Commit Graph

486 Commits (522edda074b6fcd32759c63a9ae3f27019e56617)

Author SHA1 Message Date
William Kim 78559b625a Revert "removed the plain verifer. validating a no-signature is simply handled as a special case in validateSignature(). Also, doing some type safety checks."
11 years ago
William Kim 15ec027505 Revert "junit test added for signing service."
11 years ago
William Kim 9f89f84da1 junit test added for signing service.
11 years ago
William Kim c957d59f7c removed the plain verifer. validating a no-signature is simply handled as a special case in validateSignature(). Also, doing some type safety checks.
11 years ago
William Kim 02078ebccb implemented alg:none at the signing service.
11 years ago
William Kim d763a954da placeholder
11 years ago
William Kim e0b56bc72a refactored code to use the more generic JWT declaration.
11 years ago
William Kim 30d7aaa66a PlainSigner and PlainVerifier created for alg:none JWS support.
11 years ago
Justin Richer da915d8b35 explicitly try to initialize the JWK set if it's null by the time the getter is called
11 years ago
Amanda Anganes 0059c7b4cc Use clients preferred algorithm, if any, to sign
11 years ago
Justin Richer a80c19384f added 'use server default' to JOSE options, addresses #462
11 years ago
Justin Richer ba0c3c5d78 id tokens always expire, addresses #416
11 years ago
Justin Richer 21068f57e6 cached jwk services expire after an hour
11 years ago
William Kim 6e2baa3ec4 updated comments for jwe service.
11 years ago
William Kim e1b072c991 Updated nimbusds library version to 2.17.2 and made relevant changes in enc./dec. service and test
11 years ago
William Kim 372675fd2a changed encrypt/decrypt parameter to use JWEObject instead of EncryptedJWT
11 years ago
William Kim f0b77f8614 RSA encryption service tested.
11 years ago
William Kim 3a1c551ff7 implemented symmetric key encryption.
11 years ago
William Kim dfbefe0780 encrypt/decrypt implemented. initial commit for unit testing of jwe service.
11 years ago
William Kim ae6721dd10 jwe service accessor methods and private initializing method done.
11 years ago
William Kim 887338b2d9 jwe service init commit.
11 years ago
Amanda Anganes be97aedbc7 Used Predicates to filter expired tokens and approved sites;
11 years ago
Amanda Anganes b3bb43881d Moved getExpired to service layers
11 years ago
Amanda Anganes eea37cf79c Fixed token expiration bug by removing jsql queries. Instead expired tokens or approved sites are filtered at the repository level
11 years ago
Amanda Anganes 2f711c88a7 Removed nonce service
11 years ago
Amanda Anganes d4fbb4f599 Removed Event class
11 years ago
Justin Richer beaeaa4ccc I can spell "consortium", I promise
11 years ago
Justin Richer b2b6fd6448 further cleanup
11 years ago
Justin Richer 856c0ea0b5 Merge commit '023dd440d4a0e6e59a14c88013837d79a77c74e0' into 1.1-merge
11 years ago
Justin Richer 023dd440d4 [maven-release-plugin] prepare for next development iteration
11 years ago
Justin Richer 5e8f93cf15 [maven-release-plugin] prepare release mitreid-connect-1.0.6
11 years ago
Justin Richer e658ffd7fc format/cleanup and copyright
11 years ago
Amanda Anganes 906db0ac86 Opened token api access to all users; restricted to only show currently-logged-in-users tokens
11 years ago
Justin Richer fb448a246a converted test data to map, use new serializer
12 years ago
Justin Richer 8edd6da136 added serializer for non-heirarchical URIs
12 years ago
Justin Richer 5893d8f8f8 fixed up parsing regular expression
12 years ago
William Kim f565688e59 changed name issuer->normalized. the result of normalization is not necessarily the issuer.
12 years ago
William Kim d80aaced9a reorganized test data and test methods.
12 years ago
William Kim 809a243b64 tests for webfinger url normalization.
