root
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Actions 21 Packages Projects Releases Wiki Activity
19,809 Commits 47 Branches 367 Tags 124 MiB
Commit Graph

19809 Commits

Author SHA1 Message Date
Rob Winch 9f839384e9
Use non-redundant ids in password4j docs 
Documentation ids no longer need to be globally unique, so they
do not need to include the path. This makes the ids less verbose and
integrates with include-code extension better.

Issue gh-17706
 2025-09-15 11:00:51 -05:00
Rob Winch 11bec09ffc
Escape attribute failures in Password4j docs 
Issue gh-17706
 2025-09-15 10:57:19 -05:00
Josh Cummings 68427b16b9
Merge branch '6.5.x' 2025-09-15 09:34:23 -06:00
Josh Cummings d0f93fa6d8
Merge branch '6.4.x' into 6.5.x 2025-09-15 09:34:03 -06:00
Josh Cummings e5694ac7b5
Fallback to Object When Determining Overridden Methods 
Closes gh-17898
 2025-09-15 09:31:50 -06:00
Josh Cummings f8272a8844
Fallback to Object When Determining Overridden Methods 
Closes gh-17898
 2025-09-15 09:16:50 -06:00
Joe Grandja f844a9778b Merge branch '6.5.x' 2025-09-15 10:24:22 -04:00
Rob Winch c18aff7f5f
Password4j docs 1 sentence per line 
The Antora documentation convention is to use a single sentence per line
as this helps with diffing and merging changes.

Issue gh-17706
 2025-09-15 09:22:08 -05:00
Joe Grandja ad86ae0a79 Merge branch '6.4.x' into 6.5.x 2025-09-15 10:10:56 -04:00
Joe Grandja 9de0aad31b Allow patch version updates for nimbus-jose-jwt 
Issue gh-17875
 2025-09-15 10:09:59 -04:00
Joe Grandja 7293fc023b Update to nimbus-jose-jwt:9.37.4 
Closes gh-17875
 2025-09-15 10:09:10 -04:00
dependabot[bot] 1a99ab5bdf Bump @antora/atlas-extension in /docs 
---
updated-dependencies:
- dependency-name: "@antora/atlas-extension"
  dependency-version: 1.0.0-alpha.5
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-09-15 08:58:06 -05:00
dependabot[bot] 7c887ae6cc Bump org.springframework.data:spring-data-bom 
Bumps [org.springframework.data:spring-data-bom](https://github.com/spring-projects/spring-data-bom) from 2025.1.0-M5 to 2025.1.0-M6.
- [Release notes](https://github.com/spring-projects/spring-data-bom/releases)
- [Commits](https://github.com/spring-projects/spring-data-bom/compare/2025.1.0-M5...2025.1.0-M6)

