Compare commits
52 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
| 3d9cd31122 | |||
| 04f530bc1b | |||
| bf619fc3dc | |||
| 488de5af70 | |||
| 709d9bc039 | |||
| 067ed2bab4 | |||
| 1db6718f69 | |||
| 41fc383974 | |||
| d9bb16e913 | |||
| 11114919ec | |||
| 05116eabbd | |||
| adb303e152 | |||
| f2f9d8282a | |||
| 806a0474f4 | |||
| 46f0dc6dfc | |||
| dc2e1af2da | |||
| 4993fa863a | |||
| 36ea1b11a7 | |||
| e793a962c5 | |||
| 5416c6ad29 | |||
| 805720caa6 | |||
| f87b92fbfb | |||
| 4ae0965b1c | |||
| 46cd94b5f4 | |||
| 696147c62b | |||
| fbd97ab0ea | |||
| 1e952c91e5 | |||
| 15ec379e8c | |||
| acd2de4553 | |||
| f796508456 | |||
| d556be49a8 | |||
| 31f593cca2 | |||
| 954101ab0c | |||
| d7f5fd9908 | |||
| 64bdcecdcd | |||
| 34f5f86d51 | |||
| bc0fd60e1a | |||
| 7a96437d86 | |||
| 6865c984b5 | |||
| 2bd3cadde8 | |||
| bfce6e438d | |||
| 71e12bb42e | |||
| d607364b50 | |||
| a0cfb2777c | |||
| 4c33c62485 | |||
| 18c597fa92 | |||
| e8206b42d2 | |||
| db1595f822 | |||
| cc2cfc62b0 | |||
| 3456a8eb17 | |||
| 0737957f94 | |||
| 77892d571f |
@@ -64,39 +64,23 @@ jobs:
|
||||
./gradlew publishMavenJavaPublicationToLocalRepository
|
||||
./gradlew cloneRepository -PrepositoryName="spring-projects/spring-security-samples" -Pref="$samples_branch" -PcloneOutputDirectory="$SAMPLES_DIR"
|
||||
./gradlew --refresh-dependencies --project-dir "$SAMPLES_DIR" --init-script spring-security-ci.gradle -PlocalRepositoryPath="$LOCAL_REPOSITORY_PATH" -PspringSecurityVersion="$version" test integrationTest
|
||||
check-tangles:
|
||||
name: Check for Package Tangles
|
||||
runs-on: ubuntu-latest
|
||||
if: ${{ github.repository_owner == 'spring-projects' }}
|
||||
steps:
|
||||
- uses: actions/checkout@v4
|
||||
- name: Set up gradle
|
||||
uses: spring-io/spring-gradle-build-action@v2
|
||||
with:
|
||||
java-version: 17
|
||||
distribution: temurin
|
||||
- name: Check for package tangles
|
||||
env:
|
||||
STRUCTURE101_LICENSEID: ${{ secrets.STRUCTURE101_LICENSEID }}
|
||||
run: |
|
||||
./gradlew assemble && ./gradlew s101 -Ps101.licenseId="$STRUCTURE101_LICENSEID" --stacktrace
|
||||
deploy-artifacts:
|
||||
name: Deploy Artifacts
|
||||
needs: [ build, test, check-samples, check-tangles ]
|
||||
needs: [ build, test, check-samples ]
|
||||
uses: spring-io/spring-security-release-tools/.github/workflows/deploy-artifacts.yml@v1
|
||||
with:
|
||||
should-deploy-artifacts: ${{ needs.build.outputs.should-deploy-artifacts }}
|
||||
secrets: inherit
|
||||
deploy-docs:
|
||||
name: Deploy Docs
|
||||
needs: [ build, test, check-samples, check-tangles ]
|
||||
needs: [ build, test, check-samples ]
|
||||
uses: spring-io/spring-security-release-tools/.github/workflows/deploy-docs.yml@v1
|
||||
with:
|
||||
should-deploy-docs: ${{ needs.build.outputs.should-deploy-artifacts }}
|
||||
secrets: inherit
|
||||
deploy-schema:
|
||||
name: Deploy Schema
|
||||
needs: [ build, test, check-samples, check-tangles ]
|
||||
needs: [ build, test, check-samples ]
|
||||
uses: spring-io/spring-security-release-tools/.github/workflows/deploy-schema.yml@v1
|
||||
with:
|
||||
should-deploy-schema: ${{ needs.build.outputs.should-deploy-artifacts }}
|
||||
|
||||
@@ -20,4 +20,5 @@ dependencies {
|
||||
testImplementation "org.springframework:spring-test"
|
||||
|
||||
testRuntimeOnly 'org.hsqldb:hsqldb'
|
||||
testRuntimeOnly 'org.junit.platform:junit-platform-launcher'
|
||||
}
|
||||
|
||||
@@ -27,6 +27,8 @@ dependencies {
|
||||
testImplementation "org.mockito:mockito-junit-jupiter"
|
||||
testImplementation "org.springframework:spring-test"
|
||||
testAspect sourceSets.main.output
|
||||
|
||||
testRuntimeOnly 'org.junit.platform:junit-platform-launcher'
|
||||
}
|
||||
|
||||
compileAspectj.ajcOptions.outxmlfile = "META-INF/aop.xml"
|
||||
|
||||
@@ -20,7 +20,6 @@ plugins {
|
||||
|
||||
apply plugin: 'io.spring.nohttp'
|
||||
apply plugin: 'locks'
|
||||
apply plugin: 's101'
|
||||
apply plugin: 'io.spring.convention.root'
|
||||
apply plugin: 'org.jetbrains.kotlin.jvm'
|
||||
apply plugin: 'org.springframework.security.versions.verify-dependencies-versions'
|
||||
@@ -121,11 +120,6 @@ tasks.register('cloneRepository', IncludeRepoTask) {
|
||||
outputDirectory = project.hasProperty("cloneOutputDirectory") ? project.file("$cloneOutputDirectory") : defaultDirectory
|
||||
}
|
||||
|
||||
s101 {
|
||||
repository = 'https://structure101.com/binaries/latest'
|
||||
configurationDirectory = project.file("etc/s101")
|
||||
}
|
||||
|
||||
wrapperUpgrade {
|
||||
gradle {
|
||||
'spring-security' {
|
||||
|
||||
@@ -95,6 +95,8 @@ dependencies {
|
||||
testImplementation 'org.mockito:mockito-core'
|
||||
testImplementation 'org.mockito:mockito-junit-jupiter'
|
||||
testImplementation libs.com.squareup.okhttp3.mockwebserver
|
||||
|
||||
testRuntimeOnly 'org.junit.platform:junit-platform-launcher'
|
||||
}
|
||||
|
||||
|
||||
|
||||
@@ -6,5 +6,7 @@ dependencies {
|
||||
implementation 'org.springframework:spring-core'
|
||||
testImplementation "org.junit.jupiter:junit-jupiter-api"
|
||||
testImplementation "org.junit.jupiter:junit-jupiter-engine"
|
||||
|
||||
testRuntimeOnly 'org.junit.platform:junit-platform-launcher'
|
||||
}
|
||||
|
||||
|
||||
@@ -5,4 +5,6 @@ dependencies {
|
||||
optional 'ch.qos.logback:logback-classic'
|
||||
testImplementation "org.junit.jupiter:junit-jupiter-api"
|
||||
testImplementation "org.junit.jupiter:junit-jupiter-engine"
|
||||
|
||||
testRuntimeOnly 'org.junit.platform:junit-platform-launcher'
|
||||
}
|
||||
|
||||
@@ -22,4 +22,6 @@ dependencies {
|
||||
testImplementation "org.mockito:mockito-junit-jupiter"
