Commit Graph

253 Commits (4897baf8f3099bed335acc3cf042341f48335405)

Author SHA1 Message Date
Justin Richer 6851224e42 fixed token expiration parsing 2013-09-06 15:55:34 -04:00
Justin Richer 94ddc77668 fixed scope parsing on token implementation, too
Conflicts:

	openid-connect-client/src/main/java/org/mitre/oauth2/introspectingfilter/AuthorizationRequestImpl.java
2013-09-06 15:55:18 -04:00
Justin Richer a9710899cd removed vestigial client config service 2013-09-06 15:53:24 -04:00
Justin Richer 2201206f0e refactored token introspection packages to support different client credentials at different services 2013-09-06 15:53:24 -04:00
William Kim 2108311d65 Revert "refactored code to use the more generic JWT declaration."
This reverts commit e0b56bc72a.
2013-08-26 15:33:08 -04:00
William Kim e0b56bc72a refactored code to use the more generic JWT declaration. 2013-08-26 11:32:46 -04:00
Justin Richer 6a9650d2a7 added configurable support for clients to send extra parameters like display and prompt, addresses #426 2013-08-22 13:52:07 -04:00
Justin Richer 3360117b7b Client library no longer serializes nulls on registration, addresses #478 2013-08-21 10:52:36 -04:00
William Kim a1d6901bcc using nimbusds's new data-type specific claim getter. 2013-08-09 10:06:01 -04:00
William Kim c7495a6ae3 Revert "made having a nonce not required for id tokens iss #464"
This reverts commit d0486cc1ec.
2013-08-09 10:00:53 -04:00
William Kim d0486cc1ec made having a nonce not required for id tokens iss #464 2013-08-09 09:44:31 -04:00
Justin Richer beaeaa4ccc I can spell "consortium", I promise 2013-07-29 17:40:26 -04:00
Justin Richer 856c0ea0b5 Merge commit '023dd440d4a0e6e59a14c88013837d79a77c74e0' into 1.1-merge
Conflicts:
	openid-connect-client/pom.xml
	openid-connect-client/src/main/java/org/mitre/oauth2/introspectingfilter/AuthorizationRequestImpl.java
	openid-connect-client/src/main/java/org/mitre/oauth2/introspectingfilter/IntrospectingTokenService.java
	openid-connect-client/src/main/java/org/mitre/oauth2/introspectingfilter/IntrospectionAuthorityGranter.java
	openid-connect-client/src/main/java/org/mitre/oauth2/introspectingfilter/IntrospectionUrlProvider.java
	openid-connect-client/src/main/java/org/mitre/openid/connect/client/OIDCAuthenticationFilter.java
	openid-connect-client/src/main/java/org/mitre/openid/connect/client/OIDCAuthenticationProvider.java
	openid-connect-client/src/main/java/org/mitre/openid/connect/client/keypublisher/ClientKeyPublisher.java
	openid-connect-client/src/main/java/org/mitre/openid/connect/client/keypublisher/ClientKeyPublisherMapping.java
	openid-connect-client/src/main/java/org/mitre/openid/connect/client/keypublisher/JwkViewResolver.java
	openid-connect-client/src/main/java/org/mitre/openid/connect/client/service/AuthRequestUrlBuilder.java
	openid-connect-client/src/main/java/org/mitre/openid/connect/client/service/ClientConfigurationService.java
	openid-connect-client/src/main/java/org/mitre/openid/connect/client/service/impl/StaticClientConfigurationService.java
	openid-connect-client/src/main/java/org/mitre/openid/connect/client/service/impl/StaticServerConfigurationService.java
	openid-connect-client/src/main/java/org/mitre/openid/connect/client/service/impl/StaticSingleIssuerService.java
	openid-connect-client/src/main/java/org/mitre/openid/connect/client/service/impl/ThirdPartyIssuerService.java
	openid-connect-client/src/test/java/org/mitre/openid/connect/client/AbstractOIDCAuthenticationFilterTest.java
	openid-connect-common/pom.xml
