14e85616e4
init commit. webfinger service test.
2013-07-24 21:29:19 -04:00
0e777917d3
Updated Third Party Issuer Service unit tests.
2013-07-24 21:29:19 -04:00
8c8aeeb892
hybrid server and client configuration services unit tests done.
2013-07-24 21:23:54 -04:00
6ece7f5efc
Static server and client configuration tests done.
2013-07-24 16:21:50 -04:00
20871852c0
updated dependencies for secoauth 1.1
2013-07-24 09:38:47 -04:00
96e3f66a81
Removed more references to InitializingBean
2013-07-18 11:18:48 -04:00
7b969f9776
removed TODO about empty JWK set at the client. issue #391 .
2013-07-17 15:36:45 -04:00
67fd5fa7e9
roles granted by introspection token services are now configurable (and extendable) via service, addresses #386
2013-07-16 17:00:40 -04:00
35d1e1b6d4
added whitelist/blacklist support to server & client services
2013-07-16 17:00:40 -04:00
a4a18fd54c
externalized introspection URL from client's introspecting token service, addresses #435
...
added service to parses token as JWT and pulls out issuer to find server
added introspection url to serverconfig object
added introspection parsing (and parse checks) to dynamic server config object
2013-07-16 17:00:40 -04:00
f483d41b88
getCustomClaim -> getClaim. Also, removed outdated TODOs.
2013-07-16 13:17:25 -04:00
15aea61fbe
Applied code cleanup
2013-07-12 16:58:41 -04:00
3e23967b46
Updated code to reflect SECOAUTH changes
2013-07-12 16:21:05 -04:00
0d8c2442d2
[maven-release-plugin] prepare for next development iteration
2013-07-12 10:09:41 -04:00
9bf5f70957
[maven-release-plugin] prepare release mitreid-connect-1.0.5
2013-07-12 10:09:38 -04:00
6e8ab7736e
added hybrid client and server services, addresses #387
2013-07-10 13:51:39 -04:00
a9da88fb79
brought introspection endpoint and introspection token services into compliance with draft, addresses #376
2013-07-10 12:50:57 -04:00
2d16b8d458
revised unit tests in TestSignedAuthRequestUrlBuilder.
2013-07-08 17:02:42 -04:00
3edd6c83b3
added unit test for parsing signed jwt auth requests.
2013-07-08 14:59:38 -04:00
22b89f50be
restored scheme choosing logic in webfinger service.
2013-07-03 15:36:09 -04:00
936f581a0b
[maven-release-plugin] prepare for next development iteration
2013-06-28 16:00:52 -04:00
27edec1a56
[maven-release-plugin] prepare release mitreid-connect-1.0.4
2013-06-28 16:00:46 -04:00
6d5e0a1092
added test for exception handling. removed unused imports.
2013-06-28 15:53:58 -04:00
19718438c9
TestSignedAuthRequestUrlBuilder done. Relies heavily on com.nimbusds library.
2013-06-28 15:53:58 -04:00
77bdfe344e
init commit TestSignedAuthRequestUrlBuilder.
2013-06-28 15:53:58 -04:00
ded9c21a47
moved back to custom regex to handle user input
2013-06-28 15:41:11 -04:00
77c5e7b94c
switched to using UriComponents instead of custom class, updated normalization and processing rules for webfinger discovery
...
addresses #363
2013-06-28 15:41:11 -04:00
8cf83f537a
fixed auth header
...
addresses #325
2013-06-28 15:41:11 -04:00
3b3715ff91
automatic save file creation
2013-06-28 15:41:11 -04:00
98d917f3b9
added extension mechanism for saving client information in between runs
2013-06-28 15:41:11 -04:00
70958376cb
added whitelist/blacklist to issuer services
2013-06-28 15:41:11 -04:00
3259ae916f
TestThirdPartyIssuerService done.
2013-06-25 16:31:45 -04:00
1d793c4687
TestPlainAuthRequestUrlBuilder done.
2013-06-25 16:31:45 -04:00
f36db3c798
init commit TestPlainAuthRequestUrlBuilder.
