52d2298f99
begin modularization of data import/export API
2017-02-15 11:51:32 -05:00
db50a88fe5
Happy New Year 2017
2017-01-17 17:09:14 -05:00
b17a7f43ae
removed structured scopes
2017-01-17 17:06:04 -05:00
524794fe2e
Ignore timeout test as it's vulnerable to a race condition.
2017-01-17 15:36:57 -05:00
bdaf7cba23
Fixed race condition in test and added timeouts to prevent possibility of infinite loop.
2017-01-17 15:36:57 -05:00
46046b574a
Implemented paged operations and used for database cleanup tasks.
2017-01-17 15:36:57 -05:00
099211593c
Fix high load performance issue in token expiration task
2017-01-17 15:36:57 -05:00
91da3935f5
Made ID tokens ephemeral, made access token’s “additional information” extensible
2016-12-21 13:01:15 -05:00
91ed758ed1
removed “attributeName” from annotation as this breaks EclipseLink JPA
2016-12-09 16:58:43 -05:00
4f4c8de1c8
Fix JPA issues to allow using Hibernate
2016-12-09 15:15:50 -05:00
55b1b00b73
Updated relationship between approved sites and access tokens, closes #874
2016-12-09 12:55:42 -05:00
d875d52be7
updated data import/export services for 1.3
2016-12-08 17:01:55 -05:00
c3d0c18af5
make HttpClient configurable, closes #1071
2016-12-02 16:23:55 -05:00
f45a6ef56a
use the same encoding as on client side
...
see OIDCAuthenticationFilter line 336
2016-12-02 16:20:09 -05:00
6f5ca3fd2f
Fixed missing "final" modifier in constant
2016-12-02 14:31:25 -05:00
ec28327605
A new service for AuthenticationHolder management
...
- The logic to create and query AuthenticationHolder entities have been
moved to a service, and other services that depended on
AuthenticationHolderRepository now depend on
AuthenticationHolderEntityService
- An additionalInfo map collection has been added to
SavedUserAuthentication. This map can be used to store other
information related to user authentication (like authn type,
attributes etc.)
2016-09-03 07:26:46 +02:00
8c5f34a979
Merge remote-tracking branch 'upstream/master' into devel
2016-07-28 10:23:24 +02:00
5dcda2812e
added code challenge method to client model (properly this time)
2016-07-24 17:45:04 -04:00
2cc90ba5f2
created PKCE algorithm class
2016-07-24 17:06:29 -04:00
83d7627ed0
serialize phone_number and phone_number_verified, closes #1030
2016-07-24 16:49:46 -04:00
d1d05e506e
added software statement to dynamic registration self-service
2016-07-24 16:28:08 -04:00
42ccb8b39e
make software statement processing null-safe
2016-07-24 14:55:12 -04:00
8c021ad403
added assertion validator that validates assertions signed by the local server only
2016-07-22 14:04:33 -04:00
8e016a8d30
make the null assertion processor the default
2016-07-22 13:50:37 -04:00
a5a12b2f1f
added assertion validation engine
2016-07-22 13:47:20 -04:00
fa63993896
added software statement to client model, added processor to dynamic registration parser
2016-07-21 16:55:46 -04:00
ee537c404b
externalize locale and message resolver configuration
2016-07-14 18:29:38 -04:00
fa4722cdd8
shortTopbarTitle
2016-07-07 16:31:48 -04:00
641699cd99
Bumped to custom version 1.2.7.cnaf-SNAPSHOT.
...
Fix getAdditionalInformation() method.
