bea3af2470 
								
							
								 
							
						 
						
							
							
								
								database table sync  
							
							
							
						 
						
							2016-12-21 13:44:49 -05:00  
				
					
						
							
							
								 
						
							
							
								63bd8d18fb 
								
							
								 
							
						 
						
							
							
								
								cleaned ID token views from UI  
							
							
							
						 
						
							2016-12-21 13:44:40 -05:00  
				
					
						
							
							
								 
						
							
							
								91da3935f5 
								
							
								 
							
						 
						
							
							
								
								Made ID tokens ephemeral, made access token’s “additional information” extensible  
							
							
							
						 
						
							2016-12-21 13:01:15 -05:00  
				
					
						
							
							
								 
						
							
							
								91ed758ed1 
								
							
								 
							
						 
						
							
							
								
								removed “attributeName” from annotation as this breaks EclipseLink JPA  
							
							
							
						 
						
							2016-12-09 16:58:43 -05:00  
				
					
						
							
							
								 
						
							
							
								4f4c8de1c8 
								
							
								 
							
						 
						
							
							
								
								Fix JPA issues to allow using Hibernate  
							
							
							
						 
						
							2016-12-09 15:15:50 -05:00  
				
					
						
							
							
								 
						
							
							
								375a5f2e47 
								
							
								 
							
						 
						
							
							
								
								removed token count from grant admin page  
							
							
							
						 
						
							2016-12-09 15:10:07 -05:00  
				
					
						
							
							
								 
						
							
							
								22fa3605ef 
								
							
								 
							
						 
						
							
							
								
								Patched unit tests, still needs updates for checking approved site to token mapping on data import/export  
							
							
							
						 
						
							2016-12-09 12:56:06 -05:00  
				
					
						
							
							
								 
						
							
							
								55b1b00b73 
								
							
								 
							
						 
						
							
							
								
								Updated relationship between approved sites and access tokens,  closes   #874  
							
							
							
						 
						
							2016-12-09 12:55:42 -05:00  
				
					
						
							
							
								 
						
							
							
								d875d52be7 
								
							
								 
							
						 
						
							
							
								
								updated data import/export services for 1.3  
							
							
							
						 
						
							2016-12-08 17:01:55 -05:00  
				
					
						
							
							
								 
						
							
							
								7725fcfa2b 
								
							
								 
							
						 
						
							
							
								
								createAuthorizationCode should be @Transactional  
							
							... 
							
							
							
							An Authentication should not exist without its matching AuthorizationCode, but typically an AuthorizationCode will have a foreign key on an Authentication, meaning it can't be saved first. This block should be wrapped in a transaction so that other DB clients (say, for example, clearExpiredAuthorizationCodes) don't see an inconsistent snapshot and then misbehave. 
							
						 
						
							2016-12-02 16:29:48 -05:00  
				
					
						
							
							
								 
						
							
							
								c3d0c18af5 
								
							
								 
							
						 
						
							
							
								
								make HttpClient configurable,  closes   #1071  
							
							
							
						 
						
							2016-12-02 16:23:55 -05:00  
				
					
						
							
							
								 
						
							
							
								f45a6ef56a 
								
							
								 
							
						 
						
							
							
								
								use the same encoding as on client side  
							
							... 
							
							
							
							see OIDCAuthenticationFilter line 336 
							
						 
						
							2016-12-02 16:20:09 -05:00  
				
					
						
							
							
								 
						
							
							
								476ec872ff 
								
							
								 
							
						 
						
							
							
								
								Fixed NPE in case if algorithm is not specified  
							
							
							
						 
						
							2016-12-02 16:13:26 -05:00  
				
					
						
							
							
								 
						
							
							
								bb6bb81dbc 
								
							
								 
							
						 
						
							
							
								
								Add new tests which asserts that `user_id` should not be present in the introspection response if there's no user authentication available  
							
							
							
						 
						
							2016-12-02 16:08:32 -05:00  
				
					
						
							
							
								 
						
							
							
								52da5e769a 
								
							
								 
							
						 
						
							
							
								
								Fix test by returning a new OAuth2Authentication instead of mocking it  
							
							
							
						 
						
							2016-12-02 16:08:32 -05:00  
				
					
						
							
							
								 
						
							
							
								d361f01999 
								
							
								 
							
						 
						
							
							
								
								Fix such that the OAuth2Authentication returned would have a `null` userAuthentication if `user_id` is not found during introspection  
							
							... 
							
							
							
							`sub` cannot be used to create the user authentication because it may not necessarily refer to the user. Instead if may refer to the client
if the access token happens to be client-only. 
							