|
||||
testImplementation "org.springframework:spring-test"
|
||||
testImplementation 'org.skyscreamer:jsonassert'
|
||||
|
||||
testRuntimeOnly 'org.junit.platform:junit-platform-launcher'
|
||||
}
|
||||
|
||||
@@ -126,6 +126,7 @@ dependencies {
|
||||
testImplementation libs.org.eclipse.jetty.jetty.servlet
|
||||
|
||||
testRuntimeOnly 'org.hsqldb:hsqldb'
|
||||
testRuntimeOnly 'org.junit.platform:junit-platform-launcher'
|
||||
}
|
||||
|
||||
def rncToXsd = tasks.named('rncToXsd', RncToXsd)
|
||||
|
||||
+1
@@ -67,6 +67,7 @@ import static org.assertj.core.api.Assertions.assertThat;
|
||||
*
|
||||
* @author Daniel Garnier-Moiroux
|
||||
*/
|
||||
@org.junit.jupiter.api.Disabled
|
||||
class WebAuthnWebDriverTests {
|
||||
|
||||
private String baseUrl;
|
||||
|
||||
+9
-12
@@ -32,6 +32,7 @@ import java.nio.file.Path;
|
||||
import java.nio.file.Paths;
|
||||
import java.time.Instant;
|
||||
import java.util.ArrayList;
|
||||
import java.util.Arrays;
|
||||
import java.util.Collection;
|
||||
import java.util.Date;
|
||||
import java.util.HashMap;
|
||||
@@ -39,7 +40,6 @@ import java.util.List;
|
||||
import java.util.Locale;
|
||||
import java.util.Map;
|
||||
import java.util.Set;
|
||||
import java.util.stream.Collectors;
|
||||
import java.util.stream.Stream;
|
||||
|
||||
import jakarta.servlet.http.Cookie;
|
||||
@@ -717,7 +717,7 @@ class SpringSecurityCoreVersionSerializableTests {
|
||||
}
|
||||
|
||||
@Test
|
||||
void listClassesMissingSerialVersion() throws Exception {
|
||||
void allSerializableClassesShouldHaveSerialVersionOrSuppressWarnings() throws Exception {
|
||||
ClassPathScanningCandidateComponentProvider provider = new ClassPathScanningCandidateComponentProvider(false);
|
||||
provider.addIncludeFilter(new AssignableTypeFilter(Serializable.class));
|
||||
List<Class<?>> classes = new ArrayList<>();
|
||||
@@ -725,10 +725,6 @@ class SpringSecurityCoreVersionSerializableTests {
|
||||
Set<BeanDefinition> components = provider.findCandidateComponents("org/springframework/security");
|
||||
for (BeanDefinition component : components) {
|
||||
Class<?> clazz = Class.forName(component.getBeanClassName());
|
||||
boolean isAbstract = Modifier.isAbstract(clazz.getModifiers());
|
||||
if (isAbstract) {
|
||||
continue;
|
||||
}
|
||||
if (clazz.isEnum()) {
|
||||
continue;
|
||||
}
|
||||
@@ -738,15 +734,16 @@ class SpringSecurityCoreVersionSerializableTests {
|
||||
boolean hasSerialVersion = Stream.of(clazz.getDeclaredFields())
|
||||
.map(Field::getName)
|
||||
.anyMatch((n) -> n.equals("serialVersionUID"));
|
||||
if (!hasSerialVersion) {
|
||||
SuppressWarnings suppressWarnings = clazz.getAnnotation(SuppressWarnings.class);
|
||||
boolean hasSerialIgnore = suppressWarnings == null
|
||||
|| Arrays.asList(suppressWarnings.value()).contains("Serial");
|
||||
if (!hasSerialVersion && !hasSerialIgnore) {
|
||||
classes.add(clazz);
|
||||
}
|
||||
}
|
||||
if (!classes.isEmpty()) {
|
||||
System.out
|
||||
.println("Found " + classes.size() + " Serializable classes that don't declare a seriallVersionUID");
|
||||
System.out.println(classes.stream().map(Class::getName).collect(Collectors.joining("\r\n")));
|
||||
}
|
||||
assertThat(classes)
|
||||
.describedAs("Found Serializable classes that are either missing a serialVersionUID or a @SuppressWarnings")
|
||||
.isEmpty();
|
||||
}
|
||||
|
||||
static Stream<Class<?>> getClassesToSerialize() throws Exception {
|
||||
|
||||
@@ -40,6 +40,7 @@ dependencies {
|
||||
testImplementation 'io.mockk:mockk'
|
||||
|
||||
testRuntimeOnly 'org.hsqldb:hsqldb'
|
||||
testRuntimeOnly 'org.junit.platform:junit-platform-launcher'
|
||||
}
|
||||
|
||||
task springVersion(type: org.gradle.api.tasks.WriteProperties) {
|
||||
|
||||
+16
@@ -19,6 +19,7 @@ package org.springframework.security.authorization.method;
|
||||
import org.springframework.expression.EvaluationContext;
|
||||
import org.springframework.expression.EvaluationException;
|
||||
import org.springframework.expression.Expression;
|
||||
import org.springframework.security.authorization.AuthorizationDeniedException;
|
||||
import org.springframework.security.authorization.AuthorizationResult;
|
||||
import org.springframework.security.authorization.ExpressionAuthorizationDecision;
|
||||
|
||||
@@ -43,9 +44,24 @@ final class ExpressionUtils {
|
||||
"SpEL expression must return either a Boolean or an AuthorizationDecision");
|
||||
}
|
||||
catch (EvaluationException ex) {
|
||||
AuthorizationDeniedException denied = findAuthorizationException(ex);
|
||||
if (denied != null) {
|
||||
throw denied;
|
||||
}
|
||||
throw new IllegalArgumentException("Failed to evaluate expression '" + expr.getExpressionString() + "'",
|
||||
ex);
|
||||
}
|
||||
}
|
||||
|
||||
static AuthorizationDeniedException findAuthorizationException(EvaluationException ex) {
|
||||
Throwable cause = ex.getCause();
|
||||
while (cause != null) {
|
||||
if (cause instanceof AuthorizationDeniedException denied) {
|
||||
return denied;
|
||||
}
|
||||
cause = cause.getCause();
|
||||
}
|
||||
return null;
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
+4
-4
@@ -19,9 +19,9 @@ package org.springframework.security.core.annotation;
|
||||
import java.lang.annotation.Annotation;
|
||||
import java.lang.reflect.AnnotatedElement;
|
||||
import java.util.ArrayList;
|
||||
import java.util.HashMap;
|
||||
import java.util.List;
|
||||
import java.util.Map;
|
||||
import java.util.concurrent.ConcurrentHashMap;
|
||||
|
||||
/**
|
||||
* Factory for creating {@link SecurityAnnotationScanner} instances.
