179 Commits

Author SHA1 Message Date
Josh Cummings
ffd8f7c8e4 Close Nimbus Information Leak
This commit captures and remaps the exception that Nimbus throws
when a PlainJWT is presented to it.

While the surrounding classes are likely only used today by the
oauth2Login flow, since they are public, we'll patch them at this
point for anyone who may be using them directly.

Fixes: gh-5457
2018-07-24 13:24:34 -06:00
mhyeon.lee
1b213d65d2 Enhance OAuth2AccessToken to be serializable
Change the TokenType to Serializable
so that the OAuth2AccessToken can be serialized.
(org.springframework.security.oauth2.core.OAuth2AccessToken.TokenType)

Fixes gh-5492
2018-07-13 12:10:55 -04:00
Joe Grandja
f524da3edc Add test NimbusUserInfoResponseClient sets Accept header to JSON
Issue gh-5294
2018-05-03 20:23:03 -04:00
Joe Grandja
e1e464387e NimbusUserInfoResponseClient sets Accept header to JSON
Fixes gh-5294
2018-05-03 20:22:47 -04:00
Joe Grandja
a7de1e363f OAuth2LoginAuthenticationFilter should handle null ClientRegistration
Fixes gh-5251
2018-05-02 20:31:59 -04:00
Joe Grandja
e6d68acfd6 Fix NPE with exp claim in NimbusJwtDecoderJwkSupport
Fixes gh-5168
2018-04-04 09:02:05 -04:00
Joe Grandja
bc2a7ac394 ClaimAccessor.getClaimAsInstant() converts Long or Date
Fixes gh-5191, Fixes gh-5192
2018-04-04 04:57:36 -04:00
Joe Grandja
7eb58ee7d9 DefaultOAuth2UserService -> assert UserInfo Uri is set
Fixes gh-4992
2018-02-02 13:01:18 -05:00
Joe Grandja
6b24aaf6f5 Add javadoc for spring-security-oauth2-jose
Fixes gh-4885
2018-01-23 21:27:47 -05:00
Joe Grandja
fe2ac00deb Add javadoc for spring-security-oauth2-client
Fixes gh-4884
2018-01-23 17:07:21 -05:00
Joe Grandja
e6cac604f3 Add javadoc for spring-security-oauth2-core
Fixes gh-4883
2018-01-18 16:00:26 -05:00
Joe Grandja
1d32fffc1d Make OAuth2Error Serializable
Fixes gh-4944
2018-01-10 10:40:54 -05:00
Johnny Lim
57353d18e5 Use diamond type 2017-12-21 15:09:00 -06:00
Eddú Meléndez
c16456623f Remove unused imports 2017-12-20 16:05:38 -06:00
Joe Grandja
268a1dc06e DefaultOAuth2User is Serializable
Fixes gh-4917
2017-12-19 09:07:17 -05:00
Rob Winch
ae664c33b1 Polish
Fix compile warnings in ClientRegistrationTests
2017-11-27 12:12:59 -06:00
Johnny Lim
edccafca84 Create OAuth2AuthorizationResponse lazily
This commit creates `OAuth2AuthorizationResponse` as lazily as possible to prevent the creation when `authorizationRequest` is `null`.