2013-06-25 16:31:45 -04:00
c212821267
Fixed ChainedTokenGranter setup
2013-06-24 10:14:10 -04:00
530c3a75ee
Applyed refactoring
2013-06-24 09:44:59 -04:00
f0f2fbea40
updated secoauth library version in poms
2013-06-21 14:23:58 -04:00
2b3376e0ed
[maven-release-plugin] prepare for next development iteration
2013-06-18 16:13:04 -04:00
7fe4bc3b56
[maven-release-plugin] prepare release mitreid-connect-1.0.3
2013-06-18 16:12:59 -04:00
c577b691c7
moved OIDC auth token and userinfo interception filter to common package, addresses #353
2013-06-12 14:45:03 -04:00
48e8f5edad
better specificity of principle object in client filter
2013-06-12 14:22:13 -04:00
e87c0329de
removed old erroneous test
2013-06-11 10:03:29 -04:00
567a3314d6
[maven-release-plugin] prepare for next development iteration
2013-06-06 16:05:59 -04:00
1286726188
[maven-release-plugin] prepare release mitreid-connect-1.0.2
2013-06-06 16:05:52 -04:00
78457b70fc
removed dependency on commons.lang
2013-05-29 16:27:46 -04:00
3c5025c52b
Updated version number for secoauth
2013-05-28 15:38:36 -04:00
25d75a1b30
[maven-release-plugin] prepare for next development iteration
2013-05-20 17:38:01 -04:00
5418bdef5a
[maven-release-plugin] prepare release mitreid-connect-1.0.1
2013-05-20 17:37:52 -04:00
81cd13f6d3
added RegisteredClient class to facilitate client configuration and dynamic registration, addresses #335
2013-05-20 17:19:28 -04:00
667746ddd2
redirect uri is now configurable via the client configuration object, addresses #326 , #330
2013-05-10 12:07:16 -07:00
cd99f27bf8
Changed references from ClientDetails to ClientDetailsEntity, pending new ClientConfiguration class utility class from #335 .
...
Addresses #331
2013-05-10 11:43:41 -07:00
cd711a8ac6
clean up code format
2013-05-10 11:38:34 -07:00
671ea4d816
Issue-331: Changing code to support basic authentication when it comes to accessing token endpoint.
2013-05-09 17:32:17 +01:00
1e24b31cc3
Propogating rename of AuthorizationRequest to OAuth2Request
2013-05-03 13:53:57 -04:00
defa5b8fbc
[maven-release-plugin] prepare for next development iteration
2013-05-02 15:01:59 -04:00
dbdc99361e
[maven-release-plugin] prepare release mitreid-connect-1.0.0
2013-05-02 15:01:53 -04:00
1e870703f8
added licence/copyright header
2013-05-02 11:45:20 -04:00
5910d29472
removed x509 publishing from client lib
2013-05-02 10:59:15 -04:00
8afab04544
whitespace, import, brace, annotation, and format cleanups
2013-05-02 10:47:15 -04:00
9b03801f9d
[maven-release-plugin] prepare for next development iteration
2013-04-26 13:21:36 -04:00
d76304b9a6
[maven-release-plugin] prepare release mitreid-connect-0.9.3
2013-04-26 13:21:31 -04:00
94aa279290
[maven-release-plugin] prepare for next development iteration
2013-04-19 16:17:53 -04:00
cc92743888
[maven-release-plugin] prepare release mitreid-connect-0.9.2
2013-04-19 16:17:45 -04:00
0e9273fd08
added authority for subject-issuer authorities and associated mapper, addresses #234
2013-04-19 15:39:43 -04:00
29aa0f2be6
continued updating userid->sub in auth token
2013-04-19 14:36:09 -04:00
df51ef5a48
updated to post JSON
2013-04-19 14:35:40 -04:00
184c03e2d4
added registration endpoint url to dynamic server config fetch
2013-04-19 14:27:47 -04:00
fb859fc39a
added client dynamic registration service, extracted clientdetails<->json processing into its own static class
2013-04-19 14:23:11 -04:00
0b0e52b7a3
extracted parsers and rest templates appropriately
2013-04-19 14:22:21 -04:00
cf39b49657
added registration uri to server config, changed index of client config service to be server config not just issuer
2013-04-19 14:21:53 -04:00