---
updated-dependencies:
- dependency-name: org.springframework.data:spring-data-bom
  dependency-version: 2025.1.0-M6
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-09-15 08:57:36 -05:00
Rob Winch 9929af8078
Merge branch '6.5.x' 2025-09-15 08:56:43 -05:00
Rob Winch f7b380e3f3
Merge branch '6.4.x' into 6.5.x 2025-09-15 08:56:33 -05:00
Rob Winch 94ec06496e
Bump com.google.code.gson:gson from 2.13.1 to 2.13.2 2025-09-15 08:55:49 -05:00
Rob Winch 8b924e9dc5
Bump io.micrometer:micrometer-observation from 1.14.10 to 1.14.11 2025-09-15 08:55:47 -05:00
Rob Winch e8ace55031
Bump com.webauthn4j:webauthn4j-core from 0.29.5.RELEASE to 0.29.6.RELEASE 2025-09-15 08:55:44 -05:00
Rob Winch 7c909ca1a5
Bump org.hibernate.orm:hibernate-core from 6.6.26.Final to 6.6.29.Final 2025-09-15 08:55:42 -05:00
Rob Winch fcb6223f90
Bump org.springframework.data:spring-data-bom from 2024.1.8 to 2024.1.10 2025-09-15 08:55:40 -05:00
Rob Winch ed3ed28b3c
Bump org.springframework:spring-framework-bom from 6.2.10 to 6.2.11 2025-09-15 08:54:37 -05:00
Rob Winch 704a324273
Bump org.hibernate.orm:hibernate-core from 6.6.23.Final to 6.6.29.Final 2025-09-15 08:54:35 -05:00
Rob Winch 0fc884f592
Bump org.springframework.data:spring-data-bom from 2024.1.9 to 2024.1.10 2025-09-15 08:54:33 -05:00
Rob Winch 6162e71e18
Bump io.micrometer:micrometer-observation from 1.14.9 to 1.14.11 2025-09-15 08:54:29 -05:00
dependabot[bot] bf8dba5681
Bump org.springframework.data:spring-data-bom from 2024.1.8 to 2024.1.10 
Bumps [org.springframework.data:spring-data-bom](https://github.com/spring-projects/spring-data-bom) from 2024.1.8 to 2024.1.10.
- [Release notes](https://github.com/spring-projects/spring-data-bom/releases)
- [Commits](https://github.com/spring-projects/spring-data-bom/compare/2024.1.8...2024.1.10)

---
updated-dependencies:
- dependency-name: org.springframework.data:spring-data-bom
  dependency-version: 2024.1.10
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-09-15 03:25:16 +00:00
dependabot[bot] d4184819da
Bump org.hibernate.orm:hibernate-core from 6.6.26.Final to 6.6.29.Final 
Bumps [org.hibernate.orm:hibernate-core](https://github.com/hibernate/hibernate-orm) from 6.6.26.Final to 6.6.29.Final.
- [Release notes](https://github.com/hibernate/hibernate-orm/releases)
- [Changelog](https://github.com/hibernate/hibernate-orm/blob/6.6.29/changelog.txt)
- [Commits](https://github.com/hibernate/hibernate-orm/compare/6.6.26...6.6.29)

---
updated-dependencies:
- dependency-name: org.hibernate.orm:hibernate-core
  dependency-version: 6.6.29.Final
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-09-15 03:24:01 +00:00
dependabot[bot] 1b8f5dae57
Bump com.webauthn4j:webauthn4j-core 
Bumps [com.webauthn4j:webauthn4j-core](https://github.com/webauthn4j/webauthn4j) from 0.29.5.RELEASE to 0.29.6.RELEASE.
- [Release notes](https://github.com/webauthn4j/webauthn4j/releases)
- [Changelog](https://github.com/webauthn4j/webauthn4j/blob/master/github-release-notes-generator.yml)
- [Commits](https://github.com/webauthn4j/webauthn4j/compare/0.29.5.RELEASE...0.29.6.RELEASE)

---
updated-dependencies:
- dependency-name: com.webauthn4j:webauthn4j-core
  dependency-version: 0.29.6.RELEASE
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-09-15 03:23:39 +00:00
dependabot[bot] d3e372b659
Bump io.micrometer:micrometer-observation from 1.14.10 to 1.14.11 
Bumps [io.micrometer:micrometer-observation](https://github.com/micrometer-metrics/micrometer) from 1.14.10 to 1.14.11.
- [Release notes](https://github.com/micrometer-metrics/micrometer/releases)
- [Commits](https://github.com/micrometer-metrics/micrometer/compare/v1.14.10...v1.14.11)

---
updated-dependencies:
- dependency-name: io.micrometer:micrometer-observation
  dependency-version: 1.14.11
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-09-15 03:23:34 +00:00
dependabot[bot] a2f67c17b3
Bump com.google.code.gson:gson from 2.13.1 to 2.13.2 
Bumps [com.google.code.gson:gson](https://github.com/google/gson) from 2.13.1 to 2.13.2.
- [Release notes](https://github.com/google/gson/releases)
- [Changelog](https://github.com/google/gson/blob/main/CHANGELOG.md)
- [Commits](https://github.com/google/gson/compare/gson-parent-2.13.1...gson-parent-2.13.2)

