1adb13db66
Merge branch '6.3.x'
1 year ago
1e6ac83dfb
Bump org.junit:junit-bom from 5.10.4 to 5.10.5
...
Bumps [org.junit:junit-bom](https://github.com/junit-team/junit5 ) from 5.10.4 to 5.10.5.
- [Release notes](https://github.com/junit-team/junit5/releases )
- [Commits](https://github.com/junit-team/junit5/compare/r5.10.4...r5.10.5 )
---
updated-dependencies:
- dependency-name: org.junit:junit-bom
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
1 year ago
132e559d65
Bump org.junit:junit-bom from 5.11.1 to 5.11.2
...
Bumps [org.junit:junit-bom](https://github.com/junit-team/junit5 ) from 5.11.1 to 5.11.2.
- [Release notes](https://github.com/junit-team/junit5/releases )
- [Commits](https://github.com/junit-team/junit5/compare/r5.11.1...r5.11.2 )
---
updated-dependencies:
- dependency-name: org.junit:junit-bom
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
1 year ago
6a0e90d6cb
Bump io.freefair.gradle:aspectj-plugin from 8.10 to 8.10.2
...
Bumps [io.freefair.gradle:aspectj-plugin](https://github.com/freefair/gradle-plugins ) from 8.10 to 8.10.2.
- [Release notes](https://github.com/freefair/gradle-plugins/releases )
- [Commits](https://github.com/freefair/gradle-plugins/compare/8.10...8.10.2 )
---
updated-dependencies:
- dependency-name: io.freefair.gradle:aspectj-plugin
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
1 year ago
e8876fa195
Merge branch '6.2.x' into 6.3.x
1 year ago
0ab56601b2
Merge branch '6.3.x'
1 year ago
73ee0cf7ec
Bump org.junit:junit-bom from 5.10.4 to 5.10.5
...
Bumps [org.junit:junit-bom](https://github.com/junit-team/junit5 ) from 5.10.4 to 5.10.5.
- [Release notes](https://github.com/junit-team/junit5/releases )
- [Commits](https://github.com/junit-team/junit5/compare/r5.10.4...r5.10.5 )
---
updated-dependencies:
- dependency-name: org.junit:junit-bom
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
1 year ago
de104e22b7
Update javaDoc for DefaultOneTimeTokenSubmitPageGeneratingFilter
1 year ago
a3fd551fb5
Add ClientRegistrations.fromOidcConfiguration method
...
ClientRegistrations now provides the fromOidcConfiguration
method to create a ClientRegistration.Builder from a map
representation of an OpenID Provider Configuration Response.
This is useful when the OpenID Provider Configuration is not
available at a well-known location, or if custom validation
is needed for the issuer location (e.g. if the issuer is only
reachable via a back-channel URI that is different from the
issuer value in the configuration).
Fixes: gh-14633
1 year ago
1dd79c379b
Add JdbcOneTimeTokenService
...
Closes gh-15735
1 year ago
f002fedb73
Document JdbcOneTimeTokenService
...
Issue gh-15735
1 year ago
c3a5ae1254
Fix logger checkstyle
1 year ago
7738e6c895
Add logger.isDebugEnabled()
...
Issue gh-15735
1 year ago
c4b60cd080
Reduce visibility for JdbcOneTimeTokenServiceTests
...
Issue gh-15735
1 year ago
650ec3ba82
Use Duration for calculating validity
...
This improves readability.
Issue gh-15735
1 year ago
e8c71df899
Use private Inner JdbcOneTimeTokenService classes
...
Issue gh-15735
1 year ago
612b15abcc
JdbcOneTimeTokenService.setCleanupCron
...
Spring Security uses setter methods for optional member variables. Allows
for a null cleanupCron to disable the cleanup.
In a clustered environment it is likely that users do not want all nodes
to be performing a cleanup because it will cause contention on the ott
table.
Another example is if a user wants to invoke cleanUpExpiredTokens with a
different strategy all together, they might want to disable the cron job.
Issue gh-15735
1 year ago
f5991ae176
Allow access token request parameters to override defaults
...
Closes gh-11298
1 year ago
4787ac254d
cleanUpExpiredTokens->cleanupExpiredTokens
...
Issue gh-15735
1 year ago
4f328c9503
destroy() shuts down the taskScheduler
...
Issue gh-15735
1 year ago
8c2485cb47
Bump io.spring.develocity.conventions from 0.0.21 to 0.0.22
...
Bumps [io.spring.develocity.conventions](https://github.com/spring-io/develocity-conventions ) from 0.0.21 to 0.0.22.
- [Release notes](https://github.com/spring-io/develocity-conventions/releases )
- [Commits](https://github.com/spring-io/develocity-conventions/compare/v0.0.21...v0.0.22 )
---
updated-dependencies:
- dependency-name: io.spring.develocity.conventions
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
1 year ago
b5132e9c4f
Bump io.micrometer:micrometer-observation from 1.13.4 to 1.13.5
...
Bumps [io.micrometer:micrometer-observation](https://github.com/micrometer-metrics/micrometer ) from 1.13.4 to 1.13.5.
