9ebc52baba
Missing response_type in POST authorization request returns invalid_request
...
Closes gh-2226
2025-10-24 05:25:31 -04:00
c37f66c908
Merge branch '1.4.x' into 1.5.x
...
Closes gh-2220
2025-10-20 07:04:19 -04:00
94fe58edf2
Add comments to SQL-scripts to ensure robust timezone handling
...
Closes gh-2217
Signed-off-by: wheleph <wheleph@gmail.com >
2025-10-20 06:54:42 -04:00
ac2eaf4826
Return PAR endpoint metadata only when enabled
...
Closes gh-2219
2025-10-20 05:39:08 -04:00
d85f96a132
Polish gh-2182
2025-10-17 14:54:01 -04:00
125aeb68e6
PAR uses requested scopes on consent
...
PAR was missing the requested scopes when giving consent. Making consent authentications distinguish between requested and already authorized scopes.
Closes gh-2182
Signed-off-by: Willem van Dreumel <willem.vandreumel@edsn.nl >
2025-10-17 14:51:53 -04:00
ceb75e3135
Merge branch '1.4.x' into 1.5.x
...
Closes gh-2216
2025-10-17 11:15:20 -04:00
5352e3471f
Disallow usage of the openid scope in device authorization requests
...
Closes gh-2177
Signed-off-by: fine-pine <lsm3645@g.skku.edu >
2025-10-17 10:44:52 -04:00
6052cabd54
Merge branch '1.4.x' into 1.5.x
...
Closes gh-2172
2025-08-20 08:21:47 -04:00
b96e3d2302
Polish gh-2134
...
Issue gh-2111
Closes gh-2134
2025-08-20 08:20:51 -04:00
a94096b03c
Fix to return client_secret_expires_at in client registration response
...
Issue gh-2111
Closes gh-2134
Signed-off-by: wheleph <wheleph@gmail.com >
2025-08-20 08:20:13 -04:00
ccd79a446e
Polish gh-1949
2025-08-13 09:55:18 -04:00
76ae518d56
Increase request_uri expiry for OAuth2 Pushed Authorization Request
...
Closes gh-2024
2025-06-04 06:10:20 -04:00
c4e8427a3a
Merge branch '1.4.x'
2025-06-03 13:24:22 -04:00
b40b265ac5
Merge branch '1.3.x' into 1.4.x
2025-06-03 13:17:30 -04:00
fe4b5ada8c
Polish gh-1997
2025-06-03 09:30:40 -04:00
ce528eed9b
Check user code expiry and invalidity
...
Closes gh-1977
Signed-off-by: Antoine Lauzon <139174762+antoinelauzon-bell@users.noreply.github.com >
2025-06-03 09:27:27 -04:00
5bf66c305d
Polish logging in OAuth2ClientAuthenticationFilter
...
Closes gh-2025
2025-06-02 13:29:23 -04:00
90e6a795c4
Add documentation for OAuth 2.0 Pushed Authorization Requests (PAR)
...
Closes gh-2014
2025-05-15 11:59:21 -04:00
3debeb6f65
Add documentation for DPoP support
...
Closes gh-2009
2025-05-14 19:06:01 -04:00
86b5607a03
Fix DPoP jkt claim validation during refresh_token grant for public clients
...
Closes gh-2008
2025-05-14 06:16:14 -04:00
07f9621b02
Fix DPoP jkt claim to be JWK SHA-256 thumbprint
...
Closes gh-2007
2025-05-13 16:37:17 -04:00
23179507d5
Use OAuth2ParameterNames.REQUEST_URI
...
Issue gh-1925
Closes gh-1991
2025-04-22 06:06:31 -04:00
9dd5e2814a
Merge branch '1.4.x'
2025-04-21 21:33:45 -04:00
f43dce384d
Merge branch '1.3.x' into 1.4.x
2025-04-21 21:24:30 -04:00
c624d0a908
Revert "Fix client_secret_basic authentication failures and return challenge"
...
