Skip to content

Issues: spring-projects/spring-security

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Clear current search query, filters, and sorts
90 Open 1,856 Closed
90 Open 1,856 Closed
Author
Filter by author
Loading
Label
Filter by label
Loading
Use alt + click/return to exclude labels
or + click/return for logical OR
Projects
Filter by project
Loading
Milestones
Filter by milestone
Loading
Assignee
Filter by who’s assigned
Sort
Sort by
Newest Oldest Most commented Least commented Recently updated Least recently updated Best match
Most reactions
👍 👎 😄 🎉 😕 ❤️ 🚀 👀

Issues list

Add support dpop customization in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) type: enhancement A general enhancement
#16940 opened Apr 15, 2025 by franticticktick 7.0.x
@franticticktick
4
Reactive implementation for DPoPAuthenticationProvider & related classes in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) type: enhancement A general enhancement
#16912 opened Apr 9, 2025 by RyanW02 7.0.x
@franticticktick
3
Remove deprecated implementations of OAuth2AccessTokenResponseClient in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) type: breaks-passivity A change that breaks passivity with the previous release type: enhancement A general enhancement
#16909 opened Apr 8, 2025 by sjohnr
4 tasks
7.0.0-M1
7
ClientRegistrations.fromIssuerLocation does not include failure information in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) type: enhancement A general enhancement
#16860 opened Apr 1, 2025 by rwinch
1
Consider making UserInfo request opt-in instead of default in Spring Security 7 in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) type: breaks-passivity A change that breaks passivity with the previous release type: enhancement A general enhancement
#16843 opened Mar 28, 2025 by sjohnr 7.0.0-M1
Add Equals and HashCode methods for better comparison. in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) type: enhancement A general enhancement
#16842 opened Mar 28, 2025 by GrmpfNarf Loading…
1
@sjohnr
8
Added a mapping for DPOP TokenType in DefaultMapOAuth2AccessTokenResponseConverter in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) type: enhancement A general enhancement
#16806 opened Mar 23, 2025 by hammadirshad Loading… 6.5.0-RC1
@jgrandja
1
SupplierClientRegistrationRepository for reactive stack in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) type: enhancement A general enhancement
#16750 opened Mar 17, 2025 by bilak
1
3
OAuth2ResourceServerConfigurer#authenticationManagerResolver should override #jwt in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) status: ideal-for-contribution An issue that we actively are looking for someone to help us with type: enhancement A general enhancement
#16406 opened Jan 13, 2025 by jgrandja
@jzheaux
7
Add proper equals (and hashCode) methods to OAuth2AuthorizationRequest in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) type: enhancement A general enhancement
#16394 opened Jan 10, 2025 by GrmpfNarf
2
@GrmpfNarf
7
Add Twitter/X to CommonOAuth2Provider in: config An issue in spring-security-config in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) status: ideal-for-contribution An issue that we actively are looking for someone to help us with type: enhancement A general enhancement
#16379 opened Jan 8, 2025 by rwinch
@kiruthiga1793
4
Simplify Configuring Log In using Twitter / X v2 APIs in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) type: enhancement A general enhancement
#16378 opened Jan 8, 2025 by rwinch
2 of 7 tasks
7.0.x
@rwinch
1
Default value for ClientRegistration redirect-uri in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) type: enhancement A general enhancement
#16377 opened Jan 8, 2025 by rwinch 7.0.x
1
@rwinch
1
[Azure Oauth2] IllegalArgumentException: Attribute value for "xxx" is null in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) status: feedback-provided Feedback has been provided type: bug A general bug
#16340 opened Dec 24, 2024 by jloisel
@sjohnr
23
Pass Http Request to OAuth2AuthorizationRequestResolver#authorizationRequestCustomizer in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) type: enhancement A general enhancement
#16306 opened Dec 19, 2024 by ZIRAKrezovic
1
@sjohnr
8
Consider adding PrincipalResolver to ExchangeFilterFunctions in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) type: enhancement A general enhancement
#16284 opened Dec 13, 2024 by sjohnr 7.0.x
@sjohnr
NimbusJwtEncoder should simplify constructing with javax.security Keys in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) type: enhancement A general enhancement
#16267 opened Dec 12, 2024 by jzheaux
@jan-knoblich
5
Support refreshing OIDC ID Token in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) type: enhancement A general enhancement
#16253 opened Dec 10, 2024 by filiphr
@sjohnr
4
OidcBackChannelLogoutWebFilter returns an error for unauthenticated ajax requests in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) status: waiting-for-triage An issue we've not yet triaged type: bug A general bug
#16073 opened Nov 12, 2024 by katya-tis
@jzheaux
1
Consider aligning OAuth 2.0 Access Token Response parsing in BodyExtractor in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) type: enhancement A general enhancement
#16001 opened Oct 25, 2024 by sjohnr
@sjohnr
Upgrade nimbus-jose-jwt:jar to 9.37.3 in Spring Security 5.8.x in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) status: feedback-provided Feedback has been provided type: dependency-upgrade A dependency upgrade
#15951 opened Oct 18, 2024 by blackat
@jzheaux
3
Allow comma-delimited scopes in OAuth2 access token response in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) type: enhancement A general enhancement
#15878 opened Oct 5, 2024 by bfanyuk
@sjohnr
3
Add OAuth2AuthorizedClientManager autoconfiguration without spring-boot-starter-web dependency in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) type: enhancement A general enhancement
#15877 opened Oct 4, 2024 by yvasyliev
14
Consider adding ClientRegistrationIdResolver to ExchangeFilterFunctions in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) type: enhancement A general enhancement
#15825 opened Sep 18, 2024 by sjohnr 7.0.x
@sjohnr
1
Add support for requesting protected resources with RestClient similar to ServletBearerExchangeFilterFunction in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) type: enhancement A general enhancement
#15820 opened Sep 17, 2024 by azizabah
@sjohnr
2
ProTip! Updated in the last three days: updated:>2025-04-15.