77c06e9557
replaced deprecated http components calls, closes #744
10 years ago
3708b531df
moved requirement to different component, closes #759
...
also cleaned up comments in filter
10 years ago
ada1b0d24e
added unit tests for nonce-less url builders (exception cases)
10 years ago
bbeaeb06e3
added option to send skip sending nonce if desired, closes #704 , closes #683 ,
10 years ago
9aa45f8efb
Made the constructor public for OIDCAuthentication filter.
10 years ago
69c19d35fa
moved test into test package
10 years ago
775b77b367
updated date format of token introspection response, closes #719
10 years ago
e6d10b67a4
update to Spring 4 and other related libraries
10 years ago
bc9942e929
relaxed issuer constraints in client, closes #638
10 years ago
3f5e2acfeb
if no alg is explicitly set, use the default from the signer
10 years ago
659880b4dc
fix broken dependency declaration, that follow up to org.springframework.beans.NotWritablePropertyException: Invalid property 'jwkKeyList' of bean class exception
10 years ago
db052f11ca
Moved development branch to 1.2
10 years ago
134909a82f
import cleanup
10 years ago
c683131f12
externalized view name strings and tied them to view beans
10 years ago
a704277652
Removed exceptions from @PostConstruct methods, closes #663
10 years ago
6f2f807b0b
[maven-release-plugin] prepare for next development iteration
10 years ago
93ae1516a5
[maven-release-plugin] prepare release mitreid-connect-1.1.9
10 years ago
b0cce924a2
JsonFileRegisteredClientService now writes out entire client registration to disk, closes #651
10 years ago
863dbd17b8
Added setClientConfigurationService method.
10 years ago
325a200f16
added configurable support for different token presentation methods in user info fetcher, closes #632
10 years ago
c7a6c4fafe
added support for unsigned ID tokens in client, use client configuration to turn this on, closes #633
11 years ago
306c8cff17
update nimbus-jose-jwt dependency to 2.26 and fix the affected files
11 years ago
adf477c64e
[maven-release-plugin] prepare for next development iteration
11 years ago
8d97ed61ec
[maven-release-plugin] prepare release mitreid-connect-1.1.8
11 years ago
9f9b49fc63
refactored validator checks to cascade better, throw an authentication exception if we can't find a validator for the ID Token
11 years ago
1dc204f975
Validate HMAC-signed ID tokens
11 years ago
85acfa90db
[maven-release-plugin] prepare for next development iteration
11 years ago
d5e4cb45a2
[maven-release-plugin] prepare release mitreid-connect-1.1.7
11 years ago
be98b9cd0b
[maven-release-plugin] prepare for next development iteration
11 years ago
8320f0eefe
[maven-release-plugin] prepare release mitreid-connect-1.1.6
11 years ago
0c8cacd59a
added missing copyright headers
11 years ago
525f3aa2a8
Cleaned up indentation, whitespace, and imports.
11 years ago
27e68f1d56
added service to optionally check "target_uri" links, closes #547
11 years ago
e4d5f4a540
added system wide cache for all symmetric validators, closes # 557
11 years ago
ca333d256b
Appropriately catch runtime exceptions in all guava caches, closes #603
11 years ago
880014176f
[maven-release-plugin] prepare for next development iteration
11 years ago
ca8a003e3d
[maven-release-plugin] prepare release mitreid-connect-1.1.5
11 years ago
37af569890
cleaned up unintentional pom version override
11 years ago
b8129bf60d
[maven-release-plugin] prepare for next development iteration
11 years ago
a9e34ac9bd
[maven-release-plugin] prepare release mitreid-connect-1.1.4
11 years ago
90b10d7bad
Added Getter/Setter for IntospectionAuthorityGranter. Still defaults to SimpleIntrospectionAuthorityGranter
11 years ago
79bd7e420c
made scope handling consistent for introspection services (now a space-separated string), closes #570
11 years ago
97cd00e06c
[maven-release-plugin] prepare for next development iteration
11 years ago
23c7cf6996
[maven-release-plugin] prepare release mitreid-connect-1.1.3
11 years ago
762fe11ab1
Update README.md
...
