1115 Commits (01448d99c181982ba33f21e7e32cdd3b184926b3)

Author	SHA1	Message	Date
arielak	01448d99c1	Separated date formatting and parsing functions to DateUtil class. Modified how timezone is printed to workaround Java date formatting issue. ... Conflicts: openid-connect-server/src/main/java/org/mitre/openid/connect/service/impl/MITREidDataService_1_0.java	2014-10-07 16:20:01 -04:00
Justin Richer	44715bd230	made binary encode/decode null safe	2014-10-07 16:20:01 -04:00
arielak	274b3dae18	Fixed reading/writing of approved access tokens	2014-10-07 16:20:00 -04:00
arielak	500b13f374	Fixed netbeans copyright weirdness	2014-10-07 16:20:00 -04:00
arielak	a444850898	Added support for 1.1 config import/export, and separated common functions into 1_X abstract class	2014-10-07 16:20:00 -04:00
arielak	cc8718c83d	Added support for whitelisted and blacklisted site export	2014-10-07 16:20:00 -04:00
arielak	a44e5e22fe	Added support for whitelisted and blacklisted site import from a 1.0 config	2014-10-07 16:20:00 -04:00
arielak	942696c99f	NPE fix	2014-10-07 16:20:00 -04:00
arielak	b677b96595	Re-enabled reading of system scopes. Added 1.1 data export functionality	2014-10-07 16:20:00 -04:00
arielak	e2119884a5	Added services for data import/export and modified JpaAuthenticationHolderEntity and Repository to allow getting all objects	2014-10-07 16:20:00 -04:00
Justin Richer	b617fe0c4b	externalized view name strings and tied them to view beans	2014-10-07 16:19:59 -04:00
Justin Richer	f18f1701a3	moved the API endpoints, made resource tokens accessible too	2014-10-07 16:19:59 -04:00
Justin Richer	71da72de81	import cleanup	2014-10-07 16:19:59 -04:00
Justin Richer	9fcc5077ca	added API for getting tokens by clientid	2014-10-07 16:19:59 -04:00
Justin Richer	9ebeeb4b79	fixed missing null check in request object parser	2014-10-07 16:19:58 -04:00
Justin Richer	6f2f807b0b	[maven-release-plugin] prepare for next development iteration	2014-08-05 21:54:51 -04:00
Justin Richer	93ae1516a5	[maven-release-plugin] prepare release mitreid-connect-1.1.9	2014-08-05 21:54:47 -04:00
Justin Richer	39c50b76f4	added null checks to endpoint auth method switches, closes #652	2014-07-31 23:05:17 -04:00
Justin Richer	8768188133	makes the grant types checker softer, closes #640	2014-07-19 23:54:02 -07:00
Justin Richer	9666404d54	added "none" to discovery endpoint	2014-07-16 23:48:18 -04:00
Justin Richer	7476edb310	added unsigned ID token support to server	2014-07-16 22:29:13 -04:00
Justin Richer	538c4031bb	added in better default checks for content negotiation	2014-07-02 16:01:26 -04:00
Justin Richer	078bf5e464	combine HTTP content negotiation with client preferences for user info endpoint	2014-06-28 23:44:37 -04:00
Justin Richer	1de2a61176	made accept header optional for user info request	2014-06-28 22:20:05 -04:00
Justin Richer	04acc21eea	removed injection of admin email address from client API, will happen browser-side now	2014-06-26 13:00:36 -04:00
Justin Richer	adf477c64e	[maven-release-plugin] prepare for next development iteration	2014-06-18 18:27:27 -04:00
Justin Richer	8d97ed61ec	[maven-release-plugin] prepare release mitreid-connect-1.1.8	2014-06-18 18:27:25 -04:00
Justin Richer	5773fe195b	set proper content type on user info JWT response	2014-06-18 18:05:11 -04:00
Justin Richer	5f97ce0ca1	fixed error code string	2014-06-18 14:50:17 -04:00
Justin Richer	6589cd717d	disallow fragments in redirect uris for dynamic clients, closes #622	2014-06-18 14:49:29 -04:00
Justin Richer	4e52543091	more properly respond to some client registration errors	2014-06-18 14:45:55 -04:00
Justin Richer	c493f438e7	applied token rotation to protected resources	2014-06-12 19:37:50 -04:00
Justin Richer	f4edd3164f	made timeout field optional, tokens don't expire in the default case	2014-06-12 19:37:32 -04:00
Trilok Jain	4e09ec687b	Registration Token regeneration - when they are beyond their lifetime ... (in read/update calls)	2014-06-12 19:12:32 -04:00
Trilok Jain	ed3e6a2814	https://github.com/mitreid-connect/OpenID-Connect-Java-Spring-Server/issues/431: ... Generating a new registration access token on read/update call and revoking the token issued earlier.	2014-06-12 19:12:32 -04:00
Justin Richer	a106121af3	created blacklist aware redirect resolver and wired it in, closes #549	2014-06-10 16:29:45 -04:00
Justin Richer	a97f3e2d65	don't throw away creation time on protected resource update (oops)	2014-06-09 20:22:58 -04:00
Justin Richer	e0fe22e4ba	don't regenerate client secrets every single time	2014-06-09 20:20:36 -04:00
Justin Richer	53148f2c87	better auth method checking in dynamic registration and resource registration	2014-06-09 17:41:27 -04:00
Justin Richer	f15b4a0f74	resource registration returned the wrong URL	2014-06-09 17:41:01 -04:00
Justin Richer	47cc005fe5	more sanity checking for client secrets	2014-06-09 16:06:57 -04:00
Justin Richer	cac645484f	client API now generates client secret only for clients that require a client secret	2014-06-09 16:00:55 -04:00
Justin Richer	52e53ba219	extracted validation exception, refactored protected resource registration endpoint to use this format	2014-06-06 11:13:41 -04:00
Justin Richer	b7a8bbdddc	cleanup, error wrappers on protected resource registration	2014-06-06 10:58:40 -04:00
Justin Richer	deaccf437e	refactored dynamic registration endpoint's checks for client consistency	2014-06-06 10:18:40 -04:00
Justin Richer	04f7a698ea	added response type consistency checking, closes #430	2014-06-05 19:41:06 -04:00
Justin Richer	32101ff7b2	added parsing checks, fixed inverted logic, cleaned up redundant settings, closes #597	2014-06-05 19:06:03 -04:00
Justin Richer	ab083c0963	added checks to dynamic registration endpoint that disallow registration of multiple incompatible grant types	2014-06-05 17:16:35 -04:00
Justin Richer	cdd23df7ee	token introspection now returns user "sub" when available in addition to "user_id", closes #507 (might cause incompatibility problems)	2014-06-04 17:27:38 -04:00
Justin Richer	85acfa90db	[maven-release-plugin] prepare for next development iteration	2014-06-04 14:51:32 -04:00