Commit Graph

1091 Commits

Author SHA1 Message Date
Josh Cummings
7561a02cdd Merge branch '6.0.x' 2022-12-05 11:13:43 -07:00
Josh Cummings
813179931a Disable Some R2dbc Tests
Issue gh-12339
2022-12-05 11:13:15 -07:00
Josh Cummings
cd0f02de49 Polish authorities claim delimiter
PR gh-12074
2022-12-02 14:30:31 -07:00
Patrick Walter
9c9fd9f4bd Add configurable authorities split regex
Before this commit splitting the authorities claim was done by a
hardcoded regex " ". This commit allows to configure to set any regex
to split the authorities claim while keeping the previously
hardcoded regex as a default.

Closes gh-12074
2022-12-02 14:30:30 -07:00
Josh Cummings
b22bc42bb0 Merge branch '5.8.x' into 6.0.x
Closes gh-12325
2022-11-30 14:50:51 -07:00
Josh Cummings
29c00905ce Merge branch '5.7.x' into 5.8.x
Closes gh-12324
2022-11-30 14:49:26 -07:00
Josh Cummings
667cab6cda Merge branch '5.6.x' into 5.7.x
Closes gh-12323
2022-11-30 14:38:16 -07:00
이경욱
52c7141aac Save Request Before Response Is Committed
Specifically important for cookie-based authorization request
repositories.

Closes gh-11602
2022-11-30 14:33:08 -07:00
Steve Riesenberg
bb3d92e33a Update r2dbc-h2 to 1.0.0.RELEASE
Closes gh-12251
2022-11-18 23:04:38 -06:00
Steve Riesenberg
4e88623873 Polish gh-12087 in 6.0 2022-11-17 14:31:44 -06:00
Steve Riesenberg
a3d35ecf3c Merge branch '5.8.x'
Closes gh-12234
2022-11-17 14:27:41 -06:00
Michael Sosa
52888d6206 Warn when AuthorizationGrantType does not match
Log a warning when AuthorizationGrantType does not exactly match a
pre-defined constant.

Closes gh-11905
2022-11-17 14:17:54 -06:00
Steve Riesenberg
ce065a87da Merge branch '5.8.x'
Closes gh-12207
2022-11-14 12:25:05 -06:00
Steve Riesenberg
71eb71d185 Merge branch '5.7.x' into 5.8.x
Closes gh-12206
2022-11-14 12:11:59 -06:00
Steve Riesenberg
67a1f0836b Merge branch '5.6.x' into 5.7.x
Closes gh-12205
2022-11-14 12:10:55 -06:00
Steve Riesenberg
fde26e003a Request user info when AS returns no scopes
Closes gh-12144
2022-11-10 16:29:43 -06:00
Josh Cummings
5fe59cc635 Revert "Add configurable authorities split regex"
This reverts commit e93ed6d94c.

This can't be merged until after the 6.0 release
2022-11-01 17:39:26 -06:00
Patrick Walter
e93ed6d94c Add configurable authorities split regex
Before this commit splitting the authorities claim was done by a
hardcoded regex " ". This commit allows to configure to set any regex
to split the authorities claim while keeping the previously
hardcoded regex as a default.
2022-11-01 17:38:47 -06:00
Josh Cummings
cca999c57d Merge remote-tracking branch 'origin/5.8.x' 2022-11-01 13:46:08 -06:00
Josh Cummings
d29ab8bcae Merge branch '5.7.x' into 5.8.x 2022-11-01 13:43:40 -06:00
Josh Cummings
c94e33b6c8 Merge branch '5.6.x' into 5.7.x 2022-11-01 13:42:35 -06:00
Ger Roza
8315545144 Update RP-Initiated Logout target URLs.
The URLs we're using are not actually pointing to the OIDC RP-Initiated Logout Specs.

