1
0
mirror of synced 2026-07-10 21:30:04 +00:00

Compare commits

...

52 Commits

Author SHA1 Message Date
github-actions[bot] 3d9cd31122 Release 6.4.4 2025-03-17 21:00:24 +00:00
Rob Winch 04f530bc1b opensamlFiveTest.extendsFrom testRuntimeOnly
Issue gh-16756
2025-03-17 15:41:07 -05:00
dependabot[bot] bf619fc3dc Bump org.springframework:spring-framework-bom from 6.2.3 to 6.2.4
Bumps [org.springframework:spring-framework-bom](https://github.com/spring-projects/spring-framework) from 6.2.3 to 6.2.4.
- [Release notes](https://github.com/spring-projects/spring-framework/releases)
- [Commits](https://github.com/spring-projects/spring-framework/compare/v6.2.3...v6.2.4)

---
updated-dependencies:
- dependency-name: org.springframework:spring-framework-bom
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-03-17 13:09:15 -07:00
github-actions[bot] 488de5af70 Merge branch '6.3.x' into 6.4.x 2025-03-17 20:02:38 +00:00
dependabot[bot] 709d9bc039 Bump org.springframework:spring-framework-bom from 6.1.17 to 6.1.18
Bumps [org.springframework:spring-framework-bom](https://github.com/spring-projects/spring-framework) from 6.1.17 to 6.1.18.
- [Release notes](https://github.com/spring-projects/spring-framework/releases)
- [Commits](https://github.com/spring-projects/spring-framework/compare/v6.1.17...v6.1.18)

---
updated-dependencies:
- dependency-name: org.springframework:spring-framework-bom
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-03-17 13:01:51 -07:00
dependabot[bot] 067ed2bab4 Bump org.springframework.data:spring-data-bom from 2024.1.3 to 2024.1.4
Bumps [org.springframework.data:spring-data-bom](https://github.com/spring-projects/spring-data-bom) from 2024.1.3 to 2024.1.4.
- [Release notes](https://github.com/spring-projects/spring-data-bom/releases)
- [Commits](https://github.com/spring-projects/spring-data-bom/compare/2024.1.3...2024.1.4)

---
updated-dependencies:
- dependency-name: org.springframework.data:spring-data-bom
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-03-17 12:54:22 -07:00
dependabot[bot] 1db6718f69 Bump org.hibernate.orm:hibernate-core from 6.6.10.Final to 6.6.11.Final
Bumps [org.hibernate.orm:hibernate-core](https://github.com/hibernate/hibernate-orm) from 6.6.10.Final to 6.6.11.Final.
- [Release notes](https://github.com/hibernate/hibernate-orm/releases)
- [Changelog](https://github.com/hibernate/hibernate-orm/blob/6.6.11/changelog.txt)
- [Commits](https://github.com/hibernate/hibernate-orm/compare/6.6.10...6.6.11)

---
updated-dependencies:
- dependency-name: org.hibernate.orm:hibernate-core
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-03-17 12:54:04 -07:00
github-actions[bot] 41fc383974 Merge branch '6.3.x' into 6.4.x 2025-03-17 19:50:08 +00:00
dependabot[bot] d9bb16e913 Bump io.projectreactor:reactor-bom from 2023.0.15 to 2023.0.16
Bumps [io.projectreactor:reactor-bom](https://github.com/reactor/reactor) from 2023.0.15 to 2023.0.16.
- [Release notes](https://github.com/reactor/reactor/releases)
- [Commits](https://github.com/reactor/reactor/compare/2023.0.15...2023.0.16)

---
updated-dependencies:
- dependency-name: io.projectreactor:reactor-bom
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-03-17 12:49:50 -07:00
dependabot[bot] 11114919ec Bump org.springframework.data:spring-data-bom from 2024.0.9 to 2024.0.10
Bumps [org.springframework.data:spring-data-bom](https://github.com/spring-projects/spring-data-bom) from 2024.0.9 to 2024.0.10.
- [Release notes](https://github.com/spring-projects/spring-data-bom/releases)
- [Commits](https://github.com/spring-projects/spring-data-bom/compare/2024.0.9...2024.0.10)

---
updated-dependencies:
- dependency-name: org.springframework.data:spring-data-bom
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-03-17 12:49:20 -07:00
Rob Winch 05116eabbd Merge branch '6.3.x' into 6.4.x
- adb303e Add testRuntimeOnly junit-platform-launcher

Closes gh-16756
2025-03-17 14:18:49 -05:00
Rob Winch adb303e152 Add testRuntimeOnly junit-platform-launcher
Closes gh-16755
2025-03-17 14:16:44 -05:00
Rob Winch f2f9d8282a Disable Flaky WebAuthnWebDriverTests
Closes gh-16753
2025-03-17 13:54:17 -05:00
Joe Grandja 806a0474f4 Merge branch '6.3.x' into 6.4.x 2025-03-17 13:52:36 -04:00
Joe Grandja 46f0dc6dfc Enforce BCrypt password length 2025-03-17 13:23:27 -04:00
Josh Cummings dc2e1af2da Align Method Traversal with MergedAnnotations
Closes gh-16751
2025-03-17 10:11:46 -06:00
Josh Cummings 4993fa863a Merge branch '6.3.x' into 6.4.x 2025-03-17 09:49:01 -06:00
Josh Cummings 36ea1b11a7 Fix Compilation Error
Issue gh-16697
2025-03-17 09:43:21 -06:00
Josh Cummings e793a962c5 Remove s101 From Builds
Issue gh-16752
2025-03-17 09:42:49 -06:00
dependabot[bot] 5416c6ad29 Bump io.projectreactor:reactor-bom from 2023.0.15 to 2023.0.16
Bumps [io.projectreactor:reactor-bom](https://github.com/reactor/reactor) from 2023.0.15 to 2023.0.16.
- [Release notes](https://github.com/reactor/reactor/releases)
- [Commits](https://github.com/reactor/reactor/compare/2023.0.15...2023.0.16)

---
updated-dependencies:
- dependency-name: io.projectreactor:reactor-bom
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-03-11 20:58:34 -07:00
dependabot[bot] 805720caa6 Bump io.micrometer:micrometer-observation from 1.14.4 to 1.14.5
Bumps [io.micrometer:micrometer-observation](https://github.com/micrometer-metrics/micrometer) from 1.14.4 to 1.14.5.
- [Release notes](https://github.com/micrometer-metrics/micrometer/releases)
- [Commits](https://github.com/micrometer-metrics/micrometer/compare/v1.14.4...v1.14.5)

---
updated-dependencies:
- dependency-name: io.micrometer:micrometer-observation
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-03-10 20:29:40 -07:00
dependabot[bot] f87b92fbfb Bump org.hibernate.orm:hibernate-core from 6.6.9.Final to 6.6.10.Final
Bumps [org.hibernate.orm:hibernate-core](https://github.com/hibernate/hibernate-orm) from 6.6.9.Final to 6.6.10.Final.
- [Release notes](https://github.com/hibernate/hibernate-orm/releases)
- [Changelog](https://github.com/hibernate/hibernate-orm/blob/6.6.10/changelog.txt)
- [Commits](https://github.com/hibernate/hibernate-orm/compare/6.6.9...6.6.10)