12 years ago
William Kim eaa7298ef1 init commit for Webfinger normilizer utility class.
12 years ago
Justin Richer 20871852c0 updated dependencies for secoauth 1.1
12 years ago
Amanda Anganes b397f0ae15 First go at adding token API; needs to be tested
12 years ago
Amanda Anganes 88db457fc4 Removed .springBeans from tracking; removed initializingbean in favor of @PostConstruct
12 years ago
Justin Richer a4a18fd54c externalized introspection URL from client's introspecting token service, addresses #435
12 years ago
William Kim aad432c5d7 replaced stracktrace-printing with logger messages. removed some unused imports.
12 years ago
Amanda Anganes 15aea61fbe Applied code cleanup
12 years ago
William Kim e00d696c60 deleted auto-generated TODO.
12 years ago
William Kim e9c246808f only our entity version may be stored in our storage layer. removed TODO.
12 years ago
Justin Richer 0d8c2442d2 [maven-release-plugin] prepare for next development iteration
12 years ago
Justin Richer 9bf5f70957 [maven-release-plugin] prepare release mitreid-connect-1.0.5
12 years ago
William Kim 77be0d0ea8 implemented getExpiresIn() for oauth access token entities.
12 years ago
Amanda Anganes 2d3f43e3b8 Added task scheduling for deleting expired tokens and approved sites. Configuration is all done in application-context.xml so that it is easy to configure
12 years ago
Justin Richer 936f581a0b [maven-release-plugin] prepare for next development iteration
12 years ago
Justin Richer 27edec1a56 [maven-release-plugin] prepare release mitreid-connect-1.0.4
12 years ago
William Kim a668fb964d changed String comparison implementation for better readability
12 years ago
William Kim ab4d1da9d4 added logger warning if issuer url does not use http scheme.
12 years ago
William Kim b438e87f98 passed wire testing and updated unit tests.
12 years ago
William Kim e74444e3d1 addresses issue #366
12 years ago
Amanda Anganes 530c3a75ee Applyed refactoring
12 years ago
William Kim f0f2fbea40 updated secoauth library version in poms
12 years ago
Justin Richer 2b3376e0ed [maven-release-plugin] prepare for next development iteration
12 years ago
Justin Richer 7fe4bc3b56 [maven-release-plugin] prepare release mitreid-connect-1.0.3
12 years ago
William Kim d6109fd1ae explicitly mapped missing JPA columns in common->openid.connect.model #317
12 years ago
William Kim 46641a2fa1 explicitly mapped missing JPA columns in common-oauth2.model #317
12 years ago
Justin Richer c577b691c7 moved OIDC auth token and userinfo interception filter to common package, addresses #353
12 years ago
Justin Richer 6ed7477bc0 added stats to admin UI page, restyled scopes and dynamically registered flags
12 years ago
Justin Richer 567a3314d6 [maven-release-plugin] prepare for next development iteration
12 years ago
Justin Richer 1286726188 [maven-release-plugin] prepare release mitreid-connect-1.0.2
12 years ago
Justin Richer de77f2c75a commentary!