removed outdated configuration information and pointed to wiki, closes #561
11 years ago
ad5ffb64e8
[maven-release-plugin] prepare for next development iteration
11 years ago
1635cf957d
[maven-release-plugin] prepare release mitreid-connect-1.1.2
11 years ago
53cc7ef447
Fixed audience claim on client auth assertion
11 years ago
3629ff5e2f
added signed authentication assertion support to client, closes #558
11 years ago
9395c3802d
[maven-release-plugin] prepare for next development iteration
11 years ago
4f8311962a
[maven-release-plugin] prepare release mitreid-connect-1.1.1
11 years ago
1289d4737a
Changed references of DefaultHttpClient to SystemDefaultHttpClient to inherit system proxy settings, should address #548
11 years ago
d946cfb4a7
added support for target uri parameter in third party issuer (or other custom issuer that sets the right flag on return), closes #539
11 years ago
3b52ce8201
happy new year!
11 years ago
ebbc7209aa
automated code formatting and cleanup
11 years ago
e1e7f7a579
[maven-release-plugin] prepare for next development iteration
11 years ago
42fe973f7b
[maven-release-plugin] prepare release mitreid-connect-1.1.0
11 years ago
49a7db6c6e
Sanity check on client template object for dynamic registration client-side service
11 years ago
27f391ef01
Fixed compilation errors for SECOAUTH milestone updates
11 years ago
c896bef2e8
Created hybrid issuer service, addresses #509
11 years ago
0ff7cb75a0
made userinfo fetching optional, addresses #510
11 years ago
8fc6de0a6d
hybrid service instantiates inner members, addresses #508
11 years ago
8a5a16f374
refactored project into four modules:
...
Common
Client
Server Library
Server Webapp
addresses #367
11 years ago
b2b915b4ae
explcitly set alg and enc instead of trying to guess
11 years ago
fb2f2f9792
spelling, property access, and cleanup
11 years ago
2ca713c7f2
added encrypted request object service to client, addresses #475
11 years ago
1d0560edbc
refactored some json utils to their own static class
11 years ago
6605877a1b
added encryption/decryption to cached JWK-URI service
11 years ago
c3b90b9d71
removed old form value from fetcher
11 years ago
ded7c66c78
fixed misleading error message
11 years ago
6851224e42
fixed token expiration parsing
11 years ago
94ddc77668
fixed scope parsing on token implementation, too
...
Conflicts:
openid-connect-client/src/main/java/org/mitre/oauth2/introspectingfilter/AuthorizationRequestImpl.java
11 years ago
a9710899cd
removed vestigial client config service
11 years ago
2201206f0e
refactored token introspection packages to support different client credentials at different services
11 years ago
2108311d65
Revert "refactored code to use the more generic JWT declaration."
...
This reverts commit e0b56bc72a
11 years ago
e0b56bc72a
refactored code to use the more generic JWT declaration.
11 years ago
6a9650d2a7
added configurable support for clients to send extra parameters like display and prompt, addresses #426
11 years ago
3360117b7b
Client library no longer serializes nulls on registration, addresses #478
11 years ago
a1d6901bcc
using nimbusds's new data-type specific claim getter.
11 years ago
c7495a6ae3
Revert "made having a nonce not required for id tokens iss #464"
...
This reverts commit d0486cc1ec
11 years ago
d0486cc1ec
made having a nonce not required for id tokens iss #464
11 years ago
e1b072c991
Updated nimbusds library version to 2.17.2 and made relevant changes in enc./dec. service and test
11 years ago
beaeaa4ccc
I can spell "consortium", I promise
11 years ago
b2b6fd6448
further cleanup
11 years ago
856c0ea0b5
Merge commit '023dd440d4a0e6e59a14c88013837d79a77c74e0' into 1.1-merge
...
