Describe the bug* In version 5.xOpenSaml4AuthenticationProvider.process1. this.responseValidator.convert(responseToken))...

Describe the bugThe additionalParameters array parameter of OAuth2AuthorizationRequest causes the authorizationRequestUr...

I have a controller that does some further fine grained authorization in the body of the method rather than pre or post ...

I have a Spring Boot application (my-app-1) where users can login through Keycloak via OIDC.This is what the configurati...

When saml 2.0 is hitting the oAuth using open saml session data is getting appended to url hence exposing the data.We ar...

Affect all branchDescribe the bugThe exception handler method defined in the Controller is intercepted by the security a...

Hi, I need some helpI'm not sure why it is that when I try logging in via an OAuthClient to my Auth Server, it suceeds o...

When a refresh token grant exchange occurs with a ClientAuthentication Method set to NONEOn a servlet appliction, the cl...

Describe the bugBuild the Eureka server & client, client registe to eureka server return 403 Using the spring cloud...

Description:OAuth2AccessTokenResponse does not contain information about RefreshToken expirationHow to reproductget Acce...

Hi,I noticed a discrepancy between the official Spring Security documentation and the actual code regarding the verify m...

Expected BehaviorAuthorizationAnnotationUtils may be very useful if you plan to implement your own security annotation a...

I believe this documentation is wrong:ReactiveOidcSessionStrategy should be ReactiveOidcSessionRegistryHere:https://docs...

https://github.com/spring-projects/spring-security/blob/33495441b56ec6ce9e85b5e824460b2b4984f7e6/web/src/main/java/org/s...

Expected BehaviorAllow the use RestClient (to be introduced in Spring 6.1) for blocking calls in a non reactive applicat...

UserAuthorities is a new core interface similar to UserDetails. The difference is that UserAuthorities does not include ...

We should consider supporting expressions in method authorization handlers for simple setups. Currently, if you want to ...

The workflow has been disabled to run on a scheduled basis in https://github.com/spring-projects/spring-security/issues/...

Describe the bugAfter checking out the repository I want to run the ./gradlew format check to make sure everything is ok...

I'm currently upgrading an existing application from spring-security-saml2-core 1.0.10.RELEASE (which has reached end-of...