410812c5bc
Reduce Diff Size
...
This commit reorders the originally changed boolean logic so that it returns
false early, as it did before. This allows the change to remain small and also
keeps the most complex logical statements outside of the if statement.
Signed-off-by: Josh Cummings <3627351+jzheaux@users.noreply.github.com >
2026-02-17 16:59:55 -07:00
329d9e2dfd
Revert code
...
Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com >
2026-02-17 16:59:55 -07:00
dc8ed8b168
Fix checkstyle
...
Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com >
2026-02-17 16:59:55 -07:00
17933ddab3
Resolve feedback
...
Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com >
2026-02-17 16:59:55 -07:00
deb6416c93
Fix checkstyle
...
Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com >
2026-02-17 16:59:55 -07:00
9323775c5f
Update javadoc and apply StringUtils#hasLength
...
Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com >
2026-02-17 16:59:55 -07:00
4cc5f543ab
Add author
...
Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com >
2026-02-17 16:59:55 -07:00
67bc1d8d4a
Polish some methods
...
Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com >
2026-02-17 16:59:55 -07:00
17b5cdde55
Remove redundant check and exception
...
Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com >
2026-02-17 16:59:55 -07:00
e91b098c7c
Update javadoc
...
Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com >
2026-02-17 16:59:55 -07:00
21bef947b0
Use String#isEmpty
...
Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com >
2026-02-17 16:59:55 -07:00
6fcca39500
Mark CsrfTokenRequestAttributeHandler#setCsrfRequestAttributeName as Nullable
...
Closes: gh-18617
Signed-off-by: Andrey Litvitski <andrey1010102008@gmail.com >
2026-02-17 16:57:15 -07:00
544f635e9b
Polish gh-17246
2026-02-17 16:35:57 -05:00
e4dcffae8a
Ensure ID Token is updated after refresh token (Reactive)
...
Closes gh-17188
Signed-off-by: Evgeniy Cheban <mister.cheban@gmail.com >
2026-02-17 14:38:15 -05:00
f52f097a4d
Bump ch.qos.logback:logback-classic from 1.5.31 to 1.5.32
...
Bumps [ch.qos.logback:logback-classic](https://github.com/qos-ch/logback ) from 1.5.31 to 1.5.32.
- [Release notes](https://github.com/qos-ch/logback/releases )
- [Commits](https://github.com/qos-ch/logback/compare/v_1.5.31...v_1.5.32 )
---
updated-dependencies:
- dependency-name: ch.qos.logback:logback-classic
dependency-version: 1.5.32
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2026-02-17 03:16:46 +00:00
1cd145d026
Bump org-apache-maven-resolver from 1.9.25 to 1.9.26
...
Bumps `org-apache-maven-resolver` from 1.9.25 to 1.9.26.
Updates `org.apache.maven.resolver:maven-resolver-connector-basic` from 1.9.25 to 1.9.26
- [Release notes](https://github.com/apache/maven-resolver/releases )
- [Commits](https://github.com/apache/maven-resolver/compare/maven-resolver-1.9.25...maven-resolver-1.9.26 )
Updates `org.apache.maven.resolver:maven-resolver-impl` from 1.9.25 to 1.9.26
- [Release notes](https://github.com/apache/maven-resolver/releases )
- [Commits](https://github.com/apache/maven-resolver/compare/maven-resolver-1.9.25...maven-resolver-1.9.26 )
Updates `org.apache.maven.resolver:maven-resolver-transport-http` from 1.9.25 to 1.9.26
---
updated-dependencies:
- dependency-name: org.apache.maven.resolver:maven-resolver-connector-basic
dependency-version: 1.9.26
dependency-type: direct:production
update-type: version-update:semver-patch
- dependency-name: org.apache.maven.resolver:maven-resolver-impl
dependency-version: 1.9.26
dependency-type: direct:production
update-type: version-update:semver-patch
- dependency-name: org.apache.maven.resolver:maven-resolver-transport-http
dependency-version: 1.9.26
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2026-02-17 03:16:31 +00:00
4aa9ff99f5
Bump org.junit:junit-bom from 6.0.2 to 6.0.3
...