	openid-connect-common/src/main/java/org/mitre/jose/keystore/JWKSetKeyStore.java
	openid-connect-common/src/main/java/org/mitre/jwt/signer/service/JwtSigningAndValidationService.java
	openid-connect-common/src/main/java/org/mitre/jwt/signer/service/impl/DefaultJwtSigningAndValidationService.java
	openid-connect-common/src/main/java/org/mitre/jwt/signer/service/impl/JWKSetSigningAndValidationServiceCacheService.java
	openid-connect-common/src/main/java/org/mitre/oauth2/model/AuthorizationCodeEntity.java
	openid-connect-common/src/main/java/org/mitre/oauth2/model/ClientDetailsEntity.java
	openid-connect-common/src/main/java/org/mitre/oauth2/model/OAuth2AccessTokenEntity.java
	openid-connect-common/src/main/java/org/mitre/oauth2/model/OAuth2RefreshTokenEntity.java
	openid-connect-common/src/main/java/org/mitre/oauth2/model/SystemScope.java
	openid-connect-common/src/main/java/org/mitre/oauth2/repository/AuthorizationCodeRepository.java
	openid-connect-common/src/main/java/org/mitre/oauth2/repository/OAuth2TokenRepository.java
	openid-connect-common/src/main/java/org/mitre/oauth2/service/OAuth2TokenEntityService.java
	openid-connect-common/src/main/java/org/mitre/openid/connect/config/ConfigurationPropertiesBean.java
	openid-connect-common/src/main/java/org/mitre/openid/connect/config/ServerConfiguration.java
	openid-connect-common/src/main/java/org/mitre/openid/connect/model/ApprovedSite.java
	openid-connect-common/src/main/java/org/mitre/openid/connect/model/BlacklistedSite.java
	openid-connect-common/src/main/java/org/mitre/openid/connect/model/Event.java
	openid-connect-common/src/main/java/org/mitre/openid/connect/model/OIDCAuthenticationToken.java
	openid-connect-common/src/main/java/org/mitre/openid/connect/model/WhitelistedSite.java
	openid-connect-common/src/main/java/org/mitre/util/jpa/JpaUtil.java
	openid-connect-server/.gitignore
	openid-connect-server/pom.xml
	openid-connect-server/src/main/java/org/mitre/oauth2/repository/impl/JpaAuthorizationCodeRepository.java
	openid-connect-server/src/main/java/org/mitre/oauth2/service/impl/DefaultOAuth2AuthorizationCodeService.java
	openid-connect-server/src/main/java/org/mitre/oauth2/service/impl/DefaultOAuth2ClientDetailsEntityService.java
	openid-connect-server/src/main/java/org/mitre/oauth2/service/impl/DefaultOAuth2ProviderTokenService.java
	openid-connect-server/src/main/java/org/mitre/oauth2/service/impl/DefaultSystemScopeService.java
	openid-connect-server/src/main/java/org/mitre/oauth2/token/ChainedTokenGranter.java
	openid-connect-server/src/main/java/org/mitre/oauth2/token/JwtAssertionTokenGranter.java
	openid-connect-server/src/main/java/org/mitre/oauth2/view/TokenIntrospectionView.java
	openid-connect-server/src/main/java/org/mitre/oauth2/web/IntrospectionEndpoint.java
	openid-connect-server/src/main/java/org/mitre/oauth2/web/OAuthConfirmationController.java
	openid-connect-server/src/main/java/org/mitre/oauth2/web/RevocationEndpoint.java
	openid-connect-server/src/main/java/org/mitre/openid/connect/ConnectOAuth2RequestFactory.java
	openid-connect-server/src/main/java/org/mitre/openid/connect/assertion/JwtBearerAuthenticationProvider.java
	openid-connect-server/src/main/java/org/mitre/openid/connect/assertion/JwtBearerClientAssertionTokenEndpointFilter.java
	openid-connect-server/src/main/java/org/mitre/openid/connect/exception/InvalidJwtSignatureException.java
	openid-connect-server/src/main/java/org/mitre/openid/connect/exception/UnknownUserInfoSchemaException.java
	openid-connect-server/src/main/java/org/mitre/openid/connect/exception/UserNotFoundException.java