---
updated-dependencies:
- dependency-name: com.google.code.gson:gson
  dependency-version: 2.13.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-09-15 03:23:30 +00:00
dependabot[bot] 627de76f67
Bump io.micrometer:micrometer-observation from 1.14.9 to 1.14.11 
Bumps [io.micrometer:micrometer-observation](https://github.com/micrometer-metrics/micrometer) from 1.14.9 to 1.14.11.
- [Release notes](https://github.com/micrometer-metrics/micrometer/releases)
- [Commits](https://github.com/micrometer-metrics/micrometer/compare/v1.14.9...v1.14.11)

---
updated-dependencies:
- dependency-name: io.micrometer:micrometer-observation
  dependency-version: 1.14.11
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-09-15 03:16:34 +00:00
dependabot[bot] 5d55c8d13a
Bump org.springframework.data:spring-data-bom from 2024.1.9 to 2024.1.10 
Bumps [org.springframework.data:spring-data-bom](https://github.com/spring-projects/spring-data-bom) from 2024.1.9 to 2024.1.10.
- [Release notes](https://github.com/spring-projects/spring-data-bom/releases)
- [Commits](https://github.com/spring-projects/spring-data-bom/compare/2024.1.9...2024.1.10)

---
updated-dependencies:
- dependency-name: org.springframework.data:spring-data-bom
  dependency-version: 2024.1.10
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-09-15 03:16:26 +00:00
dependabot[bot] 342b9c3539
Bump org.hibernate.orm:hibernate-core from 6.6.23.Final to 6.6.29.Final 
Bumps [org.hibernate.orm:hibernate-core](https://github.com/hibernate/hibernate-orm) from 6.6.23.Final to 6.6.29.Final.
- [Release notes](https://github.com/hibernate/hibernate-orm/releases)
- [Changelog](https://github.com/hibernate/hibernate-orm/blob/6.6.29/changelog.txt)
- [Commits](https://github.com/hibernate/hibernate-orm/compare/6.6.23...6.6.29)

---
updated-dependencies:
- dependency-name: org.hibernate.orm:hibernate-core
  dependency-version: 6.6.29.Final
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-09-15 03:16:21 +00:00
dependabot[bot] 537845491e
Bump org.springframework:spring-framework-bom from 6.2.10 to 6.2.11 
Bumps [org.springframework:spring-framework-bom](https://github.com/spring-projects/spring-framework) from 6.2.10 to 6.2.11.
- [Release notes](https://github.com/spring-projects/spring-framework/releases)
- [Commits](https://github.com/spring-projects/spring-framework/compare/v6.2.10...v6.2.11)

---
updated-dependencies:
- dependency-name: org.springframework:spring-framework-bom
  dependency-version: 6.2.11
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-09-15 03:15:51 +00:00
M.Bozorgmehr b2d4c52c53 Add documentation for Password4j-based password encoders for Argon2, BCrypt, Scrypt, PBKDF2, and Balloon hashing 
Closes gh-17706

Signed-off-by: M.Bozorgmehr <mehrdad.bozorgmehr@gmail.com>
 2025-09-13 09:27:41 +03:30
Mehrdad 2d74f9c334 Create a specific implementation for BalloonHashing and PBKDF2 password encoders using Password4j library 
Closes gh-17706

Signed-off-by: Mehrdad <mehrdad.bozorgmehr@gmail.com>
Signed-off-by: M.Bozorgmehr <mehrdad.bozorgmehr@gmail.com>
 2025-09-13 09:27:41 +03:30
Mehrdad 8c2ad4e4d1 Add Argon2 and BCrypt and Scrypt password encoders using Password4j library 
Closes gh-17706