---
updated-dependencies:
- dependency-name: org.hibernate.orm:hibernate-core
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-03-09 20:56:10 -07:00
Josh Cummings 4ae0965b1c Merge branch '6.3.x' into 6.4.x 2025-03-04 09:52:31 -07:00
Josh Cummings 46cd94b5f4 SpEL Propagates Authorization Exceptions
Closes gh-16697
2025-03-04 09:51:55 -07:00
dependabot[bot] 696147c62b Bump com.fasterxml.jackson:jackson-bom from 2.18.2 to 2.18.3
Bumps [com.fasterxml.jackson:jackson-bom](https://github.com/FasterXML/jackson-bom) from 2.18.2 to 2.18.3.
- [Commits](https://github.com/FasterXML/jackson-bom/compare/jackson-bom-2.18.2...jackson-bom-2.18.3)

---
updated-dependencies:
- dependency-name: com.fasterxml.jackson:jackson-bom
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-03-02 20:21:06 -08:00
dependabot[bot] fbd97ab0ea Bump com.webauthn4j:webauthn4j-core
Bumps [com.webauthn4j:webauthn4j-core](https://github.com/webauthn4j/webauthn4j) from 0.28.5.RELEASE to 0.28.6.RELEASE.
- [Release notes](https://github.com/webauthn4j/webauthn4j/releases)
- [Changelog](https://github.com/webauthn4j/webauthn4j/blob/master/github-release-notes-generator.yml)
- [Commits](https://github.com/webauthn4j/webauthn4j/compare/0.28.5.RELEASE...0.28.6.RELEASE)

---
updated-dependencies:
- dependency-name: com.webauthn4j:webauthn4j-core
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-03-02 20:19:57 -08:00
dependabot[bot] 1e952c91e5 Bump io.mockk:mockk from 1.13.16 to 1.13.17
Bumps [io.mockk:mockk](https://github.com/mockk/mockk) from 1.13.16 to 1.13.17.
- [Release notes](https://github.com/mockk/mockk/releases)
- [Commits](https://github.com/mockk/mockk/commits)

---
updated-dependencies:
- dependency-name: io.mockk:mockk
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-02-27 19:40:17 -08:00
github-actions[bot] 15ec379e8c Merge branch '6.3.x' into 6.4.x 2025-02-28 03:38:23 +00:00
dependabot[bot] acd2de4553 Bump io.mockk:mockk from 1.13.16 to 1.13.17
Bumps [io.mockk:mockk](https://github.com/mockk/mockk) from 1.13.16 to 1.13.17.
- [Release notes](https://github.com/mockk/mockk/releases)
- [Commits](https://github.com/mockk/mockk/commits)

---
updated-dependencies:
- dependency-name: io.mockk:mockk
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-02-27 19:37:43 -08:00
dependabot[bot] f796508456 Bump org.jfrog.buildinfo:build-info-extractor-gradle
Bumps [org.jfrog.buildinfo:build-info-extractor-gradle](https://github.com/jfrog/build-info) from 4.33.23 to 4.33.24.
- [Release notes](https://github.com/jfrog/build-info/releases)
- [Changelog](https://github.com/jfrog/build-info/blob/master/RELEASE.md)
- [Commits](https://github.com/jfrog/build-info/compare/build-info-gradle-extractor-4.33.23...build-info-gradle-extractor-4.33.24)

---
updated-dependencies:
- dependency-name: org.jfrog.buildinfo:build-info-extractor-gradle
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-02-26 19:38:19 -08:00
github-actions[bot] d556be49a8 Merge branch '6.3.x' into 6.4.x 2025-02-27 03:35:39 +00:00
dependabot[bot] 31f593cca2 Bump org.jfrog.buildinfo:build-info-extractor-gradle
Bumps [org.jfrog.buildinfo:build-info-extractor-gradle](https://github.com/jfrog/build-info) from 4.33.23 to 4.33.24.
- [Release notes](https://github.com/jfrog/build-info/releases)
- [Changelog](https://github.com/jfrog/build-info/blob/master/RELEASE.md)
- [Commits](https://github.com/jfrog/build-info/compare/build-info-gradle-extractor-4.33.23...build-info-gradle-extractor-4.33.24)

---
updated-dependencies:
- dependency-name: org.jfrog.buildinfo:build-info-extractor-gradle
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-02-26 19:34:57 -08:00
Josh Cummings 954101ab0c Use Thread-Safe Map
Issue gh-15906
2025-02-26 11:28:10 -07:00
github-actions[bot] d7f5fd9908 Merge branch '6.3.x' into 6.4.x 2025-02-26 03:58:25 +00:00
dependabot[bot] 64bdcecdcd Bump org.slf4j:slf4j-api from 2.0.16 to 2.0.17
Bumps org.slf4j:slf4j-api from 2.0.16 to 2.0.17.

---
updated-dependencies:
- dependency-name: org.slf4j:slf4j-api
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-02-25 19:57:42 -08:00
github-actions[bot] 34f5f86d51 Merge branch '6.3.x' into 6.4.x 2025-02-26 03:56:07 +00:00
dependabot[bot] bc0fd60e1a Bump ch.qos.logback:logback-classic from 1.5.16 to 1.5.17
Bumps [ch.qos.logback:logback-classic](https://github.com/qos-ch/logback) from 1.5.16 to 1.5.17.
- [Release notes](https://github.com/qos-ch/logback/releases)
- [Commits](https://github.com/qos-ch/logback/compare/v_1.5.16...v_1.5.17)

---
updated-dependencies:
- dependency-name: ch.qos.logback:logback-classic
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-02-25 19:55:25 -08:00
dependabot[bot] 7a96437d86 Bump org.slf4j:slf4j-api from 2.0.16 to 2.0.17
Bumps org.slf4j:slf4j-api from 2.0.16 to 2.0.17.