	openid-connect-server/src/main/java/org/mitre/openid/connect/repository/impl/JpaApprovedSiteRepository.java
	openid-connect-server/src/main/java/org/mitre/openid/connect/repository/impl/JpaUserInfoRepository.java
	openid-connect-server/src/main/java/org/mitre/openid/connect/service/impl/DefaultApprovedSiteService.java
	openid-connect-server/src/main/java/org/mitre/openid/connect/service/impl/DefaultNonceService.java
	openid-connect-server/src/main/java/org/mitre/openid/connect/service/impl/DefaultStatsService.java
	openid-connect-server/src/main/java/org/mitre/openid/connect/service/impl/DefaultUserInfoUserDetailsService.java
	openid-connect-server/src/main/java/org/mitre/openid/connect/service/impl/DefaultWhitelistedSiteService.java
	openid-connect-server/src/main/java/org/mitre/openid/connect/token/ConnectTokenEnhancer.java
	openid-connect-server/src/main/java/org/mitre/openid/connect/token/TofuUserApprovalHandler.java
	openid-connect-server/src/main/java/org/mitre/openid/connect/view/AbstractClientEntityView.java
	openid-connect-server/src/main/java/org/mitre/openid/connect/view/ClientInformationResponseView.java
	openid-connect-server/src/main/java/org/mitre/openid/connect/view/ExceptionAsJSONView.java
	openid-connect-server/src/main/java/org/mitre/openid/connect/view/JsonEntityView.java
	openid-connect-server/src/main/java/org/mitre/openid/connect/view/JsonErrorView.java
	openid-connect-server/src/main/java/org/mitre/openid/connect/view/POCOUserInfoView.java
	openid-connect-server/src/main/java/org/mitre/openid/connect/view/StatsSummary.java
	openid-connect-server/src/main/java/org/mitre/openid/connect/view/UserInfoView.java
	openid-connect-server/src/main/java/org/mitre/openid/connect/web/ApprovedSiteAPI.java
	openid-connect-server/src/main/java/org/mitre/openid/connect/web/BlacklistAPI.java
	openid-connect-server/src/main/java/org/mitre/openid/connect/web/ClientAPI.java
	openid-connect-server/src/main/java/org/mitre/openid/connect/web/ClientDynamicRegistrationEndpoint.java
	openid-connect-server/src/main/java/org/mitre/openid/connect/web/ManagerController.java
	openid-connect-server/src/main/java/org/mitre/openid/connect/web/RequestObjectAuthorizationEndpoint.java
	openid-connect-server/src/main/java/org/mitre/openid/connect/web/StatsAPI.java
	openid-connect-server/src/main/java/org/mitre/openid/connect/web/UserInfoEndpoint.java
	openid-connect-server/src/main/java/org/mitre/openid/connect/web/UserInfoInterceptor.java
	openid-connect-server/src/main/java/org/mitre/openid/connect/web/WhitelistAPI.java
	openid-connect-server/src/main/webapp/WEB-INF/tags/aboutContent.tag
	openid-connect-server/src/main/webapp/WEB-INF/tags/breadcrumbs.tag
	openid-connect-server/src/main/webapp/WEB-INF/tags/contactContent.tag
	openid-connect-server/src/main/webapp/WEB-INF/tags/copyright.tag
	openid-connect-server/src/main/webapp/WEB-INF/tags/header.tag
	openid-connect-server/src/main/webapp/WEB-INF/tags/landingPageAbout.tag
	openid-connect-server/src/main/webapp/WEB-INF/tags/landingPageContact.tag
	openid-connect-server/src/main/webapp/WEB-INF/tags/landingPageStats.tag
	openid-connect-server/src/main/webapp/WEB-INF/tags/landingPageWelcome.tag
	openid-connect-server/src/main/webapp/WEB-INF/tags/sidebar.tag
	openid-connect-server/src/main/webapp/WEB-INF/tags/statsContent.tag
	openid-connect-server/src/main/webapp/WEB-INF/tags/topbar.tag
	openid-connect-server/src/main/webapp/WEB-INF/views/about.jsp
	openid-connect-server/src/main/webapp/WEB-INF/views/approve.jsp
