Cwikius-Spring/spring-security
1
0
Fork 0
mirror of synced 2026-05-22 21:33:16 +00:00
Code Issues Packages Projects Releases Wiki Activity
20,913 Commits 54 Branches 379 Tags
main
Commit Graph

316 Commits

Author SHA1 Message Date
Joe Grandja 4ce3fade21 Add @Nullable to DefaultOidcUser.equals() 
Issue gh-18622
 2026-04-02 11:02:22 -04:00
Joe Grandja 9527a4b281 Merge branch '7.0.x' 2026-04-02 10:58:06 -04:00
Joe Grandja 77fe9e892a Merge branch '6.5.x' into 7.0.x 
Closes gh-19022
 2026-04-02 10:52:15 -04:00
Joe Grandja eefbb4da64 Fix DefaultOidcUser.equals() 
Closes gh-18622
 2026-04-02 10:41:32 -04:00
Josh Cummings cb129d6b2d Merge branch '7.0.x' 2026-03-31 15:56:49 -06:00
Josh Cummings d4678c8e04 Add Missing Serialization Support 
Closes gh-19013

Signed-off-by: Josh Cummings <3627351+jzheaux@users.noreply.github.com>
 2026-03-31 15:55:09 -06:00
Andrey Litvitski 2fda37de53 Fix equals nullability annotations for jspecify compliance 
In this commit, we added `@Nullable` to equals methods of classes that
support `jspecify` for consistency with other Spring projects and to
avoid bugs that caused other Spring projects to do this natively.

Closes: gh-18929, gh-18927

Signed-off-by: Andrey Litvitski <andrey1010102008@gmail.com>
 2026-03-23 09:25:57 -06:00
Joe Grandja 61177aed85 Remove NullAway SuppressWarnings in ClaimAccessor 
Issue gh-17820
 2026-03-11 13:53:30 -04:00
Tran Ngoc Nhan f2b7cb2de5 Support hasScope in Method Security 
Closes gh-18013

Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
 2026-02-10 15:23:32 -07:00
Tran Ngoc Nhan 20493ef45f Add javadoc-warnings-error 
Closes gh-18461

Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
 2026-02-02 12:06:12 -06:00
Joe Grandja 2a2f13fbd3 Polish Nullability for oauth2-core 
Issue gh-17820
 2026-02-02 09:00:46 -06:00
Joe Grandja db5310bee8 Enable null-safety in spring-security-oauth2-core 
Closes gh-17820
 2026-02-02 09:00:40 -06:00
paulvas da4362111a Fix: Enforce compiler warnings in oauth2-core 
To prevent future compiler warnings from being introduced, this change
applies the `compile-warnings-error` plugin to the
`spring-security-oauth2-core` module.

This ensures that any new warnings will fail the build, maintaining
code quality and preventing warning accumulation.

Fixes: gh-18434
Signed-off-by: Pavel Vassiliev <paulvas@gmail.com>
Signed-off-by: paulvas <paulvas@gmail.com>
 2026-01-12 13:57:57 -06:00
Pavel Vassiliev 1ddccd8a39 Fix spring-security-oauth2-core compiler warnings 
Closes: gh-18434
Signed-off-by: Pavel Vassiliev <paulvas@gmail.com>

Signed-off-by: paulvas <paulvas@gmail.com>
 2026-01-12 13:57:57 -06:00
Rob Winch a181733365 Encapsulate GenericHttpMessageConverterAdapter 
This will allow its removal in gh-18073
 2025-10-19 17:03:19 -05:00
Sébastien Deleuze 137f8fd670 Add support for JacksonJsonHttpMessageConverter 
This commit introduces classpath checks and instantiation of
JacksonJsonHttpMessageConverter (based on Jackson 3) leveraging
a new GenericHttpMessageConverterAdapter which allows to adapt
SmartHttpMessageConverter to GenericHttpMessageConverter.

See gh-17832
Signed-off-by: Sébastien Deleuze <sdeleuze@users.noreply.github.com>
 2025-10-19 17:03:19 -05:00
Joe Grandja fbf7bb3be1 Allow OAuth2AuthorizationRequest to be extended 
Closes gh-18049
 2025-10-14 16:34:59 -04:00
Josh Cummings eeb383ac46 Fix Checkstyle 
Issue gh-17623
 2025-08-07 14:32:18 -06:00
Josh Cummings 6d1a886f92 Deprecate SERIAL_VERSION_UID 
Closes gh-17623
 2025-08-07 11:09:35 -06:00
Rob Winch f6cb0bd610 Merge Use 2004-present Copyright Header 
The original merge into main did not apply the changes. This fixes it.
Closes gh-17635
 2025-07-29 10:52:42 -05:00
Rob Winch 2fdca16c1a Merge branch '6.4.x' into 6.5.x 
Closes gh-17634
 2025-07-29 09:47:52 -05:00
Rob Winch 392129b616 Use 2004-present Copyright Header 
The Spring portfolio is changing to use <inception-year>-present in
the copyright headers to simplify keeping headers up to date. This
commit updates the headers and the checkstyle accordingly.

