0a02e7f545
null-safe target link filter
2016-10-10 15:10:20 -04:00
84695aa830
enhancing claims gathering endpoint
2016-10-07 23:41:59 -04:00
82a1e49e79
[maven-release-plugin] prepare for next development iteration
2016-01-21 15:55:56 -05:00
e6684fb7a8
[maven-release-plugin] prepare release mitreid-connect-1.2.4
2016-01-21 15:55:53 -05:00
7badfe1d17
Happy new year 2016!
2016-01-21 15:50:37 -05:00
e828f3f18d
[maven-release-plugin] prepare for next development iteration
2015-12-21 10:31:49 -05:00
01ca5ef8e2
[maven-release-plugin] prepare release mitreid-connect-1.2.3
2015-12-21 10:31:47 -05:00
8294dbedd5
handled HTTP and parsing errors, fixed guava cache contract, fixes #372
2015-12-18 17:42:15 -05:00
b3486c31a0
added cache to user info fetcher, closes #833
2015-12-18 16:30:03 -05:00
7f464c496b
changed copyright to new consortium name
2015-12-16 14:51:12 -05:00
4f9ea0b474
Improve state handling in handleAuthorizationCodeResponse
...
Fail fast when there is no state in session, e.g. because the session
cookie was removed.
Resolves #949
2015-11-23 21:34:35 -05:00
a3d01727f9
Make FILTER_PROCESSES_URL public
...
Currently hardcoded in the filter and the client's Spring Security config; would be nicer to reference the value instead.
c5e70ebd5c/src/main/webapp/WEB-INF/spring/appServlet/servlet-context.xml (L54)
2015-11-23 21:03:08 -05:00
2deec98b58
[maven-release-plugin] prepare for next development iteration
2015-10-13 18:56:47 -04:00
d96b2dc130
[maven-release-plugin] prepare release mitreid-connect-1.2.2
2015-10-13 18:56:44 -04:00
6129cfa61a
added scope-based authorities granter for introspections services, closes #835
2015-10-13 18:51:21 -04:00
ebb4f2c3d4
Upgraded to nimbus 4.2, closes #934
2015-10-13 04:40:01 -04:00
98e1d26134
limited when login_hint is sent to the server, closes #963
2015-10-12 17:56:31 -04:00
8b362f23f3
[maven-release-plugin] prepare for next development iteration
2015-10-02 18:53:48 -04:00
e384a6257b
[maven-release-plugin] prepare release mitreid-connect-1.2.1
2015-10-02 18:53:45 -04:00
acb3d03052
added 'kid' to all signed tokens, closes #899
2015-10-01 18:54:38 -04:00
48bc26901a
added JTI to client auth
2015-10-01 18:54:15 -04:00
9fe98e0132
OIDCAuthenticationFilter: Make authenticationSignerService optional so
...
it must not be provided in Spring config
OIDCAuthenticationProvider: Setter for UserInfoFetcher, so own
implementation can be wired
UserInfoFetcher: Call to DefaultUserInfo.fromJson moved to method, so it
can be overwritten by own implementation to use own UserInfo
implementation
2015-08-21 17:33:23 -04:00
22c05ec51b
[maven-release-plugin] prepare for next development iteration
2015-08-05 12:07:47 -04:00
e6b64cd9cd
[maven-release-plugin] prepare release mitreid-connect-1.2.0
2015-08-05 12:07:44 -04:00
489450b1c2
automated code format cleanup
2015-08-05 12:04:14 -04:00
15c2b57730
[maven-release-plugin] prepare for next development iteration
2015-07-30 14:00:20 -04:00
8317c759f1
[maven-release-plugin] prepare release mitreid-connect-1.2.0-RC2
2015-07-30 14:00:18 -04:00
a4e75ed733
[maven-release-plugin] prepare for next development iteration
2015-07-09 18:29:14 -04:00
58a47d0e46
[maven-release-plugin] prepare release mitreid-connect-1.2.0-RC1
2015-07-09 18:29:12 -04:00
3c297ba18f
collapsed error clause
2015-07-08 14:35:45 -04:00
42b93be492
added uri-encoded client service, closes #857
2015-07-07 17:55:56 -04:00
667c766273
reverted over-reaching check on webfinger fetcher
2015-07-03 20:16:32 -04:00
d2a393f7f9
converted error handlers to a single @ControllerAdvice class, closes #788
2015-06-24 17:26:10 -04:00
7df3597757
split client's auth token into pending and authorized classes
2015-06-24 16:00:40 -04:00
b4520c170e
ID Token carried through as parsed JWT instead of string, closes #832
2015-06-24 16:00:40 -04:00
f4a1b27e2e
better handling of HTTP and JSON errors on network fetches, added http-forcing behavior for webfinger client and sector URL service
2015-06-23 22:21:18 -04:00
9ae92b983a
added http and json error handling to webfinger service
2015-06-23 21:50:16 -04:00
c166cbe49c
added login hint capability to client library
2015-06-23 21:21:41 -04:00
a259841eaf
Added getters and setters to IntrospectingTokenService
...
Fixed TokenCacheObject constructor for setting TCO's expire time
2015-06-09 13:37:07 -04:00
698fe55b85
IntrospectingTokenService now takes parameters (cacheTokens, cacheNonExpiringTokens, defaultExpireTime, forceCacheExpireTime) to change the behavior or even disable the caching of responses from the IntrospectionEndpoint.
2015-06-04 16:33:37 -04:00
9e74e40453
Use diamond syntax instead of explicit types
2015-06-03 10:24:48 -04:00
13f5e4f8a6
Collapse identical catch branches
2015-06-03 10:24:48 -04:00
6dc2b2cb5e
Various small improvements/bugfixes
2015-06-03 10:24:41 -04:00
54fbf0d0ac
Added null check for expiration during introspection. Making assumption that null exp means tokens dont expire.
2015-06-03 09:57:22 -04:00
d1e8529a7b
expose ID Token and UserInfo to the AuthoritiesProvider and AuthoritiesMapper, both extensible
...
closes #699
closes #761
2015-06-01 21:11:19 -04:00
effe955953
Fix blacklist/whitelist for DynamicRegistrationClientConfigurationService
...
ClientConfigurationService#getClientConfiguration has ServerConfiguration as parameter, not String
2015-05-28 17:05:55 -04:00
caf85b990d
Revert "added option to send skip sending nonce if desired, closes #704 , closes #683,"
...
This reverts commit bbeaeb06e3
2015-05-28 16:44:26 -04:00
d32118d017
Revert "added unit tests for nonce-less url builders (exception cases)"
...
This reverts commit ada1b0d24e
2015-05-28 16:41:24 -04:00
0d6775dfa8
made auth request url builder handle multiple keys
2015-05-22 13:04:21 -04:00
da72ce02ad
added token endpoint options to client filter, closes #803
2015-05-13 16:53:35 -04:00
Justin Richer