	openid-connect-server/src/main/webapp/WEB-INF/views/contact.jsp
	openid-connect-server/src/main/webapp/WEB-INF/views/exception/usernotfound.jsp
	openid-connect-server/src/main/webapp/WEB-INF/views/login.jsp
	openid-connect-server/src/main/webapp/WEB-INF/views/manage.jsp
	openid-connect-server/src/main/webapp/WEB-INF/views/stats.jsp
	pom.xml
2013-07-29 16:21:20 -04:00
Justin Richer e658ffd7fc format/cleanup and copyright 2013-07-29 11:28:51 -04:00
William Kim eaa7298ef1 init commit for Webfinger normilizer utility class. 2013-07-25 12:15:50 -04:00
Amanda Anganes 96e3f66a81 Removed more references to InitializingBean 2013-07-18 11:18:48 -04:00
William Kim 7b969f9776 removed TODO about empty JWK set at the client. issue #391. 2013-07-17 15:36:45 -04:00
Justin Richer 67fd5fa7e9 roles granted by introspection token services are now configurable (and extendable) via service, addresses #386 2013-07-16 17:00:40 -04:00
Justin Richer 35d1e1b6d4 added whitelist/blacklist support to server & client services 2013-07-16 17:00:40 -04:00
Justin Richer a4a18fd54c externalized introspection URL from client's introspecting token service, addresses #435
added service to parses token as JWT and pulls out issuer to find server
added introspection url to serverconfig object
added introspection parsing (and parse checks) to dynamic server config object
2013-07-16 17:00:40 -04:00
William Kim f483d41b88 getCustomClaim -> getClaim. Also, removed outdated TODOs. 2013-07-16 13:17:25 -04:00
Amanda Anganes 15aea61fbe Applied code cleanup 2013-07-12 16:58:41 -04:00
Amanda Anganes 3e23967b46 Updated code to reflect SECOAUTH changes 2013-07-12 16:21:05 -04:00
Justin Richer 6e8ab7736e added hybrid client and server services, addresses #387 2013-07-10 13:51:39 -04:00
Justin Richer a9da88fb79 brought introspection endpoint and introspection token services into compliance with draft, addresses #376 2013-07-10 12:50:57 -04:00
William Kim 22b89f50be restored scheme choosing logic in webfinger service. 2013-07-03 15:36:09 -04:00
Justin Richer ded9c21a47 moved back to custom regex to handle user input 2013-06-28 15:41:11 -04:00
Justin Richer 77c5e7b94c switched to using UriComponents instead of custom class, updated normalization and processing rules for webfinger discovery
addresses #363
2013-06-28 15:41:11 -04:00
Justin Richer 8cf83f537a fixed auth header
addresses #325
2013-06-28 15:41:11 -04:00
Justin Richer 3b3715ff91 automatic save file creation 2013-06-28 15:41:11 -04:00
Justin Richer 98d917f3b9 added extension mechanism for saving client information in between runs 2013-06-28 15:41:11 -04:00
Justin Richer 70958376cb added whitelist/blacklist to issuer services 2013-06-28 15:41:11 -04:00
Amanda Anganes 530c3a75ee Applyed refactoring 2013-06-24 09:44:59 -04:00
Justin Richer c577b691c7 moved OIDC auth token and userinfo interception filter to common package, addresses #353 2013-06-12 14:45:03 -04:00
Justin Richer 48e8f5edad better specificity of principle object in client filter 2013-06-12 14:22:13 -04:00
Justin Richer 78457b70fc removed dependency on commons.lang 2013-05-29 16:27:46 -04:00
Justin Richer 81cd13f6d3 added RegisteredClient class to facilitate client configuration and dynamic registration, addresses #335 2013-05-20 17:19:28 -04:00
Justin Richer 667746ddd2 redirect uri is now configurable via the client configuration object, addresses #326, #330 2013-05-10 12:07:16 -07:00
Justin Richer cd99f27bf8 Changed references from ClientDetails to ClientDetailsEntity, pending new ClientConfiguration class utility class from #335.
