github
/
OpenID-Connect-Java-Spring-Server
mirror of https://github.com/mitreid-connect/OpenID-Connect-Java-Spring-Server
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
2,270 Commits
17 Branches
69 Tags
78 MiB
Commit Graph

1300 Commits (6921ca9a425f0ffdcfb787956a17635a4ec19375)

Author SHA1 Message Date
Justin Richer 5d35f2c1a6 toned down errors on introspection endpoint 2015-03-10 14:58:22 -04:00
Justin Richer 65d7b00f4d added uma-processing of scopes to introspection results 2015-03-10 12:38:37 -04:00
Justin Richer 627bcaee43 added client_id to resource sets 2015-03-10 12:38:13 -04:00
Justin Richer e5e4c15058 removed introspection authorizer hook 2015-03-10 11:12:37 -04:00
Justin Richer 2a6a17486a added initial uma discovery endpoint 2015-03-09 16:15:30 -04:00
Justin Richer 621399545e cleaned up introspection endpoint processing 2015-03-09 16:15:09 -04:00
Justin Richer 764df71758 refactored introspection to allow for UMA style token access 2015-03-09 12:43:05 -04:00
Justin Richer 1da5c2cd84 fixed imports 2015-03-09 11:51:41 -04:00
Justin Richer c7f6811961 refactored scope enforcement utilities to a separate authentication class 2015-03-09 11:51:24 -04:00
Justin Richer 48b857eb85 fixed logger variable name 2015-03-09 07:37:09 -04:00
Justin Richer c09b63c69f made logger declarations consistent across project, closes #780 2015-03-08 21:56:33 -04:00
Wolter Eldering 849a2b3271 Fixed logger 2015-03-08 16:02:53 +01:00
Wolter Eldering 020b410ffe null safe 2015-03-08 15:47:58 +01:00
Wolter Eldering db2574ab53 removed DateUtil 2015-03-08 15:41:47 +01:00
Justin Richer f266d3b151 added unit test for resource set service to make sure it catches error conditions 2015-03-06 16:56:30 -05:00
Justin Richer 35f2a03b4e added unit test for permission service 2015-03-06 15:50:24 -05:00
Justin Richer e59e988809 made permission service enforce scoping 2015-03-06 15:50:14 -05:00
Justin Richer 5ff9cd1bbb implemented permission registration API 2015-02-28 17:59:37 -05:00
Justin Richer eed8fb0b28 created skeleton of permission registration API 2015-02-28 08:33:09 -05:00
Justin Richer c41488b103 moved an uma package to common, extracted OAuth scope enforcement utility 2015-02-28 08:32:47 -05:00
Justin Richer 5be7d64c7d moved all uma files to their own package 2015-02-28 07:24:53 -05:00
Justin Richer 0d96b6a28a changed name of scope to match uma spec 2015-02-27 20:46:48 -05:00
Justin Richer 7a1480bb07 moved and consolidated json utilities 2015-02-26 16:20:01 -05:00
Justin Richer 40fc70894e fixed oauth scope check 2015-02-24 18:01:03 -05:00
Justin Richer 4878e88d4f added list all by owner 2015-02-24 17:41:05 -05:00
Justin Richer 8d22ad03e2 implemented remove verb 2015-02-24 17:15:18 -05:00
Justin Richer 89114dcf74 implemented update 2015-02-24 16:05:18 -05:00
Justin Richer ad228e8953 send the _id as a string 2015-02-24 15:52:29 -05:00
Justin Richer 3b6412219b added abbreviated view, updated OAuth error handling, fixed URL mapping 2015-02-24 15:10:48 -05:00
Justin Richer 0b480bac10 implemented get 2015-02-24 15:09:52 -05:00
Justin Richer 3076da1ed8 functioning resource set repository layer 2015-02-24 12:10:54 -05:00
