8307196799
Add Kotlin examples to OAuth2 docs landing page
...
Issue gh-13785
2023-10-23 14:52:13 -05:00
a3227f041c
Polish OAuth2AuthorizationManagers
...
- Add OAuth2ReactiveAuthorizationManagers
- Code to interfaces
- Align error message with the same in
AuthorityAuthorizationManager
- Adjust expectations in tests to confirm an
appropriately constructed authorizaion manager
- Add JavaDoc and reference documentation
Issue gh-13654
2023-10-02 17:26:06 -06:00
6b0d82236d
Fix Documentation Errors
...
Issue gh-12570
2023-09-18 16:21:37 -06:00
cb33fd7850
Add OIDC Back-Channel Logout Support
...
Closes gh-12570
2023-09-16 15:12:21 -06:00
1f8c94aee8
Add overview documentation for OAuth2
...
This commit adds an overview to the landing page for OAuth2 with:
* OAuth2 Resource Server
* OAuth2 Client
At this level, OAuth2 Login is combined into the overview for Client
to make it clear that it is part of the oauth2-client module.
Content is broken down into use cases similar to other docs pages
that have been updated recently. This content will be revisited
as additional updates are made to OAuth2 docs, and some use cases
may be moved or even added as needed. This commit only adds a few
initial use cases to get the OAuth2 docs update process started.
Closes gh-13784
2023-09-07 12:26:07 -05:00
3b7e7f63d8
Update Jwt Multi-tenancy Documentation
...
Issue gh-13427
2023-08-08 10:03:11 -06:00
b7efa15591
Merge branch '6.0.x' into 6.1.x
2023-08-07 14:48:37 -06:00
1f27b18398
Merge branch '5.8.x' into 6.0.x
2023-08-07 14:48:12 -06:00
e8b9a35494
Fix Bearer Token RestTemplate Support example
2023-08-07 14:47:37 -06:00
c03bd3f717
Remove deprecated usage
...
Closes gh-13446
2023-07-12 15:02:26 -06:00
8407c9ebee
Merge branch '6.0.x'
...
Closes gh-13407
2023-06-18 21:41:16 -05:00
f66a5bab99
Merge branch '5.8.x' into 6.0.x
...
Closes gh-13406
2023-06-18 21:33:58 -05:00
7da99acca7
Merge branch '5.7.x' into 5.8.x
...
Closes gh-13405
2023-06-18 21:32:35 -05:00
0cf95dbf61
Merge branch '5.6.x' into 5.7.x
...
Closes gh-13404
2023-06-18 21:31:35 -05:00
39c43159f4
Convert to Asciidoctor Tabs
...
Closes gh-13403
2023-06-18 21:30:41 -05:00
04692d9ee8
Fix Antora Warnings
...
Closes gh-13210
2023-06-08 17:02:19 -05:00
528ec318ab
Merge branch '6.0.x'
2023-06-05 12:56:56 -06:00
d47e3e8cd8
Delete duplicate line from oauth2/client/core.adoc
2023-06-05 12:56:24 -06:00
58a08050c1
Merge branch '6.0.x'
...
Closes gh-13239
2023-05-26 14:25:33 -06:00
0ac554ee3e
Merge branch '5.8.x' into 6.0.x
...
Closes gh-13238
2023-05-26 14:25:20 -06:00
8ccc03fdb6
Update Resource Server Docs
...
Closes gh-13147
2023-05-26 14:24:31 -06:00
0e3ee89902
Merge branch '6.0.x'
2023-05-18 11:08:11 -06:00
cdac708051
Merge branch '5.8.x' into 6.0.x
2023-05-18 11:08:00 -06:00
219faf29d4
Merge branch '5.7.x' into 5.8.x
2023-05-18 11:07:42 -06:00
b6f3cb71e6
Add Missing AuthorizationRequestRepository in Snippet
...
Closes PR-13099
2023-05-18 10:54:19 -06:00
b969179b5c
Merge branch '5.7.x' into 5.8.x
2023-05-10 15:53:22 -06:00
3469bcb822
Address Antora Warnings
2023-05-10 15:51:49 -06:00
e5fcf1ebcf
Revisit Request and Method Security Docs
...
Issue gh-13088
2023-05-01 14:09:22 -06:00
76eba9bd0c
Add withIssuerLocation
...
Closes gh-10309
2023-04-12 16:36:15 -06:00
8ad91287d9
Fix Broken Link
...
Closes gh-12824
2023-03-20 15:13:10 -06:00
9535566f84
Update multitenancy.adoc
...
The Java example at line 421 should use the injected `jwtValidator` and not from the current class referenced by `this. jwtValidator`.