13f1a1741c
updated oidc auth token field from user_id -> sub (addresses #307 )
2013-04-19 13:37:38 -04:00
60525a52af
added null checks in client filter
2013-04-19 11:40:44 -04:00
57cefa595a
added redirect to login page when no identifier is given
2013-04-19 11:35:24 -04:00
814c70c9a2
regex-based webfinger parser (yuck)
2013-04-18 16:48:29 -04:00
70cac0c690
uri-based parsing of user inputs
2013-04-18 15:22:49 -04:00
e708f77eb3
Fixed up OIDC code so that it runs with new SECOAUTH changes; removed old AuthorizationRequestImpl class which is no longer needed
2013-04-17 09:52:09 -04:00
51dfd67d0c
started webfinger client
2013-04-16 17:32:06 -04:00
f76f44b999
added dynamic discovery to client
2013-04-16 15:01:08 -04:00
e665aec36f
dependency cleanup
2013-04-12 16:53:55 -04:00
ac2993c402
[maven-release-plugin] prepare for next development iteration
2013-04-10 16:12:04 -04:00
f0d75f9144
[maven-release-plugin] prepare release mitreid-connect-0.9.1
2013-04-10 16:11:38 -04:00
5f54777109
[maven-release-plugin] prepare for next development iteration
2013-04-03 10:01:58 -04:00
620a60ddc2
[maven-release-plugin] prepare release mitreid-connect-0.9.0
2013-04-03 10:01:52 -04:00
54f1ae972b
Added properties and updated poms for sync to central
2013-04-02 12:42:40 -04:00
f101dcc512
moved to released version of SECOAUTH
2013-04-01 11:59:40 -04:00
72e2c7cb6c
Updated build references
2013-04-01 10:59:25 -04:00
6cc50e7cd5
switched signing & validation service to use JWK natively for keys
2013-03-28 16:43:26 -04:00
e2ad4d2e8f
cleaned up spurious nosuchalgorithm exceptions, addresses #285
2013-03-28 15:06:30 -04:00
30c6271e72
cleaned up some more x509 references
2013-03-15 15:10:59 -04:00
ecf99f960a
added bean property check
2013-03-14 18:05:50 -04:00
b1c89783ff
added functionality for account chooser and third-party login support
2013-03-14 18:05:50 -04:00
2be305810f
added getters and setters
2013-03-14 18:05:50 -04:00
4dedec76ec
moved back to form variables for auth because rest template is dumb
2013-03-14 18:05:50 -04:00
ca40b2fd3e
added getters and setters
2013-03-14 18:05:50 -04:00
1251082c6d
implemented simple static configuration services
2013-03-14 18:05:50 -04:00
f44c704472
major refactor of client filter
...
Collapsed filter into single class
pulled server config and client config management into service classes
created service for issuer (will handle account chooser)
created auth request services (handle signed and unsigned requests)
2013-03-14 18:05:50 -04:00
999999a822
import cleanup
2013-03-01 17:44:44 -05:00
6c1e6b2d74
refactored signing and validation, added jwk-based cache, removed keyfetcher, refactored client side class structure
2013-03-01 17:44:44 -05:00
385853fa1f
refactored signing and validation, added jwk-based cache, removed keyfetcher, refactored client side class structure
2013-03-01 17:44:44 -05:00
5dd6cce790
made default scopes in client a bit more sensible
2013-03-01 17:42:48 -05:00
2a855a1952
pulled client key publication into its own class to help deal with bean processors
2013-03-01 17:42:48 -05:00
92f5f31dfc
use serialize instead of toString
2013-02-22 15:20:42 -05:00
da7c74affd
passthrough for default algorithm config
2013-02-22 14:38:33 -05:00
774f80dd58
helps when you actually add the verifier you created
2013-02-22 13:21:29 -05:00
9a98d241e8
updates to track Nimbus JOSE API changes to audience and date fields
2013-02-22 12:08:01 -05:00
3d9ec51eb3
converted client filters to nimbus-jose
2013-02-22 12:08:01 -05:00
1c14ce4c1a
note well
2013-02-03 22:04:54 -05:00
a6ca7cb31b
Merge pull request #263 from ssayer/introspection-fix
...
