510ddb48b7
override the correct part of the token granter class
2012-12-10 15:54:37 -05:00
bdcc6af096
temporary sanity check for client ID's
2012-12-10 11:40:03 -05:00
4bd289c18c
shadowed null id token from serializer
2012-12-10 11:30:16 -05:00
cab0839430
added workarounds for quirks in SECOAUTH
2012-12-10 11:27:28 -05:00
edc96d646c
added chained token grant
2012-12-10 10:48:38 -05:00
54708fb0ac
fixed id token scopes (shouldn't inherit from parent token)
2012-12-10 10:11:02 -05:00
f072aba3f5
moved client details service, fixed authorities mapper
2012-12-10 09:49:07 -05:00
2a206654b6
added client credential protection to revocation endpoint
2012-12-07 17:17:19 -05:00
e38b2b0ba5
shortened revocation endpoint url
2012-12-07 17:16:03 -05:00
fbc3c46128
Introspection now draft spec compliant, requires client auth
...
Currently this is the client that originally sent the token, we want to have a way to bind other "clients" to this token as well, like resource services. Also want to let open calls, sometimes.
2012-12-07 17:12:13 -05:00
544e3d7b43
added copy constructors because Dave likes to use unmodifiable sets for no apparent reason
2012-12-07 10:06:10 -05:00
64ef752f08
added refresh token granter for testing
2012-12-07 09:56:43 -05:00
7561ac9e8c
client dynamic registration now protected by access token, addresses #199
2012-12-06 17:48:23 -05:00
7342da6a51
completed making id tokens into access tokens
2012-12-06 16:24:04 -05:00
e4f9fa2bbf
labeled introspection endpoint
2012-12-06 16:19:25 -05:00
17374a57e0
added ISO date format to generic entity view, addresses #232
2012-12-06 16:15:14 -05:00
3378cd5c4c
cleaned table
2012-12-06 14:24:38 -05:00
b8f701d9d8
switched id tokens to entities, they're now access tokens also
...
still needs some work to get the auth object right, for now we're just copying from the access token
2012-12-06 10:19:21 -05:00
eda84e1d58
removed account chooser java implementation
2012-12-06 10:15:11 -05:00
4698552c2d
made email_verified nullable, addresses #237
2012-12-05 16:54:15 -05:00
2ef8d16e9c
typo, formatting
2012-12-05 15:49:50 -05:00
ba7ddf17f9
added bootstrapping for clients, cleaned up sql files
2012-12-05 15:04:14 -05:00
cf7ceb74f3
betterer logout button
2012-12-04 16:40:28 -05:00
2f1a6864b8
made a better logout button
2012-12-04 16:37:57 -05:00
838e029db1
added logout button
2012-12-04 16:18:58 -05:00
d7d9e84e70
fixed user_id mapping
2012-12-04 16:18:37 -05:00
f091343d84
moved back to in-memory database by default
2012-12-04 15:56:03 -05:00
cabcc9c7fe
fixed typo in README.
...
Seriously, how long has that been there and nobody mentioned it?
2012-12-04 15:53:12 -05:00
49e216412e
Added bootstrapped users set.
2012-12-04 15:51:10 -05:00
dcc56ec9dd
temporary tables to prevent casts from leaking
2012-12-04 14:38:08 -05:00
8b37011244
added casts to varchar to avoid extraneous spaces
2012-12-04 13:35:40 -05:00
e305d3b16b
Making stable in-memory and in-file database with HSQL
2012-12-03 17:53:25 -05:00
061c0f0814
minor cleanup
2012-12-03 16:10:07 -05:00
250432ce7f
Added information into the user_info table
2012-12-03 14:56:40 -05:00
1bcaa68cb4
Added user_info stuff... and changed serverconfig for issuer...
2012-12-03 14:56:40 -05:00
47b34d2b1b
Added blacklist table to HSQLDB sql script
2012-12-03 14:56:40 -05:00
4fdb0816eb
Moved DB to use in memory HSQLDB. Made authentication-provider use a jdbc-user-service in that in-memory hsqldb.
2012-12-03 14:56:40 -05:00
fce47c239a
added slashes to patterns what needed them, removed vestigial intercept from user-context
2012-11-26 16:23:46 -05:00
122a2de074
First attempt at making API not redirect to /login, failed
2012-11-26 16:05:46 -05:00
d07f67bd76
let user select when grants time out
2012-11-26 14:26:07 -05:00
413c477879
utility method for approved sites to check expiration
2012-11-26 14:25:38 -05:00
84401531ae
tie refresh token generation to "offline" scope tag
2012-11-26 13:16:19 -05:00
50040a8ef4
fixed checkbox labels
2012-11-26 12:57:49 -05:00
667c3abc8a
dynamic scope display/selection on approval page
2012-11-26 11:53:19 -05:00
1281d75aa9
stopped re-parsing scopes
2012-11-26 11:53:19 -05:00
9c3a40779b
updated to SECOAUTH's horrible new object-breaking authorization request paradigm.
...
Bonus: it works!
2012-11-26 11:53:19 -05:00
3e327b9df6
reverted to original controller behavior
2012-11-26 11:53:19 -05:00
cf4581a5eb
updated configuration to reflect secoauth changes
2012-11-26 11:53:19 -05:00
45ca4e565e
updated to SECOAUTH-1.0.1-BUILD-SNAPSHOT
2012-11-26 11:53:19 -05:00
cf1ddf0457
Determined that init binder was not needed to fix default for Boolean require_auth_time; instead use defaultValue=\"true\" in the RequestParam declaration. Also fixed bug in ClientDetails service so that it will not blow up if the client has no redirect uris registered
2012-11-21 15:39:07 -05:00
Justin Richer