Addresses #331
2013-05-10 11:43:41 -07:00
Justin Richer cd711a8ac6 clean up code format 2013-05-10 11:38:34 -07:00
aptes 671ea4d816 Issue-331: Changing code to support basic authentication when it comes to accessing token endpoint. 2013-05-09 17:32:17 +01:00
Amanda Anganes 1e24b31cc3 Propogating rename of AuthorizationRequest to OAuth2Request 2013-05-03 13:53:57 -04:00
Justin Richer 1e870703f8 added licence/copyright header 2013-05-02 11:45:20 -04:00
Justin Richer 5910d29472 removed x509 publishing from client lib 2013-05-02 10:59:15 -04:00
Justin Richer 8afab04544 whitespace, import, brace, annotation, and format cleanups 2013-05-02 10:47:15 -04:00
Justin Richer 0e9273fd08 added authority for subject-issuer authorities and associated mapper, addresses #234 2013-04-19 15:39:43 -04:00
Justin Richer 29aa0f2be6 continued updating userid->sub in auth token 2013-04-19 14:36:09 -04:00
Justin Richer df51ef5a48 updated to post JSON 2013-04-19 14:35:40 -04:00
Justin Richer 184c03e2d4 added registration endpoint url to dynamic server config fetch 2013-04-19 14:27:47 -04:00
Justin Richer fb859fc39a added client dynamic registration service, extracted clientdetails<->json processing into its own static class 2013-04-19 14:23:11 -04:00
Justin Richer 0b0e52b7a3 extracted parsers and rest templates appropriately 2013-04-19 14:22:21 -04:00
Justin Richer cf39b49657 added registration uri to server config, changed index of client config service to be server config not just issuer 2013-04-19 14:21:53 -04:00
Justin Richer 13f1a1741c updated oidc auth token field from user_id -> sub (addresses #307) 2013-04-19 13:37:38 -04:00
Justin Richer 60525a52af added null checks in client filter 2013-04-19 11:40:44 -04:00
Justin Richer 57cefa595a added redirect to login page when no identifier is given 2013-04-19 11:35:24 -04:00
Justin Richer 814c70c9a2 regex-based webfinger parser (yuck) 2013-04-18 16:48:29 -04:00
Justin Richer 70cac0c690 uri-based parsing of user inputs 2013-04-18 15:22:49 -04:00
Amanda Anganes e708f77eb3 Fixed up OIDC code so that it runs with new SECOAUTH changes; removed old AuthorizationRequestImpl class which is no longer needed 2013-04-17 09:52:09 -04:00
Justin Richer 51dfd67d0c started webfinger client 2013-04-16 17:32:06 -04:00
Justin Richer f76f44b999 added dynamic discovery to client 2013-04-16 15:01:08 -04:00
Justin Richer 6cc50e7cd5 switched signing & validation service to use JWK natively for keys 2013-03-28 16:43:26 -04:00
Justin Richer e2ad4d2e8f cleaned up spurious nosuchalgorithm exceptions, addresses #285 2013-03-28 15:06:30 -04:00
Justin Richer 30c6271e72 cleaned up some more x509 references 2013-03-15 15:10:59 -04:00
Justin Richer ecf99f960a added bean property check 2013-03-14 18:05:50 -04:00
Justin Richer b1c89783ff added functionality for account chooser and third-party login support 2013-03-14 18:05:50 -04:00
Justin Richer 2be305810f added getters and setters 2013-03-14 18:05:50 -04:00
Justin Richer 4dedec76ec moved back to form variables for auth because rest template is dumb 2013-03-14 18:05:50 -04:00
Justin Richer ca40b2fd3e added getters and setters 2013-03-14 18:05:50 -04:00
Justin Richer 1251082c6d implemented simple static configuration services 2013-03-14 18:05:50 -04:00
