Commit Graph

253 Commits (4897baf8f3099bed335acc3cf042341f48335405)

Author SHA1 Message Date
Justin Richer 617d485478 updated all references to media types to use constants instead of literals, closes #767 2015-03-11 12:06:38 -04:00
Justin Richer c09b63c69f made logger declarations consistent across project, closes #780 2015-03-08 21:56:33 -04:00
Justin Richer 7a1480bb07 moved and consolidated json utilities 2015-02-26 16:20:01 -05:00
Justin Richer b376bc6059 removed some vestigial service/repository calls, closes #513 2015-02-17 16:22:40 -05:00
Justin Richer 994ce6c743 consistently named JOSE-based classes, closes #529 2015-02-17 12:11:58 -05:00
Justin Richer 685960358c formatting cleanup 2015-02-17 11:08:46 -05:00
Justin Richer e2349984b8 happy new year 2015! 2015-02-17 10:24:08 -05:00
Justin Richer a9544059cf flagged spurious serialization warnings from the libraries (we're not actually serializing things here) 2015-02-16 12:31:43 -05:00
Justin Richer 77c06e9557 replaced deprecated http components calls, closes #744 2015-02-16 12:31:16 -05:00
Justin Richer 3708b531df moved requirement to different component, closes #759
also cleaned up comments in filter
2015-02-16 11:16:24 -05:00
Justin Richer bbeaeb06e3 added option to send skip sending nonce if desired, closes #704, closes #683, 2014-12-18 23:22:59 -05:00
William Kim 9aa45f8efb Made the constructor public for OIDCAuthentication filter. 2014-12-18 20:55:15 -05:00
Justin Richer 69c19d35fa moved test into test package 2014-11-13 22:17:45 -10:00
Justin Richer 775b77b367 updated date format of token introspection response, closes #719 2014-11-13 11:08:20 -10:00
Justin Richer bc9942e929 relaxed issuer constraints in client, closes #638 2014-11-01 23:46:57 +00:00
Justin Richer 3f5e2acfeb if no alg is explicitly set, use the default from the signer 2014-10-23 22:09:02 -04:00
David Steinkopff 659880b4dc fix broken dependency declaration, that follow up to org.springframework.beans.NotWritablePropertyException: Invalid property 'jwkKeyList' of bean class exception 2014-10-14 20:30:50 -04:00
Justin Richer c683131f12 externalized view name strings and tied them to view beans 2014-09-28 22:25:39 -04:00
Justin Richer a704277652 Removed exceptions from @PostConstruct methods, closes #663 2014-09-28 21:12:46 -04:00
Justin Richer b0cce924a2 JsonFileRegisteredClientService now writes out entire client registration to disk, closes #651 2014-08-01 00:01:56 -04:00
Brenden Keyes 863dbd17b8 Added setClientConfigurationService method. 2014-07-31 22:26:04 -04:00
Justin Richer 325a200f16 added configurable support for different token presentation methods in user info fetcher, closes #632 2014-07-20 09:27:02 -07:00
Justin Richer c7a6c4fafe added support for unsigned ID tokens in client, use client configuration to turn this on, closes #633 2014-07-16 22:18:07 -04:00
Justin Richer 9f9b49fc63 refactored validator checks to cascade better, throw an authentication exception if we can't find a validator for the ID Token 2014-06-18 18:17:14 -04:00
Christopher Elkins 1dc204f975 Validate HMAC-signed ID tokens 2014-06-18 18:10:33 -04:00
Justin Richer 0c8cacd59a added missing copyright headers 2014-05-27 13:46:47 -04:00
Justin Richer 525f3aa2a8 Cleaned up indentation, whitespace, and imports. 2014-05-27 13:02:49 -04:00
Justin Richer 27e68f1d56 added service to optionally check "target_uri" links, closes #547 2014-05-23 16:50:18 -04:00
Justin Richer e4d5f4a540 added system wide cache for all symmetric validators, closes # 557 2014-05-23 16:16:06 -04:00
Justin Richer ca333d256b Appropriately catch runtime exceptions in all guava caches, closes #603 2014-05-23 15:00:40 -04:00
