1630648925
updated logo, added large logo
2013-04-11 17:24:32 -04:00
7e59421f33
Commented out XRD endpoint and added TODO reference to webfinger issue
2013-04-11 10:33:27 -04:00
34b243e0e1
Added back discovery endpoint, but renamed to not say SWD
2013-04-11 10:27:31 -04:00
ac2993c402
[maven-release-plugin] prepare for next development iteration
2013-04-10 16:12:04 -04:00
f0d75f9144
[maven-release-plugin] prepare release mitreid-connect-0.9.1
2013-04-10 16:11:38 -04:00
23c318f6c2
Updating guava to 14.0.1
2013-04-10 15:31:32 -04:00
a723c9d921
Removed references to DefaultAuthorizationRequest in connect code
2013-04-08 10:37:13 -04:00
e17eaa499e
Cleaned up classes affected by SECOAUTH changes; added Connect implementation of AuthorizationRequest and updated manager class to reflect new class & updated interface;
...
;
2013-04-08 10:13:27 -04:00
5f54777109
[maven-release-plugin] prepare for next development iteration
2013-04-03 10:01:58 -04:00
620a60ddc2
[maven-release-plugin] prepare release mitreid-connect-0.9.0
2013-04-03 10:01:52 -04:00
54f1ae972b
Added properties and updated poms for sync to central
2013-04-02 12:42:40 -04:00
f63ea94b37
fixed bean name
2013-04-01 12:05:39 -04:00
f101dcc512
moved to released version of SECOAUTH
2013-04-01 11:59:40 -04:00
c0c1847f38
fixed bean name
2013-04-01 11:59:23 -04:00
72e2c7cb6c
Updated build references
2013-04-01 10:59:25 -04:00
02220a411a
Fixed typo
2013-03-29 12:59:49 -04:00
0f327a772b
Updated js files to use results returned from JsonErrorView; factored out markup into modal definition.
2013-03-29 12:47:03 -04:00
2265a3f8c3
Updated error handling messages for scope, approved site, blacklist, whitelist, and client APIs using new JsonErrorView
2013-03-29 12:47:03 -04:00
ee5b21b542
Added JsonErrorView
2013-03-29 12:47:03 -04:00
07686d8e00
Removed superfluous try/catch around save call in ScopeAPI.
2013-03-29 12:47:03 -04:00
4538d8fb14
made signing and verification service construction safe for public-only keys
2013-03-28 17:03:18 -04:00
6cc50e7cd5
switched signing & validation service to use JWK natively for keys
2013-03-28 16:43:26 -04:00
f54dddd8c0
fixed blacklisted field name, addresses #295
2013-03-28 16:06:02 -04:00
5a04198eac
moved to JPSK based key store
2013-03-28 15:06:30 -04:00
e2ad4d2e8f
cleaned up spurious nosuchalgorithm exceptions, addresses #285
2013-03-28 15:06:30 -04:00
5b321b9c86
Updated whitelist api for ui error handling
2013-03-28 12:43:47 -04:00
666573cd34
Updated blacklist and client api for ui error handling
2013-03-28 12:37:18 -04:00
218fe9328c
Updated approved site API for error handling
2013-03-27 16:49:33 -04:00
435fff3b1c
Updated scope API for error handling
2013-03-27 16:27:55 -04:00
18e319379e
Got bootstrap modal alert working, but not sure if it is the right approach. It looks different than the confirmation window.
