438 Commits

Author SHA1 Message Date
Rob Winch
dca4858d81 Lock dependencies 2021-02-11 13:00:32 -06:00
Rob Winch
ec8f6014d4 Revert "Lock dependencies"
This reverts commit fa5f789bebe26da0e9b49dde0b0563755b43a25d.
2021-02-11 09:51:54 -06:00
Rob Winch
fa5f789beb Lock dependencies 2021-02-11 08:53:40 -06:00
Benjamin Faal
0f7360e8fa Make user info response status check error only
Closes gh-9336
2021-01-25 10:46:07 -05:00
Josh Cummings
7c2010f507
Revert "Lock Dependencies for 5.3.6"
This reverts commit a153012056d4678109a0085ae43b1b146d203fa6.
2020-12-02 19:32:03 -07:00
Josh Cummings
a153012056
Lock Dependencies for 5.3.6 2020-12-02 16:31:52 -07:00
Josh Cummings
2dcfda7fac
Revert "Lock Dependencies for 5.3.5.RELEASE"
This reverts commit 846a5a962c1bb9de82e8ddbbc995ce4c83830f6e.
2020-10-07 16:39:28 -06:00
Josh Cummings
846a5a962c
Lock Dependencies for 5.3.5.RELEASE 2020-10-07 13:18:01 -06:00
Eleftheria Stein
d8bef76a0f Unlock dependencies
This reverts commit b619d298aa9f0477311397e261aae217c239d5d9.
2020-08-05 18:18:02 +02:00
Eleftheria Stein
b619d298aa Lock Dependencies for 5.3.4.RELEASE 2020-08-05 12:33:31 +02:00
Dennis Neufeld
57db8e5d4a Add OAuth2AuthenticationException to allowlist
Add mixins for
- OAuth2AuthenticationException
- OAuth2Error

Closes gh-8797
2020-07-21 10:15:44 -04:00
Eleftheria Stein
7af5804d56 Compare Timestamps up to the millisecond
Issue gh-8782
2020-07-01 11:30:27 +02:00
Joe Grandja
38c1e3ffa8 OAuth2LoginAuthenticationWebFilter should handle OAuth2AuthorizationException
Issue gh-8609
2020-06-09 15:27:32 -04:00
Joe Grandja
acf56f24a6 OAuth2AuthorizationCodeGrantWebFilter should handle OAuth2AuthorizationException
Fixes gh-8609
2020-06-09 15:21:07 -04:00
Josh Cummings
bbd2a9ebae
Revert "Lock Dependencies for 5.3.3.RELEASE"
This reverts commit 116bfe01e6de3bf7cfa06a94f20373f6345b89f0.
2020-06-03 16:11:59 -06:00
Josh Cummings
116bfe01e6
Lock Dependencies for 5.3.3.RELEASE 2020-06-03 13:14:07 -06:00
Joe Grandja
413dfc8679 Unlock dependencies
This reverts commit a61145f74c1b39dc3bc0620da3988daa9a02bb85.
2020-05-06 15:29:45 -04:00
Joe Grandja
a61145f74c Lock dependencies for 5.3.2.RELEASE 2020-05-06 15:06:08 -04:00
Stav Shamir
6f2359ccae Support update when saving with JdbcOAuth2AuthorizedClientService
Before this commit, JdbcOAuth2AuthorizedClientService threw DuplicateKeyException when re-authorizing or when authorizing the same user from a different client.

This commit makes JdbcOAuth2AuthorizedClientService's saveAuthorizedClient method consistent with that of InMemoryOAuth2AuthorizedClientService.

Fixes gh-8425
2020-04-29 09:18:54 -04:00
Joe Grandja
a78872f268 Unlock dependencies for 5.3.1.RELEASE
This reverts commit 88c02684bb54effb483d460031f5007610851f80.
2020-03-31 17:53:13 -04:00
Joe Grandja
88c02684bb Lock dependencies for 5.3.1.RELEASE 2020-03-31 17:28:36 -04:00
Ruby Hartono
45eb34c9a6 Improve OAuth2LoginAuthenticationProvider
1. update OAuth2LoginAuthenticationProvider to use
OAuth2AuthorizationCodeAuthenticationProvider
2. apply fix gh-5368 for OAuth2AuthorizationCodeAuthenticationProvider
to return additionalParameters value from accessTokenResponse