|
||||
@@ -31,11 +31,11 @@ import java.util.Map;
|
||||
*/
|
||||
public final class SecurityAnnotationScanners {
|
||||
|
||||
private static final Map<Class<? extends Annotation>, SecurityAnnotationScanner<? extends Annotation>> uniqueScanners = new HashMap<>();
|
||||
private static final Map<Class<? extends Annotation>, SecurityAnnotationScanner<? extends Annotation>> uniqueScanners = new ConcurrentHashMap<>();
|
||||
|
||||
private static final Map<Class<? extends Annotation>, SecurityAnnotationScanner<? extends Annotation>> uniqueTemplateScanners = new HashMap<>();
|
||||
private static final Map<Class<? extends Annotation>, SecurityAnnotationScanner<? extends Annotation>> uniqueTemplateScanners = new ConcurrentHashMap<>();
|
||||
|
||||
private static final Map<List<Class<? extends Annotation>>, SecurityAnnotationScanner<? extends Annotation>> uniqueTypesScanners = new HashMap<>();
|
||||
private static final Map<List<Class<? extends Annotation>>, SecurityAnnotationScanner<? extends Annotation>> uniqueTypesScanners = new ConcurrentHashMap<>();
|
||||
|
||||
private SecurityAnnotationScanners() {
|
||||
}
|
||||
|
||||
+55
-7
@@ -19,8 +19,10 @@ package org.springframework.security.core.annotation;
|
||||
import java.lang.annotation.Annotation;
|
||||
import java.lang.reflect.AnnotatedElement;
|
||||
import java.lang.reflect.Method;
|
||||
import java.lang.reflect.Modifier;
|
||||
import java.lang.reflect.Parameter;
|
||||
import java.util.ArrayList;
|
||||
import java.util.Arrays;
|
||||
import java.util.Collections;
|
||||
import java.util.HashSet;
|
||||
import java.util.List;
|
||||
@@ -29,6 +31,7 @@ import java.util.Set;
|
||||
import java.util.concurrent.ConcurrentHashMap;
|
||||
|
||||
import org.springframework.core.MethodClassKey;
|
||||
import org.springframework.core.ResolvableType;
|
||||
import org.springframework.core.annotation.AnnotationConfigurationException;
|
||||
import org.springframework.core.annotation.MergedAnnotation;
|
||||
import org.springframework.core.annotation.MergedAnnotations;
|
||||
@@ -169,18 +172,15 @@ final class UniqueSecurityAnnotationScanner<A extends Annotation> extends Abstra
|
||||
return Collections.emptyList();
|
||||
}
|
||||
classesToSkip.add(targetClass);
|
||||
try {
|
||||
Method methodToUse = targetClass.getDeclaredMethod(method.getName(), method.getParameterTypes());
|
||||
Method methodToUse = findMethod(method, targetClass);
|
||||
if (methodToUse != null) {
|
||||
List<MergedAnnotation<A>> annotations = findDirectAnnotations(methodToUse);
|
||||
if (!annotations.isEmpty()) {
|
||||
return annotations;
|
||||
}
|
||||
}
|
||||
catch (NoSuchMethodException ex) {
|
||||
// move on
|
||||
}
|
||||
List<MergedAnnotation<A>> annotations = new ArrayList<>();
|
||||
annotations.addAll(findClosestMethodAnnotations(method, targetClass.getSuperclass(), classesToSkip));
|
||||
List<MergedAnnotation<A>> annotations = new ArrayList<>(
|
||||
findClosestMethodAnnotations(method, targetClass.getSuperclass(), classesToSkip));
|
||||
for (Class<?> inter : targetClass.getInterfaces()) {
|
||||
annotations.addAll(findClosestMethodAnnotations(method, inter, classesToSkip));
|
||||
}
|
||||
@@ -212,4 +212,52 @@ final class UniqueSecurityAnnotationScanner<A extends Annotation> extends Abstra
|
||||
.toList();
|
||||
}
|
||||
|
||||
private static Method findMethod(Method method, Class<?> targetClass) {
|
||||
for (Method candidate : targetClass.getDeclaredMethods()) {
|
||||
if (candidate == method) {
|
||||
return candidate;
|
||||
}
|
||||
if (isOverride(method, candidate)) {
|
||||
return candidate;
|
||||
}
|
||||
}
|
||||
return null;
|
||||
}
|
||||
|
||||
private static boolean isOverride(Method rootMethod, Method candidateMethod) {
|
||||
return (!Modifier.isPrivate(candidateMethod.getModifiers())
|
||||
&& candidateMethod.getName().equals(rootMethod.getName())
|
||||
&& hasSameParameterTypes(rootMethod, candidateMethod));
|
||||
}
|
||||
|
||||
private static boolean hasSameParameterTypes(Method rootMethod, Method candidateMethod) {
|
||||
if (candidateMethod.getParameterCount() != rootMethod.getParameterCount()) {
|
||||
return false;
|
||||
}
|
||||
Class<?>[] rootParameterTypes = rootMethod.getParameterTypes();
|
||||
Class<?>[] candidateParameterTypes = candidateMethod.getParameterTypes();
|
||||
if (Arrays.equals(candidateParameterTypes, rootParameterTypes)) {
|
||||
return true;
|
||||
}
|
||||
return hasSameGenericTypeParameters(rootMethod, candidateMethod, rootParameterTypes);
|
||||
}
|
||||
|
||||
private static boolean hasSameGenericTypeParameters(Method rootMethod, Method candidateMethod,
|
||||
Class<?>[] rootParameterTypes) {
|
||||
|
||||
Class<?> sourceDeclaringClass = rootMethod.getDeclaringClass();
|
||||
Class<?> candidateDeclaringClass = candidateMethod.getDeclaringClass();
|
||||
if (!candidateDeclaringClass.isAssignableFrom(sourceDeclaringClass)) {
|
||||
return false;
|
||||
}
|
||||
for (int i = 0; i < rootParameterTypes.length; i++) {
|
||||
Class<?> resolvedParameterType = ResolvableType.forMethodParameter(candidateMethod, i, sourceDeclaringClass)
|
||||
.resolve();
|
||||
if (rootParameterTypes[i] != resolvedParameterType) {
|
||||
return false;
|
||||
}
|
||||
}
|
||||
return true;
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
+15
@@ -22,9 +22,11 @@ import org.springframework.expression.Expression;
|
||||
import org.springframework.expression.spel.standard.SpelExpressionParser;
|
||||
import org.springframework.expression.spel.support.StandardEvaluationContext;
|
||||
import org.springframework.security.authorization.AuthorizationDecision;
|
||||
