8749e1124e
added generic error message handler
2016-07-18 14:42:38 -04:00
44313c4e10
reformatted error template
2016-07-18 11:58:02 -04:00
93be6b59b8
switched to using templates instead of inline code
2016-07-15 15:49:10 -04:00
efc1c3c8bd
added common API error handler function, closes #1066
2016-07-14 20:54:18 -04:00
ee537c404b
externalize locale and message resolver configuration
2016-07-14 18:29:38 -04:00
66667b95bc
add blacklist i18n resource bundles.
2016-07-14 18:16:08 -04:00
0153ff9cb8
localize login page
2016-07-14 18:16:08 -04:00
55b54c53b3
add Chinese (both simplified and tranditional) messages.
2016-07-14 18:16:07 -04:00
4884b167f2
fix DBCS render issue #1056
2016-07-08 16:22:50 -04:00
c96be134da
Fix unqualified access to implicit request object ...
...
If the OpenId request object parameter is used it hides the implicit
request object, which in turn causes the expression to fail.
To circumvent this we need to access the request object through the
pageContext.
2016-07-07 16:40:23 -04:00
a8adcb1f6b
Fix form action for approve.jsp for root contexts
2016-07-07 16:40:23 -04:00
fa4722cdd8
shortTopbarTitle
2016-07-07 16:31:48 -04:00
37bead1404
added configuration flag for HEART mode
2016-03-18 22:04:22 -04:00
2d2cf57125
added 'green' display to http on 127.0.0.1 in addition to localhost
2016-03-18 22:03:00 -04:00
37b9acda66
fixed erroneous error log
2016-03-18 22:02:40 -04:00
89316cbab1
fixed default token lifetimes for heart mode
2016-03-18 22:02:28 -04:00
60faf96e00
modified UI for HEART mode
2016-03-10 12:50:25 -05:00
26d507d635
default new client in UI to HEART-compliant values
2016-03-10 12:34:10 -05:00
52061ff05a
pass heart mode variable to javascript
2016-03-09 10:47:48 -05:00
3a0fd9141f
added HEART Mode image to footer
2016-02-24 17:16:51 -05:00
cebf0fb8b2
added general javascript error catch
2016-02-12 17:32:35 -05:00
659646ba9a
sync overridden files from UMA server
2016-02-09 16:50:24 -05:00
193d3f8ec6
fixed typo in messages file
2016-01-27 09:44:04 -05:00
002767ec8a
UI cleanup for dynamic registration and resource registration
2016-01-22 18:16:23 -05:00
8168acf04b
set off client registration information on dun reg page
2016-01-22 17:51:02 -05:00
26483b22a9
added claims redirect URI editing to the UI for both admins and dynamic clients, closes #1005
2016-01-22 17:50:40 -05:00
7badfe1d17
Happy new year 2016!
2016-01-21 15:50:37 -05:00
b691cd198a
Update client.html
...
In my instance, this typo cause an error to underscore.js when it is parsing
2015-12-29 18:50:32 +07:00
d1033b693f
added privacy-preserving client logo cache
2015-12-21 15:51:39 -05:00
43509b7dfb
removed a few straggling KIT references
2015-12-21 14:37:06 -05:00
099ae41607
added client logo to admin table, closes #280
2015-12-21 14:33:49 -05:00
d338352cc8
scroll Ui to top of page on page loads, closes #977
2015-12-18 15:41:01 -05:00
7f464c496b
changed copyright to new consortium name
2015-12-16 14:51:12 -05:00
be9d8948ef
added UMA classes to logger configuration
2015-12-10 16:35:25 -05:00
c59f722cc2
enforce pairwise identifier consistency in UI, closes #969
2015-11-25 15:36:15 -05:00
2496dc114c
allow language system to be loaded from multiple files. closes #817 closes #876
2015-11-24 20:33:55 -05:00
e255fc1a10
change default behavior of message source, closes #964
2015-11-24 20:33:54 -05:00
70751a3d4a
updated configuration to comment out optional property value in example
2015-11-24 12:17:32 -05:00
7b34a666d9
Make the dual client support configurable
2015-11-24 12:10:27 -05:00
f27673a5f5
Align user profile claims
...
Especially helps when `<dd>` collapses due to an empty claim value.
