root
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Actions 13 Packages Projects Releases Wiki Activity
17,595 Commits 36 Branches 348 Tags 116 MiB
Commit Graph

841 Commits

Author SHA1 Message Date
Tran Ngoc Nhan e5ea75f7f4 Implement Serial 
Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
 2025-01-21 18:14:52 -06:00
Rob Winch 004f38639d
Move ClientSettings to ClientRegistration 
Initially it was proposed to put ClientSettings as a top level class, but
to be consistent with ProviderDetails, this commit moves ClientSettings to
be an inner class of ClientRegistration

Issue gh-16382


# Conflicts:
#	oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/registration/ClientSettings.java
 2025-01-17 17:26:48 -06:00
Rob Winch 4c533569bb
Ensure missing ClientRegistration.clientSettings JSON node works 
Issue gh-16382
 2025-01-17 17:26:48 -06:00
Rob Winch f9498d3885
PKCE cannot be true and AuthorizationGrantType != AUTHORIZATION_CODE 
PKCE is only valid for AuthorizationGrantType.AUTHORIZATION_CODE so the
code should validate this.

Issue gh-16382
 2025-01-17 17:26:47 -06:00
Rob Winch b0a4dcb89e
ClientSettings equals, hashCode, toString 
Issue gh-16382
 2025-01-17 17:26:47 -06:00
Rob Winch 2665a92107
Ensure that ClientSettings cannot be null 
This ensures that ClientRegistration.Builder.ClientSettings cannot be null.
This has a slight advantage in terms of null safety to making this check
happen in the build method since the Builder does not have a null field
either.

Issue gh-16382
 2025-01-17 17:26:47 -06:00
Rob Winch 0ed7b18f42
DefaultServerOAuth2AuthorizationRequestResolver requireProofKey support 
When requireProofKey=true, DefaultServerOAuth2AuthorizationRequestResolver
enables PKCE support.

Issue gh-16382
 2025-01-17 17:26:46 -06:00
DingHao 8d3e0844c5
Add ClientRegistration.clientSettings.requireProofKey to Enable PKCE 
Closes gh-16382

Signed-off-by: DingHao <dh.hiekn@gmail.com>
 2025-01-17 17:26:46 -06:00
Max Batischev ed3f3d17b2 Add support customizing redirect URI 
Closes gh-14778
 2025-01-16 14:14:11 -07:00
Josh Cummings 244fd2eb51
Support Serialization in Exceptions 
Issue gh-16276
 2025-01-14 18:37:53 -07:00
Josh Cummings 8735368d9e
Don't Support Serialization of Jackson Modules 
Issu gh-16276
 2025-01-14 17:04:36 -07:00
Josh Cummings b9911fd522
Add serialVersionUID to Authentication classes 
Issue gh-16276
 2024-12-13 16:41:32 -07:00
Steve Riesenberg 77233daae7
Merge branch '6.3.x' 
Closes gh-16139
 2024-11-20 15:55:57 -06:00
Steve Riesenberg 4b41f8cb5b
Merge branch '6.2.x' into 6.3.x 
Closes gh-16138
 2024-11-20 15:54:29 -06:00
Steve Riesenberg 0eb6acde96
Polish gh-16133 2024-11-20 15:50:29 -06:00
Kai Zander 73f3f75712
Always return current ClientRegistration in `loadAuthorizedClient` 
This changes `InMemoryOAuth2AuthorizedClientService.loadAuthorizedClient`
(and its reactive counterpart) to always return `OAuth2AuthorizedClient`
instances containing the current `ClientRegistration` as obtained from
the `ClientRegistrationRepository`.

Before this change, the first `ClientRegistration` instance was cached,
with the effect that any changes made in the `ClientRegistrationRepository`
(such as a new client secret) would not have taken effect.

Closes gh-15511
 2024-11-20 15:50:29 -06:00
Joe Grandja c2cfe92a02 Merge branch '6.3.x' 2024-11-18 05:16:16 -05:00
Joe Grandja 709103e38c Merge branch '6.2.x' into 6.3.x 2024-11-18 04:45:38 -05:00
Joe Grandja a8c4d6cead Require Locale argument for toLower/toUpperCase usage 2024-11-18 04:22:26 -05:00
Tran Ngoc Nhan e76de931ce Polish Optional usage 2024-10-25 13:42:33 -07:00
Tran Ngoc Nhan ffed4ea1dc Polish diamond usage 2024-10-25 13:42:33 -07:00
Steve Riesenberg dab6950231
Move parametersCustomizer 
The parametersCustomizer was introduced in 6.4.0-M4 with
DefaultOAuth2TokenRequestParametersConverter. However, it cannot be
applied to all parameters and so does not fully solve gh-11298.

This commit moves the customizer to the abstract class so it can be
applied to all parameters.