Brenden Keyes 90b10d7bad Added Getter/Setter for IntospectionAuthorityGranter. Still defaults to SimpleIntrospectionAuthorityGranter 2014-04-18 23:06:06 -04:00
Justin Richer 79bd7e420c made scope handling consistent for introspection services (now a space-separated string), closes #570 2014-04-03 22:47:28 -04:00
Justin Richer 53cc7ef447 Fixed audience claim on client auth assertion 2014-03-06 19:45:05 +00:00
Justin Richer 3629ff5e2f added signed authentication assertion support to client, closes #558 2014-03-06 16:44:31 +00:00
Justin Richer 1289d4737a Changed references of DefaultHttpClient to SystemDefaultHttpClient to inherit system proxy settings, should address #548 2014-02-04 10:51:14 -05:00
Justin Richer d946cfb4a7 added support for target uri parameter in third party issuer (or other custom issuer that sets the right flag on return), closes #539 2014-01-20 17:07:35 -05:00
Justin Richer 3b52ce8201 happy new year! 2014-01-20 12:38:42 -05:00
Justin Richer ebbc7209aa automated code formatting and cleanup 2013-12-03 14:19:34 -05:00
Justin Richer 49a7db6c6e Sanity check on client template object for dynamic registration client-side service 2013-11-27 11:37:07 -05:00
Justin Richer 27f391ef01 Fixed compilation errors for SECOAUTH milestone updates 2013-11-25 09:31:50 -05:00
Justin Richer c896bef2e8 Created hybrid issuer service, addresses #509 2013-09-24 22:02:02 -04:00
Justin Richer 0ff7cb75a0 made userinfo fetching optional, addresses #510 2013-09-24 22:01:56 -04:00
Justin Richer 8fc6de0a6d hybrid service instantiates inner members, addresses #508 2013-09-24 22:01:48 -04:00
Justin Richer b2b915b4ae explcitly set alg and enc instead of trying to guess 2013-09-16 17:27:05 -04:00
Justin Richer fb2f2f9792 spelling, property access, and cleanup 2013-09-16 17:27:04 -04:00
Justin Richer 2ca713c7f2 added encrypted request object service to client, addresses #475 2013-09-16 17:27:04 -04:00
Justin Richer 1d0560edbc refactored some json utils to their own static class 2013-09-16 17:27:04 -04:00
Justin Richer 6605877a1b added encryption/decryption to cached JWK-URI service 2013-09-16 17:27:04 -04:00
Justin Richer c3b90b9d71 removed old form value from fetcher 2013-09-10 15:06:38 -04:00
Justin Richer ded7c66c78 fixed misleading error message 2013-09-10 13:46:49 -04:00
Justin Richer 6851224e42 fixed token expiration parsing 2013-09-06 15:55:34 -04:00
Justin Richer 94ddc77668 fixed scope parsing on token implementation, too
Conflicts:

	openid-connect-client/src/main/java/org/mitre/oauth2/introspectingfilter/AuthorizationRequestImpl.java
2013-09-06 15:55:18 -04:00
Justin Richer a9710899cd removed vestigial client config service 2013-09-06 15:53:24 -04:00
Justin Richer 2201206f0e refactored token introspection packages to support different client credentials at different services 2013-09-06 15:53:24 -04:00
William Kim 2108311d65 Revert "refactored code to use the more generic JWT declaration."
This reverts commit e0b56bc72a.
2013-08-26 15:33:08 -04:00
William Kim e0b56bc72a refactored code to use the more generic JWT declaration. 2013-08-26 11:32:46 -04:00
Justin Richer 6a9650d2a7 added configurable support for clients to send extra parameters like display and prompt, addresses #426 2013-08-22 13:52:07 -04:00
Justin Richer 3360117b7b Client library no longer serializes nulls on registration, addresses #478 2013-08-21 10:52:36 -04:00
William Kim a1d6901bcc using nimbusds's new data-type specific claim getter. 2013-08-09 10:06:01 -04:00
William Kim c7495a6ae3 Revert "made having a nonce not required for id tokens iss #464"
This reverts commit d0486cc1ec.
