7e64c4bffc
deleted duplicate login button, addresses #276
2013-03-01 17:42:48 -05:00
13a3e97113
updated request object forwarding hack
2013-03-01 17:42:48 -05:00
0712d8c340
updated spring version
2013-03-01 17:42:48 -05:00
42ea2468c9
Split up about, contact, stats tags into two each and removed logic from the *Content tag files
2013-02-28 13:56:09 -05:00
8677f6516d
Template-ized most of the home page UI
2013-02-28 11:25:37 -05:00
987a05302d
Added configured logo url
2013-02-25 13:01:26 -05:00
60b679e942
First steps towards adding display variables to config bean
2013-02-22 17:10:14 -05:00
4d725b88dd
more updates to track nimbus-jose-jwt classes and use them properly
2013-02-22 12:08:01 -05:00
9a98d241e8
updates to track Nimbus JOSE API changes to audience and date fields
2013-02-22 12:08:01 -05:00
cc727cee3e
patched unit test to new format
2013-02-22 12:08:01 -05:00
03e7337b9f
client registration endpoint needs general rewrite to fit new spec.
...
Most of the problematic references will change with the rewrite, so this is a slapdash patch to make things compile for now.
2013-02-22 12:08:01 -05:00
25b9940a68
request object endpoint is a placeholder, cleaning out for now
2013-02-22 12:08:01 -05:00
e5732da857
added system default signing algorithm, converted token provider and enhancer to use nimbus-jose
2013-02-22 12:08:01 -05:00
c01e873019
request object processor moved to nimbus-jose
2013-02-22 12:08:01 -05:00
0f99e0e06d
assertion token granter moved to nimbus-jose
2013-02-22 12:08:01 -05:00
10ab55a7e2
moved jwk/x509 publishing over to nimbus-jose (mostly)
2013-02-22 12:08:01 -05:00
fca30cd13f
added provisions to bootstrap signing and validation service from config files
2013-02-22 12:08:01 -05:00
a078f7d202
patched userinfo view to use nimbus
2013-02-22 12:08:01 -05:00
c7d1b47b38
converted bearer assertion framework to nimbus-jose
2013-02-22 12:08:01 -05:00
910a6cf1a0
remvoed idtoken repository that was never used
2013-02-22 12:08:01 -05:00
46a3e70377
removed idtoken class, removed all jwe/jwt tests
2013-02-22 12:08:01 -05:00
46f0e6f3cb
restyled login page
2013-02-20 16:39:46 -05:00
b840b31c74
added cleaner login/logout failure handling and processing
2013-02-20 16:11:08 -05:00
1398575061
Added additional joda time dependency
2013-02-20 15:44:53 -05:00
58ea01f0f8
added hints to login form to discourage mobile browsers from trying to do something clever like autocorrect
2013-02-13 13:27:31 -05:00
991f37a1e6
refactored javascript and template files into components
2013-02-13 10:12:31 -05:00
137e5e5ca1
added placeholder blocks in place of empty tables, addresses #244
2013-02-06 17:42:10 -05:00
62b931ee0d
scope icons now show up everywhere
2013-02-05 17:39:38 -05:00
d0fdf8140e
sorting on approval page
2013-02-05 15:47:32 -05:00
328fa221bd
scope bootstrapping
2013-02-05 15:08:49 -05:00
02846c0a8d
typo fix, DB constraints
2013-02-05 14:40:06 -05:00
88f2ea3e7e
icon selector
2013-02-05 14:33:58 -05:00
e622202e9e
display scopes based on request, pull scope information dynamically, addresses #208
2013-02-05 11:36:59 -05:00
eb4773ce46
beginning dynamic scopes on auth page
2013-02-05 11:28:39 -05:00
c2b9fd4db1
system scope ordering consistency
2013-02-05 11:11:41 -05:00
173281f039
