Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
Spring Security
8,295 Commits 29 Branches 320 Tags 104 MiB
Java 94.7%
Kotlin 4.8%
Groovy 0.3%
Go to file
Manuel Bleichenbacher 1e4736f9b3 Prevent double-escaping of authorize URL parameters 
If the authorization URL in the OAuth2 provider configuration contained query parameters with escaped characters, these characters were escaped a second time. This commit fixes it.

It is relevant to support the OIDC claims parameter (see https://openid.net/specs/openid-connect-core-1_0.html#ClaimsParameter).

Fixes gh-7871
 		2020-02-08 16:59:01 -05:00
.github Use https link to Stack Overflow 2019-06-19 12:44:43 -05:00
.idea Add Checkstyle configuration for IntelliJ IDEA 2019-08-09 16:21:30 -05:00
acl Polish PrincipalSid 2019-11-26 15:09:44 +01:00
aspects Remove redundant throws clauses 2019-08-23 01:03:54 +02:00
bom Use spring-build-conventions Bom plugin 2018-01-09 11:27:34 -06:00
buildSrc Create the rncToXsd Task lazily 2019-08-29 06:13:52 -05:00
cas fix checkstyle 2019-08-26 22:42:26 +02:00
config Don't force downcasting of RequestAttributes to ServletRequestAttributes 2020-02-07 20:18:50 -05:00
core Remove unnecessary instantiation in root 2019-11-07 10:26:02 +01:00
crypto Remove redundant throws clauses 2019-08-23 01:03:54 +02:00
data SecurityEvaluationContextExtension implements latest EvaluationContextExtension 2019-04-11 10:04:57 -04:00
docs Fix LDIF file example in LDAP docs 2020-01-20 11:32:53 +01:00
etc Add RSocket Support 2019-09-04 19:24:01 -05:00
gradle Update to org.slf4j 1.7.30 2020-02-04 15:04:46 -05:00
itest fix checkstyle 2019-08-26 22:42:26 +02:00
ldap Load LDIF file from classpath in unboundId mode 2020-01-21 17:12:18 +01:00
messaging Add Reactive Messaging CurrentSecurityContextPrincipalArgumentResolver 2019-09-27 12:52:19 -05:00
oauth2 Prevent double-escaping of authorize URL parameters 2020-02-08 16:59:01 -05:00
openid fix checkstyle 2019-08-26 22:42:26 +02:00
remoting Restore Removed Throws Clauses 2019-10-30 12:13:54 -06:00
rsocket Add Default RSocketSecurity 2019-09-09 16:10:55 -05:00
saml2/saml2-service-provider Polish SAML2 principal classes 2019-12-12 20:27:24 +01:00
samples Remove redundant validation for redirect-uri 2019-12-06 12:01:19 -05:00
scripts Add release-notes-sections.yml 2020-02-05 15:18:32 -05:00
taglibs Remove redundant throws clauses 2019-08-23 01:03:54 +02:00
test Isolate Jwt Test Support 2019-11-22 15:07:05 -07:00
web Set charset of BasicAuthenticationFilter converter 2020-01-23 16:24:03 +01:00
.editorconfig Use UTF-8 for Java sources and XML 2019-08-14 08:47:00 -05:00
.gitignore Add Checkstyle configuration for IntelliJ IDEA 2019-08-09 16:21:30 -05:00
.travis.yml Build using openjdk8 2019-08-05 09:35:41 -06:00
CODE_OF_CONDUCT.adoc URL Cleanup 2019-03-19 23:53:23 -05:00
CONTRIBUTING.md Use UTF-8 for Java sources and XML 2019-08-14 08:47:00 -05:00
Jenkinsfile Disable force milestone repository 2019-09-30 18:22:13 -05:00
README.adoc URL Cleanup 2019-03-19 23:53:23 -05:00
build.gradle Update the AspectJ Gradle Plugin to 4.0.2 2019-09-12 13:31:05 +01:00
class_mapping_from_2.0.x.txt SEC-1148: Simple classname mapping from 2.0 to 3.0 2009-12-02 22:44:30 +00:00
gradle.properties Next Development Version 2020-02-05 11:03:09 -05:00
gradlew Update to Gradle 5.6 2019-08-26 14:32:07 -05:00
gradlew.bat Update to Gradle 5.5 2019-07-11 22:15:42 -04:00
license.txt URL Cleanup 2019-03-14 15:46:20 -05:00
notice.txt URL Cleanup 2019-03-19 23:53:23 -05:00
settings.gradle Fix settings.gradle on Windows 2018-08-22 10:21:41 -05:00

README.adoc 

image::https://badges.gitter.im/Join%20Chat.svg[Gitter,link=https://gitter.im/spring-projects/spring-security?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge]

image:https://travis-ci.org/spring-projects/spring-security.svg?branch=master["Build Status", link="https://travis-ci.org/spring-projects/spring-security"]

= Spring Security

Spring Security provides security services for the https://docs.spring.io[Spring IO Platform]. Spring Security 5.0 requires Spring 5.0 as
a minimum and also requires Java 8.

For a detailed list of features and access to the latest release, please visit https://spring.io/projects[Spring projects].

== Code of Conduct
This project adheres to the Contributor Covenant link:CODE_OF_CONDUCT.adoc[code of conduct].
By participating, you  are expected to uphold this code. Please report unacceptable behavior to spring-code-of-conduct@pivotal.io.

== Downloading Artifacts
See https://github.com/spring-projects/spring-framework/wiki/Downloading-Spring-artifacts[downloading Spring artifacts] for Maven repository information.

== Documentation
Be sure to read the https://docs.spring.io/spring-security/site/docs/current/reference/htmlsingle/[Spring Security Reference].
Extensive JavaDoc for the Spring Security code is also available in the https://docs.spring.io/spring-security/site/docs/current/api/[Spring Security API Documentation].

== Quick Start
We recommend you visit https://docs.spring.io/spring-security/site/docs/current/reference/htmlsingle/[Spring Security Reference] and read the "Getting Started" page.

== Building from Source
Spring Security uses a https://gradle.org[Gradle]-based build system.
In the instructions below, https://vimeo.com/34436402[`./gradlew`] is invoked from the root of the source tree and serves as
a cross-platform, self-contained bootstrap mechanism for the build.

=== Prerequisites
https://help.github.com/set-up-git-redirect[Git] and the https://www.oracle.com/technetwork/java/javase/downloads[JDK8 build].

Be sure that your `JAVA_HOME` environment variable points to the `jdk1.8.0` folder extracted from the JDK download.

=== Check out sources
[indent=0]
----
git clone git@github.com:spring-projects/spring-security.git
----

=== Install all spring-\* jars into your local Maven cache
[indent=0]
----
./gradlew install
----

=== Compile and test; build all jars, distribution zips, and docs
[indent=0]
----
./gradlew build
----

Discover more commands with `./gradlew tasks`.
See also the https://github.com/spring-projects/spring-framework/wiki/Gradle-build-and-release-FAQ[Gradle build and release FAQ].

== Getting Support
Check out the https://stackoverflow.com/questions/tagged/spring-security[Spring Security tags on Stack Overflow].
https://spring.io/services[Commercial support] is available too.

== Contributing
https://help.github.com/articles/creating-a-pull-request[Pull requests] are welcome; see the https://github.com/spring-projects/spring-security/blob/master/CONTRIBUTING.md[contributor guidelines] for details.

== License
Spring Security is Open Source software released under the
https://www.apache.org/licenses/LICENSE-2.0.html[Apache 2.0 license].