Closes gh-15939
 2024-10-18 12:22:09 -05:00
Tran Ngoc Nhan 31f8caec5f Polish diamond operator usage 2024-10-14 11:51:35 -07:00
Giovanni Lovato a3fd551fb5 Add ClientRegistrations.fromOidcConfiguration method 
ClientRegistrations now provides the fromOidcConfiguration
method to create a ClientRegistration.Builder from a map
representation of an OpenID Provider Configuration Response.

This is useful when the OpenID Provider Configuration is not
available at a well-known location, or if custom validation
is needed for the issuer location (e.g. if the issuer is only
reachable via a back-channel URI that is different from the
issuer value in the configuration).

Fixes: gh-14633
 2024-10-02 15:11:01 -05:00
Steve Riesenberg f5991ae176 Allow access token request parameters to override defaults 
Closes gh-11298
 2024-10-02 12:05:42 -05:00
Steve Riesenberg 9ba2435cb2
Support refresh token for Token Exchange 
Closes gh-15534
 2024-09-27 15:57:57 -05:00
Steve Riesenberg e11c188122
Customize the strategy for resolving the principal 
Closes gh-15826
 2024-09-27 15:39:56 -05:00
Steve Riesenberg c1a303bc92
Add tests for overriding parameters 
Issue gh-15298
Issue gh-11298
 2024-09-19 13:01:09 -05:00
Steve Riesenberg 5d8cf6a8bc
Polish gh-13588 2024-09-19 12:08:48 -05:00
Steve Riesenberg 63f018eb18
Update tests using deprecated classes 
Issue gh-15737
 2024-09-10 15:10:42 -05:00
Steve Riesenberg 7490a8162b
Deprecate default OAuth2AccessTokenResponseClients 
Closes gh-15737
 2024-09-10 15:10:41 -05:00
Steve Riesenberg 2cead9b73f
Add RestClient implementations 
Issue gh-15298
 2024-09-10 15:10:41 -05:00
Steve Riesenberg e3c19ba86c Add RestClient interceptor 
Closes gh-13588
 2024-08-16 17:15:18 -05:00
Marcus Hert Da Coregio aa9c1bab67 Upgrade to Spring Framework 6.2.0-M4 
Closes gh-15266
 2024-06-18 14:07:05 -03:00
Steve Riesenberg 7c45ebd81c
Polish gh-15012 2024-06-03 17:02:38 -05:00
Filip Hrisafov 99aee99b34
Expose user name attribute name in `OAuth2UserAuthority` 2024-06-03 12:30:34 -05:00
Steve Riesenberg db9f5935ae
Merge branch '6.2.x' into 6.3.x 2024-05-29 16:24:05 -05:00
Steve Riesenberg 5a1d261ce0
Merge branch '5.8.x' into 6.2.x 2024-05-29 16:23:37 -05:00
Steve Riesenberg e34621ec2c
Polish gh-14977 2024-05-29 16:23:00 -05:00
JANG 1695d03b72
Assert WebSession is not null 
Issue gh-14975
 2024-05-29 14:55:37 -05:00
Marcus Hert Da Coregio 08f11f06ab Revert unnecessary commits from main 
Issue gh-15016
 2024-05-08 13:49:18 -03:00
Steve Riesenberg 2598bf8c37
Polish gh-14859 2024-04-29 15:07:45 -05:00
Crain-32 d0adb2aa70
Simplify Disabling Encoding Client ID and Secret 
Closes gh-11440
 2024-04-29 14:46:12 -05:00
Steve Riesenberg 05d3beb6a8
Polish gh-13648 2024-04-18 16:17:49 -05:00
ch4mpy b69939c1e5
Getters for OAuth2AuthorizedClientId properties 
Expose getters for principalName and clientRegistrationId which compose an OAuth2AuthorizedClientId
 2024-04-18 16:10:39 -05:00
Josh Cummings b1b84f9b8a
Revert "Support overriding RestOperations in OidcIdTokenDecoderFactory" 
This reverts commit 9c352c4b4b.

Issue gh-14178
 2024-04-11 14:29:59 -06:00
Josh Cummings 5a50bfccac
Revert "Support overriding WebClient in ReactiveOidcIdTokenDecoderFactory" 
This reverts commit 0041c658de.

Issue gh-14178
 2024-04-11 14:29:59 -06:00
Max Batischev ff19f04fca Add JwtValidators append to default 
Implemented simplified creation of default OAuth2TokenValidator with additional validators.

Closes gh-14831
 2024-04-02 14:41:35 -07:00
Josh Cummings b648a24f5f
Polish Type Conversion API 
Issue gh-6245
 2024-04-01 16:14:21 -06:00
Steve Riesenberg e52dd81d03
Customize mapping the OidcUser 
Closes gh-14672
 2024-03-07 15:45:39 -06:00