Conflicts:
openid-connect-client/pom.xml
openid-connect-client/src/main/java/org/mitre/oauth2/introspectingfilter/AuthorizationRequestImpl.java
openid-connect-client/src/main/java/org/mitre/oauth2/introspectingfilter/IntrospectingTokenService.java
openid-connect-client/src/main/java/org/mitre/oauth2/introspectingfilter/IntrospectionAuthorityGranter.java
openid-connect-client/src/main/java/org/mitre/oauth2/introspectingfilter/IntrospectionUrlProvider.java
openid-connect-client/src/main/java/org/mitre/openid/connect/client/OIDCAuthenticationFilter.java
openid-connect-client/src/main/java/org/mitre/openid/connect/client/OIDCAuthenticationProvider.java
openid-connect-client/src/main/java/org/mitre/openid/connect/client/keypublisher/ClientKeyPublisher.java
openid-connect-client/src/main/java/org/mitre/openid/connect/client/keypublisher/ClientKeyPublisherMapping.java
openid-connect-client/src/main/java/org/mitre/openid/connect/client/keypublisher/JwkViewResolver.java
openid-connect-client/src/main/java/org/mitre/openid/connect/client/service/AuthRequestUrlBuilder.java
openid-connect-client/src/main/java/org/mitre/openid/connect/client/service/ClientConfigurationService.java
openid-connect-client/src/main/java/org/mitre/openid/connect/client/service/impl/StaticClientConfigurationService.java
openid-connect-client/src/main/java/org/mitre/openid/connect/client/service/impl/StaticServerConfigurationService.java
openid-connect-client/src/main/java/org/mitre/openid/connect/client/service/impl/StaticSingleIssuerService.java
openid-connect-client/src/main/java/org/mitre/openid/connect/client/service/impl/ThirdPartyIssuerService.java
openid-connect-client/src/test/java/org/mitre/openid/connect/client/AbstractOIDCAuthenticationFilterTest.java
openid-connect-common/pom.xml
openid-connect-common/src/main/java/org/mitre/jose/keystore/JWKSetKeyStore.java
openid-connect-common/src/main/java/org/mitre/jwt/signer/service/JwtSigningAndValidationService.java
openid-connect-common/src/main/java/org/mitre/jwt/signer/service/impl/DefaultJwtSigningAndValidationService.java
openid-connect-common/src/main/java/org/mitre/jwt/signer/service/impl/JWKSetSigningAndValidationServiceCacheService.java
openid-connect-common/src/main/java/org/mitre/oauth2/model/AuthorizationCodeEntity.java
openid-connect-common/src/main/java/org/mitre/oauth2/model/ClientDetailsEntity.java
openid-connect-common/src/main/java/org/mitre/oauth2/model/OAuth2AccessTokenEntity.java
openid-connect-common/src/main/java/org/mitre/oauth2/model/OAuth2RefreshTokenEntity.java
openid-connect-common/src/main/java/org/mitre/oauth2/model/SystemScope.java
openid-connect-common/src/main/java/org/mitre/oauth2/repository/AuthorizationCodeRepository.java
openid-connect-common/src/main/java/org/mitre/oauth2/repository/OAuth2TokenRepository.java
openid-connect-common/src/main/java/org/mitre/oauth2/service/OAuth2TokenEntityService.java
openid-connect-common/src/main/java/org/mitre/openid/connect/config/ConfigurationPropertiesBean.java
openid-connect-common/src/main/java/org/mitre/openid/connect/config/ServerConfiguration.java
openid-connect-common/src/main/java/org/mitre/openid/connect/model/ApprovedSite.java
openid-connect-common/src/main/java/org/mitre/openid/connect/model/BlacklistedSite.java
openid-connect-common/src/main/java/org/mitre/openid/connect/model/Event.java
openid-connect-common/src/main/java/org/mitre/openid/connect/model/OIDCAuthenticationToken.java
openid-connect-common/src/main/java/org/mitre/openid/connect/model/WhitelistedSite.java