import org.springframework.security.authorization.AuthorizationDeniedException;
|
||||
import org.springframework.security.authorization.ExpressionAuthorizationDecision;
|
||||
|
||||
import static org.assertj.core.api.Assertions.assertThat;
|
||||
import static org.assertj.core.api.Assertions.assertThatExceptionOfType;
|
||||
|
||||
public class ExpressionUtilsTests {
|
||||
|
||||
@@ -48,10 +50,23 @@ public class ExpressionUtilsTests {
|
||||
assertThat(ExpressionUtils.evaluate(expression, context)).isInstanceOf(ExpressionAuthorizationDecision.class);
|
||||
}
|
||||
|
||||
@Test
|
||||
public void evaluateWhenExpressionThrowsAuthorizationDeniedExceptionThenPropagates() {
|
||||
SpelExpressionParser parser = new SpelExpressionParser();
|
||||
Expression expression = parser.parseExpression("#root.throwException()");
|
||||
StandardEvaluationContext context = new StandardEvaluationContext(this);
|
||||
assertThatExceptionOfType(AuthorizationDeniedException.class)
|
||||
.isThrownBy(() -> ExpressionUtils.evaluate(expression, context));
|
||||
}
|
||||
|
||||
public AuthorizationDecision returnDecision() {
|
||||
return new AuthorizationDecisionDetails(false, this.details);
|
||||
}
|
||||
|
||||
public Object throwException() {
|
||||
throw new AuthorizationDeniedException("denied", new AuthorizationDecision(false));
|
||||
}
|
||||
|
||||
public boolean returnResult() {
|
||||
return false;
|
||||
}
|
||||
|
||||
+60
@@ -251,6 +251,30 @@ public class UniqueSecurityAnnotationScannerTests {
|
||||
assertThat(preAuthorize).isNull();
|
||||
}
|
||||
|
||||
// gh-16751
|
||||
@Test
|
||||
void scanWhenAnnotationOnParameterizedInterfaceTheLocates() throws Exception {
|
||||
Method method = MyServiceImpl.class.getDeclaredMethod("get", String.class);
|
||||
PreAuthorize pre = this.scanner.scan(method, method.getDeclaringClass());
|
||||
assertThat(pre).isNotNull();
|
||||
}
|
||||
|
||||
// gh-16751
|
||||
@Test
|
||||
void scanWhenAnnotationOnParameterizedSuperClassThenLocates() throws Exception {
|
||||
Method method = MyServiceImpl.class.getDeclaredMethod("getExt", Long.class);
|
||||
PreAuthorize pre = this.scanner.scan(method, method.getDeclaringClass());
|
||||
assertThat(pre).isNotNull();
|
||||
}
|
||||
|
||||
// gh-16751
|
||||
@Test
|
||||
void scanWhenAnnotationOnParameterizedMethodThenLocates() throws Exception {
|
||||
Method method = MyServiceImpl.class.getDeclaredMethod("getExtByClass", Class.class, Long.class);
|
||||
PreAuthorize pre = this.scanner.scan(method, method.getDeclaringClass());
|
||||
assertThat(pre).isNotNull();
|
||||
}
|
||||
|
||||
@PreAuthorize("one")
|
||||
private interface AnnotationOnInterface {
|
||||
|
||||
@@ -577,4 +601,40 @@ public class UniqueSecurityAnnotationScannerTests {
|
||||
|
||||
}
|
||||
|
||||
interface MyService<C, U> {
|
||||
|
||||
@PreAuthorize("thirty")
|
||||
C get(U u);
|
||||
|
||||
}
|
||||
|
||||
abstract static class MyServiceExt<T> implements MyService<Integer, String> {
|
||||
|
||||
@PreAuthorize("thirtyone")
|
||||
abstract T getExt(T t);
|
||||
|
||||
@PreAuthorize("thirtytwo")
|
||||
abstract <S extends Number> S getExtByClass(Class<S> clazz, T t);
|
||||
|
||||
}
|
||||
|
||||
static class MyServiceImpl extends MyServiceExt<Long> {
|
||||
|
||||
@Override
|
||||
public Integer get(final String s) {
|
||||
return 0;
|
||||
}
|
||||
|
||||
@Override
|
||||
Long getExt(Long o) {
|
||||
return 0L;
|
||||
}
|
||||
|
||||
@Override
|
||||
<S extends Number> S getExtByClass(Class<S> clazz, Long l) {
|
||||
return null;
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@@ -13,4 +13,6 @@ dependencies {
|
||||
testImplementation "org.mockito:mockito-core"
|
||||
testImplementation "org.mockito:mockito-junit-jupiter"
|
||||
testImplementation "org.springframework:spring-test"
|
||||
|
||||
testRuntimeOnly 'org.junit.platform:junit-platform-launcher'
|
||||
}
|
||||
|
||||
@@ -611,6 +611,9 @@ public class BCrypt {
|
||||
int rounds, off;
|
||||
StringBuilder rs = new StringBuilder();
|
||||
|
||||
if (passwordb.length > 72) {
|
||||
throw new IllegalArgumentException("password cannot be more than 72 bytes");
|
||||
}
|
||||
if (salt == null) {
|
||||
throw new IllegalArgumentException("salt cannot be null");
|
||||
}
|
||||
|
||||
+10
@@ -222,4 +222,14 @@ public class BCryptPasswordEncoderTests {
|
||||
assertThat(encoder.matches("wrong", "$2a$00$9N8N35BVs5TLqGL3pspAte5OWWA2a2aZIs.EGp7At7txYakFERMue")).isFalse();
|
||||
}
|
||||
|
||||
@Test
|
||||
public void enforcePasswordLength() {
|
||||
BCryptPasswordEncoder encoder = new BCryptPasswordEncoder();
|
||||
String password72chars = "123456789012345678901234567890123456789012345678901234567890123456789012";
|
||||
assertThat(encoder.matches(password72chars, encoder.encode(password72chars))).isTrue();
|
||||
String password73chars = password72chars.concat("a");
|
||||
assertThatIllegalArgumentException()
|
||||
.isThrownBy(() -> encoder.matches(password73chars, encoder.encode(password73chars)));
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@@ -15,4 +15,6 @@ dependencies {
|
||||
testImplementation "org.mockito:mockito-junit-jupiter"
|
||||
testImplementation "org.springframework:spring-test"
|
||||
|
||||
testRuntimeOnly 'org.junit.platform:junit-platform-launcher'
|
||||
|
||||
}
|
||||
|
||||
@@ -649,7 +649,7 @@ class MyAuthoritiesPopulator : LdapAuthoritiesPopulator {
|
||||
|
||||
You would then add a bean of this type to your application context and inject it into the `LdapAuthenticationProvider`. This is covered in the section on configuring LDAP by using explicit Spring beans in the LDAP chapter of the reference manual.
