github
/
OpenID-Connect-Java-Spring-Server
mirror of https://github.com/mitreid-connect/OpenID-Connect-Java-Spring-Server
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
2,559 Commits
17 Branches
69 Tags
78 MiB
Commit Graph

1412 Commits (3e5e7a0f0b9fc9b20db7d5e9827c589f1c10d477)

Author SHA1 Message Date
Justin Richer d75bba218d forbid password grant type in HEART mode 2016-03-10 12:30:48 -05:00
Justin Richer 699e9bff39 testing for multiple classes of redirect URIs 2016-02-24 16:34:58 -05:00
Justin Richer 38710bd3d2 unit tests for HEART mode 2016-02-24 15:33:52 -05:00
Justin Richer 74ea42851b added check for HEART mode consistency 2016-02-24 13:09:58 -05:00
Justin Richer 028265faa6 pulled scope values to externalized strings 2016-02-24 13:09:39 -05:00
Justin Richer 5bccb602d8 always perform strict redirect URI matches in HEART mode 2016-02-24 13:09:00 -05:00
Justin Richer 51e3513307 disallow client secret JWT authentication in HEART mode 2016-02-24 13:07:14 -05:00
Justin Richer d0d6ae2ad8 [maven-release-plugin] prepare for next development iteration 2016-02-23 19:02:05 -05:00
Justin Richer 7f5b70e9e1 [maven-release-plugin] prepare release mitreid-connect-1.2.5 2016-02-23 19:02:02 -05:00
Justin Richer 183a599126 fixed OIDC discovery relation URL 2016-01-29 17:17:35 -05:00
Justin Richer 61433cc23a deepen webfinger, endpoint is looser 
closes #1008
 2016-01-29 15:38:17 -05:00
Justin Richer 82a1e49e79 [maven-release-plugin] prepare for next development iteration 2016-01-21 15:55:56 -05:00
Justin Richer e6684fb7a8 [maven-release-plugin] prepare release mitreid-connect-1.2.4 2016-01-21 15:55:53 -05:00
Misagh Moayyed 3d14b0d128 rename zone_info claim to zoneinfo 2016-01-21 15:52:59 -05:00
Justin Richer 7badfe1d17 Happy new year 2016! 2016-01-21 15:50:37 -05:00
Justin Richer d1033b693f added privacy-preserving client logo cache 2015-12-21 15:51:39 -05:00
Justin Richer e828f3f18d [maven-release-plugin] prepare for next development iteration 2015-12-21 10:31:49 -05:00
Justin Richer 01ca5ef8e2 [maven-release-plugin] prepare release mitreid-connect-1.2.3 2015-12-21 10:31:47 -05:00
Justin Richer aa878cc3cf pulled checks for expired tokens into utility functions 2015-12-18 11:22:50 -05:00
Justin Richer 698feb49cd check access token expiration on read. closes #983 2015-12-16 22:46:42 -05:00
Justin Richer 7f464c496b changed copyright to new consortium name 2015-12-16 14:51:12 -05:00
Justin Richer ea77bf2a19 quieted approved site cleanup 2015-12-02 16:51:55 -05:00
Justin Richer 1ed3e2c47a quieted logging on database cleanup tasks when no expired elements are found 2015-11-25 15:55:16 -05:00
Justin Richer fcfc620d51 updated client API with more useful errors, removed unused service reference 2015-11-25 15:42:09 -05:00
Justin Richer 2496dc114c allow language system to be loaded from multiple files. closes #817 closes #876 2015-11-24 20:33:55 -05:00
Justin Richer e255fc1a10 change default behavior of message source, closes #964 2015-11-24 20:33:54 -05:00
Cosmin Cojocar 7b34a666d9 Make the dual client support configurable 2015-11-24 12:10:27 -05:00
Cosmin Cojocar a80953a2d4 Allow both flows authorization code and client credentials. This scenario might be found when the same client supports user authentication as well as service to service authentication. Such a client is trusted (whitelisted). 2015-11-24 12:10:27 -05:00
Mark Janssen dce80d488b Clean up ScopeClaimTranslationService 
`getFieldNameForClaim` method is never used.
