d5e8dd31a8
update to Spring Security 4
8 years ago
0e703ef9f9
update a few dependency versions, closes #1145
8 years ago
275c1b7e1c
user info fetcher cache throws error instead of returning null (as per library contract), closes #1144
8 years ago
bea3af2470
database table sync
8 years ago
63bd8d18fb
cleaned ID token views from UI
8 years ago
91da3935f5
Made ID tokens ephemeral, made access token’s “additional information” extensible
8 years ago
91ed758ed1
removed “attributeName” from annotation as this breaks EclipseLink JPA
8 years ago
4f4c8de1c8
Fix JPA issues to allow using Hibernate
8 years ago
375a5f2e47
removed token count from grant admin page
8 years ago
22fa3605ef
Patched unit tests, still needs updates for checking approved site to token mapping on data import/export
8 years ago
55b1b00b73
Updated relationship between approved sites and access tokens, closes #874
8 years ago
d875d52be7
updated data import/export services for 1.3
8 years ago
7725fcfa2b
createAuthorizationCode should be @Transactional
...
An Authentication should not exist without its matching AuthorizationCode, but typically an AuthorizationCode will have a foreign key on an Authentication, meaning it can't be saved first. This block should be wrapped in a transaction so that other DB clients (say, for example, clearExpiredAuthorizationCodes) don't see an inconsistent snapshot and then misbehave.
8 years ago
c3d0c18af5
make HttpClient configurable, closes #1071
8 years ago
f45a6ef56a
use the same encoding as on client side
...
see OIDCAuthenticationFilter line 336
8 years ago
476ec872ff
Fixed NPE in case if algorithm is not specified
8 years ago
bb6bb81dbc
Add new tests which asserts that `user_id` should not be present in the introspection response if there's no user authentication available
8 years ago
52da5e769a
Fix test by returning a new OAuth2Authentication instead of mocking it
8 years ago
d361f01999
Fix such that the OAuth2Authentication returned would have a `null` userAuthentication if `user_id` is not found during introspection
...
`sub` cannot be used to create the user authentication because it may not necessarily refer to the user. Instead if may refer to the client
if the access token happens to be client-only.
8 years ago
b2fab9642e
Fix such that `user_id` is only added if user authentication is available
...
OAuth2Authentication#getPrincipal() used by OAuth2Authentication#getName() defaults to the client id if user authentication is not available.
Prior to this fix, an introspection of a client-only access token would result to the user_id also being the client_id. This causes problems when this
introspection result is converted into an OAuth2Authentication by a resource server's IntrospectingTokenService -- the user_id is populated with
the client_id and so OAuth2Authentication's userAuthentication is populated falsely.
8 years ago
4ac3916db3
spaces to tabs
8 years ago
8333d035b4
move database files to match new layouts
8 years ago
fa122e7ad6
ojdbc driver uncommented in dep mgmnt
8 years ago
4b3284ffd2
ojdbc6 dependency moved to parent pom, added check constraints for boolean columns, fixed invalid column type
8 years ago
83a9fef14d
Oracle support added
8 years ago
dea6044e77
Set the encoding of the UserInfo response body to UTF-8
...
See http://openid.net/specs/openid-connect-core-1_0.html#UserInfoResponse
8 years ago
1b7612a26d
add db init script for mysql
...
add data-context example with mysql db initializer
8 years ago
cbe6b9e1df
add db init script for pgsql
...
add data-context example with pgsql db initializer
8 years ago
6f5ca3fd2f
Fixed missing "final" modifier in constant
8 years ago
337513a559
sync’d database tables from HSQL to MySQL and PGSQL
...
closes #1154
closes #1148
8 years ago
74d34ab744
null-safe target link filter
8 years ago
d0056ae882
added target link URI capability to webfinger issuer service
8 years ago
74f3e2d0c0
maven site generator working, closes #984 #941
8 years ago
af7c1f7d45
added PKCE support to discovery endpoint
8 years ago
82c313f036
added PKCE support to client
8 years ago
ba0d0aab0b
use parameter constants for extensions maps in token service
8 years ago
ac0cafe7b3
parse and process PKCE requests
8 years ago
5dcda2812e
added code challenge method to client model (properly this time)
8 years ago
2cc90ba5f2
created PKCE algorithm class
8 years ago
83d7627ed0
serialize phone_number and phone_number_verified, closes #1030
8 years ago
d1d05e506e
added software statement to dynamic registration self-service
8 years ago
57208ac35d
added software statements to client API
8 years ago
d89257380f
make client assertion auth work again
8 years ago
f9e4d75a4a
use JWT bearer assertion token for assertion processing
8 years ago
42ccb8b39e
make software statement processing null-safe
8 years ago
bd9932d56f
added assertion processor to token endpoint
8 years ago
8c021ad403
added assertion validator that validates assertions signed by the local server only
8 years ago
8e016a8d30
make the null assertion processor the default
8 years ago
a5a12b2f1f
added assertion validation engine
8 years ago
fa63993896
added software statement to client model, added processor to dynamic registration parser
8 years ago
Justin Richer