github
/
OpenID-Connect-Java-Spring-Server
mirror of https://github.com/mitreid-connect/OpenID-Connect-Java-Spring-Server
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
2,722 Commits
17 Branches
69 Tags
78 MiB
Commit Graph

1497 Commits (4897baf8f3099bed335acc3cf042341f48335405)

Author SHA1 Message Date
Andrea Ceccanti e3392dd759 Merge upstream 1.3.5 with our local changes 2019-02-22 19:20:50 +01:00
Andrea Ceccanti 0ba26c1c03 inthemerge 2018-11-28 14:38:27 +01:00
鄭脈龍 676451c73d fix bug #1397 Attempting to execute an operation on a closed EntityManager. 2018-06-21 10:05:49 +08:00
Andrea Ceccanti 1136a048df Bumped version to 1.3.4.cnaf 2018-05-17 15:58:23 +02:00
Justin Richer ea6960e66a
Merge pull request #1259 from sbke/patch-1 
Adjustment to generate longer codes
 2018-05-03 14:48:52 -04:00
Justin Richer dd922b4cf7
Merge pull request #1378 from ketola/fetch-tokens-by-sub 
Fetch tokens by user name
 2018-05-03 14:44:51 -04:00
Justin Richer 938d7e00c2 Merge branch 'ondrejvelisek/verification-uri-complete' 
Closes #1386
 2018-05-03 14:39:23 -04:00
Justin Richer a596cc1fd4 Made full URLs for device flow switchable server-wide instead of per-client 2018-05-03 14:37:50 -04:00
Justin Richer 7ad29ae9c6 Revert "Add possibility to disable verification_uri_complete per client" 
This reverts commit dae674af67.
 2018-05-03 13:59:38 -04:00
ondrejvelisek dae674af67 Add possibility to disable verification_uri_complete per client 2018-05-01 13:46:23 +02:00
ondrejvelisek 67c87d56a6 Add support for verification_uri_complete 2018-05-01 10:45:49 +02:00
Andrea Ceccanti 2eb5d1b3e2 Set device code validity in seconds for dynreg clients 2018-04-27 19:35:03 +02:00
Evan Lennick fe000d91cb undid autoformatting again 2018-04-23 14:30:43 -04:00
Evan Lennick 011bf8adb8 addressed review feedback 2018-04-23 14:29:38 -04:00
Evan Lennick 0ee4ee2f58 undid some autoformatting changes 2018-04-21 13:22:17 -04:00
Evan Lennick 0b531a0fd3 fixed an issue where missing locales would generate a lot of ERROR level log messages 2018-04-21 13:19:44 -04:00
Andrea Ceccanti 92c47c5449 Bumped version to 1.3.3.cnaf.rc0 2018-04-12 15:30:26 +02:00
Andrea Ceccanti f09efec031 dynreg: filter requested grant types 
This commit introduces filtering on requested grant types for
dynamically registered clients.

Since extension on the library could support additional grant types,
here we want to be strict about known grant types that cannot be
requested at dynamic client registration (or update) time, but at the
same time we want to preserve grant types that could have been granted
to a client by an administrator.

So at client registration time the list of requested grant types is
filtered to only allow grant types currently enabled for dynamically
registered clients.