2013-08-09 10:00:53 -04:00
William Kim d0486cc1ec made having a nonce not required for id tokens iss #464 2013-08-09 09:44:31 -04:00
Justin Richer beaeaa4ccc I can spell "consortium", I promise 2013-07-29 17:40:26 -04:00
Justin Richer 856c0ea0b5 Merge commit '023dd440d4a0e6e59a14c88013837d79a77c74e0' into 1.1-merge
Conflicts:
	openid-connect-client/pom.xml
	openid-connect-client/src/main/java/org/mitre/oauth2/introspectingfilter/AuthorizationRequestImpl.java
	openid-connect-client/src/main/java/org/mitre/oauth2/introspectingfilter/IntrospectingTokenService.java
	openid-connect-client/src/main/java/org/mitre/oauth2/introspectingfilter/IntrospectionAuthorityGranter.java
	openid-connect-client/src/main/java/org/mitre/oauth2/introspectingfilter/IntrospectionUrlProvider.java
	openid-connect-client/src/main/java/org/mitre/openid/connect/client/OIDCAuthenticationFilter.java
	openid-connect-client/src/main/java/org/mitre/openid/connect/client/OIDCAuthenticationProvider.java
	openid-connect-client/src/main/java/org/mitre/openid/connect/client/keypublisher/ClientKeyPublisher.java
	openid-connect-client/src/main/java/org/mitre/openid/connect/client/keypublisher/ClientKeyPublisherMapping.java
	openid-connect-client/src/main/java/org/mitre/openid/connect/client/keypublisher/JwkViewResolver.java
	openid-connect-client/src/main/java/org/mitre/openid/connect/client/service/AuthRequestUrlBuilder.java
	openid-connect-client/src/main/java/org/mitre/openid/connect/client/service/ClientConfigurationService.java
	openid-connect-client/src/main/java/org/mitre/openid/connect/client/service/impl/StaticClientConfigurationService.java
	openid-connect-client/src/main/java/org/mitre/openid/connect/client/service/impl/StaticServerConfigurationService.java
	openid-connect-client/src/main/java/org/mitre/openid/connect/client/service/impl/StaticSingleIssuerService.java
	openid-connect-client/src/main/java/org/mitre/openid/connect/client/service/impl/ThirdPartyIssuerService.java
	openid-connect-client/src/test/java/org/mitre/openid/connect/client/AbstractOIDCAuthenticationFilterTest.java
	openid-connect-common/pom.xml
	openid-connect-common/src/main/java/org/mitre/jose/keystore/JWKSetKeyStore.java
	openid-connect-common/src/main/java/org/mitre/jwt/signer/service/JwtSigningAndValidationService.java
	openid-connect-common/src/main/java/org/mitre/jwt/signer/service/impl/DefaultJwtSigningAndValidationService.java
	openid-connect-common/src/main/java/org/mitre/jwt/signer/service/impl/JWKSetSigningAndValidationServiceCacheService.java
	openid-connect-common/src/main/java/org/mitre/oauth2/model/AuthorizationCodeEntity.java
	openid-connect-common/src/main/java/org/mitre/oauth2/model/ClientDetailsEntity.java
	openid-connect-common/src/main/java/org/mitre/oauth2/model/OAuth2AccessTokenEntity.java
	openid-connect-common/src/main/java/org/mitre/oauth2/model/OAuth2RefreshTokenEntity.java
	openid-connect-common/src/main/java/org/mitre/oauth2/model/SystemScope.java
	openid-connect-common/src/main/java/org/mitre/oauth2/repository/AuthorizationCodeRepository.java
	openid-connect-common/src/main/java/org/mitre/oauth2/repository/OAuth2TokenRepository.java
	openid-connect-common/src/main/java/org/mitre/oauth2/service/OAuth2TokenEntityService.java
	openid-connect-common/src/main/java/org/mitre/openid/connect/config/ConfigurationPropertiesBean.java
	openid-connect-common/src/main/java/org/mitre/openid/connect/config/ServerConfiguration.java
	openid-connect-common/src/main/java/org/mitre/openid/connect/model/ApprovedSite.java