12 years ago
Justin Richer d0eb98b8ff tests for embedded JOSE objects
12 years ago
Justin Richer 8ee299aab3 added tests for ClientDetailsEntity and RegisteredClient data objects
12 years ago
Justin Richer c760ebf4a4 changed expires_at -> client_secret_expires_at, issued_at -> client_id_issued_at
12 years ago
Justin Richer 317526b1ad unit tests for basic data classes
12 years ago
Justin Richer cc1da67639 fixed expires_at property, hid helper functions
12 years ago
Amanda Anganes 3c5025c52b Updated version number for secoauth
12 years ago
Justin Richer 25d75a1b30 [maven-release-plugin] prepare for next development iteration
12 years ago
Justin Richer 5418bdef5a [maven-release-plugin] prepare release mitreid-connect-1.0.1
12 years ago
Justin Richer 81cd13f6d3 added RegisteredClient class to facilitate client configuration and dynamic registration, addresses #335
12 years ago
Justin Richer defa5b8fbc [maven-release-plugin] prepare for next development iteration
12 years ago
Justin Richer dbdc99361e [maven-release-plugin] prepare release mitreid-connect-1.0.0
12 years ago
Justin Richer 1e870703f8 added licence/copyright header
12 years ago
Justin Richer 8afab04544 whitespace, import, brace, annotation, and format cleanups
12 years ago
Justin Richer b8c385e5c9 pom file cleanups
12 years ago
Justin Richer 9b03801f9d [maven-release-plugin] prepare for next development iteration
12 years ago
Justin Richer d76304b9a6 [maven-release-plugin] prepare release mitreid-connect-0.9.3
12 years ago
Amanda Anganes c80b1081cc Cleaning up approvedsite => token linkage
12 years ago
Amanda Anganes 939a801048 Redid approved site -> token mapping so it is unidirectional from ApprovedSite side. Fixed some error logging, added a new view for ApprovedSite which will only show the IDs of the tokens in the approvedTokens list
12 years ago
Amanda Anganes a79aca906e Fixed error logging; added ApprovedSite tracking to tokens
12 years ago
Justin Richer 94aa279290 [maven-release-plugin] prepare for next development iteration
12 years ago
Justin Richer cc92743888 [maven-release-plugin] prepare release mitreid-connect-0.9.2
12 years ago
Justin Richer 7307b4b19d added tostring to system scope to help with debugging
12 years ago
Justin Richer fb859fc39a added client dynamic registration service, extracted clientdetails<->json processing into its own static class
12 years ago
Justin Richer cf39b49657 added registration uri to server config, changed index of client config service to be server config not just issuer
12 years ago
Justin Richer f76f44b999 added dynamic discovery to client
12 years ago
Justin Richer 33af3b1ad6 updated discovery endpoint to latest spec, removed surplus specialized view
12 years ago
Justin Richer ac2993c402 [maven-release-plugin] prepare for next development iteration
12 years ago
Justin Richer f0d75f9144 [maven-release-plugin] prepare release mitreid-connect-0.9.1
12 years ago
Stephen Moore 23c318f6c2 Updating guava to 14.0.1
12 years ago
Justin Richer 86a42ce294 fixed typo for older versions of java/maven
12 years ago
Justin Richer 5f54777109 [maven-release-plugin] prepare for next development iteration
12 years ago
Justin Richer 620a60ddc2 [maven-release-plugin] prepare release mitreid-connect-0.9.0
12 years ago
Justin Richer 54f1ae972b Added properties and updated poms for sync to central
12 years ago
Justin Richer f101dcc512 moved to released version of SECOAUTH
12 years ago
Amanda Anganes 72e2c7cb6c Updated build references
12 years ago
Justin Richer 4538d8fb14 made signing and verification service construction safe for public-only keys
12 years ago
Justin Richer 6cc50e7cd5 switched signing & validation service to use JWK natively for keys
12 years ago
Justin Richer 5a04198eac moved to JPSK based key store
12 years ago
Justin Richer e2ad4d2e8f cleaned up spurious nosuchalgorithm exceptions, addresses #285
12 years ago
Justin Richer 5f7c46aecd updated to nimbus 2.13
12 years ago
Amanda Anganes fcc95f8a0a Moved nonce processing stuff into nonce service and out of ConnectAuthorizationRequestManager
12 years ago
Justin Richer 08eaaa0a12 updated repository to use proper concrete class
12 years ago
