Commit Graph

2726 Commits

Author SHA1 Message Date
Josh Cummings
7d301f87d6 Add Opt-in PathPattern Strategy
Closes gh-16573
2025-02-21 13:40:24 -07:00
Josh Cummings
588220a020 Add PathPatterRequestMatcher
Closes gh-16429
Clsoes gh-16430
2025-02-21 13:40:23 -07:00
Josh Cummings
51ce91f07b Merge branch '6.4.x' 2025-02-18 15:11:08 -07:00
Josh Cummings
cc2cfc62b0 Add Test Requiring serialVersionUID
Issue gh-16276
2025-02-18 15:06:50 -07:00
tejas-teju
c4b223266c Return Invalid Credentials message on login error
Closes gh-16484

Signed-off-by: tejas-teju <tejas8196@gmail.com>
2025-02-14 16:01:22 -07:00
Josh Cummings
e42865b926 Merge branch '6.4.x' 2025-02-14 13:08:17 -07:00
Josh Cummings
946812691e Make AuthenticatorAttestation Serializable
Issue gh-16481
2025-02-14 13:07:56 -07:00
Max Batischev
b5a4218a0b Make WebAuthnAuthenticationRequestToken Serializable
Closes gh-16481

Signed-off-by: Max Batischev <mblancer@mail.ru>
2025-02-14 11:51:46 -07:00
plll0123
f9e04594a7 Refactor authorization manager variable naming
- Renamed PERMIT_ALL_AUTHORIZATION_MANAGER to snake_case style
- Introduced AUTHORIZATION_DECISION for reuse

Signed-off-by: plll0123 <jsh951227@gmail.com>
2025-02-14 10:02:55 -07:00
Josh Cummings
666d3a4af6 Merge branch '6.4.x' 2025-02-13 17:25:39 -07:00
Max Batischev
879b44f9a1 Make PublicKeyCredentialRequestOptions Serializable
Closes gh-16432

Signed-off-by: Max Batischev <mblancer@mail.ru>
2025-02-13 17:17:16 -07:00
Joe Grandja
2480d41981 Add support for OAuth 2.0 Demonstrating Proof of Possession (DPoP)
Signed-off-by: Joe Grandja <10884212+jgrandja@users.noreply.github.com>
2025-02-11 14:10:23 -05:00
Daniel Garnier-Moiroux
238f47ce5e One Time Token login registers the default login page
closes gh-16414

Signed-off-by: Daniel Garnier-Moiroux <git@garnier.wf>
2025-02-10 09:55:51 -06:00
Daniel Garnier-Moiroux
5ee6b83953 Introduce OneTimeTokenAuthenticationFilter
closes gh-16539

Signed-off-by: Daniel Garnier-Moiroux <git@garnier.wf>
2025-02-10 09:55:51 -06:00
Josh Cummings
8e19b8039c Merge branch '6.4.x' 2025-02-05 15:49:20 -07:00
Josh Cummings
4776446b14 Add Missing Serialzed AuthorizationDeniedException
Issue gh-16544
2025-02-05 15:48:55 -07:00
Max Batischev
9676739c88 TestServerOneTimeTokenGenerationSuccessHandler.lastToken to non-static variable
Signed-off-by: Max Batischev <mblancer@mail.ru>
2025-02-05 14:14:16 -07:00
Max Batischev
be81377235 Add Support ServerGenerateOneTimeTokenRequestResolver
Closes gh-16488

Signed-off-by: Max Batischev <mblancer@mail.ru>
2025-02-05 14:14:16 -07:00
Josh Cummings
981e3fd779 Merge branch '6.4.x' 2025-02-05 13:59:12 -07:00
Josh Cummings
b4c7795699 Support Serialization for Authorization Components
Closes gh-16544
2025-02-05 13:58:32 -07:00
DingHao
f7e0f7fa8a Polish OneTimeTokenLoginConfigurer
Signed-off-by: DingHao <dh.hiekn@gmail.com>
2025-02-04 12:38:27 -07:00
Josh Cummings
5ff87128b1 Make Saml2AuthenticationToken Serializable
Issue gh-16286
2025-02-03 10:13:14 -07:00
Tran Ngoc Nhan
bcc4b415b3 Make RelyingPartyRegistration Serializable
Closes gh-16286
2025-02-03 10:13:13 -07:00
Rob Winch
10394c8f2a OTT Tests use Mocks Instead of Comparing Expires
Previously, expires was compared to test if a custom implementations
were used. Now the tests verify this through mocks.

