1c870f25e9
Bump io.spring.nullability:io.spring.nullability.gradle.plugin from 0.0.4 to 0.0.5
2025-10-06 09:13:12 -05:00
79e2d4b688
Merge branch '6.5.x'
2025-10-06 09:12:06 -05:00
9f8ebdcf4d
Merge branch '6.4.x' into 6.5.x
CodeQL Advanced / codeql-analysis-call (push) Has been cancelled
Details
CI / Build (17, ubuntu-latest) (push) Has been cancelled
Details
CI / Build (17, windows-latest) (push) Has been cancelled
Details
CI / Test Against Snapshots (17, 17) (push) Has been cancelled
Details
CI / Test Against Snapshots (21-ea, 21) (push) Has been cancelled
Details
CI / Check Samples (push) Has been cancelled
Details
Deploy Docs / build (push) Has been cancelled
Details
CI / Deploy Artifacts (push) Has been cancelled
Details
CI / Deploy Docs (push) Has been cancelled
Details
CI / Deploy Schema (push) Has been cancelled
Details
CI / Perform Release (push) Has been cancelled
Details
CI / Send Notification (push) Has been cancelled
Details
2025-10-06 09:11:56 -05:00
8ce38af608
Bump ch.qos.logback:logback-classic from 1.5.18 to 1.5.19
2025-10-06 09:11:20 -05:00
607b1dfffe
Bump io.mockk:mockk from 1.14.5 to 1.14.6
2025-10-06 09:11:17 -05:00
904f5157fa
Bump com.webauthn4j:webauthn4j-core from 0.29.6.RELEASE to 0.29.7.RELEASE
2025-10-06 09:11:15 -05:00
f57c9ffcbb
Bump ch.qos.logback:logback-classic from 1.5.18 to 1.5.19
CodeQL Advanced / codeql-analysis-call (push) Has been cancelled
Details
CI / Build (17, ubuntu-latest) (push) Has been cancelled
Details
CI / Build (17, windows-latest) (push) Has been cancelled
Details
CI / Test Against Snapshots (17, 17) (push) Has been cancelled
Details
CI / Test Against Snapshots (21-ea, 21) (push) Has been cancelled
Details
CI / Check Samples (push) Has been cancelled
Details
Deploy Docs / build (push) Has been cancelled
Details
CI / Deploy Artifacts (push) Has been cancelled
Details
CI / Deploy Docs (push) Has been cancelled
Details
CI / Deploy Schema (push) Has been cancelled
Details
CI / Perform Release (push) Has been cancelled
Details
CI / Send Notification (push) Has been cancelled
Details
2025-10-06 09:10:34 -05:00
b7f40a4e08
Bump org.hibernate.orm:hibernate-core from 6.6.29.Final to 6.6.31.Final
...
Bumps [org.hibernate.orm:hibernate-core](https://github.com/hibernate/hibernate-orm ) from 6.6.29.Final to 6.6.31.Final.
- [Release notes](https://github.com/hibernate/hibernate-orm/releases )
- [Changelog](https://github.com/hibernate/hibernate-orm/blob/6.6.31/changelog.txt )
- [Commits](https://github.com/hibernate/hibernate-orm/compare/6.6.29...6.6.31 )
---
updated-dependencies:
- dependency-name: org.hibernate.orm:hibernate-core
dependency-version: 6.6.31.Final
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2025-10-06 03:21:28 +00:00
dd7f809564
Bump org.hibernate.orm:hibernate-core from 6.6.29.Final to 6.6.31.Final
...
Bumps [org.hibernate.orm:hibernate-core](https://github.com/hibernate/hibernate-orm ) from 6.6.29.Final to 6.6.31.Final.
- [Release notes](https://github.com/hibernate/hibernate-orm/releases )
- [Changelog](https://github.com/hibernate/hibernate-orm/blob/6.6.31/changelog.txt )
- [Commits](https://github.com/hibernate/hibernate-orm/compare/6.6.29...6.6.31 )
---
updated-dependencies:
- dependency-name: org.hibernate.orm:hibernate-core
dependency-version: 6.6.31.Final
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2025-10-06 03:13:36 +00:00
51fe7ff737
Return device_code grant metadata when enabled
...