Justin Richer 8fccbf3483 added Id field to DefaultUserInfo object, switched "userId" terminology to "subject"
12 years ago
Justin Richer b8d2adcf31 added fixme note to hardcoded JWS algorithm, cleaned up x509 view
12 years ago
Justin Richer f44c704472 major refactor of client filter
12 years ago
Justin Richer 6320fce9fd url -> uri in approval page
12 years ago
Justin Richer ad3a22e5d4 changed client defaults for JOSE bits
12 years ago
Justin Richer 87c8672948 nullsafe check for refresh
12 years ago
Justin Richer 217916603f cleaned out broken unit tests -- now we can start fresh
12 years ago
Justin Richer 70b2342864 fixed split client views, fixed typos in various places
12 years ago
Justin Richer 51a7ccc397 entity -> embed
12 years ago
Justin Richer 0d25d4cb17 null-preserving static parsers instead of constructors
12 years ago
Justin Richer 26f03ec070 timestamp for creation date
12 years ago
Justin Richer fc978ac994 made require_auth_time nullable again
12 years ago
Justin Richer bbde2d3b90 todo
12 years ago
Justin Richer db24c203ec added parser to client registration endpoint
12 years ago
Justin Richer 5c044b9eff added extra client fields to DB model, moved services to use new client model object
12 years ago
Justin Richer 3f8d7d70e5 updated client model to match OAuth Dyn Reg and OIDC Reg
12 years ago
Justin Richer 5b9422ffdf cleaned up old unit tests
12 years ago
Justin Richer d7c857b09f switched jwk view to use nimubs
12 years ago
Justin Richer 6c1e6b2d74 refactored signing and validation, added jwk-based cache, removed keyfetcher, refactored client side class structure
12 years ago
Justin Richer 385853fa1f refactored signing and validation, added jwk-based cache, removed keyfetcher, refactored client side class structure
12 years ago
Justin Richer 0712d8c340 updated spring version
12 years ago
Amanda Anganes 60b679e942 First steps towards adding display variables to config bean
12 years ago
Justin Richer a184b79b06 store tokens with .serialize() not .toString()
12 years ago
Justin Richer 970e3f2f79 not entities after all
12 years ago
Justin Richer 3d9ec51eb3 converted client filters to nimbus-jose
12 years ago
Justin Richer 8d8010d90f missed a little bit there
12 years ago
Justin Richer 87fc92f97d extra constructors for algorithm wrappers
12 years ago
Justin Richer e5732da857 added system default signing algorithm, converted token provider and enhancer to use nimbus-jose
12 years ago
Justin Richer 10ab55a7e2 moved jwk/x509 publishing over to nimbus-jose (mostly)
12 years ago
Justin Richer fca30cd13f added provisions to bootstrap signing and validation service from config files
12 years ago
Justin Richer 520f55f960 reinstated signing and validation service
12 years ago
Justin Richer 46a3e70377 removed idtoken class, removed all jwe/jwt tests
12 years ago
Justin Richer d00b351f32 moved token classes to use Nimbus-JOSE
12 years ago
Justin Richer 1f50945831 added wrapper classes for JWE/JWS algorithms, switched client entity model to use and store them.
12 years ago
Justin Richer 6dc9020a31 deleted local JOSE implementation classes
12 years ago
Justin Richer d0fdf8140e sorting on approval page
12 years ago
Justin Richer eb4773ce46 beginning dynamic scopes on auth page
12 years ago
Justin Richer c2b9fd4db1 system scope ordering consistency
12 years ago
Justin Richer cab36a2b80 added appropriate filterered and transformative actions to scope service
12 years ago
Justin Richer ab35186696 added scope service, repository, and API
12 years ago
Justin Richer 19e7b62a42 removed persistence.xml and moved to pure spring-based config, addresses #194
12 years ago
Justin Richer a3619240e6 added site scope
12 years ago
Justin Richer f0ee36dad2 auth_type -> auth_method (addresses #258)
12 years ago
Justin Richer e4284353e8 added azp, addresses #247
12 years ago
Justin Richer da43ba4d55 audience field is now plural
12 years ago
Justin Richer 27a26e0a35 (user_id/prn) -> sub
12 years ago
Justin Richer 0ab4ad4bbe added "birthdate", addresses #253
12 years ago
Justin Richer a6806255b8 use sign-magnatude not twos-complement in key parsing
12 years ago
Justin Richer e8095bab26 principal and audience are different (I thought I fixed this??)
