2e2c9ea286
Fix registration access token cannot be deserialized
...
Change the authorized scopes Set from SingletonSet to UnmodifiableSet as there is no mixin registered for SingletonSet
Closes gh-495
4 years ago
82e4f3a345
Introduce OidcUserInfoAuthenticationContext
...
Issue gh-441
4 years ago
9b60ed23e1
Polish OAuth2AuthorizationConsentAuthenticationContext
...
Issue gh-470
4 years ago
332d1cc318
Polish gh-492
4 years ago
8defe2eb3a
ProviderSettings @Bean is required
...
Issue gh-373
4 years ago
830f55e538
Revert "Support resolving issuer from current request"
...
This reverts commit 666d569b48
4 years ago
c418306fd9
Polish Authorization Consent Deny Request
...
Issue gh-470
4 years ago
f0b19f30d1
Deprecate PasswordEncoder in JdbcRegisteredClientRepository
...
Closes gh-496
4 years ago
666d569b48
Support resolving issuer from current request
...
Closes gh-479
4 years ago
646ea00db2
Add @since
...
Issue gh-427
4 years ago
d4357197c9
Polish gh-470
4 years ago
4ce999c014
Customize OAuth2AuthorizationConsent prior to saving
...
Closes gh-436
4 years ago
5fa1e8e3b1
Allow subclassing OAuth2AuthenticationContext
...
Closes gh-492
4 years ago
b455268fa1
Polish OAuth2ClientAuthenticationProviderTests
4 years ago
25c4a7d541
Polish test gh-448
4 years ago
088d9a8e34
Require code_verifier if code_challenge provided
...
Closes gh-453
4 years ago
defd1f90b8
Polish gh-448
4 years ago
c9954af084
Customize authenticationDetailsSource of OAuth2TokenEndpointFilter
...
Closes gh-431
4 years ago
c7f01f0795
Polish gh-427
4 years ago
37e45619ae
Implement Client Configuration Endpoint
...
See: https://openid.net/specs/openid-connect-registration-1_0.html#ClientConfigurationEndpoint
Generate registration_client_uri and registration_access_token when registering a new client (see: https://openid.net/specs/openid-connect-registration-1_0.html#ClientRegistration )
Closes gh-355
4 years ago
72c5e24ab8
Polish gh-441
4 years ago
8e8e6d1b17
Implement User Info Endpoint
...
Closes gh-176
4 years ago
9667229429
Initial implementation of User Info Endpoint
...
Issue gh-176
4 years ago
33bac0f7c2
JdbcOAuth2AuthorizationService now uses LobCreator in findBy method
...
Closes gh-455
4 years ago
63c248440c
Fix PKCE tests in OAuth2ClientAuthenticationProviderTests
4 years ago
71be32b245
Add support for deserializing LinkedHashSet
...
This is needed because OAuth2ClientCredentialsAuthenticationProvider stores authorized scopes in a LinkedHashSet.
Closes gh-457
4 years ago
4b19637fbb
Update RegisteredClient.Builder to use getters
...
- Since the class is not final, it is possible to extend it.
Because the Builder was directly accessing the properties
rather than using the getters, it was not possible to use
the .from(id) constructor in the extended class.
Closes gh-451
4 years ago
26f15b99bb
Make OAuth2ClientAuthenticationToken @Transient
4 years ago
298ebc7c01
Avoid client secret double encoding when updating a registered client
...
This might have to be revisited at a later point, but to check if a value is encoded or not is quite tricky. The decision was to remove client_secret and client_secret_expires_at from the update statement
Closes gh-389
4 years ago
0735abdaad
Polish gh-411
4 years ago
0dfe5cb44a
Fix cancel consent functionality on default consent page
...
- Fix also applies to custom consent sample
Closes gh-393
4 years ago
4ccdd2baf4
OAuth2TokenIntrospectionAuthenticationProvider checks for null issuer
...
Closes gh-438
4 years ago
e4ce97b887
Access token is active after revoke then refresh
...
Closes gh-432
4 years ago
aaeca70b4c
Removed an empty statement
4 years ago
8e8979af60
Next Development Version
5 years ago
f3f69b300f
Authorization failure does not clear current Authentication
...
Closes gh-409
5 years ago
f3c29bd545
Use OAuth2AuthenticationException(String errorCode)
...
Closes gh-402
5 years ago
ea1f95b4ed
Replace stream usage with for loops
...
Closes gh-401
5 years ago
42d611828a
Polish OAuth2TokenCustomizer
5 years ago
9388002158
Add javadoc for OAuth2TokenCustomizer
...
Issue gh-199
5 years ago
1d4dcddc11
Polish loopback address validation in DefaultRedirectUriOAuth2AuthenticationValidator
...
Changed loopback address validation from regex to explicit
validation using IPv4 loopback address range and IPv6 address.
Issue gh-243
5 years ago
3ee47efff7
Disable Oidc client registration by default
...
Closes gh-398
5 years ago
fe27e39c5d
Extract configurer for OpenID Connect 1.0 support
...
Issue gh-398
5 years ago
7680505eed
Move OAuth2AuthorizationCode
...
Closes gh-395
5 years ago
d15a68514d
Polish OAuth2Authorization
5 years ago
53ed5b8481
Polish OAuth2TokenContext
5 years ago
c89f2f3819
Polish PublicClientAuthenticationConverter
5 years ago
ebecb2a7f6
Polish ClientSecretPostAuthenticationConverter
5 years ago
4995acc825
Polish ClientSecretBasicAuthenticationConverter
5 years ago
a4a61fcf50
Polish ConfigurationSettingNames
5 years ago
Ovidiu Popa
Joe Grandja
Steve Riesenberg
Daniel Garnier-Moiroux
figozhang
Ido Salomon
Alexey Makarov
Sarah McAlear
Dmitriy Dubson
Kirat Kumar
Anoop Garlapati