Skip to content

Add AuthenticationConverter interface #5340

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 226 commits into from
Closed

Add AuthenticationConverter interface #5340

wants to merge 226 commits into from

Conversation

edeandrea
Copy link
Contributor

@edeandrea edeandrea commented May 11, 2018
edited
Loading

  • Adding an AuthenticationConverter interface
  • Retro-fitting ServerFormLoginAuthenticationConverter, ServerHttpBasicAuthenticationConverter,
    and ServerOAuth2LoginAuthenticationTokenConverter to implement AuthenticationConverter
  • Deprecate existing AuthenticationWebFilter.setAuthenticationConverter
    and add overloaded one which takes AuthenticationConverter

Fixes gh-5338

@edeandrea
Add AuthenticationConverter interface
0a6ccbc 
- Adding an AuthenticationConverter interface
- Retro-fitting ServerFormLoginAuthenticationConverter, ServerHttpBasicAuthenticationConverter,
and ServerOAuth2LoginAuthenticationTokenConverter to implement AuthenticationConverter
- Deprecate existing AuthenticationWebFilter.setAuthenticationConverter
and add overloaded one which takes AuthenticationConverter

Fixes gh-5338
@edeandrea edeandrea mentioned this pull request May 11, 2018
Closed
@rwinch rwinch added this to the 5.1.0.M2 milestone May 11, 2018
@rwinch rwinch modified the milestones: 5.1.0.M2, 5.1.0.RC1 Jul 26, 2018
@jzheaux jzheaux mentioned this pull request Aug 9, 2018
Merged
@edeandrea
Copy link
Contributor Author

Hi @rwinch just a gentle ping to see if this PR needs any more polish or anything.

@rwinch
Copy link
Member

rwinch commented Aug 14, 2018

@edeandrea Thanks for the ping. I haven't had time to review this in detail. A few things that jump to my attention

  • Since your submission the PR cannot be merged due to conflicts. Sorry for taking so long to look at this. Can you please rebase?
  • I think I would prefer that AuthenticationConverter not implement Function. Instead the old setter with a function should just adapt the code to the AuthenticationConverter interface.
  • The AuthenticationConverter should have a method named convert in it.
  • We should rename the type to be ServerAuthenticationConverter

edeandrea and others added 21 commits August 16, 2018 21:52
@edeandrea
Cleanup based on review comments
56d2551 
Fixes gh-5338
@rwinch @edeandrea
LoginPageGeneratingWebFilter conditionally renders formLogin
58fa211 
Issue: gh-4807
@rwinch @edeandrea
Single ClientRegistration redirects by default
96eaaec 
Fixes: gh-5339
@rwinch @edeandrea
Release 5.1.0.M1
ae6f324
@rwinch @edeandrea
Disable SNAPSHOT tests for release
41be145
@rwinch @edeandrea
Next Development Version
2f9cd49
@jzheaux @edeandrea
HttpConfigTests groovy->java
d406a92 
Issue: gh-4939
@jzheaux @edeandrea
HttpCorsConfigTests groovy->java
1db0782 
Issue: gh-4939
@jzheaux @edeandrea
PlaceHolderAndELConfigTests groovy->java
a759195 
Issue: gh-4939
@rwinch @edeandrea
Update to spring-build-conventions:0.0.17.RELEASE
49f86bc 
Fixes: gh-5352
@rwinch @edeandrea
Add ClientRegistration from OpenID Connect Discovery
9791b8f 
Fixes: gh-4413
@rwinch @edeandrea
Update to Gradle 4.7
bb38e05
@rwinch @edeandrea
Revert "Add ClientRegistration from OpenID Connect Discovery"
33310c6 
This reverts commit 0598d47.
@rwinch @edeandrea
Revert "Revert "Add ClientRegistration from OpenID Connect Discovery""
a1e4065 
This reverts commit 9fe0f50.

The original commit was accidentally pushed prior to PR. We attempted
to revert the commit hoping the PR would open again. This did not work.
We are going to do a Polish commit instead.

Issue: gh-5355
@rwinch @edeandrea
Move OidcConfigurationProvider to .oidc package
f61c842 
Issue: gh-5355
@rwinch @edeandrea
Polish OidcConfigurationProvider Javadoc
3cca5ad 
Issue: gh-5355
@rwinch @edeandrea
OidcConfigurationProvider uses OidcScopes.OPENID
5cafdbb 
Issue: gh-5355
@rwinch @edeandrea
Add OidcConfigurationProvider ClientAuthenticationMethod.POST support
b3f789e 
Issue: gh-5355
@rwinch @edeandrea
OidcConfigurationProvider improve invalid issuer error
e9eb7a2 
Issue: gh-5355
@rwinch @edeandrea
Exclude build from settings.gradle scanning
684688b
@rwinch @edeandrea
Polish settings.gradle
5a8129a
izeye and others added 24 commits August 16, 2018 21:55
@izeye @edeandrea
Mention spring-security-data dependency for Spring Data in doc
ca010db 
Closes #5556
@rwinch @edeandrea
Add CORS WebFlux Support
6646073 
Fixes: gh-4832
@rwinch @edeandrea
Add defaultOAuth2AuthorizedClient flag
9f1a299 
Fixes: gh-5619
@izeye @edeandrea
Add @Deprecation on removeAuthorizationRequest() (#5634)
47c935f
@rwinch @edeandrea
Add @configuration to ServerHttpSecurityConfiguration
dd1bd43 
Fixes: gh-5635
@izeye @edeandrea
Fix typo
d09c244 
Closes #5579
@rwinch @edeandrea
Regenerate spring-security-5.1.xsd
9395983 
Commit 884fdbf performed some manual edits of this file which
means running the rncToXsd task causes this file to change. This
commit regenerates the file properly.

