Commit Graph

1107 Commits

Author SHA1 Message Date
Marcus Da Coregio
92c82191c9 Merge branch '5.8.x' into 6.0.x
Closes gh-13882
2023-09-29 11:46:00 -03:00
Marcus Da Coregio
64e2a2ff8b Apply updated Code Style
Closes gh-13881
2023-09-29 11:44:32 -03:00
Steve Riesenberg
771d9cd8b6 Merge branch '5.8.x' into 6.0.x
Closes gh-13799
2023-09-12 17:00:47 -05:00
Steve Riesenberg
9b7a110704 Fix OAuth2AuthenticationExceptionMixinTests on JDK 17
Closes gh-11893
2023-09-12 16:51:47 -05:00
Josh Cummings
dbf0c66301 Fix Client Authentication Method Error Message
Closes gh-13496
2023-07-12 14:15:31 -06:00
Josh Cummings
5f26daedcb Error On Unsupported Client Authentication Methods
Closes gh-13144
2023-06-12 15:13:13 -06:00
Josh Cummings
69b17f3d3f Merge branch '5.8.x' into 6.0.x
Closes gh-13222
2023-05-24 15:29:39 -06:00
Josh Cummings
c1002ff745 Improve Error Handling
Closes gh-13143
2023-05-24 15:29:15 -06:00
Josh Cummings
b423db5f93 Merge branch '5.8.x' into 6.0.x
Closes gh-13005
2023-04-12 12:46:11 -06:00
Josh Cummings
28be37238d Merge branch '5.7.x' into 5.8.x
Closes gh-13004
2023-04-12 12:45:28 -06:00
Nick Meverden
c4e9fb885d Delay JWSVerificationKeySelector Construction
Updating the NimbusReactiveJwtDecoder.JwkSetUriReactiveJwtDecoderBuilder processor to execute the ConfigurableJWTProcessor customizations before holding a reference to the JWSKeySelector.

Closes gh-12960
2023-04-12 12:45:00 -06:00
Josh Cummings
64a1ad5cd6 Merge branch '5.8.x' into 6.0.x 2023-04-04 13:32:34 -06:00
Josh Cummings
5ffebaf12b Merge branch '5.7.x' into 5.8.x 2023-04-04 13:32:04 -06:00
Josh Cummings
39cee36065 Use SingletonSupplier
Issue gh-9991
2023-04-04 13:25:31 -06:00
luamas
7409d14504 fix javax.json.bind.Jsonb to jakarta.json.bind.Jsonb
Closes gh-12616
2023-02-03 12:30:17 -03:00
Josh Cummings
748e912685 Merge branch '5.8.x' into 6.0.x
Closes gh-12495
2023-01-06 12:56:21 -07:00
Josh Cummings
5e1db6a771 Merge branch '5.7.x' into 5.8.x
Closes gh-12494
2023-01-06 12:55:43 -07:00
Jon Kjennbakken
225dc593a8 Polish NimbusJwtDecoderTests
- Add missing mock

Closes gh-12238
2023-01-06 12:53:36 -07:00
Josh Cummings
7bd6deccc3 Revert "Disable Some R2dbc Tests"
This reverts commit 813179931a.

Closes gh-12339
2022-12-19 15:42:22 -07:00
Josh Cummings
813179931a Disable Some R2dbc Tests
Issue gh-12339
2022-12-05 11:13:15 -07:00
Josh Cummings
b22bc42bb0 Merge branch '5.8.x' into 6.0.x
Closes gh-12325
2022-11-30 14:50:51 -07:00
Josh Cummings
29c00905ce Merge branch '5.7.x' into 5.8.x
Closes gh-12324
2022-11-30 14:49:26 -07:00
Josh Cummings
667cab6cda Merge branch '5.6.x' into 5.7.x
Closes gh-12323
2022-11-30 14:38:16 -07:00
이경욱
52c7141aac Save Request Before Response Is Committed
Specifically important for cookie-based authorization request
repositories.

Closes gh-11602
2022-11-30 14:33:08 -07:00
Steve Riesenberg
bb3d92e33a Update r2dbc-h2 to 1.0.0.RELEASE
Closes gh-12251
2022-11-18 23:04:38 -06:00
Steve Riesenberg
4e88623873 Polish gh-12087 in 6.0 2022-11-17 14:31:44 -06:00
Steve Riesenberg
a3d35ecf3c Merge branch '5.8.x'
Closes gh-12234
2022-11-17 14:27:41 -06:00
Michael Sosa
52888d6206 Warn when AuthorizationGrantType does not match
Log a warning when AuthorizationGrantType does not exactly match a
pre-defined constant.