|
||||
Note that you cannot use the namespace for configuration in this case.
|
||||
You should also consult the security-api-url[Javadoc] for the relevant classes and interfaces.
|
||||
You should also consult the {security-api-url}[Javadoc] for the relevant classes and interfaces.
|
||||
|
||||
|
||||
[[appendix-faq-namespace-post-processor]]
|
||||
|
||||
@@ -695,7 +695,7 @@ Kotlin::
|
||||
----
|
||||
@Component
|
||||
open class BankService {
|
||||
@PreFilter("filterObject.owner == authentication.name")
|
||||
@PostFilter("filterObject.owner == authentication.name")
|
||||
fun readAccounts(vararg ids: String): Collection<Account> {
|
||||
// ... the return value will be filtered to only contain the accounts owned by the logged-in user
|
||||
return accounts
|
||||
|
||||
+1
-1
@@ -14,7 +14,7 @@
|
||||
# limitations under the License.
|
||||
#
|
||||
springBootVersion=3.3.3
|
||||
version=6.4.3
|
||||
version=6.4.4
|
||||
samplesBranch=main
|
||||
org.gradle.jvmargs=-Xmx3g -XX:+HeapDumpOnOutOfMemoryError
|
||||
org.gradle.parallel=true
|
||||
|
||||
+11
-11
@@ -14,11 +14,11 @@ org-jetbrains-kotlinx = "1.9.0"
|
||||
org-mockito = "5.14.2"
|
||||
org-opensaml = "4.3.2"
|
||||
org-opensaml5 = "5.1.2"
|
||||
org-springframework = "6.2.3"
|
||||
org-springframework = "6.2.4"
|
||||
|
||||
[libraries]
|
||||
ch-qos-logback-logback-classic = "ch.qos.logback:logback-classic:1.5.16"
|
||||
com-fasterxml-jackson-jackson-bom = "com.fasterxml.jackson:jackson-bom:2.18.2"
|
||||
ch-qos-logback-logback-classic = "ch.qos.logback:logback-classic:1.5.17"
|
||||
com-fasterxml-jackson-jackson-bom = "com.fasterxml.jackson:jackson-bom:2.18.3"
|
||||
com-google-inject-guice = "com.google.inject:guice:3.0"
|
||||
com-netflix-nebula-nebula-project-plugin = "com.netflix.nebula:nebula-project-plugin:8.2.0"
|
||||
com-nimbusds-nimbus-jose-jwt = "com.nimbusds:nimbus-jose-jwt:9.37.3"
|
||||
@@ -28,9 +28,9 @@ com-squareup-okhttp3-okhttp = { module = "com.squareup.okhttp3:okhttp", version.
|
||||
com-unboundid-unboundid-ldapsdk = "com.unboundid:unboundid-ldapsdk:6.0.11"
|
||||
com-unboundid-unboundid-ldapsdk7 = "com.unboundid:unboundid-ldapsdk:7.0.1"
|
||||
commons-collections = "commons-collections:commons-collections:3.2.2"
|
||||
io-micrometer-micrometer-observation = "io.micrometer:micrometer-observation:1.14.4"
|
||||
io-mockk = "io.mockk:mockk:1.13.16"
|
||||
io-projectreactor-reactor-bom = "io.projectreactor:reactor-bom:2023.0.15"
|
||||
io-micrometer-micrometer-observation = "io.micrometer:micrometer-observation:1.14.5"
|
||||
io-mockk = "io.mockk:mockk:1.13.17"
|
||||
io-projectreactor-reactor-bom = "io.projectreactor:reactor-bom:2023.0.16"
|
||||
io-rsocket-rsocket-bom = { module = "io.rsocket:rsocket-bom", version.ref = "io-rsocket" }
|
||||
io-spring-javaformat-spring-javaformat-checkstyle = { module = "io.spring.javaformat:spring-javaformat-checkstyle", version.ref = "io-spring-javaformat" }
|
||||
io-spring-javaformat-spring-javaformat-gradle-plugin = { module = "io.spring.javaformat:spring-javaformat-gradle-plugin", version.ref = "io-spring-javaformat" }
|
||||
@@ -70,7 +70,7 @@ org-bouncycastle-bcprov-jdk15on = { module = "org.bouncycastle:bcprov-jdk18on",
|
||||
org-eclipse-jetty-jetty-server = { module = "org.eclipse.jetty:jetty-server", version.ref = "org-eclipse-jetty" }
|
||||
org-eclipse-jetty-jetty-servlet = { module = "org.eclipse.jetty:jetty-servlet", version.ref = "org-eclipse-jetty" }
|
||||
org-hamcrest = "org.hamcrest:hamcrest:2.2"
|
||||
org-hibernate-orm-hibernate-core = "org.hibernate.orm:hibernate-core:6.6.8.Final"
|
||||
org-hibernate-orm-hibernate-core = "org.hibernate.orm:hibernate-core:6.6.11.Final"
|
||||
org-hsqldb = "org.hsqldb:hsqldb:2.7.4"
|
||||
org-jetbrains-kotlin-kotlin-bom = { module = "org.jetbrains.kotlin:kotlin-bom", version.ref = "org-jetbrains-kotlin" }
|
||||
org-jetbrains-kotlin-kotlin-gradle-plugin = "org.jetbrains.kotlin:kotlin-gradle-plugin:1.9.25"
|
||||
@@ -87,8 +87,8 @@ org-seleniumhq-selenium-selenium-java = "org.seleniumhq.selenium:selenium-java:4
|
||||
org-seleniumhq-selenium-selenium-support = "org.seleniumhq.selenium:selenium-support:3.141.59"
|
||||
org-skyscreamer-jsonassert = "org.skyscreamer:jsonassert:1.5.3"
|
||||
org-slf4j-log4j-over-slf4j = "org.slf4j:log4j-over-slf4j:1.7.36"
|
||||
org-slf4j-slf4j-api = "org.slf4j:slf4j-api:2.0.16"
|
||||
org-springframework-data-spring-data-bom = "org.springframework.data:spring-data-bom:2024.1.3"
|
||||
org-slf4j-slf4j-api = "org.slf4j:slf4j-api:2.0.17"
|
||||
