github
/
OpenID-Connect-Java-Spring-Server
mirror of https://github.com/mitreid-connect/OpenID-Connect-Java-Spring-Server
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
2,009 Commits
17 Branches
69 Tags
78 MiB
Commit Graph

2009 Commits (45754d3b758b142ad398e4e5d775510848a9c3ab)

Author SHA1 Message Date
Justin Richer e67a41c556 added transient passthroughs to JOSE algorithms for client 2013-09-12 14:08:37 -04:00
Justin Richer c9aa42dbef better processing for signed request objects 2013-09-12 13:56:10 -04:00
Justin Richer f9ca15139d added phone-number verified, addresses #505 
affects #455
 2013-09-12 10:19:14 -04:00
Justin Richer 6cbed133b2 let user know that the client is using a pairwise identifier on approval 2013-09-11 17:39:55 -04:00
Justin Richer a9f639a718 moved subject type and sector identifier controls to the 'access' tab 2013-09-11 17:14:35 -04:00
Justin Richer 6b66139ead added unit test for uuid service 2013-09-11 15:28:00 -04:00
Justin Richer 0281cf02fe calculate pairwise based on redirect uri rather than client id 2013-09-11 14:37:17 -04:00
Justin Richer f6a8ac4529 added unit test for default userinfo service (with pairwise checks) 2013-09-11 11:59:40 -04:00
Justin Richer b1a6127d06 added equality checks to data model objects 2013-09-11 11:59:40 -04:00
Justin Richer 77c0473438 fixed comparison order to be null safe 
cleaned up type check
 2013-09-11 11:59:34 -04:00
Justin Richer dbdc2e777d added pairwise identifier service and repository 2013-09-10 17:15:58 -04:00
Justin Richer bdf62eaa36 need to check the sector identifier at some point 2013-09-10 16:35:51 -04:00
Justin Richer 914f2e4d93 added new call to get the UserInfo in context with the requesting client to allow for pairwise identifiers. 
temporary implementation of pairwise identifiers in place
 2013-09-10 16:01:17 -04:00
Justin Richer 596b385d2a interceptor shouldn't ever overwrite stuff from the base model 2013-09-10 15:27:04 -04:00
Justin Richer 149fb1bac1 services shouldn't be transactional 2013-09-10 15:26:09 -04:00
Justin Richer c3b90b9d71 removed old form value from fetcher 2013-09-10 15:06:38 -04:00
Justin Richer 29d1c7d54a userinfo endpoint now uses OAuth2Authentication exclusively 
(which is all it was really doing before)
 2013-09-10 14:16:34 -04:00
Justin Richer ac42c00062 id token now uses userinfo's sub 2013-09-10 13:50:49 -04:00
Justin Richer f139541485 added randomized subs to demo users 2013-09-10 13:48:37 -04:00
Justin Richer ded7c66c78 fixed misleading error message 2013-09-10 13:46:49 -04:00
Justin Richer b9da10d176 look up by username instead of subject 2013-09-10 11:39:00 -04:00
Justin Richer 9ea82aacf0 clean up unused getter/setter 2013-09-10 11:38:42 -04:00
Justin Richer 9720b60f05 allow loading of structured scopes from scopes.sql file (and temp tables) 2013-09-06 16:07:25 -04:00
Justin Richer 5e676e0e59 fixed scope UI 2013-09-06 16:07:25 -04:00
Justin Richer 2b663bb23c UI for scope editing 2013-09-06 16:07:25 -04:00
Justin Richer 469e722f72 defer to system scope matcher in approval handler 2013-09-06 16:07:25 -04:00
Justin Richer 99ad9b883e added validator that knows how to deal with structured scopes 2013-09-06 16:07:25 -04:00
Justin Richer 59187d47e4 use new unified parsing for approval page 2013-09-06 16:07:25 -04:00
Justin Richer 85533d50cf scope comparison for TofuUserApprovalHandler 2013-09-06 16:07:25 -04:00
Justin Richer 1c4c53f252 scope comparison for introspection endpoint 2013-09-06 16:07:24 -04:00
Justin Richer 61544ed774 cleanup 2013-09-06 16:07:24 -04:00
Justin Richer 6152a943d8 serialize structured scopes properly (with tests) 2013-09-06 16:07:24 -04:00
Justin Richer 72f0ab631d added transient structured value to system scope, added scope matcher function to scope service 2013-09-06 16:07:24 -04:00
Justin Richer 1ef18a3a93 missed a service definition 2013-09-06 16:07:24 -04:00
Justin Richer 3fc34f15c8 added structured scope update to mysql (affects #455) 2013-09-06 16:07:24 -04:00
Josh Mandel b416888b07 Structured Scopes from BB+ 2013-09-06 16:07:24 -04:00
Justin Richer 6851224e42 fixed token expiration parsing 2013-09-06 15:55:34 -04:00
Justin Richer 94ddc77668 fixed scope parsing on token implementation, too 
Conflicts:

	openid-connect-client/src/main/java/org/mitre/oauth2/introspectingfilter/AuthorizationRequestImpl.java
 2013-09-06 15:55:18 -04:00
Justin Richer a9710899cd removed vestigial client config service 2013-09-06 15:53:24 -04:00
Justin Richer 2201206f0e refactored token introspection packages to support different client credentials at different services 2013-09-06 15:53:24 -04:00
Justin Richer 127507246e if the client doesn't ask for any system scopes, but asks for some non-system scopes, they'll now get the defaults instead of none 
addresses #498
 2013-09-06 13:30:22 -04:00
Justin Richer 64bbb73d1b cleaned up CORS filter implementation 2013-09-03 16:01:19 -04:00
Justin Richer 6ff4ae1458 added CORS filter 2013-09-03 15:17:18 -04:00
Justin Richer 81cb60ad7b made introspection and revocation work with basic auth (and possible OAuth tokens, but that needs more work) 2013-09-03 15:17:16 -04:00
Justin Richer 0a962e17fa stopgap to prevent some leaks due to #492 2013-08-30 16:38:11 -04:00
Justin Richer bdbff8d45c tell spring to not stuff model into the redirects, partially addresses #492 2013-08-30 16:38:07 -04:00
Justin Richer 84f097edf4 removed outdated client credentials filter, addresses #491 2013-08-30 11:48:52 -04:00
Justin Richer d7be122a21 added basic user profile view implementation 2013-08-29 17:33:42 -04:00
Justin Richer 55ea880396 hide admin panels from non-admin users, addresses #472 2013-08-29 17:15:13 -04:00
Justin Richer 235029ba0e inject user's authorities into javascript context 2013-08-29 16:58:36 -04:00