94fe58edf2
Add comments to SQL-scripts to ensure robust timezone handling
...
Closes gh-2217
Signed-off-by: wheleph <wheleph@gmail.com>
2 months ago
ac2eaf4826
Return PAR endpoint metadata only when enabled
...
Closes gh-2219
2 months ago
d85f96a132
Polish gh-2182
2 months ago
125aeb68e6
PAR uses requested scopes on consent
...
PAR was missing the requested scopes when giving consent. Making consent authentications distinguish between requested and already authorized scopes.
Closes gh-2182
Signed-off-by: Willem van Dreumel <willem.vandreumel@edsn.nl>
2 months ago
5352e3471f
Disallow usage of the openid scope in device authorization requests
...
Closes gh-2177
Signed-off-by: fine-pine <lsm3645@g.skku.edu>
2 months ago
b96e3d2302
Polish gh-2134
...
Issue gh-2111
Closes gh-2134
4 months ago
a94096b03c
Fix to return client_secret_expires_at in client registration response
...
Issue gh-2111
Closes gh-2134
Signed-off-by: wheleph <wheleph@gmail.com>
4 months ago
ccd79a446e
Polish gh-1949
4 months ago
76ae518d56
Increase request_uri expiry for OAuth2 Pushed Authorization Request
...
Closes gh-2024
7 months ago
fe4b5ada8c
Polish gh-1997
7 months ago
ce528eed9b
Check user code expiry and invalidity
...
Closes gh-1977
Signed-off-by: Antoine Lauzon <139174762+antoinelauzon-bell@users.noreply.github.com>
7 months ago
5bf66c305d
Polish logging in OAuth2ClientAuthenticationFilter
...
Closes gh-2025
7 months ago
90e6a795c4
Add documentation for OAuth 2.0 Pushed Authorization Requests (PAR)
...
Closes gh-2014
7 months ago
3debeb6f65
Add documentation for DPoP support
...
Closes gh-2009
7 months ago
86b5607a03
Fix DPoP jkt claim validation during refresh_token grant for public clients
...
Closes gh-2008
7 months ago
07f9621b02
Fix DPoP jkt claim to be JWK SHA-256 thumbprint
...
Closes gh-2007
7 months ago
23179507d5
Use OAuth2ParameterNames.REQUEST_URI
...
Issue gh-1925
Closes gh-1991
8 months ago
c624d0a908
Revert "Fix client_secret_basic authentication failures and return challenge"
...
This reverts commit 42c18c856f
8 months ago
7e41e87142
Revert "Allow customizing client authentication failures with AuthenticationEntryPoint"
...
This reverts commit f415f2a52c
8 months ago
f415f2a52c
Allow customizing client authentication failures with AuthenticationEntryPoint
...
Signed-off-by: Joe Grandja <10884212+jgrandja@users.noreply.github.com>
8 months ago
42c18c856f
Fix client_secret_basic authentication failures and return challenge
...
Closes gh-468
8 months ago
2dff08834c
Add authorization server metadata for OAuth 2.0 Pushed Authorization Requests (PAR)
...
Issue gh-1925
Closes gh-1975
8 months ago
4b78a5e991
Enforce one-time use for request_uri used in PAR
...
Issue gh-1925
Closes gh-1974
8 months ago
c82aace6d4
Polish tests
...
Issue gh-1925
8 months ago
39cb9bfcea
Validate expiry for request_uri used in PAR
...
Issue gh-1925
Closes gh-1973
8 months ago
5458e0855a
request_uri used in PAR must be bound to the client
...
Issue gh-1925
Closes gh-1971
8 months ago
65e3a5ec9b
Add authorization server metadata for DPoP support
...
Issue gh-1813
Closes gh-1951
9 months ago
48fd6ab60f
Verify DPoP Proof public key during refresh_token grant for public clients
...
Issue gh-1813
Closes gh-1949
9 months ago
81c25ef6cb
Fix test in OAuth2PushedAuthorizationRequestEndpointFilterTests
...
Issue gh-1925
10 months ago
30ebf1ecc6
Polish gh-1908
10 months ago
bbca6b02b7
Polish JdbcOAuth2AuthorizationService
...
Closes gh-1908
Signed-off-by: arefbehboudi <behboodiaref@gmail.com>
10 months ago
5bd47b6c2d
Polish gh-1907
10 months ago
2e9fe7e99e
Use pattern matching
...
Closes gh-1907
Signed-off-by: arefbehboudi <behboodiaref@gmail.com>
10 months ago
4337884e87
Add support for OAuth 2.0 Pushed Authorization Requests (PAR)
...
Closes gh-210
Signed-off-by: Joe Grandja <10884212+jgrandja@users.noreply.github.com>
10 months ago
629239fde1
Polish gh-1874
10 months ago
b0fca27c7b
Support POST for authorization code request flow
...
Closes gh-1811
Signed-off-by: sylvain-costanzo <sylvain.costanzo1@decathlon.com>
10 months ago
29472a17a9
Polish gh-1889
10 months ago
8d4da24892
Fix device access token response error codes
...
Closes gh-1885
Signed-off-by: Nick Holloway <nick.holloway@pyrites.org.uk>
10 months ago
779d87a279
Add support for OAuth 2.0 Demonstrating Proof of Possession (DPoP)
...
Closes gh-1813
10 months ago
bf7f4f4af9
Bump next minor version
10 months ago
f1d54279e6
Replace deprecated fromHttpUrl with fromUriString
...
Closes gh-1883
Signed-off-by: Loren <cn.luowenjie@qq.com>
11 months ago
1f28280e7b
Add Override annotation
...
Closes gh-1878
Signed-off-by: Loren <cn.luowenjie@qq.com>
11 months ago
d238794229
Polish diamond operator
...
Closes gh-1848
1 year ago
ed0265bf02
Polish
...
Closes gh-1842
1 year ago
e8f627f01e
Use empty map for missing additional parameters
...
Closes gh-1826
1 year ago
572255bebe
Use toLower/toUpperCase with Locale argument
...
Closes gh-1790
1 year ago
c6c20b9dba
AOT contributions will be registered for JbcOAuth2AuthorizationService subclasses
...
Prior to this commit, String-based class name comparisons were used for determining if a bean was of type JdbcOAuth2AuthorizationService or
JdbcRegisteredClientRepository.
Now JdbcOAuth2AuthorizationService.class.isAssignableFrom(...) and JdbcRegisteredClientRepository.class.isAssignableFrom(...) is used so that any subclasses are
detected and the necessary AOT hints are contributed.
Closes gh-1778
1 year ago
145599b44a
Replace DelegatingAuthenticationConverter with one in Spring Security
...
Closes gh-1736
1 year ago
68300d4cf9
Polish gh-1729
1 year ago
8c297b1252
Fix verification_uri in device authorization response when context path exists
...
Closes gh-1714
1 year ago
wheleph
Joe Grandja
Willem van Dreumel
fine-pine
Antoine Lauzon
arefbehboudi
sylvain-costanzo
Nick Holloway
Loren
Tran Ngoc Nhan
Leon Linhart
William Koch
Max Batischev
Selene Feigl