org-springframework-data-spring-data-bom = "org.springframework.data:spring-data-bom:2024.1.4"
|
||||
org-springframework-ldap-spring-ldap-core = "org.springframework.ldap:spring-ldap-core:3.2.11"
|
||||
org-springframework-spring-framework-bom = { module = "org.springframework:spring-framework-bom", version.ref = "org-springframework" }
|
||||
org-synchronoss-cloud-nio-multipart-parser = "org.synchronoss.cloud:nio-multipart-parser:1.1.0"
|
||||
@@ -103,11 +103,11 @@ org-gretty-gretty = "org.gretty:gretty:4.1.6"
|
||||
com-github-ben-manes-gradle-versions-plugin = "com.github.ben-manes:gradle-versions-plugin:0.51.0"
|
||||
com-github-spullara-mustache-java-compiler = "com.github.spullara.mustache.java:compiler:0.9.14"
|
||||
org-hidetake-gradle-ssh-plugin = "org.hidetake:gradle-ssh-plugin:2.10.1"
|
||||
org-jfrog-buildinfo-build-info-extractor-gradle = "org.jfrog.buildinfo:build-info-extractor-gradle:4.33.23"
|
||||
org-jfrog-buildinfo-build-info-extractor-gradle = "org.jfrog.buildinfo:build-info-extractor-gradle:4.33.24"
|
||||
org-sonarsource-scanner-gradle-sonarqube-gradle-plugin = "org.sonarsource.scanner.gradle:sonarqube-gradle-plugin:2.8.0.1969"
|
||||
org-instancio-instancio-junit = "org.instancio:instancio-junit:3.7.1"
|
||||
|
||||
webauthn4j-core = 'com.webauthn4j:webauthn4j-core:0.28.5.RELEASE'
|
||||
webauthn4j-core = 'com.webauthn4j:webauthn4j-core:0.28.6.RELEASE'
|
||||
|
||||
[plugins]
|
||||
|
||||
|
||||
@@ -22,6 +22,7 @@ dependencies {
|
||||
|
||||
testRuntimeOnly project(':spring-security-config')
|
||||
testRuntimeOnly 'org.aspectj:aspectjweaver'
|
||||
testRuntimeOnly 'org.junit.platform:junit-platform-launcher'
|
||||
}
|
||||
|
||||
System.setProperty('python.cachedir.skip', 'true')
|
||||
|
||||
+2
@@ -25,4 +25,6 @@ dependencies {
|
||||
testImplementation "org.mockito:mockito-core"
|
||||
testImplementation "org.mockito:mockito-junit-jupiter"
|
||||
testImplementation "org.springframework:spring-test"
|
||||
|
||||
testRuntimeOnly 'org.junit.platform:junit-platform-launcher'
|
||||
}
|
||||
|
||||
+2
@@ -25,4 +25,6 @@ dependencies {
|
||||
testImplementation "org.mockito:mockito-core"
|
||||
testImplementation "org.mockito:mockito-junit-jupiter"
|
||||
testImplementation "org.springframework:spring-test"
|
||||
|
||||
testRuntimeOnly 'org.junit.platform:junit-platform-launcher'
|
||||
}
|
||||
|
||||
+2
@@ -18,4 +18,6 @@ dependencies {
|
||||
testImplementation "org.mockito:mockito-core"
|
||||
testImplementation "org.mockito:mockito-junit-jupiter"
|
||||
testImplementation "org.springframework:spring-test"
|
||||
|
||||
testRuntimeOnly 'org.junit.platform:junit-platform-launcher'
|
||||
}
|
||||
|
||||
@@ -17,4 +17,6 @@ dependencies {
|
||||
testImplementation "org.mockito:mockito-core"
|
||||
testImplementation "org.mockito:mockito-junit-jupiter"
|
||||
testImplementation "org.springframework:spring-test"
|
||||
|
||||
testRuntimeOnly 'org.junit.platform:junit-platform-launcher'
|
||||
}
|
||||
|
||||
+2
@@ -18,4 +18,6 @@ dependencies {
|
||||
testImplementation "org.mockito:mockito-core"
|
||||
testImplementation "org.mockito:mockito-junit-jupiter"
|
||||
testImplementation "org.springframework:spring-test"
|
||||
|
||||
testRuntimeOnly 'org.junit.platform:junit-platform-launcher'
|
||||
}
|
||||
|
||||
@@ -25,6 +25,7 @@ dependencies {
|
||||
|
||||
testRuntimeOnly project(':spring-security-config')
|
||||
testRuntimeOnly project(':spring-security-ldap')
|
||||
testRuntimeOnly 'org.junit.platform:junit-platform-launcher'
|
||||
}
|
||||
|
||||
integrationTest {
|
||||
|
||||
@@ -39,8 +39,10 @@ dependencies {
|
||||
testImplementation "org.mockito:mockito-junit-jupiter"
|
||||
testImplementation "org.springframework:spring-test"
|
||||
testImplementation 'org.skyscreamer:jsonassert'
|
||||
|
||||
unboundid7 libs.com.unboundid.unboundid.ldapsdk7
|
||||
|
||||
testRuntimeOnly 'org.junit.platform:junit-platform-launcher'
|
||||
}
|
||||
|
||||
integrationTest {
|
||||
|
||||
@@ -27,4 +27,5 @@ dependencies {
|
||||
testImplementation "ch.qos.logback:logback-classic"
|
||||
|
||||
testRuntimeOnly 'org.hsqldb:hsqldb'
|
||||
testRuntimeOnly 'org.junit.platform:junit-platform-launcher'
|
||||
}
|
||||
|
||||
@@ -33,6 +33,7 @@ dependencies {
|
||||
testImplementation "org.springframework:spring-test"
|
||||
|
||||
testRuntimeOnly 'org.hsqldb:hsqldb'
|
||||
testRuntimeOnly 'org.junit.platform:junit-platform-launcher'
|
||||
|
||||
provided 'jakarta.servlet:jakarta.servlet-api'
|
||||
}
|
||||
|
||||
+2
-2
@@ -1,5 +1,5 @@
|
||||
/*
|
||||
* Copyright 2002-2019 the original author or authors.