Closes gh-16515
2025-01-31 16:47:50 -06:00
Josh Cummings
5af4b9a2ad Merge branch '6.4.x' 2025-01-30 18:06:01 -07:00
Josh Cummings
4b5bacf71a Make Saml2AuthenticationToken Serializable
Issue gh-16286
2025-01-30 18:05:17 -07:00
Tran Ngoc Nhan
e50415de85 Make RelyingPartyRegistration Serializable
Closes gh-16286
2025-01-30 17:45:41 -07:00
Josh Cummings
28615e7f64 Remove Stray Import 2025-01-24 11:47:40 -07:00
Rob Winch
a841737941 Use credPropsField.getType()
Using the type from a field retains generics information.

Issue gh-16432
2025-01-23 20:13:11 -06:00
Max Batischev
c7bc4c98db Make PublicKeyCredentialRequestOptions Serializable
Closes gh-16432

Signed-off-by: Max Batischev <mblancer@mail.ru>
2025-01-23 20:13:10 -06:00
Josh Cummings
e1a42db845 Merge branch '6.4.x' 2025-01-23 17:03:53 -07:00
Josh Cummings
e1e5970a24 Support Serialization for LDAP Components
Issue gh-16276
2025-01-23 16:55:30 -07:00
Josh Cummings
36716d12ba Serialization Support of Core Components
Issue gh-16276
2025-01-23 16:50:30 -07:00
Josh Cummings
d7921daa13 Support Serialization for SecurityConfig
Issue gh-16276
2025-01-23 16:44:53 -07:00
Josh Cummings
d043884e32 Support Serialization
Issue gh-16276
2025-01-23 16:44:45 -07:00
Rob Winch
177ce59a4b Merge branch '6.4.x'
Implement Serializable for WebAuthnAuthentication

Closes gh-16474
2025-01-23 14:12:30 -06:00
Tran Ngoc Nhan
e557c7227b Implement Serializable for WebAuthnAuthentication
Closes gh-16273
Closes gh-16285

Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
2025-01-23 13:53:26 -06:00
Rob Winch
f8132018d5 Merge branch '6.4.x'
TestOneTimeTokenGenerationSuccessHandler.lastToken to non-static variable

Closes gh-16472
2025-01-23 12:45:09 -06:00
Rob Winch
751b5580a1 TestOneTimeTokenGenerationSuccessHandler.lastToken to non-static variable
Previously there were race conditions on the static member lastToken of
TestOneTimeTokenGenerationSuccessHandler. This is because the tests run in
parallel and one test may override the other tests lastToken and thus
make the assertion on it incorrect.

This commit changes lastToken to be a non-static variable to ensure that
each test has it's own lastToken for asserting the expected value.

Closes gh-16471
2025-01-23 12:43:22 -06:00
Steve Riesenberg
4f860a5481 Merge branch '6.4.x'
# Conflicts:
#	config/src/main/java/org/springframework/security/config/annotation/web/configurers/oauth2/client/OAuth2LoginConfigurer.java
2025-01-22 17:30:29 -06:00
Max Batischev
474b5e151a Add Support GenerateOneTimeTokenRequestResolver
Closes gh-16291

Signed-off-by: Max Batischev <mblancer@mail.ru>
2025-01-22 17:09:55 -06:00
Steve Riesenberg
d97e01d1de Merge branch '6.3.x' into 6.4.x
Closes gh-16466
2025-01-22 17:09:34 -06:00
Steve Riesenberg
211fa52649 Favor provided instances over shared objects
Prior to this commit, providing oauth2Login() and oauth2Client() with
clientRegistrationRepository() and authorizedClientRepository() caused
objects to be shared across both configurers.

These configurers will now prefer explicitly provided instances of
those objects when they are available.

Closes gh-16105
2025-01-22 17:07:44 -06:00
Rob Winch
68c8a5ad99 Remove debug test
Issue gh-16443
2025-01-22 16:11:25 -06:00
Rob Winch
6149489b70 Merge branch '6.4.x'
fix flakey test in WebAuthnWebDriverTests

Closes gh-16464
2025-01-22 14:46:05 -06:00
Daniel Garnier-Moiroux
028c212be4 fix flakey test in WebAuthnWebDriverTests
Closes gh-16463

Signed-off-by: Daniel Garnier-Moiroux <git@garnier.wf>
2025-01-22 14:45:44 -06:00
Rob Winch
4ee9358900 Add serializeAndDeserializeAreEqual
Checks that serialization/deserialization can be performed.

Issue gh-16443
2025-01-22 14:06:11 -06:00
Tran Ngoc Nhan
e5ea75f7f4 Implement Serial
Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
2025-01-21 18:14:52 -06:00
Rob Winch
a2abe3c33e Add HttpMessageConverter WebAuthnDsl Support
Issue gh-16397
2025-01-17 21:07:46 -06:00
Rob Winch
4314e68329 Add WebAuthenticationDsl.creationOptionsRepository
Issue gh-16396
2025-01-17 20:51:43 -06:00