root
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Actions 7 Packages Projects Releases Wiki Activity
8,657 Commits 44 Branches 359 Tags 132 MiB
Commit Graph

1113 Commits

Author SHA1 Message Date
Dávid Kovács 339d44b5a1 Deprecate openID 2.0 support 
This commit puts deprecation notice on docs, sample applications and configurations (java and xml)

Fixes gh-7153
 2020-05-02 10:18:31 +02:00
Eleftheria Stein 420737fa88 Add Kotlin WebFlux sample 
Issue: gh-5558
 2020-04-07 16:51:42 -04:00
Eleftheria Stein 8cf4ada7de Update Spring Kotlin plugin in sample 2020-04-07 16:17:42 -04:00
Josh Cummings 1a1be6a946
Polish SAML 2.0 Login Sample 
Fixes gh-8163
 2020-03-20 16:50:48 -06:00
Josh Cummings 6eadf7b140
Unlock dependencies for 5.3.0.RELEASE 
This reverts commit 147d7dadd7.
 2020-03-04 12:02:48 -07:00
Josh Cummings 147d7dadd7
Lock dependencies for 5.3.0.RELEASE 2020-03-04 10:28:39 -07:00
Joe Grandja 62d01d2dfc Add oauth2login xml sample 
Fixes gh-8060
 2020-03-04 07:50:47 -05:00
Josh Cummings 3bc1b7a933
Simplify opaqueToken support 
Remove scopes convenience method to alleviate potential confusion with
the "scope" attribute.

Issue gh-7827
Issue gh-7712
 2020-03-03 16:24:43 -07:00
Josh Cummings 689fc9df0c
Align Test Support Claims 
Make all sub claims 'user' and all scopes 'read' to align with
existing support for JWT

Issue gh-7828
Issue gh-7789
Issue gh-7680
Issue gh-7618
 2020-03-03 16:24:43 -07:00
Filip Hanik 3257349045 Support POST binding for AuthNRequest 
Has been tested with

- Keycloak
- SSOCircle
- Okta
- SimpleSAMLPhp

This PR extends (builds on previous commits and adds user configuration
options)
https://github.com/spring-projects/spring-security/pull/7758
 2020-02-28 09:15:26 -08:00
Filip Hanik a51a202925 Correct signature handling for SAML2 AuthNRequest 
Implements the following bindings for AuthNRequest
- REDIRECT
- POST (future PR)

Has been tested with
- Keycloak
- SSOCircle
- Okta
- SimpleSAMLPhp

Fixes gh-7711
 2020-02-12 13:30:48 -08:00
Filip Hanik 43098d41cc Revert "Correct signature handling for SAML2 AuthNRequest" 
This reverts commit a3e09fadd7.
Build failure on Java 9+

XML generation does not add linefeeds by default
Change since Java 8
 2020-02-12 13:30:48 -08:00
Filip Hanik a3e09fadd7 Correct signature handling for SAML2 AuthNRequest 
Implements the following bindings for AuthNRequest
- REDIRECT
- POST (future PR)

Has been tested with
- Keycloak
- SSOCircle
- Okta
- SimpleSAMLPhp

Fixes gh-7711
 2020-02-12 11:40:19 -08:00
Josh Cummings 7c4d56319f
cassample groovy->java 
Issue gh-4939
 2020-02-07 16:44:08 -07:00
Josh Cummings f23ab6f716
Updated Tests for oauth2webclient-webflux Sample 
Issue gh-7910
 2020-02-05 15:56:18 -07:00
Eleftheria Stein 84b8a5abd7 Unlock dependencies for next development version 
This reverts commit 064616f1ef.
 2020-02-05 15:53:04 +01:00
Eleftheria Stein 064616f1ef Lock dependencies for 5.3.0.RC1 2020-02-05 10:20:05 +01:00
Rob Winch 1d7208f8ef Add RSocket Authentication Extension Support 
Fixes gh-7935
 2020-02-04 23:36:47 -06:00
Josh Cummings 187c76e610
Update Tests in oauth2webclient Sample 
Issue gh-7886
 2020-02-03 17:08:04 -07:00
Josh Cummings df8feb8919
Update JettyCasService 
Align with changes to Jetty's SslContextFactory

Issue gh-7874
 2020-01-30 11:25:44 -07:00
Josh Cummings 50d8200348
Update cas-server-webapp to 4.0.7 
Did not update to the latest as there is some work involved in
aligning the casserver sample's XML configuration with the latest
cas-server-webapp.