DB consistency fix
2013-02-05 11:11:15 -05:00
801a45cc49
several bugfixes to scopes UI, works now
2013-02-03 22:04:56 -05:00
e5171a196a
minor bugfixes
2013-02-03 22:04:55 -05:00
d1968f624a
scope ui bugfixes
2013-02-03 22:04:55 -05:00
fbfc977f3b
system scope ui updates
2013-02-03 22:04:55 -05:00
9dc603a759
scope management UI
2013-02-03 22:04:55 -05:00
1ceee853f9
scope management UI
2013-02-03 22:04:55 -05:00
a3037a18a7
system scope service applied to client creation UI
2013-02-03 22:04:55 -05:00
cab36a2b80
added appropriate filterered and transformative actions to scope service
2013-02-03 22:04:55 -05:00
ab35186696
added scope service, repository, and API
2013-02-03 22:02:24 -05:00
19e7b62a42
removed persistence.xml and moved to pure spring-based config, addresses #194
2013-02-03 22:02:23 -05:00
a3619240e6
added site scope
2013-02-03 22:02:23 -05:00
a2e548c261
fixed claims processor for request object from user info endpoint
2013-02-03 22:02:23 -05:00
899150d636
tweak display on auth revoke page
2013-02-03 22:02:23 -05:00
3c190e044a
inject parsed parameters to make SECOAUTH happy
2013-02-03 22:02:23 -05:00
1144d511af
inject scopes
2013-02-03 22:02:23 -05:00
f9d50db1f1
don't treat openid scope special here -- by default client gets access to *all* scopes it's registered for
2013-02-03 22:02:23 -05:00
078342715b
moved request object to request manager
2013-02-03 22:02:22 -05:00
3399eed45a
Added about, contact, and stats pages. Still largely placeholders, but the topbar works correctly now at least.
2013-01-31 11:34:07 -05:00
0be254c99a
updated token introspection output to match spec and client filter
2013-01-30 15:31:32 -05:00
e02e08563c
changed order or custom filters to make assertions work, added client credentials token granter to default
2013-01-30 14:34:16 -05:00
c1d33bb55b
bugfix in assertion processor
2013-01-30 14:34:16 -05:00
2e2c0e8e6c
Fixed bug in nonce processing
2013-01-29 13:07:41 -05:00
3db74100a4
working on bug
2013-01-29 13:07:41 -05:00
dd8b48e863
Reset ConnectAuthorizationRequestManager to version from master
2013-01-29 13:07:41 -05:00
06f970e61b
Trying to fix nonce service
2013-01-29 13:07:41 -05:00
86bf51f0a7
Added java reflection code for request object handling, needs to be tested
2013-01-29 13:07:41 -05:00
677f0f2d4c
Stubbed out required functionality for request object filtering
2013-01-29 13:07:41 -05:00
67e8714671
Working on request object userinfo parsing
2013-01-29 13:07:41 -05:00
779001a8c8
updated copyright year
2013-01-28 13:39:25 -05:00
7269700dc6
switched injector from repository to service
2013-01-24 19:32:55 -05:00
f0ee36dad2
auth_type -> auth_method (addresses #258 )
2013-01-18 18:26:55 -05:00
fd2253303e
changed pointer on tabs, addresses #252
2013-01-18 18:17:39 -05:00
899e306683
fixed JS crash on "new client" operation
2013-01-18 18:15:19 -05:00
8831bc64a2
offline -> offline_access (addresses #248 )
2013-01-18 18:03:39 -05:00
27a26e0a35
(user_id/prn) -> sub
2013-01-18 16:40:05 -05:00
1ab29882b4
fixed user prepoulation table
2013-01-18 15:38:53 -05:00
0ab4ad4bbe
added "birthdate", addresses #253
2013-01-18 15:38:41 -05:00
6ef4dc817e
genericized nimbus code, added caching
2013-01-18 15:10:48 -05:00
2d21a72e7e
switched to nimbus to check JWT signature