This reverts commit 42c18c856f
2025-04-21 21:15:05 -04:00
7e41e87142
Revert "Allow customizing client authentication failures with AuthenticationEntryPoint"
...
This reverts commit f415f2a52c
2025-04-21 21:05:05 -04:00
f415f2a52c
Allow customizing client authentication failures with AuthenticationEntryPoint
...
Signed-off-by: Joe Grandja <10884212+jgrandja@users.noreply.github.com >
2025-04-18 07:46:25 -04:00
9ecfe49658
Merge branch '1.4.x'
2025-04-18 06:17:46 -04:00
f3820e5601
Merge branch '1.3.x' into 1.4.x
...
Closes gh-1982
2025-04-18 06:10:21 -04:00
42c18c856f
Fix client_secret_basic authentication failures and return challenge
...
Closes gh-468
2025-04-18 05:45:25 -04:00
2dff08834c
Add authorization server metadata for OAuth 2.0 Pushed Authorization Requests (PAR)
...
Issue gh-1925
Closes gh-1975
2025-04-16 15:21:44 -04:00
4b78a5e991
Enforce one-time use for request_uri used in PAR
...
Issue gh-1925
Closes gh-1974
2025-04-16 06:26:33 -04:00
c82aace6d4
Polish tests
...
Issue gh-1925
2025-04-16 05:50:59 -04:00
39cb9bfcea
Validate expiry for request_uri used in PAR
...
Issue gh-1925
Closes gh-1973
2025-04-16 05:50:58 -04:00
5458e0855a
request_uri used in PAR must be bound to the client
...
Issue gh-1925
Closes gh-1971
2025-04-15 15:36:09 -04:00
65e3a5ec9b
Add authorization server metadata for DPoP support
...
Issue gh-1813
Closes gh-1951
2025-03-27 06:13:33 -04:00
48fd6ab60f
Verify DPoP Proof public key during refresh_token grant for public clients
...
Issue gh-1813
Closes gh-1949
2025-03-25 15:56:38 -04:00
81c25ef6cb
Fix test in OAuth2PushedAuthorizationRequestEndpointFilterTests
...
Issue gh-1925
2025-03-04 07:07:38 -05:00
30ebf1ecc6
Polish gh-1908
2025-03-04 06:35:00 -05:00
bbca6b02b7
Polish JdbcOAuth2AuthorizationService
...
Closes gh-1908
Signed-off-by: arefbehboudi <behboodiaref@gmail.com >
2025-03-04 06:34:01 -05:00
5bd47b6c2d
Polish gh-1907
2025-03-04 06:17:14 -05:00
2e9fe7e99e
Use pattern matching
...
Closes gh-1907
Signed-off-by: arefbehboudi <behboodiaref@gmail.com >
2025-03-04 06:17:13 -05:00
4337884e87
Add support for OAuth 2.0 Pushed Authorization Requests (PAR)
...
Closes gh-210
Signed-off-by: Joe Grandja <10884212+jgrandja@users.noreply.github.com >
2025-03-03 20:37:06 -05:00
629239fde1
Polish gh-1874
2025-02-24 14:41:17 -05:00
b0fca27c7b
Support POST for authorization code request flow
...
Closes gh-1811
Signed-off-by: sylvain-costanzo <sylvain.costanzo1@decathlon.com >
2025-02-24 12:06:38 -05:00
a5ce97fefe
Merge branch '1.4.x'
2025-02-14 12:09:28 -05:00
ded6faae76
Merge branch '1.3.x' into 1.4.x
2025-02-14 12:04:06 -05:00
29472a17a9
Polish gh-1889
2025-02-14 11:41:51 -05:00
8d4da24892
Fix device access token response error codes
...
Closes gh-1885
Signed-off-by: Nick Holloway <nick.holloway@pyrites.org.uk >
2025-02-14 11:39:08 -05:00
Joe Grandja
wheleph
Willem van Dreumel
fine-pine
Antoine Lauzon
arefbehboudi
sylvain-costanzo
Nick Holloway