18 07:59:20 -05:00
Jesús Ascama daf6b53e3a Add denyAll method in AuthorizePayloadsSpec.Access 
See gh-7437

Co-authored-by: Eddú Meléndez <eddu.melendez@gmail.com>
 2019-09-17 20:17:10 -05:00
Josh Cummings 05caf3d8fb
Use Jwt.Builder 
Fixes gh-7443
 2019-09-16 14:00:25 -06:00
Josh Cummings 1176d0cfdb
Polish DefaultFilters,Issue55Tests 
Formatted HttpSecurity and WebSecurity configuration stacks
Removed unnecessary code

Issue gh-4939
 2019-09-16 13:56:17 -06:00
kostya05983 950e6422a1
Migrate DefaultFilters,Issue55Tests groovy->java 
Issue gh-4939
 2019-09-16 13:37:22 -06:00
Josh Cummings 101e0a21a8 Bearer WebClient Filter Authentication Propagation 
Fixes: gh-7418
 2019-09-11 16:27:21 +01:00
Rob Winch 96d44cd4b7 Add Default RSocketSecurity 
Fixes gh-7361
 2019-09-09 16:10:55 -05:00
Rob Winch 5d0815bc76 Allow RSocketMessageHandlerITests to timeout 
Fixes gh-7415
 2019-09-09 16:10:50 -05:00
Rob Winch 6296e6e896 RSocketSecurity delegates to correct matcher 
Fixes gh-7414
 2019-09-09 16:09:23 -05:00
Rob Winch 1b699a49fb Polish RSocket packaging 
Fixes gh-7413
 2019-09-09 16:07:14 -05:00
Eleftheria Stein aa533c2565 Add missing javadoc to session fixation 2019-09-06 16:33:51 -04:00
Rob Winch 316380e622 Allow Custom PayloadInterceptor to be Added 
Fixes gh-7362
 2019-09-06 14:52:47 -05:00
Joe Grandja a60446836b OAuth2AuthorizeRequest supports attributes 
Fixes gh-7341
 2019-09-05 21:04:25 -04:00
Filip Hanik 08d50868c9
Merge pull request #7260 from fhanik/feature/saml2-sp-mvp 
Add SAML Service Provider Support
 2019-09-05 17:04:14 -07:00
Filip Hanik e9a44bc0ce HttpSecurity.saml2login() - MVP Core Code 
Implements minimal SAML 2.0 login/authentication functionality with the
following feature set:

  - Supports IDP initiated login at the default url of /login/saml2/sso/{registrationId}
  - Supports SP initiated login at the default url of /saml2/authenticate/{registrationId}
  - Supports basic java-configuration via DSL
  - Provides an integration sample using Spring Boot

Not implemented with this MVP

  - Single Logout
  - Dynamic Service Provider Metadata

Fixes gh-6019
 2019-09-05 14:40:08 -07:00
Rob Winch 9639962e27 Fix RSocket Package Tangle 
Issue gh-7360
 2019-09-05 16:27:57 -05:00
Rob Winch 7ad641d106 RSocket Tests use Available Port 
Issue gh-7360
 2019-09-05 09:16:07 -05:00
Josh Cummings 26a65249f9
Remove invalid characters 2019-09-05 04:32:34 -06:00
Rob Winch 5a4eded696 Add RSocket Support 
Fixes gh-7360
 2019-09-04 19:24:01 -05:00
Joe Grandja dcd997ea43 Add support for Resource Owner Password Credentials grant 
Fixes gh-6003
 2019-09-04 14:07:45 -04:00
Josh Cummings de672e3ae9
Polish oauth2ResourceServer() Error Messaging 
Fixes: gh-6876
 2019-09-04 11:49:22 -06:00
Josh Cummings 1fc5b27fa2
Update LogoutConfigurerClearSiteData Tests 
Issue gh-7347
 2019-09-04 03:30:37 -06:00
Josh Cummings 068f4f0147 Polish Opaque Token 
Use OAuth2AuthenticatedPrincipal
Use BearerTokenAuthentication
Update names to reflect more generic approach.

Fixes gh-7344
Fixes gh-7345
 2019-09-03 15:58:05 -06:00
Eddú Meléndez 8773c7994f Allow to set default securityContextRepository for each authentication mechanisms 
Fixes gh-7249
 2019-09-03 07:46:59 -06:00
kostya05983 f6c650db47
Replace Streams with Loops 
First version of replacing streams

fix wwwAuthenticate and codestyle

fix errors in implementation to pass tests

Fix review notes

Remove uneccessary final to align with cb

Short circuit way to authorize

Simplify error message, make code readably

Return error while duplicate key found

Delete check for duplicate, checkstyle issues

Return duplicate error

Fixes gh-7154
 2019-09-02 15:30:48 -06:00
Josh Cummings d6d0d89ff8
NamespaceRememberMeTests groovy->java 
Issue gh-4939
 2019-09-02 13:08:21 -06:00
Josh Cummings bf5b693549
NamespaceHttpOpenIDLoginTests groovy->java 
Issue gh-4939
 2019-08-30 15:54:43 -06:00
Lars Grefer 95511331fa fix checkstyle 2019-08-26 22:42:26 +02:00
watsta 2c2e8e5f24 Remove internal Optional usage in favor of null checks 
Issue gh-7155
 2019-08-26 09:27:40 -04:00
Lars Grefer 34dd5fea30 Remove redundant throws clauses 
Removes exceptions that are declared in a method's signature but never thrown by the method itself or its implementations/derivatives.
 2019-08-23 01:03:54 +02:00
Joe Grandja 46756d2e6b Introduce Reactive OAuth2AuthorizedClient Manager/Provider 
Fixes gh-7116
 2019-08-21 14:12:38 -04:00
John Lin 9876b66f99
Polish GlobalMethodSecurityConfiguration 
Initialize ExpressionBasedPreInvocationAdvice for
PreInvocationAuthorizationAdviceVoter only when needed.
 2019-08-17 16:35:30 -06:00
Rob Winch 71444ff5dc RequestCache ignores multipart requests 
Fixes gh-7060
 2019-08-15 09:21:41 -05:00
Rob Winch 08ea2348d6 Polish RequestCache ignores multipart requests 2019-08-15 09:20:45 -05:00
Ahmed Sayed 1ab05dae02 added test 2019-08-14 21:35:34 +02:00
Rob Winch abc90280e0
Add unbounid support in xml 
Add unbounid support in xml