Bumps [org.junit:junit-bom](https://github.com/junit-team/junit-framework ) from 6.0.2 to 6.0.3.
- [Release notes](https://github.com/junit-team/junit-framework/releases )
- [Commits](https://github.com/junit-team/junit-framework/compare/r6.0.2...r6.0.3 )
---
updated-dependencies:
- dependency-name: org.junit:junit-bom
dependency-version: 6.0.3
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2026-02-16 03:18:27 +00:00
9b978ae70b
Bump ch.qos.logback:logback-classic from 1.5.29 to 1.5.31
...
Bumps [ch.qos.logback:logback-classic](https://github.com/qos-ch/logback ) from 1.5.29 to 1.5.31.
- [Release notes](https://github.com/qos-ch/logback/releases )
- [Commits](https://github.com/qos-ch/logback/compare/v_1.5.29...v_1.5.31 )
---
updated-dependencies:
- dependency-name: ch.qos.logback:logback-classic
dependency-version: 1.5.31
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2026-02-16 03:17:59 +00:00
73dff1f8a3
Next development version
2026-02-13 12:23:48 -05:00
e5906d97ea
Remove Typo in Java Version Declaration
...
Issue gh-18512
Signed-off-by: Josh Cummings <3627351+jzheaux@users.noreply.github.com >
2026-02-13 10:04:03 -07:00
928ad9600c
Release 7.1.0-M2
2026-02-13 16:25:52 +00:00
f9b2c86e1d
Bump org.springframework.data:spring-data-bom from 2025.1.2 to 2025.1.3
...
Bumps [org.springframework.data:spring-data-bom](https://github.com/spring-projects/spring-data-bom ) from 2025.1.2 to 2025.1.3.
- [Release notes](https://github.com/spring-projects/spring-data-bom/releases )
- [Commits](https://github.com/spring-projects/spring-data-bom/compare/2025.1.2...2025.1.3 )
---
updated-dependencies:
- dependency-name: org.springframework.data:spring-data-bom
dependency-version: 2025.1.3
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2026-02-13 12:19:41 +00:00
d77e48f9ef
Bump org.springframework.ldap:spring-ldap-core from 4.0.1 to 4.0.2
...
Bumps [org.springframework.ldap:spring-ldap-core](https://github.com/spring-projects/spring-ldap ) from 4.0.1 to 4.0.2.
- [Release notes](https://github.com/spring-projects/spring-ldap/releases )
- [Changelog](https://github.com/spring-projects/spring-ldap/blob/main/changelog.txt )
- [Commits](https://github.com/spring-projects/spring-ldap/compare/4.0.1...4.0.2 )
---
updated-dependencies:
- dependency-name: org.springframework.ldap:spring-ldap-core
dependency-version: 4.0.2
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2026-02-13 03:17:06 +00:00
25da472d67
Bump org.springframework:spring-framework-bom from 7.0.3 to 7.0.4
...
Bumps [org.springframework:spring-framework-bom](https://github.com/spring-projects/spring-framework ) from 7.0.3 to 7.0.4.
- [Release notes](https://github.com/spring-projects/spring-framework/releases )
- [Commits](https://github.com/spring-projects/spring-framework/compare/v7.0.3...v7.0.4 )
---
updated-dependencies:
- dependency-name: org.springframework:spring-framework-bom
dependency-version: 7.0.4
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2026-02-13 03:16:43 +00:00
9d3e217b79
Bump spring-io/spring-security-release-tools from 1.0.13 to 1.0.14
...
Bumps [spring-io/spring-security-release-tools](https://github.com/spring-io/spring-security-release-tools ) from 1.0.13 to 1.0.14.
- [Release notes](https://github.com/spring-io/spring-security-release-tools/releases )
- [Changelog](https://github.com/spring-io/spring-security-release-tools/blob/main/RELEASE.adoc )
- [Commits](https://github.com/spring-io/spring-security-release-tools/compare/v1.0.13...729fed56d42122f88583aff1be35c0800b7d77e9 )
---
updated-dependencies:
- dependency-name: spring-io/spring-security-release-tools
dependency-version: 1.0.14
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2026-02-13 00:49:00 +00:00
7bbfc09f49
Bump spring-io/spring-security-release-tools/.github/workflows/perform-release.yml
...
