Cwikius-Spring/spring-security
1
0
Fork 0
mirror of synced 2026-05-22 21:33:16 +00:00
Code Issues Packages Projects Releases Wiki Activity
17,586 Commits 54 Branches 379 Tags
60459ef16e94a03d6f24ca3769da85cfb7364ade
Commit Graph

2910 Commits

Author SHA1 Message Date
tejas-teju c4b223266c Return Invalid Credentials message on login error 
Closes gh-16484

Signed-off-by: tejas-teju <tejas8196@gmail.com>
 2025-02-14 16:01:22 -07:00
Josh Cummings e42865b926 Merge branch '6.4.x' 2025-02-14 13:08:17 -07:00
Josh Cummings 946812691e Make AuthenticatorAttestation Serializable 
Issue gh-16481
 2025-02-14 13:07:56 -07:00
Max Batischev b5a4218a0b Make WebAuthnAuthenticationRequestToken Serializable 
Closes gh-16481

Signed-off-by: Max Batischev <mblancer@mail.ru>
 2025-02-14 11:51:46 -07:00
plll0123 f9e04594a7 Refactor authorization manager variable naming 
- Renamed PERMIT_ALL_AUTHORIZATION_MANAGER to snake_case style
- Introduced AUTHORIZATION_DECISION for reuse

Signed-off-by: plll0123 <jsh951227@gmail.com>
 2025-02-14 10:02:55 -07:00
Josh Cummings 666d3a4af6 Merge branch '6.4.x' 2025-02-13 17:25:39 -07:00
Max Batischev 879b44f9a1 Make PublicKeyCredentialRequestOptions Serializable 
Closes gh-16432

Signed-off-by: Max Batischev <mblancer@mail.ru>
 2025-02-13 17:17:16 -07:00
Joe Grandja 2480d41981 Add support for OAuth 2.0 Demonstrating Proof of Possession (DPoP) 
Signed-off-by: Joe Grandja <10884212+jgrandja@users.noreply.github.com>
 2025-02-11 14:10:23 -05:00
Daniel Garnier-Moiroux 238f47ce5e One Time Token login registers the default login page 
closes gh-16414

Signed-off-by: Daniel Garnier-Moiroux <git@garnier.wf>
 2025-02-10 09:55:51 -06:00
Daniel Garnier-Moiroux 5ee6b83953 Introduce OneTimeTokenAuthenticationFilter 
closes gh-16539

Signed-off-by: Daniel Garnier-Moiroux <git@garnier.wf>
 2025-02-10 09:55:51 -06:00
Josh Cummings 8e19b8039c Merge branch '6.4.x' 2025-02-05 15:49:20 -07:00
Josh Cummings 4776446b14 Add Missing Serialzed AuthorizationDeniedException 
Issue gh-16544
 2025-02-05 15:48:55 -07:00
Max Batischev 9676739c88 TestServerOneTimeTokenGenerationSuccessHandler.lastToken to non-static variable 
Signed-off-by: Max Batischev <mblancer@mail.ru>
 2025-02-05 14:14:16 -07:00
Max Batischev be81377235 Add Support ServerGenerateOneTimeTokenRequestResolver 
Closes gh-16488

Signed-off-by: Max Batischev <mblancer@mail.ru>
 2025-02-05 14:14:16 -07:00
Josh Cummings 981e3fd779 Merge branch '6.4.x' 2025-02-05 13:59:12 -07:00
Josh Cummings b4c7795699 Support Serialization for Authorization Components 
Closes gh-16544
 2025-02-05 13:58:32 -07:00
DingHao f7e0f7fa8a Polish OneTimeTokenLoginConfigurer 
Signed-off-by: DingHao <dh.hiekn@gmail.com>
 2025-02-04 12:38:27 -07:00
Josh Cummings 5ff87128b1 Make Saml2AuthenticationToken Serializable 
Issue gh-16286
 2025-02-03 10:13:14 -07:00
Tran Ngoc Nhan bcc4b415b3 Make RelyingPartyRegistration Serializable 
Closes gh-16286
 2025-02-03 10:13:13 -07:00
Rob Winch 10394c8f2a OTT Tests use Mocks Instead of Comparing Expires 
Previously, expires was compared to test if a custom implementations
were used. Now the tests verify this through mocks.

Closes gh-16515
 2025-01-31 16:47:50 -06:00
Josh Cummings 5af4b9a2ad Merge branch '6.4.x' 2025-01-30 18:06:01 -07:00
Josh Cummings 4b5bacf71a Make Saml2AuthenticationToken Serializable 
Issue gh-16286
 2025-01-30 18:05:17 -07:00
Tran Ngoc Nhan e50415de85 Make RelyingPartyRegistration Serializable 
Closes gh-16286
 2025-01-30 17:45:41 -07:00
Josh Cummings 28615e7f64 Remove Stray Import 2025-01-24 11:47:40 -07:00
Rob Winch a841737941 Use credPropsField.getType() 
Using the type from a field retains generics information.

