root
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Actions 21 Packages Projects Releases Wiki Activity
19,809 Commits 47 Branches 367 Tags 124 MiB
Commit Graph

346 Commits

Author SHA1 Message Date
Andrey Litvitski 9b61533db2 Mark `GrantedAuthority#getAuthority` as `@Nullable` 
Closes: gh-17999

Signed-off-by: Andrey Litvitski <andrey1010102008@gmail.com>
 2025-10-20 15:22:24 -06:00
Rob Winch d18431a78d
Move FACTOR_ constants to FactorGrantedAuthority 
Previously GrantedAuthorities had an implicit package tangle because it
was located in ~.core and FactorGrantedAuthority is in ~.core.authority
and FactorGrantedAuthority's authority property was implicitly expected
to be constants found in `GrantedAuthorities`.

This commit moves the constants to the FactorGrantedAuthority which
resolves this tangle. It wasn't initially done because
FactorGrantedAuthority did not exist at that time.

Closes gh-18030
 2025-10-10 16:24:46 -05:00
Rob Winch 3f74991ce9
Authentication adds FactorGrantedAuthority 
Closes gh-18001
 2025-10-03 15:20:03 -05:00
Rob Winch 7f10897de3
SecurityMockMvcResultMatchers.withAuthorities(String...)
CodeQL Advanced / codeql-analysis-call (push) Waiting to run Details
CI / Build (17, ubuntu-latest) (push) Waiting to run Details
CI / Build (17, windows-latest) (push) Waiting to run Details
CI / Deploy Artifacts (push) Blocked by required conditions Details
CI / Deploy Docs (push) Blocked by required conditions Details
CI / Deploy Schema (push) Blocked by required conditions Details
CI / Perform Release (push) Blocked by required conditions Details
CI / Send Notification (push) Blocked by required conditions Details
Deploy Docs / build (push) Waiting to run Details 
Closes gh-17974
 2025-09-30 10:39:14 -05:00
Rob Winch b2d76dfe66
Add GrantedAuthorities.FACTOR_*_AUTHORITY 
Closes gh-17952
 2025-09-24 09:53:56 -05:00
Josh Cummings e8accd0499
Add Factory Authority When Authentication Succeeds 
Issue gh-17933
 2025-09-19 11:32:26 -06:00
Josh Cummings 3a1692f3c3
Remove Direct Runtime Dependency on Access API 
Issue gh-17847
 2025-09-12 10:32:37 -06:00
Josh Cummings de10e08348
Make withRoles Check Only Roles 
This commit clarifies the semantics of withRoles,
which is to check the role-based authorities in an
authentication.

Closes gh-17843
 2025-09-03 17:53:41 -06:00
Rob Winch 6a84f96930
Enable Null checking in spring-security-test via JSpecify 
Closes gh-17840
 2025-09-03 12:59:46 -05:00
Rob Winch f6cb0bd610
Merge Use 2004-present Copyright Header 
The original merge into main did not apply the changes. This fixes it.
Closes gh-17635
 2025-07-29 10:52:42 -05:00
Josh Cummings 2c87270dbc
Use authorizeHttpRequests 
Issue gh-15174
 2025-07-09 17:33:11 -06:00
Josh Cummings e9506776f1
Use PathPatternRequestMatcher in test 
Issue gh-16887
 2025-07-03 13:37:49 -06:00
Joe Grandja cfe38957d7 Remove Resource Owner Password Credentials grant 
Closes gh-17446
 2025-07-03 14:23:23 -04:00
Josh Cummings 777447e1d9
Format authorizeHttpRequests Blocks 
This commit formats authorizeHttpRequests blocks
to use the same parameter name and places the
reference on the same line as the parameter.