Closes gh-11905
2022-11-17 14:17:54 -06:00
Steve Riesenberg
ce065a87da Merge branch '5.8.x'
Closes gh-12207
2022-11-14 12:25:05 -06:00
Steve Riesenberg
71eb71d185 Merge branch '5.7.x' into 5.8.x
Closes gh-12206
2022-11-14 12:11:59 -06:00
Steve Riesenberg
67a1f0836b Merge branch '5.6.x' into 5.7.x
Closes gh-12205
2022-11-14 12:10:55 -06:00
Steve Riesenberg
fde26e003a Request user info when AS returns no scopes
Closes gh-12144
2022-11-10 16:29:43 -06:00
Josh Cummings
5fe59cc635 Revert "Add configurable authorities split regex"
This reverts commit e93ed6d94c.

This can't be merged until after the 6.0 release
2022-11-01 17:39:26 -06:00
Patrick Walter
e93ed6d94c Add configurable authorities split regex
Before this commit splitting the authorities claim was done by a
hardcoded regex " ". This commit allows to configure to set any regex
to split the authorities claim while keeping the previously
hardcoded regex as a default.
2022-11-01 17:38:47 -06:00
Josh Cummings
cca999c57d Merge remote-tracking branch 'origin/5.8.x' 2022-11-01 13:46:08 -06:00
Josh Cummings
d29ab8bcae Merge branch '5.7.x' into 5.8.x 2022-11-01 13:43:40 -06:00
Josh Cummings
c94e33b6c8 Merge branch '5.6.x' into 5.7.x 2022-11-01 13:42:35 -06:00
Ger Roza
8315545144 Update RP-Initiated Logout target URLs.
The URLs we're using are not actually pointing to the OIDC RP-Initiated Logout Specs.

Fixes: gh-12081
2022-11-01 12:35:39 -06:00
Steve Riesenberg
801ceb0832 Merge branch '5.8.x' 2022-10-31 08:58:14 -05:00
Steve Riesenberg
66f2f1cde7 Merge branch '5.7.x' into 5.8.x 2022-10-31 08:55:03 -05:00
Steve Riesenberg
2915a70bf7 Merge branch '5.6.x' into 5.7.x 2022-10-28 13:05:48 -05:00
Steve Riesenberg
26a51ee198 Merge branch '5.5.x' into 5.6.x 2022-10-28 11:15:33 -05:00
Steve Riesenberg
e7fe778abc Merge branch '5.4.x' into 5.5.x 2022-10-28 11:13:33 -05:00
Steve Riesenberg
3e2ac82612 Merge branch '5.3.x' into 5.4.x 2022-10-28 11:10:39 -05:00
Steve Riesenberg
5560bbaa80 Merge branch '5.2.x' into 5.3.x 2022-10-28 11:07:51 -05:00
Steve Riesenberg
75004587a4 Fix scope mapping
Issue gh-12101
2022-10-28 11:00:27 -05:00
Josh Cummings
f4cc27c375 Change Default for (Server)AuthenticationEntryPointFailureHandler
Closes gh-9429
2022-10-13 20:03:03 -06:00
Josh Cummings
5afc7cb04f Merge remote-tracking branch 'origin/5.8.x' 2022-10-13 19:48:05 -06:00
Josh Cummings
099aaa33ff Remove Deprecation Markers
Since Spring Security still needs these methods and classes, we
should wait on deprecating them if we can.

Instead, this commit changes the original classes to have a
boolean property that is currently false, but will switch to true
in 6.0.

At that time, BearerTokenAuthenticationFilter can change to use
the handler.

Closes gh-11932
2022-10-13 19:47:22 -06:00
Daniel Garnier-Moiroux
200b7fecd3 Add (Server)AuthenticationEntryPointFailureHandlerAdapter
Issue gh-11932, gh-9429

(Server)AuthenticationEntryPointFailureHandler should produce HTTP 500 instead
when an AuthenticationServiceException is thrown, instead of HTTP 401.
This commit deprecates the current behavior and introduces an opt-in
(Server)AuthenticationEntryPointFailureHandlerAdapter with the expected
behavior.

BearerTokenAuthenticationFilter uses the new adapter, but with a closure
to keep the current behavior re: entrypoint.
2022-10-13 19:25:04 -06:00