Issue gh-16432
 2025-01-23 20:13:11 -06:00
Max Batischev c7bc4c98db Make PublicKeyCredentialRequestOptions Serializable 
Closes gh-16432

Signed-off-by: Max Batischev <mblancer@mail.ru>
 2025-01-23 20:13:10 -06:00
Josh Cummings e1a42db845 Merge branch '6.4.x' 2025-01-23 17:03:53 -07:00
Josh Cummings e1e5970a24 Support Serialization for LDAP Components 
Issue gh-16276
 2025-01-23 16:55:30 -07:00
Josh Cummings 36716d12ba Serialization Support of Core Components 
Issue gh-16276
 2025-01-23 16:50:30 -07:00
Josh Cummings d7921daa13 Support Serialization for SecurityConfig 
Issue gh-16276
 2025-01-23 16:44:53 -07:00
Josh Cummings d043884e32 Support Serialization 
Issue gh-16276
 2025-01-23 16:44:45 -07:00
Rob Winch 177ce59a4b Merge branch '6.4.x' 
Implement Serializable for WebAuthnAuthentication

Closes gh-16474
 2025-01-23 14:12:30 -06:00
Tran Ngoc Nhan e557c7227b Implement Serializable for WebAuthnAuthentication 
Closes gh-16273
Closes gh-16285

Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
 2025-01-23 13:53:26 -06:00
Rob Winch f8132018d5 Merge branch '6.4.x' 
TestOneTimeTokenGenerationSuccessHandler.lastToken to non-static variable

Closes gh-16472
 2025-01-23 12:45:09 -06:00
Rob Winch 751b5580a1 TestOneTimeTokenGenerationSuccessHandler.lastToken to non-static variable 
Previously there were race conditions on the static member lastToken of
TestOneTimeTokenGenerationSuccessHandler. This is because the tests run in
parallel and one test may override the other tests lastToken and thus
make the assertion on it incorrect.

This commit changes lastToken to be a non-static variable to ensure that
each test has it's own lastToken for asserting the expected value.

Closes gh-16471
 2025-01-23 12:43:22 -06:00
Steve Riesenberg 4f860a5481 Merge branch '6.4.x' 
# Conflicts:
#	config/src/main/java/org/springframework/security/config/annotation/web/configurers/oauth2/client/OAuth2LoginConfigurer.java
 2025-01-22 17:30:29 -06:00
Max Batischev 474b5e151a Add Support GenerateOneTimeTokenRequestResolver 
Closes gh-16291

Signed-off-by: Max Batischev <mblancer@mail.ru>
 2025-01-22 17:09:55 -06:00
Steve Riesenberg d97e01d1de Merge branch '6.3.x' into 6.4.x 
Closes gh-16466
 2025-01-22 17:09:34 -06:00
Steve Riesenberg 211fa52649 Favor provided instances over shared objects 
Prior to this commit, providing oauth2Login() and oauth2Client() with
clientRegistrationRepository() and authorizedClientRepository() caused
objects to be shared across both configurers.

These configurers will now prefer explicitly provided instances of
those objects when they are available.

Closes gh-16105
 2025-01-22 17:07:44 -06:00
Rob Winch 68c8a5ad99 Remove debug test 
Issue gh-16443
 2025-01-22 16:11:25 -06:00
Rob Winch 6149489b70 Merge branch '6.4.x' 
fix flakey test in WebAuthnWebDriverTests

Closes gh-16464
 2025-01-22 14:46:05 -06:00
Daniel Garnier-Moiroux 028c212be4 fix flakey test in WebAuthnWebDriverTests 
Closes gh-16463

Signed-off-by: Daniel Garnier-Moiroux <git@garnier.wf>
 2025-01-22 14:45:44 -06:00
Rob Winch 4ee9358900 Add serializeAndDeserializeAreEqual 
Checks that serialization/deserialization can be performed.

Issue gh-16443
 2025-01-22 14:06:11 -06:00
Tran Ngoc Nhan e5ea75f7f4 Implement Serial 
Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
 2025-01-21 18:14:52 -06:00
Rob Winch a2abe3c33e Add HttpMessageConverter WebAuthnDsl Support 
Issue gh-16397
 2025-01-17 21:07:46 -06:00
Rob Winch 4314e68329 Add WebAuthenticationDsl.creationOptionsRepository 
Issue gh-16396
 2025-01-17 20:51:43 -06:00
Rob Winch bea232237f Fix whitespace 2025-01-17 20:51:43 -06:00
DingHao f4491f388e Set PublicKeyCredentialCreationOptionsRepository by DSL or Bean 
Closes gh-16369

Signed-off-by: DingHao <dh.hiekn@gmail.com>
 2025-01-17 18:57:08 -06:00
Rob Winch 5462b4c358 webauthnWhenConfiguredMessageConverter uses mock 
Issue gh-16397
 2025-01-17 18:29:23 -06:00
Rob Winch 0d4f786484 Fix WebAuthnConfigurer Javadoc 
Issue gh-16397
 2025-01-17 18:29:23 -06:00