|
||||
* Copyright 2002-2025 the original author or authors.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
@@ -26,7 +26,7 @@ import org.springframework.util.Assert;
|
||||
|
||||
/**
|
||||
* An implementation of an {@link OAuth2AuthorizedClientProvider} that simply delegates to
|
||||
* it's internal {@code List} of {@link OAuth2AuthorizedClientProvider}(s).
|
||||
* its internal {@code List} of {@link OAuth2AuthorizedClientProvider}(s).
|
||||
* <p>
|
||||
* Each provider is given a chance to
|
||||
* {@link OAuth2AuthorizedClientProvider#authorize(OAuth2AuthorizationContext) authorize}
|
||||
|
||||
+2
-2
@@ -1,5 +1,5 @@
|
||||
/*
|
||||
* Copyright 2002-2019 the original author or authors.
|
||||
* Copyright 2002-2025 the original author or authors.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
@@ -28,7 +28,7 @@ import org.springframework.util.Assert;
|
||||
|
||||
/**
|
||||
* An implementation of a {@link ReactiveOAuth2AuthorizedClientProvider} that simply
|
||||
* delegates to it's internal {@code List} of
|
||||
* delegates to its internal {@code List} of
|
||||
* {@link ReactiveOAuth2AuthorizedClientProvider}(s).
|
||||
* <p>
|
||||
* Each provider is given a chance to
|
||||
|
||||
+2
-2
@@ -1,5 +1,5 @@
|
||||
/*
|
||||
* Copyright 2002-2018 the original author or authors.
|
||||
* Copyright 2002-2025 the original author or authors.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
@@ -29,7 +29,7 @@ import org.springframework.util.Assert;
|
||||
* A representation of an OAuth 2.0 "Authorized Client".
|
||||
* <p>
|
||||
* A client is considered "authorized" when the End-User (Resource Owner) has
|
||||
* granted authorization to the client to access it's protected resources.
|
||||
* granted authorization to the client to access its protected resources.
|
||||
* <p>
|
||||
* This class associates the {@link #getClientRegistration() Client} to the
|
||||
* {@link #getAccessToken() Access Token} granted/authorized by the
|
||||
|
||||
+2
-2
@@ -1,5 +1,5 @@
|
||||
/*
|
||||
* Copyright 2002-2017 the original author or authors.
|
||||
* Copyright 2002-2025 the original author or authors.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
@@ -32,7 +32,7 @@ import org.springframework.util.Assert;
|
||||
* <p>
|
||||
* The {@link Authentication} associates an {@link OAuth2User} {@code Principal} to the
|
||||
* identifier of the {@link #getAuthorizedClientRegistrationId() Authorized Client}, which
|
||||
* the End-User ({@code Principal}) granted authorization to so that it can access it's
|
||||
* the End-User ({@code Principal}) granted authorization to so that it can access its
|
||||
* protected resources at the UserInfo Endpoint.
|
||||
*
|
||||
* @author Joe Grandja
|
||||
|
||||
+3
-3
@@ -1,5 +1,5 @@
|
||||
/*
|
||||
* Copyright 2002-2017 the original author or authors.
|
||||
* Copyright 2002-2025 the original author or authors.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
@@ -26,8 +26,8 @@ import org.springframework.security.oauth2.core.user.OAuth2User;
|
||||
import org.springframework.util.Assert;
|
||||
|
||||
/**
|
||||
* An implementation of an {@link OAuth2UserService} that simply delegates to it's
|
||||
* internal {@code List} of {@link OAuth2UserService}(s).
|
||||
* An implementation of an {@link OAuth2UserService} that simply delegates to its internal
|
||||
* {@code List} of {@link OAuth2UserService}(s).
|
||||
* <p>
|
||||
* Each {@link OAuth2UserService} is given a chance to
|
||||
* {@link OAuth2UserService#loadUser(OAuth2UserRequest) load} an {@link OAuth2User} with
|
||||
|
||||
+2
-2
@@ -1,5 +1,5 @@
|
||||
/*
|
||||
* Copyright 2002-2022 the original author or authors.
|
||||
* Copyright 2002-2025 the original author or authors.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
@@ -52,7 +52,7 @@ import org.springframework.web.util.UriComponentsBuilder;
|
||||
*
|
||||
* <p>
|
||||
* <b>NOTE:</b> The default base {@code URI} {@code /oauth2/authorization} may be
|
||||
* overridden via it's constructor
|
||||
* overridden via its constructor
|
||||
* {@link #DefaultOAuth2AuthorizationRequestResolver(ClientRegistrationRepository, String)}.
|
||||
*
|
||||
* @author Joe Grandja
|
||||
|
||||
@@ -17,4 +17,6 @@ dependencies {
|
||||
testImplementation "org.mockito:mockito-core"
|
||||
testImplementation "org.mockito:mockito-junit-jupiter"
|
||||
testImplementation "org.springframework:spring-test"
|
||||
|
||||
testRuntimeOnly 'org.junit.platform:junit-platform-launcher'
|
||||
}
|
||||
|
||||
+4
-4
@@ -1,5 +1,5 @@
|
||||
/*
|
||||
* Copyright 2002-2023 the original author or authors.
|
||||
* Copyright 2002-2025 the original author or authors.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
@@ -23,13 +23,13 @@ import org.springframework.util.Assert;
|
||||
|
||||
/**
|
||||
* An authorization grant is a credential representing the resource owner's authorization
|
||||
* (to access it's protected resources) to the client and used by the client to obtain an
|
||||
* (to access its protected resources) to the client and used by the client to obtain an
|
||||
* access token.
|
||||
*
|
||||
* <p>
|
||||
* The OAuth 2.0 Authorization Framework defines four standard grant types: authorization
|
||||
* code, resource owner password credentials, and client credentials. It also provides an
|
||||
* extensibility mechanism for defining additional grant types.
|
||||
* code, implicit, resource owner password credentials, and client credentials. It also
|
||||
* provides an extensibility mechanism for defining additional grant types.
|
||||
*
|
||||
* @author Joe Grandja
|
||||
* @author Steve Riesenberg
|
||||
|
||||
@@ -23,4 +23,6 @@ dependencies {
|
||||
testImplementation "org.mockito:mockito-core"
|
||||
testImplementation "org.mockito:mockito-junit-jupiter"
|
||||
testImplementation "org.springframework:spring-test"
|
||||
|
||||
testRuntimeOnly 'org.junit.platform:junit-platform-launcher'
|
||||
}
|
||||
|
||||
+2
-2
@@ -1,5 +1,5 @@
|
||||
/*
|
||||
* Copyright 2002-2020 the original author or authors.
