Commit Graph

216 Commits (1.1.x)

Author SHA1 Message Date
Justin Richer cd711a8ac6 clean up code format
12 years ago
aptes 671ea4d816 Issue-331: Changing code to support basic authentication when it comes to accessing token endpoint.
12 years ago
Amanda Anganes 1e24b31cc3 Propogating rename of AuthorizationRequest to OAuth2Request
12 years ago
Justin Richer 1e870703f8 added licence/copyright header
12 years ago
Justin Richer 5910d29472 removed x509 publishing from client lib
12 years ago
Justin Richer 8afab04544 whitespace, import, brace, annotation, and format cleanups
12 years ago
Justin Richer 0e9273fd08 added authority for subject-issuer authorities and associated mapper, addresses #234
12 years ago
Justin Richer 29aa0f2be6 continued updating userid->sub in auth token
12 years ago
Justin Richer df51ef5a48 updated to post JSON
12 years ago
Justin Richer 184c03e2d4 added registration endpoint url to dynamic server config fetch
12 years ago
Justin Richer fb859fc39a added client dynamic registration service, extracted clientdetails<->json processing into its own static class
12 years ago
Justin Richer 0b0e52b7a3 extracted parsers and rest templates appropriately
12 years ago
Justin Richer cf39b49657 added registration uri to server config, changed index of client config service to be server config not just issuer
12 years ago
Justin Richer 13f1a1741c updated oidc auth token field from user_id -> sub (addresses #307)
12 years ago
Justin Richer 60525a52af added null checks in client filter
12 years ago
Justin Richer 57cefa595a added redirect to login page when no identifier is given
12 years ago
Justin Richer 814c70c9a2 regex-based webfinger parser (yuck)
12 years ago
Justin Richer 70cac0c690 uri-based parsing of user inputs
12 years ago
Amanda Anganes e708f77eb3 Fixed up OIDC code so that it runs with new SECOAUTH changes; removed old AuthorizationRequestImpl class which is no longer needed
12 years ago
Justin Richer 51dfd67d0c started webfinger client
12 years ago
Justin Richer f76f44b999 added dynamic discovery to client
12 years ago
Justin Richer 6cc50e7cd5 switched signing & validation service to use JWK natively for keys
12 years ago
Justin Richer e2ad4d2e8f cleaned up spurious nosuchalgorithm exceptions, addresses #285
12 years ago
Justin Richer 30c6271e72 cleaned up some more x509 references
12 years ago
Justin Richer ecf99f960a added bean property check
12 years ago
Justin Richer b1c89783ff added functionality for account chooser and third-party login support
12 years ago
Justin Richer 2be305810f added getters and setters
12 years ago
Justin Richer 4dedec76ec moved back to form variables for auth because rest template is dumb
12 years ago
Justin Richer ca40b2fd3e added getters and setters
12 years ago
Justin Richer 1251082c6d implemented simple static configuration services
12 years ago
Justin Richer f44c704472 major refactor of client filter
12 years ago
Justin Richer 999999a822 import cleanup
12 years ago
Justin Richer 6c1e6b2d74 refactored signing and validation, added jwk-based cache, removed keyfetcher, refactored client side class structure
12 years ago
Justin Richer 385853fa1f refactored signing and validation, added jwk-based cache, removed keyfetcher, refactored client side class structure
12 years ago
Justin Richer 5dd6cce790 made default scopes in client a bit more sensible
12 years ago
Justin Richer 2a855a1952 pulled client key publication into its own class to help deal with bean processors
12 years ago
Justin Richer 92f5f31dfc use serialize instead of toString
12 years ago
Justin Richer da7c74affd passthrough for default algorithm config
12 years ago
Justin Richer 774f80dd58 helps when you actually add the verifier you created
12 years ago
Justin Richer 9a98d241e8 updates to track Nimbus JOSE API changes to audience and date fields
12 years ago
Justin Richer 3d9ec51eb3 converted client filters to nimbus-jose
12 years ago
Justin Richer 1c14ce4c1a note well
12 years ago
Justin Richer a6ca7cb31b Merge pull request #263 from ssayer/introspection-fix
12 years ago
Samuel Sayer 458486ac9c fixed typos and dumbness in introspection endpoint filter thingy
12 years ago
Amanda Anganes 67e8714671 Working on request object userinfo parsing
12 years ago
Justin Richer 19e91e9272 fixed typo in form handling in introspecting filter
12 years ago
Justin Richer 27a26e0a35 (user_id/prn) -> sub
12 years ago
Justin Richer c946a84b09 adapted keyfetcher to be more general
12 years ago
Stephen Moore 358bf7fc1c Generic introspecting token services
12 years ago
Amanda Anganes c7ae315e98 Added initial files for nonce service. Repository and service impls are stubs
12 years ago
Amanda Anganes 695091ca82 Refactor part 4 - should be final bit
12 years ago
Amanda Anganes c40efda6b5 Refactor part 1
12 years ago
Justin Richer 7aec0dfe80 added randomized view names to lower possibility of conflicting with local views
12 years ago
Justin Richer d11005fc5f added x509 support
12 years ago
Justin Richer 2d24435365 Created custom resolver, handler mapper
12 years ago
Justin Richer edeae29bef client publisher mapping test
12 years ago
Justin Richer be1046f9b6 bean-based configuration
12 years ago
Stephen Moore 4eee172f79 buildRedirectURI moved to URLUtils
12 years ago
Stephen Moore 05efdbf39d buildURL uses URIUtils now.
12 years ago
Justin Richer 2b62042696 unshadowed Jwe header, unshadowed IdTokenClaims, added smart copy constructor to ClaimSet
12 years ago
Stephen Moore e8eaf48efd Added check for token NotBefore
12 years ago
Justin Richer b47dcf8e6b fixed timestamp math
12 years ago
Justin Richer 26d5a846e0 Updated validator structure and id token checking.
