spring-security

Commit Graph

Author	SHA1	Message	Date
namest504	6501e97ece	Fix sensitive case in JwtTypeValidator CodeQL Advanced / codeql-analysis-call (push) Has been cancelled Details CI / Build (17, ubuntu-latest) (push) Has been cancelled Details CI / Build (17, windows-latest) (push) Has been cancelled Details CI / Test Against Snapshots (17, 17) (push) Has been cancelled Details CI / Test Against Snapshots (21-ea, 21) (push) Has been cancelled Details CI / Check Samples (push) Has been cancelled Details Deploy Docs / build (push) Has been cancelled Details CI / Deploy Artifacts (push) Has been cancelled Details CI / Deploy Docs (push) Has been cancelled Details CI / Deploy Schema (push) Has been cancelled Details CI / Perform Release (push) Has been cancelled Details CI / Send Notification (push) Has been cancelled Details Closes gh-18092 Signed-off-by: namest504 <namest504@gmail.com>	2025-10-28 12:08:29 -06:00
Rob Winch	2fdca16c1a	Merge branch '6.4.x' into 6.5.x CodeQL Advanced / codeql-analysis-call (push) Waiting to run Details CI / Build (17, ubuntu-latest) (push) Waiting to run Details CI / Build (17, windows-latest) (push) Waiting to run Details CI / Test Against Snapshots (17, 17) (push) Waiting to run Details CI / Test Against Snapshots (21-ea, 21) (push) Waiting to run Details CI / Check Samples (push) Waiting to run Details CI / Deploy Artifacts (push) Blocked by required conditions Details CI / Deploy Docs (push) Blocked by required conditions Details CI / Deploy Schema (push) Blocked by required conditions Details CI / Perform Release (push) Blocked by required conditions Details CI / Send Notification (push) Blocked by required conditions Details Deploy Docs / build (push) Waiting to run Details Closes gh-17634	2025-07-29 09:47:52 -05:00
Rob Winch	392129b616	Use 2004-present Copyright Header CodeQL Advanced / codeql-analysis-call (push) Waiting to run Details CI / Build (17, ubuntu-latest) (push) Waiting to run Details CI / Build (17, windows-latest) (push) Waiting to run Details CI / Test Against Snapshots (17, 17) (push) Waiting to run Details CI / Test Against Snapshots (21-ea, 21) (push) Waiting to run Details CI / Check Samples (push) Waiting to run Details CI / Deploy Artifacts (push) Blocked by required conditions Details CI / Deploy Docs (push) Blocked by required conditions Details CI / Deploy Schema (push) Blocked by required conditions Details CI / Perform Release (push) Blocked by required conditions Details CI / Send Notification (push) Blocked by required conditions Details Deploy Docs / build (push) Waiting to run Details The Spring portfolio is changing to use <inception-year>-present in the copyright headers to simplify keeping headers up to date. This commit updates the headers and the checkstyle accordingly. The commit updated etc/checkstyle/header.txt It also updated the copyright headers using the following find/replace: Find: (Copyright \d{4})\s*(\-\d{4})? the original author or authors. Replace: Copyright 2004-present the original author or authors. Closes gh-17633	2025-07-29 09:45:23 -05:00
Joe Grandja	5f7155bfc7	Implement internal cache in JtiClaimValidator Closes gh-17107	2025-05-14 05:21:00 -04:00
