Commit Graph

301 Commits

Author SHA1 Message Date
Steve Riesenberg
291ba8c92d Add support for OAuth 2.0 Device Authorization Grant
Closes gh-44
2023-03-10 11:51:18 -06:00
Joe Grandja
ad01779479 Polish gh-1105 2023-03-07 07:57:54 -05:00
Shannon Pamperl
0255a24849 Upgrade client secret when available
Closes gh-1099
2023-03-07 07:49:09 -05:00
Joe Grandja
fe9abb641e Merge branch '1.0.x' 2023-03-07 05:02:35 -05:00
Joe Grandja
c05e860bb5 Merge branch '0.4.x' into 1.0.x
Closes gh-1113
2023-03-07 04:53:39 -05:00
Joe Grandja
addd6e13d5 Polish gh-1056 2023-03-07 04:26:13 -05:00
Yuta Saito
63aa5d8933 Fix client secret encoding when client dynamically registered
Closes gh-1056
2023-03-06 17:39:36 -05:00
Joe Grandja
d5e0dfe7a0 Merge branch '1.0.x' 2023-02-21 08:18:33 -05:00
Joe Grandja
beebfe8da3 Merge branch '0.4.x' into 1.0.x 2023-02-21 08:14:56 -05:00
Joe Grandja
0cd594082e Polish authorization error response encoding
Issue gh-1011
2023-02-21 03:47:53 -05:00
Joe Grandja
98e3fe807a Add OpenID Connect 1.0 Logout Endpoint
Closes gh-266
2023-02-17 17:43:40 -05:00
Joe Grandja
56918b9b48 Merge branch '0.4.x'
Closes gh-1074
2023-02-15 17:18:30 -05:00
Joe Grandja
30927ad5e7 Polish gh-1011 2023-02-15 16:58:28 -05:00
Andreas Fleig
26205a2d8d Preserve encoding for authorization request redirect_uri parameter
Closes gh-1011
2023-02-15 15:27:02 -05:00
Joe Grandja
db5416ca47 Merge branch '0.4.x'
Fixes gh-1012
2023-02-15 11:35:32 -05:00
Joe Grandja
1783bf7611 Polish gh-1013 2023-02-15 09:46:40 -05:00
Joe Grandja
c1abf17df5 Merge branch 0.4.x into main
The following commits are merged using the default merge strategy.

8ed0194744 client_id authentication parameter must have printable ASCII characters
4e63c3b6b6 Update links to current version of OAuth 2.1
2022-11-21 11:32:46 -05:00
Joe Grandja
8ed0194744 client_id authentication parameter must have printable ASCII characters
Closes gh-889
2022-11-18 14:30:06 -05:00
Joe Grandja
49f3bf6e36 Merge branch 0.4.x into main
The following commits are merged using the default merge strategy.

8c78a5bdee Document Authorization Request Validation
a9371e918a Document Jwt Client Assertion Validation
fcbb5c1197 Polish OAuth2AuthorizationCodeGrantTests
2022-11-16 09:44:31 -05:00
Joe Grandja
fcbb5c1197 Polish OAuth2AuthorizationCodeGrantTests 2022-11-16 04:27:45 -05:00
Joe Grandja
e05f86f985 Merge branch 0.4.x into main
The following commits are merged using the default merge strategy.

0e509333bc Assert unique identifiers in JdbcRegisteredClientRepository
8b0e7578df Upgrade to JUnit 5
2022-11-08 11:48:23 -05:00
Joe Grandja
8b0e7578df Upgrade to JUnit 5
Closes gh-964
2022-11-08 11:35:27 -05:00
Joe Grandja
0e509333bc Assert unique identifiers in JdbcRegisteredClientRepository
Closes gh-959
2022-11-03 16:29:12 -04:00
Joe Grandja
4adc3766ea Merge branch 0.4.x into main
The following commits are merged using the default merge strategy.

8d7f8b3420 Improve customizing OIDC UserInfo endpoint
2ba711c83a Polish gh-929
efbfdc234c Improve customizing OIDC Client Registration endpoint
bfd7a09c3b Polish gh-946
11ce8ef201 Polish gh-929
356d669a78 Fix URL encoding for authorization request state parameter
4eb25c163f Polish gh-920
6dc3944eef Add OidcClientRegistrationAuthenticationProvider.setRegisteredClientConverter()
2022-10-31 15:39:19 -04:00
Joe Grandja
6dc3944eef Add OidcClientRegistrationAuthenticationProvider.setRegisteredClientConverter()
Closes gh-696
2022-10-31 14:45:39 -04:00
Joe Grandja
4eb25c163f Polish gh-920 2022-10-31 11:56:03 -04:00
Jonah Back
356d669a78 Fix URL encoding for authorization request state parameter
Closes gh-875
2022-10-31 11:38:25 -04:00
Joe Grandja
bfd7a09c3b Polish gh-946 2022-10-28 17:36:14 -04:00
Daniel Garnier-Moiroux
efbfdc234c Improve customizing OIDC Client Registration endpoint
Related gh-696

Closes gh-946
2022-10-28 17:35:11 -04:00
Joe Grandja
2ba711c83a Polish gh-929 2022-10-28 14:23:16 -04:00
Daniel Garnier-Moiroux
8d7f8b3420 Improve customizing OIDC UserInfo endpoint
Closes gh-785
2022-10-27 13:55:02 -04:00
Joe Grandja
feec9a64a4 Merge branch 0.4.x into main
The following commits are merged using the default merge strategy.