2016-05-30 14:13:23 +02:00
fa4ed7ea06
"dual-client" mode is mutually exclusive with HEART mode, HEART mode takes precedence
2016-02-24 13:08:40 -05:00
84ff2f5fb9
disallow client secret authentication in HEART mode
2016-02-24 13:03:02 -05:00
fd452bf379
added heart-mode flag
2016-02-23 19:24:52 -05:00
f27df01ccc
encode empty arrays as nulls by default, leave old function as a backup
...
closes #1011
2016-01-29 16:42:40 -05:00
c386f0d7c1
added claims redirect URIs to dynamic registration model
2016-01-22 15:19:47 -05:00
3d14b0d128
rename zone_info claim to zoneinfo
2016-01-21 15:52:59 -05:00
7badfe1d17
Happy new year 2016!
2016-01-21 15:50:37 -05:00
d74ba2cd04
handled errors better in JWK Set cache
2015-12-21 15:51:53 -05:00
d1033b693f
added privacy-preserving client logo cache
2015-12-21 15:51:39 -05:00
7f464c496b
changed copyright to new consortium name
2015-12-16 14:51:12 -05:00
9ffe877766
added getId to address interface, closes #958
2015-11-25 16:06:17 -05:00
2496dc114c
allow language system to be loaded from multiple files. closes #817 closes #876
2015-11-24 20:33:55 -05:00
7b34a666d9
Make the dual client support configurable
2015-11-24 12:10:27 -05:00
dce80d488b
Clean up ScopeClaimTranslationService
...
`getFieldNameForClaim` method is never used.
2015-11-23 21:35:16 -05:00
5f24685f17
removed problematic (and not very useful) unit test, closes #742
2015-10-19 15:00:41 -04:00
f04face41e
updated to nimbus 4.3, check JCE policy and algorithm availability before running unit tests, closes #938
2015-10-19 14:47:56 -04:00
8cc89e4e85
made token fetching lazy-loaded
2015-10-13 17:04:36 -04:00
542afca459
cleans duplicate access tokens from DB before other cleanup happens
2015-10-13 15:33:23 -04:00
149e93e970
Disabled broken crypto tests, pending #938
2015-10-13 11:57:41 -04:00
ebb4f2c3d4
Upgraded to nimbus 4.2, closes #934
2015-10-13 04:40:01 -04:00
d280ca40a4
login hints now handled in a slightly smarter (and more pluggable) manner, closes #851
2015-10-12 20:04:02 -04:00
ca23521c3b
fixed entity relationship for address
2015-10-01 20:52:01 -04:00
e1af979995
don't load user info for anonymous authentications, closes #895
2015-10-01 19:12:50 -04:00
f43c94314c
Change Address model to be an interface. Will allow consuming projects
...
to override this funcitonality more easily.
2015-10-01 15:57:34 -04:00
719a714735
Addresses issue 910 by replacing update_time with update_at for JSON
...
objects.
2015-10-01 15:43:31 -04:00
489450b1c2
automated code format cleanup
2015-08-05 12:04:14 -04:00
edda0218e1
added missing copyright statement.
2015-08-05 09:58:41 -04:00
8a4fb5f839
cleaned up imports
2015-08-05 09:46:36 -04:00
0740443768
added claims redirect uri set to client model for UMA usage
2015-07-30 13:56:14 -04:00
064f36ef6c
clean up resource sets when clients are deleted
2015-07-09 18:07:19 -04:00
f6c20ad314
changed to using merge() in JPA instead of persist()
2015-07-09 18:06:25 -04:00
d1c069ad1e
clean up permissions and access tokens when a resource set is revoked
2015-07-09 16:40:07 -04:00
7345a03aaa
added UMA import, closes #811 even harder
2015-07-09 11:48:52 -04:00
bcd8a96b5d
UMA data export, closes #811
2015-07-08 21:27:15 -04:00
8c822c0f54
detached whitelist from approved sites, closes #781
2015-07-08 17:22:55 -04:00
e96eda0990
save dynamically registered clients to the server's database, closes #799
2015-07-08 14:35:20 -04:00
42b93be492
added uri-encoded client service, closes #857
2015-07-07 17:55:56 -04:00
aa96b1f1ed
made things a little null safer
...