Signed-off-by: Mehrdad <mehrdad.bozorgmehr@gmail.com>
Signed-off-by: M.Bozorgmehr <mehrdad.bozorgmehr@gmail.com>
 2025-09-13 09:27:41 +03:30
M.Bozorgmehr 9f5d27e8d0 Refactor Password4jPasswordEncoder to use AlgorithmFinder for algorithm selection and enhance documentation 
Closes gh-17706

Signed-off-by: M.Bozorgmehr <mehrdad.bozorgmehr@gmail.com>
Signed-off-by: Mehrdad <mehrdad.bozorgmehr@gmail.com>
Signed-off-by: M.Bozorgmehr <mehrdad.bozorgmehr@gmail.com>
 2025-09-13 09:27:40 +03:30
M.Bozorgmehr bd593a63d0 Refactor Password4jPasswordEncoder to use AlgorithmFinder for algorithm selection and enhance documentation 
Closes gh-17706

Signed-off-by: M.Bozorgmehr <mehrdad.bozorgmehr@gmail.com>

Add Password4jPasswordEncoder for enhanced password hashing support

Signed-off-by: M.Bozorgmehr <m.bozorgmehr@emofid.com>
Signed-off-by: M.Bozorgmehr <mehrdad.bozorgmehr@gmail.com>

Add Password4jPasswordEncoder for enhanced password hashing support

Signed-off-by: M.Bozorgmehr <mehrdad.bozorgmehr@gmail.com>
Signed-off-by: Mehrdad <mehrdad.bozorgmehr@gmail.com>
Signed-off-by: M.Bozorgmehr <mehrdad.bozorgmehr@gmail.com>
 2025-09-13 09:27:40 +03:30
Rob Winch 2774948b92 Fix X509 WebFlux Configuration Checks 
The changes for gh-17382 broke the checkstyle and tests. This fixes
them both.

Issue gh-17382
 2025-09-12 16:45:51 -05:00
blake_bauman b502697731 feat: Add option to specify a custom ServerAuthenticationConverter for x509() 
Signed-off-by: blake_bauman <blake_bauman@apple.com>
 2025-09-12 16:45:51 -05:00
Rob Winch a0fe04c4aa Document @ClientRegistrationId on types 
Issue gh-17806
 2025-09-12 16:19:27 -05:00
Bernard Budano 02a948da81 Address reviewer requested changes 
Closes gh-17806

Signed-off-by: Bernard Budano <bbudano@gmail.com>
 2025-09-12 16:19:27 -05:00
Bernard Budano 8e3cf9677c Support @ClientRegistrationId at Class Level 
Closes gh-17806

Signed-off-by: Bernard Budano <bbudano@gmail.com>
 2025-09-12 16:19:27 -05:00
Joe Grandja 35f41f87d1 Temporarily fix integration tests 
Issue gh-17880
 2025-09-12 16:20:44 -04:00
Joe Grandja 7ef25cc101 Add HttpSecurity.oauth2AuthorizationServer() 
Issue gh-17880
 2025-09-12 16:20:44 -04:00
Joe Grandja 098574c50e Remove redundant classes 
Issue gh-17880
 2025-09-12 16:20:43 -04:00
Joe Grandja 8399bc161d Fix Serializable tests 
Issue gh-17880
 2025-09-12 16:20:42 -04:00
Joe Grandja cc71be71e5 Move OAuth2AuthorizationServerConfigurer and OAuth2AuthorizationServerConfiguration 
Issue gh-17880
 2025-09-12 16:20:42 -04:00
Joe Grandja b5a4cdc9eb Polish OAuth2AuthorizationServerJackson2Module 
Issue gh-17880
 2025-09-12 16:20:41 -04:00
Joe Grandja 592510c725 Update to @since 7.0 
Issue gh-17880
 2025-09-12 16:20:41 -04:00