DingHao
ef1226ddf8
Use Oauth2UserService bean in OidcReactiveOAuth2UserService
...
Closes gh-15846
2024-10-14 11:41:04 -07:00
Josh Cummings
b26f2af5d5
Polish
...
Formatting as well as adding a missing defer
Issue gh-15699
2024-10-07 16:39:54 -07:00
Max Batischev
2ca2e56383
Add Reactive One-Time Token Login support
...
Closes gh-15699
2024-10-07 16:39:54 -07:00
Cedric Montfort
aceb5fa6bb
Allow logout+jwt JWT type for reactive
...
The OIDC back-channel spec recommends using a logout token typ `logout+jwt`
(see [here](https://openid.net/specs/openid-connect-backchannel-1_0-final.html#LogoutToken ).
Support of this type was recently added [on the servlet side]([on the Servlet side](9101bf1f7d )), so back
porting the same on the reactive side to close the gap.
Closes gh-15702
2024-09-30 16:32:45 -07:00
Josh Cummings
29331a0d8c
Merge branch '6.3.x'
2024-09-30 17:24:03 -06:00
Josh Cummings
746464e035
Merge branch '6.2.x' into 6.3.x
2024-09-30 17:21:13 -06:00
Josh Cummings
c1857c0308
Fix Formatting
...
Issue gh-15771
2024-09-30 16:19:26 -07:00
chao.wang
690e012fb1
Improve OidcBackChannelLogoutTokenValidator error when provider issuer is missing
...
Closes gh-15771
2024-09-30 16:19:26 -07:00
Josh Cummings
ee9a887ae5
Fix Package Tangle
...
Move ObjectPostProcessor to be alongside Customizer, another
functional interface for describing Spring Security object
configuration.
2024-09-26 14:08:25 -06:00
Josh Cummings
d6b620b9f7
Make Observations Selectable
...
Closes gh-15678
2024-09-26 11:30:40 -06:00
Josh Cummings
1ed20aa210
Add ObservationRegistry Tests
...
Issue gh-11989
Issue gh-11990
2024-09-26 11:30:40 -06:00
Josh Cummings
717529deb4
Add Generic Type to ObjectPostProcessor Lookups
...
Issue gh-15678
2024-09-26 11:30:39 -06:00
Tran Ngoc Nhan
9dda65a5e3
Polish CorsSpecTests
...
Use concrete ApplicationContext to simplify future maintenance.
Issue gh-4832
2024-09-23 16:11:43 -07:00
Steve Riesenberg
cd7f6e09b0
Look up ReactiveOAuth2AccessTokenResponseClient as a bean
...
Closes gh-11097
2024-09-23 11:06:12 -05:00
Josh Cummings
b311b811a1
Pick Up OidcSessionRegistry Bean
...
Closes gh-15813
2024-09-15 21:30:55 -07:00
Josh Cummings
8bb5875595
Expose OidcBackChannelLogoutHandler
...
This component already uses by default a URI that doesn't require
a CSRF token and aalready allows for configuring a cookie name.
So, by making it public and configurable in the DSL, both
of these tickets quite naturally close.
Closes gh-13841
Closes gh-14904
2024-09-15 21:30:55 -07:00
Josh Cummings
2d4c498c3b
Test Meta-Annotation Class Type Support in Reactive
...
Issue gh-15747
2024-09-15 21:30:55 -07:00
Josh Cummings
75fd84ce16
Test Reactive Method Security Exactly-One Invocation Semantics
...
Issue gh-15651
2024-09-15 21:30:55 -07:00
Josh Cummings
1aec571a81
Test Reactive Method Security Exactly Once Semantics
...
Issue gh-15592
2024-09-15 21:30:55 -07:00
Josh Cummings
3e1f8bb960
Test Reactive Method Security with Abstract Classes
...
Issue gh-15352
2024-09-15 21:30:55 -07:00
Josh Cummings
fee5dd30c0
Test AuthorizeReturnObject in Reactive
...
Issue gh-14597
2024-09-15 21:30:55 -07:00
Josh Cummings
fc2ad34e5d
Test meta-annotation parameter support in Reactive
...
Issue gh-14480
2024-09-15 21:30:55 -07:00
Steve Riesenberg
51c226f24c
Add loginPage() to DSL in reactive oauth2Login()
...
Closes gh-15674
2024-09-11 15:56:54 -05:00
Daniel Garnier-Moiroux
7e41785dfc
Remove trailing spaces in default UIs
...
- Default UIs had blank lines with only spaces. These get deleted by the
spring-javaformat plugin. In order to avoid this behavior, an extra \s
had been inserted in the tests. The reason for those \s is not obvious.
