1d2f968bd1
configuration cleanup, closes #568
2014-04-18 22:11:58 -04:00
318a28ddf8
added stats mock to unit tests
2014-04-16 22:05:03 -04:00
521017c5c2
updated stats service to have a resettable cache triggered by other service events
2014-04-16 21:39:37 -04:00
7f310400b1
simple cache for stats
2014-04-16 21:18:12 -04:00
39509bfdc4
Performance improvement of token cleanup:
...
an alternative token cleanup mechanism designed to maintain a very compact memory footprint while performing cleanup in consecutive runs of the cleanup thread. This serves to address OutOfMemoryException issues of the original token cleanup mechanism when process is under load. Also, added cleanup of the authentication_holder table.
2014-04-10 23:38:37 -04:00
265624b285
a fix for a NullPointerException whenever a client requests a client scope to be granted.
2014-04-10 22:41:20 -04:00
97cd00e06c
[maven-release-plugin] prepare for next development iteration
2014-03-19 21:40:21 -04:00
23c7cf6996
[maven-release-plugin] prepare release mitreid-connect-1.1.3
2014-03-19 21:40:18 -04:00
ad5ffb64e8
[maven-release-plugin] prepare for next development iteration
2014-03-08 11:17:40 +00:00
1635cf957d
[maven-release-plugin] prepare release mitreid-connect-1.1.2
2014-03-08 11:17:35 +00:00
53cc7ef447
Fixed audience claim on client auth assertion
2014-03-06 19:45:05 +00:00
1fcef858c6
updated server discovery document to reflect new capabilities
2014-03-06 16:48:27 +00:00
b67121f0cd
added client_secret_jwt auth method support, closes #174
2014-03-04 23:45:36 +00:00
15b017992c
added DELETE to token api because revocation endpoint doesn't work for this kind of management, closes #191
2014-03-01 11:05:46 +00:00
89f015cf1c
Updated Token API to be less leaky
2014-02-28 21:14:27 +00:00
dd391ebf3c
Display contacts, popup for image, cleanup of more info
2014-02-16 21:58:16 -05:00
dab52ca8a0
enhancements to approval page
2014-02-16 18:25:05 -05:00
ec6a78c1ba
made prompt pluralizable to comply with spec, closes #519
2014-02-16 01:41:08 -05:00
9395c3802d
[maven-release-plugin] prepare for next development iteration
2014-02-10 15:28:14 -05:00
4f8311962a
[maven-release-plugin] prepare release mitreid-connect-1.1.1
2014-02-10 15:28:11 -05:00
19dbe92d4e
initial support for displaying claim values for requested scopes
2014-01-20 20:56:04 -05:00
3b52ce8201
happy new year!
2014-01-20 12:38:42 -05:00
ebbc7209aa
automated code formatting and cleanup
2013-12-03 14:19:34 -05:00
e1e7f7a579
[maven-release-plugin] prepare for next development iteration
2013-12-02 12:18:11 -05:00
42fe973f7b
[maven-release-plugin] prepare release mitreid-connect-1.1.0
2013-12-02 12:18:08 -05:00
4a8d693746
fixed prompt filter map mismatch (I hate type erasure)
2013-12-02 11:55:09 -05:00
ce1f3f2f94
updated mockito, fixed some unit tests
2013-11-27 12:37:05 -05:00
d330bd1c9b
cleanup, added revocation uri to server config
2013-11-27 12:23:04 -05:00
ed06b14406
publish revocation endpoint, addresses #520
2013-11-27 12:13:42 -05:00
b7011f508e
urlencode client IDs in client registration URIs, addresses #422
2013-11-27 12:12:10 -05:00
8c1bfb7e0c
set current user's email address to owner when using admin UI
2013-11-27 12:11:36 -05:00
6c4d2a8e8d
vestigial comment cleanup
2013-11-27 12:06:53 -05:00
db5532e9bf
comment cleanup
2013-11-27 11:34:41 -05:00
39fb96a802
pull request from extensions map
2013-11-27 11:20:38 -05:00
86e0f0c7ee
cleaned up old comments
2013-11-27 11:20:01 -05:00
a24eadeb11
cleaned up responseType calls, addresses #451
2013-11-27 11:03:15 -05:00
df511a81cc
override from #465 no longer needed
2013-11-27 10:53:16 -05:00
d3dbb00e77
ensure clients and tokens don't get special system scopes, addresses #320
2013-11-27 10:35:56 -05:00
ef01de168d
Moved special token scopes to scope service interface
2013-11-27 10:21:52 -05:00
4f986d6a38
clean up some auto generated functions
2013-11-27 09:57:56 -05:00
f56135810c
Fixed request object precedence order
2013-11-27 09:52:26 -05:00
447df56947
removed unused nonce exception
2013-11-27 09:10:35 -05:00
27f391ef01
Fixed compilation errors for SECOAUTH milestone updates
2013-11-25 09:31:50 -05:00
190caee9a1
refactored userinfo serializer
2013-11-18 09:49:23 -05:00
46be502ed1
Enforces minimum Java version 1.6 on the openid-connect-server project.
2013-10-22 18:08:02 -07:00
2a34994383
cleanup view
2013-09-26 17:07:38 -04:00
7a4366c083
collapsed two serialization functions into one
2013-09-26 16:15:30 -04:00
65a7e1d724
Added UserInfo.toJson method; added ScopeClaimTranslationService; rewrote UserInfoSerializer to use both
2013-09-26 12:03:39 -04:00
cb449c25b1
Made a UserInfoSerializer class, attempted to switch UserInfoInterceptor over to use it, but it requires a bad hack. I might be missing something.
2013-09-26 12:03:39 -04:00
73863302e9
added spring-tx dependency to server
2013-09-24 14:08:53 -04:00
8a5a16f374
refactored project into four modules:
...
