Merge branch 'mitreaccounts'

openid-connect-server/src/main/java/org/mitre/openid/connect/token/ConnectAuthCodeTokenGranter.java

@@ -170,6 +170,8 @@ public class ConnectAuthCodeTokenGranter implements TokenGranter {
 			idToken.getClaims().setIssuer(configBean.getIssuer());
 			// TODO: expiration? other fields?
 			
+			idToken.getClaims().setClaim("nonce", unconfirmedAuthorizationRequest.getParameters().get("nonce"));
+			
 			//Sign
 			
 			//TODO: check client to see if they have a preferred alg, attempt to use that

openid-connect-server/src/main/webapp/WEB-INF/spring/application-context.xml

@@ -68,8 +68,13 @@
 	<security:authentication-manager alias="springSecurityAuthenticationManager">
 		<security:authentication-provider>
 			<security:user-service id="userDetailsService">
-		    	<security:user name="jimi" password="jimispassword" authorities="ROLE_USER, ROLE_ADMIN" />
-		    	<security:user name="bob" password="bobspassword" authorities="ROLE_USER" />
+				<security:user name="jricher" password="password" authorities="ROLE_USER, ROLE_ADMIN" />
+				<security:user name="mfranklin" password="password" authorities="ROLE_USER, ROLE_ADMIN" />
+				<security:user name="dcuomo" password="password" authorities="ROLE_USER, ROLE_ADMIN" />
+				<security:user name="mjett" password="password" authorities="ROLE_USER, ROLE_ADMIN" />
+				<security:user name="aanganes" password="password" authorities="ROLE_USER, ROLE_ADMIN" />
+				<security:user name="mjwalsh" password="password" authorities="ROLE_USER, ROLE_ADMIN" />
+				<security:user name="srmoore" password="password" authorities="ROLE_USER, ROLE_ADMIN" />
 		  	</security:user-service>
 		</security:authentication-provider>
 	</security:authentication-manager>