166c53cd6a
fixed comparison of client IDs in refresh token, closes #752
...
Also addresses #735 (again)
2015-01-24 07:47:50 -05:00
a1228d19b5
Changed lastWeek logic back to correct form, removed logic used for
...
testing.
2014-12-19 00:39:07 -05:00
3e7ade9a67
fixed unit tests
2014-11-22 23:46:25 -05:00
e371ad345f
fixed checking of refresh token permissions in client service, clients can now request either refresh_token grant type or offline_access scope and it will work. added checkbox to dynreg page for ease-of-use
...
closes #734
2014-11-22 23:46:25 -05:00
56344fa12b
make sure that client presenting refresh token is the same client the refresh token was issued to
...
closes #735
2014-11-22 23:46:25 -05:00
b14dfa6458
approval page defaults to "ask again" when prompt=consent is passed, closes #669
2014-11-13 11:23:54 -10:00
775b77b367
updated date format of token introspection response, closes #719
2014-11-13 11:08:20 -10:00
9dfac35912
Introduce introspection result assembler to allow for customized introspection results
2014-10-14 21:06:09 -04:00
188818dc0d
added null check to confirmation controller, closes #684
2014-10-07 21:58:15 -04:00
1e71749c23
added more generic rotation capability
2014-10-07 19:40:38 -04:00
0b8dbc4f68
added registration token API
2014-10-07 19:40:38 -04:00
d5551e9692
Added services for data import/export and modified JpaAuthenticationHolderEntity and Repository to allow getting all objects
2014-10-06 22:58:26 -04:00
c683131f12
externalized view name strings and tied them to view beans
2014-09-28 22:25:39 -04:00
9e88a62479
moved the API endpoints, made resource tokens accessible too
2014-09-22 23:38:12 -04:00
81634e6165
added API for getting tokens by clientid
2014-09-22 22:55:13 -04:00
a106121af3
created blacklist aware redirect resolver and wired it in, closes #549
2014-06-10 16:29:45 -04:00
cdd23df7ee
token introspection now returns user "sub" when available in addition to "user_id", closes #507 (might cause incompatibility problems)
2014-06-04 17:27:38 -04:00
d2c83104fb
cascade token saves
2014-05-27 19:28:38 -04:00
7f8cbcea39
Use return value from TokenEnhancer.enhance
2014-05-27 19:23:44 -04:00
0c8cacd59a
added missing copyright headers
2014-05-27 13:46:47 -04:00
525f3aa2a8
Cleaned up indentation, whitespace, and imports.
2014-05-27 13:02:49 -04:00
5ab516de48
prevent clients from registering with special resource scope
2014-05-26 17:39:20 -04:00
960319b796
improved logging configuration, removed transactional from service
2014-05-25 15:38:44 -04:00
ca333d256b
Appropriately catch runtime exceptions in all guava caches, closes #603
2014-05-23 15:00:40 -04:00
dcf36234c4
moved CSRF generator to request parser instead of confirmation controller
2014-05-13 09:48:34 -04:00
a253ebc908
added CSRF protection to approval page
2014-05-13 09:27:02 -04:00
fcfbf1080f
renamed auth request variable
2014-05-13 09:26:27 -04:00
7cd36b471f
Make introspection endpoint access authorization pluggable.
2014-05-07 16:44:56 +02:00
376403fa4a
account for registration time in approval page, closes #550
2014-04-19 07:28:20 -04:00
1d2f968bd1
configuration cleanup, closes #568
2014-04-18 22:11:58 -04:00
521017c5c2
updated stats service to have a resettable cache triggered by other service events
2014-04-16 21:39:37 -04:00
39509bfdc4
Performance improvement of token cleanup:
...
an alternative token cleanup mechanism designed to maintain a very compact memory footprint while performing cleanup in consecutive runs of the cleanup thread. This serves to address OutOfMemoryException issues of the original token cleanup mechanism when process is under load. Also, added cleanup of the authentication_holder table.
2014-04-10 23:38:37 -04:00
15b017992c
added DELETE to token api because revocation endpoint doesn't work for this kind of management, closes #191
2014-03-01 11:05:46 +00:00
89f015cf1c
Updated Token API to be less leaky
2014-02-28 21:14:27 +00:00
dd391ebf3c
Display contacts, popup for image, cleanup of more info
2014-02-16 21:58:16 -05:00
dab52ca8a0
enhancements to approval page
2014-02-16 18:25:05 -05:00
ec6a78c1ba
made prompt pluralizable to comply with spec, closes #519
2014-02-16 01:41:08 -05:00
19dbe92d4e
initial support for displaying claim values for requested scopes
2014-01-20 20:56:04 -05:00
3b52ce8201
happy new year!
2014-01-20 12:38:42 -05:00
ebbc7209aa
automated code formatting and cleanup
2013-12-03 14:19:34 -05:00
d3dbb00e77
ensure clients and tokens don't get special system scopes, addresses #320
2013-11-27 10:35:56 -05:00
ef01de168d
Moved special token scopes to scope service interface
2013-11-27 10:21:52 -05:00
447df56947
removed unused nonce exception
2013-11-27 09:10:35 -05:00
27f391ef01
Fixed compilation errors for SECOAUTH milestone updates
2013-11-25 09:31:50 -05:00
66e837f650
Move extension parameters into OAuth2Request.extensions map; remove all calls to OAuth2Request.getRequestParameters.
2013-09-17 10:54:19 -04:00
9b72c6b1f3
check sector identifier URI's contents and match against redirect URIs, addresses #504
2013-09-13 14:22:24 -04:00
99ad9b883e
added validator that knows how to deal with structured scopes
2013-09-06 16:07:25 -04:00
59187d47e4
use new unified parsing for approval page
2013-09-06 16:07:25 -04:00
1c4c53f252
scope comparison for introspection endpoint
2013-09-06 16:07:24 -04:00
6152a943d8
serialize structured scopes properly (with tests)
2013-09-06 16:07:24 -04:00
Justin Richer