Fixes gh-7874
 2020-01-30 11:24:16 -07:00
Josh Cummings 982f3f902c
Add oauth2Login Reactive Test Support 
Fixes gh-7828
 2020-01-13 17:49:52 -07:00
Josh Cummings 8f1d0cf528
opaqueToken MockMvc Configuration Order 
Fixes gh-7800
 2020-01-10 16:47:31 -07:00
Eleftheria Stein 1e33627d87 Use standard lambda syntax in documentation 
Fixes: gh-7774
 2020-01-10 13:12:17 +01:00
Eleftheria Stein fcc6457bef Unlock dependencies for next development version 
This reverts commit 93acf8f0f1.
 2020-01-08 22:15:17 +01:00
Eleftheria Stein 93acf8f0f1 Lock dependencies for 5.3.0.M1 2020-01-08 19:41:10 +01:00
Josh Cummings 84ba3ddf26
Add oauth2Login MockMvc Support 
Fixes gh-7789
 2020-01-07 14:09:36 -07:00
Eleftheria Stein-Kousathana 2df1099da5
Idiomatic Kotlin DSL for configuring HTTP security 
Issue: gh-5558
 2020-01-07 12:08:43 -05:00
Josh Cummings e1fdb24b5d
Add opaqueToken MockMvc Test Support 
Fixes gh-7712
 2019-12-20 15:34:11 -07:00
Filip Hanik b7eebabce6 Ensure that both matchers carry the same pattern. 
AbstractAuthenticationProcessingFilter.setRequiresAuthenticationRequestMatcher is public and final,
so there is a risk that the underlying matcher can become different if one is not careful.
 2019-12-17 13:34:27 -08:00
Joe Grandja 24500fa3ca Remove redundant validation for redirect-uri 
Fixes gh-7706
 2019-12-06 11:55:31 -05:00
Josh Cummings d102cae243
oidcLogin MockMvc Documentation 
Remove documentation requiring a valid ClientRegistrationRepository

Issue: gh-7618
 2019-12-02 22:49:17 -07:00
Josh Cummings 8c32d5fe48
Add oidcLogin WebFlux Test Support 
Fixes: gh-7680
 2019-12-02 22:28:24 -07:00
Josh Cummings b35e18ff31
Add oidcLogin MockMvc Test Support 
Fixes gh-7618
 2019-11-26 16:12:06 -07:00
Josh Cummings 4954a229d6
Polish oauth2Login Sample Test 
Issue: gh-7618
 2019-11-26 14:19:14 -07:00
Josh Cummings 7cbd1665a6
Isolate Jwt Test Support 
Isolating Jwt test support inside JwtRequestPostProcessor and
JwtMutator.

Fixes gh-7641
 2019-11-22 15:07:05 -07:00
Eddú Meléndez 27aa61b02f Use LocalRSocketServerPort annotation 2019-11-06 10:10:32 +01:00
Filip Hanik 0cafcf37e2 Make the loginProcessingUrl configurable for saml2Login() 
Fixes gh-7565

https://github.com/spring-projects/spring-security/issues/7565
 2019-10-31 08:20:12 -07:00
Filip Hanik 4489163163 Use Spring Boot configuration for saml2Login() 
Fixes gh-7521

https://github.com/spring-projects/spring-security/issues/7521
 2019-10-25 08:22:40 -07:00
Filip Hanik 5345aecd7f Align RSocket sample with new Spring Boot configuration 2019-10-25 08:22:40 -07:00
Rob Winch 03e2efacf4 Add Hello RSocket Sample 
Fixes gh-7504
 2019-09-30 13:58:03 -05:00
Filip Hanik 83b5f5c7ae Improve the Saml2AuthenticationRequest object 
- introduce the AssertionConsumerServiceURL attribute
- add javadoc
- align property name with SAML XML for AuthNRequest
 2019-09-30 11:01:34 -07:00
Filip Hanik 9731386de5 Correctly set "Destination" in AuthNRequest message 
Fixes gh-7494
https://github.com/spring-projects/spring-security/issues/7494
 2019-09-30 11:01:34 -07:00
Filip Hanik 7adb4da3ef Always require signature on either response or assertion 
Fixes gh-7490
https://github.com/spring-projects/spring-security/issues/7490
 2019-09-30 09:22:36 -07:00
Filip Hanik e6d40e8280
Merge pull request #7477 from fhanik/feature/propagate_saml_authentication_exception 
propagate saml authentication exception #7375
 2019-09-27 09:38:57 -07:00
Filip Hanik 22da2b45c9 SAML Assertion validation should propagate errors: #7375 and #7375 
Fixes gh-7377
Fixes gh-7375

https://github.com/spring-projects/spring-security/issues/7377
https://github.com/spring-projects/spring-security/issues/7375

Clean up code

- Authentication request factory should only throw Saml2Exception
- OpenSamlImplementation should only throw Saml2Exception
- Move the OpenSamlImplementation package private methods to the right
section
 2019-09-27 09:07:25 -07:00
Ivo Smid a11e61432e Document OAuth2 Client behind proxy and redirect_uri 
Fixes gh-7312
 2019-09-26 14:09:21 -04:00
Filip Hanik adde18b873 Revert "Merge pull request #7432 from fhanik/feature/propagate_saml_authentication_exception" 
This reverts commit e9619fb0e7, reversing
changes made to 45a1490d5d.
 2019-09-24 16:05:09 -07:00
Filip Hanik d472e99528 SAML Assertion validation should propagate errors: #7375 and #7375 
Fixes gh-7377
Fixes gh-7375

https://github.com/spring-projects/spring-security/issues/7377
https://github.com/spring-projects/spring-security/issues/7375
 2019-09-24 14:40:39 -07:00
Rob Winch 00f8991fac Merge Remove Redudant Throws 
Fixes gh-7301
 2019-09-19 11:04:53 -05:00