be340a0085
Polish servlet OAuth2 docs landing page
...
Issue gh-14758
2024-03-26 16:00:28 -05:00
9751636735
Polish gh-12281
2024-03-07 16:26:26 -06:00
488901dd4e
Fix Delegation-based Strategy examples
...
Fix examples not copying userNameAttributeName
Issue gh-12275
Issue gh-12282
Issue gh-14672
2024-03-07 16:26:24 -06:00
34526c3e01
Merge branch '6.2.x'
2024-02-12 12:54:29 -07:00
3ab323663a
Do Not Wire Default OidcSessionStrategy without OidcLogoutConfigurer
...
Closes gh-14558
2024-02-12 12:53:48 -07:00
c5d1683690
Fixes logout link in advanced oauth2 servlet configuration (was pointing to the reactive page)
2024-02-05 11:43:45 -07:00
baa11f8b70
Merge branch '6.1.x' into 6.2.x
2023-12-19 18:06:45 -07:00
c38c443d2f
Merge branch '5.8.x' into 6.1.x
2023-12-19 18:06:23 -07:00
9203567a20
improve Multitenancy Issuer Validator example Closes gh-14229
2023-12-19 18:04:50 -07:00
d130a18d3c
Merge branch '6.1.x' into 6.2.x
...
Closes gh-14280
2023-12-11 11:45:16 -07:00
f0772dc788
Merge branch '5.8.x' into 6.1.x
...
Closes gh-14279
2023-12-11 11:44:44 -07:00
74d06f020d
Update to Latest Boot Property
...
Closes gh-14252
2023-12-11 11:44:08 -07:00
67d3e4c9b8
Merge branch '6.1.x'
2023-11-09 14:13:00 -06:00
a2d1fcf923
Merge branch '6.0.x' into 6.1.x
2023-11-09 14:12:43 -06:00
b14a66c30d
Merge branch '5.8.x' into 6.0.x
2023-11-09 14:12:29 -06:00
7335c5745c
Document authentication helper method in WebClient integration
...
This commit re-applies 49f3c0ce53
2023-11-09 10:46:32 -06:00
447f40949c
Revert unnecessary merges on 6.1.x
...
This commit removes unnecessary main-branch merges starting from
9f8db22b774d6ff49b9ded6ff670d1c823b0079444fad21363
2023-10-31 15:22:15 -05:00
9db33f33c7
Revert unnecessary merges on 6.0.x
...
This commit removes unnecessary main-branch merges starting from
8750608b5b5dce82c48b
2023-10-31 15:11:45 -05:00
8307196799
Add Kotlin examples to OAuth2 docs landing page
...
Issue gh-13785
2023-10-23 14:52:13 -05:00
a3227f041c
Polish OAuth2AuthorizationManagers
...
- Add OAuth2ReactiveAuthorizationManagers
- Code to interfaces
- Align error message with the same in
AuthorityAuthorizationManager
- Adjust expectations in tests to confirm an
appropriately constructed authorizaion manager
- Add JavaDoc and reference documentation
Issue gh-13654
2023-10-02 17:26:06 -06:00
6b0d82236d
Fix Documentation Errors
...
Issue gh-12570
2023-09-18 16:21:37 -06:00
cb33fd7850
Add OIDC Back-Channel Logout Support
...
Closes gh-12570
2023-09-16 15:12:21 -06:00
1f8c94aee8
Add overview documentation for OAuth2
...
This commit adds an overview to the landing page for OAuth2 with:
* OAuth2 Resource Server
* OAuth2 Client
At this level, OAuth2 Login is combined into the overview for Client
to make it clear that it is part of the oauth2-client module.
Content is broken down into use cases similar to other docs pages
that have been updated recently. This content will be revisited
as additional updates are made to OAuth2 docs, and some use cases
may be moved or even added as needed. This commit only adds a few
initial use cases to get the OAuth2 docs update process started.
Closes gh-13784
2023-09-07 12:26:07 -05:00
3b7e7f63d8
Update Jwt Multi-tenancy Documentation
...