OTOH, at client update time the same filtering is implemented while at
the same time preserving grant types assigned the client in other ways.
 2018-04-12 15:24:52 +02:00
Sauli Ketola e6a8e0c17d Integration tests for new repository methods 2018-04-11 13:16:28 +03:00
Sauli Ketola a070f61edf Clean up code in modified classes, remove line breaks, add static imports 2018-04-06 09:12:47 +03:00
Sauli Ketola 51b580aa18 Use 'userName' instead of 'sub' in naming 2018-04-06 08:55:06 +03:00
Sauli Ketola 3f277047e3 Use query by user sub to get all tokens for user 2018-04-06 08:47:37 +03:00
Sauli Ketola 417a6b7c74 Removed some line breaks and auto generated comments for consistency 2018-04-05 19:29:54 +03:00
Sauli Ketola bf8149605a Create queries for getting access and refresh tokens by user sub 2018-04-05 19:25:23 +03:00
enricovianello 3c2549faf2 Cosmetic fix on DefaultIdTokenClaimsEnhancer 2018-02-26 16:45:27 +01:00
enricovianello a69c3c5235 bumped version to 1.3.3.cnaf-SNAPSHOT 2018-02-26 12:14:34 +01:00
enricovianello f6e6954450 Include additional claims in ID token 
Read https://github.com/indigo-iam/iam/issues/202
 2018-02-26 10:35:43 +01:00
Justin Richer e2d94f422a new year 2018 2018-02-12 10:39:04 -05:00
Justin Richer b804f22bc8 [maven-release-plugin] prepare for next development iteration 2018-02-07 09:14:16 -05:00
Justin Richer f72e6b3e08 [maven-release-plugin] prepare release mitreid-connect-1.3.2 2018-02-07 09:14:10 -05:00
Tomasz Borowiec 37fba622b9 Throwing exception on all other JWT types than SignedJWT 2018-02-07 11:00:28 +01:00
Tomasz Borowiec c38b9d7a42 added PlainJWT and EncryptedJWT support + tests 2018-02-07 11:00:15 +01:00
Justin Richer fcb119ff6a
Merge pull request #1270 from bodewig/custom_claim_friendly_token_enhancer 
add hook for custom JWT claims to ConnectTokenEnhancer
 2018-02-05 16:01:09 -05:00
Stefan Bodewig 01eb1401a3 add hook for custom JWT claims to DefaultOIDCTokenService 2018-01-12 15:22:37 +01:00
Andrea Ceccanti 18517484a3 Bumped version to 1.3.2.cnaf.rc0 
Now for real...
 2017-09-26 16:37:16 +02:00
Andrea Ceccanti 880f2c1b2c Bumped version to 1.3.2.cnaf.rc0 2017-09-26 16:25:06 +02:00
Andrea Ceccanti 5bb5254743 Organized imports 2017-09-26 15:45:18 +02:00
Andrea Ceccanti a2856b4645 Removed unused import 2017-09-26 15:40:55 +02:00
Andrea Ceccanti 7d10337205 Merged 1.3.1 (build & test green) 2017-09-21 15:49:50 +02:00
Andrea Ceccanti 2b1df25aad Merge remote-tracking branch 'mitre/master' into devel-1.3.1 
* mitre/master: (153 commits)
  removed old document PDFs from repo
  check for missing refresh token value on refresh, closes #1242
  removed unused field from UI config bean
  fixed client readme file
  Updated copyrights
  Corrected typo
  fixed unit test for new default redirect behavior
  set redirect URI matching to strict by default
  escaped output values on approval page, closes #1111
  added changelog file
  [maven-release-plugin] prepare for next development iteration
  [maven-release-plugin] prepare release mitreid-connect-1.3.1
  downgrade mysql dependency to GA version
  Removed double 'sure'
  fixed discovery endpoint, closes #1230
  Completed end session endpoint
  end session endpoint
  skeleton of end session endpoint, maybe need a change to user info lookup
  Fix psql_database script, replace SERIAL with BIGSERIAL and fix ...
  [maven-release-plugin] prepare for next development iteration
  ...
 2017-09-21 14:25:06 +02:00
Stefan Bodewig 514dcc3851 add hook for custom JWT claims to ConnectTokenEnhancer 2017-07-18 16:10:58 +02:00
sbke 8b4e461748 Adjustment to generate longer codes 
RandomValueStringGenerator default constructor creates a code of length six only. The RFC 6819 (OAuth 2.0 Threat Model and Security Considerations) suggests (5.1.4.2.2.  Use High Entropy for Secrets) that secrets that aren't used by humans (e.g. client secrets or token handles) have a reasonable level of enthropy. They propose a token lengths of at least 128 bits. Since the RandomValueStringGenerator only uses case sensitive alpha numeric symbols, 22 symbols are needed to achieve an enthropy >=128 bits.
 2017-06-28 14:20:11 +02:00
Justin Richer 0b1f9000db check for missing refresh token value on refresh, closes #1242 2017-05-26 20:30:09 -04:00
Justin Richer 661c242a9f Updated copyrights 2017-05-26 20:17:17 -04:00
Justin Richer c11e47a75b fixed unit test for new default redirect behavior 2017-05-11 11:27:41 -04:00
Justin Richer 2f31ceddf8 set redirect URI matching to strict by default 2017-05-10 17:39:59 -04:00
Justin Richer 7b06d91700 [maven-release-plugin] prepare for next development iteration 2017-05-09 14:29:53 -04:00
Justin Richer 8301f35e17 [maven-release-plugin] prepare release mitreid-connect-1.3.1 2017-05-09 14:29:49 -04:00
Justin Richer 713e872b8a fixed discovery endpoint, closes #1230 2017-04-29 15:01:15 -04:00
Justin Richer 9baacc0eaf Completed end session endpoint 
Addresses #1129, addresses #972, addresses #891, addresses #1223
 2017-04-29 14:58:37 -04:00