spring-authorization-server

Commit Graph

Author	SHA1	Message	Date
Joe Grandja	fe4b5ada8c	Polish gh-1997	10 months ago
Antoine Lauzon	ce528eed9b	Check user code expiry and invalidity Closes gh-1977 Signed-off-by: Antoine Lauzon <139174762+antoinelauzon-bell@users.noreply.github.com>	10 months ago
Joe Grandja	86b5607a03	Fix DPoP jkt claim validation during refresh_token grant for public clients Closes gh-2008	11 months ago
Joe Grandja	07f9621b02	Fix DPoP jkt claim to be JWK SHA-256 thumbprint Closes gh-2007	11 months ago
Joe Grandja	23179507d5	Use OAuth2ParameterNames.REQUEST_URI Issue gh-1925 Closes gh-1991	11 months ago
Joe Grandja	c624d0a908	Revert "Fix client_secret_basic authentication failures and return challenge" This reverts commit `42c18c856f`.	11 months ago
Joe Grandja	7e41e87142	Revert "Allow customizing client authentication failures with AuthenticationEntryPoint" This reverts commit `f415f2a52c`.	11 months ago
Joe Grandja	f415f2a52c	Allow customizing client authentication failures with AuthenticationEntryPoint Signed-off-by: Joe Grandja <10884212+jgrandja@users.noreply.github.com>	12 months ago
Joe Grandja	42c18c856f	Fix client_secret_basic authentication failures and return challenge Closes gh-468	12 months ago
Joe Grandja	2dff08834c	Add authorization server metadata for OAuth 2.0 Pushed Authorization Requests (PAR) Issue gh-1925 Closes gh-1975	12 months ago
Joe Grandja	4b78a5e991	Enforce one-time use for request_uri used in PAR Issue gh-1925 Closes gh-1974	12 months ago
Joe Grandja	c82aace6d4	Polish tests Issue gh-1925	12 months ago
Joe Grandja	39cb9bfcea	Validate expiry for request_uri used in PAR Issue gh-1925 Closes gh-1973	12 months ago
Joe Grandja	5458e0855a	request_uri used in PAR must be bound to the client Issue gh-1925 Closes gh-1971	12 months ago
Joe Grandja	65e3a5ec9b	Add authorization server metadata for DPoP support Issue gh-1813 Closes gh-1951	1 year ago
Joe Grandja	48fd6ab60f	Verify DPoP Proof public key during refresh_token grant for public clients Issue gh-1813 Closes gh-1949	1 year ago
Joe Grandja	81c25ef6cb	Fix test in OAuth2PushedAuthorizationRequestEndpointFilterTests Issue gh-1925	1 year ago
Joe Grandja	4337884e87	Add support for OAuth 2.0 Pushed Authorization Requests (PAR) Closes gh-210 Signed-off-by: Joe Grandja <10884212+jgrandja@users.noreply.github.com>	1 year ago
Joe Grandja	629239fde1	Polish gh-1874	1 year ago
sylvain-costanzo	b0fca27c7b	Support POST for authorization code request flow Closes gh-1811 Signed-off-by: sylvain-costanzo <sylvain.costanzo1@decathlon.com>	1 year ago
Joe Grandja	29472a17a9	Polish gh-1889	1 year ago
Nick Holloway	8d4da24892	Fix device access token response error codes Closes gh-1885 Signed-off-by: Nick Holloway <nick.holloway@pyrites.org.uk>	1 year ago
Joe Grandja	779d87a279	Add support for OAuth 2.0 Demonstrating Proof of Possession (DPoP) Closes gh-1813	1 year ago
Tran Ngoc Nhan	d238794229	Polish diamond operator Closes gh-1848	1 year ago
William Koch	c6c20b9dba	AOT contributions will be registered for JbcOAuth2AuthorizationService subclasses Prior to this commit, String-based class name comparisons were used for determining if a bean was of type JdbcOAuth2AuthorizationService or JdbcRegisteredClientRepository. Now JdbcOAuth2AuthorizationService.class.isAssignableFrom(...) and JdbcRegisteredClientRepository.class.isAssignableFrom(...) is used so that any subclasses are detected and the necessary AOT hints are contributed. Closes gh-1778	1 year ago
Joe Grandja	68300d4cf9	Polish gh-1729	2 years ago
Selene Feigl	8c297b1252	Fix verification_uri in device authorization response when context path exists Closes gh-1714	2 years ago
Joe Grandja	2c7975485f	Simplify configuring authorization server using HttpSecurity.with() Closes gh-1707	2 years ago
Joe Grandja	4d1e2d9711	Polish gh-1723	2 years ago
Daniel Garnier-Moiroux	acd4fd0227	Support custom validation in OidcLogoutAuthenticationProvider - Similar to custom validation in OAuth2AuthorizationCodeRequestAuthenticationProvider Closes gh-1693	2 years ago
Joe Grandja	8edbc26b18	Add convenience method for invalidating an OAuth2Token Closes gh-1717	2 years ago
Joe Grandja	82413f4a3e	Fix tests	2 years ago
Joe Grandja	f885df4343	Allow customizing LogoutHandler in OidcLogoutEndpointFilter Closes gh-1244	2 years ago
Joe Grandja	19dfcd4ba9	Add support for OpenID Connect 1.0 prompt=none parameter Closes gh-501	2 years ago
Joe Grandja	1fcd0046dd	Polish gh-1680	2 years ago
aijaz2	48115faee7	Fix empty code parameter in CodeVerifierAuthenticator Closes gh-1680	2 years ago
MrJovanovic13	72d7fb195e	Fix json deserialization of multi-valued authorization request parameters Closes gh-1666	2 years ago
Joe Grandja	ab6f4e4186	Revert "AuthorizationServerContext is accessible in custom consent controller" This reverts commit `9addcf65b3`. Closes gh-1668 in 1.2.x	2 years ago
Joe Grandja	9addcf65b3	AuthorizationServerContext is accessible in custom consent controller Closes gh-1668	2 years ago
Joe Grandja	413363b130	Polish gh-1667	2 years ago
sealte	1125b37b8e	Add authenticationDetailsSource to OAuth2TokenRevocationEndpointFilter Closes gh-1634	2 years ago
Joe Grandja	520fe25ba4	Fix to allow multiple public client registrations Closes gh-1641	2 years ago
Joe Grandja	e3c6effeea	X509 client certificate authentication triggers when client id is provided Closes gh-1635	2 years ago
Joe Grandja	448a782e29	Fix checkstyle violations for test module in 1.3.x Issue gh-1624	2 years ago
Joe Grandja	9d336ebd65	Fix checkstyle violations for test module in 1.2.x Issue gh-1624	2 years ago
Joe Grandja	00e7d6703d	Fix checkstyle violations for test module Issue gh-1624	2 years ago
Joe Grandja	320176a67b	Apply Spring formatting to 1.3.x Issue gh-1616	2 years ago
Joe Grandja	9be1438c25	Apply Spring formatting to 1.2.x Issue gh-1616	2 years ago
Joe Grandja	9219125b14	Apply Spring formatting Issue gh-1616	2 years ago
Joe Grandja	9e8d7fc233	Preserve manual formatting Issue gh-1616	2 years ago

1 2 3 4 5 ...

468 Commits (5dfd165bc5823fcaeb5b13729065e49625ebd3ea)