2023-01-05 10:32:57 -07:00
2fdf762726
Merge branch '5.8.x' into 6.0.x
2022-12-05 14:41:59 -08:00
7aaa25b88e
Merge branch '5.7.x' into 5.8.x
2022-12-05 14:40:54 -08:00
fc25b87967
Merge branch '5.6.x' into 5.7.x
2022-12-05 14:40:38 -08:00
626e53d121
Fix: Replace tenantRepository with tenants
2022-12-05 14:31:24 -08:00
c7b9b33cd1
Merge branch '5.8.x'
2022-11-03 08:23:50 -03:00
4d646a2978
Merge branch '5.7.x' into 5.8.x
2022-11-03 08:23:26 -03:00
067fc1678c
Merge branch '5.6.x' into 5.7.x
2022-11-03 08:22:09 -03:00
01a37dd678
Fix typo
...
(cherry picked from commit 20e89e3eca0823bfa329b5de80448bac1f5e0f30)
2022-11-03 08:21:48 -03:00
cca999c57d
Merge remote-tracking branch 'origin/5.8.x'
2022-11-01 13:46:08 -06:00
d29ab8bcae
Merge branch '5.7.x' into 5.8.x
2022-11-01 13:43:40 -06:00
c94e33b6c8
Merge branch '5.6.x' into 5.7.x
2022-11-01 13:42:35 -06:00
8315545144
Update RP-Initiated Logout target URLs.
...
The URLs we're using are not actually pointing to the OIDC RP-Initiated Logout Specs.
Fixes: gh-12081
2022-11-01 12:35:39 -06:00
38a7bbd2eb
Merge branch '5.8.x'
2022-10-05 13:20:12 -03:00
ace8caa182
Remove mvcMatchers usage from docs
...
Issue gh-11347
2022-10-05 13:19:37 -03:00
181ee7410b
Change default authority for oauth2Login()
...
Previously, the default authority was ROLE_USER when using
oauth2Login() for both OAuth2 and OIDC providers.
* Default authority for OAuth2UserAuthority is now OAUTH2_USER
* Default authority for OidcUserAuthority is now OIDC_USER
Documentation has been updated to include this implementation detail.
Closes gh-7856
2022-09-26 10:06:31 -05:00
2431dd1103
Merge branch '5.8.x'
2022-09-13 17:38:10 -05:00
355ef21117
Polish gh-11665
2022-09-13 16:45:39 -05:00
1efb63387f
Add authentication converter for introspected tokens
...
Adds configurable authentication converter for resource-servers with
token introspection (something very similar to what
JwtAuthenticationConverter does for resource-servers with JWT decoder).
The new (Reactive)OpaqueTokenAuthenticationConverter is given
responsibility for converting successful token introspection result
into an Authentication instance (which is currently done by a private
methods of OpaqueTokenAuthenticationProvider and
OpaqueTokenReactiveAuthenticationManager).
The default (Reactive)OpaqueTokenAuthenticationConverter, behave the
same as current private convert(OAuth2AuthenticatedPrincipal principal,
String token) methods: map authorities from scope attribute and build a
BearerTokenAuthentication.
Closes gh-11661
2022-09-13 16:45:36 -05:00
a5069d7e35
Fix Add @Configuration to @Enable*Security Usage
...
Issue gh-6613
2022-08-09 17:00:16 -05:00
040111ae9e
Remove Configuration meta-annotation from Enable* annotations
...
Before, Spring Security's @Enable* annotations were meta-annotated with @Configuration.
While convenient, this is not consistent with the rest of the Spring projects and most notably
Spring Framework's @Enable annotations. Additionally, the introduction of support for
@Configuration(proxyBeanMethods=false) in Spring Framework provides a compelling reason to
remove @Configuration meta-annotation from Spring Security's @Enable annotations and allow
users to opt into their preferred configuration mode.
Closes gh-6613
Signed-off-by: Joshua Sattler <joshua.sattler@mailbox.org>
2022-07-30 03:48:42 +02:00
aca3fc2412
Update opaque-token.adoc
...
Fixing yaml sample in Servlet and Reactive pages
2022-06-01 08:51:44 -03:00
0c31cb21dc
Update opaque-token.adoc
...
Fixing yaml sample in Servlet and Reactive pages
2022-06-01 08:50:56 -03:00
24701b547f
Update opaque-token.adoc
...
Fixing yaml sample in Servlet and Reactive pages
2022-06-01 08:49:47 -03:00
b9acdd5058
Update opaque-token.adoc
...