---
updated-dependencies:
- dependency-name: org.slf4j:slf4j-api
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-02-25 19:28:59 -08:00
dependabot[bot] 6865c984b5 Bump ch.qos.logback:logback-classic from 1.5.16 to 1.5.17
Bumps [ch.qos.logback:logback-classic](https://github.com/qos-ch/logback) from 1.5.16 to 1.5.17.
- [Release notes](https://github.com/qos-ch/logback/releases)
- [Commits](https://github.com/qos-ch/logback/compare/v_1.5.16...v_1.5.17)

---
updated-dependencies:
- dependency-name: ch.qos.logback:logback-classic
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-02-25 19:27:52 -08:00
Pat McCusker 2bd3cadde8 Use possessive pronoun rather contraction
Signed-off-by: Pat McCusker <patmccusker14@gmail.com>
2025-02-24 17:02:45 -07:00
Pat McCusker bfce6e438d Add fourth oauth grant type to javadoc
Signed-off-by: Pat McCusker <patmccusker14@gmail.com>
2025-02-24 17:02:45 -07:00
Olivier 71e12bb42e Fix @PostResult example in method-security
Replace @PreFilter with @Postfilter in example

Signed-off-by: Olivier <Kuba15@users.noreply.github.com>
2025-02-24 12:54:05 -07:00
Josh Cummings d607364b50 Merge branch '6.3.x' into 6.4.x 2025-02-24 12:49:42 -07:00
Tran Ngoc Nhan a0cfb2777c Fix typo
Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
2025-02-24 12:49:18 -07:00
dependabot[bot] 4c33c62485 Bump org.hibernate.orm:hibernate-core from 6.6.8.Final to 6.6.9.Final
Bumps [org.hibernate.orm:hibernate-core](https://github.com/hibernate/hibernate-orm) from 6.6.8.Final to 6.6.9.Final.
- [Release notes](https://github.com/hibernate/hibernate-orm/releases)
- [Changelog](https://github.com/hibernate/hibernate-orm/blob/6.6.9/changelog.txt)
- [Commits](https://github.com/hibernate/hibernate-orm/compare/6.6.8...6.6.9)

---
updated-dependencies:
- dependency-name: org.hibernate.orm:hibernate-core
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-02-23 19:36:28 -08:00
github-actions[bot] 18c597fa92 Merge branch '6.3.x' into 6.4.x 2025-02-24 01:53:00 +00:00
dependabot[bot] e8206b42d2 Bump @springio/antora-extensions from 1.14.2 to 1.14.4 in /docs
Bumps [@springio/antora-extensions](https://github.com/spring-io/antora-extensions) from 1.14.2 to 1.14.4.
- [Changelog](https://github.com/spring-io/antora-extensions/blob/main/CHANGELOG.adoc)
- [Commits](https://github.com/spring-io/antora-extensions/compare/v1.14.2...v1.14.4)