Justin Richer efeead52b6 fixed typos in data layer, added blank service layer to resource set 2015-02-24 12:00:58 -05:00
Justin Richer e7bf75e9a4 moved and consolidated json utilities 2015-02-23 13:43:08 -05:00
Justin Richer 90a7304b4e resource set registration endpoint and service shells 2015-02-23 11:43:05 -05:00
Justin Richer b670f44138 added UMA to version number 2015-02-19 17:55:25 -05:00
Justin Richer 720b73939f fixed token service logic, added verification to unit tests 2015-02-18 13:57:28 -05:00
Justin Richer 97ae456099 fixed unit tests affected by scope service changes 2015-02-18 13:48:16 -05:00
Justin Richer 6885713eed added warning suppression for data layer -- non-templated generic types have to be used here 2015-02-18 10:19:36 -05:00
Justin Richer f4813fccee fixed log messages on data services 2015-02-18 09:33:13 -05:00
Justin Richer 4ae981f484 updated data layer and unit tests 2015-02-18 09:23:09 -05:00
Justin Richer 593fac83cf scopes can now be set as "restricted" instead of needing to be set "allowDynReg", closes #747 2015-02-17 18:25:52 -05:00
Justin Richer 1caf5ef8bc removed call to deprecated http components constructor 2015-02-17 17:06:34 -05:00
Justin Richer b376bc6059 removed some vestigial service/repository calls, closes #513 2015-02-17 16:22:40 -05:00
Justin Richer ecfb72bc50 additional JOSE class naming 2015-02-17 15:32:20 -05:00
Justin Richer 522edda074 additional JOSE class renaming 2015-02-17 14:57:29 -05:00
Justin Richer cef6cf17b6 externalized a number of strings, closes #385 2015-02-17 14:39:15 -05:00
Justin Richer 05f03f7c90 yet more year updates 2015-02-17 13:09:45 -05:00
Justin Richer 994ce6c743 consistently named JOSE-based classes, closes #529 2015-02-17 12:11:58 -05:00
Justin Richer 335d05bb5c renamed data service abstract class 2015-02-17 11:56:50 -05:00
Justin Richer 685960358c formatting cleanup 2015-02-17 11:08:46 -05:00
Justin Richer e2349984b8 happy new year 2015! 2015-02-17 10:24:08 -05:00
Justin Richer d56aec5652 removed extraneous version tag for managed dependency 2015-02-17 10:00:18 -05:00
Justin Richer d88cc2ec8e fixed pluralization of post logout URIs in data API services 2015-02-17 09:59:50 -05:00
Justin Richer cc02f8fbe8 pluralized post-logout redirect URI on client, closes #654 2015-02-16 16:43:34 -05:00
Justin Richer 587d4b2db6 further pom file cleanup 2015-02-16 14:24:48 -05:00
Justin Richer 377d8cb884 moved dependency version management to parent pom, closes #666 2015-02-16 13:51:25 -05:00
Justin Richer ef3a696972 removed getBySubject and getAll from user info repository and service layers, closes #760 2015-02-16 11:08:07 -05:00
Justin Richer 63dd7c0b25 removed deprecated DefaultUserInfoUserDetailsService and corresponding test, closes #413 2015-02-16 11:07:17 -05:00
Justin Richer 166c53cd6a fixed comparison of client IDs in refresh token, closes #752 
Also addresses #735 (again)
 2015-01-24 07:47:50 -05:00
Justin Richer 6c88d7c54b removed old owner_id field, closes #636 2015-01-17 08:18:36 -05:00
Justin Richer ba97fcb88a changed name of clientAuthorization to authorizationRequest (which is more accurate), closes #697 2014-12-19 00:55:06 -05:00
John Brooks a1228d19b5 Changed lastWeek logic back to correct form, removed logic used for 
testing.