						 
						
							2016-12-02 16:08:32 -05:00  
				
					
						
							
							
								 
						
							
							
								b2fab9642e 
								
							
								 
							
						 
						
							
							
								
								Fix such that `user_id` is only added if user authentication is available  
							
							... 
							
							
							
							OAuth2Authentication#getPrincipal() used by OAuth2Authentication#getName() defaults to the client id if user authentication is not available.
Prior to this fix, an introspection of a client-only access token would result to the user_id also being the client_id. This causes problems when this
introspection result is converted into an OAuth2Authentication by a resource server's IntrospectingTokenService -- the user_id is populated with
the client_id and so OAuth2Authentication's userAuthentication is populated falsely. 
							
						 
						
							2016-12-02 16:08:32 -05:00  
				
					
						
							
							
								 
						
							
							
								4ac3916db3 
								
							
								 
							
						 
						
							
							
								
								spaces to tabs  
							
							
							
						 
						
							2016-12-02 15:50:22 -05:00  
				
					
						
							
							
								 
						
							
							
								8333d035b4 
								
							
								 
							
						 
						
							
							
								
								move database files to match new layouts  
							
							
							
						 
						
							2016-12-02 15:50:15 -05:00  
				
					
						
							
							
								 
						
							
							
								fa122e7ad6 
								
							
								 
							
						 
						
							
							
								
								ojdbc driver uncommented in dep mgmnt  
							
							
							
						 
						
							2016-12-02 15:37:41 -05:00  
				
					
						
							
							
								 
						
							
							
								4b3284ffd2 
								
							
								 
							
						 
						
							
							
								
								ojdbc6 dependency moved to parent pom, added check constraints for boolean columns, fixed invalid column type  
							
							
							
						 
						
							2016-12-02 15:37:41 -05:00  
				
					
						
							
							
								 
						
							
							
								83a9fef14d 
								
							
								 
							
						 
						
							
							
								
								Oracle support added  
							
							
							
						 
						
							2016-12-02 15:37:41 -05:00  
				
					
						
							
							
								 
						
							
							
								dea6044e77 
								
							
								 
							
						 
						
							
							
								
								Set the encoding of the UserInfo response body to UTF-8  
							
							... 
							
							
							
							See http://openid.net/specs/openid-connect-core-1_0.html#UserInfoResponse  
							
						 
						
							2016-12-02 14:44:55 -05:00  
				
					
						
							
							
								 
						
							
							
								1b7612a26d 
								
							
								 
							
						 
						
							
							
								
								add db init script for mysql  
							
							... 
							
							
							
							add data-context example with mysql db initializer 
							
						 
						
							2016-12-02 14:43:18 -05:00  
				
					
						
							
							
								 
						
							
							
								cbe6b9e1df 
								
							
								 
							
						 
						
							
							
								
								add db init script for pgsql  
							
							... 
							
							
							
							add data-context example with pgsql db initializer 
							
						 
						
							2016-12-02 14:43:18 -05:00  
				
					
						
							
							
								 
						
							
							
								6f5ca3fd2f 
								
							
								 
							
						 
						
							
							
								
								Fixed missing "final" modifier in constant  
							
							
							
						 
						
							2016-12-02 14:31:25 -05:00  
				
					
						
							
							
								 
						
							
							
								337513a559 
								
							
								 
							
						 
						
							
							
								
								sync’d database tables from HSQL to MySQL and PGSQL  
							
							... 
							
							
							
							closes  #1154 
closes  #1148  
						
							2016-12-02 14:28:56 -05:00  
				
					
						
							
							
								 
						
							
							
								74d34ab744 
								
							
								 
							
						 
						
							
							
								
								null-safe target link filter  
							
							
							
						 
						
							2016-10-10 15:32:53 -04:00  
				
					
						
							
							
								 
						
							
							
								d0056ae882 
								
							
								 
							
						 
						
							
							
								
								added target link URI capability to webfinger issuer service  
							
							
							
						 
						
							2016-10-10 15:32:32 -04:00  
				
					
						
							
							
								 
						
							
							
								ec28327605 
								
							
								 
							
						 
						
							
							
								
								A new service for AuthenticationHolder management  
							
							... 
							
							
							
							- The logic to create and query AuthenticationHolder entities have been
  moved to a service, and other services that depended on
  AuthenticationHolderRepository now depend on
  AuthenticationHolderEntityService
- An additionalInfo map collection has been added to
  SavedUserAuthentication. This map can be used to store other
  information related to user authentication (like authn type,
  attributes etc.) 
							