 2015-11-23 21:35:16 -05:00
Justin Richer 2deec98b58 [maven-release-plugin] prepare for next development iteration 2015-10-13 18:56:47 -04:00
Justin Richer d96b2dc130 [maven-release-plugin] prepare release mitreid-connect-1.2.2 2015-10-13 18:56:44 -04:00
Justin Richer 96f4d5e8a8 fixed use of wrong constant, closes #940 2015-10-13 18:08:56 -04:00
Justin Richer c9358f348a added transactional annotations, finally closes #926 addresses #862 2015-10-13 16:59:11 -04:00
Justin Richer e1e892377f added cleaner for duplicate refresh tokens 2015-10-13 15:38:07 -04:00
Justin Richer 542afca459 cleans duplicate access tokens from DB before other cleanup happens 2015-10-13 15:33:23 -04:00
Justin Richer ebb4f2c3d4 Upgraded to nimbus 4.2, closes #934 2015-10-13 04:40:01 -04:00
Justin Richer c67611e975 added qualifier name to persistence unit and transaction manager, closes #883 2015-10-12 21:15:30 -04:00
Justin Richer d280ca40a4 login hints now handled in a slightly smarter (and more pluggable) manner, closes #851 2015-10-12 20:04:02 -04:00
Mark Janssen b5c298e0ca Remove legacy CSRF protection for approve page 
Instead, we rely on the Spring Security CSRF protection, like we already do for the login page. Additionally, we remove the authentication check in`isApproved`, because this is already done by Spring Security (and if not, we have bigger problems to worry about).
 2015-10-09 17:09:46 +02:00
Justin Richer 8b362f23f3 [maven-release-plugin] prepare for next development iteration 2015-10-02 18:53:48 -04:00
Justin Richer e384a6257b [maven-release-plugin] prepare release mitreid-connect-1.2.1 2015-10-02 18:53:45 -04:00
Justin Richer 4063f7f94f user info endpoint response uses correct client algorithms, addresses #921 2015-10-02 18:48:11 -04:00
Justin Richer acb3d03052 added 'kid' to all signed tokens, closes #899 2015-10-01 18:54:38 -04:00
Justin Richer d3f8ff2855 added JTI to ID tokens, closes #900 2015-10-01 17:24:47 -04:00
Justin Richer 9822748209 grabbed additional places that mention updated_time/updated_at 2015-10-01 15:53:21 -04:00
Sarah Squire 31ea96ce27 Update DefaultOIDCTokenService.java 
fixed typo
 2015-10-01 15:34:01 -04:00
Justin Richer 22c05ec51b [maven-release-plugin] prepare for next development iteration 2015-08-05 12:07:47 -04:00
Justin Richer e6b64cd9cd [maven-release-plugin] prepare release mitreid-connect-1.2.0 2015-08-05 12:07:44 -04:00
Justin Richer 489450b1c2 automated code format cleanup 2015-08-05 12:04:14 -04:00
Justin Richer 15c2b57730 [maven-release-plugin] prepare for next development iteration 2015-07-30 14:00:20 -04:00
Justin Richer 8317c759f1 [maven-release-plugin] prepare release mitreid-connect-1.2.0-RC2 2015-07-30 14:00:18 -04:00
Justin Richer 0740443768 added claims redirect uri set to client model for UMA usage 2015-07-30 13:56:14 -04:00
Justin Richer a4e75ed733 [maven-release-plugin] prepare for next development iteration 2015-07-09 18:29:14 -04:00
Justin Richer 58a47d0e46 [maven-release-plugin] prepare release mitreid-connect-1.2.0-RC1 2015-07-09 18:29:12 -04:00
Justin Richer 0714ed514e fixed errant unit test 
why do they always get away like that??
