Skip to content

Remove Deprecated Usages of RemoteJWKSet #16296

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 132 commits into from
Closed

Remove Deprecated Usages of RemoteJWKSet #16296

wants to merge 132 commits into from

Conversation

kwondh5217
Copy link
Contributor

close gh-16251

@spring-projects-issues spring-projects-issues added the status: waiting-for-triage An issue we've not yet triaged label Dec 17, 2024
@kwondh5217 kwondh5217 changed the title Remove Deprecated Usages of RemoteJWKSet gh-16251 Remove Deprecated Usages of RemoteJWKSet Jan 7, 2025
@jzheaux jzheaux self-assigned this Jan 16, 2025
jzheaux
jzheaux requested changes Jan 16, 2025
View reviewed changes
Copy link
Contributor

@jzheaux jzheaux left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks, @kwondh5217, for the PR! I've left some feedback inline.

@jzheaux jzheaux added type: enhancement A general enhancement in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) and removed status: waiting-for-triage An issue we've not yet triaged labels Jan 16, 2025
@jzheaux jzheaux changed the title gh-16251 Remove Deprecated Usages of RemoteJWKSet Remove Deprecated Usages of RemoteJWKSet Jan 16, 2025
kwondh5217 and others added 20 commits February 5, 2025 02:25
@kwondh5217
Remove Deprecated Usages of RemoteJWKSet
bab5f35 
close spring-projectsgh-16251

Signed-off-by: Daeho Kwon <trewq231@naver.com>
@kwondh5217
Remove Deprecated Usages of RemoteJWKSet
662f7dd 
close spring-projectsgh-16251

Signed-off-by: Daeho Kwon <trewq231@naver.com>
@kwondh5217
Remove Deprecated Usages of RemoteJWKSet
43a07a7 
close spring-projectsgh-16251

Signed-off-by: Daeho Kwon <trewq231@naver.com>
@kwondh5217
Remove Deprecated Usages of RemoteJWKSet
bf4ed14 
close spring-projectsgh-16251

Signed-off-by: Daeho Kwon <trewq231@naver.com>
@jzheaux @kwondh5217
Add Serializable Compatilibity to Saml 2.0 Exceptions
22949c0 
Issue spring-projectsgh-16276

Signed-off-by: Daeho Kwon <trewq231@naver.com>
@jzheaux @kwondh5217
Add Serializable Compatibility to Web Authentication Exceptions
09c583a 
Issue spring-projectsgh-16276

Signed-off-by: Daeho Kwon <trewq231@naver.com>
@Pistolnik @kwondh5217
Use relative URLs in /login redirects
a3170d1 
Closes spring-projectsgh-7273

Signed-off-by: Daeho Kwon <trewq231@naver.com>
@jzheaux @kwondh5217
Add setFavorRelativeUris
831ac13 
This places the new functionality behind a setting so that
we can remain passive until we can change the setting in
the next major release.

Issue spring-projectsgh-7273

Signed-off-by: Daeho Kwon <trewq231@naver.com>
@ThomasKasene @kwondh5217
Added a constant for DPOP in OAuth2AccessToken.TokenType
d683eae 
Issue spring-projectsgh-14915

Signed-off-by: Daeho Kwon <trewq231@naver.com>
@sjohnr @kwondh5217
Polish spring-projectsgh-16087
a858a9b 
Signed-off-by: Daeho Kwon <trewq231@naver.com>
@sjohnr @kwondh5217
Make TokenType constructor public
975170e 
Closes spring-projectsgh-16086

Signed-off-by: Daeho Kwon <trewq231@naver.com>
@kwondh5217
Address SessionLimitStrategy
6ec991b 
Closes spring-projectsgh-16206

Signed-off-by: Daeho Kwon <trewq231@naver.com>
@jzheaux @kwondh5217
Polish SessionLimit
eb46d89 
- Move to the web.authentication.session package since it is only needed
by web.authentication.session elements and does not access any other web
element itself.
- Add Kotlin support
- Add documentation

Issue spring-projectsgh-16206

Signed-off-by: Daeho Kwon <trewq231@naver.com>
@dependabot @kwondh5217
Bump org.hibernate.orm:hibernate-core from 6.6.3.Final to 6.6.4.Final
a7f7493 
Bumps [org.hibernate.orm:hibernate-core](https://github.com/hibernate/hibernate-orm) from 6.6.3.Final to 6.6.4.Final.
- [Release notes](https://github.com/hibernate/hibernate-orm/releases)
- [Changelog](https://github.com/hibernate/hibernate-orm/blob/6.6.4/changelog.txt)
- [Commits](hibernate/hibernate-orm@6.6.3...6.6.4)

---
updated-dependencies:
- dependency-name: org.hibernate.orm:hibernate-core
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Daeho Kwon <trewq231@naver.com>
@dependabot @kwondh5217
Bump ch.qos.logback:logback-classic from 1.5.12 to 1.5.13
5cbf1d4 
Bumps [ch.qos.logback:logback-classic](https://github.com/qos-ch/logback) from 1.5.12 to 1.5.13.
- [Commits](https://github.com/qos-ch/logback/commits)