Issue gh-13427
2023-08-08 10:03:11 -06:00
b7efa15591
Merge branch '6.0.x' into 6.1.x
2023-08-07 14:48:37 -06:00
1f27b18398
Merge branch '5.8.x' into 6.0.x
2023-08-07 14:48:12 -06:00
e8b9a35494
Fix Bearer Token RestTemplate Support example
2023-08-07 14:47:37 -06:00
c03bd3f717
Remove deprecated usage
...
Closes gh-13446
2023-07-12 15:02:26 -06:00
8407c9ebee
Merge branch '6.0.x'
...
Closes gh-13407
2023-06-18 21:41:16 -05:00
f66a5bab99
Merge branch '5.8.x' into 6.0.x
...
Closes gh-13406
2023-06-18 21:33:58 -05:00
7da99acca7
Merge branch '5.7.x' into 5.8.x
...
Closes gh-13405
2023-06-18 21:32:35 -05:00
0cf95dbf61
Merge branch '5.6.x' into 5.7.x
...
Closes gh-13404
2023-06-18 21:31:35 -05:00
39c43159f4
Convert to Asciidoctor Tabs
...
Closes gh-13403
2023-06-18 21:30:41 -05:00
04692d9ee8
Fix Antora Warnings
...
Closes gh-13210
2023-06-08 17:02:19 -05:00
528ec318ab
Merge branch '6.0.x'
2023-06-05 12:56:56 -06:00
d47e3e8cd8
Delete duplicate line from oauth2/client/core.adoc
2023-06-05 12:56:24 -06:00
58a08050c1
Merge branch '6.0.x'
...
Closes gh-13239
2023-05-26 14:25:33 -06:00
0ac554ee3e
Merge branch '5.8.x' into 6.0.x
...
Closes gh-13238
2023-05-26 14:25:20 -06:00
8ccc03fdb6
Update Resource Server Docs
...
Closes gh-13147
2023-05-26 14:24:31 -06:00
0e3ee89902
Merge branch '6.0.x'
2023-05-18 11:08:11 -06:00
cdac708051
Merge branch '5.8.x' into 6.0.x
2023-05-18 11:08:00 -06:00
219faf29d4
Merge branch '5.7.x' into 5.8.x
2023-05-18 11:07:42 -06:00
b6f3cb71e6
Add Missing AuthorizationRequestRepository in Snippet
...
Closes PR-13099
2023-05-18 10:54:19 -06:00
b969179b5c
Merge branch '5.7.x' into 5.8.x
2023-05-10 15:53:22 -06:00
3469bcb822
Address Antora Warnings
2023-05-10 15:51:49 -06:00
e5fcf1ebcf
Revisit Request and Method Security Docs
...
Issue gh-13088
2023-05-01 14:09:22 -06:00
76eba9bd0c
Add withIssuerLocation
...
Closes gh-10309
2023-04-12 16:36:15 -06:00
8ad91287d9
Fix Broken Link
...
Closes gh-12824
2023-03-20 15:13:10 -06:00
9535566f84
Update multitenancy.adoc
...
The Java example at line 421 should use the injected `jwtValidator` and not from the current class referenced by `this. jwtValidator`.
2023-01-05 10:32:57 -07:00
2fdf762726
Merge branch '5.8.x' into 6.0.x
2022-12-05 14:41:59 -08:00
7aaa25b88e
Merge branch '5.7.x' into 5.8.x
2022-12-05 14:40:54 -08:00
fc25b87967
Merge branch '5.6.x' into 5.7.x
2022-12-05 14:40:38 -08:00
626e53d121
Fix: Replace tenantRepository with tenants
2022-12-05 14:31:24 -08:00
c7b9b33cd1
Merge branch '5.8.x'
2022-11-03 08:23:50 -03:00
4d646a2978
Merge branch '5.7.x' into 5.8.x
2022-11-03 08:23:26 -03:00
067fc1678c
Merge branch '5.6.x' into 5.7.x
2022-11-03 08:22:09 -03:00
01a37dd678
Fix typo
...
