spring-security

Commit Graph

Author	SHA1	Message	Date
Steve Riesenberg	9d442c13de	Mark password grant for removal This commit also updates link to the document "Best Current Practice for OAuth 2.0 Security" to point to RFC 9700. Closes gh-16913	12 months ago
Steve Riesenberg	197ee38aa0	Mark deprecated response clients for removal Issue gh-16913	12 months ago
Tran Ngoc Nhan	d864e51ff6	Format OpaqueTokenIntrospector Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>	12 months ago
Tran Ngoc Nhan	d899bc5240	Polish javadoc Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>	12 months ago
Steve Riesenberg	1fb3fc80f9	Polish gh-15819 Closes gh-15818	1 year ago
Jonah Klöckner	9674532f4d	Add support for access token in body parameter as per rfc 6750 Sec. 2.2 Issue gh-15818	1 year ago
Steve Riesenberg	3c0fef59b5	Polish gh-16039 Closes gh-16038	1 year ago
Jonah Klöckner	da94fbe431	Evaluate URI query parameter only if enabled Issue gh-16038	1 year ago
Josh Cummings	2885b0f75f	Add valueOf This commit adds a static factory for returning a constant ClientAuthenticationMethod or creating a new one when there is no match. Issue gh-16825	1 year ago
Tran Ngoc Nhan	7bca17cb5a	Polish Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>	1 year ago
Josh Cummings	99345537d6	Add RequestMatcher Migration Path for AbstractAuthenticationProcessingFilter Issue gh-16417	1 year ago
Steve Riesenberg	860f130bc4	Add additional validation when refreshing ID tokens Issue gh-16589	1 year ago
Steve Riesenberg	5f98ce5ecc	Polish gh-16589	1 year ago
Josh Cummings	de07b1108f	Use PathPatternRequestMatcher in Web Components This commit changes filters and resolvers that were using AntPathRequestMatcher as their default to using PathPatternRequestMatcher. Issue gh-16632	1 year ago
Josh Cummings	56e757a2a1	Provide Authentication to AuthenticationExceptions Issue gh-16444	1 year ago
Tran Ngoc Nhan	a53ca7c3d0	Update ServerOAuth2AuthorizedClientExchangeFilterFunction javadoc Closes gh-16555 Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>	1 year ago
Josh Cummings	cfe70a5fc7	Restore authorizedClientParametersMapper Assertion Issue gh-16726	1 year ago
Max Batischev	6c24a1e717	Improve JdbcOAuth2AuthorizedClientService saveAuthorizedClient Closes gh-16726 Signed-off-by: Max Batischev <mblancer@mail.ru>	1 year ago
Steve Riesenberg	5bb5d0f6be	Polish gh-16589	1 year ago
Hao	fc1469ad5e	Ensure ID Token is updated after refresh token Signed-off-by: Hao <kyrieeeee2@gmail.com>	1 year ago
Rob Winch	adb303e152	Add testRuntimeOnly junit-platform-launcher Closes gh-16755	1 year ago
Steve Riesenberg	0938ca01a4	Add support for automatic context-propagation with Micrometer Closes gh-16665	1 year ago
Vedran Pavic	401e237082	Introduce JwtAudienceValidator Signed-off-by: Vedran Pavic <vedran@vedranpavic.com>	1 year ago
Josh Cummings	7df85a2ed9	Polish NimbusJwtDecoder	1 year ago
Josh Cummings	ab43a660b9	Add RFC 9068 Support Closes gh-13185	1 year ago
Josh Cummings	81e2fd2fe8	Add Type Validation Closes gh-16672	1 year ago
Pat McCusker	2bd3cadde8	Use possessive pronoun rather contraction Signed-off-by: Pat McCusker <patmccusker14@gmail.com>	1 year ago
Pat McCusker	bfce6e438d	Add fourth oauth grant type to javadoc Signed-off-by: Pat McCusker <patmccusker14@gmail.com>	1 year ago
Josh Cummings	b6c813c5a2	ClientRegistrations supports hostnames with underscores Issue gh-15852	1 year ago