---
updated-dependencies:
- dependency-name: "@springio/antora-extensions"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-02-23 17:49:04 -08:00
Steve Riesenberg db1595f822 Merge branch '6.3.x' into 6.4.x 2025-02-19 12:31:10 -06:00
Josh Cummings cc2cfc62b0 Add Test Requiring serialVersionUID
Issue gh-16276
2025-02-18 15:06:50 -07:00
github-actions[bot] 3456a8eb17 Next development version 2025-02-18 17:24:48 +00:00
github-actions[bot] 0737957f94 Next development version 2025-02-18 17:17:05 +00:00
github-actions[bot] 77892d571f Release 6.3.7 2025-02-18 16:52:08 +00:00
54 changed files with 266 additions and 90 deletions
@@ -64,39 +64,23 @@ jobs:
./gradlew publishMavenJavaPublicationToLocalRepository
./gradlew cloneRepository -PrepositoryName="spring-projects/spring-security-samples" -Pref="$samples_branch" -PcloneOutputDirectory="$SAMPLES_DIR"
./gradlew --refresh-dependencies --project-dir "$SAMPLES_DIR" --init-script spring-security-ci.gradle -PlocalRepositoryPath="$LOCAL_REPOSITORY_PATH" -PspringSecurityVersion="$version" test integrationTest
check-tangles:
name: Check for Package Tangles
runs-on: ubuntu-latest
if: ${{ github.repository_owner == 'spring-projects' }}
steps:
- uses: actions/checkout@v4
- name: Set up gradle
uses: spring-io/spring-gradle-build-action@v2
with:
java-version: 17
distribution: temurin
- name: Check for package tangles
env:
STRUCTURE101_LICENSEID: ${{ secrets.STRUCTURE101_LICENSEID }}
run: |
./gradlew assemble && ./gradlew s101 -Ps101.licenseId="$STRUCTURE101_LICENSEID" --stacktrace
deploy-artifacts:
name: Deploy Artifacts
needs: [ build, test, check-samples, check-tangles ]
needs: [ build, test, check-samples ]
uses: spring-io/spring-security-release-tools/.github/workflows/deploy-artifacts.yml@v1
with:
should-deploy-artifacts: ${{ needs.build.outputs.should-deploy-artifacts }}
secrets: inherit
deploy-docs:
name: Deploy Docs
needs: [ build, test, check-samples, check-tangles ]
needs: [ build, test, check-samples ]
uses: spring-io/spring-security-release-tools/.github/workflows/deploy-docs.yml@v1
with:
should-deploy-docs: ${{ needs.build.outputs.should-deploy-artifacts }}
secrets: inherit
deploy-schema:
name: Deploy Schema
needs: [ build, test, check-samples, check-tangles ]
needs: [ build, test, check-samples ]
uses: spring-io/spring-security-release-tools/.github/workflows/deploy-schema.yml@v1
with:
should-deploy-schema: ${{ needs.build.outputs.should-deploy-artifacts }}
+1
View File
@@ -20,4 +20,5 @@ dependencies {
testImplementation "org.springframework:spring-test"
testRuntimeOnly 'org.hsqldb:hsqldb'
testRuntimeOnly 'org.junit.platform:junit-platform-launcher'
}
+2
View File
@@ -27,6 +27,8 @@ dependencies {
testImplementation "org.mockito:mockito-junit-jupiter"
testImplementation "org.springframework:spring-test"
testAspect sourceSets.main.output
testRuntimeOnly 'org.junit.platform:junit-platform-launcher'
}
compileAspectj.ajcOptions.outxmlfile = "META-INF/aop.xml"
-6
View File
@@ -20,7 +20,6 @@ plugins {
apply plugin: 'io.spring.nohttp'
apply plugin: 'locks'
apply plugin: 's101'
apply plugin: 'io.spring.convention.root'
apply plugin: 'org.jetbrains.kotlin.jvm'
apply plugin: 'org.springframework.security.versions.verify-dependencies-versions'
@@ -121,11 +120,6 @@ tasks.register('cloneRepository', IncludeRepoTask) {
outputDirectory = project.hasProperty("cloneOutputDirectory") ? project.file("$cloneOutputDirectory") : defaultDirectory
}
s101 {
repository = 'https://structure101.com/binaries/latest'
configurationDirectory = project.file("etc/s101")
}
wrapperUpgrade {
gradle {
'spring-security' {
+2
View File
@@ -95,6 +95,8 @@ dependencies {
testImplementation 'org.mockito:mockito-core'
testImplementation 'org.mockito:mockito-junit-jupiter'
testImplementation libs.com.squareup.okhttp3.mockwebserver
testRuntimeOnly 'org.junit.platform:junit-platform-launcher'
}
@@ -6,5 +6,7 @@ dependencies {
implementation 'org.springframework:spring-core'
testImplementation "org.junit.jupiter:junit-jupiter-api"
testImplementation "org.junit.jupiter:junit-jupiter-engine"
testRuntimeOnly 'org.junit.platform:junit-platform-launcher'
}
@@ -5,4 +5,6 @@ dependencies {
optional 'ch.qos.logback:logback-classic'
testImplementation "org.junit.jupiter:junit-jupiter-api"
testImplementation "org.junit.jupiter:junit-jupiter-engine"
testRuntimeOnly 'org.junit.platform:junit-platform-launcher'
}
+2
View File
@@ -22,4 +22,6 @@ dependencies {
testImplementation "org.mockito:mockito-junit-jupiter"
testImplementation "org.springframework:spring-test"
testImplementation 'org.skyscreamer:jsonassert'
testRuntimeOnly 'org.junit.platform:junit-platform-launcher'
}
+1
View File
@@ -126,6 +126,7 @@ dependencies {
testImplementation libs.org.eclipse.jetty.jetty.servlet
testRuntimeOnly 'org.hsqldb:hsqldb'
testRuntimeOnly 'org.junit.platform:junit-platform-launcher'
}
def rncToXsd = tasks.named('rncToXsd', RncToXsd)
@@ -67,6 +67,7 @@ import static org.assertj.core.api.Assertions.assertThat;
*
* @author Daniel Garnier-Moiroux
*/
@org.junit.jupiter.api.Disabled
class WebAuthnWebDriverTests {
private String baseUrl;
@@ -32,6 +32,7 @@ import java.nio.file.Path;
import java.nio.file.Paths;
import java.time.Instant;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collection;
import java.util.Date;
import java.util.HashMap;
@@ -39,7 +40,6 @@ import java.util.List;
import java.util.Locale;
import java.util.Map;
import java.util.Set;
import java.util.stream.Collectors;
import java.util.stream.Stream;
import jakarta.servlet.http.Cookie;
@@ -717,7 +717,7 @@ class SpringSecurityCoreVersionSerializableTests {
}
@Test
void listClassesMissingSerialVersion() throws Exception {
void allSerializableClassesShouldHaveSerialVersionOrSuppressWarnings() throws Exception {
ClassPathScanningCandidateComponentProvider provider = new ClassPathScanningCandidateComponentProvider(false);
provider.addIncludeFilter(new AssignableTypeFilter(Serializable.class));
List<Class<?>> classes = new ArrayList<>();
@@ -725,10 +725,6 @@ class SpringSecurityCoreVersionSerializableTests {
Set<BeanDefinition> components = provider.findCandidateComponents("org/springframework/security");
for (BeanDefinition component : components) {
Class<?> clazz = Class.forName(component.getBeanClassName());
boolean isAbstract = Modifier.isAbstract(clazz.getModifiers());
if (isAbstract) {
continue;
}
if (clazz.isEnum()) {
continue;
}
@@ -738,15 +734,16 @@ class SpringSecurityCoreVersionSerializableTests {
boolean hasSerialVersion = Stream.of(clazz.getDeclaredFields())
.map(Field::getName)
.anyMatch((n) -> n.equals("serialVersionUID"));
if (!hasSerialVersion) {
SuppressWarnings suppressWarnings = clazz.getAnnotation(SuppressWarnings.class);
boolean hasSerialIgnore = suppressWarnings == null
|| Arrays.asList(suppressWarnings.value()).contains("Serial");
if (!hasSerialVersion && !hasSerialIgnore) {
classes.add(clazz);
}
}
if (!classes.isEmpty()) {
System.out
.println("Found " + classes.size() + " Serializable classes that don't declare a seriallVersionUID");
System.out.println(classes.stream().map(Class::getName).collect(Collectors.joining("\r\n")));
}
assertThat(classes)