- This commit cleans up the \s but changing the HTML templates.
2024-09-11 10:44:45 -07:00
Daniel Garnier-Moiroux
85693b2806
Add DefaultResourcesFitler to XML configuration
2024-09-11 10:21:12 -07:00
Daniel Garnier-Moiroux
c1b9035544
Use static CSS in OneTimeToken default UI
2024-09-10 12:46:13 -07:00
Daniel Garnier-Moiroux
45d53973ab
Serve static content (css, js) for reactive default UIs from DefaultResourcesWebFilter
2024-09-10 12:46:13 -07:00
Daniel Garnier-Moiroux
11616a1d78
Use static CSS in servlet default UI
2024-09-10 12:46:13 -07:00
Daniel Garnier-Moiroux
c5c5cd5ed0
Serve static content (css, js) for default UIs from DefaultResourcesFilter
2024-09-10 12:46:13 -07:00
Josh Cummings
be6dc1d2bf
Polish MethodSecurityExpressionHandler Test
...
- Rename to follow convention
- Use a mock object to verify usage
Issue gh-15715
2024-09-10 13:12:47 -06:00
DingHao
ef8b0addbb
Support custom MethodSecurityExpressionHandler
...
Closes gh-15715
2024-09-10 12:01:29 -07:00
Josh Cummings
fd5d03d384
Add AuthorizeReturnObject Hints
...
Closes gh-15709
2024-09-10 11:57:31 -07:00
Daniel Garnier-Moiroux
6428bf2bd8
Add test for rendering "request token" form in OneTimeTokenLoginConfigurerTests
2024-09-06 09:13:30 -03:00
Daniel Garnier-Moiroux
8d47906191
Render default UIs using lightweight templates
2024-09-05 15:02:42 -07:00
Josh Cummings
c0a10b90ba
Merge remote-tracking branch 'origin/6.3.x'
2024-09-04 14:48:23 -06:00
DingHao
5c20505b0e
Support Class Attributes in Annotation Template Processing
...
Closes gh-15721
2024-09-04 13:41:46 -07:00
Marcus Hert Da Coregio
00e4a8fb54
Add support for One-Time Token Login
...
Closes gh-15114
2024-09-03 10:07:56 -03:00
Josh Cummings
d2e8c19789
Merge branch '6.3.x'
2024-08-26 16:33:04 -06:00
Josh Cummings
279cb89eac
Merge branch '6.2.x' into 6.3.x
2024-08-26 16:32:58 -06:00
Hero Wanders
f372f5cf52
Replace OidcSessionStrategy References with OidcSessionRegistry
2024-08-26 15:32:35 -07:00
Josh Cummings
dff3780c5e
Merge branch '6.3.x'
2024-08-22 12:38:17 -06:00
Josh Cummings
4c0d969f1f
Merge branch '6.2.x' into 6.3.x
...
Closes gh-15676
2024-08-22 12:37:45 -06:00
Josh Cummings
3ee5a96e53
Merge branch '5.8.x' into 6.2.x
...
Closes gh-15675
2024-08-22 12:24:56 -06:00
Josh Cummings
5c604b95fb
Correct PostFilterAuthorizationMethodInterceptor Target Type
...
Previously, `postFilterAuthorizationMethodInterceptor` mistakenly
was published as an `Advisor`. Because `MethodSecurityAdvisorRegistrar`
re-publishes each pre/post annotation interceptor also as an `Advisor`,
this resulted in a duplicate advisor for `@PostFilter`.
Closes gh-15651
2024-08-22 12:10:25 -06:00
Josh Cummings
6352877bc4
Merge branch '6.3.x'
2024-08-19 12:34:32 -06:00
Josh Cummings
ae8e4d148e
Produce Exactly One AuthorizationAdvisor Per Annotation
...
Closes gh-15592
2024-08-19 12:30:03 -06:00
DingHao
ed16c86115
Improve @CurrentSecurityContext meta-annotations
...
Closes gh-15551
2024-08-13 13:18:15 -06:00
Josh Cummings
08b8b09066
Update Copyright
...
Issue gh-15286
2024-08-10 11:48:14 -06:00
Josh Cummings
2b33f6f04a
Add Config Tests for AuthenticationPrincipal Templates
...
Issue gh-15286
2024-08-10 11:46:51 -06:00
Josh Cummings
e40c98e6d7
Deprecate PrePostTemplateDefaults
...
Since there is nothing specific to configuring pre/post
annotations, there is no need for the extra class.
If a need like this does arise in the future,
either AnnotationTemplateExpressionDefaults can be sub-
classed, or it can have introduced a Map field holding
custom properties.
Issue gh-15286
2024-08-10 11:46:51 -06:00