CodeQL Advanced / codeql-analysis-call (push) Waiting to run
Details
CI / Build (17, ubuntu-latest) (push) Waiting to run
Details
CI / Build (17, windows-latest) (push) Waiting to run
Details
CI / Deploy Artifacts (push) Blocked by required conditions
Details
CI / Deploy Docs (push) Blocked by required conditions
Details
CI / Deploy Schema (push) Blocked by required conditions
Details
CI / Perform Release (push) Blocked by required conditions
Details
CI / Send Notification (push) Blocked by required conditions
Details
Deploy Docs / build (push) Has been cancelled
Details
Execute Gradle Wrapper Upgrade / Execution (push) Has been cancelled
Details
Issue gh-17998
2025-10-04 05:38:11 -04:00
9595d37c14
Integration Test for DefaultLoginPageGeneratingFilterTests
...
CodeQL Advanced / codeql-analysis-call (push) Waiting to run
Details
CI / Build (17, ubuntu-latest) (push) Waiting to run
Details
CI / Build (17, windows-latest) (push) Waiting to run
Details
CI / Deploy Artifacts (push) Blocked by required conditions
Details
CI / Deploy Docs (push) Blocked by required conditions
Details
CI / Deploy Schema (push) Blocked by required conditions
Details
CI / Perform Release (push) Blocked by required conditions
Details
CI / Send Notification (push) Blocked by required conditions
Details
Deploy Docs / build (push) Waiting to run
Details
Add a minimal test to ensure that
DelegatingMissingAuthorityAccessDeniedHandler and
DefaultLoginPageGeneratingFilterTests work together properly.
Issue gh-18002
2025-10-03 15:20:03 -05:00
2473378fcd
Use RequiredFactorErrors
...
Closes gh-18002
2025-10-03 15:20:03 -05:00
d1ff983c11
Add AllFactorsAuthorizationManager
...
Closes gh-17997
2025-10-03 15:20:03 -05:00
3f74991ce9
Authentication adds FactorGrantedAuthority
...
Closes gh-18001
2025-10-03 15:20:03 -05:00
ce36fc1e76
Add FactorGrantedAuthority
...
Closes gh-17996
2025-10-03 15:20:00 -05:00
477a456d6c
Disable device_code grant by default
...
CodeQL Advanced / codeql-analysis-call (push) Waiting to run
Details
CI / Build (17, ubuntu-latest) (push) Waiting to run
Details
CI / Build (17, windows-latest) (push) Waiting to run
Details
CI / Deploy Artifacts (push) Blocked by required conditions
Details
CI / Deploy Docs (push) Blocked by required conditions
Details
CI / Deploy Schema (push) Blocked by required conditions
Details
CI / Perform Release (push) Blocked by required conditions
Details
CI / Send Notification (push) Blocked by required conditions
Details
Deploy Docs / build (push) Waiting to run
Details
Closes gh-17998
2025-10-03 14:10:13 -04:00
4dfef1483d
Polish gh-17507
2025-10-03 13:09:09 -04:00
8c65dc93f2
Enable PKCE by default
...
Closes gh-17507
Signed-off-by: Rohan Naik <rohan.nn1203@gmail.com>
2025-10-03 13:08:04 -04:00
0f40f694b8
Bump io.spring.nullability:io.spring.nullability.gradle.plugin
...
Bumps [io.spring.nullability:io.spring.nullability.gradle.plugin](https://github.com/spring-gradle-plugins/nullability-plugin ) from 0.0.4 to 0.0.5.
- [Release notes](https://github.com/spring-gradle-plugins/nullability-plugin/releases )
- [Commits](https://github.com/spring-gradle-plugins/nullability-plugin/compare/v0.0.4...v0.0.5 )
---
updated-dependencies:
- dependency-name: io.spring.nullability:io.spring.nullability.gradle.plugin
dependency-version: 0.0.5
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2025-10-03 03:08:45 +00:00
54aae36f98
Add support for OAuth 2.0 Protected Resource Metadata
...