Fixes gh-5633
2020-03-30 21:08:59 -04:00
Martin Nemec
dfc25dc245 OAuth2 ClientRegistrations NPE fix when userinfo missing
Fixes gh-8187
2020-03-27 06:13:50 -04:00
Joe Grandja
a1bcd4ed00 Fix OAuth2AuthorizationRequest additionalParameters/attributes Consumer
Fixes gh-8177
2020-03-24 13:59:36 -04:00
Joe Grandja
2d8242c5c1 Assign sensible default for OAuth2AuthorizedClientProvider
Fixes gh-8150
2020-03-19 11:50:48 -04:00
Josh Cummings
6eadf7b140
Unlock dependencies for 5.3.0.RELEASE
This reverts commit 147d7dadd7e449e1e8347f9a0b3959c7abf095dc.
2020-03-04 12:02:48 -07:00
Josh Cummings
147d7dadd7
Lock dependencies for 5.3.0.RELEASE 2020-03-04 10:28:39 -07:00
Josh Cummings
968ebb194b
baseUrl placeholder for OidcLogoutSuccessHandlers
Fixes gh-7842
2020-02-25 13:35:50 -07:00
Joe Grandja
fa73b1397a Add missing @FunctionalInterface in oauth2 modules
Fixes gh-8020
2020-02-24 11:53:30 -05:00
Joe Grandja
3e5600f83f Add configurable Clock in OidcIdTokenValidator
Fixes gh-8019
2020-02-24 11:21:03 -05:00
Joe Grandja
7734d049eb Polish javadoc gh-7511 2020-02-24 10:35:58 -05:00
Joe Grandja
d32c98b1c5 Add OAuth2AuthorizeRequest.Builder.principal(String)
Fixes gh-8018
2020-02-24 09:58:38 -05:00
Joe Grandja
c6da7b2dd6 Polish gh-7840 2020-02-24 09:28:00 -05:00
Joe Grandja
65b5d468fb Deprecate UnAuthenticatedServerOAuth2AuthorizedClientRepository
Fixes gh-8016
2020-02-24 06:50:58 -05:00
Joe Grandja
4e2f1988f2 Polish Fix package tangles
Issue #7699 #7840
2020-02-24 06:42:00 -05:00
Joe Grandja
82cd203791 Remove unnecessary mocking
Fixes gh-8012
2020-02-23 19:35:16 -05:00
Joe Grandja
c8cc9717c9 Fix package tangles
Issue #7699 #7840
2020-02-23 07:24:36 -05:00
Joe Grandja
f2da2c56be Resolve OAuth2Error from WWW-Authenticate header
Issue gh-7699
2020-02-21 15:12:58 -05:00
Joe Grandja
69156b741d Add OAuth2Authorization success/failure handlers
Fixes gh-7840
2020-02-21 15:12:58 -05:00
Joe Grandja
23ce717380 Simplify customizing OAuth2AuthorizationRequest
Fixes gh-7696
2020-02-19 06:22:07 -05:00
Joe Grandja
de8b558561 Add JDBC implementation of OAuth2AuthorizedClientService
Fixes gh-7655
2020-02-13 12:17:29 -05:00
Joe Grandja
0809c04aa2 OAuth2AuthorizationCodeGrantWebFilter matches on query parameters
Fixes gh-7966
2020-02-10 15:11:04 -05:00
Joe Grandja
3c86239b39 OAuth2AuthorizationCodeGrantFilter matches on query parameters
Fixes gh-7963
2020-02-10 05:13:47 -05:00
Stephane Maldini
851be025e9 Don't force downcasting of RequestAttributes to ServletRequestAttributes
Fixes gh-7952
2020-02-07 20:44:19 -05:00
Eleftheria Stein
84b8a5abd7 Unlock dependencies for next development version
This reverts commit 064616f1ef077cf23028d64b61b1452be0ec9eb1.
2020-02-05 15:53:04 +01:00
Eleftheria Stein
064616f1ef Lock dependencies for 5.3.0.RC1 2020-02-05 10:20:05 +01:00
Joe Grandja
25d029b092 Fix test gh-7873 2020-02-04 12:00:55 -05:00
Joe Grandja
04f3fe8af9 Add Jackson support for oauth2-client session related classes
Fixes gh-4886
2020-02-04 09:01:12 -05:00
Phil Clay
e5fca61810 Introduce Reactive OAuth2Authorization success/failure handlers
All ReactiveOAuth2AuthorizedClientManagers now have authorization success/failure handlers.
A success handler is provided to save authorized clients for future requests.
A failure handler is provided to remove previously saved authorized clients.

ServerOAuth2AuthorizedClientExchangeFilterFunction also makes use of a
failure handler in the case of unauthorized or forbidden http status code.

The main use cases now handled are
- remove authorized client when an authorization server indicates that a refresh token is no longer valid (when authorization server returns invalid_grant)
- remove authorized client when a resource server indicates that an access token is no longer valid (when resource server returns invalid_token)

Introduced ClientAuthorizationException to capture details needed when removing an authorized client.
All ReactiveOAuth2AccessTokenResponseClients now throw a ClientAuthorizationException on failures.

Created AbstractWebClientReactiveOAuth2AccessTokenResponseClient to unify common logic between all ReactiveOAuth2AccessTokenResponseClients.

Fixes gh-7699
2020-01-16 15:24:55 -05:00
Eleftheria Stein
fcc6457bef Unlock dependencies for next development version
This reverts commit 93acf8f0f11e2811b7d4241b26f712674978f3f7.
2020-01-08 22:15:17 +01:00