fixed typos and dumbness in introspection endpoint filter thingy
2013-02-01 09:04:23 -08:00
458486ac9c
fixed typos and dumbness in introspection endpoint filter thingy
2013-02-01 11:16:54 -05:00
67e8714671
Working on request object userinfo parsing
2013-01-29 13:07:41 -05:00
19e91e9272
fixed typo in form handling in introspecting filter
2013-01-25 14:04:33 -05:00
27a26e0a35
(user_id/prn) -> sub
2013-01-18 16:40:05 -05:00
c946a84b09
adapted keyfetcher to be more general
2013-01-18 15:06:00 -05:00
358bf7fc1c
Generic introspecting token services
2013-01-08 16:55:07 -05:00
c7ae315e98
Added initial files for nonce service. Repository and service impls are stubs
2013-01-04 15:30:24 -05:00
45ca4e565e
updated to SECOAUTH-1.0.1-BUILD-SNAPSHOT
2012-11-26 11:53:19 -05:00
695091ca82
Refactor part 4 - should be final bit
2012-09-18 15:08:53 -04:00
c40efda6b5
Refactor part 1
2012-09-18 14:24:34 -04:00
7aec0dfe80
added randomized view names to lower possibility of conflicting with local views
2012-09-10 17:17:03 -04:00
d11005fc5f
added x509 support
2012-09-10 17:17:03 -04:00
2d24435365
Created custom resolver, handler mapper
...
moved endpoint back to server
2012-09-10 17:17:03 -04:00
edeae29bef
client publisher mapping test
2012-09-10 17:17:03 -04:00
be1046f9b6
bean-based configuration
2012-09-10 17:17:03 -04:00
4eee172f79
buildRedirectURI moved to URLUtils
2012-09-07 15:52:56 -04:00
05efdbf39d
buildURL uses URIUtils now.
2012-09-07 15:17:08 -04:00
2b62042696
unshadowed Jwe header, unshadowed IdTokenClaims, added smart copy constructor to ClaimSet
2012-09-06 17:20:22 -04:00
e8eaf48efd
Added check for token NotBefore
...
Added timeSkewAllowance magic
2012-08-28 15:42:29 -04:00
b47dcf8e6b
fixed timestamp math
...
(I hate timestamp math)
2012-08-17 16:35:27 -04:00
26d5a846e0
Updated validator structure and id token checking.
2012-08-17 16:18:08 -04:00
a0df7ad04b
client documentation updates, addresses #135
2012-08-17 15:35:08 -04:00
012bb4afd7
Changed casing on "URI" to "Url" to match other parameters.
2012-08-17 15:32:04 -04:00
d14f55004c
added parser to userinfo object, userinfo url in filter, fixed bug in user_id check
2012-08-17 14:40:13 -04:00
fbd6e67af8
Refactored auth provider to call the userinfo endpoint and provide info inside the auth token.
2012-08-17 14:40:13 -04:00
6ccbf480b3
added token values into the OpenIDConnectAuthToken class and authenticator, still need to do authuserdetailsservice
2012-08-15 16:11:57 -04:00
c5244db1a2
moved nonce from cookie to session, added state processing, cleaned up unused classes
2012-08-15 14:52:49 -04:00
269c2c9835
fixed nonce cookie handling
2012-08-14 12:11:51 -04:00
d93f5f18e5
added state value to jwt that gets passed as request object. certain methods from SECOAUTH use this
2012-08-14 10:55:08 -04:00
eff7a2c504
changed nonce claim addition
2012-08-14 10:55:08 -04:00
9d73cd2243
cleaned up imports in filter class
2012-08-14 10:55:07 -04:00
2888c08083
changed cookie claim to include the response
2012-08-14 10:55:07 -04:00
bc216785b8
added cookie to response in auth filter for request objects
2012-08-14 10:55:07 -04:00
f7cfb39777
updated imports of signed request filter
2012-08-14 10:55:07 -04:00
c0d353d7ce
removed state parameter from claims. added way to create random nonce value
2012-08-14 10:55:07 -04:00
8e95734f22
changed response-type to code rather than token
2012-08-14 10:55:07 -04:00
f8d938630e
added passthrough parameters to server config
2012-08-14 10:55:07 -04:00
c4ebf5c145
updated signer service
2012-08-14 10:55:07 -04:00
d6b0b87769
added state parameter to reqeuest object
2012-08-14 10:55:07 -04:00
99bc1294e3
removed repetative check of "token" parameter in signed request object
2012-08-14 10:55:07 -04:00
685734ce35
updated signing request object in OIDC client by pulling out construction of JWT to its own method.
2012-08-14 10:55:07 -04:00
76c91ea79f
removed encrypted request object for OIDC client. will deal with it at a later point
2012-08-14 10:55:07 -04:00
William Kim