						 
						
							2016-09-03 07:26:46 +02:00  
				
					
						
							
							
								 
						
							
							
								74f3e2d0c0 
								
							
								 
							
						 
						
							
							
								
								maven site generator working,  closes   #984   #941  
							
							
							
						 
						
							2016-08-01 13:36:06 -04:00  
				
					
						
							
							
								 
						
							
							
								8c5f34a979 
								
							
								 
							
						 
						
							
							
								
								Merge remote-tracking branch 'upstream/master' into devel  
							
							
							
						 
						
							2016-07-28 10:23:24 +02:00  
				
					
						
							
							
								 
						
							
							
								af7c1f7d45 
								
							
								 
							
						 
						
							
							
								
								added PKCE support to discovery endpoint  
							
							
							
						 
						
							2016-07-27 20:31:27 -04:00  
				
					
						
							
							
								 
						
							
							
								82c313f036 
								
							
								 
							
						 
						
							
							
								
								added PKCE support to client  
							
							
							
						 
						
							2016-07-27 20:31:14 -04:00  
				
					
						
							
							
								 
						
							
							
								ba0d0aab0b 
								
							
								 
							
						 
						
							
							
								
								use parameter constants for extensions maps in token service  
							
							
							
						 
						
							2016-07-24 17:46:04 -04:00  
				
					
						
							
							
								 
						
							
							
								ac0cafe7b3 
								
							
								 
							
						 
						
							
							
								
								parse and process PKCE requests  
							
							
							
						 
						
							2016-07-24 17:45:43 -04:00  
				
					
						
							
							
								 
						
							
							
								5dcda2812e 
								
							
								 
							
						 
						
							
							
								
								added code challenge method to client model (properly this time)  
							
							
							
						 
						
							2016-07-24 17:45:04 -04:00  
				
					
						
							
							
								 
						
							
							
								2cc90ba5f2 
								
							
								 
							
						 
						
							
							
								
								created PKCE algorithm class  
							
							
							
						 
						
							2016-07-24 17:06:29 -04:00  
				
					
						
							
							
								 
						
							
							
								83d7627ed0 
								
							
								 
							
						 
						
							
							
								
								serialize phone_number and phone_number_verified,  closes   #1030  
							
							
							
						 
						
							2016-07-24 16:49:46 -04:00  
				
					
						
							
							
								 
						
							
							
								d1d05e506e 
								
							
								 
							
						 
						
							
							
								
								added software statement to dynamic registration self-service  
							
							
							
						 
						
							2016-07-24 16:28:08 -04:00  
				
					
						
							
							
								 
						
							
							
								57208ac35d 
								
							
								 
							
						 
						
							
							
								
								added software statements to client API  
							
							
							
						 
						
							2016-07-24 16:12:56 -04:00  
				
					
						
							
							
								 
						
							
							
								d89257380f 
								
							
								 
							
						 
						
							
							
								
								make client assertion auth work again  
							
							
							
						 
						
							2016-07-24 15:28:51 -04:00  
				
					
						
							
							
								 
						
							
							
								f9e4d75a4a 
								
							
								 
							
						 
						
							
							
								
								use JWT bearer assertion token for assertion processing  
							
							
							
						 
						
							2016-07-24 14:55:45 -04:00  
				
					
						
							
							
								 
						
							
							
								42ccb8b39e 
								
							
								 
							
						 
						
							
							
								
								make software statement processing null-safe  
							
							
							
						 
						
							2016-07-24 14:55:12 -04:00  
				
					
						
							
							
								 
						
							
							
								bd9932d56f 
								
							
								 
							
						 
						
							
							
								
								added assertion processor to token endpoint  
							
							
							
						 
						
							2016-07-22 15:31:00 -04:00  
				
					
						
							
							
								 
						
							
							
								8c021ad403 
								
							
								 
							
						 
						
							
							
								
								added assertion validator that validates assertions signed by the local server only  
							
							
							
						 
						
							2016-07-22 14:04:33 -04:00  
				
					
						
							
							
								 
						
							
							
								8e016a8d30 
								
							
								 
							
						 
						
							
							
								
								make the null assertion processor the default  
							
							
							
						 
						
							2016-07-22 13:50:37 -04:00  
				
					
						
							
							
								 
						
							
							
								a5a12b2f1f 
								
							
								 
							
						 
						
							
							
								
								added assertion validation engine  
							
							
							
						 
						
							2016-07-22 13:47:20 -04:00  
				
					
						
							
							
								 
						
							
							
								fa63993896 
								
							
								 
							
						 
						
							
							
								
								added software statement to client model, added processor to dynamic registration parser  
							
							
							
						 
						
							2016-07-21 16:55:46 -04:00  
				
					
						
							
							
								 
						
							
							
								17be89fe98 
								
							
								 
							
						 
						
							
							
								
								updated whitelist to use error function  
							
							
							
						 
						
							2016-07-18 17:01:34 -04:00