2015-11-23 21:34:54 -05:00
a5701f4ea3
limit client pagination to 10 pages at a time, closes #886
2015-10-13 17:55:18 -04:00
c67611e975
added qualifier name to persistence unit and transaction manager, closes #883
2015-10-12 21:15:30 -04:00
301802abd3
Speed up servlet start
...
- Set metadata-complete="true" attribute on the <web-app> element.
- Add an empty <absolute-ordering /> element.
See:
https://wiki.apache.org/tomcat/HowTo/FasterStartUp#Configure_your_web_ap
plication
On my (old) machine, this reduces startup time with Jetty from 137580ms
to 20166ms.
2015-10-12 13:10:04 -04:00
9117e7fe31
Add SQL indexes for PostgreSQL and HSQLDB
2015-10-12 13:08:16 -04:00
7871ee0f26
Improve error message
2015-10-12 13:07:18 -04:00
58543ac9c4
Fix ID token icon description
2015-10-12 12:59:44 -04:00
b5c298e0ca
Remove legacy CSRF protection for approve page
...
Instead, we rely on the Spring Security CSRF protection, like we already do for the login page. Additionally, we remove the authentication check in`isApproved`, because this is already done by Spring Security (and if not, we have bigger problems to worry about).
2015-10-09 17:09:46 +02:00
3c222b0d79
rewrote blacklist UI, fixed delete functions on rest of UI, closes #905
2015-10-02 18:37:57 -04:00
43e9fbc29c
fixed issuer on login page, added CSRF to login / logout, closes #870 , closes #824 , closes #875
2015-10-01 21:16:38 -04:00
74f5a248c7
Added indexes to MySQL file, closes #902
2015-10-01 18:59:28 -04:00
31374c0f7b
added spring security to logger configuration, closes #917
2015-10-01 15:32:55 -04:00
8d0355a513
Fix commented-out datasource config for postgresql and mysql to user HikariDataSource instead of Apache's BasicDataSource (since the class isn't in the project by default)
2015-08-21 17:27:12 -04:00
54d8d890e5
restricted access to /authorize to ROLE_USER accounts, closes #892
2015-08-21 10:20:26 -04:00
cd46994fb3
removed old DB upgrade scripts (use the upgrade API instead)
2015-08-05 12:04:14 -04:00
0740443768
added claims redirect uri set to client model for UMA usage
2015-07-30 13:56:14 -04:00
658b5e1456
updated all available javascript libraries to latest versions
2015-07-10 16:04:36 -04:00
99fbda3d13
fix scope icon overlay in scope editor for safari/chrome/IE, closes #867
2015-07-10 11:40:50 -04:00
71c52d1a39
restored default scopes
2015-07-10 11:39:49 -04:00
e18fa60054
database sync
2015-07-09 18:24:56 -04:00
064f36ef6c
clean up resource sets when clients are deleted
2015-07-09 18:07:19 -04:00
7345a03aaa
added UMA import, closes #811 even harder
2015-07-09 11:48:52 -04:00
8c822c0f54
detached whitelist from approved sites, closes #781
2015-07-08 17:22:55 -04:00
2d6be48732
made error page responsive to HTTP status codes.
2015-07-08 14:36:03 -04:00
e96eda0990
save dynamically registered clients to the server's database, closes #799
2015-07-08 14:35:20 -04:00
44dce71888
fixed database syntax, closes #860
2015-07-07 17:57:42 -04:00
42b93be492
added uri-encoded client service, closes #857
2015-07-07 17:55:56 -04:00
a42920355c
updated error page, closes #858
2015-07-07 14:48:46 -04:00
0360d35c3b
updated to servlet 3.0
2015-07-07 14:48:31 -04:00
de72311c95
updated key to 2048-bit version to set a good example
2015-07-07 13:50:57 -04:00
ee9413b882
database sync
2015-07-03 20:20:51 -04:00
2cfaa1c1d7
renamed RequiredClaimSet to Policy
2015-07-03 20:16:32 -04:00
b8a5486995
made required claims sets stick in the database
2015-07-03 20:16:32 -04:00
cd47d32e2d
split required claim sets out as separate indirection structure, closes #813
2015-07-03 20:16:32 -04:00
50cbeb3e4c
DB table sync
2015-06-25 12:11:31 -04:00
2f4d9ce54b
clearing out refresh tokens is now configurable, closes #409
2015-06-25 12:07:38 -04:00
b18bea6b9f
switched connection pool to use HikariCP, closes #821
2015-06-24 16:21:31 -04:00
445099fc74
Sync database changes across all three platforms
2015-06-23 20:31:28 -04:00
84b595ea6f
Synch with HSQLDB version
...