2013-01-18 15:10:48 -05:00
60bda31c54
updated custom filter
2013-01-18 15:10:48 -05:00
c17bc05b0e
wiring configuration
2013-01-18 15:10:48 -05:00
4262be1fd3
added jwt processing to client auth provider
2013-01-18 15:06:00 -05:00
abd64eccd6
added framework for processing assertions for client auth
2013-01-18 15:06:00 -05:00
ad5e77f7ff
Made nonce storage duration configurable in application-context.xml;
2013-01-10 10:34:40 -05:00
59f1b1f05e
Testing, nonce handling seems to be working now
2013-01-07 13:28:30 -05:00
a1a117cfde
Added default constructor to ConnectAuthorizationRequestManager
2013-01-07 10:54:33 -05:00
af81e371fb
Updated application-context to use new authorization request manager
2013-01-07 10:46:55 -05:00
77b932f5a7
Added implementation of AuthorizationRequestManager. Nonce checking will go in here
2013-01-04 15:30:24 -05:00
1af6513499
Removed nonce checking from token service impl
2013-01-04 15:30:24 -05:00
7e7b2527db
Added nonce to persistence.xml
2013-01-04 15:30:24 -05:00
246ed962bb
Added stub of repository test
2013-01-04 15:30:24 -05:00
e1dffb959c
Added NonceReuseException
2013-01-04 15:30:24 -05:00
8f8a3754db
Added database tables for Nonce
2013-01-04 15:30:24 -05:00
a4637ec395
Fleshed out nonce service classes, added code to token service impl to check for and store nonces. Added JodaTime library for working with dates.
2013-01-04 15:30:24 -05:00
c7ae315e98
Added initial files for nonce service. Repository and service impls are stubs
2013-01-04 15:30:24 -05:00
cbcfe55bb9
added introspection flag to client bootstrap
2013-01-02 14:16:31 -05:00
4068952a81
fixed well size, added comment
2013-01-02 10:19:55 -05:00
655092a12b
added introspection checkbox, added access tab
...
Signed-off-by: Justin Richer <jricher@mitre.org>
2012-12-21 16:38:52 -05:00
9a1b2d7fac
made client edit page tabbable (that was seriously easy)
2012-12-21 16:26:34 -05:00
48866c15f2
button display cleanup
2012-12-21 16:07:59 -05:00
a85b1f5d74
split approved sites into two tables
2012-12-21 15:35:33 -05:00
198a45369a
buttonsize tweak
2012-12-21 15:03:45 -05:00
f12efc1b80
added dynreg caution block
2012-12-21 14:48:15 -05:00
231e81a426
updated icons
2012-12-21 14:28:07 -05:00
797d521691
cleaned up logged-in button
2012-12-21 13:04:33 -05:00
7ebbe3acc4
removed mockups
2012-12-21 11:01:22 -05:00
7459767646
fixed validation problem with new backbone
2012-12-20 17:46:34 -05:00
37bca0d5fb
cleaned out backbone validation plugin
2012-12-20 17:31:22 -05:00
9dd54d47bb
updated versions of backbone and underscore
2012-12-20 17:31:08 -05:00
e0672757bf
update to bootstrap 2.2.2
2012-12-20 12:44:02 -05:00
8ad28b41aa
fixing CSS and collapsing headerbar
2012-12-20 12:35:30 -05:00
67a682d53a
added default router to backbone app
2012-12-18 13:56:57 -05:00
87788f0710
let users visit home page without logging in
2012-12-18 13:56:46 -05:00
f265347311
tweaked error messages
2012-12-18 12:08:36 -05:00
18ddd8333f
added flag to allow introspection, relaxed same-client restrictions on introspection and chained tokens
2012-12-18 11:07:24 -05:00
6eabc895b9
moved database file to a reasonable name
2012-12-17 13:45:39 -05:00
1f53f41648
generic entity view now takes optional HttpStatus argument
2012-12-14 17:35:21 -05:00