.describedAs("Found Serializable classes that are either missing a serialVersionUID or a @SuppressWarnings")
.isEmpty();
}
static Stream<Class<?>> getClassesToSerialize() throws Exception {
+1
View File
@@ -40,6 +40,7 @@ dependencies {
testImplementation 'io.mockk:mockk'
testRuntimeOnly 'org.hsqldb:hsqldb'
testRuntimeOnly 'org.junit.platform:junit-platform-launcher'
}
task springVersion(type: org.gradle.api.tasks.WriteProperties) {
@@ -19,6 +19,7 @@ package org.springframework.security.authorization.method;
import org.springframework.expression.EvaluationContext;
import org.springframework.expression.EvaluationException;
import org.springframework.expression.Expression;
import org.springframework.security.authorization.AuthorizationDeniedException;
import org.springframework.security.authorization.AuthorizationResult;
import org.springframework.security.authorization.ExpressionAuthorizationDecision;
@@ -43,9 +44,24 @@ final class ExpressionUtils {
"SpEL expression must return either a Boolean or an AuthorizationDecision");
}
catch (EvaluationException ex) {
AuthorizationDeniedException denied = findAuthorizationException(ex);
if (denied != null) {
throw denied;
}
throw new IllegalArgumentException("Failed to evaluate expression '" + expr.getExpressionString() + "'",
ex);
}
}
static AuthorizationDeniedException findAuthorizationException(EvaluationException ex) {
Throwable cause = ex.getCause();
while (cause != null) {
if (cause instanceof AuthorizationDeniedException denied) {
return denied;
}
cause = cause.getCause();
}
return null;
}
}
@@ -19,9 +19,9 @@ package org.springframework.security.core.annotation;
import java.lang.annotation.Annotation;
import java.lang.reflect.AnnotatedElement;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.concurrent.ConcurrentHashMap;
/**
* Factory for creating {@link SecurityAnnotationScanner} instances.
@@ -31,11 +31,11 @@ import java.util.Map;
*/
public final class SecurityAnnotationScanners {
private static final Map<Class<? extends Annotation>, SecurityAnnotationScanner<? extends Annotation>> uniqueScanners = new HashMap<>();
private static final Map<Class<? extends Annotation>, SecurityAnnotationScanner<? extends Annotation>> uniqueScanners = new ConcurrentHashMap<>();
private static final Map<Class<? extends Annotation>, SecurityAnnotationScanner<? extends Annotation>> uniqueTemplateScanners = new HashMap<>();
private static final Map<Class<? extends Annotation>, SecurityAnnotationScanner<? extends Annotation>> uniqueTemplateScanners = new ConcurrentHashMap<>();
private static final Map<List<Class<? extends Annotation>>, SecurityAnnotationScanner<? extends Annotation>> uniqueTypesScanners = new HashMap<>();
private static final Map<List<Class<? extends Annotation>>, SecurityAnnotationScanner<? extends Annotation>> uniqueTypesScanners = new ConcurrentHashMap<>();
private SecurityAnnotationScanners() {
}
@@ -19,8 +19,10 @@ package org.springframework.security.core.annotation;
import java.lang.annotation.Annotation;
import java.lang.reflect.AnnotatedElement;
import java.lang.reflect.Method;
import java.lang.reflect.Modifier;
import java.lang.reflect.Parameter;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collections;
import java.util.HashSet;
import java.util.List;
@@ -29,6 +31,7 @@ import java.util.Set;
import java.util.concurrent.ConcurrentHashMap;
import org.springframework.core.MethodClassKey;
import org.springframework.core.ResolvableType;
import org.springframework.core.annotation.AnnotationConfigurationException;
import org.springframework.core.annotation.MergedAnnotation;
import org.springframework.core.annotation.MergedAnnotations;
@@ -169,18 +172,15 @@ final class UniqueSecurityAnnotationScanner<A extends Annotation> extends Abstra
return Collections.emptyList();
}
classesToSkip.add(targetClass);
try {
Method methodToUse = targetClass.getDeclaredMethod(method.getName(), method.getParameterTypes());
Method methodToUse = findMethod(method, targetClass);
if (methodToUse != null) {
List<MergedAnnotation<A>> annotations = findDirectAnnotations(methodToUse);
if (!annotations.isEmpty()) {
return annotations;
}
}
catch (NoSuchMethodException ex) {
// move on
}
List<MergedAnnotation<A>> annotations = new ArrayList<>();
annotations.addAll(findClosestMethodAnnotations(method, targetClass.getSuperclass(), classesToSkip));
List<MergedAnnotation<A>> annotations = new ArrayList<>(
findClosestMethodAnnotations(method, targetClass.getSuperclass(), classesToSkip));
for (Class<?> inter : targetClass.getInterfaces()) {
annotations.addAll(findClosestMethodAnnotations(method, inter, classesToSkip));
}
@@ -212,4 +212,52 @@ final class UniqueSecurityAnnotationScanner<A extends Annotation> extends Abstra
.toList();
}
private static Method findMethod(Method method, Class<?> targetClass) {
for (Method candidate : targetClass.getDeclaredMethods()) {
if (candidate == method) {
return candidate;
}
if (isOverride(method, candidate)) {
return candidate;
}
}
return null;
}
private static boolean isOverride(Method rootMethod, Method candidateMethod) {
return (!Modifier.isPrivate(candidateMethod.getModifiers())
&& candidateMethod.getName().equals(rootMethod.getName())
&& hasSameParameterTypes(rootMethod, candidateMethod));
}
private static boolean hasSameParameterTypes(Method rootMethod, Method candidateMethod) {
if (candidateMethod.getParameterCount() != rootMethod.getParameterCount()) {
return false;
}
Class<?>[] rootParameterTypes = rootMethod.getParameterTypes();
Class<?>[] candidateParameterTypes = candidateMethod.getParameterTypes();
if (Arrays.equals(candidateParameterTypes, rootParameterTypes)) {
return true;
}
return hasSameGenericTypeParameters(rootMethod, candidateMethod, rootParameterTypes);
}
private static boolean hasSameGenericTypeParameters(Method rootMethod, Method candidateMethod,
Class<?>[] rootParameterTypes) {
Class<?> sourceDeclaringClass = rootMethod.getDeclaringClass();
Class<?> candidateDeclaringClass = candidateMethod.getDeclaringClass();
if (!candidateDeclaringClass.isAssignableFrom(sourceDeclaringClass)) {
return false;
}
for (int i = 0; i < rootParameterTypes.length; i++) {
Class<?> resolvedParameterType = ResolvableType.forMethodParameter(candidateMethod, i, sourceDeclaringClass)
.resolve();
if (rootParameterTypes[i] != resolvedParameterType) {
return false;
}
}
return true;
}
}
@@ -22,9 +22,11 @@ import org.springframework.expression.Expression;
import org.springframework.expression.spel.standard.SpelExpressionParser;
import org.springframework.expression.spel.support.StandardEvaluationContext;
import org.springframework.security.authorization.AuthorizationDecision;
import org.springframework.security.authorization.AuthorizationDeniedException;
import org.springframework.security.authorization.ExpressionAuthorizationDecision;
import static org.assertj.core.api.Assertions.assertThat;
import static org.assertj.core.api.Assertions.assertThatExceptionOfType;
public class ExpressionUtilsTests {
@@ -48,10 +50,23 @@ public class ExpressionUtilsTests {
assertThat(ExpressionUtils.evaluate(expression, context)).isInstanceOf(ExpressionAuthorizationDecision.class);
}
@Test