Few fields were missing, e.g. user_info::src, causing an application crash with MySQL.
2015-06-23 20:24:29 -04:00
2d5e53c0f2
Fix syntax error: , at the end of table creation
...
Fix syntax error: , at the end of table creation
2015-06-03 14:56:03 +03:00
d1e8529a7b
expose ID Token and UserInfo to the AuthoritiesProvider and AuthoritiesMapper, both extensible
...
closes #699
closes #761
2015-06-01 21:11:19 -04:00
23e1e87368
dressed up error message a little
2015-06-01 19:39:09 -04:00
0aabb7226d
internationalized the error and login pages
2015-06-01 19:34:43 -04:00
4655650a68
added OAuth error display page, closes #559
2015-06-01 19:21:32 -04:00
54e3b7e8d3
added new messages for JWK Set handling
2015-06-01 19:08:51 -04:00
49c8804a1c
JWK Set by value UI added to resource registration
2015-06-01 15:35:21 -04:00
d09b003bc3
JWK Set by value UI added to dynamic registration
2015-06-01 15:35:21 -04:00
79317d5b70
JWK Set by value added to admin UI, addresses #826
2015-06-01 15:35:21 -04:00
30162f6baa
added direct JWK set to data model
2015-05-29 13:00:13 -04:00
285504cba1
sync database tables across different vendors
2015-05-28 17:26:30 -04:00
742ceea182
Support for PostgreSQL
2015-05-28 17:07:41 -04:00
d583499a07
Add X-Frame-Options header
2015-05-28 17:07:06 -04:00
98e414b6df
broke out authentication holder class into parts, no more serializable pieces in the database, closes #696
2015-05-26 22:00:20 -04:00
cb8abca0f6
removed embedded JOSE classes in favor of converters
2015-05-22 13:04:21 -04:00
e9aeb8318e
added labels for new UI bits
2015-05-22 13:04:21 -04:00
6be2b4f65e
added ES* and PS* support for signed objects
2015-05-22 13:04:21 -04:00
eb1ea4c0b8
Update topbar.tag
...
Fixes #816
2015-05-22 18:21:07 +02:00
aeed2fa003
issue new refresh tokens for clients who are configured for it, closes #408
2015-05-13 18:01:49 -04:00
5b02e18f7c
added a simplified user menu and login button for collapsed navbars, closes #801
2015-05-13 17:16:03 -04:00
e52fff58f5
added hierarchical user info display, closes #787
2015-05-13 16:48:01 -04:00
cdf6107b25
reverted changes related to UMA server
2015-05-12 20:09:31 -04:00
f077579b29
moved UMA-specific files to the UMA webapp package
2015-05-12 17:39:17 -04:00
582c52ebf5
display error on webfinger failure
2015-05-12 11:36:48 -04:00
7188a06488
added deletion functionality to UI
2015-05-12 11:16:51 -04:00
c63651626f
added simple display for required claims into resource set display
2015-05-12 10:57:34 -04:00
396ed472a9
cleaned up external login page
2015-04-12 22:26:11 -05:00
9c6f12087d
fixed javascript bug on resource set save
2015-04-12 21:47:09 -05:00
b2912b944a
tweaked configuration of login pages to allow parallel logins
2015-03-31 17:06:26 -04:00
08413302eb
configured OIDC client on claims collection endpoint
2015-03-31 15:35:20 -04:00
2a4cceff5a
object consistency across commits
2015-03-30 18:03:49 -04:00
6e095e3266
can now add and remove email address claims from the UI
2015-03-30 17:54:16 -04:00
1ad1813239
claim removal and policy saving
2015-03-30 14:47:58 -04:00
e89d8cd985
added webfinger lookup helper service
2015-03-30 11:49:49 -04:00
06ae8545ae
Merge branch 'master' into uma
2015-03-20 18:15:27 -04:00
332cb22a99
claim forms displayed
2015-03-20 18:15:05 -04:00
3e931c68b4
added policy editing overview page
2015-03-20 17:27:10 -04:00
ba0c679e60
made "en" the default locale explicitly
2015-03-20 10:20:37 -04:00
aee2544fbf
updated tables for MySQL
2015-03-18 19:40:16 -04:00
7df31f1e87
completed rudimentary UMA authorization API.
...