Bumps [spring-io/spring-security-release-tools/.github/workflows/perform-release.yml](https://github.com/spring-io/spring-security-release-tools ) from 1.0.13 to 1.0.14.
- [Release notes](https://github.com/spring-io/spring-security-release-tools/releases )
- [Changelog](https://github.com/spring-io/spring-security-release-tools/blob/main/RELEASE.adoc )
- [Commits](https://github.com/spring-io/spring-security-release-tools/compare/v1.0.13...729fed56d42122f88583aff1be35c0800b7d77e9 )
---
updated-dependencies:
- dependency-name: spring-io/spring-security-release-tools/.github/workflows/perform-release.yml
dependency-version: 1.0.14
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2026-02-13 00:47:48 +00:00
85e2d9298b
Merge remote-tracking branch 'origin/7.0.x'
2026-02-12 16:46:14 -07:00
b804da974d
Update Test to Align with webauthn4j
...
The latest webauthn4j exposes Jackson 3 instead of Jackson 2,
as such this test now uses Jackson 3 where needed.
Signed-off-by: Josh Cummings <3627351+jzheaux@users.noreply.github.com >
2026-02-12 16:45:13 -07:00
b9bb5e0b52
Bump com.webauthn4j:webauthn4j-core
...
Bumps [com.webauthn4j:webauthn4j-core](https://github.com/webauthn4j/webauthn4j ) from 0.29.7.RELEASE to 0.31.0.RELEASE.
- [Release notes](https://github.com/webauthn4j/webauthn4j/releases )
- [Commits](https://github.com/webauthn4j/webauthn4j/compare/0.29.7.RELEASE...0.31.0.RELEASE )
---
updated-dependencies:
- dependency-name: com.webauthn4j:webauthn4j-core
dependency-version: 0.31.0.RELEASE
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
2026-02-12 16:45:13 -07:00
4fd8e1d596
Remove Trailing Bytes from AttestationStatement
...
Signed-off-by: Josh Cummings <3627351+jzheaux@users.noreply.github.com >
2026-02-12 16:45:13 -07:00
c59fb0cd35
Add Jackson 2 Databind as Optional Dependency
...
Since spring-security-webauthn has Jackson 2 Mixins, it would
be clearer to set Jackson 2 explicitly as an optional dependency
Signed-off-by: Josh Cummings <3627351+jzheaux@users.noreply.github.com >
2026-02-12 16:45:13 -07:00
bc6ce0d346
Merge branch '7.0.x'
2026-02-12 10:36:20 -07:00
50aba3aaf3
Bump io.spring.gradle:spring-security-release-plugin
...
Bumps [io.spring.gradle:spring-security-release-plugin](https://github.com/spring-io/spring-security-release-tools ) from 1.0.13 to 1.0.14.
- [Release notes](https://github.com/spring-io/spring-security-release-tools/releases )
- [Changelog](https://github.com/spring-io/spring-security-release-tools/blob/main/RELEASE.adoc )
- [Commits](https://github.com/spring-io/spring-security-release-tools/compare/v1.0.13...v1.0.14 )
---
updated-dependencies:
- dependency-name: io.spring.gradle:spring-security-release-plugin
dependency-version: 1.0.14
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2026-02-12 10:35:14 -07:00
25aec8c5e0
Update Release Steps to JDK 25
...
Issue gh-18512
Signed-off-by: Josh Cummings <3627351+jzheaux@users.noreply.github.com >
2026-02-12 10:29:43 -07:00
6eb0af9912
Merge branch '7.0.x'
2026-02-12 10:28:00 -07:00
6cbbf6c561
Merge branch '6.5.x' into 7.0.x
2026-02-12 10:27:46 -07:00
10cb6f7003
Update spring-security-release-tools 1.0.14
2026-02-12 10:25:47 -07:00
7fdff6a907
Use spring-github-workflows Auto-Merge
2026-02-12 10:21:32 -07:00
117af3bc2b
Merge pull request #18723 from spring-projects/dependabot/gradle/main/io.spring.gradle-spring-security-release-plugin-1.0.14
...
