Commit Graph

16 Commits (b03ba021254695bb84389c72b3d91687598a1424)

Author SHA1 Message Date
Madhura Bhave 342a0535d7 Explicitly configure SecurityWebFilterChain bean for reactive oauth2 client
This will ensure that ReactiveManagementWebSecurityAutoConfiguration backs
off and that the actuator endpoints are also secured via OAuth2.

Fixes gh-17949
5 years ago
Phillip Webb fb1dd8fe93 Merge branch '2.0.x' into 2.1.x 5 years ago
Andy Wilkinson 24925c3dae Merge branch '2.0.x' into 2.1.x
Closes gh-17078
6 years ago
Phillip Webb 0ef331018e Merge branch '2.0.x' into 2.1.x 6 years ago
Phillip Webb f12ab1ff90 Update copyright header of changed files 6 years ago
Madhura Bhave eff2f92c48 Fix formatting following formatter update 6 years ago
Andy Wilkinson e23f72c8b0 Merge branch '2.0.x' into 2.1.x 6 years ago
Spring Operator b32c0080c3 Update build and setup configuration to use HTTPS
See gh-16247
6 years ago
Madhura Bhave 3cc441c83e Do not remove trailing slash from OAuth2 Issuer URI
Fixes gh-15324
6 years ago
Madhura Bhave 06f1a0e6a2 Use oauth2-client starter in reactive sample 6 years ago
Madhura Bhave daa3d457b7 Revert OAuth2 Client Registration Grant Type Hierarchy
Closes gh-14554
6 years ago
Madhura Bhave a33e58fc45 Deprecate OAuth2 login redirect-uri-template
This property is deprecated in favor of
`spring.security.oauth2.client.registration.login.*.redirect-uri

Closes gh-14226
6 years ago
Madhura Bhave f5deebf0cb Support authorization_code grant for OAuth2 client
This commit also refactors OAuth2 client properties. With
the added support for authorization_code clients, client
registrations are now divided into `login` and `authorization_code`.
An environment post processor is used for backward compatibility with
old Open ID Connect login clients.

Closes gh-13812
6 years ago
Andy Wilkinson 0ba6d8da4a Switch to Yahoo for OIDC as Google's cert is not yet trusted by Java 11
Until the fix for JDK-8209506 [1] is available in Java 11 builds,
SSL connections to services using Google's SSL certificate do not work
due to a lack of trust. This affects both our OAuth2 client samples
which were using https://accounts.google.com as an OpenID Connect
provider.

This commit switches the two samples to use Yahoo in place of Google.

See gh-14028

[1] https://bugs.openjdk.java.net/browse/JDK-8209506
6 years ago
Madhura Bhave f88ebc06ff Add support for OIDC Configuration Provider
Closes gh-13210
6 years ago
Madhura Bhave 9f4a5c13a5 Add auto-config for WebFlux OAuth2 Login
Closes gh-13142
7 years ago