This commit removes unnecessary main-branch merges starting from
8750608b5b and adds the following
needed commit(s) that were made afterward:
- 5dce82c48b
- Add OAuth2ReactiveAuthorizationManagers
- Code to interfaces
- Align error message with the same in
AuthorityAuthorizationManager
- Adjust expectations in tests to confirm an
appropriately constructed authorizaion manager
- Add JavaDoc and reference documentation
Issue gh-13654
This commit adds an overview to the landing page for OAuth2 with:
* OAuth2 Resource Server
* OAuth2 Client
At this level, OAuth2 Login is combined into the overview for Client
to make it clear that it is part of the oauth2-client module.
Content is broken down into use cases similar to other docs pages
that have been updated recently. This content will be revisited
as additional updates are made to OAuth2 docs, and some use cases
may be moved or even added as needed. This commit only adds a few
initial use cases to get the OAuth2 docs update process started.
Closes gh-13784
Previously, the default authority was ROLE_USER when using
oauth2Login() for both OAuth2 and OIDC providers.
* Default authority for OAuth2UserAuthority is now OAUTH2_USER
* Default authority for OidcUserAuthority is now OIDC_USER
Documentation has been updated to include this implementation detail.
Closes gh-7856
Adds configurable authentication converter for resource-servers with
token introspection (something very similar to what
JwtAuthenticationConverter does for resource-servers with JWT decoder).
The new (Reactive)OpaqueTokenAuthenticationConverter is given
responsibility for converting successful token introspection result
into an Authentication instance (which is currently done by a private
methods of OpaqueTokenAuthenticationProvider and
OpaqueTokenReactiveAuthenticationManager).
The default (Reactive)OpaqueTokenAuthenticationConverter, behave the
same as current private convert(OAuth2AuthenticatedPrincipal principal,
String token) methods: map authorities from scope attribute and build a
BearerTokenAuthentication.
Closes gh-11661
Before, Spring Security's @Enable* annotations were meta-annotated with @Configuration.
While convenient, this is not consistent with the rest of the Spring projects and most notably
Spring Framework's @Enable annotations. Additionally, the introduction of support for
@Configuration(proxyBeanMethods=false) in Spring Framework provides a compelling reason to
remove @Configuration meta-annotation from Spring Security's @Enable annotations and allow
users to opt into their preferred configuration mode.
Closes gh-6613
Signed-off-by: Joshua Sattler <joshua.sattler@mailbox.org>
daniKir
Josh Cummings
Steve Riesenberg
Daniel Shuy
yahya jabary
Rob Winch
Vladimir Kidyaev
moli
Logan Kulinski
Olivier Délèze
Sellami
Rivaldi
Ger Roza
Marcus Da Coregio
ch4mpy
Joshua Sattler
André Luis Gomes
Pascal Verdage
Joe Grandja
Yuriy Savchenko
Eleftheria Stein
Jeff Maxwell