025f7f3d66
updated encryption to sign using int value rather than alg
2012-07-17 10:52:16 -04:00
754e8406bb
removed web app from this git repository
2012-07-17 10:51:20 -04:00
99a574d303
encryption completed, decryption WIP
2012-07-17 10:50:35 -04:00
cee44de3d1
updated encryption class to include AbstractJwtEncrypter
2012-07-17 10:50:06 -04:00
caf2a7b494
updated encryption service to encrypt key and claims and then sign the jwe. decryption updated to decrypt encrypted key and ciphertext
2012-07-17 10:49:29 -04:00
cf0ce7b1fb
updated encryption and decryption for claims. WIP
2012-07-17 10:48:47 -04:00
e252951612
added encrypter/decrypter for claims to get ciphertext
2012-07-17 10:48:07 -04:00
33cc3fa899
Added spring simple web app for testing, encryption and decryption classes for rsa and hmac, still WIP
2012-07-17 10:47:41 -04:00
01793ec57f
added preferred_username claim to userinfo endpoint
2012-07-06 16:02:11 -04:00
50241e4da1
changed UserInfo.verified to UserInfo.emailVerified.
2012-07-06 14:11:43 -04:00
f0c949fd09
added scope-based filter for userinfo
2012-07-05 17:14:51 -04:00
c24a2206e9
updated jwtheader parser
2012-07-03 16:43:00 -04:00
ac7a53b234
bugfix: call setNonce instead of setType
2012-07-03 16:38:53 -04:00
a03129f70a
added documentation updates
2012-07-02 14:18:25 -04:00
4e3c99abe4
Merge branch 'validityIntegers'
2012-06-26 13:55:26 -04:00
81d1af40bd
Updated our ClientDetailsEntity *TokenTimeout fields to be *ValiditySeconds, which are now typed as proper Integers in the SECOAUTH ClientDetails interface
2012-06-26 13:54:01 -04:00
1127a7cfbc
refactored JWKs, updated signing servier to use them
2012-06-25 17:19:25 -04:00
adb8499bee
merged derryberry code, plus tweaks, still WIP
2012-06-25 16:42:41 -04:00
b1fc07bcb8
updated -common code to get a validation service from a server configuration
2012-06-21 14:37:30 -04:00
b94fbd7439
updated -common and -client code by removing throws exception, changing to rest templates, and updating test cases to use annotations
2012-06-20 09:36:55 -04:00
fe3bbfb3d5
Further cleanups. Still missing:
...
- All tests extend TestCase, should use annotations instead
- Several elements throw Exception
- Key Fetchers should use RESTTemplates and be in a separate utility set
2012-06-15 17:11:58 -04:00
b86abdd761
merge from pull request, plus cleanup
2012-06-15 15:36:14 -04:00
ace5dd1f1e
imported userinfouserdetails filter from MITRE codebase
2012-06-13 16:33:55 -04:00
65dc3daaf8
smart client
2012-06-12 16:09:01 -04:00
2a05ff995d
Added support for additional field in ClientDetailsEntity.java.
2012-06-11 16:27:35 -04:00
3e810cb5dc
Merge remote-tracking branch 'mitre/master'
2012-06-07 14:29:13 -04:00
fad6caa968
Added testing for signers for Hmac, Rsa, and Plaintext
2012-06-07 14:28:09 -04:00
e44697cef9
updated JWK display to latest, closes #58
2012-06-05 16:07:19 -04:00
5c72d8b95f
revocation endpoint cleanup, still needs views
2012-06-05 11:24:11 -04:00
27219c066d
refactored our service to reflect upstream
2012-06-05 10:18:26 -04:00
ee28d56031
initial implementation of x509 and JWK key retrieval
2012-06-01 10:51:28 -04:00
3402a3e463
ClientAPI now fully supports RESTful DELETE
2012-05-16 14:32:40 -04:00
af6e043239
Client Entity now initialized with non-null values so JPA won't flip. Added unified method for saving. Sync'd class member names to allow proper binding.
2012-05-16 13:27:53 -04:00
0c7ea88323
Client updates.
2012-05-15 17:03:17 -04:00
49e96778b8
Missed a file
2012-05-10 17:46:09 -04:00
fd91c884bb
Made interfaces... deleted a thing.
2012-05-10 17:45:10 -04:00
e33f277bbe
Updated classes to track newest version of SECOAUTH. This update closes issues #3 , #4 , #8 , and #36 (infinite redirects). This revision changes the authorization and token endpoints to be /openidconnect/auth and /openidconnect/token, respectively.
2012-05-09 15:16:56 -04:00
2cf12d4078
Made getAll use ? extends UserInfo
2012-05-08 16:23:36 -04:00
97dffb6414
added copyright to all java files. closes #11
2012-04-27 17:55:58 -04:00
6724866099
moved jwt components, utilities, and various interfaces to -common from -server
2012-04-27 15:20:49 -04:00
269a354f8c
Added tables.sql, which is just a concatenation of all the other sql files. Added redirect_uris.sql, which is a NEW table needed to support clients registering multiple redirect uris.
...
This updates us to the HEAD revision of SECOAUTH, where the redirect uri field on ClientDetails has been updated to be a Set<String> instead of a single string. I updated the UI code so that it will still work, but it will need to be updated to allow users to register multiple uris.
This also closes issue #2 from the issue tracker.
2012-04-10 13:44:10 -04:00
8b10b83516
Added setNonce to JwtClaims.
2012-03-23 11:08:49 -04:00
664dd1df46
JWT claims can now have nulls in them without barfing
2012-03-22 11:46:48 -04:00
c59d3fe963
it spits out JWTs! and id tokens! JWT still needs to handle nulls
2012-03-21 17:59:48 -04:00
ebe72412fe
Authorization Grant flow works up to serializing the returned Access Token. Justin is investigating serialization problems.
2012-03-21 16:44:16 -04:00
2f29cc52b2
Merge branch 'client_refactor'
2012-03-16 16:28:51 -04:00
e6e7504213
added files and shuffled things to new packages
2012-03-16 15:46:23 -04:00
Mike Derryberry