CodeQL Advanced / codeql-analysis-call (push) Waiting to run
Details
CI / Build (17, ubuntu-latest) (push) Waiting to run
Details
CI / Build (17, windows-latest) (push) Waiting to run
Details
CI / Deploy Artifacts (push) Blocked by required conditions
Details
CI / Deploy Docs (push) Blocked by required conditions
Details
CI / Deploy Schema (push) Blocked by required conditions
Details
CI / Perform Release (push) Blocked by required conditions
Details
CI / Send Notification (push) Blocked by required conditions
Details
Deploy Docs / build (push) Waiting to run
Details
Closes gh-17244
2025-10-02 14:50:17 -04:00
564726adea
Bump com.webauthn4j:webauthn4j-core
...
Bumps [com.webauthn4j:webauthn4j-core](https://github.com/webauthn4j/webauthn4j ) from 0.29.6.RELEASE to 0.29.7.RELEASE.
- [Release notes](https://github.com/webauthn4j/webauthn4j/releases )
- [Changelog](https://github.com/webauthn4j/webauthn4j/blob/master/github-release-notes-generator.yml )
- [Commits](https://github.com/webauthn4j/webauthn4j/compare/0.29.6.RELEASE...0.29.7.RELEASE )
---
updated-dependencies:
- dependency-name: com.webauthn4j:webauthn4j-core
dependency-version: 0.29.7.RELEASE
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2025-10-02 03:19:11 +00:00
c1375b857a
Bump io.mockk:mockk from 1.14.5 to 1.14.6
...
Bumps [io.mockk:mockk](https://github.com/mockk/mockk ) from 1.14.5 to 1.14.6.
- [Release notes](https://github.com/mockk/mockk/releases )
- [Commits](https://github.com/mockk/mockk/compare/1.14.5...1.14.6 )
---
updated-dependencies:
- dependency-name: io.mockk:mockk
dependency-version: 1.14.6
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2025-10-02 03:17:57 +00:00
c5a335ac91
Bump io.mockk:mockk from 1.14.5 to 1.14.6
...
Bumps [io.mockk:mockk](https://github.com/mockk/mockk ) from 1.14.5 to 1.14.6.
- [Release notes](https://github.com/mockk/mockk/releases )
- [Commits](https://github.com/mockk/mockk/compare/1.14.5...1.14.6 )
---
updated-dependencies:
- dependency-name: io.mockk:mockk
dependency-version: 1.14.6
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2025-10-02 03:08:25 +00:00
64c9e3e210
Prevent Dupliate GrantedAuthority#getAuthority()
...
CodeQL Advanced / codeql-analysis-call (push) Waiting to run
Details
CI / Build (17, ubuntu-latest) (push) Waiting to run
Details
CI / Build (17, windows-latest) (push) Waiting to run
Details
CI / Deploy Artifacts (push) Blocked by required conditions
Details
CI / Deploy Docs (push) Blocked by required conditions
Details
CI / Deploy Schema (push) Blocked by required conditions
Details
CI / Perform Release (push) Blocked by required conditions
Details
CI / Send Notification (push) Blocked by required conditions
Details
Deploy Docs / build (push) Waiting to run
Details
If the GrantedAuthority is not equal, but contains a duplicate
GrantedAuthority#getAuthority() then at the time of authentication,
the Filter or WebFilter will duplicate the GrantedAuthority which leads
to a memory leak. This is important to avoid for when we add support for
a GrantedAuthority that might have an issuedAt attribute. If it is too
old, then we'd want only the new GrantedAuthority to be added and the old
instance to be removed. However, the two GrantedAuthority instances
will not be equal because the issuedAt will not be equal.
Closes gh-17981
2025-10-01 15:37:23 -05:00
c9010345b9
Add TestingAuthenticationToken(principal,credential,grantedAuthorities...)
...