Issue gh-13067
 2025-06-20 10:46:51 -06:00
Josh Cummings 13e738e733
Use HttpSecurity Lambda DSL in Test 
Issue gh-13067
 2025-06-20 10:41:29 -06:00
Tran Ngoc Nhan 8e2067bb3e Remove deprecated `MemberCategory#DECLARED_FIELDS` 
Issue gh-16889

Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
 2025-05-23 14:36:54 -06:00
Josh Cummings ae82be70c3
Add Needed Runtime Hints
CI / Build (17, ubuntu-latest) (push) Waiting to run Details
CI / Build (17, windows-latest) (push) Waiting to run Details
CI / Test Against Snapshots (17, 17) (push) Waiting to run Details
CI / Test Against Snapshots (21-ea, 21) (push) Waiting to run Details
CI / Check Samples (push) Waiting to run Details
CI / Deploy Artifacts (push) Blocked by required conditions Details
CI / Deploy Docs (push) Blocked by required conditions Details
CI / Deploy Schema (push) Blocked by required conditions Details
CI / Perform Release (push) Blocked by required conditions Details
CI / Send Notification (push) Blocked by required conditions Details
Deploy Docs / build (push) Waiting to run Details 
Issue gh-16536
 2025-04-14 11:06:18 -06:00
Daeho Kwon 9908d96644
DeferredCsrfToken Implements Supplier 
Closes gh-16870

Signed-off-by: Daeho Kwon <trewq231@naver.com>
 2025-04-09 14:24:11 -06:00
Daeho Kwon 90dd31cae5 Replace dynamic error message with static "Access Denied"
CI / Build (17, ubuntu-latest) (push) Waiting to run Details
CI / Build (17, windows-latest) (push) Waiting to run Details
CI / Test Against Snapshots (17, 17) (push) Waiting to run Details
CI / Test Against Snapshots (21-ea, 21) (push) Waiting to run Details
CI / Check Samples (push) Waiting to run Details
CI / Deploy Artifacts (push) Blocked by required conditions Details
CI / Deploy Docs (push) Blocked by required conditions Details
CI / Deploy Schema (push) Blocked by required conditions Details
CI / Perform Release (push) Blocked by required conditions Details
CI / Send Notification (push) Blocked by required conditions Details
Deploy Docs / build (push) Waiting to run Details 
Closes gh-16514

Signed-off-by: Daeho Kwon <trewq231@naver.com>
 2025-03-20 15:20:54 -05:00
Tran Ngoc Nhan 6c9071211f Fix typo code tag 
Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
 2025-03-20 12:48:11 -06:00
Rob Winch 05116eabbd
Merge branch '6.3.x' into 6.4.x 
- adb303e Add testRuntimeOnly junit-platform-launcher

Closes gh-16756
 2025-03-17 14:18:49 -05:00
Rob Winch adb303e152
Add testRuntimeOnly junit-platform-launcher 
Closes gh-16755
 2025-03-17 14:16:44 -05:00
Josh Cummings 36a408fb5e
Update Mocking of TestContext 
Recent Spring Framework changes to default to Mockito's STRICT stubbing mode
requires that TestContext be mocked after the exection context has been fully
instantiated

Closes gh-15579
 2024-08-12 10:12:14 -06:00
Steve Riesenberg 7c45ebd81c
Polish gh-15012 2024-06-03 17:02:38 -05:00
Filip Hrisafov 99aee99b34
Expose user name attribute name in `OAuth2UserAuthority` 2024-06-03 12:30:34 -05:00
Marcus Hert Da Coregio cdc4ae134c Merge branch '6.2.x' 
Closes gh-14469
 2024-01-17 08:47:46 -03:00
Marcus Hert Da Coregio 5938f7cdee Merge branch '6.1.x' into 6.2.x 
Closes gh-14468
 2024-01-17 08:47:36 -03:00
Marcus Hert Da Coregio fccd9379d5 WebTestUtilsTestRuntimeHints implements RuntimeHintsRegistrar 
Closes gh-14399
 2024-01-17 08:47:28 -03:00
Marcus Hert Da Coregio 707588f870 Merge branch '6.2.x' 2023-12-26 15:58:51 -03:00
Marcus Hert Da Coregio d385b53e3c Merge branch '6.1.x' into 6.2.x 2023-12-26 15:58:39 -03:00
Marcus Hert Da Coregio 92af758f1f Make springSecurityHandlerMappingIntrospectorBeanDefinitionRegistryPostProcessor passive 
Instead of excluding the bean from AOT processing, we avoid redefining the beans if they are present or in the expected state.