Common
Client
Server Library
Server Webapp
addresses #367
2013-09-23 17:19:09 -04:00
bf3e0033fe
initial refactor of userinfoview for new model components
2013-09-19 12:36:22 -04:00
9debf1486d
pass authorized and requested claims as strings to view
2013-09-19 12:36:22 -04:00
b396610f35
refactor processing of request object
2013-09-19 12:36:22 -04:00
47d304851d
Created token service for OIDC special tokens; removed creation of id tokens and registration_access_tokens to the new service.
2013-09-17 16:56:46 -04:00
66e837f650
Move extension parameters into OAuth2Request.extensions map; remove all calls to OAuth2Request.getRequestParameters.
2013-09-17 10:54:19 -04:00
e1ed53a229
added missing parts to discovery
2013-09-16 17:27:04 -04:00
6605877a1b
added encryption/decryption to cached JWK-URI service
2013-09-16 17:27:04 -04:00
9f13dc8f77
wrap errors in saving the client in an HTTP 400 (instead of HTTP 500) error
2013-09-13 14:22:42 -04:00
9b72c6b1f3
check sector identifier URI's contents and match against redirect URIs, addresses #504
2013-09-13 14:22:24 -04:00
1aa5fe25c6
re-decrypt request object at userinfo endpoint (this shouldn't need to happen)
2013-09-12 17:05:34 -04:00
09cd752c86
added basic support for encrypted request objects, addresses #475
2013-09-12 17:05:12 -04:00
a52f86db49
removed NYI tags from request object algorithm fields
2013-09-12 16:46:22 -04:00
d09b3b50d6
call encode() instead of new() on Base64URL utility
2013-09-12 15:19:14 -04:00
35bd9c8eda
throw appropriate errors from request factory
2013-09-12 14:48:54 -04:00
e67a41c556
added transient passthroughs to JOSE algorithms for client
2013-09-12 14:08:37 -04:00
c9aa42dbef
better processing for signed request objects
2013-09-12 13:56:10 -04:00
f9ca15139d
added phone-number verified, addresses #505
...
affects #455
2013-09-12 10:19:14 -04:00
6cbed133b2
let user know that the client is using a pairwise identifier on approval
2013-09-11 17:39:55 -04:00
a9f639a718
moved subject type and sector identifier controls to the 'access' tab
2013-09-11 17:14:35 -04:00
6b66139ead
added unit test for uuid service
2013-09-11 15:28:00 -04:00
0281cf02fe
calculate pairwise based on redirect uri rather than client id
2013-09-11 14:37:17 -04:00
f6a8ac4529
added unit test for default userinfo service (with pairwise checks)
2013-09-11 11:59:40 -04:00
77c0473438
fixed comparison order to be null safe
...
cleaned up type check
2013-09-11 11:59:34 -04:00
dbdc2e777d
added pairwise identifier service and repository
2013-09-10 17:15:58 -04:00
bdf62eaa36
need to check the sector identifier at some point
2013-09-10 16:35:51 -04:00
914f2e4d93
added new call to get the UserInfo in context with the requesting client to allow for pairwise identifiers.
...
temporary implementation of pairwise identifiers in place
2013-09-10 16:01:17 -04:00
149fb1bac1
services shouldn't be transactional
2013-09-10 15:26:09 -04:00
29d1c7d54a
userinfo endpoint now uses OAuth2Authentication exclusively
...
(which is all it was really doing before)
2013-09-10 14:16:34 -04:00
ac42c00062
id token now uses userinfo's sub
2013-09-10 13:50:49 -04:00
f139541485
added randomized subs to demo users
2013-09-10 13:48:37 -04:00
b9da10d176
look up by username instead of subject
2013-09-10 11:39:00 -04:00
9ea82aacf0
clean up unused getter/setter
2013-09-10 11:38:42 -04:00
9720b60f05
allow loading of structured scopes from scopes.sql file (and temp tables)
2013-09-06 16:07:25 -04:00
5e676e0e59
fixed scope UI
2013-09-06 16:07:25 -04:00
2b663bb23c
UI for scope editing
2013-09-06 16:07:25 -04:00
469e722f72
defer to system scope matcher in approval handler
2013-09-06 16:07:25 -04:00
99ad9b883e
added validator that knows how to deal with structured scopes
2013-09-06 16:07:25 -04:00
59187d47e4
use new unified parsing for approval page
2013-09-06 16:07:25 -04:00
85533d50cf
scope comparison for TofuUserApprovalHandler
2013-09-06 16:07:25 -04:00
1c4c53f252
scope comparison for introspection endpoint
2013-09-06 16:07:24 -04:00
6152a943d8
serialize structured scopes properly (with tests)
2013-09-06 16:07:24 -04:00
72f0ab631d
added transient structured value to system scope, added scope matcher function to scope service
2013-09-06 16:07:24 -04:00
3fc34f15c8
added structured scope update to mysql (affects #455 )
2013-09-06 16:07:24 -04:00
b416888b07
Structured Scopes from BB+
2013-09-06 16:07:24 -04:00
127507246e
if the client doesn't ask for any system scopes, but asks for some non-system scopes, they'll now get the defaults instead of none
...
addresses #498
2013-09-06 13:30:22 -04:00
64bbb73d1b
cleaned up CORS filter implementation
2013-09-03 16:01:19 -04:00
6ff4ae1458
added CORS filter
2013-09-03 15:17:18 -04:00
81cb60ad7b
made introspection and revocation work with basic auth (and possible OAuth tokens, but that needs more work)
2013-09-03 15:17:16 -04:00
bdbff8d45c
tell spring to not stuff model into the redirects, partially addresses #492
2013-08-30 16:38:07 -04:00
Justin Richer