-
Notifications
You must be signed in to change notification settings - Fork 5.9k
Issues: spring-projects/spring-security
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Author
Label
Projects
Milestones
Assignee
Sort
Issues list
DefaultBearerTokenResolver Regarding throwing an IllegalArgumentException when creating a BearerTokenAuthenticationToken instance when the allowFormEncodedBodyParameter member field is true or the allowUriQueryParameter member field is true.
in: oauth2
An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose)
status: waiting-for-feedback
We need additional information before we can continue
type: bug
A general bug
#15885
opened Oct 8, 2024 by
jacknie84
Add support for custom grant types
in: oauth2
An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose)
type: enhancement
A general enhancement
#15884
opened Oct 7, 2024 by
sjohnr
Loading…
Allow comma-delimited scopes in OAuth2 access token response
in: oauth2
An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose)
status: waiting-for-triage
An issue we've not yet triaged
type: enhancement
A general enhancement
#15878
opened Oct 5, 2024 by
bfanyuk
Add An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose)
status: feedback-provided
Feedback has been provided
type: enhancement
A general enhancement
OAuth2AuthorizedClientManager
autoconfiguration without spring-boot-starter-web
dependency
in: oauth2
#15877
opened Oct 4, 2024 by
yvasyliev
Consider adding An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose)
type: enhancement
A general enhancement
ClientRegistrationIdResolver
to ExchangeFilterFunction
s
in: oauth2
Add support for requesting protected resources with RestClient via a ServletBearerExchangeFilterFunction or equivalent
in: oauth2
An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose)
status: waiting-for-triage
An issue we've not yet triaged
type: enhancement
A general enhancement
#15820
opened Sep 17, 2024 by
azizabah
Add support for access token in body parameter as per rfc 6750 Sec. 2.2
in: oauth2
An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose)
status: waiting-for-triage
An issue we've not yet triaged
type: enhancement
A general enhancement
#15819
opened Sep 17, 2024 by
jonah1und1
Loading…
ServerBearerTokenAuthenticationConverter does not support form encoded body parameter
in: oauth2
An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose)
status: waiting-for-triage
An issue we've not yet triaged
type: enhancement
A general enhancement
#15818
opened Sep 17, 2024 by
jonah1und1
Consider removing one level of the OIDC Backchannel Logout DSL
in: oauth2
An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose)
type: enhancement
A general enhancement
Consider adding a discovery client for An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose)
type: enhancement
A general enhancement
ClientRegistrations
in: oauth2
#15590
opened Aug 13, 2024 by
sjohnr
Authentication
in the security context is not updated during the refresh token flow
in: oauth2
#15509
opened Aug 1, 2024 by
ch4mpy
Allow for extending OAuth2AuthorizedClient with additional parameters in the code grant flow
in: oauth2
An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose)
type: enhancement
A general enhancement
#15470
opened Jul 24, 2024 by
stackfull
Support jwt in introspection response
in: oauth2
An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose)
status: blocked
An issue that's blocked on an external project change
type: enhancement
A general enhancement
#15467
opened Jul 23, 2024 by
CrazyParanoid
Consider removing generics from An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose)
type: breaks-passivity
A change that breaks passivity with the previous release
type: enhancement
A general enhancement
AuthorizationRequestRepository
in: oauth2
Servlet and Reactive OAuth2 Client consistency
in: oauth2
An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose)
type: theme
An issue that describes a theme for a release
Highly concurrent requests with An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose)
type: enhancement
A general enhancement
client_credentials
cause duplicate access token requests
in: oauth2
#15295
opened Jun 24, 2024 by
kschlesselmann
Support multiple OpaqueTokenIntrospector
in: oauth2
An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose)
type: enhancement
A general enhancement
#15276
opened Jun 18, 2024 by
CrazyParanoid
OpenID Connect Oauth2 Logout Token not using custom jwt alg
in: oauth2
An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose)
type: enhancement
A general enhancement
Should OidcIdToken implement equals?
in: oauth2
An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose)
type: breaks-passivity
A change that breaks passivity with the previous release
type: enhancement
A general enhancement
Add support OAuth 2.0 Step-up Authentication Challenge Protocol
in: oauth2
An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose)
status: feedback-provided
Feedback has been provided
type: enhancement
A general enhancement
#15091
opened May 17, 2024 by
CrazyParanoid
Reactive Security OAuth2 client doesn't propagate traces and baggage's in Spring Boot 3
in: oauth2
An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose)
type: enhancement
A general enhancement
#14946
opened Apr 23, 2024 by
DaceKonn
Support Certificate-Bound (POP) Opaque Access Token Validation
in: oauth2
An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose)
type: enhancement
A general enhancement
#14888
opened Apr 11, 2024 by
jgrandja
Support for OpenID Connect Session Management session_state parameter
in: oauth2
An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose)
type: enhancement
A general enhancement
#14812
opened Mar 27, 2024 by
benba
Add support customizing the serverLogoutSuccessHandler for OidcClientInitiatedServerLogoutSuccessHandler
in: oauth2
An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose)
type: enhancement
A general enhancement
Add BearerTokenAuthenticationConverter
in: oauth2
An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose)
type: enhancement
A general enhancement
#14791
opened Mar 22, 2024 by
CrazyParanoid
Loading…
Previous Next
ProTip!
Adding no:label will show everything without a label.