Commit Graph

651 Commits

Author SHA1 Message Date
Joe Grandja
3debeb6f65 Add documentation for DPoP support
Closes gh-2009
2025-05-14 19:06:01 -04:00
Joe Grandja
86b5607a03 Fix DPoP jkt claim validation during refresh_token grant for public clients
Closes gh-2008
2025-05-14 06:16:14 -04:00
Joe Grandja
07f9621b02 Fix DPoP jkt claim to be JWK SHA-256 thumbprint
Closes gh-2007
2025-05-13 16:37:17 -04:00
Joe Grandja
23179507d5 Use OAuth2ParameterNames.REQUEST_URI
Issue gh-1925

Closes gh-1991
2025-04-22 06:06:31 -04:00
Joe Grandja
9dd5e2814a Merge branch '1.4.x' 2025-04-21 21:33:45 -04:00
Joe Grandja
f43dce384d Merge branch '1.3.x' into 1.4.x 2025-04-21 21:24:30 -04:00
Joe Grandja
c624d0a908 Revert "Fix client_secret_basic authentication failures and return challenge"
This reverts commit 42c18c856f.
2025-04-21 21:15:05 -04:00
Joe Grandja
7e41e87142 Revert "Allow customizing client authentication failures with AuthenticationEntryPoint"
This reverts commit f415f2a52c.
2025-04-21 21:05:05 -04:00
Joe Grandja
f415f2a52c Allow customizing client authentication failures with AuthenticationEntryPoint
Signed-off-by: Joe Grandja <10884212+jgrandja@users.noreply.github.com>
2025-04-18 07:46:25 -04:00
Joe Grandja
9ecfe49658 Merge branch '1.4.x' 2025-04-18 06:17:46 -04:00
Joe Grandja
f3820e5601 Merge branch '1.3.x' into 1.4.x
Closes gh-1982
2025-04-18 06:10:21 -04:00
Joe Grandja
42c18c856f Fix client_secret_basic authentication failures and return challenge
Closes gh-468
2025-04-18 05:45:25 -04:00
Joe Grandja
2dff08834c Add authorization server metadata for OAuth 2.0 Pushed Authorization Requests (PAR)
Issue gh-1925

Closes gh-1975
2025-04-16 15:21:44 -04:00
Joe Grandja
4b78a5e991 Enforce one-time use for request_uri used in PAR
Issue gh-1925

Closes gh-1974
2025-04-16 06:26:33 -04:00
Joe Grandja
c82aace6d4 Polish tests
Issue gh-1925
2025-04-16 05:50:59 -04:00
Joe Grandja
39cb9bfcea Validate expiry for request_uri used in PAR
Issue gh-1925

Closes gh-1973
2025-04-16 05:50:58 -04:00
Joe Grandja
5458e0855a request_uri used in PAR must be bound to the client
Issue gh-1925

Closes gh-1971
2025-04-15 15:36:09 -04:00
Joe Grandja
65e3a5ec9b Add authorization server metadata for DPoP support
Issue gh-1813

Closes gh-1951
2025-03-27 06:13:33 -04:00
Joe Grandja
48fd6ab60f Verify DPoP Proof public key during refresh_token grant for public clients
Issue gh-1813

Closes gh-1949
2025-03-25 15:56:38 -04:00
Joe Grandja
81c25ef6cb Fix test in OAuth2PushedAuthorizationRequestEndpointFilterTests
Issue gh-1925
2025-03-04 07:07:38 -05:00
Joe Grandja
30ebf1ecc6 Polish gh-1908 2025-03-04 06:35:00 -05:00
arefbehboudi
bbca6b02b7 Polish JdbcOAuth2AuthorizationService
Closes gh-1908

Signed-off-by: arefbehboudi <behboodiaref@gmail.com>
2025-03-04 06:34:01 -05:00
Joe Grandja
5bd47b6c2d Polish gh-1907 2025-03-04 06:17:14 -05:00
arefbehboudi
2e9fe7e99e Use pattern matching
Closes gh-1907

Signed-off-by: arefbehboudi <behboodiaref@gmail.com>
2025-03-04 06:17:13 -05:00
Joe Grandja
4337884e87 Add support for OAuth 2.0 Pushed Authorization Requests (PAR)
Closes gh-210