Fixes: gh-12081
2022-11-01 12:35:39 -06:00
Steve Riesenberg
801ceb0832 Merge branch '5.8.x' 2022-10-31 08:58:14 -05:00
Steve Riesenberg
66f2f1cde7 Merge branch '5.7.x' into 5.8.x 2022-10-31 08:55:03 -05:00
Steve Riesenberg
2915a70bf7 Merge branch '5.6.x' into 5.7.x 2022-10-28 13:05:48 -05:00
Steve Riesenberg
26a51ee198 Merge branch '5.5.x' into 5.6.x 2022-10-28 11:15:33 -05:00
Steve Riesenberg
e7fe778abc Merge branch '5.4.x' into 5.5.x 2022-10-28 11:13:33 -05:00
Steve Riesenberg
3e2ac82612 Merge branch '5.3.x' into 5.4.x 2022-10-28 11:10:39 -05:00
Steve Riesenberg
5560bbaa80 Merge branch '5.2.x' into 5.3.x 2022-10-28 11:07:51 -05:00
Steve Riesenberg
75004587a4 Fix scope mapping
Issue gh-12101
2022-10-28 11:00:27 -05:00
Josh Cummings
f4cc27c375 Change Default for (Server)AuthenticationEntryPointFailureHandler
Closes gh-9429
2022-10-13 20:03:03 -06:00
Josh Cummings
5afc7cb04f Merge remote-tracking branch 'origin/5.8.x' 2022-10-13 19:48:05 -06:00
Josh Cummings
099aaa33ff Remove Deprecation Markers
Since Spring Security still needs these methods and classes, we
should wait on deprecating them if we can.

Instead, this commit changes the original classes to have a
boolean property that is currently false, but will switch to true
in 6.0.

At that time, BearerTokenAuthenticationFilter can change to use
the handler.

Closes gh-11932
2022-10-13 19:47:22 -06:00
Daniel Garnier-Moiroux
200b7fecd3 Add (Server)AuthenticationEntryPointFailureHandlerAdapter
Issue gh-11932, gh-9429

(Server)AuthenticationEntryPointFailureHandler should produce HTTP 500 instead
when an AuthenticationServiceException is thrown, instead of HTTP 401.
This commit deprecates the current behavior and introduces an opt-in
(Server)AuthenticationEntryPointFailureHandlerAdapter with the expected
behavior.

BearerTokenAuthenticationFilter uses the new adapter, but with a closure
to keep the current behavior re: entrypoint.
2022-10-13 19:25:04 -06:00
Josh Cummings
14584b0562 Add SecurityContextHolderStrategy to OAuth2
Issue gh-11060
2022-10-05 23:50:54 -06:00
Marcus Da Coregio
7f0140278e Add native hint for OAuth2 Client's schemas
Closes gh-11920
2022-09-29 10:01:51 -03:00
Steve Riesenberg
181ee7410b Change default authority for oauth2Login()
Previously, the default authority was ROLE_USER when using
oauth2Login() for both OAuth2 and OIDC providers.

* Default authority for OAuth2UserAuthority is now OAUTH2_USER
* Default authority for OidcUserAuthority is now OIDC_USER

Documentation has been updated to include this implementation detail.

Closes gh-7856
2022-09-26 10:06:31 -05:00
Steve Riesenberg
7527fd811c Merge branch '5.8.x' 2022-09-26 09:56:55 -05:00
Steve Riesenberg
bbac85e20b Reduce severity of invalid registrationId to warn
This prevents filling the log file with error messages when routine
scans are being performed.

Closes gh-11344
2022-09-26 09:56:20 -05:00
Josh Cummings
ae6fb8c681 Add Deprecated Versions of Original Classes
Issue gh-7349
2022-09-23 16:31:22 -06:00
Josh Cummings
37a160245f Adjust OAuth2 Resource Server packaging
Closes gh-7349
2022-09-23 16:31:21 -06:00
Josh Cummings
53dbcfd457 Add Deprecated Versions of Original Classes
Issue gh-7349
2022-09-23 12:06:59 -06:00
Steve Riesenberg
3c66ef6305 Change default SecurityContextRepository
Save SecurityContext in request attributes for stateless session
management using RequestAttributeSecurityContextRepository.

Closes gh-11026
2022-09-22 17:31:14 -05:00
Josh Cummings
70460ca009 Adjust OAuth2 Resource Server packaging
Closes gh-7349
2022-09-20 17:44:05 -06:00
Marcus Da Coregio
fee1ffa422 Fix JSONObject and JSONArray imports in tests
Issue gh-11858
2022-09-16 15:57:43 -03:00
Steve Riesenberg
67a00bcaa0 Fix JSONObject and JSONArray imports in tests 2022-09-16 13:38:57 -05:00
Steve Riesenberg
c6458c35aa Merge branch '5.8.x' 2022-09-14 15:12:21 -05:00
Daniel Garnier-Moiroux
bea7761a1c ClientRegistrations#rest defines 30s connect and read timeouts 2022-09-14 15:10:34 -05:00
Steve Riesenberg
2431dd1103 Merge branch '5.8.x' 2022-09-13 17:38:10 -05:00
Steve Riesenberg
355ef21117 Polish gh-11665 2022-09-13 16:45:39 -05:00