 2014-12-19 00:39:07 -05:00
Justin Richer e9d764e53e added support for login_hint, closes #250 2014-11-26 09:55:39 -05:00
Justin Richer 3e7ade9a67 fixed unit tests 2014-11-22 23:46:25 -05:00
Justin Richer 1a2ca25359 relaxed scope constraints on protected resources registered through self-service page 2014-11-22 23:46:25 -05:00
Justin Richer e371ad345f fixed checking of refresh token permissions in client service, clients can now request either refresh_token grant type or offline_access scope and it will work. added checkbox to dynreg page for ease-of-use 
closes #734
 2014-11-22 23:46:25 -05:00
Justin Richer 56344fa12b make sure that client presenting refresh token is the same client the refresh token was issued to 
closes #735
 2014-11-22 23:46:25 -05:00
Justin Richer 0e776762c2 set up data API for 1.2 format (currently the same as 1.1 format) 2014-11-15 19:59:47 -10:00
Justin Richer b14dfa6458 approval page defaults to "ask again" when prompt=consent is passed, closes #669 2014-11-13 11:23:54 -10:00
Justin Richer 775b77b367 updated date format of token introspection response, closes #719 2014-11-13 11:08:20 -10:00
Justin Richer c600787f1c added key id to id token, closes #725 2014-11-12 16:22:10 -10:00
Justin Richer d87bdb2120 added ROLE_CLIENT to assertion client authentication, cleaned up roles on client secret authentication, closes #728, closes #401 2014-11-12 16:03:06 -10:00
Justin Richer e6d10b67a4 update to Spring 4 and other related libraries 2014-11-10 18:29:54 -10:00
Alexander Imfeld 9dfac35912 Introduce introspection result assembler to allow for customized introspection results 2014-10-14 21:06:09 -04:00
arielak d557b1e2c2 RefreshToken to AuthHolder linkage test now using AuthHolder ID to verify 2014-10-14 20:30:50 -04:00
arielak ff436a6738 Added tests for ensuring the references between a refresh token and its authentication holder are preserved over import. Minor cleanup of other tests. 2014-10-14 20:30:50 -04:00
arielak d18d325c0c Better method of creating test AuthenticationHolderEntity, added some more testing to testImport/ExportGrants 
Conflicts:

	openid-connect-server/src/test/java/org/mitre/openid/connect/service/impl/TestMITREidDataService_1_1.java
 2014-10-14 20:30:50 -04:00
arielak ff28e1a383 Added new data service tests, separated date parsing/formatting utilities into DateUtil class 
Conflicts:

	openid-connect-server/src/main/java/org/mitre/openid/connect/service/impl/MITREidDataService_1_0.java
	openid-connect-server/src/main/java/org/mitre/openid/connect/service/impl/MITREidDataService_1_X.java
	openid-connect-server/src/main/java/org/mitre/openid/connect/util/DateUtil.java
 2014-10-14 20:30:50 -04:00
Justin Richer 188818dc0d added null check to confirmation controller, closes #684 2014-10-07 21:58:15 -04:00
Justin Richer db052f11ca Moved development branch to 1.2 2014-10-07 21:02:07 -04:00
Justin Richer 134909a82f import cleanup 2014-10-07 19:40:38 -04:00
Justin Richer 1e71749c23 added more generic rotation capability 2014-10-07 19:40:38 -04:00
Justin Richer 0b8dbc4f68 added registration token API 2014-10-07 19:40:38 -04:00
Justin Richer 13cee6bf06 Ported date format changes from 1.0.x 2014-10-06 23:41:33 -04:00
arielak 98ace5c9fb Separated date formatting and parsing functions to DateUtil class. Modified how timezone is printed to workaround Java date formatting issue. 