Joe Grandja	e3c39f02bc	Add documentation for DPoP support CodeQL Advanced / Analyze (${{ matrix.language }}) (none, actions) (push) Has been cancelled Details CI / Build (17, ubuntu-latest) (push) Has been cancelled Details CI / Build (17, windows-latest) (push) Has been cancelled Details CI / Test Against Snapshots (17, 17) (push) Has been cancelled Details CI / Test Against Snapshots (21-ea, 21) (push) Has been cancelled Details CI / Check Samples (push) Has been cancelled Details Deploy Docs / build (push) Has been cancelled Details CI / Deploy Artifacts (push) Has been cancelled Details CI / Deploy Docs (push) Has been cancelled Details CI / Deploy Schema (push) Has been cancelled Details CI / Perform Release (push) Has been cancelled Details CI / Send Notification (push) Has been cancelled Details Closes gh-17072	2025-05-09 16:02:14 -04:00
Joe Grandja	1ca33cae70	Make DPoP IatClaimValidator public to allow configuring clock and clockSkew Issue gh-16574 Closes gh-16921	2025-04-10 16:04:37 -04:00
Rob Winch	e6223dede3	Merge branch '6.4.x' - `adb303e` Add testRuntimeOnly junit-platform-launcher Closes gh-16757	2025-03-17 14:34:18 -05:00
Rob Winch	05116eabbd	Merge branch '6.3.x' into 6.4.x - `adb303e` Add testRuntimeOnly junit-platform-launcher Closes gh-16756	2025-03-17 14:18:49 -05:00
Rob Winch	adb303e152	Add testRuntimeOnly junit-platform-launcher Closes gh-16755	2025-03-17 14:16:44 -05:00
Vedran Pavic	401e237082	Introduce JwtAudienceValidator Signed-off-by: Vedran Pavic <vedran@vedranpavic.com>	2025-02-28 12:38:18 -07:00
Josh Cummings	7df85a2ed9	Polish NimbusJwtDecoder	2025-02-27 12:40:01 -07:00
Josh Cummings	ab43a660b9	Add RFC 9068 Support Closes gh-13185	2025-02-27 12:40:01 -07:00
Josh Cummings	81e2fd2fe8	Add Type Validation Closes gh-16672	2025-02-27 12:40:01 -07:00
Josh Cummings	eb5252c4f0	Merge branch '6.4.x'	2025-02-24 17:03:13 -07:00
Pat McCusker	2bd3cadde8	Use possessive pronoun rather contraction Signed-off-by: Pat McCusker <patmccusker14@gmail.com>	2025-02-24 17:02:45 -07:00
Josh Cummings	3d15be1b06	JwtDecoders Supports Hostnames with Underscores In the process of verifying gh-15852, another issue with URI was discovered. This commit adds tests to the uri-computing methods and changes them to use UriComponents instead of URI. Issue gh-15852	2025-02-20 16:54:24 -07:00
Bodo Graumann	0cd6a19b87	Avoid UriComponentsBuilder.fromUri Closes gh-15852	2025-02-20 16:54:24 -07:00
Josh Cummings	6793334575	Polish setJwkSelector Make so that it runs only when selection is needed. Require the provided selector be non-null. Add Tests. Issue gh-16170	2025-02-18 09:14:45 -07:00
douxiaofeng99	e22bc11cc9	Support JWK Selection Strategy Closes gh-16170 Signed-off-by: douxiaofeng99 <18600127780@163.com>	2025-02-18 09:14:45 -07:00
Joe Grandja	2480d41981	Add support for OAuth 2.0 Demonstrating Proof of Possession (DPoP) Signed-off-by: Joe Grandja <10884212+jgrandja@users.noreply.github.com>	2025-02-11 14:10:23 -05:00
Josh Cummings	11113adf62	Polish Nimbus JWK Source Implementation Issue gh-16251	2025-02-05 09:28:07 -07:00
Daeho Kwon	7b7abb28bb	Remove Deprecated Usages of RemoteJWKSet Closes gh-16251 Signed-off-by: Daeho Kwon <trewq231@naver.com>	2025-02-05 09:28:07 -07:00
Josh Cummings	f9824fd688	Polish Tests Issue gh-16251	2025-02-05 09:28:07 -07:00
Josh Cummings	244fd2eb51	Support Serialization in Exceptions Issue gh-16276	2025-01-14 18:37:53 -07:00
Josh Cummings	b9911fd522	Add serialVersionUID to Authentication classes Issue gh-16276	2024-12-13 16:41:32 -07:00