- [Release notes](https://github.com/micrometer-metrics/micrometer/releases )
- [Commits](https://github.com/micrometer-metrics/micrometer/compare/v1.13.4...v1.13.5 )
---
updated-dependencies:
- dependency-name: io.micrometer:micrometer-observation
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
1 year ago
fddc7768c5
Bump org.mockito:mockito-bom from 5.14.0 to 5.14.1
...
Bumps [org.mockito:mockito-bom](https://github.com/mockito/mockito ) from 5.14.0 to 5.14.1.
- [Release notes](https://github.com/mockito/mockito/releases )
- [Commits](https://github.com/mockito/mockito/compare/v5.14.0...v5.14.1 )
---
updated-dependencies:
- dependency-name: org.mockito:mockito-bom
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
1 year ago
8a5a603c1d
Fix SecurityContextPersistenceRepository Typo
1 year ago
cb4a85a74c
Clarify UsernamePasswordAuthenticationFilter Workflow
1 year ago
aceb5fa6bb
Allow logout+jwt JWT type for reactive
...
The OIDC back-channel spec recommends using a logout token typ `logout+jwt`
(see [here](https://openid.net/specs/openid-connect-backchannel-1_0-final.html#LogoutToken ).
Support of this type was recently added [on the servlet side]([on the Servlet side](9101bf1f7d
1 year ago
29331a0d8c
Merge branch '6.3.x'
1 year ago
746464e035
Merge branch '6.2.x' into 6.3.x
1 year ago
c1857c0308
Fix Formatting
...
Issue gh-15771
1 year ago
690e012fb1
Improve OidcBackChannelLogoutTokenValidator error when provider issuer is missing
...
Closes gh-15771
1 year ago
8b97fdde43
Polish OAuth2ClientConfiguration
1 year ago
7fcb42b537
Fix typo of createDefaultRequestMacher in WebSessionServerRequestCache
...
createDefaultRequestMacher -> createDefaultRequestMatcher
1 year ago
0c216f0b59
Add public to setClock method in InMemoryOneTimeTokenService
...
Closes gh-15863
1 year ago
828d316103
Bump org.mockito:mockito-bom from 5.13.0 to 5.14.0
...
Bumps [org.mockito:mockito-bom](https://github.com/mockito/mockito ) from 5.13.0 to 5.14.0.
- [Release notes](https://github.com/mockito/mockito/releases )
- [Commits](https://github.com/mockito/mockito/compare/v5.13.0...v5.14.0 )
---
updated-dependencies:
- dependency-name: org.mockito:mockito-bom
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
1 year ago
50cc36d53e
Add support JdbcOneTimeTokenService
...
Closes gh-15735
1 year ago
9ba2435cb2
Support refresh token for Token Exchange
...
Closes gh-15534
1 year ago
e11c188122
Customize the strategy for resolving the principal
...
Closes gh-15826
1 year ago
50cb051c86
Bump com.fasterxml.jackson:jackson-bom from 2.17.2 to 2.18.0
...
Bumps [com.fasterxml.jackson:jackson-bom](https://github.com/FasterXML/jackson-bom ) from 2.17.2 to 2.18.0.
- [Commits](https://github.com/FasterXML/jackson-bom/compare/jackson-bom-2.17.2...jackson-bom-2.18.0 )
---
updated-dependencies:
- dependency-name: com.fasterxml.jackson:jackson-bom
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
1 year ago
ee9a887ae5
Fix Package Tangle
...
Move ObjectPostProcessor to be alongside Customizer, another
functional interface for describing Spring Security object
configuration.
1 year ago
24a7ad732c
Merge branch '6.3.x'
1 year ago
b49051a1e6
Merge branch '6.2.x' into 6.3.x
1 year ago
f7b85ed314
Fix Broken Resource Server Doc Links
1 year ago
4e2cb8bc25
Fix Broken Resource Server Doc Links
1 year ago
d6b620b9f7
Make Observations Selectable
...
Closes gh-15678
1 year ago
69e3c248fa
Abstract ObservationRegistry Behind ObjectPostProcessor
...
Issue gh-15678
1 year ago
1ed20aa210
Add ObservationRegistry Tests
...
Issue gh-11989
Issue gh-11990
1 year ago
717529deb4
Add Generic Type to ObjectPostProcessor Lookups
...
Issue gh-15678
1 year ago
8616044bb6
Bump org.junit:junit-bom from 5.11.0 to 5.11.1
...
Bumps [org.junit:junit-bom](https://github.com/junit-team/junit5 ) from 5.11.0 to 5.11.1.
- [Release notes](https://github.com/junit-team/junit5/releases )
- [Commits](https://github.com/junit-team/junit5/compare/r5.11.0...r5.11.1 )
---
updated-dependencies:
- dependency-name: org.junit:junit-bom
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
1 year ago
426e089bf8
Merge branch '6.2.x' into 6.3.x
1 year ago
3b20844700
Merge branch '6.3.x'
1 year ago
github-actions[bot]
dependabot[bot]
Max Batischev
Giovanni Lovato
Rob Winch
Steve Riesenberg
nima
Cedric Montfort
Josh Cummings
chao.wang
Thomas Darimont
John Niang
Tran Ngoc Nhan