Bump io.spring.gradle:spring-security-release-plugin from 1.0.13 to 1.0.14
2026-02-12 03:17:42 +00:00
c7f781423f
Bump io.spring.gradle:spring-security-release-plugin
...
Bumps [io.spring.gradle:spring-security-release-plugin](https://github.com/spring-io/spring-security-release-tools ) from 1.0.13 to 1.0.14.
- [Release notes](https://github.com/spring-io/spring-security-release-tools/releases )
- [Changelog](https://github.com/spring-io/spring-security-release-tools/blob/main/RELEASE.adoc )
- [Commits](https://github.com/spring-io/spring-security-release-tools/compare/v1.0.13...v1.0.14 )
---
updated-dependencies:
- dependency-name: io.spring.gradle:spring-security-release-plugin
dependency-version: 1.0.14
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2026-02-12 03:06:08 +00:00
fb2f0d5c38
Merge pull request #18715 from spring-projects/dependabot/gradle/main/io.projectreactor-reactor-bom-2025.0.3
...
Bump io.projectreactor:reactor-bom from 2025.0.2 to 2025.0.3
2026-02-11 03:18:39 +00:00
10b9cc8c2b
Merge pull request #18713 from spring-projects/dependabot/gradle/main/io.micrometer-micrometer-observation-1.16.3
...
Bump io.micrometer:micrometer-observation from 1.16.2 to 1.16.3
2026-02-11 03:18:24 +00:00
5240878272
Merge pull request #18714 from spring-projects/dependabot/gradle/main/ch.qos.logback-logback-classic-1.5.29
...
Bump ch.qos.logback:logback-classic from 1.5.28 to 1.5.29
2026-02-11 03:18:04 +00:00
ba4bd61c5b
Bump io.projectreactor:reactor-bom from 2025.0.2 to 2025.0.3
...
Bumps [io.projectreactor:reactor-bom](https://github.com/reactor/reactor ) from 2025.0.2 to 2025.0.3.
- [Release notes](https://github.com/reactor/reactor/releases )
- [Commits](https://github.com/reactor/reactor/compare/2025.0.2...2025.0.3 )
---
updated-dependencies:
- dependency-name: io.projectreactor:reactor-bom
dependency-version: 2025.0.3
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2026-02-11 03:06:26 +00:00
c25ec70374
Bump ch.qos.logback:logback-classic from 1.5.28 to 1.5.29
...
Bumps [ch.qos.logback:logback-classic](https://github.com/qos-ch/logback ) from 1.5.28 to 1.5.29.
- [Release notes](https://github.com/qos-ch/logback/releases )
- [Commits](https://github.com/qos-ch/logback/compare/v_1.5.28...v_1.5.29 )
---
updated-dependencies:
- dependency-name: ch.qos.logback:logback-classic
dependency-version: 1.5.29
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2026-02-11 03:06:19 +00:00
8e1e0ca9d2
Bump io.micrometer:micrometer-observation from 1.16.2 to 1.16.3
...
Bumps [io.micrometer:micrometer-observation](https://github.com/micrometer-metrics/micrometer ) from 1.16.2 to 1.16.3.
- [Release notes](https://github.com/micrometer-metrics/micrometer/releases )
- [Commits](https://github.com/micrometer-metrics/micrometer/compare/v1.16.2...v1.16.3 )
---
updated-dependencies:
- dependency-name: io.micrometer:micrometer-observation
dependency-version: 1.16.3
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2026-02-11 03:05:06 +00:00
705fa60a01
Document Method Security hasScope Support
...
Issue gh-18013
Signed-off-by: Josh Cummings <3627351+jzheaux@users.noreply.github.com >
2026-02-10 15:23:32 -07:00
f2b7cb2de5
Support hasScope in Method Security
...
Closes gh-18013
Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com >
2026-02-10 15:23:32 -07:00
8652950fb2
Fix typos in contributing guide Tidy up wording in CONTRIBUTING.adoc to improve readability.
...
Signed-off-by: coehgns <modooboiroo@gmail.com >
2026-02-10 13:54:55 -07:00
07ba3e623f
Merge branch '7.0.x'
2026-02-10 13:41:47 -07:00
Josh Cummings