Working: resource set registration, permission ticket creation, RPT creation from ticket
Still missing: adding required claims to resource set, adding provided claims to permission ticket
2015-03-17 22:26:12 -04:00
e1769d1545
added (optional) permissions sets to access tokens
2015-03-17 21:42:36 -04:00
1be9da52c6
separated ticket object from permission object to facilitate re-use of permission object with tokens
2015-03-17 21:16:29 -04:00
2993b76dad
added auth request endpoint to context configuration
2015-03-17 18:59:43 -04:00
1393251da9
added value to claim
2015-03-17 18:57:35 -04:00
2aadb09f49
started claims service, added expiration to permissions
2015-03-16 22:52:21 -04:00
a57c336e11
added uma_authorization to default scope set
2015-03-16 12:29:17 -04:00
8352145d82
Merge branch 'master' into authorization-api
...
Conflicts:
openid-connect-common/src/main/java/org/mitre/oauth2/service/SystemScopeService.java
openid-connect-server-webapp/src/main/webapp/WEB-INF/application-context.xml
openid-connect-server/src/main/java/org/mitre/discovery/web/DiscoveryEndpoint.java
openid-connect-server/src/main/java/org/mitre/oauth2/web/IntrospectionEndpoint.java
openid-connect-server/src/main/java/org/mitre/openid/connect/web/ClientAPI.java
openid-connect-server/src/test/java/org/mitre/oauth2/service/impl/TestDefaultIntrospectionAuthorizer.java
2015-03-13 18:39:26 -04:00
ba51df0c37
consolidated client credential filter beans
...
(note: imports magic from secoauth)
2015-03-13 18:30:09 -04:00
4f12fab56b
made unused auth codes expired (they're still single-use), refactored auth code service layer
2015-03-13 13:45:49 -04:00
7e9ee525a8
cleaned up old i18n files and references
2015-03-13 11:33:20 -04:00
f39e2e9412
ported the remainder of the swedish language file to the JSON format
2015-03-12 20:56:26 -04:00
9b0e504cea
transferred remainder of English text to new configuration
2015-03-12 18:03:05 -04:00
2abcd96bbe
set fallback locale to English, ultimate fall through is to return the code string itself
2015-03-12 17:28:27 -04:00
285ad71874
made input reader use UTF8, imported the first set of Swedish text to the JSON format
2015-03-12 17:07:08 -04:00
4d1b08f89d
moved english homepage text to json format
2015-03-12 15:49:44 -04:00
80605becf1
rudimentary json-based message source
2015-03-12 15:26:23 -04:00
75e0cdd550
fixed syntax error in messages file
2015-03-12 13:34:35 -04:00
54bec32b7e
restored relative time display to a few pages where it was lost during i18n updates, closes #766
2015-03-11 21:24:11 -04:00
daee9266c5
default clients to SECRET_BASIC in UI, closes #772
2015-03-11 16:34:45 -04:00
1735dbca11
extracted controller URLs to constants, closes #769
2015-03-11 13:20:59 -04:00
c777ebfac9
added universal OAuth exception handling
2015-03-11 11:41:28 -04:00
1ba14f7682
added resource set and permission ticket tables to mysql datastore
2015-03-10 18:49:44 -04:00
c3bf359629
turned resource server filter back on
2015-03-10 18:28:35 -04:00
99c57141cb
fixed prepacked scope value
2015-03-10 15:36:43 -04:00
ee522100b9
Merge branch 'master' into uma-introspection
...
* master:
fixed logger variable name
made logger declarations consistent across project, closes #780
Fixed logger
null safe
removed DateUtil
added icons to scope editing panel
2015-03-10 15:03:26 -04:00
627bcaee43
added client_id to resource sets
2015-03-10 12:38:13 -04:00
5ff9cd1bbb
implemented permission registration API
2015-02-28 17:59:37 -05:00
0dc7cb05e7
added icons to scope editing panel
2015-02-27 12:37:11 -05:00
351ce3995a
Merge branch 'master' into uma
...
pulled in deep link checking and checkbox handling
2015-02-27 10:16:25 -05:00
c8cf2abbd9
made scopes robust against deep links
2015-02-27 10:15:36 -05:00
45754d3b75
made clients robust against deep links
2015-02-27 08:47:39 -05:00
d570497b16
fixed some bugs in whitelist rendering and saving
2015-02-26 21:17:40 -05:00
Justin Richer