openid-connect-common/src/main/java/org/mitre/util/jpa/JpaUtil.java
openid-connect-server/.gitignore
openid-connect-server/pom.xml
openid-connect-server/src/main/java/org/mitre/oauth2/repository/impl/JpaAuthorizationCodeRepository.java
openid-connect-server/src/main/java/org/mitre/oauth2/service/impl/DefaultOAuth2AuthorizationCodeService.java
openid-connect-server/src/main/java/org/mitre/oauth2/service/impl/DefaultOAuth2ClientDetailsEntityService.java
openid-connect-server/src/main/java/org/mitre/oauth2/service/impl/DefaultOAuth2ProviderTokenService.java
openid-connect-server/src/main/java/org/mitre/oauth2/service/impl/DefaultSystemScopeService.java
openid-connect-server/src/main/java/org/mitre/oauth2/token/ChainedTokenGranter.java
openid-connect-server/src/main/java/org/mitre/oauth2/token/JwtAssertionTokenGranter.java
openid-connect-server/src/main/java/org/mitre/oauth2/view/TokenIntrospectionView.java
openid-connect-server/src/main/java/org/mitre/oauth2/web/IntrospectionEndpoint.java
openid-connect-server/src/main/java/org/mitre/oauth2/web/OAuthConfirmationController.java
openid-connect-server/src/main/java/org/mitre/oauth2/web/RevocationEndpoint.java
openid-connect-server/src/main/java/org/mitre/openid/connect/ConnectOAuth2RequestFactory.java
openid-connect-server/src/main/java/org/mitre/openid/connect/assertion/JwtBearerAuthenticationProvider.java
openid-connect-server/src/main/java/org/mitre/openid/connect/assertion/JwtBearerClientAssertionTokenEndpointFilter.java
openid-connect-server/src/main/java/org/mitre/openid/connect/exception/InvalidJwtSignatureException.java
openid-connect-server/src/main/java/org/mitre/openid/connect/exception/UnknownUserInfoSchemaException.java
openid-connect-server/src/main/java/org/mitre/openid/connect/exception/UserNotFoundException.java
openid-connect-server/src/main/java/org/mitre/openid/connect/repository/impl/JpaApprovedSiteRepository.java
openid-connect-server/src/main/java/org/mitre/openid/connect/repository/impl/JpaUserInfoRepository.java
openid-connect-server/src/main/java/org/mitre/openid/connect/service/impl/DefaultApprovedSiteService.java
openid-connect-server/src/main/java/org/mitre/openid/connect/service/impl/DefaultNonceService.java
openid-connect-server/src/main/java/org/mitre/openid/connect/service/impl/DefaultStatsService.java
openid-connect-server/src/main/java/org/mitre/openid/connect/service/impl/DefaultUserInfoUserDetailsService.java
openid-connect-server/src/main/java/org/mitre/openid/connect/service/impl/DefaultWhitelistedSiteService.java
openid-connect-server/src/main/java/org/mitre/openid/connect/token/ConnectTokenEnhancer.java
openid-connect-server/src/main/java/org/mitre/openid/connect/token/TofuUserApprovalHandler.java
openid-connect-server/src/main/java/org/mitre/openid/connect/view/AbstractClientEntityView.java
openid-connect-server/src/main/java/org/mitre/openid/connect/view/ClientInformationResponseView.java
openid-connect-server/src/main/java/org/mitre/openid/connect/view/ExceptionAsJSONView.java
openid-connect-server/src/main/java/org/mitre/openid/connect/view/JsonEntityView.java
openid-connect-server/src/main/java/org/mitre/openid/connect/view/JsonErrorView.java
openid-connect-server/src/main/java/org/mitre/openid/connect/view/POCOUserInfoView.java
openid-connect-server/src/main/java/org/mitre/openid/connect/view/StatsSummary.java
openid-connect-server/src/main/java/org/mitre/openid/connect/view/UserInfoView.java
openid-connect-server/src/main/java/org/mitre/openid/connect/web/ApprovedSiteAPI.java