	openid-connect-common/src/main/java/org/mitre/openid/connect/model/BlacklistedSite.java
	openid-connect-common/src/main/java/org/mitre/openid/connect/model/Event.java
	openid-connect-common/src/main/java/org/mitre/openid/connect/model/OIDCAuthenticationToken.java
	openid-connect-common/src/main/java/org/mitre/openid/connect/model/WhitelistedSite.java
	openid-connect-common/src/main/java/org/mitre/util/jpa/JpaUtil.java
	openid-connect-server/.gitignore
	openid-connect-server/pom.xml
	openid-connect-server/src/main/java/org/mitre/oauth2/repository/impl/JpaAuthorizationCodeRepository.java
	openid-connect-server/src/main/java/org/mitre/oauth2/service/impl/DefaultOAuth2AuthorizationCodeService.java
	openid-connect-server/src/main/java/org/mitre/oauth2/service/impl/DefaultOAuth2ClientDetailsEntityService.java
	openid-connect-server/src/main/java/org/mitre/oauth2/service/impl/DefaultOAuth2ProviderTokenService.java
	openid-connect-server/src/main/java/org/mitre/oauth2/service/impl/DefaultSystemScopeService.java
	openid-connect-server/src/main/java/org/mitre/oauth2/token/ChainedTokenGranter.java
	openid-connect-server/src/main/java/org/mitre/oauth2/token/JwtAssertionTokenGranter.java
	openid-connect-server/src/main/java/org/mitre/oauth2/view/TokenIntrospectionView.java
	openid-connect-server/src/main/java/org/mitre/oauth2/web/IntrospectionEndpoint.java
	openid-connect-server/src/main/java/org/mitre/oauth2/web/OAuthConfirmationController.java
	openid-connect-server/src/main/java/org/mitre/oauth2/web/RevocationEndpoint.java
	openid-connect-server/src/main/java/org/mitre/openid/connect/ConnectOAuth2RequestFactory.java
	openid-connect-server/src/main/java/org/mitre/openid/connect/assertion/JwtBearerAuthenticationProvider.java
	openid-connect-server/src/main/java/org/mitre/openid/connect/assertion/JwtBearerClientAssertionTokenEndpointFilter.java
	openid-connect-server/src/main/java/org/mitre/openid/connect/exception/InvalidJwtSignatureException.java
	openid-connect-server/src/main/java/org/mitre/openid/connect/exception/UnknownUserInfoSchemaException.java
	openid-connect-server/src/main/java/org/mitre/openid/connect/exception/UserNotFoundException.java
	openid-connect-server/src/main/java/org/mitre/openid/connect/repository/impl/JpaApprovedSiteRepository.java
	openid-connect-server/src/main/java/org/mitre/openid/connect/repository/impl/JpaUserInfoRepository.java
	openid-connect-server/src/main/java/org/mitre/openid/connect/service/impl/DefaultApprovedSiteService.java
	openid-connect-server/src/main/java/org/mitre/openid/connect/service/impl/DefaultNonceService.java
	openid-connect-server/src/main/java/org/mitre/openid/connect/service/impl/DefaultStatsService.java
	openid-connect-server/src/main/java/org/mitre/openid/connect/service/impl/DefaultUserInfoUserDetailsService.java
	openid-connect-server/src/main/java/org/mitre/openid/connect/service/impl/DefaultWhitelistedSiteService.java
	openid-connect-server/src/main/java/org/mitre/openid/connect/token/ConnectTokenEnhancer.java
	openid-connect-server/src/main/java/org/mitre/openid/connect/token/TofuUserApprovalHandler.java
	openid-connect-server/src/main/java/org/mitre/openid/connect/view/AbstractClientEntityView.java
	openid-connect-server/src/main/java/org/mitre/openid/connect/view/ClientInformationResponseView.java
	openid-connect-server/src/main/java/org/mitre/openid/connect/view/ExceptionAsJSONView.java
	openid-connect-server/src/main/java/org/mitre/openid/connect/view/JsonEntityView.java