The commit updated etc/checkstyle/header.txt

It also updated the copyright headers using the following find/replace:

Find: (Copyright \d{4})\s*(\-\d{4})? the original author or authors.
Replace: Copyright 2004-present the original author or authors.

Closes gh-17633
 2025-07-29 09:45:23 -05:00
Joe Grandja cfe38957d7 Remove Resource Owner Password Credentials grant 
Closes gh-17446
 2025-07-03 14:23:23 -04:00
Maximilian Klose ec05e65668 Add Equals and HashCode methods for better comparison. 
Closes gh-16394

Signed-off-by: Maximilian Klose <maximilian.klose@adesso.de>
 2025-05-27 13:53:07 -06:00
hammadirshad 1a4602c8c3 Add mapping for DPoP in DefaultMapOAuth2AccessTokenResponseConverter 
Closes gh-16806

Signed-off-by: muha <muha@kreftregisteret.no>
 2025-04-30 10:09:41 -04:00
Joe Grandja 19090e7873 Add request_uri in OAuth2ParameterNames 
Closes gh-16947
 2025-04-16 10:23:10 -04:00
Steve Riesenberg 9d442c13de Mark password grant for removal 
This commit also updates link to the document "Best Current Practice for
OAuth 2.0 Security" to point to RFC 9700.

Closes gh-16913
 2025-04-09 11:15:09 -05:00
Josh Cummings 2885b0f75f Add valueOf 
This commit adds a static factory for returning a constant
ClientAuthenticationMethod or creating a new one when there
is no match.

Issue gh-16825
 2025-04-02 11:16:30 -06:00
Rob Winch e6223dede3 Merge branch '6.4.x' 
- adb303e Add testRuntimeOnly junit-platform-launcher

Closes gh-16757
 2025-03-17 14:34:18 -05:00
Rob Winch 05116eabbd Merge branch '6.3.x' into 6.4.x 
- adb303e Add testRuntimeOnly junit-platform-launcher

Closes gh-16756
 2025-03-17 14:18:49 -05:00
Rob Winch adb303e152 Add testRuntimeOnly junit-platform-launcher 
Closes gh-16755
 2025-03-17 14:16:44 -05:00
Josh Cummings eb5252c4f0 Merge branch '6.4.x' 2025-02-24 17:03:13 -07:00
Pat McCusker 2bd3cadde8 Use possessive pronoun rather contraction 
Signed-off-by: Pat McCusker <patmccusker14@gmail.com>
 2025-02-24 17:02:45 -07:00
Pat McCusker bfce6e438d Add fourth oauth grant type to javadoc 
Signed-off-by: Pat McCusker <patmccusker14@gmail.com>
 2025-02-24 17:02:45 -07:00
Joe Grandja 2480d41981 Add support for OAuth 2.0 Demonstrating Proof of Possession (DPoP) 
Signed-off-by: Joe Grandja <10884212+jgrandja@users.noreply.github.com>
 2025-02-11 14:10:23 -05:00
Rob Winch ab629cc1ca Add AuthorizationGrantType.toString() 
This adds AuthorizationGrantType.toString() which makes debuging easier.
In particular, it will help when performing unit tests which validate the
AuthorizationGrantType.

Issue gh-16382
 2025-01-17 17:26:47 -06:00
Josh Cummings 6019803064 Merge branch '6.4.x' 2025-01-14 18:38:14 -07:00
Josh Cummings 244fd2eb51 Support Serialization in Exceptions 
Issue gh-16276
 2025-01-14 18:37:53 -07:00
Steve Riesenberg 6bc6946ad9 Make TokenType constructor public 
Closes gh-16086
 2024-12-18 16:51:47 -06:00
Steve Riesenberg a7b6c63442 Polish gh-16087 2024-12-18 16:48:25 -06:00
ThomasKasene 9404aaf010 Added a constant for DPOP in OAuth2AccessToken.TokenType 
Issue gh-14915
 2024-12-18 16:44:38 -06:00
Josh Cummings b9911fd522 Add serialVersionUID to Authentication classes 
Issue gh-16276
 2024-12-13 16:41:32 -07:00
Tran Ngoc Nhan ab93541926 Simplify condition in some methods 2024-10-25 13:42:33 -07:00
Tran Ngoc Nhan 31f8caec5f Polish diamond operator usage 2024-10-14 11:51:35 -07:00
Steve Riesenberg 1a97d07079 Merge branch '6.2.x' into 6.3.x 
Closes gh-15829
 2024-09-19 16:23:08 -05:00
Steve Riesenberg 551c483ee6 Merge branch '5.8.x' into 6.2.x 
Closes gh-15828
 2024-09-19 16:22:37 -05:00
Steve Riesenberg 7b7a3044cf Polish gh-15533 2024-09-19 16:13:03 -05:00
陈圳佳 8a791028b1 Fix array values of additionalParameters 
Closes gh-15468
 2024-09-19 16:10:00 -05:00
Steve Riesenberg 42d9f146d2 Polish gh-15533 2024-09-19 16:05:39 -05:00
陈圳佳 24dbc5de53 Fix array values of additionalParameters 
Closes gh-15468
 2024-09-19 16:05:39 -05:00