Fixing yaml sample in Servlet and Reactive pages
2022-06-01 13:43:42 +02:00
b71d9bfdc2
Fix typo
2022-04-06 11:09:41 +02:00
ed8887e0fc
Fix typo
2022-04-06 11:09:15 +02:00
f0168c6c27
Add support for customizing claims in JWT Client Assertion
...
Closes gh-9855
2022-03-17 09:53:16 -05:00
428216b322
Add support for customizing claims in JWT Client Assertion
...
Closes gh-9855
2022-03-17 09:50:25 -05:00
54b033078b
Allow configuring PKCE for confidential clients
...
Closes gh-6548
2022-03-16 13:36:10 -04:00
a2ffc88294
Allow configuring PKCE for confidential clients
...
Closes gh-6548
2022-03-16 13:33:12 -04:00
f64181ab41
Update docs to use multi-tenancy
...
Closes gh-10572
2022-02-14 17:18:48 +01:00
77ba94e1db
Update docs to use multi-tenancy
...
Closes gh-10572
2022-02-14 11:07:42 +01:00
4142f06259
Replace WebSecurityConfigurerAdapter with SecurityFilterChain in docs
...
Closes gh-10003
2022-02-08 18:10:58 +01:00
4492e5b667
Replace WebSecurityConfigurerAdapter with SecurityFilterChain in docs
...
Closes gh-10003
2022-02-08 16:12:10 +01:00
525f40490c
Allow Jwt assertion to be resolved
...
Closes gh-9812
2022-01-10 10:59:14 -05:00
214cfe807e
Allow Jwt assertion to be resolved
...
Closes gh-9812
2022-01-10 10:42:10 -05:00
2fb056b5c1
Merge Clean up Reference Documentation
...
Closes gh-9668
2021-12-13 16:57:36 -06:00
32d79f3f4e
Fix setJWTClaimSetJWSKeySelector Typo
...
Closes gh-10504
2021-11-16 15:33:42 -07:00
b7cc667d21
Fix setJWTClaimSetJWSKeySelector Typo
...
Closes gh-10504
2021-11-16 15:33:27 -07:00
879b2d089f
Fix setJWTClaimSetJWSKeySelector Typo
...
Closes gh-10504
2021-11-16 15:29:23 -07:00
088a24cf59
Fix jwtDecoder Documentation Usage
...
Closes gh-10505
2021-11-16 15:18:42 -07:00
3fb1565cc0
Fix jwtDecoder Documentation Usage
...
Closes gh-10505
2021-11-16 15:17:37 -07:00
5913501e1a
#10505 Fix jwtDecoder
...
Fixed jwtDecoder(JWTProcessor jwtProcessor, OAuth2TokenValidator<Jwt> jwtValidator)
2021-11-16 14:05:43 -07:00
73e1506e5e
Consistency update for servlet docs
2021-11-11 14:24:29 -06:00
ab794bf67a
Consistency update for servlet docs
2021-11-11 10:41:12 -06:00
b60020a40c
Use authorizeHttpRequests in Docs
...
Issue gh-8900
2021-11-10 16:09:50 -07:00
812d6f7b18
Use authorizeHttpRequests in Docs
...
Issue gh-8900
2021-11-10 16:08:57 -07:00
7708418fae
Separate OAuth 2.0 Login Servlet Docs
...
Issue gh-10367
2021-11-05 12:45:46 -06:00
82696918ae
Separate OAuth 2.0 Client Servlet Docs
...
Issue gh-10367
2021-11-05 12:45:46 -06:00
e350c8a852
Document parameters converter in oauth2 client servlet docs
...
Closes gh-10467
2021-11-05 12:45:46 -06:00
efa2fab061
Document authentication helper method in WebClient integration
...
Closes gh-10120
2021-11-05 12:45:46 -06:00
76ebbb84f7
Separate Namespace Servlet Docs
...
Issue gh-10367
2021-11-05 12:45:46 -06:00
3db13de1e2
Separate OAuth 2.0 Login Servlet Docs
...
Issue gh-10367
2021-11-04 11:55:53 -06:00
8c508d6afa
Separate OAuth 2.0 Client Servlet Docs
...
Issue gh-10367
2021-11-04 11:33:58 -06:00
b27c7e17f4
Document parameters converter in oauth2 client servlet docs
...
Closes gh-10467
2021-11-03 17:09:44 -05:00
49f3c0ce53
Document authentication helper method in WebClient integration
...
Closes gh-10120
2021-11-03 15:57:12 -05:00
869e379099
Separate Namespace Servlet Docs
...
Issue gh-10367
2021-11-01 17:49:15 -06:00
4b0e74aac4
Separate Resource Server Servlet Docs
...