openid-connect-server/src/main/java/org/mitre/openid/connect/web/BlacklistAPI.java
openid-connect-server/src/main/java/org/mitre/openid/connect/web/ClientAPI.java
openid-connect-server/src/main/java/org/mitre/openid/connect/web/ClientDynamicRegistrationEndpoint.java
openid-connect-server/src/main/java/org/mitre/openid/connect/web/ManagerController.java
openid-connect-server/src/main/java/org/mitre/openid/connect/web/RequestObjectAuthorizationEndpoint.java
openid-connect-server/src/main/java/org/mitre/openid/connect/web/StatsAPI.java
openid-connect-server/src/main/java/org/mitre/openid/connect/web/UserInfoEndpoint.java
openid-connect-server/src/main/java/org/mitre/openid/connect/web/UserInfoInterceptor.java
openid-connect-server/src/main/java/org/mitre/openid/connect/web/WhitelistAPI.java
openid-connect-server/src/main/webapp/WEB-INF/tags/aboutContent.tag
openid-connect-server/src/main/webapp/WEB-INF/tags/breadcrumbs.tag
openid-connect-server/src/main/webapp/WEB-INF/tags/contactContent.tag
openid-connect-server/src/main/webapp/WEB-INF/tags/copyright.tag
openid-connect-server/src/main/webapp/WEB-INF/tags/header.tag
openid-connect-server/src/main/webapp/WEB-INF/tags/landingPageAbout.tag
openid-connect-server/src/main/webapp/WEB-INF/tags/landingPageContact.tag
openid-connect-server/src/main/webapp/WEB-INF/tags/landingPageStats.tag
openid-connect-server/src/main/webapp/WEB-INF/tags/landingPageWelcome.tag
openid-connect-server/src/main/webapp/WEB-INF/tags/sidebar.tag
openid-connect-server/src/main/webapp/WEB-INF/tags/statsContent.tag
openid-connect-server/src/main/webapp/WEB-INF/tags/topbar.tag
openid-connect-server/src/main/webapp/WEB-INF/views/about.jsp
openid-connect-server/src/main/webapp/WEB-INF/views/approve.jsp
openid-connect-server/src/main/webapp/WEB-INF/views/contact.jsp
openid-connect-server/src/main/webapp/WEB-INF/views/exception/usernotfound.jsp
openid-connect-server/src/main/webapp/WEB-INF/views/login.jsp
openid-connect-server/src/main/webapp/WEB-INF/views/manage.jsp
openid-connect-server/src/main/webapp/WEB-INF/views/stats.jsp
pom.xml
11 years ago
023dd440d4
[maven-release-plugin] prepare for next development iteration
11 years ago
5e8f93cf15
[maven-release-plugin] prepare release mitreid-connect-1.0.6
11 years ago
e658ffd7fc
format/cleanup and copyright
11 years ago
809a243b64
tests for webfinger url normalization.
11 years ago
eaa7298ef1
init commit for Webfinger normilizer utility class.
11 years ago
14e85616e4
init commit. webfinger service test.
12 years ago
0e777917d3
Updated Third Party Issuer Service unit tests.
12 years ago
8c8aeeb892
hybrid server and client configuration services unit tests done.
12 years ago
6ece7f5efc
Static server and client configuration tests done.
12 years ago
20871852c0
updated dependencies for secoauth 1.1
12 years ago
96e3f66a81
Removed more references to InitializingBean
12 years ago
7b969f9776
removed TODO about empty JWK set at the client. issue #391 .
12 years ago
67fd5fa7e9
roles granted by introspection token services are now configurable (and extendable) via service, addresses #386
12 years ago
35d1e1b6d4
added whitelist/blacklist support to server & client services
12 years ago
a4a18fd54c
externalized introspection URL from client's introspecting token service, addresses #435
...
added service to parses token as JWT and pulls out issuer to find server
added introspection url to serverconfig object
added introspection parsing (and parse checks) to dynamic server config object
12 years ago
f483d41b88
getCustomClaim -> getClaim. Also, removed outdated TODOs.