Signed-off-by: Joe Grandja <10884212+jgrandja@users.noreply.github.com>
2025-03-03 20:37:06 -05:00
Joe Grandja
629239fde1 Polish gh-1874 2025-02-24 14:41:17 -05:00
sylvain-costanzo
b0fca27c7b Support POST for authorization code request flow
Closes gh-1811

Signed-off-by: sylvain-costanzo <sylvain.costanzo1@decathlon.com>
2025-02-24 12:06:38 -05:00
Joe Grandja
a5ce97fefe Merge branch '1.4.x' 2025-02-14 12:09:28 -05:00
Joe Grandja
ded6faae76 Merge branch '1.3.x' into 1.4.x 2025-02-14 12:04:06 -05:00
Joe Grandja
29472a17a9 Polish gh-1889 2025-02-14 11:41:51 -05:00
Nick Holloway
8d4da24892 Fix device access token response error codes
Closes gh-1885

Signed-off-by: Nick Holloway <nick.holloway@pyrites.org.uk>
2025-02-14 11:39:08 -05:00
Joe Grandja
779d87a279 Add support for OAuth 2.0 Demonstrating Proof of Possession (DPoP)
Closes gh-1813
2025-02-14 05:44:30 -05:00
Joe Grandja
bf7f4f4af9 Bump next minor version 2025-02-11 15:51:26 -05:00
Loren
f1d54279e6 Replace deprecated fromHttpUrl with fromUriString
Closes gh-1883

Signed-off-by: Loren <cn.luowenjie@qq.com>
2025-01-21 09:20:05 -05:00
Loren
1f28280e7b Add Override annotation
Closes gh-1878

Signed-off-by: Loren <cn.luowenjie@qq.com>
2025-01-21 09:05:55 -05:00
Tran Ngoc Nhan
d238794229 Polish diamond operator
Closes gh-1848
2024-12-11 16:05:04 -05:00
Tran Ngoc Nhan
ed0265bf02 Polish
Closes gh-1842
2024-11-29 11:38:04 -05:00
Leon Linhart
e8f627f01e Use empty map for missing additional parameters
Closes gh-1826
2024-11-29 11:23:26 -05:00
Joe Grandja
0d2dac20af Merge branch '1.3.x' 2024-10-25 12:05:15 -04:00
Joe Grandja
92f7371021 Merge branch '1.2.x' into 1.3.x
Closes gh-1791
2024-10-25 12:02:25 -04:00
Joe Grandja
572255bebe Use toLower/toUpperCase with Locale argument
Closes gh-1790
2024-10-25 12:01:30 -04:00
Joe Grandja
a8d3960b97 Merge branch '1.3.x' 2024-10-21 15:17:23 -04:00
Joe Grandja
a60b1f65ee Merge branch '1.2.x' into 1.3.x
Closes gh-1782
2024-10-21 15:13:29 -04:00
William Koch
c6c20b9dba AOT contributions will be registered for JbcOAuth2AuthorizationService subclasses
Prior to this commit, String-based class name comparisons were used for determining if a bean was of type JdbcOAuth2AuthorizationService or
JdbcRegisteredClientRepository.

Now JdbcOAuth2AuthorizationService.class.isAssignableFrom(...) and JdbcRegisteredClientRepository.class.isAssignableFrom(...) is used so that any subclasses are
detected and the necessary AOT hints are contributed.

Closes gh-1778
2024-10-21 07:23:10 -04:00
Max Batischev
145599b44a Replace DelegatingAuthenticationConverter with one in Spring Security
Closes gh-1736
2024-10-17 10:12:44 -04:00
Joe Grandja
b1dcb87422 Merge branch '1.3.x' 2024-10-04 06:16:39 -04:00
Joe Grandja
68300d4cf9 Polish gh-1729 2024-10-04 05:57:16 -04:00
Selene Feigl
8c297b1252 Fix verification_uri in device authorization response when context path exists
Closes gh-1714
2024-10-04 05:54:24 -04:00
Joe Grandja
2c7975485f Simplify configuring authorization server using HttpSecurity.with()
Closes gh-1707
2024-10-03 15:28:16 -04:00
Joe Grandja
4d1e2d9711 Polish gh-1723 2024-10-01 17:19:45 -04:00