Justin Richer f44c704472 major refactor of client filter
Collapsed filter into single class
pulled server config and client config management into service classes
created service for issuer (will handle account chooser)
created auth request services (handle signed and unsigned requests)
2013-03-14 18:05:50 -04:00
Justin Richer 999999a822 import cleanup 2013-03-01 17:44:44 -05:00
Justin Richer 6c1e6b2d74 refactored signing and validation, added jwk-based cache, removed keyfetcher, refactored client side class structure 2013-03-01 17:44:44 -05:00
Justin Richer 385853fa1f refactored signing and validation, added jwk-based cache, removed keyfetcher, refactored client side class structure 2013-03-01 17:44:44 -05:00
Justin Richer 5dd6cce790 made default scopes in client a bit more sensible 2013-03-01 17:42:48 -05:00
Justin Richer 2a855a1952 pulled client key publication into its own class to help deal with bean processors 2013-03-01 17:42:48 -05:00
Justin Richer 92f5f31dfc use serialize instead of toString 2013-02-22 15:20:42 -05:00
Justin Richer da7c74affd passthrough for default algorithm config 2013-02-22 14:38:33 -05:00
Justin Richer 774f80dd58 helps when you actually add the verifier you created 2013-02-22 13:21:29 -05:00
Justin Richer 9a98d241e8 updates to track Nimbus JOSE API changes to audience and date fields 2013-02-22 12:08:01 -05:00
Justin Richer 3d9ec51eb3 converted client filters to nimbus-jose 2013-02-22 12:08:01 -05:00
Justin Richer 1c14ce4c1a note well 2013-02-03 22:04:54 -05:00
Justin Richer a6ca7cb31b Merge pull request #263 from ssayer/introspection-fix
fixed typos and dumbness in introspection endpoint filter thingy
2013-02-01 09:04:23 -08:00
Samuel Sayer 458486ac9c fixed typos and dumbness in introspection endpoint filter thingy 2013-02-01 11:16:54 -05:00
Amanda Anganes 67e8714671 Working on request object userinfo parsing 2013-01-29 13:07:41 -05:00
Justin Richer 19e91e9272 fixed typo in form handling in introspecting filter 2013-01-25 14:04:33 -05:00
Justin Richer 27a26e0a35 (user_id/prn) -> sub 2013-01-18 16:40:05 -05:00
Justin Richer c946a84b09 adapted keyfetcher to be more general 2013-01-18 15:06:00 -05:00
Stephen Moore 358bf7fc1c Generic introspecting token services 2013-01-08 16:55:07 -05:00
Amanda Anganes 695091ca82 Refactor part 4 - should be final bit 2012-09-18 15:08:53 -04:00
Amanda Anganes c40efda6b5 Refactor part 1 2012-09-18 14:24:34 -04:00
Justin Richer 7aec0dfe80 added randomized view names to lower possibility of conflicting with local views 2012-09-10 17:17:03 -04:00
Justin Richer d11005fc5f added x509 support 2012-09-10 17:17:03 -04:00
Justin Richer 2d24435365 Created custom resolver, handler mapper
moved endpoint back to server
2012-09-10 17:17:03 -04:00
Justin Richer edeae29bef client publisher mapping test 2012-09-10 17:17:03 -04:00
Justin Richer be1046f9b6 bean-based configuration 2012-09-10 17:17:03 -04:00
Stephen Moore 4eee172f79 buildRedirectURI moved to URLUtils 2012-09-07 15:52:56 -04:00
Stephen Moore 05efdbf39d buildURL uses URIUtils now. 2012-09-07 15:17:08 -04:00
Justin Richer 2b62042696 unshadowed Jwe header, unshadowed IdTokenClaims, added smart copy constructor to ClaimSet 2012-09-06 17:20:22 -04:00
