Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
spring-security/oauth2
History
Rob Winch 6f5a443175 ServerBearerTokenAuthenticationConverter Handles Empty Tokens 
Previously ServerBearerTokenAuthenticationConverter would throw an
IllegalArgumentException when the access token in a URI was empty String.
It also incorrectly provided HttpStatus.BAD_REQUEST for an empty String
access token in the headers.

This changes ServerBearerTokenAuthenticationConverter to consistently
throw a OAuth2AuthenticationException with an HttpStatus.UNAUTHORIZED

Fixes gh-7011
 		2019-06-24 13:57:29 -06:00
..
oauth2-client Allow configurable accessible scopes for UserInfo resource 2019-06-20 10:32:58 -04:00
oauth2-core Add generic getClaim() method in ClaimAccessor 2019-06-19 13:45:59 -04:00
oauth2-jose Polish ClientRegistrations, (Reactive)JwtDecoders 2019-06-10 10:31:30 -06:00
oauth2-resource-server ServerBearerTokenAuthenticationConverter Handles Empty Tokens 2019-06-24 13:57:29 -06:00