spring-security

Commit Graph

Author	SHA1	Message	Date
Andrey Litvitski	2fda37de53	Fix equals nullability annotations for jspecify compliance In this commit, we added `@Nullable` to equals methods of classes that support `jspecify` for consistency with other Spring projects and to avoid bugs that caused other Spring projects to do this natively. Closes: gh-18929, gh-18927 Signed-off-by: Andrey Litvitski <andrey1010102008@gmail.com>	2 weeks ago
Joe Grandja	baad23caab	Enable null-safety in spring-security-oauth2-client Closes gh-17819	3 weeks ago
Robert Winch	9f8ac34c3b	Remove @NullUnmarked Closes gh-18491	2 months ago
Tran Ngoc Nhan	79815e044e	Fix typos Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>	3 months ago
Andrey Litvitski	9b61533db2	Mark `GrantedAuthority#getAuthority` as `@Nullable` Closes: gh-17999 Signed-off-by: Andrey Litvitski <andrey1010102008@gmail.com>	6 months ago
Rob Winch	d18431a78d	Move FACTOR_ constants to FactorGrantedAuthority Previously GrantedAuthorities had an implicit package tangle because it was located in ~.core and FactorGrantedAuthority is in ~.core.authority and FactorGrantedAuthority's authority property was implicitly expected to be constants found in `GrantedAuthorities`. This commit moves the constants to the FactorGrantedAuthority which resolves this tangle. It wasn't initially done because FactorGrantedAuthority did not exist at that time. Closes gh-18030	6 months ago
Rob Winch	3f74991ce9	Authentication adds FactorGrantedAuthority Closes gh-18001	6 months ago
Rob Winch	7f10897de3	SecurityMockMvcResultMatchers.withAuthorities(String...) Closes gh-17974	6 months ago
Rob Winch	b2d76dfe66	Add GrantedAuthorities.FACTOR_*_AUTHORITY Closes gh-17952	6 months ago
Josh Cummings	e8accd0499	Add Factory Authority When Authentication Succeeds Issue gh-17933	7 months ago
Josh Cummings	3a1692f3c3	Remove Direct Runtime Dependency on Access API Issue gh-17847	7 months ago
Josh Cummings	de10e08348	Make withRoles Check Only Roles This commit clarifies the semantics of withRoles, which is to check the role-based authorities in an authentication. Closes gh-17843	7 months ago
Rob Winch	6a84f96930	Enable Null checking in spring-security-test via JSpecify Closes gh-17840	7 months ago
Rob Winch	f6cb0bd610	Merge Use 2004-present Copyright Header The original merge into main did not apply the changes. This fixes it. Closes gh-17635	8 months ago
Rob Winch	392129b616	Use 2004-present Copyright Header The Spring portfolio is changing to use <inception-year>-present in the copyright headers to simplify keeping headers up to date. This commit updates the headers and the checkstyle accordingly. The commit updated etc/checkstyle/header.txt It also updated the copyright headers using the following find/replace: Find: (Copyright \d{4})\s*(\-\d{4})? the original author or authors. Replace: Copyright 2004-present the original author or authors. Closes gh-17633	8 months ago
Josh Cummings	2c87270dbc	Use authorizeHttpRequests Issue gh-15174	9 months ago
Josh Cummings	e9506776f1	Use PathPatternRequestMatcher in test Issue gh-16887	9 months ago
Joe Grandja	cfe38957d7	Remove Resource Owner Password Credentials grant Closes gh-17446	9 months ago
Josh Cummings	777447e1d9	Format authorizeHttpRequests Blocks This commit formats authorizeHttpRequests blocks to use the same parameter name and places the reference on the same line as the parameter. Issue gh-13067	10 months ago
Josh Cummings	13e738e733	Use HttpSecurity Lambda DSL in Test Issue gh-13067	10 months ago
Tran Ngoc Nhan	8e2067bb3e	Remove deprecated `MemberCategory#DECLARED_FIELDS` Issue gh-16889 Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>	11 months ago
Josh Cummings	ae82be70c3	Add Needed Runtime Hints Issue gh-16536	12 months ago