---
updated-dependencies:
- dependency-name: ch.qos.logback:logback-classic
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Daeho Kwon <trewq231@naver.com>
@sawprogramming @kwondh5217
Set Saml2RelyingPartyInitiatedLogoutSuccessHandler#logoutRequestRepos…
cbcad6e 
…itory

Closes spring-projectsgh-16093

Signed-off-by: Daeho Kwon <trewq231@naver.com>
@jzheaux @kwondh5217
Test Setting logoutRequestRepository
e1a4717 
Issue spring-projectsgh-16093

Signed-off-by: Daeho Kwon <trewq231@naver.com>
@franticticktick @kwondh5217
Polish SecurityFilterChain Validation
29a9341 
Issue spring-projectsgh-15982

Signed-off-by: Daeho Kwon <trewq231@naver.com>
@franticticktick @kwondh5217
Add Support Same Request Matchers Checking
1a497a6 
Closes spring-projectsgh-15982

Signed-off-by: Daeho Kwon <trewq231@naver.com>
@franticticktick @kwondh5217
Add Alerting About Deprecated Authorize Config
4b4fcc8 
Closes spring-projectsgh-16213

Signed-off-by: Daeho Kwon <trewq231@naver.com>
dependabot bot and others added 25 commits February 5, 2025 02:30
@dependabot @kwondh5217
Bump org.hibernate.orm:hibernate-core from 6.6.4.Final to 6.6.5.Final
ae7bd9b 
Bumps [org.hibernate.orm:hibernate-core](https://github.com/hibernate/hibernate-orm) from 6.6.4.Final to 6.6.5.Final.
- [Release notes](https://github.com/hibernate/hibernate-orm/releases)
- [Changelog](https://github.com/hibernate/hibernate-orm/blob/6.6.5/changelog.txt)
- [Commits](hibernate/hibernate-orm@6.6.4...6.6.5)

---
updated-dependencies:
- dependency-name: org.hibernate.orm:hibernate-core
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Daeho Kwon <trewq231@naver.com>
@dependabot @kwondh5217
Bump org.springframework.data:spring-data-bom from 2024.1.1 to 2024.1.2
d5f0846 
Bumps [org.springframework.data:spring-data-bom](https://github.com/spring-projects/spring-data-bom) from 2024.1.1 to 2024.1.2.
- [Release notes](https://github.com/spring-projects/spring-data-bom/releases)
- [Commits](spring-projects/spring-data-bom@2024.1.1...2024.1.2)

---
updated-dependencies:
- dependency-name: org.springframework.data:spring-data-bom
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Daeho Kwon <trewq231@naver.com>
@dependabot @kwondh5217
Bump org.assertj:assertj-core from 3.27.2 to 3.27.3
2d0f71c 
Bumps [org.assertj:assertj-core](https://github.com/assertj/assertj) from 3.27.2 to 3.27.3.
- [Release notes](https://github.com/assertj/assertj/releases)
- [Commits](assertj/assertj@assertj-build-3.27.2...assertj-build-3.27.3)

---
updated-dependencies:
- dependency-name: org.assertj:assertj-core
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Daeho Kwon <trewq231@naver.com>
@github-actions @kwondh5217
Release 6.5.0-M1
13ca284 
Signed-off-by: Daeho Kwon <trewq231@naver.com>
@github-actions @kwondh5217
Next development version
c03b2c3 
Signed-off-by: Daeho Kwon <trewq231@naver.com>
@dependabot @kwondh5217
Bump org.seleniumhq.selenium:selenium-java from 4.27.0 to 4.28.0
6484e3c 
Bumps [org.seleniumhq.selenium:selenium-java](https://github.com/SeleniumHQ/selenium) from 4.27.0 to 4.28.0.
- [Release notes](https://github.com/SeleniumHQ/selenium/releases)
- [Commits](SeleniumHQ/selenium@selenium-4.27.0...selenium-4.28.0)

---
updated-dependencies:
- dependency-name: org.seleniumhq.selenium:selenium-java
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Daeho Kwon <trewq231@naver.com>
@franticticktick @kwondh5217
Add GenerateOneTimeTokenFilterTests
31656f6 
Signed-off-by: Daeho Kwon <trewq231@naver.com>
@rwinch @kwondh5217
Add TestBytes
5d96921 
Closes spring-projectsgh-16461

Signed-off-by: Daeho Kwon <trewq231@naver.com>
@ngocnhan-tran1996 @kwondh5217
Implement Serial
1fddf4f 
Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
Signed-off-by: Daeho Kwon <trewq231@naver.com>
@rwinch @kwondh5217
Add serializeAndDeserializeAreEqual
b010f84 
Checks that serialization/deserialization can be performed.