Fixes gh-6011
 2019-08-14 10:05:49 -05:00
Lars Grefer cb4f3d2f44 Use UTF-8 for Java sources and XML 2019-08-14 08:47:00 -05:00
Eddú Meléndez 2e63def05b Add tests 2019-08-14 00:56:26 -05:00
Eddú Meléndez 93142f3e30 Remove unboundid dependency 2019-08-13 20:39:25 -05:00
Eddú Meléndez c03fb701ce Improve logic to pick embedded server 2019-08-13 20:36:46 -05:00
Eddú Meléndez 3511c0ea4f Update xsd 2019-08-13 20:17:51 -05:00
Josh Cummings 4ed197e515 Rename OAuth2TokenIntrospectionClient 
Renamed to OpaqueTokenIntrospector

Fixes gh-7245
 2019-08-12 18:05:28 -04:00
Rob Winch c1db1aad91
Cleanup Code Style Issues 
Cleanup Code Style Issues
 2019-08-12 13:06:49 -05:00
Eddú Meléndez 9b2af944fa Add unbounid support in xml 
Currently, spring-security provides apacheds integration by default. This
commit introduces a new `mode` in the `ldap-server` tag which allows to choose
beetween `apacheds` and `unboundid`. In order to keep backward compatibility
if `mode` is not set and apacheds jars are in the classpath apacheds is used
as a embedded ldap.

Fixes gh-6011
Currently, unboundid was added as a support for embbeded LDAP and it
is used on the Java Config. This commit introduces support from XML side.
Also, give the chance to users to move from apacheds to unboundid using
a new attribute `mode`.

Fixes gh-6011
 2019-08-10 19:07:45 -05:00
Francesco Chicchiriccò 0410bac559 Add support for oauth2Login().securityContextRepository(...) 
Fixes gh-7222
 2019-08-10 15:56:20 -04:00
Lars Grefer ff1070df36 remove redundant modifiers found by checkstyle 2019-08-10 00:18:56 +02:00
Lars Grefer bbefc491b2 unused imports 2019-08-09 16:59:07 -05:00
Lars Grefer 38de737663 Java 8: Statement lambda can be replaced with expression lambda 2019-08-09 16:59:07 -05:00
Lars Grefer 3a5d8ba696 Java 8: Collections.sort() can be replaced with List.sort() 2019-08-09 16:59:07 -05:00
Lars Grefer 91c846756e Java 5: Unnecessary Boxing 2019-08-09 16:59:07 -05:00
Lars Grefer 578d628774 'Collection.toArray()' call style 2019-08-09 16:57:31 -05:00
Lars Grefer 40bee457f9 Unnecessary enum modifier 2019-08-09 00:42:07 +02:00
Lars Grefer eddcd1622f Type parameter extends Object 
Reports any type parameters and wildcard type arguments explicitly declared to extend java.lang.Object.
 2019-08-09 00:40:13 +02:00
Lars Grefer fb39d9c255 Anonymous type can be replaced with lambda 2019-08-08 17:09:09 -04:00
Lars Grefer 05f42a4995 Remove unused imports 2019-08-08 14:22:31 -04:00
Josh Cummings 65f6025cef
Polish OAuth2LoginConfigurer 
Improve way of accessing ApplicationContext to ensure backward
compatibility.

Issue gh-7232
 2019-08-07 13:25:38 -06:00
Josh Cummings a00ad37168
OAuth2LoginConfigurer UserService Beans 
Fixes gh-7232
 2019-08-07 10:58:23 -06:00
Lars Grefer f5cd0ec302 Use try-with-resources instead of try-finally 2019-08-06 15:33:04 -05:00
Lars Grefer 2056834432 Cleanup unnecessary unboxing 
Unboxing is unnecessary under Java 5 and newer, and can be safely removed.
 2019-08-06 10:17:38 -04:00
Lars Grefer 2306d987e9 Cleanup unnecessary boxing 2019-08-06 10:17:38 -04:00
Eddú Meléndez 2c836a171a Add authenticationFailureHandler method in OAuth2LoginSpec 
Allow to customize the failure handler.

Fixes gh-7051
 2019-08-05 14:09:11 -05:00
Lars Grefer 776a4c3760 Use org.mockito.ArgumentMatchers in favor of org.mockito.Matchers 2019-08-03 12:28:37 -04:00
Eddú Meléndez 50adb6abcb Fix javadoc 2019-07-31 15:36:30 -04:00
Sam Simmons e88c5c0eee Fix CSRF session authentication strategy since version 2019-07-31 07:45:51 -05:00
Ahmed Sayed 0591403dea ignore Multipart requests in HttpSessionRequestCache.requestMatcher 2019-07-31 12:17:55 +02:00