Josh Cummings	3d15be1b06	JwtDecoders Supports Hostnames with Underscores In the process of verifying gh-15852, another issue with URI was discovered. This commit adds tests to the uri-computing methods and changes them to use UriComponents instead of URI. Issue gh-15852	1 year ago
Bodo Graumann	0cd6a19b87	Avoid UriComponentsBuilder.fromUri Closes gh-15852	1 year ago
Steve Riesenberg	7fc5d50adf	Polish gh-16551	1 year ago
Max Batischev	00cd95be76	Add setRedirectStrategy to OidcClientInitiatedServerLogoutSuccessHandler Closes gh-16556 Signed-off-by: Max Batischev <mblancer@mail.ru>	1 year ago
Josh Cummings	6793334575	Polish setJwkSelector Make so that it runs only when selection is needed. Require the provided selector be non-null. Add Tests. Issue gh-16170	1 year ago
douxiaofeng99	e22bc11cc9	Support JWK Selection Strategy Closes gh-16170 Signed-off-by: douxiaofeng99 <18600127780@163.com>	1 year ago
Joe Grandja	2480d41981	Add support for OAuth 2.0 Demonstrating Proof of Possession (DPoP) Signed-off-by: Joe Grandja <10884212+jgrandja@users.noreply.github.com>	1 year ago
Josh Cummings	11113adf62	Polish Nimbus JWK Source Implementation Issue gh-16251	1 year ago
Daeho Kwon	7b7abb28bb	Remove Deprecated Usages of RemoteJWKSet Closes gh-16251 Signed-off-by: Daeho Kwon <trewq231@naver.com>	1 year ago
Josh Cummings	f9824fd688	Polish Tests Issue gh-16251	1 year ago
Tran Ngoc Nhan	e5ea75f7f4	Implement Serial Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>	1 year ago
Rob Winch	004f38639d	Move ClientSettings to ClientRegistration Initially it was proposed to put ClientSettings as a top level class, but to be consistent with ProviderDetails, this commit moves ClientSettings to be an inner class of ClientRegistration Issue gh-16382 # Conflicts: # oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/registration/ClientSettings.java	1 year ago
Rob Winch	4c533569bb	Ensure missing ClientRegistration.clientSettings JSON node works Issue gh-16382	1 year ago
Rob Winch	f9498d3885	PKCE cannot be true and AuthorizationGrantType != AUTHORIZATION_CODE PKCE is only valid for AuthorizationGrantType.AUTHORIZATION_CODE so the code should validate this. Issue gh-16382	1 year ago
Rob Winch	ab629cc1ca	Add AuthorizationGrantType.toString() This adds AuthorizationGrantType.toString() which makes debuging easier. In particular, it will help when performing unit tests which validate the AuthorizationGrantType. Issue gh-16382	1 year ago
Rob Winch	b0a4dcb89e	ClientSettings equals, hashCode, toString Issue gh-16382	1 year ago
Rob Winch	2665a92107	Ensure that ClientSettings cannot be null This ensures that ClientRegistration.Builder.ClientSettings cannot be null. This has a slight advantage in terms of null safety to making this check happen in the build method since the Builder does not have a null field either. Issue gh-16382	1 year ago
Rob Winch	0ed7b18f42	DefaultServerOAuth2AuthorizationRequestResolver requireProofKey support When requireProofKey=true, DefaultServerOAuth2AuthorizationRequestResolver enables PKCE support. Issue gh-16382	1 year ago
DingHao	8d3e0844c5	Add ClientRegistration.clientSettings.requireProofKey to Enable PKCE Closes gh-16382 Signed-off-by: DingHao <dh.hiekn@gmail.com>	1 year ago
Tran Ngoc Nhan	aced3bcf16	Encode Introspection clientId and clientSecret Closes gh-15988 Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>	1 year ago
Max Batischev	ed3f3d17b2	Add support customizing redirect URI Closes gh-14778	1 year ago

1 2 3 4 5 ...

1341 Commits (43ef4262daa2906f970a237df50dff08bd2d305d)