github
/
OpenID-Connect-Java-Spring-Server
mirror of https://github.com/mitreid-connect/OpenID-Connect-Java-Spring-Server
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
1,510 Commits
17 Branches
69 Tags
78 MiB
Commit Graph

506 Commits (61f0db20f635ecb7fcd898d20c87988cfd493b41)

Author SHA1 Message Date
Justin Richer 190caee9a1 refactored userinfo serializer 2013-11-18 09:49:23 -05:00
Justin Richer 2a34994383 cleanup view 2013-09-26 17:07:38 -04:00
Justin Richer 7a4366c083 collapsed two serialization functions into one 2013-09-26 16:15:30 -04:00
Amanda Anganes 65a7e1d724 Added UserInfo.toJson method; added ScopeClaimTranslationService; rewrote UserInfoSerializer to use both 2013-09-26 12:03:39 -04:00
Amanda Anganes cb449c25b1 Made a UserInfoSerializer class, attempted to switch UserInfoInterceptor over to use it, but it requires a bad hack. I might be missing something. 2013-09-26 12:03:39 -04:00
Justin Richer bf3e0033fe initial refactor of userinfoview for new model components 2013-09-19 12:36:22 -04:00
Justin Richer 9debf1486d pass authorized and requested claims as strings to view 2013-09-19 12:36:22 -04:00
Justin Richer b396610f35 refactor processing of request object 2013-09-19 12:36:22 -04:00
Amanda Anganes 47d304851d Created token service for OIDC special tokens; removed creation of id tokens and registration_access_tokens to the new service. 2013-09-17 16:56:46 -04:00
Amanda Anganes 66e837f650 Move extension parameters into OAuth2Request.extensions map; remove all calls to OAuth2Request.getRequestParameters. 2013-09-17 10:54:19 -04:00
Justin Richer e1ed53a229 added missing parts to discovery 2013-09-16 17:27:04 -04:00
Justin Richer 6605877a1b added encryption/decryption to cached JWK-URI service 2013-09-16 17:27:04 -04:00
Justin Richer 9f13dc8f77 wrap errors in saving the client in an HTTP 400 (instead of HTTP 500) error 2013-09-13 14:22:42 -04:00
Justin Richer 9b72c6b1f3 check sector identifier URI's contents and match against redirect URIs, addresses #504 2013-09-13 14:22:24 -04:00
Justin Richer 1aa5fe25c6 re-decrypt request object at userinfo endpoint (this shouldn't need to happen) 2013-09-12 17:05:34 -04:00
Justin Richer 09cd752c86 added basic support for encrypted request objects, addresses #475 2013-09-12 17:05:12 -04:00
Justin Richer d09b3b50d6 call encode() instead of new() on Base64URL utility 2013-09-12 15:19:14 -04:00
Justin Richer 35bd9c8eda throw appropriate errors from request factory 2013-09-12 14:48:54 -04:00
Justin Richer e67a41c556 added transient passthroughs to JOSE algorithms for client 2013-09-12 14:08:37 -04:00
Justin Richer c9aa42dbef better processing for signed request objects 2013-09-12 13:56:10 -04:00
Justin Richer f9ca15139d added phone-number verified, addresses #505 
affects #455
 2013-09-12 10:19:14 -04:00
Justin Richer 0281cf02fe calculate pairwise based on redirect uri rather than client id 2013-09-11 14:37:17 -04:00
Justin Richer 77c0473438 fixed comparison order to be null safe 
cleaned up type check
 2013-09-11 11:59:34 -04:00
Justin Richer dbdc2e777d added pairwise identifier service and repository 2013-09-10 17:15:58 -04:00
Justin Richer bdf62eaa36 need to check the sector identifier at some point 2013-09-10 16:35:51 -04:00
Justin Richer 914f2e4d93 added new call to get the UserInfo in context with the requesting client to allow for pairwise identifiers. 
temporary implementation of pairwise identifiers in place
 2013-09-10 16:01:17 -04:00
Justin Richer 149fb1bac1 services shouldn't be transactional 2013-09-10 15:26:09 -04:00
Justin Richer 29d1c7d54a userinfo endpoint now uses OAuth2Authentication exclusively 
(which is all it was really doing before)
 2013-09-10 14:16:34 -04:00
Justin Richer ac42c00062 id token now uses userinfo's sub 2013-09-10 13:50:49 -04:00
Justin Richer b9da10d176 look up by username instead of subject 2013-09-10 11:39:00 -04:00
Justin Richer 9ea82aacf0 clean up unused getter/setter 2013-09-10 11:38:42 -04:00
Justin Richer 469e722f72 defer to system scope matcher in approval handler 2013-09-06 16:07:25 -04:00
Justin Richer 99ad9b883e added validator that knows how to deal with structured scopes 2013-09-06 16:07:25 -04:00
Justin Richer 59187d47e4 use new unified parsing for approval page 2013-09-06 16:07:25 -04:00
Justin Richer 85533d50cf scope comparison for TofuUserApprovalHandler 2013-09-06 16:07:25 -04:00
Justin Richer 1c4c53f252 scope comparison for introspection endpoint 2013-09-06 16:07:24 -04:00
Justin Richer 6152a943d8 serialize structured scopes properly (with tests) 2013-09-06 16:07:24 -04:00
Justin Richer 72f0ab631d added transient structured value to system scope, added scope matcher function to scope service 2013-09-06 16:07:24 -04:00
Josh Mandel b416888b07 Structured Scopes from BB+ 2013-09-06 16:07:24 -04:00
Justin Richer 127507246e if the client doesn't ask for any system scopes, but asks for some non-system scopes, they'll now get the defaults instead of none 
addresses #498
 2013-09-06 13:30:22 -04:00
Justin Richer 64bbb73d1b cleaned up CORS filter implementation 2013-09-03 16:01:19 -04:00
Justin Richer 6ff4ae1458 added CORS filter 2013-09-03 15:17:18 -04:00
William Kim 2108311d65 Revert "refactored code to use the more generic JWT declaration." 
This reverts commit e0b56bc72a.
 2013-08-26 15:33:08 -04:00
William Kim e0b56bc72a refactored code to use the more generic JWT declaration. 2013-08-26 11:32:46 -04:00
Justin Richer ca777f7dc4 proper null check for client's preferred signature method 2013-08-20 16:45:45 -04:00
William Kim 07bec462cc added comment about why we can't use set intersection method. 2013-08-20 14:09:14 -04:00
William Kim b89436d7b9 UserInfoView returning intersection of claims request parameter and request object claims in effect now. 2013-08-20 08:55:56 -04:00
Amanda Anganes 941e9544e2 Compare client_ids instead of Client objects 2013-08-19 16:55:56 -04:00
Amanda Anganes 3eae6f2789 Changed client algorithm check to look for null instead of JWSAlgorithm.NONE, which is a valid value. 2013-08-19 16:55:29 -04:00
Amanda Anganes 0059c7b4cc Use clients preferred algorithm, if any, to sign 2013-08-19 16:33:18 -04:00