Tran Ngoc Nhan	39cd8d9faf	Update copyright headers	2024-12-05 14:52:59 -07:00
Steve Riesenberg	ca1f891f25	Polish gh-15937	2024-11-13 15:53:59 -06:00
Davide Colazingari	aec5afb6eb	Fix assertions in NimbusReactiveJwtDecoderTests	2024-11-13 15:53:59 -06:00
Tran Ngoc Nhan	31f8caec5f	Polish diamond operator usage	2024-10-14 11:51:35 -07:00
Tran Ngoc Nhan	2c9c309d7f	Provide Casting for ReactiveJwtDecoder Closes gh-15773	2024-09-17 13:54:35 -07:00
MateuszLenczewski	077439c73e	Fix typo in JwtDecoder	2024-06-05 17:38:12 -06:00
MrJovanovic13	24fd19b107	Add Default Timeout to JwtDecoders RestTemplate Closes gh-14269	2024-04-18 14:40:18 -06:00
Josh Cummings	8dd28b797a	Update to BouncyCastle 1.78 Closes gh-14910	2024-04-15 15:32:08 -06:00
Joe Grandja	644cfa9f87	Add Jwt validator for the X509Certificate thumbprint claim Closes gh-10538	2024-04-11 12:35:52 -04:00
Josh Cummings	ee42ad2c8c	Polish JwtValidators Closes gh-14831	2024-04-02 16:04:43 -06:00
Max Batischev	ff19f04fca	Add JwtValidators append to default Implemented simplified creation of default OAuth2TokenValidator with additional validators. Closes gh-14831	2024-04-02 14:41:35 -07:00
Josh Cummings	84c45adc70	Merge branch '6.1.x' into 6.2.x Closes gh-14496	2024-01-25 17:33:15 -07:00
Josh Cummings	44f22ee5cf	Merge branch '5.8.x' into 6.1.x Closes gh-14495	2024-01-25 17:32:57 -07:00
Hans Lindner	ca10187fd1	Enhance JWT decoding error handling Previously, the `decode` method threw a `JwtException` directly when encountering an unsupported algorithm or any exception during parsing. This commit introduces a more robust error handling mechanism. Now, instead of throwing exceptions directly, it returns a `Mono.error()` with a `BadJwtException` containing detailed error information. This approach provides more flexibility and allows the caller to handle errors in a more granular way, by being able to use project reactors onError functionality. Closes gh-14467	2024-01-25 17:32:10 -07:00
Josh Cummings	966c01fa90	Merge branch '6.1.x' into 6.2.x Closes gh-14278	2023-12-11 10:21:00 -07:00
Josh Cummings	c4a99fc942	Merge branch '5.8.x' into 6.1.x Closes gh-14277	2023-12-11 10:20:38 -07:00
Candelario	e896b14046	Dropped Nimbus Error Message Closes gh-13730	2023-12-11 10:19:02 -07:00
Steve Riesenberg	447f40949c	Revert unnecessary merges on 6.1.x This commit removes unnecessary main-branch merges starting from `9f8db22b77` and adds the following needed commit(s) that were made afterward: - `4d6ff49b9d` - `ed6ff670d1` - `c823b00794` - `44fad21363`	2023-10-31 15:22:15 -05:00
Steve Riesenberg	9db33f33c7	Revert unnecessary merges on 6.0.x This commit removes unnecessary main-branch merges starting from `8750608b5b` and adds the following needed commit(s) that were made afterward: - `5dce82c48b`	2023-10-31 15:11:45 -05:00
Steve Riesenberg	975ac10f19	Merge branch '6.1.x' Closes gh-14042	2023-10-19 16:44:03 -05:00
Steve Riesenberg	b4e0873b1e	Merge branch '6.0.x' into 6.1.x Closes gh-14041	2023-10-19 16:43:21 -05:00
Steve Riesenberg	bb732e9d35	Merge branch '5.8.x' into 6.0.x Closes gh-14040	2023-10-19 16:40:34 -05:00
Steve Riesenberg	5161712c35	Polish gh-13976 Closes gh-13757	2023-10-19 16:40:23 -05:00
Veli Döngelci	a6b872dcf3	Fix caching error state in ReactiveRemoteJWKSource	2023-10-19 16:40:13 -05:00
Valeriy Vyrva	0e30b923f8	Check for null value with the appropriate assertion method	2023-10-03 08:16:21 -06:00

1 2 3 4 5

234 Commits