Issue gh-10367
2021-10-27 10:02:05 -06:00
f561499683
Fix Antora cross-references that lead to other pages.
...
Also using AsciiDoc style listings instead of Markdown style listings, and using explicit section IDs on all cross-references.
2021-10-06 09:53:15 -06:00
a7f3f54a33
architecture/index.adoc -> ../architecture.adoc
...
BASE_DIR=docs/modules/ROOT/pages
git --no-pager diff HEAD~1 --diff-filter=R -M | sed -Ez "s%(\nrename to|rename from |similarity index [^\n]+|diff[^\n]+|$BASE_DIR/)%%g" | grep "\S" | while read rename_from_to; do
from=$(echo $rename_from_to | cut -f 1 -d " ")
to=$(echo $rename_from_to | cut -f 2 -d " ")
echo "processing rename from $from to $to"
find "$BASE_DIR/../" -name "*.adoc" | while read adoc_file; do
sed -i -E "s%xref:$from%xref:$to%g" "$adoc_file"
done
done
2021-09-23 15:50:14 -05:00
583761f916
unpwd->passwords folder
2021-09-23 15:50:14 -05:00
0b587dcef1
Reduce folders
2021-09-23 15:50:13 -05:00
e681e44268
overview/ -> ../
2021-09-23 15:50:11 -05:00
29a7669101
rg "xref:\S+?#\S+\[\]" docs/modules -l -g "*.adoc" | while read adoc_file_to_replace; do
...
echo "Replacing $adoc_file_to_replace"
for id_file in build/ids/*.id; do
id=$(basename $id_file | sed 's/\.id$//')
xref_page=$(cat $id_file)
if [[ "$adoc_file_to_replace" -ef "./docs/modules/ROOT/pages/$xref_page" ]]
then
echo " - Skipping same page refid $id "
else
text_file=$(echo $id_file | sed 's/\.id$/.text/')
default_text=$(cat $text_file)
sed -i -E "s%xref:${xref_page}#${id}\[\]%xref:${xref_page}#${id}[$default_text]%g" $adoc_file_to_replace
fi
done
done
2021-09-23 15:49:45 -05:00
1f90df6a14
mkdir -p build/ids
...
find -name "*.adoc" | xargs -I{file} awk -v file={file} '/\[\[/ { gsub("\[|\]", ""); id=$0; gsub("./docs/modules/ROOT/pages/", "", file); gsub("\[|\]", ""); id=$0;getline;text=$0; sub("^=+ ","", text); print file > "build/ids/"id".id"; print text > "build/ids/"id".text" }' {file}
find docs/modules -name "*.adoc"|while read adoc_file_to_replace; do
echo "Replacing $adoc_file_to_replace"
for id_file in build/ids/*.id; do
id=$(basename $id_file | sed 's/\.id$//')
xref_page=$(cat $id_file)
if [[ "$adoc_file_to_replace" -ef "./docs/modules/ROOT/pages/$xref_page" ]]
then
echo " - Skipping same page refid $id "
else
sed -i -E "s%<<$id(|,([^,>]+))>>%xref:${xref_page}#${id}[\2]%g" $adoc_file_to_replace
fi
done
done
2021-09-23 15:49:43 -05:00
d2affef356
Fix images
...
- Move images into assets/
- Remove figures form antora.yml
- Add :figures: to each page that uses it
2021-09-23 15:47:21 -05:00
c3dfb1711d
Remove includes
2021-09-23 15:45:22 -05:00
f01a13aa52
Antora
...
mkdir -p docs/modules/ROOT/
mkdir -p docs/modules/ROOT/pages/
git checkout antora-2.x docs/antora.yml
git checkout antora-2.x docs/modules/ROOT/nav.adoc
mv docs/manual/src/docs/asciidoc/images docs/modules/ROOT/
mv docs/manual/src/docs/asciidoc/_includes/* docs/modules/ROOT/pages/
cp ~/code/rwinch/spring-reference/*antora* ~/code/spring-projects/spring-security/
mv docs/modules/ROOT/pages/about docs/modules/ROOT/pages/overview
2021-09-23 15:45:22 -05:00
Steve Riesenberg
Josh Cummings
Daniel Shuy
yahya jabary
Rob Winch
Vladimir Kidyaev
moli
Logan Kulinski
Olivier Délèze
Marcus Da Coregio
Sellami
Rivaldi
Ger Roza
ch4mpy
Joshua Sattler
André Luis Gomes
Pascal Verdage
Joe Grandja
Yuriy Savchenko
Eleftheria Stein
Jeff Maxwell
Alexander Schwartz