github
/
OpenID-Connect-Java-Spring-Server
mirror of https://github.com/mitreid-connect/OpenID-Connect-Java-Spring-Server
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
2,767 Commits
17 Branches
69 Tags
78 MiB
Commit Graph

1528 Commits (415cd2e41cfc97de98cfd6c5041345767282ed9d)

Author SHA1 Message Date
Enrico Vianello 1329edd6ae Merge remote-tracking branch 'origin/issue/iam-579' into v1.3.6 2023-07-12 19:20:11 +02:00
Enrico Vianello d58c826937
Merge pull request #4 from indigo-iam/merge-remote 
Merge updates from source repo into our development branch
 2023-07-12 19:12:01 +02:00
Enrico Vianello 66caae9589 Merge remote-tracking branch 'mitre/master' into merge-remote 2023-07-12 18:46:54 +02:00
Enrico Vianello bd24a3b85d Clear access tokens in one query 2023-07-12 16:44:32 +02:00
Enrico Vianello 8b26560ff4 Bump version to v1.3.6.cnaf-SNAPSHOT 2023-07-12 16:44:03 +02:00
rmiccoli f86ab09f65 Fix query name 2023-06-16 17:50:28 +02:00
rmiccoli b72baa335f Change query in order to search by AT value hash 
instead of AT value
 2023-06-16 17:34:59 +02:00
shrexster42 7e85d2575e
Merge branch 'mitreid-connect:master' into master 2022-04-17 18:16:56 +01:00
faidh 2c41e6a267 Add SNAPSHOT back to pom files 2022-03-29 11:29:22 -04:00
faidh 8a58d12600 Merge latest MitreID with updated 3pps back to GitHub fork 2022-03-29 11:29:22 -04:00
Andrea Ceccanti c6c4af6d12 Bumped version 2022-01-10 20:10:12 +01:00
Justin Richer f5df762153 [maven-release-plugin] prepare for next development iteration 2021-12-20 13:09:11 -05:00
Justin Richer a0bd2c70ac [maven-release-plugin] prepare release mitreid-connect-1.3.4 2021-12-20 13:09:08 -05:00
shrexster42 6906f616e2 Upgrade to Java 11 and Spring 5 2021-12-18 22:30:43 +00:00
Andrea Ceccanti 5b96fb6512 Fix date format 2021-10-25 18:06:42 +02:00
Andrea Ceccanti 85891ecd39 Removed obsolete tests 2021-10-25 17:55:28 +02:00
Andrea Ceccanti 12bfab4f55 MitreID code compiles against latest Spring libraries 2021-10-25 17:13:07 +02:00
Andrea Ceccanti 711a2e7eab Fix maven warnings 2021-10-25 16:55:53 +02:00
Andrea Ceccanti 699669977b Make client details service transactional 
This fixes transaction management errors observed when deleting
dynamically registered clients from the client management API.
 2021-08-03 11:43:45 +02:00
Andrea Ceccanti 096466268d Bump version to 1.3.5.cnaf.20210803 2021-08-03 11:43:32 +02:00
Michael Stepankin 7eba3c12fe Fix Spring Autobinding vulnerability 
1. Make authorizationRequest no longer affected by http request parameters due to @ModelAttribute. See http://agrrrdog.blogspot.com/2017/03/autobinding-vulns-and-spring-mvc.html
 2021-02-18 16:13:36 -05:00
Andrea Ceccanti be8f32452e Propagate refresh token request to token enhancer 2020-01-19 21:22:20 +01:00
Andrea Ceccanti 9d0967f529 Enable audience handling in IAM for refresh token flow 2020-01-15 21:50:34 +01:00
Andrea Ceccanti 2c48a4625c Fix scope checking in refresh token flow 2020-01-15 16:33:16 +01:00
Andrea Ceccanti caa687f979 Improved DI for client validator 2019-10-04 13:09:07 +02:00
Andrea Ceccanti 846727e9b3 Move dyn client validation to dedicated service 
Which allows easier overriding for integrations
 2019-10-04 07:40:16 +02:00