Fixes: gh-5640
@izeye @edeandrea
Fix typo
df387c8
@edeandrea
Made JwtConfigurer fluent
db36784 
Adjusted return type of #decoder(JwtDecoder) and #jwkSetUri(String)
to return the JwtDecoder itself. Added new method #and() that returns
the enclosing OAuth2ResourceServerConfigurer.

Fixes gh-5595
@jgrandja @edeandrea
Add support for client_credentials grant
82f0767 
Fixes gh-4982
@jgrandja @edeandrea
Add OidcUserService.setOauth2UserService()
0f090b2 
Fixes gh-5604
@jgrandja @edeandrea
Expose RestOperations in NimbusJwtDecoderJwkSupport
47a8edc 
Fixes gh-5603
@rwinch @edeandrea
Move OAuth2ClientConfigurer.configure to AuthorizationCodeGrantConfig…
c635492 
…urer

Issue: gh-5654
@rwinch @edeandrea
Create AuthorizationEndpointConfig.configure
d464d2b 
Issue: gh-5654
@izeye @edeandrea
Replace isEqualTo(null) with isNull()
e85e307
@jzheaux @edeandrea
RememberMeConfigTests groovy->java
db13a2b 
Issue: gh-4939
@jgrandja @edeandrea
Add additional parameters to OAuth2UserRequest
287c4b9 
Fixes gh-5368
@jgrandja @edeandrea
Make ClientRegistration.clientSecret optional
16b0784 
Fixes gh-5652
@jgrandja @edeandrea
Relax validation on ClientRegistration
6b890ff 
Fixes gh-5667
@jzheaux @edeandrea
OIDC Provider Configuration - ClientRegistrations
742716f 
OIDC Provider Configuration is now being used to create more than just
ClientRegistration instances. Also, the endpoint is being addressed in
more contexts than just the client.

To that end, this refactors OidcConfigurationProvider in the config
project to ClientRegistrations in the oauth2-client project.

Fixes: gh-5647
@fdesu @edeandrea
Fix the broken link in the WebSocket documentation
43ee29a 
Changeset 46bb855 (#4094) removed websocket chat
sample in favor of spring-session one. This commit
updates spring-security documentation link to
point to the up-to-date sample location
@vpavic @edeandrea
Add support for Feature-Policy security header
301e598
@jzheaux @edeandrea
Jwt Claim Validation
5144c03 
This introduces OAuth2TokenValidator which allows the customization of
validation steps that need to be performing when decoding a string
token to a Jwt.

At this point, two validators, JwtTimestampValidator and
JwtIssuerValidator, are available for use.

Fixes: gh-5133
@rwinch @edeandrea
Polish JwtValidators
b0e6881 
The current name of createDelegatingJwtValidator is not intuitive. The
name implies it is just creating a DelegatingOAuth2TokenValidator with
no mention that JwtTimestampValidator is being added.

To resolve this, the arguments have been removed and only
JwtTimestampValidator is added. User's needing additional validators can
add the result of this method to DelegatingOAuth2TokenValidator along with
the additional validators they wish to use. The method name has been
renamed to createDefault which now accurately reflects what is created.
There is no need to have JwtValidator at the end of the method since
the method is located in JwtValidators.

The commit also adds createDefaultWithIssuer for creating with a specific issuer.

Issue: gh-5133
@edeandrea
Copy link
Contributor Author

edeandrea commented Aug 17, 2018
edited
Loading

Apologies I think I messed something up here. I think I accidentally merged instead of rebasing. I'll start over with a new PR.

@rwinch
Copy link
Member

rwinch commented Aug 17, 2018

You should be able to recover from the merge by looking at your reflog. Alternatively, you can save this work in another branch temporarily. Note the sha ids of the commits you made. Come back to this branch and do a git reset --hard origin/master. Then do a git cherry-pick <sha-id> for each commit you had. Then you can do a git push -f to the branch this PR is on to update the PR.

If you do want to start a new PR, please close this one out.

@edeandrea edeandrea mentioned this pull request Aug 17, 2018
Closed
@edeandrea
Copy link
Contributor Author

Re-done with #5689

@edeandrea edeandrea closed this Aug 17, 2018
@edeandrea edeandrea deleted the gh-5338 branch August 17, 2018 22:57
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.