Issue spring-projectsgh-16443

Signed-off-by: Daeho Kwon <trewq231@naver.com>
@Kehrlann @kwondh5217
fix flakey test in WebAuthnWebDriverTests
8751eb7 
Closes spring-projectsgh-16463

Signed-off-by: Daniel Garnier-Moiroux <git@garnier.wf>
Signed-off-by: Daeho Kwon <trewq231@naver.com>
@Kehrlann @kwondh5217
Fix GenerateOneTimeTokenWebFilter double publish of chain.filter(...)
9589251 
closes spring-projectsgh-16458

Signed-off-by: Daniel Garnier-Moiroux <git@garnier.wf>
Signed-off-by: Daeho Kwon <trewq231@naver.com>
@rwinch @kwondh5217
Remove debug test
8a51ef5 
Issue spring-projectsgh-16443

Signed-off-by: Daeho Kwon <trewq231@naver.com>
@franticticktick @kwondh5217
Add Support GenerateOneTimeTokenRequestResolver
154edbf 
Closes spring-projectsgh-16291

Signed-off-by: Max Batischev <mblancer@mail.ru>
Signed-off-by: Daeho Kwon <trewq231@naver.com>
@dependabot @kwondh5217
Bump io.freefair.gradle:aspectj-plugin from 8.11 to 8.12
cc90735 
Bumps [io.freefair.gradle:aspectj-plugin](https://github.com/freefair/gradle-plugins) from 8.11 to 8.12.
- [Release notes](https://github.com/freefair/gradle-plugins/releases)
- [Commits](freefair/gradle-plugins@8.11...8.12)

---
updated-dependencies:
- dependency-name: io.freefair.gradle:aspectj-plugin
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Daeho Kwon <trewq231@naver.com>
@dependabot @kwondh5217
Bump org.htmlunit:htmlunit from 4.8.0 to 4.9.0
82a285a 
Bumps [org.htmlunit:htmlunit](https://github.com/HtmlUnit/htmlunit) from 4.8.0 to 4.9.0.
- [Release notes](https://github.com/HtmlUnit/htmlunit/releases)
- [Commits](HtmlUnit/htmlunit@4.8.0...4.9.0)

---
updated-dependencies:
- dependency-name: org.htmlunit:htmlunit
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Daeho Kwon <trewq231@naver.com>
@jzheaux @kwondh5217
Support Serialization for SecurityConfig
bdaff37 
Issue spring-projectsgh-16276

Signed-off-by: Daeho Kwon <trewq231@naver.com>
@jzheaux @kwondh5217
Don't Support Serialzation of Deprecated Access Classes
068a102 
Issue spring-projectsgh-16276

Signed-off-by: Daeho Kwon <trewq231@naver.com>
@jzheaux @kwondh5217
Serialization Support of Core Components
6e14699 
Issue spring-projectsgh-16276

Signed-off-by: Daeho Kwon <trewq231@naver.com>
@jzheaux @kwondh5217
Support Serialization for LDAP Components
d02776b 
Issue spring-projectsgh-16276

Signed-off-by: Daeho Kwon <trewq231@naver.com>
@dependabot @kwondh5217
Bump com.github.ben-manes:gradle-versions-plugin from 0.51.0 to 0.52.0
dfd0511 
Bumps com.github.ben-manes:gradle-versions-plugin from 0.51.0 to 0.52.0.

---
updated-dependencies:
- dependency-name: com.github.ben-manes:gradle-versions-plugin
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Daeho Kwon <trewq231@naver.com>
@dependabot @kwondh5217
Bump org.seleniumhq.selenium:selenium-java from 4.28.0 to 4.28.1
5a6e72a 
Bumps [org.seleniumhq.selenium:selenium-java](https://github.com/SeleniumHQ/selenium) from 4.28.0 to 4.28.1.
- [Release notes](https://github.com/SeleniumHQ/selenium/releases)
- [Commits](https://github.com/SeleniumHQ/selenium/commits)

---
updated-dependencies:
- dependency-name: org.seleniumhq.selenium:selenium-java
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Daeho Kwon <trewq231@naver.com>
@jzheaux @kwondh5217
S101 Depends On Assemble
e7d7795 
Closes spring-projectsgh-16482

Signed-off-by: Daeho Kwon <trewq231@naver.com>
@jzheaux @kwondh5217
Ensure s101 Runs After Assemble
ed5cccc 
Issue spring-projectsgh-16482

Signed-off-by: Daeho Kwon <trewq231@naver.com>
@kwondh5217
Remove Deprecated Usages of RemoteJWKSet
f5a669e 
Closes spring-projectsgh-16251

Signed-off-by: Daeho Kwon <trewq231@naver.com>
@kwondh5217 kwondh5217 closed this Feb 4, 2025
@kwondh5217 kwondh5217 deleted the gh-16251 branch February 4, 2025 17:42
@jzheaux jzheaux added the status: duplicate A duplicate of another issue label Feb 18, 2025
@jzheaux
Copy link
Contributor

jzheaux commented Feb 18, 2025

Superceded by #16537

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jzheaux jzheaux jzheaux requested changes

@holzerch holzerch holzerch left review comments

Assignees

@jzheaux jzheaux

Labels
in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) status: duplicate A duplicate of another issue type: enhancement A general enhancement
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Remove Deprecated Usages of RemoteJWKSet