CodeQL Advanced / codeql-analysis-call (push) Waiting to run
Details
CI / Build (17, ubuntu-latest) (push) Waiting to run
Details
CI / Build (17, windows-latest) (push) Waiting to run
Details
CI / Deploy Artifacts (push) Blocked by required conditions
Details
CI / Deploy Docs (push) Blocked by required conditions
Details
CI / Deploy Schema (push) Blocked by required conditions
Details
CI / Perform Release (push) Blocked by required conditions
Details
CI / Send Notification (push) Blocked by required conditions
Details
Deploy Docs / build (push) Waiting to run
Details
Closes gh-17980
2025-10-01 13:05:56 -05:00
681e166be8
Remove default HttpSecurity.securityMatcher() for authorization server
...
Closes gh-17965
2025-10-01 11:45:21 -04:00
dc5962af16
Bump ch.qos.logback:logback-classic from 1.5.18 to 1.5.19
...
Bumps [ch.qos.logback:logback-classic](https://github.com/qos-ch/logback ) from 1.5.18 to 1.5.19.
- [Release notes](https://github.com/qos-ch/logback/releases )
- [Commits](https://github.com/qos-ch/logback/compare/v_1.5.18...v_1.5.19 )
---
updated-dependencies:
- dependency-name: ch.qos.logback:logback-classic
dependency-version: 1.5.19
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2025-10-01 03:20:55 +00:00
70da545463
Bump ch.qos.logback:logback-classic from 1.5.18 to 1.5.19
...
Bumps [ch.qos.logback:logback-classic](https://github.com/qos-ch/logback ) from 1.5.18 to 1.5.19.
- [Release notes](https://github.com/qos-ch/logback/releases )
- [Commits](https://github.com/qos-ch/logback/compare/v_1.5.18...v_1.5.19 )
---
updated-dependencies:
- dependency-name: ch.qos.logback:logback-classic
dependency-version: 1.5.19
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2025-10-01 03:20:01 +00:00
7f10897de3
SecurityMockMvcResultMatchers.withAuthorities(String...)
...
CodeQL Advanced / codeql-analysis-call (push) Waiting to run
Details
CI / Build (17, ubuntu-latest) (push) Waiting to run
Details
CI / Build (17, windows-latest) (push) Waiting to run
Details
CI / Deploy Artifacts (push) Blocked by required conditions
Details
CI / Deploy Docs (push) Blocked by required conditions
Details
CI / Deploy Schema (push) Blocked by required conditions
Details
CI / Perform Release (push) Blocked by required conditions
Details
CI / Send Notification (push) Blocked by required conditions
Details
Deploy Docs / build (push) Waiting to run
Details
Closes gh-17974
2025-09-30 10:39:14 -05:00
0e99324c43
Merge branch '6.5.x'
CodeQL Advanced / codeql-analysis-call (push) Waiting to run
Details
CI / Build (17, ubuntu-latest) (push) Waiting to run
Details
CI / Build (17, windows-latest) (push) Waiting to run
Details
CI / Deploy Artifacts (push) Blocked by required conditions
Details
CI / Deploy Docs (push) Blocked by required conditions
Details
CI / Deploy Schema (push) Blocked by required conditions
Details
CI / Perform Release (push) Blocked by required conditions
Details
CI / Send Notification (push) Blocked by required conditions
Details
Deploy Docs / build (push) Waiting to run
Details
2025-09-29 13:44:37 -05:00
cf9568fe09
Bump org.assertj:assertj-core from 3.27.5 to 3.27.6
2025-09-29 13:43:45 -05:00
7409133cc0
Bump org.apache.httpcomponents.client5:httpclient5 from 5.5 to 5.5.1
...
Bumps [org.apache.httpcomponents.client5:httpclient5](https://github.com/apache/httpcomponents-client ) from 5.5 to 5.5.1.
- [Changelog](https://github.com/apache/httpcomponents-client/blob/rel/v5.5.1/RELEASE_NOTES.txt )
- [Commits](https://github.com/apache/httpcomponents-client/compare/rel/v5.5...rel/v5.5.1 )
---
updated-dependencies:
- dependency-name: org.apache.httpcomponents.client5:httpclient5
dependency-version: 5.5.1
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2025-09-29 03:26:33 +00:00
f3761aff99
Add support for OAuth 2.0 Dynamic Client Registration Protocol
...