Daeho Kwon	9908d96644	DeferredCsrfToken Implements Supplier Closes gh-16870 Signed-off-by: Daeho Kwon <trewq231@naver.com>	1 year ago
Daeho Kwon	90dd31cae5	Replace dynamic error message with static "Access Denied" Closes gh-16514 Signed-off-by: Daeho Kwon <trewq231@naver.com>	1 year ago
Tran Ngoc Nhan	6c9071211f	Fix typo code tag Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>	1 year ago
Josh Cummings	36a408fb5e	Update Mocking of TestContext Recent Spring Framework changes to default to Mockito's STRICT stubbing mode requires that TestContext be mocked after the exection context has been fully instantiated Closes gh-15579	2 years ago
Steve Riesenberg	7c45ebd81c	Polish gh-15012	2 years ago
Filip Hrisafov	99aee99b34	Expose user name attribute name in `OAuth2UserAuthority`	2 years ago
Marcus Hert Da Coregio	08f11f06ab	Revert unnecessary commits from main Issue gh-15016	2 years ago
Marcus Hert Da Coregio	fccd9379d5	WebTestUtilsTestRuntimeHints implements RuntimeHintsRegistrar Closes gh-14399	2 years ago
Marcus Hert Da Coregio	92af758f1f	Make springSecurityHandlerMappingIntrospectorBeanDefinitionRegistryPostProcessor passive Instead of excluding the bean from AOT processing, we avoid redefining the beans if they are present or in the expected state. Issue gh-14362	2 years ago
Marcus Hert Da Coregio	364bc10e78	Add hints for CompositeFilterChainProxy Closes gh-14359	2 years ago
ahmd-nabil	dfef781e33	Add default implementation in UserDetails Closes gh-14275 Signed-off-by: ahmd-nabil <ahm3dnabil99@gmail.com>	2 years ago
Steve Riesenberg	9db33f33c7	Revert unnecessary merges on 6.0.x This commit removes unnecessary main-branch merges starting from `8750608b5b` and adds the following needed commit(s) that were made afterward: - `5dce82c48b`	2 years ago
Marcus Da Coregio	64e2a2ff8b	Apply updated Code Style Closes gh-13881	3 years ago
Tim te Beek	9df9cb5aed	refactor: AssertJ best practices Use this link to re-run the recipe: https://app.moderne.io/recipes/builder/bGVuS?organizationId=RGVmYXVsdA%3D%3D Co-authored-by: Moderne <team@moderne.io>	3 years ago
Kevin Park	02aa052fc7	Fix typo in method name	3 years ago
Laurent MARTELLI	5a7eb108c8	Fix Javadoc	3 years ago
Josh Cummings	bcc1cfc28a	Restore OAuth2AuthorizedClientRepository Test Instrumentation Closes gh-13113	3 years ago
Amal Krishna	8bec14009e	Fix typo in SecurityMockMvcResultMatchers.java Change the first parameter's name of the AuthenticatedMatcher.withAuthentication() method from assesrtAuthentication to assertAuthentication	3 years ago
Marcus Da Coregio	54117d7d27	Fix test suffix to align with checkstyle	3 years ago
Josh Cummings	a7562ad950	Update io.spring.javaformat to 0.0.38 Closes gh-12891	3 years ago
Marcus Da Coregio	52ed165476	Move classpath checks to class member variable Closes gh-11437	3 years ago
Marcus Da Coregio	c15f45d9ee	Only register hints for servlet applications Closes gh-12622	3 years ago
Marcus Da Coregio	1648151dd2	Register hints for @WithSecurityContext on class level Issue gh-12215	3 years ago
Marcus Da Coregio	177e11fbd7	Add WebTestUtils test runtime hints Closes gh-12216	3 years ago
Marcus Da Coregio	7094ee3710	Add runtime hints for annotations using @WithSecurityContext Closes gh-12215	3 years ago
Rob Winch	9cb668aec2	SessionManagementConfigurer properly defaults SecurityContextRepository Previously the default was an HttpSessionSecurityContextRepository which meant that if a stateless authentication occurred the SecurityContext would be lost on ERROR dispatch. This commit ensures that the RequestAttributeSecurityContextRepository is also consulted by default. Closes gh-12070	4 years ago
Steve Riesenberg	2a2051cd7b	Default to Xor CSRF tokens in CsrfFilter Issue gh-11960	4 years ago
Steve Riesenberg	440748ec65	Add test support for Xor CSRF tokens Issue gh-4001	4 years ago

1 2 3 4 5 ...

278 Commits (2970d2baf9bc1e478394b63500e705dc77dfd3b5)