12 years ago
15aea61fbe
Applied code cleanup
12 years ago
3e23967b46
Updated code to reflect SECOAUTH changes
12 years ago
0d8c2442d2
[maven-release-plugin] prepare for next development iteration
12 years ago
9bf5f70957
[maven-release-plugin] prepare release mitreid-connect-1.0.5
12 years ago
6e8ab7736e
added hybrid client and server services, addresses #387
12 years ago
a9da88fb79
brought introspection endpoint and introspection token services into compliance with draft, addresses #376
12 years ago
2d16b8d458
revised unit tests in TestSignedAuthRequestUrlBuilder.
12 years ago
3edd6c83b3
added unit test for parsing signed jwt auth requests.
12 years ago
22b89f50be
restored scheme choosing logic in webfinger service.
12 years ago
936f581a0b
[maven-release-plugin] prepare for next development iteration
12 years ago
27edec1a56
[maven-release-plugin] prepare release mitreid-connect-1.0.4
12 years ago
6d5e0a1092
added test for exception handling. removed unused imports.
12 years ago
19718438c9
TestSignedAuthRequestUrlBuilder done. Relies heavily on com.nimbusds library.
12 years ago
77bdfe344e
init commit TestSignedAuthRequestUrlBuilder.
12 years ago
ded9c21a47
moved back to custom regex to handle user input
12 years ago
77c5e7b94c
switched to using UriComponents instead of custom class, updated normalization and processing rules for webfinger discovery
...
addresses #363
12 years ago
8cf83f537a
fixed auth header
...
addresses #325
12 years ago
3b3715ff91
automatic save file creation
12 years ago
98d917f3b9
added extension mechanism for saving client information in between runs
12 years ago
70958376cb
added whitelist/blacklist to issuer services
12 years ago
3259ae916f
TestThirdPartyIssuerService done.
12 years ago
1d793c4687
TestPlainAuthRequestUrlBuilder done.
12 years ago
f36db3c798
init commit TestPlainAuthRequestUrlBuilder.
12 years ago
c212821267
Fixed ChainedTokenGranter setup
12 years ago
530c3a75ee
Applyed refactoring
12 years ago
f0f2fbea40
updated secoauth library version in poms
12 years ago
2b3376e0ed
[maven-release-plugin] prepare for next development iteration
12 years ago
7fe4bc3b56
[maven-release-plugin] prepare release mitreid-connect-1.0.3
12 years ago
c577b691c7
moved OIDC auth token and userinfo interception filter to common package, addresses #353
12 years ago
48e8f5edad
better specificity of principle object in client filter
12 years ago
e87c0329de
removed old erroneous test
12 years ago
567a3314d6
[maven-release-plugin] prepare for next development iteration
12 years ago
1286726188
[maven-release-plugin] prepare release mitreid-connect-1.0.2
12 years ago
78457b70fc
removed dependency on commons.lang
12 years ago
3c5025c52b
Updated version number for secoauth
12 years ago
25d75a1b30
[maven-release-plugin] prepare for next development iteration
12 years ago
5418bdef5a
[maven-release-plugin] prepare release mitreid-connect-1.0.1
12 years ago
81cd13f6d3
added RegisteredClient class to facilitate client configuration and dynamic registration, addresses #335
12 years ago
667746ddd2
redirect uri is now configurable via the client configuration object, addresses #326 , #330
12 years ago
cd99f27bf8
Changed references from ClientDetails to ClientDetailsEntity, pending new ClientConfiguration class utility class from #335 .
...
Addresses #331
12 years ago
cd711a8ac6
clean up code format
12 years ago
671ea4d816
Issue-331: Changing code to support basic authentication when it comes to accessing token endpoint.
12 years ago
1e24b31cc3
Propogating rename of AuthorizationRequest to OAuth2Request
12 years ago
defa5b8fbc
[maven-release-plugin] prepare for next development iteration
12 years ago
dbdc99361e
[maven-release-plugin] prepare release mitreid-connect-1.0.0
12 years ago
1e870703f8
added licence/copyright header
12 years ago
5910d29472
removed x509 publishing from client lib
12 years ago
8afab04544
whitespace, import, brace, annotation, and format cleanups
12 years ago
9b03801f9d
[maven-release-plugin] prepare for next development iteration
12 years ago
Justin Richer