public void evaluateWhenExpressionThrowsAuthorizationDeniedExceptionThenPropagates() {
SpelExpressionParser parser = new SpelExpressionParser();
Expression expression = parser.parseExpression("#root.throwException()");
StandardEvaluationContext context = new StandardEvaluationContext(this);
assertThatExceptionOfType(AuthorizationDeniedException.class)
.isThrownBy(() -> ExpressionUtils.evaluate(expression, context));
}
public AuthorizationDecision returnDecision() {
return new AuthorizationDecisionDetails(false, this.details);
}
public Object throwException() {
throw new AuthorizationDeniedException("denied", new AuthorizationDecision(false));
}
public boolean returnResult() {
return false;
}
@@ -251,6 +251,30 @@ public class UniqueSecurityAnnotationScannerTests {
assertThat(preAuthorize).isNull();
}
// gh-16751
@Test
void scanWhenAnnotationOnParameterizedInterfaceTheLocates() throws Exception {
Method method = MyServiceImpl.class.getDeclaredMethod("get", String.class);
PreAuthorize pre = this.scanner.scan(method, method.getDeclaringClass());
assertThat(pre).isNotNull();
}
// gh-16751
@Test
void scanWhenAnnotationOnParameterizedSuperClassThenLocates() throws Exception {
Method method = MyServiceImpl.class.getDeclaredMethod("getExt", Long.class);
PreAuthorize pre = this.scanner.scan(method, method.getDeclaringClass());
assertThat(pre).isNotNull();
}
// gh-16751
@Test
void scanWhenAnnotationOnParameterizedMethodThenLocates() throws Exception {
Method method = MyServiceImpl.class.getDeclaredMethod("getExtByClass", Class.class, Long.class);
PreAuthorize pre = this.scanner.scan(method, method.getDeclaringClass());
assertThat(pre).isNotNull();
}
@PreAuthorize("one")
private interface AnnotationOnInterface {
@@ -577,4 +601,40 @@ public class UniqueSecurityAnnotationScannerTests {
}
interface MyService<C, U> {
@PreAuthorize("thirty")
C get(U u);
}
abstract static class MyServiceExt<T> implements MyService<Integer, String> {
@PreAuthorize("thirtyone")
abstract T getExt(T t);
@PreAuthorize("thirtytwo")
abstract <S extends Number> S getExtByClass(Class<S> clazz, T t);
}
static class MyServiceImpl extends MyServiceExt<Long> {
@Override
public Integer get(final String s) {
return 0;
}
@Override
Long getExt(Long o) {
return 0L;
}
@Override
<S extends Number> S getExtByClass(Class<S> clazz, Long l) {
return null;
}
}
}
+2
View File
@@ -13,4 +13,6 @@ dependencies {
testImplementation "org.mockito:mockito-core"
testImplementation "org.mockito:mockito-junit-jupiter"
testImplementation "org.springframework:spring-test"
testRuntimeOnly 'org.junit.platform:junit-platform-launcher'
}
@@ -611,6 +611,9 @@ public class BCrypt {
int rounds, off;
StringBuilder rs = new StringBuilder();
if (passwordb.length > 72) {
throw new IllegalArgumentException("password cannot be more than 72 bytes");
}
if (salt == null) {
throw new IllegalArgumentException("salt cannot be null");
}
@@ -222,4 +222,14 @@ public class BCryptPasswordEncoderTests {
assertThat(encoder.matches("wrong", "$2a$00$9N8N35BVs5TLqGL3pspAte5OWWA2a2aZIs.EGp7At7txYakFERMue")).isFalse();
}
@Test
public void enforcePasswordLength() {
BCryptPasswordEncoder encoder = new BCryptPasswordEncoder();
String password72chars = "123456789012345678901234567890123456789012345678901234567890123456789012";
assertThat(encoder.matches(password72chars, encoder.encode(password72chars))).isTrue();
String password73chars = password72chars.concat("a");
assertThatIllegalArgumentException()
.isThrownBy(() -> encoder.matches(password73chars, encoder.encode(password73chars)));
}
}
+2
View File
@@ -15,4 +15,6 @@ dependencies {
testImplementation "org.mockito:mockito-junit-jupiter"
testImplementation "org.springframework:spring-test"
testRuntimeOnly 'org.junit.platform:junit-platform-launcher'
}
@@ -649,7 +649,7 @@ class MyAuthoritiesPopulator : LdapAuthoritiesPopulator {
You would then add a bean of this type to your application context and inject it into the `LdapAuthenticationProvider`. This is covered in the section on configuring LDAP by using explicit Spring beans in the LDAP chapter of the reference manual.
Note that you cannot use the namespace for configuration in this case.
You should also consult the security-api-url[Javadoc] for the relevant classes and interfaces.
You should also consult the {security-api-url}[Javadoc] for the relevant classes and interfaces.
[[appendix-faq-namespace-post-processor]]
@@ -695,7 +695,7 @@ Kotlin::
----
@Component
open class BankService {
@PreFilter("filterObject.owner == authentication.name")
@PostFilter("filterObject.owner == authentication.name")
fun readAccounts(vararg ids: String): Collection<Account> {
// ... the return value will be filtered to only contain the accounts owned by the logged-in user
return accounts
+1 -1
View File
@@ -14,7 +14,7 @@
# limitations under the License.
#
springBootVersion=3.3.3
version=6.4.3
version=6.4.4
samplesBranch=main
org.gradle.jvmargs=-Xmx3g -XX:+HeapDumpOnOutOfMemoryError
org.gradle.parallel=true
+11 -11
View File
@@ -14,11 +14,11 @@ org-jetbrains-kotlinx = "1.9.0"
org-mockito = "5.14.2"
org-opensaml = "4.3.2"
org-opensaml5 = "5.1.2"
org-springframework = "6.2.3"
org-springframework = "6.2.4"
[libraries]
ch-qos-logback-logback-classic = "ch.qos.logback:logback-classic:1.5.16"
com-fasterxml-jackson-jackson-bom = "com.fasterxml.jackson:jackson-bom:2.18.2"
ch-qos-logback-logback-classic = "ch.qos.logback:logback-classic:1.5.17"
com-fasterxml-jackson-jackson-bom = "com.fasterxml.jackson:jackson-bom:2.18.3"
com-google-inject-guice = "com.google.inject:guice:3.0"
com-netflix-nebula-nebula-project-plugin = "com.netflix.nebula:nebula-project-plugin:8.2.0"
com-nimbusds-nimbus-jose-jwt = "com.nimbusds:nimbus-jose-jwt:9.37.3"
@@ -28,9 +28,9 @@ com-squareup-okhttp3-okhttp = { module = "com.squareup.okhttp3:okhttp", version.
com-unboundid-unboundid-ldapsdk = "com.unboundid:unboundid-ldapsdk:6.0.11"
com-unboundid-unboundid-ldapsdk7 = "com.unboundid:unboundid-ldapsdk:7.0.1"
commons-collections = "commons-collections:commons-collections:3.2.2"
io-micrometer-micrometer-observation = "io.micrometer:micrometer-observation:1.14.4"
io-mockk = "io.mockk:mockk:1.13.16"
io-projectreactor-reactor-bom = "io.projectreactor:reactor-bom:2023.0.15"
io-micrometer-micrometer-observation = "io.micrometer:micrometer-observation:1.14.5"
io-mockk = "io.mockk:mockk:1.13.17"
io-projectreactor-reactor-bom = "io.projectreactor:reactor-bom:2023.0.16"
io-rsocket-rsocket-bom = { module = "io.rsocket:rsocket-bom", version.ref = "io-rsocket" }
io-spring-javaformat-spring-javaformat-checkstyle = { module = "io.spring.javaformat:spring-javaformat-checkstyle", version.ref = "io-spring-javaformat" }
io-spring-javaformat-spring-javaformat-gradle-plugin = { module = "io.spring.javaformat:spring-javaformat-gradle-plugin", version.ref = "io-spring-javaformat" }
@@ -70,7 +70,7 @@ org-bouncycastle-bcprov-jdk15on = { module = "org.bouncycastle:bcprov-jdk18on",
org-eclipse-jetty-jetty-server = { module = "org.eclipse.jetty:jetty-server", version.ref = "org-eclipse-jetty" }
org-eclipse-jetty-jetty-servlet = { module = "org.eclipse.jetty:jetty-servlet", version.ref = "org-eclipse-jetty" }
org-hamcrest = "org.hamcrest:hamcrest:2.2"