(cherry picked from commit 20e89e3eca0823bfa329b5de80448bac1f5e0f30)
2022-11-03 08:21:48 -03:00
cca999c57d
Merge remote-tracking branch 'origin/5.8.x'
2022-11-01 13:46:08 -06:00
d29ab8bcae
Merge branch '5.7.x' into 5.8.x
2022-11-01 13:43:40 -06:00
c94e33b6c8
Merge branch '5.6.x' into 5.7.x
2022-11-01 13:42:35 -06:00
8315545144
Update RP-Initiated Logout target URLs.
...
The URLs we're using are not actually pointing to the OIDC RP-Initiated Logout Specs.
Fixes: gh-12081
2022-11-01 12:35:39 -06:00
38a7bbd2eb
Merge branch '5.8.x'
2022-10-05 13:20:12 -03:00
ace8caa182
Remove mvcMatchers usage from docs
...
Issue gh-11347
2022-10-05 13:19:37 -03:00
181ee7410b
Change default authority for oauth2Login()
...
Previously, the default authority was ROLE_USER when using
oauth2Login() for both OAuth2 and OIDC providers.
* Default authority for OAuth2UserAuthority is now OAUTH2_USER
* Default authority for OidcUserAuthority is now OIDC_USER
Documentation has been updated to include this implementation detail.
Closes gh-7856
2022-09-26 10:06:31 -05:00
2431dd1103
Merge branch '5.8.x'
2022-09-13 17:38:10 -05:00
355ef21117
Polish gh-11665
2022-09-13 16:45:39 -05:00
1efb63387f
Add authentication converter for introspected tokens
...
Adds configurable authentication converter for resource-servers with
token introspection (something very similar to what
JwtAuthenticationConverter does for resource-servers with JWT decoder).
The new (Reactive)OpaqueTokenAuthenticationConverter is given
responsibility for converting successful token introspection result
into an Authentication instance (which is currently done by a private
methods of OpaqueTokenAuthenticationProvider and
OpaqueTokenReactiveAuthenticationManager).
The default (Reactive)OpaqueTokenAuthenticationConverter, behave the
same as current private convert(OAuth2AuthenticatedPrincipal principal,
String token) methods: map authorities from scope attribute and build a
BearerTokenAuthentication.
Closes gh-11661
2022-09-13 16:45:36 -05:00
a5069d7e35
Fix Add @Configuration to @Enable*Security Usage
...
Issue gh-6613
2022-08-09 17:00:16 -05:00
040111ae9e
Remove Configuration meta-annotation from Enable* annotations
...
Before, Spring Security's @Enable* annotations were meta-annotated with @Configuration.
While convenient, this is not consistent with the rest of the Spring projects and most notably
Spring Framework's @Enable annotations. Additionally, the introduction of support for
@Configuration(proxyBeanMethods=false) in Spring Framework provides a compelling reason to
remove @Configuration meta-annotation from Spring Security's @Enable annotations and allow
users to opt into their preferred configuration mode.
Closes gh-6613
Signed-off-by: Joshua Sattler <joshua.sattler@mailbox.org>
2022-07-30 03:48:42 +02:00
aca3fc2412
Update opaque-token.adoc
...
Fixing yaml sample in Servlet and Reactive pages
2022-06-01 08:51:44 -03:00
0c31cb21dc
Update opaque-token.adoc
...
Fixing yaml sample in Servlet and Reactive pages
2022-06-01 08:50:56 -03:00
24701b547f
Update opaque-token.adoc
...
Fixing yaml sample in Servlet and Reactive pages
2022-06-01 08:49:47 -03:00
b9acdd5058
Update opaque-token.adoc
...
Fixing yaml sample in Servlet and Reactive pages
2022-06-01 13:43:42 +02:00
b71d9bfdc2
Fix typo
2022-04-06 11:09:41 +02:00
ed8887e0fc
Fix typo
2022-04-06 11:09:15 +02:00
f0168c6c27
Add support for customizing claims in JWT Client Assertion
...
