This commit introduces filtering on requested grant types for
dynamically registered clients.
Since extension on the library could support additional grant types,
here we want to be strict about known grant types that cannot be
requested at dynamic client registration (or update) time, but at the
same time we want to preserve grant types that could have been granted
to a client by an administrator.
So at client registration time the list of requested grant types is
filtered to only allow grant types currently enabled for dynamically
registered clients.
OTOH, at client update time the same filtering is implemented while at
the same time preserving grant types assigned the client in other ways.
* mitre/master: (153 commits)
removed old document PDFs from repo
check for missing refresh token value on refresh, closes#1242
removed unused field from UI config bean
fixed client readme file
Updated copyrights
Corrected typo
fixed unit test for new default redirect behavior
set redirect URI matching to strict by default
escaped output values on approval page, closes#1111
added changelog file
[maven-release-plugin] prepare for next development iteration
[maven-release-plugin] prepare release mitreid-connect-1.3.1
downgrade mysql dependency to GA version
Removed double 'sure'
fixed discovery endpoint, closes#1230
Completed end session endpoint
end session endpoint
skeleton of end session endpoint, maybe need a change to user info lookup
Fix psql_database script, replace SERIAL with BIGSERIAL and fix ...
[maven-release-plugin] prepare for next development iteration
...
Having an issuer without trailing slash configured is just fine, so
there is no reason to log a warning for this every time the discovery
endpoint is called.
Andrea Ceccanti