2013-03-27 15:27:34 -04:00
49863e70ae
Got scope "value" error handling set
2013-03-27 15:27:34 -04:00
d24ecd2e7c
Removed extra scope validation endpoint
2013-03-27 15:27:34 -04:00
96e333afa6
Working on error handling
2013-03-27 15:27:34 -04:00
fa0a6a7b4e
Finding my way around Backbone, Underscore, and Bootstrap
2013-03-27 15:27:34 -04:00
5704271973
Fixed client error: added all client fields to model in client.js; lined them up with the fields in ClientDetailsEntity.java for easier comparison
2013-03-22 17:15:14 -04:00
36b08dcd6e
Removed SWD code
2013-03-22 15:23:08 -04:00
fcc95f8a0a
Moved nonce processing stuff into nonce service and out of ConnectAuthorizationRequestManager
2013-03-22 14:38:37 -04:00
d38c5b4200
Pared down nonce reuse exception message to just say that the nonce has already been used
2013-03-22 12:36:24 -04:00
b28b0615fa
removed vestigial ClientDetailsEntityService references
2013-03-22 12:32:31 -04:00
08eaaa0a12
updated repository to use proper concrete class
2013-03-21 15:20:36 -04:00
8fccbf3483
added Id field to DefaultUserInfo object, switched "userId" terminology to "subject"
2013-03-20 14:29:00 -04:00
f44c704472
major refactor of client filter
...
Collapsed filter into single class
pulled server config and client config management into service classes
created service for issuer (will handle account chooser)
created auth request services (handle signed and unsigned requests)
2013-03-14 18:05:50 -04:00
2b45dd1104
cleaned up stats display
2013-03-14 18:05:50 -04:00
8992506a1d
Fixing up logging changes
2013-03-08 09:52:24 -05:00
f9b0670ae9
Merged ClientAPI and ClientDynamicRegistrationEndpoitn by hand
2013-03-07 12:12:27 -05:00
5cac7055a9
Standardized error handling and added logging for error conditions in endpoints
2013-03-07 11:56:57 -05:00
dbc68e4074
Working on error handling
2013-03-07 11:51:18 -05:00
1630814b9f
Marked classes where error handling needs to be added/changed
2013-03-07 11:51:18 -05:00
0f6faf3609
removed old namespace config files
2013-03-07 10:46:25 -05:00
6320fce9fd
url -> uri in approval page
2013-03-07 10:39:33 -05:00
7c36f9fb38
made sidebar size-responsive, added sticky footer
2013-03-06 17:52:38 -05:00
ad3a22e5d4
changed client defaults for JOSE bits
2013-03-06 15:24:46 -05:00
3268726747
changed to dict-based model for saving
2013-03-06 15:17:11 -05:00
8f4ecac8d5
forgot a field
2013-03-06 15:16:48 -05:00
27a8bcf440
now with more documentation and actual deletion
2013-03-06 11:53:16 -05:00
eaa9e1ded4
typo for grant types in parser
2013-03-06 11:33:54 -05:00
a6a2d43e8f
added Read, Update, and Delete operations to dynreg endpoint
2013-03-06 11:33:31 -05:00
d37bac1775
simplification and documentation of client api views
2013-03-06 11:33:06 -05:00
4c3c2dce52
removed sessions from endpoints, properly mapped registration endpoint
2013-03-06 11:31:54 -05:00
217916603f
cleaned out broken unit tests -- now we can start fresh
2013-03-06 09:48:04 -05:00
c9bdba3f3a
API now bound to USER for read, ADMIN for write, addresses #267
2013-03-05 17:45:33 -05:00
1daf5bd357
dispatch to different views based on user role
2013-03-05 17:34:24 -05:00
70b2342864
fixed split client views, fixed typos in various places
2013-03-05 17:26:25 -05:00
f07c31bbe2
JOSE selectors
2013-03-05 16:52:34 -05:00
51a7ccc397
entity -> embed
2013-03-05 16:33:13 -05:00
7b8623edbb
typo
2013-03-05 16:15:21 -05:00
93851ab94d
request URIs and default ACR values
2013-03-05 16:11:32 -05:00
6c136b5696
contacts
2013-03-05 15:43:38 -05:00
79bf862924
added Not Yet Implemented tags
2013-03-05 15:32:08 -05:00
9b6dfd4e1d