 2015-07-09 18:16:42 -04:00
Justin Richer 064f36ef6c clean up resource sets when clients are deleted 2015-07-09 18:07:19 -04:00
Justin Richer d1c069ad1e clean up permissions and access tokens when a resource set is revoked 2015-07-09 16:40:07 -04:00
Justin Richer 7345a03aaa added UMA import, closes #811 even harder 2015-07-09 11:48:52 -04:00
Justin Richer bcd8a96b5d UMA data export, closes #811 2015-07-08 21:27:15 -04:00
Justin Richer a3360e9561 externalized strings in data API (1.2) 2015-07-08 18:05:17 -04:00
Justin Richer 4a382f2b1c updated unit tests to new structure 2015-07-08 17:32:15 -04:00
Justin Richer 8c822c0f54 detached whitelist from approved sites, closes #781 2015-07-08 17:22:55 -04:00
Justin Richer c4aaa29ffc updated unit tests for new refresh token mode 2015-06-25 12:44:52 -04:00
Justin Richer d9efeb3b67 added clear access tokens to export/import 2015-06-25 12:40:28 -04:00
Justin Richer 2f4d9ce54b clearing out refresh tokens is now configurable, closes #409 2015-06-25 12:07:38 -04:00
Justin Richer 8359ac2813 fixed refresh token lookup 2015-06-25 11:55:58 -04:00
Justin Richer d2a393f7f9 converted error handlers to a single @ControllerAdvice class, closes #788 2015-06-24 17:26:10 -04:00
Justin Richer f4a1b27e2e better handling of HTTP and JSON errors on network fetches, added http-forcing behavior for webfinger client and sector URL service 2015-06-23 22:21:18 -04:00
Justin Richer f7a082d4b8 wrapped timestamp injection in a null-safe block, with warning; closes #849 2015-06-23 20:57:24 -04:00
Mark Janssen 9e74e40453 Use diamond syntax instead of explicit types 2015-06-03 10:24:48 -04:00
Mark Janssen 6dc2b2cb5e Various small improvements/bugfixes 2015-06-03 10:24:41 -04:00
Justin Richer d1e8529a7b expose ID Token and UserInfo to the AuthoritiesProvider and AuthoritiesMapper, both extensible 
closes #699
closes #761
 2015-06-01 21:11:19 -04:00
Justin Richer 4655650a68 added OAuth error display page, closes #559 2015-06-01 19:21:32 -04:00
Justin Richer dfc8df42f5 moved server configuration injection to pre-request 2015-06-01 19:09:42 -04:00
Justin Richer 79317d5b70 JWK Set by value added to admin UI, addresses #826 2015-06-01 15:35:21 -04:00
Justin Richer e43600494a minor automated code cleanup 2015-06-01 15:35:20 -04:00
Justin Richer 642942b5cf Generalized client key handling into a single cache service 2015-06-01 15:35:20 -04:00
Justin Richer 032d41e5ed added JWKs-by-value support to client data model and API, closes #826 2015-06-01 15:35:20 -04:00
Justin Richer 8d3a8471aa updated refresh token to use converter instead of dummy field 2015-05-29 12:58:00 -04:00
Justin Richer 9662f3e8b3 switched access token to using converter instead of dummy field 2015-05-29 12:40:50 -04:00
Justin Richer 9ba1a78d09 removed binary objects from data API importers, removed binary object JSON utility entirely 2015-05-27 19:33:05 -04:00
Justin Richer c974267cde return prompt=none error to client, closes #667 2015-05-27 12:11:41 -04:00
Justin Richer cbf6316050 cleaned up logic on user info interceptor to fix detection of redirects 2015-05-27 12:06:58 -04:00
Justin Richer fe6d2f8a6e updated and expanded unit tests to account for new data layer 2015-05-26 22:00:21 -04:00
Justin Richer d5a08d4996 cleaned up vestigial service component, to be fixed (maybe) in #825 2015-05-26 22:00:21 -04:00
Justin Richer d9e03b769b fixed auth holder reference handling, import/export works now 2015-05-26 22:00:21 -04:00
Justin Richer 3d1aee77b4 updated 1.2 import to reflect new objects 2015-05-26 22:00:21 -04:00
Justin Richer 441b19f0c5 fixed data export to comply with new auth holder 2015-05-26 22:00:21 -04:00
Justin Richer a7905c9f82 only save strings in the Extensions map 2015-05-26 22:00:20 -04:00
Justin Richer cb8abca0f6 removed embedded JOSE classes in favor of converters 2015-05-22 13:04:21 -04:00
Justin Richer 6be2b4f65e added ES* and PS* support for signed objects 2015-05-22 13:04:21 -04:00
Justin Richer 04dc037f9e fixed unit tests to account for refresh token rotation 2015-05-14 11:17:10 -04:00
Justin Richer aeed2fa003 issue new refresh tokens for clients who are configured for it, closes #408 2015-05-13 18:01:49 -04:00
Justin Richer 31d5e3ad0e echo back requested scopes in error thrown by validator, closes #708 2015-05-13 16:55:28 -04:00
Justin Richer 52b1bda8d8 version match and cleanup 2015-05-12 21:00:44 -04:00
Justin Richer 24a464e142 put in a dummy resource set service so that introspection can pass through 2015-05-12 20:30:05 -04:00
Justin Richer a2edb31753 moved UMA server to its own module 2015-05-12 15:59:03 -04:00
Justin Richer 7188a06488 added deletion functionality to UI 2015-05-12 11:16:51 -04:00
Justin Richer 43a432eb9a removed extraneous TODO 2015-05-12 10:31:22 -04:00
Justin Richer ed7799b54a make RPTs optionally expire, closes #794 2015-05-11 19:00:26 -04:00