12 years ago
Justin Richer 012bb4afd7 Changed casing on "URI" to "Url" to match other parameters.
12 years ago
Justin Richer d14f55004c added parser to userinfo object, userinfo url in filter, fixed bug in user_id check
12 years ago
Justin Richer fbd6e67af8 Refactored auth provider to call the userinfo endpoint and provide info inside the auth token.
12 years ago
Justin Richer 6ccbf480b3 added token values into the OpenIDConnectAuthToken class and authenticator, still need to do authuserdetailsservice
12 years ago
Justin Richer c5244db1a2 moved nonce from cookie to session, added state processing, cleaned up unused classes
12 years ago
Justin Richer 269c2c9835 fixed nonce cookie handling
12 years ago
Mike Derryberry d93f5f18e5 added state value to jwt that gets passed as request object. certain methods from SECOAUTH use this
12 years ago
Mike Derryberry eff7a2c504 changed nonce claim addition
12 years ago
Mike Derryberry 9d73cd2243 cleaned up imports in filter class
12 years ago
Mike Derryberry 2888c08083 changed cookie claim to include the response
12 years ago
Mike Derryberry bc216785b8 added cookie to response in auth filter for request objects
12 years ago
Mike Derryberry f7cfb39777 updated imports of signed request filter
12 years ago
Mike Derryberry c0d353d7ce removed state parameter from claims. added way to create random nonce value
12 years ago
Mike Derryberry 8e95734f22 changed response-type to code rather than token
12 years ago
Mike Derryberry f8d938630e added passthrough parameters to server config
12 years ago
Mike Derryberry c4ebf5c145 updated signer service
12 years ago
Mike Derryberry d6b0b87769 added state parameter to reqeuest object
12 years ago
Mike Derryberry 99bc1294e3 removed repetative check of "token" parameter in signed request object
12 years ago
Mike Derryberry 685734ce35 updated signing request object in OIDC client by pulling out construction of JWT to its own method.
12 years ago
Mike Derryberry 76c91ea79f removed encrypted request object for OIDC client. will deal with it at a later point
12 years ago
Mike Derryberry 8f22517c81 encrypted request object wip. need to add header parameters to allow encryption. also need to get public key for encryption
12 years ago
Mike Derryberry 70c4c25fa3 finished signed request object for client, created encrypted request object for client
12 years ago
Mike Derryberry 42a9b67f5e updated signed request filter to create jwt from parameters, sign it, create url for request, and send a redirect
12 years ago
Mike Derryberry b0eca780d1 changed class to request filter rather than jwt filter
12 years ago
Mike Derryberry 5f0ea41e0e added class for signed request object
12 years ago
Jon Kranes 1fd4d8a4b8 fixed signer map in client/AbstractOIDCAuthenticationFilter.java
13 years ago
Mike Derryberry 4deaffd686 updated hmac and rsa signer to use afterPropertiesSet(), abstract oidc auth filter now adds multiple signers to map and then picks the one it needs, and key fetcher now gets jwk
13 years ago
Mike Derryberry caf2a7b494 updated encryption service to encrypt key and claims and then sign the jwe. decryption updated to decrypt encrypted key and ciphertext
13 years ago
Mike Derryberry e252951612 added encrypter/decrypter for claims to get ciphertext
13 years ago
Mike Derryberry 33cc3fa899 Added spring simple web app for testing, encryption and decryption classes for rsa and hmac, still WIP
13 years ago
Justin Richer a03129f70a added documentation updates
13 years ago
Justin Richer 1127a7cfbc refactored JWKs, updated signing servier to use them
13 years ago
Justin Richer adb8499bee merged derryberry code, plus tweaks, still WIP
13 years ago
Mike Derryberry b1fc07bcb8 updated -common code to get a validation service from a server configuration
13 years ago
Mike Derryberry b94fbd7439 updated -common and -client code by removing throws exception, changing to rest templates, and updating test cases to use annotations
13 years ago
nemonik 488f01cada existence of nonce claim check added
13 years ago
Justin Richer fe3bbfb3d5 Further cleanups. Still missing:
13 years ago
Justin Richer b86abdd761 merge from pull request, plus cleanup
13 years ago
U-MITRE\mjwalsh f9558f0955 stripped out check id endpoint interaction as it deprecated, refactored nonce checking based on spec change, pull user_id as id_token token claim
13 years ago
Mike Derryberry 65dc3daaf8 smart client
13 years ago
Mike Derryberry ee28d56031 initial implementation of x509 and JWK key retrieval
13 years ago
Michael Joseph Walsh 6f43040587 slight sequence diagrams tweaks, mods to account-chooser and openid-connect-client
13 years ago
Michael Joseph Walsh 7e3ce2d583 mods to reflect client <-> account chooser protocol, and refactoring...
13 years ago
Michael Joseph Walsh 755d0d4c88 issue #39
13 years ago
Justin Richer 97dffb6414 added copyright to all java files. closes #11
13 years ago
nemonik f215cfc50c fix for issue 5, code refactoring across signers
13 years ago
U-MITRE\mjwalsh c84c751991 client refactoring, and javadocing
13 years ago
U-MITRE\mjwalsh b8c953281e integration changes to client
13 years ago
U-MITRE\mjwalsh 02d0471acf scope wasn't quite right, needed a space
13 years ago
U-MITRE\mjwalsh b4836a0302 mods to auth filter including config comments, http socket time out...
13 years ago
nemonik 3f2631367f added comments on configuration of client
13 years ago
Justin Richer 626779b58e refactored client package name to something sensible
13 years ago
Justin Richer e6e7504213 added files and shuffled things to new packages
13 years ago