Issue gh-14362
 2023-12-26 15:58:16 -03:00
Marcus Hert Da Coregio 08d764dc84 Merge branch '6.2.x' 
Closes gh-14378
 2023-12-26 10:42:45 -03:00
Marcus Hert Da Coregio f95cda6be7 Merge branch '6.1.x' into 6.2.x 
Closes gh-14377
 2023-12-26 10:42:37 -03:00
Marcus Hert Da Coregio 364bc10e78 Add hints for CompositeFilterChainProxy 
Closes gh-14359
 2023-12-26 10:41:56 -03:00
ahmd-nabil dfef781e33 Add default implementation in UserDetails 
Closes gh-14275

Signed-off-by: ahmd-nabil <ahm3dnabil99@gmail.com>
 2023-12-11 11:00:57 -07:00
Steve Riesenberg 9db33f33c7
Revert unnecessary merges on 6.0.x 
This commit removes unnecessary main-branch merges starting from
8750608b5b and adds the following
needed commit(s) that were made afterward:

- 5dce82c48b
 2023-10-31 15:11:45 -05:00
Marcus Da Coregio 07b6c451fd Merge branch '6.1.x' 
Closes gh-13884
 2023-09-29 11:47:38 -03:00
Marcus Da Coregio 92c82191c9 Merge branch '5.8.x' into 6.0.x 
Closes gh-13882
 2023-09-29 11:46:00 -03:00
Marcus Da Coregio 64e2a2ff8b Apply updated Code Style 
Closes gh-13881
 2023-09-29 11:44:32 -03:00
Steve Riesenberg d6ff58bb7f
Update Mockito to 5.5.0 
Closes gh-13810
 2023-09-19 10:39:03 -05:00
Tim te Beek 9df9cb5aed refactor: AssertJ best practices 
Use this link to re-run the recipe: https://app.moderne.io/recipes/builder/bGVuS?organizationId=RGVmYXVsdA%3D%3D

Co-authored-by: Moderne <team@moderne.io>
 2023-09-12 16:18:14 -06:00
Kevin Park 02aa052fc7 Fix typo in method name 2023-08-08 17:32:01 -06:00
Laurent MARTELLI 5a7eb108c8 Fix Javadoc 2023-06-22 11:22:15 -06:00
Josh Cummings 590e9e23d9
Merge branch '5.8.x' into 6.0.x 
Closes gh-13253
 2023-05-31 15:42:41 -06:00
Josh Cummings 79f1cf799d
Merge branch '5.7.x' into 5.8.x 
Closes gh-13252
 2023-05-31 15:31:31 -06:00
Josh Cummings bcc1cfc28a
Restore OAuth2AuthorizedClientRepository Test Instrumentation 
Closes gh-13113
 2023-05-31 15:30:03 -06:00
Marcus Da Coregio e3cc8d13e8 Merge branch '5.8.x' into 6.0.x 2023-04-19 11:29:49 -03:00
Marcus Da Coregio 744b74f4c9 Merge branch '5.7.x' into 5.8.x 2023-04-19 11:27:08 -03:00
Amal Krishna 8bec14009e Fix typo in SecurityMockMvcResultMatchers.java 
Change the first parameter's name of the AuthenticatedMatcher.withAuthentication() method from assesrtAuthentication to assertAuthentication
 2023-04-19 11:25:55 -03:00
Marcus Da Coregio 1a4a2a9055 Merge branch '5.8.x' into 6.0.x 2023-04-14 13:32:10 -03:00