	openid-connect-server/src/main/java/org/mitre/openid/connect/view/JsonErrorView.java
	openid-connect-server/src/main/java/org/mitre/openid/connect/view/POCOUserInfoView.java
	openid-connect-server/src/main/java/org/mitre/openid/connect/view/StatsSummary.java
	openid-connect-server/src/main/java/org/mitre/openid/connect/view/UserInfoView.java
	openid-connect-server/src/main/java/org/mitre/openid/connect/web/ApprovedSiteAPI.java
	openid-connect-server/src/main/java/org/mitre/openid/connect/web/BlacklistAPI.java
	openid-connect-server/src/main/java/org/mitre/openid/connect/web/ClientAPI.java
	openid-connect-server/src/main/java/org/mitre/openid/connect/web/ClientDynamicRegistrationEndpoint.java
	openid-connect-server/src/main/java/org/mitre/openid/connect/web/ManagerController.java
	openid-connect-server/src/main/java/org/mitre/openid/connect/web/RequestObjectAuthorizationEndpoint.java
	openid-connect-server/src/main/java/org/mitre/openid/connect/web/StatsAPI.java
	openid-connect-server/src/main/java/org/mitre/openid/connect/web/UserInfoEndpoint.java
	openid-connect-server/src/main/java/org/mitre/openid/connect/web/UserInfoInterceptor.java
	openid-connect-server/src/main/java/org/mitre/openid/connect/web/WhitelistAPI.java
	openid-connect-server/src/main/webapp/WEB-INF/tags/aboutContent.tag
	openid-connect-server/src/main/webapp/WEB-INF/tags/breadcrumbs.tag
	openid-connect-server/src/main/webapp/WEB-INF/tags/contactContent.tag
	openid-connect-server/src/main/webapp/WEB-INF/tags/copyright.tag
	openid-connect-server/src/main/webapp/WEB-INF/tags/header.tag
	openid-connect-server/src/main/webapp/WEB-INF/tags/landingPageAbout.tag
	openid-connect-server/src/main/webapp/WEB-INF/tags/landingPageContact.tag
	openid-connect-server/src/main/webapp/WEB-INF/tags/landingPageStats.tag
	openid-connect-server/src/main/webapp/WEB-INF/tags/landingPageWelcome.tag
	openid-connect-server/src/main/webapp/WEB-INF/tags/sidebar.tag
	openid-connect-server/src/main/webapp/WEB-INF/tags/statsContent.tag
	openid-connect-server/src/main/webapp/WEB-INF/tags/topbar.tag
	openid-connect-server/src/main/webapp/WEB-INF/views/about.jsp
	openid-connect-server/src/main/webapp/WEB-INF/views/approve.jsp
	openid-connect-server/src/main/webapp/WEB-INF/views/contact.jsp
	openid-connect-server/src/main/webapp/WEB-INF/views/exception/usernotfound.jsp
	openid-connect-server/src/main/webapp/WEB-INF/views/login.jsp
	openid-connect-server/src/main/webapp/WEB-INF/views/manage.jsp
	openid-connect-server/src/main/webapp/WEB-INF/views/stats.jsp
	pom.xml
2013-07-29 16:21:20 -04:00
Justin Richer e658ffd7fc format/cleanup and copyright 2013-07-29 11:28:51 -04:00
William Kim eaa7298ef1 init commit for Webfinger normilizer utility class. 2013-07-25 12:15:50 -04:00
Amanda Anganes 96e3f66a81 Removed more references to InitializingBean 2013-07-18 11:18:48 -04:00
William Kim 7b969f9776 removed TODO about empty JWK set at the client. issue #391. 2013-07-17 15:36:45 -04:00
Justin Richer 67fd5fa7e9 roles granted by introspection token services are now configurable (and extendable) via service, addresses #386 2013-07-16 17:00:40 -04:00
Justin Richer 35d1e1b6d4 added whitelist/blacklist support to server & client services 2013-07-16 17:00:40 -04:00
Justin Richer a4a18fd54c externalized introspection URL from client's introspecting token service, addresses #435
added service to parses token as JWT and pulls out issuer to find server
added introspection url to serverconfig object