a3790f943e
cleaned up introspection endpoint to use exceptions
2012-12-14 17:35:20 -05:00
e5206f2b92
implemented jwt assertions for id tokens
2012-12-14 17:35:20 -05:00
51b67ebc03
added queries to get access token from id token
2012-12-14 17:35:20 -05:00
1853bd7117
added assertion token granter
2012-12-14 17:35:20 -05:00
0d6c96f410
moved JPA adapter to data-context, addresses #242
2012-12-14 09:43:42 -05:00
2a74be5baf
bringing mysql tables up to date
2012-12-13 16:54:21 -05:00
2c104a71e2
cleaned up mysql table
2012-12-13 16:04:45 -05:00
cda6163d0d
null and blank handling
2012-12-12 12:29:14 -05:00
06fad3a41c
moved view for client API
2012-12-11 15:19:11 -05:00
6344a72519
missed a few applicationName references, fixed API JSON rendering
2012-12-11 15:16:18 -05:00
dfd8e9c7c7
removed unused view
2012-12-11 15:15:52 -05:00
dd04df6a22
fixed javascript bugs
2012-12-11 14:08:10 -05:00
f12d3c7d30
fixed variable reference
2012-12-11 13:37:14 -05:00
920777128d
switched to uncompressed jquery
2012-12-11 13:29:19 -05:00
829c8ae5f4
tweaked functionality of grant types and scopes
2012-12-11 13:16:33 -05:00
cc36851bdd
propagated field name change to UI
2012-12-11 12:38:55 -05:00
179903b074
propagated client changes to service
2012-12-11 12:31:01 -05:00
2f7891d02c
updated mysql table to new schema
2012-12-11 12:27:24 -05:00
bcfa37040e
missed one
2012-12-11 12:18:51 -05:00
33ceedb283
added scope and grant_type, switched to timeunit
2012-12-11 12:11:09 -05:00
e2bc15c2b2
beginning of client registration refactor to track IETF dynreg spec
2012-12-10 17:36:33 -05:00
94c37f5815
added redelegate scope to client list, fixed inconsistency with refresh token issuance (addresses #239 )
2012-12-10 16:53:05 -05:00
510ddb48b7
override the correct part of the token granter class
2012-12-10 15:54:37 -05:00
bdcc6af096
temporary sanity check for client ID's
2012-12-10 11:40:03 -05:00
cab0839430
added workarounds for quirks in SECOAUTH
2012-12-10 11:27:28 -05:00
edc96d646c
added chained token grant
2012-12-10 10:48:38 -05:00
54708fb0ac
fixed id token scopes (shouldn't inherit from parent token)
2012-12-10 10:11:02 -05:00
2a206654b6
added client credential protection to revocation endpoint
2012-12-07 17:17:19 -05:00
e38b2b0ba5
shortened revocation endpoint url
2012-12-07 17:16:03 -05:00
fbc3c46128
Introspection now draft spec compliant, requires client auth
...
Currently this is the client that originally sent the token, we want to have a way to bind other "clients" to this token as well, like resource services. Also want to let open calls, sometimes.
2012-12-07 17:12:13 -05:00
544e3d7b43
added copy constructors because Dave likes to use unmodifiable sets for no apparent reason
2012-12-07 10:06:10 -05:00
64ef752f08
added refresh token granter for testing
2012-12-07 09:56:43 -05:00
7561ac9e8c
client dynamic registration now protected by access token, addresses #199
2012-12-06 17:48:23 -05:00
7342da6a51
completed making id tokens into access tokens
2012-12-06 16:24:04 -05:00
e4f9fa2bbf
labeled introspection endpoint
2012-12-06 16:19:25 -05:00
17374a57e0
added ISO date format to generic entity view, addresses #232
2012-12-06 16:15:14 -05:00
3378cd5c4c
cleaned table
2012-12-06 14:24:38 -05:00
Justin Richer