12 years ago
Justin Richer c946a84b09 adapted keyfetcher to be more general
12 years ago
Amanda Anganes a4637ec395 Fleshed out nonce service classes, added code to token service impl to check for and store nonces. Added JodaTime library for working with dates.
12 years ago
Amanda Anganes c7ae315e98 Added initial files for nonce service. Repository and service impls are stubs
12 years ago
Justin Richer 18ddd8333f added flag to allow introspection, relaxed same-client restrictions on introspection and chained tokens
12 years ago
Justin Richer 51b67ebc03 added queries to get access token from id token
12 years ago
Justin Richer b49c6571e8 fixed empty constructor of id token, fixed bug in copy constructor of claimset
12 years ago
Justin Richer 6344a72519 missed a few applicationName references, fixed API JSON rendering
12 years ago
Justin Richer 33ceedb283 added scope and grant_type, switched to timeunit
12 years ago
Justin Richer e2bc15c2b2 beginning of client registration refactor to track IETF dynreg spec
12 years ago
Justin Richer 0659432561 removed builder
12 years ago
Justin Richer 7586c6d661 added "NONE" type auth
12 years ago
Justin Richer 4bd289c18c shadowed null id token from serializer
12 years ago
Justin Richer f072aba3f5 moved client details service, fixed authorities mapper
12 years ago
Justin Richer 7342da6a51 completed making id tokens into access tokens
12 years ago
Justin Richer b8f701d9d8 switched id tokens to entities, they're now access tokens also
12 years ago
Justin Richer 4698552c2d made email_verified nullable, addresses #237
12 years ago
Justin Richer 413c477879 utility method for approved sites to check expiration
12 years ago
Justin Richer 45ca4e565e updated to SECOAUTH-1.0.1-BUILD-SNAPSHOT
12 years ago
Amanda Anganes f50726ab31 Issue 209 - typo
12 years ago
Justin Richer 9c08944a02 Changed arity on approved sites (now can have many per user/site combo)
12 years ago
Justin Richer e9d1ed270d service layer cleanups
12 years ago
Justin Richer 757e21a722 added blacklist API
12 years ago
Amanda Anganes 2a0602863e Conveted Booleans to booleans
12 years ago
Amanda Anganes 51073a7f8d Refactor part 3
12 years ago
Amanda Anganes dd2abd94d1 Refactoring part 2
12 years ago
Amanda Anganes c40efda6b5 Refactor part 1
12 years ago
Justin Richer 920b2a59ba Fixed error logging
12 years ago
Justin Richer 2d24435365 Created custom resolver, handler mapper
12 years ago
Justin Richer be1046f9b6 bean-based configuration
12 years ago
Justin Richer 7eb0a6f3d2 Moved JWK to commons
12 years ago
Justin Richer 42389286e4 removed non-RSA algorithms from JWE encrypter/decrypter functions
12 years ago
Justin Richer 558a6286e2 switched to Guava for parsing ints into bytes, addresses #154
12 years ago
Justin Richer 2b62042696 unshadowed Jwe header, unshadowed IdTokenClaims, added smart copy constructor to ClaimSet
12 years ago
Justin Richer 11b35267b4 Refactored stats processor into a service, made home page into a smart page.
12 years ago
Justin Richer d041ddb0e1 Added approvedSite API and support structure
12 years ago
Justin Richer 8ae1b376fe updated whitelist service and repository
12 years ago
Justin Richer 140de779fd converted userid type to enum
12 years ago
Justin Richer 1c34f83297 Fixed JWS algorithm parsing
12 years ago
Justin Richer 29ac1a3a70 reverse lookup for clientdetails utiltiy classes
12 years ago
Justin Richer 21ff134383 JWS coment/format cleanup
12 years ago