Closes gh-9855
2022-03-17 09:53:16 -05:00
428216b322
Add support for customizing claims in JWT Client Assertion
...
Closes gh-9855
2022-03-17 09:50:25 -05:00
54b033078b
Allow configuring PKCE for confidential clients
...
Closes gh-6548
2022-03-16 13:36:10 -04:00
a2ffc88294
Allow configuring PKCE for confidential clients
...
Closes gh-6548
2022-03-16 13:33:12 -04:00
f64181ab41
Update docs to use multi-tenancy
...
Closes gh-10572
2022-02-14 17:18:48 +01:00
77ba94e1db
Update docs to use multi-tenancy
...
Closes gh-10572
2022-02-14 11:07:42 +01:00
4142f06259
Replace WebSecurityConfigurerAdapter with SecurityFilterChain in docs
...
Closes gh-10003
2022-02-08 18:10:58 +01:00
4492e5b667
Replace WebSecurityConfigurerAdapter with SecurityFilterChain in docs
...
Closes gh-10003
2022-02-08 16:12:10 +01:00
525f40490c
Allow Jwt assertion to be resolved
...
Closes gh-9812
2022-01-10 10:59:14 -05:00
214cfe807e
Allow Jwt assertion to be resolved
...
Closes gh-9812
2022-01-10 10:42:10 -05:00
2fb056b5c1
Merge Clean up Reference Documentation
...
Closes gh-9668
2021-12-13 16:57:36 -06:00
32d79f3f4e
Fix setJWTClaimSetJWSKeySelector Typo
...
Closes gh-10504
2021-11-16 15:33:42 -07:00
b7cc667d21
Fix setJWTClaimSetJWSKeySelector Typo
...
Closes gh-10504
2021-11-16 15:33:27 -07:00
879b2d089f
Fix setJWTClaimSetJWSKeySelector Typo
...
Closes gh-10504
2021-11-16 15:29:23 -07:00
088a24cf59
Fix jwtDecoder Documentation Usage
...
Closes gh-10505
2021-11-16 15:18:42 -07:00
3fb1565cc0
Fix jwtDecoder Documentation Usage
...
Closes gh-10505
2021-11-16 15:17:37 -07:00
5913501e1a
#10505 Fix jwtDecoder
...
Fixed jwtDecoder(JWTProcessor jwtProcessor, OAuth2TokenValidator<Jwt> jwtValidator)
2021-11-16 14:05:43 -07:00
73e1506e5e
Consistency update for servlet docs
2021-11-11 14:24:29 -06:00
ab794bf67a
Consistency update for servlet docs
2021-11-11 10:41:12 -06:00
b60020a40c
Use authorizeHttpRequests in Docs
...
Issue gh-8900
2021-11-10 16:09:50 -07:00
812d6f7b18
Use authorizeHttpRequests in Docs
...
Issue gh-8900
2021-11-10 16:08:57 -07:00
7708418fae
Separate OAuth 2.0 Login Servlet Docs
...
Issue gh-10367
2021-11-05 12:45:46 -06:00
82696918ae
Separate OAuth 2.0 Client Servlet Docs
...
Issue gh-10367
2021-11-05 12:45:46 -06:00
e350c8a852
Document parameters converter in oauth2 client servlet docs
...
Closes gh-10467
2021-11-05 12:45:46 -06:00
efa2fab061
Document authentication helper method in WebClient integration
...
Closes gh-10120
2021-11-05 12:45:46 -06:00
Steve Riesenberg
Daniel Shuy
Josh Cummings
Joao Silva
daniKir
Steve Riesenberg
yahya jabary
Rob Winch
Vladimir Kidyaev
moli
Logan Kulinski
Olivier Délèze
Marcus Da Coregio
Sellami
Rivaldi
Ger Roza
ch4mpy
Joshua Sattler
André Luis Gomes
Pascal Verdage
Joe Grandja
Yuriy Savchenko
Eleftheria Stein
Jeff Maxwell