Conflicts:
	openid-connect-server/src/main/java/org/mitre/openid/connect/service/impl/MITREidDataService_1_0.java
 2014-10-06 23:28:20 -04:00
Justin Richer 1fbdd240f1 made binary encode/decode null safe 2014-10-06 23:25:48 -04:00
arielak a8377513a6 Fixed reading/writing of approved access tokens 2014-10-06 22:59:27 -04:00
arielak 0320bae15c Fixed netbeans copyright weirdness 2014-10-06 22:59:27 -04:00
arielak dcf66fadc4 Added support for 1.1 config import/export, and separated common functions into 1_X abstract class 2014-10-06 22:59:27 -04:00
arielak ad841a03df Added support for whitelisted and blacklisted site export 2014-10-06 22:59:27 -04:00
arielak 8495617aed Added support for whitelisted and blacklisted site import from a 1.0 config 2014-10-06 22:59:27 -04:00
arielak 16f15cc3c8 NPE fix 2014-10-06 22:59:27 -04:00
arielak 6333b1e4b1 Re-enabled reading of system scopes. Added 1.1 data export functionality 2014-10-06 22:59:27 -04:00
arielak d5551e9692 Added services for data import/export and modified JpaAuthenticationHolderEntity and Repository to allow getting all objects 2014-10-06 22:58:26 -04:00
Justin Richer c683131f12 externalized view name strings and tied them to view beans 2014-09-28 22:25:39 -04:00
Justin Richer 9e88a62479 moved the API endpoints, made resource tokens accessible too 2014-09-22 23:38:12 -04:00
Justin Richer 6d80a00d65 import cleanup 2014-09-22 23:04:23 -04:00
Justin Richer 81634e6165 added API for getting tokens by clientid 2014-09-22 22:55:13 -04:00
Justin Richer dee78c130c fixed missing null check in request object parser 2014-08-25 22:48:42 -04:00
James Agnew e0b84069d4 Update to latest spring-security-oauth2 module 2014-08-06 11:12:40 -04:00
Justin Richer 6f2f807b0b [maven-release-plugin] prepare for next development iteration 2014-08-05 21:54:51 -04:00
Justin Richer 93ae1516a5 [maven-release-plugin] prepare release mitreid-connect-1.1.9 2014-08-05 21:54:47 -04:00
Justin Richer 39c50b76f4 added null checks to endpoint auth method switches, closes #652 2014-07-31 23:05:17 -04:00
Justin Richer 8768188133 makes the grant types checker softer, closes #640 2014-07-19 23:54:02 -07:00
Justin Richer 9666404d54 added "none" to discovery endpoint 2014-07-16 23:48:18 -04:00
Justin Richer 7476edb310 added unsigned ID token support to server 2014-07-16 22:29:13 -04:00
Justin Richer 538c4031bb added in better default checks for content negotiation 2014-07-02 16:01:26 -04:00
Justin Richer 078bf5e464 combine HTTP content negotiation with client preferences for user info endpoint 2014-06-28 23:44:37 -04:00
Justin Richer 1de2a61176 made accept header optional for user info request 2014-06-28 22:20:05 -04:00
Justin Richer 04acc21eea removed injection of admin email address from client API, will happen browser-side now 2014-06-26 13:00:36 -04:00
Justin Richer adf477c64e [maven-release-plugin] prepare for next development iteration 2014-06-18 18:27:27 -04:00
Justin Richer 8d97ed61ec [maven-release-plugin] prepare release mitreid-connect-1.1.8 2014-06-18 18:27:25 -04:00
Justin Richer 5773fe195b set proper content type on user info JWT response 2014-06-18 18:05:11 -04:00
Justin Richer 5f97ce0ca1 fixed error code string 2014-06-18 14:50:17 -04:00
Justin Richer 6589cd717d disallow fragments in redirect uris for dynamic clients, closes #622 2014-06-18 14:49:29 -04:00
Justin Richer 4e52543091 more properly respond to some client registration errors 2014-06-18 14:45:55 -04:00
Justin Richer c493f438e7 applied token rotation to protected resources 2014-06-12 19:37:50 -04:00
Justin Richer f4edd3164f made timeout field optional, tokens don't expire in the default case 2014-06-12 19:37:32 -04:00
Trilok Jain 4e09ec687b Registration Token regeneration - when they are beyond their lifetime 
(in read/update calls)
 2014-06-12 19:12:32 -04:00
Trilok Jain ed3e6a2814 https://github.com/mitreid-connect/OpenID-Connect-Java-Spring-Server/issues/431: 
Generating a new registration access token on read/update call and
revoking the token issued earlier.