org-hibernate-orm-hibernate-core = "org.hibernate.orm:hibernate-core:6.6.8.Final"
org-hibernate-orm-hibernate-core = "org.hibernate.orm:hibernate-core:6.6.11.Final"
org-hsqldb = "org.hsqldb:hsqldb:2.7.4"
org-jetbrains-kotlin-kotlin-bom = { module = "org.jetbrains.kotlin:kotlin-bom", version.ref = "org-jetbrains-kotlin" }
org-jetbrains-kotlin-kotlin-gradle-plugin = "org.jetbrains.kotlin:kotlin-gradle-plugin:1.9.25"
@@ -87,8 +87,8 @@ org-seleniumhq-selenium-selenium-java = "org.seleniumhq.selenium:selenium-java:4
org-seleniumhq-selenium-selenium-support = "org.seleniumhq.selenium:selenium-support:3.141.59"
org-skyscreamer-jsonassert = "org.skyscreamer:jsonassert:1.5.3"
org-slf4j-log4j-over-slf4j = "org.slf4j:log4j-over-slf4j:1.7.36"
org-slf4j-slf4j-api = "org.slf4j:slf4j-api:2.0.16"
org-springframework-data-spring-data-bom = "org.springframework.data:spring-data-bom:2024.1.3"
org-slf4j-slf4j-api = "org.slf4j:slf4j-api:2.0.17"
org-springframework-data-spring-data-bom = "org.springframework.data:spring-data-bom:2024.1.4"
org-springframework-ldap-spring-ldap-core = "org.springframework.ldap:spring-ldap-core:3.2.11"
org-springframework-spring-framework-bom = { module = "org.springframework:spring-framework-bom", version.ref = "org-springframework" }
org-synchronoss-cloud-nio-multipart-parser = "org.synchronoss.cloud:nio-multipart-parser:1.1.0"
@@ -103,11 +103,11 @@ org-gretty-gretty = "org.gretty:gretty:4.1.6"
com-github-ben-manes-gradle-versions-plugin = "com.github.ben-manes:gradle-versions-plugin:0.51.0"
com-github-spullara-mustache-java-compiler = "com.github.spullara.mustache.java:compiler:0.9.14"
org-hidetake-gradle-ssh-plugin = "org.hidetake:gradle-ssh-plugin:2.10.1"
org-jfrog-buildinfo-build-info-extractor-gradle = "org.jfrog.buildinfo:build-info-extractor-gradle:4.33.23"
org-jfrog-buildinfo-build-info-extractor-gradle = "org.jfrog.buildinfo:build-info-extractor-gradle:4.33.24"
org-sonarsource-scanner-gradle-sonarqube-gradle-plugin = "org.sonarsource.scanner.gradle:sonarqube-gradle-plugin:2.8.0.1969"
org-instancio-instancio-junit = "org.instancio:instancio-junit:3.7.1"
webauthn4j-core = 'com.webauthn4j:webauthn4j-core:0.28.5.RELEASE'
webauthn4j-core = 'com.webauthn4j:webauthn4j-core:0.28.6.RELEASE'
[plugins]
@@ -22,6 +22,7 @@ dependencies {
testRuntimeOnly project(':spring-security-config')
testRuntimeOnly 'org.aspectj:aspectjweaver'
testRuntimeOnly 'org.junit.platform:junit-platform-launcher'
}
System.setProperty('python.cachedir.skip', 'true')
@@ -25,4 +25,6 @@ dependencies {
testImplementation "org.mockito:mockito-core"
testImplementation "org.mockito:mockito-junit-jupiter"
testImplementation "org.springframework:spring-test"
testRuntimeOnly 'org.junit.platform:junit-platform-launcher'
}
@@ -25,4 +25,6 @@ dependencies {
testImplementation "org.mockito:mockito-core"
testImplementation "org.mockito:mockito-junit-jupiter"
testImplementation "org.springframework:spring-test"
testRuntimeOnly 'org.junit.platform:junit-platform-launcher'
}
@@ -18,4 +18,6 @@ dependencies {
testImplementation "org.mockito:mockito-core"
testImplementation "org.mockito:mockito-junit-jupiter"
testImplementation "org.springframework:spring-test"
testRuntimeOnly 'org.junit.platform:junit-platform-launcher'
}
@@ -17,4 +17,6 @@ dependencies {
testImplementation "org.mockito:mockito-core"
testImplementation "org.mockito:mockito-junit-jupiter"
testImplementation "org.springframework:spring-test"
testRuntimeOnly 'org.junit.platform:junit-platform-launcher'
}
@@ -18,4 +18,6 @@ dependencies {
testImplementation "org.mockito:mockito-core"
testImplementation "org.mockito:mockito-junit-jupiter"
testImplementation "org.springframework:spring-test"
testRuntimeOnly 'org.junit.platform:junit-platform-launcher'
}
@@ -25,6 +25,7 @@ dependencies {
testRuntimeOnly project(':spring-security-config')
testRuntimeOnly project(':spring-security-ldap')
testRuntimeOnly 'org.junit.platform:junit-platform-launcher'
}
integrationTest {
+2
View File
@@ -39,8 +39,10 @@ dependencies {
testImplementation "org.mockito:mockito-junit-jupiter"
testImplementation "org.springframework:spring-test"
testImplementation 'org.skyscreamer:jsonassert'
unboundid7 libs.com.unboundid.unboundid.ldapsdk7
testRuntimeOnly 'org.junit.platform:junit-platform-launcher'
}
integrationTest {
@@ -27,4 +27,5 @@ dependencies {
testImplementation "ch.qos.logback:logback-classic"
testRuntimeOnly 'org.hsqldb:hsqldb'
testRuntimeOnly 'org.junit.platform:junit-platform-launcher'
}
@@ -33,6 +33,7 @@ dependencies {
testImplementation "org.springframework:spring-test"
testRuntimeOnly 'org.hsqldb:hsqldb'
testRuntimeOnly 'org.junit.platform:junit-platform-launcher'
provided 'jakarta.servlet:jakarta.servlet-api'
}
@@ -1,5 +1,5 @@
/*
* Copyright 2002-2019 the original author or authors.
* Copyright 2002-2025 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@@ -26,7 +26,7 @@ import org.springframework.util.Assert;
/**
* An implementation of an {@link OAuth2AuthorizedClientProvider} that simply delegates to
* it's internal {@code List} of {@link OAuth2AuthorizedClientProvider}(s).
* its internal {@code List} of {@link OAuth2AuthorizedClientProvider}(s).
* <p>
* Each provider is given a chance to
* {@link OAuth2AuthorizedClientProvider#authorize(OAuth2AuthorizationContext) authorize}
@@ -1,5 +1,5 @@
/*
* Copyright 2002-2019 the original author or authors.
* Copyright 2002-2025 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@@ -28,7 +28,7 @@ import org.springframework.util.Assert;
/**
* An implementation of a {@link ReactiveOAuth2AuthorizedClientProvider} that simply
* delegates to it's internal {@code List} of
* delegates to its internal {@code List} of
* {@link ReactiveOAuth2AuthorizedClientProvider}(s).
* <p>
* Each provider is given a chance to
@@ -1,5 +1,5 @@
/*
* Copyright 2002-2018 the original author or authors.
* Copyright 2002-2025 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@@ -29,7 +29,7 @@ import org.springframework.util.Assert;
* A representation of an OAuth 2.0 &quot;Authorized Client&quot;.
* <p>
* A client is considered &quot;authorized&quot; when the End-User (Resource Owner) has
* granted authorization to the client to access it's protected resources.
* granted authorization to the client to access its protected resources.
* <p>
* This class associates the {@link #getClientRegistration() Client} to the
* {@link #getAccessToken() Access Token} granted/authorized by the
@@ -1,5 +1,5 @@
/*
* Copyright 2002-2017 the original author or authors.
* Copyright 2002-2025 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@@ -32,7 +32,7 @@ import org.springframework.util.Assert;
* <p>
* The {@link Authentication} associates an {@link OAuth2User} {@code Principal} to the
* identifier of the {@link #getAuthorizedClientRegistrationId() Authorized Client}, which
* the End-User ({@code Principal}) granted authorization to so that it can access it's
* the End-User ({@code Principal}) granted authorization to so that it can access its
* protected resources at the UserInfo Endpoint.
*
* @author Joe Grandja
@@ -1,5 +1,5 @@
/*
* Copyright 2002-2017 the original author or authors.