Andrea Ceccanti 68b2cc6a8c Bumped version to 1.3.5.cnaf.v20190827 2019-08-27 18:00:53 +02:00
Andrea Ceccanti 9683cd6158 Fix device code timeout setting for dynreg clients 2019-07-05 06:53:07 +02:00
Justin Richer 621e86e62d [maven-release-plugin] prepare for next development iteration 2019-04-19 16:04:45 -04:00
Justin Richer 73459f0348 [maven-release-plugin] prepare release mitreid-connect-1.3.3 2019-04-19 16:04:40 -04:00
Martin Kuba ae7debba2f added refresh_token into grant_types_supported 2019-03-07 12:14:30 -05:00
Andrea Ceccanti e3392dd759 Merge upstream 1.3.5 with our local changes 2019-02-22 19:20:50 +01:00
Andrea Ceccanti 0ba26c1c03 inthemerge 2018-11-28 14:38:27 +01:00
鄭脈龍 676451c73d fix bug #1397 Attempting to execute an operation on a closed EntityManager. 2018-06-21 10:05:49 +08:00
Andrea Ceccanti 1136a048df Bumped version to 1.3.4.cnaf 2018-05-17 15:58:23 +02:00
Justin Richer ea6960e66a
Merge pull request #1259 from sbke/patch-1 
Adjustment to generate longer codes
 2018-05-03 14:48:52 -04:00
Justin Richer dd922b4cf7
Merge pull request #1378 from ketola/fetch-tokens-by-sub 
Fetch tokens by user name
 2018-05-03 14:44:51 -04:00
Justin Richer 938d7e00c2 Merge branch 'ondrejvelisek/verification-uri-complete' 
Closes #1386
 2018-05-03 14:39:23 -04:00
Justin Richer a596cc1fd4 Made full URLs for device flow switchable server-wide instead of per-client 2018-05-03 14:37:50 -04:00
Justin Richer 7ad29ae9c6 Revert "Add possibility to disable verification_uri_complete per client" 
This reverts commit dae674af67.
 2018-05-03 13:59:38 -04:00
ondrejvelisek dae674af67 Add possibility to disable verification_uri_complete per client 2018-05-01 13:46:23 +02:00
ondrejvelisek 67c87d56a6 Add support for verification_uri_complete 2018-05-01 10:45:49 +02:00
Andrea Ceccanti 2eb5d1b3e2 Set device code validity in seconds for dynreg clients 2018-04-27 19:35:03 +02:00
Evan Lennick fe000d91cb undid autoformatting again 2018-04-23 14:30:43 -04:00
Evan Lennick 011bf8adb8 addressed review feedback 2018-04-23 14:29:38 -04:00
Evan Lennick 0ee4ee2f58 undid some autoformatting changes 2018-04-21 13:22:17 -04:00
Evan Lennick 0b531a0fd3 fixed an issue where missing locales would generate a lot of ERROR level log messages 2018-04-21 13:19:44 -04:00
Andrea Ceccanti 92c47c5449 Bumped version to 1.3.3.cnaf.rc0 2018-04-12 15:30:26 +02:00
Andrea Ceccanti f09efec031 dynreg: filter requested grant types 
This commit introduces filtering on requested grant types for
dynamically registered clients.

Since extension on the library could support additional grant types,
here we want to be strict about known grant types that cannot be
requested at dynamic client registration (or update) time, but at the
same time we want to preserve grant types that could have been granted
to a client by an administrator.

So at client registration time the list of requested grant types is
filtered to only allow grant types currently enabled for dynamically
registered clients.

OTOH, at client update time the same filtering is implemented while at
the same time preserving grant types assigned the client in other ways.
 2018-04-12 15:24:52 +02:00
Sauli Ketola e6a8e0c17d Integration tests for new repository methods 2018-04-11 13:16:28 +03:00