Stephen Moore e8eaf48efd Added check for token NotBefore
Added timeSkewAllowance magic
2012-08-28 15:42:29 -04:00
Justin Richer b47dcf8e6b fixed timestamp math
(I hate timestamp math)
2012-08-17 16:35:27 -04:00
Justin Richer 26d5a846e0 Updated validator structure and id token checking. 2012-08-17 16:18:08 -04:00
Justin Richer 012bb4afd7 Changed casing on "URI" to "Url" to match other parameters. 2012-08-17 15:32:04 -04:00
Justin Richer d14f55004c added parser to userinfo object, userinfo url in filter, fixed bug in user_id check 2012-08-17 14:40:13 -04:00
Justin Richer fbd6e67af8 Refactored auth provider to call the userinfo endpoint and provide info inside the auth token. 2012-08-17 14:40:13 -04:00
Justin Richer 6ccbf480b3 added token values into the OpenIDConnectAuthToken class and authenticator, still need to do authuserdetailsservice 2012-08-15 16:11:57 -04:00
Justin Richer c5244db1a2 moved nonce from cookie to session, added state processing, cleaned up unused classes 2012-08-15 14:52:49 -04:00
Justin Richer 269c2c9835 fixed nonce cookie handling 2012-08-14 12:11:51 -04:00
Mike Derryberry d93f5f18e5 added state value to jwt that gets passed as request object. certain methods from SECOAUTH use this 2012-08-14 10:55:08 -04:00
Mike Derryberry eff7a2c504 changed nonce claim addition 2012-08-14 10:55:08 -04:00
Mike Derryberry 9d73cd2243 cleaned up imports in filter class 2012-08-14 10:55:07 -04:00
Mike Derryberry 2888c08083 changed cookie claim to include the response 2012-08-14 10:55:07 -04:00
Mike Derryberry bc216785b8 added cookie to response in auth filter for request objects 2012-08-14 10:55:07 -04:00
Mike Derryberry f7cfb39777 updated imports of signed request filter 2012-08-14 10:55:07 -04:00
Mike Derryberry c0d353d7ce removed state parameter from claims. added way to create random nonce value 2012-08-14 10:55:07 -04:00
Mike Derryberry 8e95734f22 changed response-type to code rather than token 2012-08-14 10:55:07 -04:00
Mike Derryberry f8d938630e added passthrough parameters to server config 2012-08-14 10:55:07 -04:00
Mike Derryberry c4ebf5c145 updated signer service 2012-08-14 10:55:07 -04:00
Mike Derryberry d6b0b87769 added state parameter to reqeuest object 2012-08-14 10:55:07 -04:00
Mike Derryberry 99bc1294e3 removed repetative check of "token" parameter in signed request object 2012-08-14 10:55:07 -04:00
Mike Derryberry 685734ce35 updated signing request object in OIDC client by pulling out construction of JWT to its own method. 2012-08-14 10:55:07 -04:00
Mike Derryberry 76c91ea79f removed encrypted request object for OIDC client. will deal with it at a later point 2012-08-14 10:55:07 -04:00
Mike Derryberry 8f22517c81 encrypted request object wip. need to add header parameters to allow encryption. also need to get public key for encryption 2012-08-14 10:55:07 -04:00
Mike Derryberry 70c4c25fa3 finished signed request object for client, created encrypted request object for client 2012-08-14 10:55:07 -04:00
Mike Derryberry 42a9b67f5e updated signed request filter to create jwt from parameters, sign it, create url for request, and send a redirect 2012-08-14 10:55:07 -04:00