Fixes gh-4848
2017-11-20 11:01:34 -05:00
Joe Grandja
c04b3b4114 Exclude well-known ports in expanded redirect-uri
Fixes gh-4836
2017-11-18 10:41:27 -05:00
Johnny Lim
b6895e6359 Apply Checkstyle WhitespaceAfterCheck module 2017-11-16 11:18:31 -06:00
Joe Grandja
dd33f0a7de ClientRegistration.redirectUri -> redirectUriTemplate
Fixes gh-4827
2017-11-15 14:51:35 -05:00
Joe Grandja
e098c3707e Update default redirect-uri to use 'baseUrl' template variable
Fixes gh-4826
2017-11-15 14:51:35 -05:00
Johnny Lim
d900f2a623 Remove unused imports
This commit also adds UnusedImportsCheck Checkstyle module.
2017-11-14 14:41:08 -06:00
Joe Grandja
872a8f3189 Change constructor param order in oauth2 client filters
Fixes gh-4818
2017-11-13 17:32:22 -05:00
Joe Grandja
426c034c01 OidcUserService uses custom userNameAttributeName
Fixes gh-4812
2017-11-12 14:44:57 -05:00
Joe Grandja
6775d9fdd8 OAuth2AccessTokenResponse should account for expires_in <= 0
Fixes gh-4810
2017-11-12 11:30:11 -05:00
Joe Grandja
63e2db72ea Add tests to oauth2-jose
Fixes gh-4806
2017-11-10 17:09:48 -05:00
Joe Grandja
473ac0e37c Add tests to oauth2-client
Fixes gh-4299
2017-11-10 16:03:34 -05:00
Joe Grandja
db35dc6c03 Add tests to oauth2-core
Fixes gh-4298
2017-11-06 11:39:17 -05:00
Joe Grandja
ef9cd76607 Polish oauth2
Fixes gh-4758
2017-10-30 16:49:01 -04:00
Joe Grandja
d435f149eb Polish spring-security-oauth2-jose
Fixes gh-4755
2017-10-30 13:09:40 -04:00
Joe Grandja
511d702ee0 Remove JwtDecoderRegistry
Fixes gh-4754
2017-10-30 12:52:42 -04:00
Rob Winch
d9584384c4 Move collectClaims to OidcUserAuthority
Fixes gh-4749
2017-10-29 20:41:05 -05:00
Rob Winch
3d065b5afd Add getIdToken getUser to OidcUser
Fixes gh-4748
2017-10-29 20:10:55 -05:00
Rob Winch
c1c726f123 Polish InMemoryClientRegistrationRepository
Issue: gh-4745
2017-10-29 20:03:36 -05:00
Rob Winch
a3e38fec47 Remove AuthorizationRequestUriBuilder
Make this API private since we don't have concrete use cases for exposing
it yet.

Fixes gh-4742
2017-10-29 19:50:02 -05:00
Joe Grandja
c3d2effc1d Polish OAuth2AuthorizedClientService
Fixes gh-4746
2017-10-29 20:25:03 -04:00
Joe Grandja
b496ad4d86 Polish OAuth2LoginAuthenticationToken
Fixes gh-4744
2017-10-29 19:21:41 -04:00
Rob Winch
8032baa296 Polish InMemoryClientRegistrationRepository
- use Map.get
- Construct with stream()
- Add tests
- Remove unnecessary unmodifiableCollection (already unmodifiable)

Fixes gh-4745
2017-10-29 18:07:49 -05:00
Rob Winch
f0c2944377 OAuth2AuthorizationResponse getAccessToken
No longer delegate to OAuth2AccessToken but add getAccessToken()

Fixes gh-4743
2017-10-29 17:12:46 -05:00
Joe Grandja
e4887057bc Rename AuthorizationGrantTokenExchanger -> OAuth2AccessTokenResponseClient
Fixes gh-4741
2017-10-29 17:49:15 -04:00
Joe Grandja
2a00232a5b Remove UserInfoRetreiver
Fixes gh-4740
2017-10-29 17:49:15 -04:00
Joe Grandja
6fbd435bdf OAuth2LoginAuthenticationFilter requires collaborators
Fixes gh-4661
2017-10-29 04:41:23 -04:00
Joe Grandja
b471dd1c54 Remove OAuth2TokenRepository
Fixes gh-4727
2017-10-28 21:40:33 -04:00
Joe Grandja
b1d56b5821 NimbusAuthorizationCodeTokenExchanger uses authorizationRequest.redirectUri
Fixes gh-4701
2017-10-28 21:30:40 -04:00
Joe Grandja
006319f19a UserInfoRetriever supports ParameterizedTypeReference
Fixes gh-4693
2017-10-28 19:26:04 -04:00
Joe Grandja
9dc4aa6c81 Make OidcUserInfo Serializable
Fixes gh-4733
2017-10-28 18:35:21 -04:00
Joe Grandja
83dc902ff7 Map CustomUserTypesOAuth2UserService using clientRegistrationId
Fixes gh-4692
2017-10-28 18:11:39 -04:00
Joe Grandja
0c68eb1821 Re-factor OAuth2AuthorizationCodeAuthenticationToken
Fixes gh-4730
2017-10-28 17:15:31 -04:00
Joe Grandja
64d8c8b8a9 Re-factor AuthorizationGrantTokenExchanger
Fixes gh-4728
2017-10-28 17:12:14 -04:00
Joe Grandja
16e69d06b4 Add OAuth2AuthorizedClientService
Fixes gh-4726
2017-10-28 17:12:14 -04:00