require auth time, reuse refresh token, and default max age
2013-03-05 15:01:25 -05:00
ff53d71e6f
sector identifier, initiate login, and post logout URIs ; reuse refresh tokens
2013-03-05 14:44:40 -05:00
23bd6a2ffb
response types
2013-03-05 14:29:51 -05:00
82ecef144d
token endpoint auth method
2013-03-05 14:05:46 -05:00
c9b769818e
changed script loading methods to help debugging, fixed subjectype data pull
2013-03-05 13:34:18 -05:00
1fcb67e885
JWKS and subject type
2013-03-05 12:33:14 -05:00
29b46bfd58
stupid javascript templates
2013-03-05 12:21:06 -05:00
0d25d4cb17
null-preserving static parsers instead of constructors
2013-03-05 12:10:33 -05:00
9244d6413c
application type
2013-03-05 11:50:47 -05:00
e7282d53fe
added client URI bits
2013-03-05 11:22:55 -05:00
6a88c13675
split client view into two classes
2013-03-04 17:50:02 -05:00
4095f2179c
added custom client view for API
2013-03-04 17:33:18 -05:00
a0c2e94922
added in all extra fields to JS processor
2013-03-04 17:11:44 -05:00
ac44020305
grant types rename
2013-03-04 17:11:25 -05:00
33c488d9ae
logo url -> uri
2013-03-04 16:53:09 -05:00
7c3ddd0a86
redirect uri with new name
2013-03-04 16:49:17 -05:00
9aebca2e97
fixed gson parser in client API
2013-03-04 16:38:11 -05:00
23efdf9f51
fix viewbean name, nullsafe client creation time, fixed default scope handling
2013-03-04 16:12:06 -05:00
26f03ec070
timestamp for creation date
2013-03-04 16:11:20 -05:00
ea034f7d4a
database preload fixed to match new schema
2013-03-04 16:10:32 -05:00
1f5f7c8aac
updates for java 7
2013-03-04 16:00:12 -05:00
235a3bf2c4
added client information response view
2013-03-04 15:45:35 -05:00
fc978ac994
made require_auth_time nullable again
2013-03-04 15:44:49 -05:00
a2d6894f62
started serialization for client information view
2013-03-04 15:13:55 -05:00
db24c203ec
added parser to client registration endpoint
2013-03-04 15:01:02 -05:00
5c044b9eff
added extra client fields to DB model, moved services to use new client model object
2013-03-04 14:22:42 -05:00
3f8d7d70e5
updated client model to match OAuth Dyn Reg and OIDC Reg
2013-03-04 12:48:05 -05:00
5b9422ffdf
cleaned up old unit tests
2013-03-04 11:37:49 -05:00
f8f925c08f
removed exploded war (no longer needed), addresses #260
2013-03-04 10:59:04 -05:00
bd877dde82
added signature checking to request objects
2013-03-01 17:44:44 -05:00
6c1e6b2d74
refactored signing and validation, added jwk-based cache, removed keyfetcher, refactored client side class structure
2013-03-01 17:44:44 -05:00
385853fa1f
refactored signing and validation, added jwk-based cache, removed keyfetcher, refactored client side class structure
2013-03-01 17:44:44 -05:00
7e64c4bffc
deleted duplicate login button, addresses #276
2013-03-01 17:42:48 -05:00
13a3e97113
updated request object forwarding hack
2013-03-01 17:42:48 -05:00
0712d8c340
updated spring version
2013-03-01 17:42:48 -05:00
42ea2468c9
Split up about, contact, stats tags into two each and removed logic from the *Content tag files
2013-02-28 13:56:09 -05:00
8677f6516d
Template-ized most of the home page UI
2013-02-28 11:25:37 -05:00
987a05302d
Added configured logo url
2013-02-25 13:01:26 -05:00
60b679e942
First steps towards adding display variables to config bean
2013-02-22 17:10:14 -05:00
4d725b88dd
more updates to track nimbus-jose-jwt classes and use them properly
2013-02-22 12:08:01 -05:00
9a98d241e8
updates to track Nimbus JOSE API changes to audience and date fields
2013-02-22 12:08:01 -05:00
cc727cee3e
patched unit test to new format
2013-02-22 12:08:01 -05:00
03e7337b9f
client registration endpoint needs general rewrite to fit new spec.