closes #813 (really)
2015-07-03 20:16:37 -04:00
6703db234d
added equals/hashCode/toString on UMA model objects
2015-07-03 20:16:34 -04:00
a8a6e7bf31
downscope resulting token based on policy
2015-07-03 20:16:33 -04:00
af798705b4
made claim values any JSON type, closes #853
2015-07-03 20:16:33 -04:00
b0935086c2
made claims processor take in policy set and ticket directly
2015-07-03 20:16:33 -04:00
de9f69e461
introduced a claims processor result data shuttle
2015-07-03 20:16:33 -04:00
2cfaa1c1d7
renamed RequiredClaimSet to Policy
2015-07-03 20:16:32 -04:00
b8a5486995
made required claims sets stick in the database
2015-07-03 20:16:32 -04:00
cd47d32e2d
split required claim sets out as separate indirection structure, closes #813
2015-07-03 20:16:32 -04:00
2f4d9ce54b
clearing out refresh tokens is now configurable, closes #409
2015-06-25 12:07:38 -04:00
7df3597757
split client's auth token into pending and authorized classes
2015-06-24 16:00:40 -04:00
b4520c170e
ID Token carried through as parsed JWT instead of string, closes #832
2015-06-24 16:00:40 -04:00
f4a1b27e2e
better handling of HTTP and JSON errors on network fetches, added http-forcing behavior for webfinger client and sector URL service
2015-06-23 22:21:18 -04:00
286d433da6
save json object inside registered client if it's available, closes #800
2015-06-03 11:07:45 -04:00
9e74e40453
Use diamond syntax instead of explicit types
2015-06-03 10:24:48 -04:00
13f5e4f8a6
Collapse identical catch branches
2015-06-03 10:24:48 -04:00
d1e8529a7b
expose ID Token and UserInfo to the AuthoritiesProvider and AuthoritiesMapper, both extensible
...
closes #699
closes #761
2015-06-01 21:11:19 -04:00
f7b5228109
UserInfo carries original JSON object along if available
2015-06-01 20:10:07 -04:00
118237ab05
moved user info interceptor to pre-handle
2015-06-01 19:15:54 -04:00
8b81b36e22
property editor to allow JWK Set to be represented as a string in the XML configuration
2015-06-01 15:35:20 -04:00
e43600494a
minor automated code cleanup
2015-06-01 15:35:20 -04:00
642942b5cf
Generalized client key handling into a single cache service
2015-06-01 15:35:20 -04:00
032d41e5ed
added JWKs-by-value support to client data model and API, closes #826
2015-06-01 15:35:20 -04:00
30162f6baa
added direct JWK set to data model
2015-05-29 13:00:13 -04:00
8d3a8471aa
updated refresh token to use converter instead of dummy field
2015-05-29 12:58:00 -04:00
9662f3e8b3
switched access token to using converter instead of dummy field
2015-05-29 12:40:50 -04:00
caf85b990d
Revert "added option to send skip sending nonce if desired, closes #704 , closes #683,"
...
This reverts commit bbeaeb06e3
2015-05-28 16:44:26 -04:00
9ba1a78d09
removed binary objects from data API importers, removed binary object JSON utility entirely
2015-05-27 19:33:05 -04:00
cbf6316050
cleaned up logic on user info interceptor to fix detection of redirects
2015-05-27 12:06:58 -04:00
d5a08d4996
cleaned up vestigial service component, to be fixed (maybe) in #825
2015-05-26 22:00:21 -04:00
441b19f0c5
fixed data export to comply with new auth holder
2015-05-26 22:00:21 -04:00
84167396da
made saved user auth remember original class if it gets re-used
2015-05-26 22:00:20 -04:00
93a91c8f84
fixed oauth2request constructor
2015-05-26 22:00:20 -04:00
bedda2959d
set table on entity class, added null-safe copies to all collection fields
2015-05-26 22:00:20 -04:00
Justin Richer