72804be45b Extract OIDC client configuration implementation
b1b2bc438f Update OAuth 2.1 spec link in README.adoc
8c2b095195 Extract JwtDecoderFactory from JwtClientAssertionAuthenticationProvider
2022-10-27 13:42:26 -04:00
Joe Grandja
8c2b095195 Extract JwtDecoderFactory from JwtClientAssertionAuthenticationProvider
Closes gh-944
2022-10-27 10:12:35 -04:00
Joe Grandja
72804be45b Extract OIDC client configuration implementation
Closes gh-941
2022-10-25 15:13:14 -04:00
Joe Grandja
629e220c2f Use Boolean field for OidcUserInfo.phoneNumberVerified
Related https://github.com/spring-projects/spring-security/issues/11315

Closes gh-923
2022-10-24 14:47:48 -04:00
Joe Grandja
410d69e1cd Merge branch 0.4.x into main
The following commits are merged using the default merge strategy.

d7aa72af68 Disable OpenID Connect 1.0 by default
9c964e37b0 Update reference for customizing Authorization Server metadata response
2022-10-24 14:02:56 -04:00
Joe Grandja
79304d6fd9 Add @Configuration with @EnableWebSecurity
Closes gh-935
2022-10-23 09:02:22 -04:00
Joe Grandja
12455fc64c Use SecurityContextRepository.loadDeferredContext()
Closes gh-933
2022-10-23 09:01:42 -04:00
Joe Grandja
64d26a42a0 Use securityMatcher() and authorizeHttpRequests()
Closes gh-922
2022-10-23 09:01:04 -04:00
Joe Grandja
d7aa72af68 Disable OpenID Connect 1.0 by default
Closes gh-928
2022-10-20 09:31:49 -04:00
Joe Grandja
081e3b8ad9 Fix merge conflicts 2022-09-20 13:57:05 -04:00
Joe Grandja
2ed0080f72 Merge branch 0.4.x into main
The following commits are merged using the default merge strategy.

80b01854f2 Update README with documentation links
4d94e7095d Decompose OAuth2AuthorizationCodeRequestAuthenticationProvider
cd6f1d7dc3 Return registration_endpoint when client registration is enabled
26aed3c183 Polish gh-881
92dbcf29a5 Move integration tests for OidcProviderConfiguration
2022-09-20 13:46:19 -04:00
Joe Grandja
92dbcf29a5 Move integration tests for OidcProviderConfiguration 2022-09-20 12:25:58 -04:00
Joe Grandja
26aed3c183 Polish gh-881 2022-09-20 11:23:42 -04:00
sahariardev
cd6f1d7dc3 Return registration_endpoint when client registration is enabled
Closes gh-370
2022-09-20 11:22:45 -04:00
Joe Grandja
4d94e7095d Decompose OAuth2AuthorizationCodeRequestAuthenticationProvider
Closes gh-896
2022-09-20 06:03:32 -04:00
Joe Grandja
d184363591 Merge branch 0.4.x into main
The following commits are merged using the default merge strategy.

70d433a45a Update ref-doc with OAuth2Authorization.getAuthorizedScopes()
0994a1e1e1 Allow customizing OIDC Provider Configuration Response
8043b8c949 Allow customizing Authorization Server Metadata Response
4466cbe69d Use configured ID Token signature algorithm
502fa24cfb Polish gh-787
07d69cbfb4 Validate client secret not expired
2cc603c7e7 Improve configurability for AuthenticationConverter and AuthenticationProvider
1db05991af Make OAuth2AuthenticationContext an interface
c326b1a2ba Remove OAuth2AuthenticationValidator
2022-09-13 04:36:21 -04:00
Joe Grandja
c326b1a2ba Remove OAuth2AuthenticationValidator
Closes gh-891
2022-09-12 16:57:22 -04:00
Joe Grandja
2cc603c7e7 Improve configurability for AuthenticationConverter and AuthenticationProvider
Closes gh-417
2022-09-07 04:29:03 -04:00
doctormacky
07d69cbfb4 Validate client secret not expired
Closes gh-850
2022-08-30 09:41:29 -04:00