 2014-06-12 19:12:32 -04:00
Justin Richer a106121af3 created blacklist aware redirect resolver and wired it in, closes #549 2014-06-10 16:29:45 -04:00
Justin Richer a97f3e2d65 don't throw away creation time on protected resource update (oops) 2014-06-09 20:22:58 -04:00
Justin Richer e0fe22e4ba don't regenerate client secrets every single time 2014-06-09 20:20:36 -04:00
Justin Richer 53148f2c87 better auth method checking in dynamic registration and resource registration 2014-06-09 17:41:27 -04:00
Justin Richer f15b4a0f74 resource registration returned the wrong URL 2014-06-09 17:41:01 -04:00
Justin Richer 47cc005fe5 more sanity checking for client secrets 2014-06-09 16:06:57 -04:00
Justin Richer cac645484f client API now generates client secret only for clients that require a client secret 2014-06-09 16:00:55 -04:00
Justin Richer 52e53ba219 extracted validation exception, refactored protected resource registration endpoint to use this format 2014-06-06 11:13:41 -04:00
Justin Richer b7a8bbdddc cleanup, error wrappers on protected resource registration 2014-06-06 10:58:40 -04:00
Justin Richer deaccf437e refactored dynamic registration endpoint's checks for client consistency 2014-06-06 10:18:40 -04:00
Justin Richer 04f7a698ea added response type consistency checking, closes #430 2014-06-05 19:41:06 -04:00
Justin Richer 32101ff7b2 added parsing checks, fixed inverted logic, cleaned up redundant settings, closes #597 2014-06-05 19:06:03 -04:00
Justin Richer ab083c0963 added checks to dynamic registration endpoint that disallow registration of multiple incompatible grant types 2014-06-05 17:16:35 -04:00
Justin Richer cdd23df7ee token introspection now returns user "sub" when available in addition to "user_id", closes #507 (might cause incompatibility problems) 2014-06-04 17:27:38 -04:00
Justin Richer 85acfa90db [maven-release-plugin] prepare for next development iteration 2014-06-04 14:51:32 -04:00
Justin Richer d5e4cb45a2 [maven-release-plugin] prepare release mitreid-connect-1.1.7 2014-06-04 14:51:29 -04:00
Justin Richer 8861220632 stats on home page are now loaded in the background (makes main site load much faster) 2014-06-04 14:39:30 -04:00
Justin Richer 3e4aae6c8a hash tests now pass on Java8 2014-05-29 17:41:56 -04:00
Justin Richer dfdc4ed52d fixed information leaks from approved site API 2014-05-28 18:21:46 -04:00
Alexander Imfeld a84c10fc1c Change copyright from Netcetera to MITRE/MIT-KIT. 2014-05-28 08:52:31 +02:00
Justin Richer 2797731597 fixed unit test to account for cascading tokens 2014-05-27 20:39:19 -04:00
Justin Richer d2c83104fb cascade token saves 2014-05-27 19:28:38 -04:00
Josh Mandel 7f8cbcea39 Use return value from TokenEnhancer.enhance 2014-05-27 19:23:44 -04:00
Justin Richer be98b9cd0b [maven-release-plugin] prepare for next development iteration 2014-05-27 14:00:40 -04:00
Justin Richer 8320f0eefe [maven-release-plugin] prepare release mitreid-connect-1.1.6 2014-05-27 14:00:37 -04:00
Justin Richer 0c8cacd59a added missing copyright headers 2014-05-27 13:46:47 -04:00
Justin Richer 525f3aa2a8 Cleaned up indentation, whitespace, and imports. 2014-05-27 13:02:49 -04:00
Justin Richer 8185171119 minor clean up 2014-05-27 11:54:45 -04:00
Justin Richer 5ab516de48 prevent clients from registering with special resource scope 2014-05-26 17:39:20 -04:00
Justin Richer c34357a433 added resource registration endpoint with basic functionality and specialized tokens 2014-05-26 16:30:24 -04:00