|
||||
* Copyright 2002-2025 the original author or authors.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
@@ -44,7 +44,7 @@ package org.springframework.security.oauth2.jwt;
|
||||
public interface JwtDecoder {
|
||||
|
||||
/**
|
||||
* Decodes the JWT from it's compact claims representation format and returns a
|
||||
* Decodes the JWT from its compact claims representation format and returns a
|
||||
* {@link Jwt}.
|
||||
* @param token the JWT value
|
||||
* @return a {@link Jwt}
|
||||
|
||||
+3
-3
@@ -1,5 +1,5 @@
|
||||
/*
|
||||
* Copyright 2002-2021 the original author or authors.
|
||||
* Copyright 2002-2025 the original author or authors.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
@@ -18,7 +18,7 @@ package org.springframework.security.oauth2.jwt;
|
||||
|
||||
/**
|
||||
* Implementations of this interface are responsible for encoding a JSON Web Token (JWT)
|
||||
* to it's compact claims representation format.
|
||||
* to its compact claims representation format.
|
||||
*
|
||||
* <p>
|
||||
* JWTs may be represented using the JWS Compact Serialization format for a JSON Web
|
||||
@@ -47,7 +47,7 @@ package org.springframework.security.oauth2.jwt;
|
||||
public interface JwtEncoder {
|
||||
|
||||
/**
|
||||
* Encode the JWT to it's compact claims representation format.
|
||||
* Encode the JWT to its compact claims representation format.
|
||||
* @param parameters the parameters containing the JOSE header and JWT Claims Set
|
||||
* @return a {@link Jwt}
|
||||
* @throws JwtEncodingException if an error occurs while attempting to encode the JWT
|
||||
|
||||
+2
-2
@@ -1,5 +1,5 @@
|
||||
/*
|
||||
* Copyright 2002-2024 the original author or authors.
|
||||
* Copyright 2002-2025 the original author or authors.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
@@ -70,7 +70,7 @@ import org.springframework.web.reactive.function.client.WebClient;
|
||||
|
||||
/**
|
||||
* An implementation of a {@link ReactiveJwtDecoder} that "decodes" a JSON Web
|
||||
* Token (JWT) and additionally verifies it's digital signature if the JWT is a JSON Web
|
||||
* Token (JWT) and additionally verifies its digital signature if the JWT is a JSON Web
|
||||
* Signature (JWS).
|
||||
*
|
||||
* <p>
|
||||
|
||||
+3
-3
@@ -1,5 +1,5 @@
|
||||
/*
|
||||
* Copyright 2002-2020 the original author or authors.
|
||||
* Copyright 2002-2025 the original author or authors.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
@@ -20,7 +20,7 @@ import reactor.core.publisher.Mono;
|
||||
|
||||
/**
|
||||
* Implementations of this interface are responsible for "decoding" a JSON Web
|
||||
* Token (JWT) from it's compact claims representation format to a {@link Jwt}.
|
||||
* Token (JWT) from its compact claims representation format to a {@link Jwt}.
|
||||
*
|
||||
* <p>
|
||||
* JWTs may be represented using the JWS Compact Serialization format for a JSON Web
|
||||
@@ -46,7 +46,7 @@ import reactor.core.publisher.Mono;
|
||||
public interface ReactiveJwtDecoder {
|
||||
|
||||
/**
|
||||
* Decodes the JWT from it's compact claims representation format and returns a
|
||||
* Decodes the JWT from its compact claims representation format and returns a
|
||||
* {@link Jwt}.
|
||||
* @param token the JWT value
|
||||
* @return a {@link Jwt}
|
||||
|
||||
@@ -26,4 +26,6 @@ dependencies {
|
||||
testImplementation "org.mockito:mockito-core"
|
||||
testImplementation "org.mockito:mockito-junit-jupiter"
|
||||
testImplementation "org.springframework:spring-test"
|
||||
|
||||
testRuntimeOnly 'org.junit.platform:junit-platform-launcher'
|
||||
}
|
||||
|
||||
@@ -14,4 +14,6 @@ dependencies {
|
||||
testImplementation "org.mockito:mockito-core"
|
||||
testImplementation "org.mockito:mockito-junit-jupiter"
|
||||
testImplementation "org.springframework:spring-test"
|
||||
|
||||
testRuntimeOnly 'org.junit.platform:junit-platform-launcher'
|
||||
}
|
||||
|
||||
@@ -2,7 +2,7 @@ apply plugin: 'io.spring.convention.spring-module'
|
||||
|
||||
configurations {
|
||||
opensamlFiveMain { extendsFrom(optional, provided) }
|
||||
opensamlFiveTest { extendsFrom(opensamlFiveMain, testImplementation) }
|
||||
opensamlFiveTest { extendsFrom(opensamlFiveMain, testImplementation, testRuntimeOnly) }
|
||||
}
|
||||
|
||||
sourceSets {
|
||||
@@ -116,6 +116,8 @@ dependencies {
|
||||
testImplementation "org.mockito:mockito-core"
|
||||
testImplementation "org.mockito:mockito-junit-jupiter"
|
||||
testImplementation "org.springframework:spring-test"
|
||||
|
||||
testRuntimeOnly 'org.junit.platform:junit-platform-launcher'
|
||||
}
|
||||
|
||||
jar {
|
||||
|
||||
@@ -24,6 +24,8 @@ dependencies {
|
||||
testImplementation "org.mockito:mockito-core"
|
||||
testImplementation "org.mockito:mockito-junit-jupiter"
|
||||
testImplementation "org.springframework:spring-test"
|
||||
|
||||
testRuntimeOnly 'org.junit.platform:junit-platform-launcher'
|
||||
}
|
||||
|
||||
configure(project.tasks.withType(Test)) {
|
||||
|
||||
@@ -32,4 +32,6 @@ dependencies {
|
||||
testImplementation 'org.skyscreamer:jsonassert'
|
||||
testImplementation 'org.springframework:spring-webmvc'
|
||||
testImplementation 'org.springframework:spring-tx'
|
||||
|
||||
testRuntimeOnly 'org.junit.platform:junit-platform-launcher'
|
||||
}
|
||||
|
||||
@@ -65,4 +65,5 @@ dependencies {
|
||||
testImplementation 'com.squareup.okhttp3:mockwebserver'
|
||||
|
||||
testRuntimeOnly 'org.hsqldb:hsqldb'
|
||||
testRuntimeOnly 'org.junit.platform:junit-platform-launcher'
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user