Fixes an issue where custom status codes in the error response cause an
IllegalArgumentException to be thrown when resolving an HttpStatus.
Closes gh-9741
Add setAllowMultipleAuthorizationRequests allowing applications to
revert to the previous functionality should they need to do so.
Closes gh-5145
Intentionally regresses gh-5110
1. update OAuth2LoginAuthenticationProvider to use
OAuth2AuthorizationCodeAuthenticationProvider
2. apply fix gh-5368 for OAuth2AuthorizationCodeAuthenticationProvider
to return additionalParameters value from accessTokenResponse
Fixes gh-5633
Rename OAuth2AuthorizedClientServiceReactiveOAuth2AuthorizedClientManager to AuthorizedClientServiceReactiveOAuth2AuthorizedClientManager.
Handle empty mono returned from contextAttributesMapper.
Handle empty map returned from contextAttributesMapper.
Fix DefaultContextAttributesMapper so that it doesn't access ServerWebExchange.
Fix unit tests so that they pass.
Use StepVerifier in unit tests, rather than .subscribe().
Fixes gh-7569
ReactiveOAuth2AuthorizedClientServiceReactiveOAuth2AuthorizedClientManager is reactive
version of AuthorizedClientServiceOAuth2AuthorizedClientManager
Fixes: gh-7569
OpenID Connect Discovery 1.0 expects the OpenId Provider Metadata
response is expected to return a valid jwks_uri, however, this field is
optional in the Authorization Server Metadata response as per RFC 8414
specification.
Fixes gh-7512
Previously, saveAuthorizedClient never actually saved the authorized
client, because it ignored the Mono<Void> returned from
authorizedClientRepository.saveAuthorizedClient.
Now, it does not ignore the Mono<Void> returned from
authorizedClientRepository.saveAuthorizedClient, and includes it in
the stream, and therefore it will properly save the authorized client.
Fixes gh-7546
Improve handling of IOException to report an
AuthenticationServiceExceptionThere are many reasons that a
DefaultReactiveOAuth2UserService might fail due to an IOException
(i.e. SSLHandshakeException). In those cases we should use a
AuthenticationServiceException so that users are aware there is likely
some misconfiguration.
Fixes gh-7370
Dirties the WebSession by putting the amended AUTHORIZATION_REQUEST map into
the WebSession even it was already in the map. This causes common SessionRepository
implementations like Redis to persist the updated attribute.
Fixes gh-7327
Author: Andreas Kluth <mail@andreaskluth.net>
Steve Riesenberg
Steve Riesenberg
Rob Winch
Craig Andrews
Benjamin Faal
Joe Grandja
Ruby Hartono
Martin Nemec
Joe Grandja
Stephane Maldini
Phil Clay
Ankur Pathak
Josh Cummings
Rafiullah Hamedy
Everett Irwin
Mark Heckler
Eddú Meléndez
Andreas Kluth