* Copyright 2002-2025 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@@ -26,8 +26,8 @@ import org.springframework.security.oauth2.core.user.OAuth2User;
import org.springframework.util.Assert;
/**
* An implementation of an {@link OAuth2UserService} that simply delegates to it's
* internal {@code List} of {@link OAuth2UserService}(s).
* An implementation of an {@link OAuth2UserService} that simply delegates to its internal
* {@code List} of {@link OAuth2UserService}(s).
* <p>
* Each {@link OAuth2UserService} is given a chance to
* {@link OAuth2UserService#loadUser(OAuth2UserRequest) load} an {@link OAuth2User} with
@@ -1,5 +1,5 @@
/*
* Copyright 2002-2022 the original author or authors.
* Copyright 2002-2025 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@@ -52,7 +52,7 @@ import org.springframework.web.util.UriComponentsBuilder;
*
* <p>
* <b>NOTE:</b> The default base {@code URI} {@code /oauth2/authorization} may be
* overridden via it's constructor
* overridden via its constructor
* {@link #DefaultOAuth2AuthorizationRequestResolver(ClientRegistrationRepository, String)}.
*
* @author Joe Grandja
@@ -17,4 +17,6 @@ dependencies {
testImplementation "org.mockito:mockito-core"
testImplementation "org.mockito:mockito-junit-jupiter"
testImplementation "org.springframework:spring-test"
testRuntimeOnly 'org.junit.platform:junit-platform-launcher'
}
@@ -1,5 +1,5 @@
/*
* Copyright 2002-2023 the original author or authors.
* Copyright 2002-2025 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@@ -23,13 +23,13 @@ import org.springframework.util.Assert;
/**
* An authorization grant is a credential representing the resource owner's authorization
* (to access it's protected resources) to the client and used by the client to obtain an
* (to access its protected resources) to the client and used by the client to obtain an
* access token.
*
* <p>
* The OAuth 2.0 Authorization Framework defines four standard grant types: authorization
* code, resource owner password credentials, and client credentials. It also provides an
* extensibility mechanism for defining additional grant types.
* code, implicit, resource owner password credentials, and client credentials. It also
* provides an extensibility mechanism for defining additional grant types.
*
* @author Joe Grandja
* @author Steve Riesenberg
@@ -23,4 +23,6 @@ dependencies {
testImplementation "org.mockito:mockito-core"
testImplementation "org.mockito:mockito-junit-jupiter"
testImplementation "org.springframework:spring-test"
testRuntimeOnly 'org.junit.platform:junit-platform-launcher'
}
@@ -1,5 +1,5 @@
/*
* Copyright 2002-2020 the original author or authors.
* Copyright 2002-2025 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@@ -44,7 +44,7 @@ package org.springframework.security.oauth2.jwt;
public interface JwtDecoder {
/**
* Decodes the JWT from it's compact claims representation format and returns a
* Decodes the JWT from its compact claims representation format and returns a
* {@link Jwt}.
* @param token the JWT value
* @return a {@link Jwt}
@@ -1,5 +1,5 @@
/*
* Copyright 2002-2021 the original author or authors.
* Copyright 2002-2025 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@@ -18,7 +18,7 @@ package org.springframework.security.oauth2.jwt;
/**
* Implementations of this interface are responsible for encoding a JSON Web Token (JWT)
* to it's compact claims representation format.
* to its compact claims representation format.
*
* <p>
* JWTs may be represented using the JWS Compact Serialization format for a JSON Web
@@ -47,7 +47,7 @@ package org.springframework.security.oauth2.jwt;
public interface JwtEncoder {
/**
* Encode the JWT to it's compact claims representation format.
* Encode the JWT to its compact claims representation format.
* @param parameters the parameters containing the JOSE header and JWT Claims Set
* @return a {@link Jwt}
* @throws JwtEncodingException if an error occurs while attempting to encode the JWT
@@ -1,5 +1,5 @@
/*
* Copyright 2002-2024 the original author or authors.
* Copyright 2002-2025 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@@ -70,7 +70,7 @@ import org.springframework.web.reactive.function.client.WebClient;
/**
* An implementation of a {@link ReactiveJwtDecoder} that &quot;decodes&quot; a JSON Web
* Token (JWT) and additionally verifies it's digital signature if the JWT is a JSON Web
* Token (JWT) and additionally verifies its digital signature if the JWT is a JSON Web
* Signature (JWS).
*
* <p>
@@ -1,5 +1,5 @@
/*
* Copyright 2002-2020 the original author or authors.
* Copyright 2002-2025 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@@ -20,7 +20,7 @@ import reactor.core.publisher.Mono;
/**
* Implementations of this interface are responsible for &quot;decoding&quot; a JSON Web
* Token (JWT) from it's compact claims representation format to a {@link Jwt}.
* Token (JWT) from its compact claims representation format to a {@link Jwt}.
*
* <p>
* JWTs may be represented using the JWS Compact Serialization format for a JSON Web
@@ -46,7 +46,7 @@ import reactor.core.publisher.Mono;
public interface ReactiveJwtDecoder {
/**
* Decodes the JWT from it's compact claims representation format and returns a
* Decodes the JWT from its compact claims representation format and returns a
* {@link Jwt}.
* @param token the JWT value
* @return a {@link Jwt}
@@ -26,4 +26,6 @@ dependencies {
testImplementation "org.mockito:mockito-core"
testImplementation "org.mockito:mockito-junit-jupiter"
testImplementation "org.springframework:spring-test"
testRuntimeOnly 'org.junit.platform:junit-platform-launcher'
}
+2
View File
@@ -14,4 +14,6 @@ dependencies {
testImplementation "org.mockito:mockito-core"
testImplementation "org.mockito:mockito-junit-jupiter"
testImplementation "org.springframework:spring-test"
testRuntimeOnly 'org.junit.platform:junit-platform-launcher'
}
@@ -2,7 +2,7 @@ apply plugin: 'io.spring.convention.spring-module'
configurations {
opensamlFiveMain { extendsFrom(optional, provided) }
opensamlFiveTest { extendsFrom(opensamlFiveMain, testImplementation) }
opensamlFiveTest { extendsFrom(opensamlFiveMain, testImplementation, testRuntimeOnly) }
}
sourceSets {
@@ -116,6 +116,8 @@ dependencies {
testImplementation "org.mockito:mockito-core"
testImplementation "org.mockito:mockito-junit-jupiter"
testImplementation "org.springframework:spring-test"
testRuntimeOnly 'org.junit.platform:junit-platform-launcher'
}
jar {
+2
View File
@@ -24,6 +24,8 @@ dependencies {
testImplementation "org.mockito:mockito-core"
testImplementation "org.mockito:mockito-junit-jupiter"
testImplementation "org.springframework:spring-test"
testRuntimeOnly 'org.junit.platform:junit-platform-launcher'
}
configure(project.tasks.withType(Test)) {
+2
View File
@@ -32,4 +32,6 @@ dependencies {
testImplementation 'org.skyscreamer:jsonassert'
testImplementation 'org.springframework:spring-webmvc'
testImplementation 'org.springframework:spring-tx'
testRuntimeOnly 'org.junit.platform:junit-platform-launcher'
}
+1
View File
@@ -65,4 +65,5 @@ dependencies {
testImplementation 'com.squareup.okhttp3:mockwebserver'
testRuntimeOnly 'org.hsqldb:hsqldb'
testRuntimeOnly 'org.junit.platform:junit-platform-launcher'
}