The deprecated (introspectionUri, clientId, clientSecret) constructors
that the builders replaced explicitly asserted non-null clientId and
clientSecret. Bring the builder's build() in line with that contract by
asserting at the API boundary rather than relying on downstream classes
to enforce it.
Closes gh-19201
Signed-off-by: Josh Cummings <3627351+jzheaux@users.noreply.github.com>
This commit gives a serialVersionUID to the private adapter class for the Jwt
authentication principal. It also adds a SuppressWarnings annotation so that
it doesn't get picked up by config's serialization tests. This is needed since
the test cannot construct a serialization sample for a private class
Issue gh-6237
Signed-off-by: Josh Cummings <3627351+jzheaux@users.noreply.github.com>
Removed note about DelegatingJwtGrantedAuthoritiesConverter from
ExpressionJwtGrantedAuthoritiesConverter and further explained in
DelegatingJwtGrantedAuthoritiesConverter where it comes in handy.
Issue gh-18300
Signed-off-by: Josh Cummings <3627351+jzheaux@users.noreply.github.com>
Given that RestClient does not read RequestEntity objects, let's
leave it out of a class built around using RestClient
Issue gh-18745
Signed-off-by: Josh Cummings <3627351+jzheaux@users.noreply.github.com>
Since similar classes have alternative versions using RestClient instead
of RestTemplate, I think we should do the same with this class.
Closes: gh-18745
Signed-off-by: Andrey Litvitski <andrey1010102008@gmail.com>
This commit introduces classpath checks and instantiation of
JacksonJsonHttpMessageConverter (based on Jackson 3) leveraging
a new GenericHttpMessageConverterAdapter which allows to adapt
SmartHttpMessageConverter to GenericHttpMessageConverter.
See gh-17832
Signed-off-by: Sébastien Deleuze <sdeleuze@users.noreply.github.com>
This commit adds support for Jackson 3 which has the following
major differences with the Jackson 2 one:
- jackson subpackage instead of jackson2
- Jackson type prefix instead of Jackson2
- JsonMapper instead of ObjectMapper
- For configuration, JsonMapper.Builder instead of ObjectMapper
since the latter is now immutable
- Remove custom support for unmodifiable collections
- Use safe default typing via a PolymorphicTypeValidator
Jackson 3 changes compared to Jackson 2 are documented in
https://cowtowncoder.medium.com/jackson-3-0-0-ga-released-1f669cda529a
and
https://github.com/FasterXML/jackson/blob/main/jackson3/MIGRATING_TO_JACKSON_3.md.
This commit does not cover webauthn which is a special case (uses
jackson sub-package for Jackson 2 support) which will be handled in
a distinct commit.
See gh-17832
Signed-off-by: Sébastien Deleuze <sdeleuze@users.noreply.github.com>
Since RC1 is right around the corner, let's change the API
footprint as little as possible by using reflection to check
if a class has declared toBuilder themselves. If they have, we
can assume that that class's builder will produce that class.
Issue gh-18052
This reverts commit 95644fb73c, reversing
changes made to fbf7bb3be1.
Reverting this commit will allow us more time to
consider the ideal way to add this support to the public API.
This commit consolidates logic common to applying one
authenticaiton to another. Specifically, it will copy the
authorities in one authentication into the builder instance
of another.
Closes gh-18053
Previously GrantedAuthorities had an implicit package tangle because it
was located in ~.core and FactorGrantedAuthority is in ~.core.authority
and FactorGrantedAuthority's authority property was implicitly expected
to be constants found in `GrantedAuthorities`.
This commit moves the constants to the FactorGrantedAuthority which
resolves this tangle. It wasn't initially done because
FactorGrantedAuthority did not exist at that time.
Closes gh-18030
It would be better to introduce parameter types for
principal and credentials into Authentication.Builder
at the same time as doing so for Authentication
Issue gh-17861
- Added remaining properties
- Removed apply method since Spring Security isn't using
it right now
- Made builders extensible since the authentications are
extensible
Issue gh-17861
This commit adds a new default method to Authentication
for the purposes of creating a Builder based on the current
authentication, allowing other authentications to be
applied to it as a composite.
It also adds Builders for each one of the authentication
result classes.
Issue gh-17861
This commit simplfies the logic in JwtGrantedAuthoritiesConverter
to no longer need the authoritiesClaimName field.
Signed-off-by: chanbinme <gksmfcksqls@gmail.com>
Josh Cummings