e2d94f422a
new year 2018
7 years ago
a5a16f27c7
Merge pull request #1353 from col-panic/master
...
Minor typo in en/messages.json (Registrered -> Registered)
7 years ago
4dd907ea16
Merge pull request #1357 from praseodym/spring-security-4.2.4
...
Upgrade to Spring Security 4.2.4
7 years ago
d119559d4d
Upgrade to Spring Security 4.2.4
...
https://spring.io/blog/2018/01/30/cve-2018-1199-spring-security-5-0-1-4-2-4-4-1-5-released
7 years ago
b804f22bc8
[maven-release-plugin] prepare for next development iteration
7 years ago
f72e6b3e08
[maven-release-plugin] prepare release mitreid-connect-1.3.2
7 years ago
1feb0958bd
prepare for release
7 years ago
6497af40e8
removed erroneous not yet implemented tag from client page
7 years ago
7dc309c5af
Update CHANGELOG.md
7 years ago
7f956a5854
Merge pull request #1355 from ocadotechnology/jwt_fix
...
Throwing exception on all other JWT types than SignedJWT
7 years ago
37fba622b9
Throwing exception on all other JWT types than SignedJWT
7 years ago
c38b9d7a42
added PlainJWT and EncryptedJWT support + tests
7 years ago
36ec1b82e6
Minor type (Registrered -> Registered)
7 years ago
fcb119ff6a
Merge pull request #1270 from bodewig/custom_claim_friendly_token_enhancer
...
add hook for custom JWT claims to ConnectTokenEnhancer
7 years ago
8fb9adefc1
Merge pull request #1342 from bodewig/custom_claims_in_id_token
...
add hook for custom JWT claims to DefaultOIDCTokenService
7 years ago
0ce55d079a
Merge pull request #1352 from blm126/upgrade-nimbus
...
Upgrade nimbus-jose-jwt to 5.4.
7 years ago
f7da25fbe8
Upgrade nimbus-jose-jwt to 5.4.
7 years ago
1c7b9d5b44
Merge pull request #1346 from praseodym/fix-admin-interface-without-trailing-slash
...
Fix interface for issuer URI without trailing slash
7 years ago
a1a45aa36a
Fix interface for issuer URI without trailing slash
7 years ago
01eb1401a3
add hook for custom JWT claims to DefaultOIDCTokenService
7 years ago
e6130872a9
Merge pull request #1324 from patfrat/master
...
Add French messages
7 years ago
ca3642b6c3
Add French messages
7 years ago
85246d2d3e
Parse 'sub' to identify resource owner
...
As per https://tools.ietf.org/html/rfc7662#section-2.2 the `sub` key should
identify the resource owner in oauth2 introspection responses.
This change adds support for the `sub` key and will allow the introspection
response of RFC-compliant servers to be parsed.
Will still try `user_id` first as to not break backward compatibility.
7 years ago
ce9bf3507f
Merge pull request #1312 from kules/master
...
Correct minor typo error for confirmation message displayed when logging out from IDP
7 years ago
9bff58085d
Fix typo error for log out to IDP confirmation message
7 years ago
514dcc3851
add hook for custom JWT claims to ConnectTokenEnhancer
7 years ago
8b4e461748
Adjustment to generate longer codes
...
RandomValueStringGenerator default constructor creates a code of length six only. The RFC 6819 (OAuth 2.0 Threat Model and Security Considerations) suggests (5.1.4.2.2. Use High Entropy for Secrets) that secrets that aren't used by humans (e.g. client secrets or token handles) have a reasonable level of enthropy. They propose a token lengths of at least 128 bits. Since the RandomValueStringGenerator only uses case sensitive alpha numeric symbols, 22 symbols are needed to achieve an enthropy >=128 bits.
8 years ago
ef01d3032e
Merge pull request #1228 from leonard84/fix-psql-scripts
...
Fix psql_database script, replace SERIAL with BIGSERIAL and fix ...
8 years ago
bba18fd118
Merge pull request #1240 from Connz/patch-2
...
Corrected typo
8 years ago
28ad78e9f3
Merge pull request #1233 from Connz/patch-1
...
Removed double 'sure'
8 years ago
059e140164
removed old document PDFs from repo
8 years ago
0b1f9000db
check for missing refresh token value on refresh, closes #1242
8 years ago
705ac9879c
removed unused field from UI config bean
8 years ago
4dc31cdfbd
fixed client readme file
8 years ago
661c242a9f
Updated copyrights
8 years ago
0859a5d122
Corrected typo
8 years ago
c11e47a75b
fixed unit test for new default redirect behavior
8 years ago
2f31ceddf8
set redirect URI matching to strict by default
8 years ago
7e6864ff38
escaped output values on approval page, closes #1111
8 years ago
a316306f33
added changelog file
8 years ago
7b06d91700
[maven-release-plugin] prepare for next development iteration
8 years ago
8301f35e17
[maven-release-plugin] prepare release mitreid-connect-1.3.1
8 years ago
f17a44e9b4
downgrade mysql dependency to GA version
8 years ago
90c3c396ee
Removed double 'sure'
8 years ago
713e872b8a
fixed discovery endpoint, closes #1230
8 years ago
9baacc0eaf
Completed end session endpoint
...
Addresses #1129 , addresses #972 , addresses #891 , addresses #1223
8 years ago
2aa12fc0e3
end session endpoint
8 years ago
0c46e7cb7a
skeleton of end session endpoint, maybe need a change to user info lookup
8 years ago
e6679b6e4b
Fix psql_database script, replace SERIAL with BIGSERIAL and fix ...
...
BIGINT AUTO_INCREMENT to BIGSERIAL
Change-Id: I19b4433d3bae29b0879be7d9dd9405eabe490482
8 years ago
0efa77b580
[maven-release-plugin] prepare for next development iteration
8 years ago
Justin Richer