spring-security

History

Philipp Neuschwander 6db58cbf8a Conditionally resolve bearer token from request parameters Before this commit, the DefaultBearerTokenResolver unconditionally resolved the request parameters to check whether multiple tokens are present in the request and reject those requests as invalid. This commit changes this behaviour to resolve the request parameters only if parameter token is supported for the specific request according to spec (RFC 6750). Closes gh-10326	2021-10-13 17:10:50 -05:00
..
src	Conditionally resolve bearer token from request parameters	2021-10-13 17:10:50 -05:00
spring-security-oauth2-resource-server.gradle	Restore ManagementConfigurationPlugin	2021-10-05 11:23:29 -03:00

Philipp Neuschwander 6db58cbf8a Conditionally resolve bearer token from request parameters

Before this commit, the DefaultBearerTokenResolver unconditionally
resolved the request parameters to check whether multiple tokens
are present in the request and reject those requests as invalid.

This commit changes this behaviour to resolve the request parameters
only if parameter token is supported for the specific request
according to spec (RFC 6750).

Closes gh-10326

2021-10-13 17:10:50 -05:00

src

Conditionally resolve bearer token from request parameters

2021-10-13 17:10:50 -05:00

spring-security-oauth2-resource-server.gradle

Restore ManagementConfigurationPlugin

2021-10-05 11:23:29 -03:00