CodeQL Advanced / codeql-analysis-call (push) Waiting to run
Details
CI / Build (17, ubuntu-latest) (push) Waiting to run
Details
CI / Build (17, windows-latest) (push) Waiting to run
Details
CI / Deploy Artifacts (push) Blocked by required conditions
Details
CI / Deploy Docs (push) Blocked by required conditions
Details
CI / Deploy Schema (push) Blocked by required conditions
Details
CI / Perform Release (push) Blocked by required conditions
Details
CI / Send Notification (push) Blocked by required conditions
Details
Deploy Docs / build (push) Waiting to run
Details
Closes gh-17964
2025-09-25 16:33:16 -04:00
667cd4aa7c
Remove unnecessary throws Exception from spring-security-config
...
Closes gh-17957
2025-09-25 11:50:13 -05:00
be20201bf7
FACTOR uses defaultEntryPoint when possible
...
Previously they used addEntryPointFor(entryPoint, AnyRequestMatcher.INSTANCE) to
work around gh-17955. They now can use defaultEntryPoint which is more concise.
Issue gh-gh-17955
2025-09-25 11:18:20 -05:00
029e31ebe8
DelegatingAuthenticationEntryPoint.Builder allows just defaultEntryPoint
...
Previously build threw an Exception when entryPoints was empty and
defaultEntryPoint was specified.
This commit changes build to return the defaultEntryPoint instead.
Closes gh-17955
2025-09-25 09:45:52 -05:00
ad6fe4fdc3
Polish MFA Samples
...
This commit removes unneeded AuthorizationManagerFactory
implementations, simplifies the custom AuthorizationManagerFactory
example, and updates usage of hasAllAuthorities.
Issue gh-17934
2025-09-24 17:54:59 -06:00
f652920bb3
Add @EnableGlobalMultiFactorAuthentication
...
Closes gh-17954
2025-09-24 14:47:26 -05:00
e33e4d80a9
Fix Antora Warnings in servlet/authentication/adaptive.adoc
...
Issue gh-2603
2025-09-24 13:05:50 -05:00
b2d76dfe66
Add GrantedAuthorities.FACTOR_*_AUTHORITY
...
Closes gh-17952
2025-09-24 09:53:56 -05:00
28aad8855c
Merge branch 'mfa'
...
Closes gh-2603
2025-09-23 18:23:11 -06:00
bbba2930e9
Add Initial Documentation
...
Issue gh-17934
2025-09-23 18:16:36 -06:00
d757e6e44e
Response to Additional Feedback
...
- Moved request attribute to WebAttributes
- Renamed ExceptionHandlingConfigurer methods
- Removed varargs from DelegatingMissingAuthorityAccessDeniedHandler
Issue gh-17901
Issue gh-17934
2025-09-23 18:16:22 -06:00
50ebd467c3
Polish Default Login Page
...
Issue gh-17901
2025-09-23 17:59:23 -06:00
42376e2eee
Prepopulate Username When Known
...
Closes gh-17935
2025-09-23 17:59:22 -06:00
e813aad82b
Support Showing One Part of Login Page
...
Closes gh-17901
2025-09-23 17:59:21 -06:00
9f317757c3
Make Public Missing Authority AccessDeniedHandler
...
Issue gh-17934
2025-09-23 17:59:19 -06:00
df7a7cdc99
Update Test for Method Security
...
Issue gh-17936
2025-09-23 17:16:33 -06:00
e66c498d80
Redirect to Appropriate Entry Point Based on Missing Authorities
...
Issue gh-17934
2025-09-23 17:16:32 -06:00
fe17f2904d
Initial Exception Handling
...
This commit hardcodes factors as a proof of concept for
multi-factor authentication
Issue gh-17934
2025-09-23 17:16:30 -06:00
Rob Winch
dependabot[bot]
Joe Grandja
Rohan Naik
Josh Cummings