spring-security

History

Rob Winch 6f5a443175 ServerBearerTokenAuthenticationConverter Handles Empty Tokens Previously ServerBearerTokenAuthenticationConverter would throw an IllegalArgumentException when the access token in a URI was empty String. It also incorrectly provided HttpStatus.BAD_REQUEST for an empty String access token in the headers. This changes ServerBearerTokenAuthenticationConverter to consistently throw a OAuth2AuthenticationException with an HttpStatus.UNAUTHORIZED Fixes gh-7011	2019-06-24 13:57:29 -06:00
..
src	ServerBearerTokenAuthenticationConverter Handles Empty Tokens	2019-06-24 13:57:29 -06:00
spring-security-oauth2-resource-server.gradle	Opaque Token Support	2019-02-07 12:40:12 -07:00

Rob Winch 6f5a443175 ServerBearerTokenAuthenticationConverter Handles Empty Tokens

Previously ServerBearerTokenAuthenticationConverter would throw an
IllegalArgumentException when the access token in a URI was empty String.
It also incorrectly provided HttpStatus.BAD_REQUEST for an empty String
access token in the headers.

This changes ServerBearerTokenAuthenticationConverter to consistently
throw a OAuth2AuthenticationException with an HttpStatus.UNAUTHORIZED

Fixes gh-7011

2019-06-24 13:57:29 -06:00

src

ServerBearerTokenAuthenticationConverter Handles Empty Tokens

2019-06-24 13:57:29 -06:00

spring-security-oauth2-resource-server.gradle

Opaque Token Support

2019-02-07 12:40:12 -07:00