Mike Derryberry b0eca780d1 changed class to request filter rather than jwt filter 2012-08-14 10:55:07 -04:00
Mike Derryberry 5f0ea41e0e added class for signed request object 2012-08-14 10:55:07 -04:00
Jon Kranes 1fd4d8a4b8 fixed signer map in client/AbstractOIDCAuthenticationFilter.java 2012-07-31 12:17:01 -04:00
Mike Derryberry 4deaffd686 updated hmac and rsa signer to use afterPropertiesSet(), abstract oidc auth filter now adds multiple signers to map and then picks the one it needs, and key fetcher now gets jwk 2012-07-23 18:31:27 -04:00
Mike Derryberry caf2a7b494 updated encryption service to encrypt key and claims and then sign the jwe. decryption updated to decrypt encrypted key and ciphertext 2012-07-17 10:49:29 -04:00
Mike Derryberry e252951612 added encrypter/decrypter for claims to get ciphertext 2012-07-17 10:48:07 -04:00
Mike Derryberry 33cc3fa899 Added spring simple web app for testing, encryption and decryption classes for rsa and hmac, still WIP 2012-07-17 10:47:41 -04:00
Justin Richer 1127a7cfbc refactored JWKs, updated signing servier to use them 2012-06-25 17:19:25 -04:00
Justin Richer adb8499bee merged derryberry code, plus tweaks, still WIP 2012-06-25 16:42:41 -04:00
Mike Derryberry b1fc07bcb8 updated -common code to get a validation service from a server configuration 2012-06-21 14:37:30 -04:00
Mike Derryberry b94fbd7439 updated -common and -client code by removing throws exception, changing to rest templates, and updating test cases to use annotations 2012-06-20 09:36:55 -04:00
nemonik 488f01cada existence of nonce claim check added 2012-06-19 18:14:51 -04:00
Justin Richer fe3bbfb3d5 Further cleanups. Still missing:
- All tests extend TestCase, should use annotations instead
- Several elements throw Exception
- Key Fetchers should use RESTTemplates and be in a separate utility set
2012-06-15 17:11:58 -04:00
Justin Richer b86abdd761 merge from pull request, plus cleanup 2012-06-15 15:36:14 -04:00
U-MITRE\mjwalsh f9558f0955 stripped out check id endpoint interaction as it deprecated, refactored nonce checking based on spec change, pull user_id as id_token token claim 2012-06-13 18:31:13 -04:00
Mike Derryberry 65dc3daaf8 smart client 2012-06-12 16:09:01 -04:00
Mike Derryberry ee28d56031 initial implementation of x509 and JWK key retrieval 2012-06-01 10:51:28 -04:00
Michael Joseph Walsh 6f43040587 slight sequence diagrams tweaks, mods to account-chooser and openid-connect-client 2012-05-16 21:12:58 -04:00
Michael Joseph Walsh 7e3ce2d583 mods to reflect client <-> account chooser protocol, and refactoring... 2012-05-15 18:43:45 -04:00
Michael Joseph Walsh 755d0d4c88 issue #39 2012-05-08 19:52:13 -04:00
Justin Richer 97dffb6414 added copyright to all java files. closes #11 2012-04-27 17:55:58 -04:00
nemonik f215cfc50c fix for issue 5, code refactoring across signers 2012-03-29 12:34:51 -04:00
U-MITRE\mjwalsh c84c751991 client refactoring, and javadocing 2012-03-26 14:18:54 -04:00
U-MITRE\mjwalsh b8c953281e integration changes to client 2012-03-23 17:01:43 -04:00
U-MITRE\mjwalsh 02d0471acf scope wasn't quite right, needed a space 2012-03-22 17:55:59 -04:00
U-MITRE\mjwalsh b4836a0302 mods to auth filter including config comments, http socket time out... 2012-03-22 17:49:30 -04:00