added introspection parsing (and parse checks) to dynamic server config object
2013-07-16 17:00:40 -04:00
William Kim f483d41b88 getCustomClaim -> getClaim. Also, removed outdated TODOs. 2013-07-16 13:17:25 -04:00
Amanda Anganes 15aea61fbe Applied code cleanup 2013-07-12 16:58:41 -04:00
Amanda Anganes 3e23967b46 Updated code to reflect SECOAUTH changes 2013-07-12 16:21:05 -04:00
Justin Richer 6e8ab7736e added hybrid client and server services, addresses #387 2013-07-10 13:51:39 -04:00
Justin Richer a9da88fb79 brought introspection endpoint and introspection token services into compliance with draft, addresses #376 2013-07-10 12:50:57 -04:00
William Kim 22b89f50be restored scheme choosing logic in webfinger service. 2013-07-03 15:36:09 -04:00
Justin Richer ded9c21a47 moved back to custom regex to handle user input 2013-06-28 15:41:11 -04:00
Justin Richer 77c5e7b94c switched to using UriComponents instead of custom class, updated normalization and processing rules for webfinger discovery
addresses #363
2013-06-28 15:41:11 -04:00
Justin Richer 8cf83f537a fixed auth header
addresses #325
2013-06-28 15:41:11 -04:00
Justin Richer 3b3715ff91 automatic save file creation 2013-06-28 15:41:11 -04:00
Justin Richer 98d917f3b9 added extension mechanism for saving client information in between runs 2013-06-28 15:41:11 -04:00
Justin Richer 70958376cb added whitelist/blacklist to issuer services 2013-06-28 15:41:11 -04:00
Amanda Anganes 530c3a75ee Applyed refactoring 2013-06-24 09:44:59 -04:00
Justin Richer c577b691c7 moved OIDC auth token and userinfo interception filter to common package, addresses #353 2013-06-12 14:45:03 -04:00
Justin Richer 48e8f5edad better specificity of principle object in client filter 2013-06-12 14:22:13 -04:00
Justin Richer 78457b70fc removed dependency on commons.lang 2013-05-29 16:27:46 -04:00
Justin Richer 81cd13f6d3 added RegisteredClient class to facilitate client configuration and dynamic registration, addresses #335 2013-05-20 17:19:28 -04:00
Justin Richer 667746ddd2 redirect uri is now configurable via the client configuration object, addresses #326, #330 2013-05-10 12:07:16 -07:00
Justin Richer cd99f27bf8 Changed references from ClientDetails to ClientDetailsEntity, pending new ClientConfiguration class utility class from #335.
Addresses #331
2013-05-10 11:43:41 -07:00
Justin Richer cd711a8ac6 clean up code format 2013-05-10 11:38:34 -07:00
aptes 671ea4d816 Issue-331: Changing code to support basic authentication when it comes to accessing token endpoint. 2013-05-09 17:32:17 +01:00
Amanda Anganes 1e24b31cc3 Propogating rename of AuthorizationRequest to OAuth2Request 2013-05-03 13:53:57 -04:00
Justin Richer 1e870703f8 added licence/copyright header 2013-05-02 11:45:20 -04:00
Justin Richer 5910d29472 removed x509 publishing from client lib 2013-05-02 10:59:15 -04:00
Justin Richer 8afab04544 whitespace, import, brace, annotation, and format cleanups 2013-05-02 10:47:15 -04:00
Justin Richer 0e9273fd08 added authority for subject-issuer authorities and associated mapper, addresses #234 2013-04-19 15:39:43 -04:00
Justin Richer 29aa0f2be6 continued updating userid->sub in auth token 2013-04-19 14:36:09 -04:00
Justin Richer df51ef5a48 updated to post JSON 2013-04-19 14:35:40 -04:00
Justin Richer 184c03e2d4 added registration endpoint url to dynamic server config fetch 2013-04-19 14:27:47 -04:00
Justin Richer fb859fc39a added client dynamic registration service, extracted clientdetails<->json processing into its own static class 2013-04-19 14:23:11 -04:00