...
Most of the problematic references will change with the rewrite, so this is a slapdash patch to make things compile for now.
2013-02-22 12:08:01 -05:00
25b9940a68
request object endpoint is a placeholder, cleaning out for now
2013-02-22 12:08:01 -05:00
e5732da857
added system default signing algorithm, converted token provider and enhancer to use nimbus-jose
2013-02-22 12:08:01 -05:00
c01e873019
request object processor moved to nimbus-jose
2013-02-22 12:08:01 -05:00
0f99e0e06d
assertion token granter moved to nimbus-jose
2013-02-22 12:08:01 -05:00
10ab55a7e2
moved jwk/x509 publishing over to nimbus-jose (mostly)
2013-02-22 12:08:01 -05:00
fca30cd13f
added provisions to bootstrap signing and validation service from config files
2013-02-22 12:08:01 -05:00
a078f7d202
patched userinfo view to use nimbus
2013-02-22 12:08:01 -05:00
c7d1b47b38
converted bearer assertion framework to nimbus-jose
2013-02-22 12:08:01 -05:00
910a6cf1a0
remvoed idtoken repository that was never used
2013-02-22 12:08:01 -05:00
46a3e70377
removed idtoken class, removed all jwe/jwt tests
2013-02-22 12:08:01 -05:00
46f0e6f3cb
restyled login page
2013-02-20 16:39:46 -05:00
b840b31c74
added cleaner login/logout failure handling and processing
2013-02-20 16:11:08 -05:00
1398575061
Added additional joda time dependency
2013-02-20 15:44:53 -05:00
58ea01f0f8
added hints to login form to discourage mobile browsers from trying to do something clever like autocorrect
2013-02-13 13:27:31 -05:00
991f37a1e6
refactored javascript and template files into components
2013-02-13 10:12:31 -05:00
137e5e5ca1
added placeholder blocks in place of empty tables, addresses #244
2013-02-06 17:42:10 -05:00
62b931ee0d
scope icons now show up everywhere
2013-02-05 17:39:38 -05:00
d0fdf8140e
sorting on approval page
2013-02-05 15:47:32 -05:00
328fa221bd
scope bootstrapping
2013-02-05 15:08:49 -05:00
02846c0a8d
typo fix, DB constraints
2013-02-05 14:40:06 -05:00
88f2ea3e7e
icon selector
2013-02-05 14:33:58 -05:00
e622202e9e
display scopes based on request, pull scope information dynamically, addresses #208
2013-02-05 11:36:59 -05:00
eb4773ce46
beginning dynamic scopes on auth page
2013-02-05 11:28:39 -05:00
c2b9fd4db1
system scope ordering consistency
2013-02-05 11:11:41 -05:00
173281f039
DB consistency fix
2013-02-05 11:11:15 -05:00
801a45cc49
several bugfixes to scopes UI, works now
2013-02-03 22:04:56 -05:00
e5171a196a
minor bugfixes
2013-02-03 22:04:55 -05:00
d1968f624a
scope ui bugfixes
2013-02-03 22:04:55 -05:00
fbfc977f3b
system scope ui updates
2013-02-03 22:04:55 -05:00
9dc603a759
scope management UI
2013-02-03 22:04:55 -05:00
1ceee853f9
scope management UI
2013-02-03 22:04:55 -05:00
a3037a18a7
system scope service applied to client creation UI
2013-02-03 22:04:55 -05:00
cab36a2b80
added appropriate filterered and transformative actions to scope service
2013-02-03 22:04:55 -05:00
ab35186696
added scope service, repository, and API
2013-02-03 22:02:24 -05:00
19e7b62a42
removed persistence.xml and moved to pure spring-based config, addresses #194
2013-02-03 22:02:23 -05:00
a3619240e6
added site scope
2013-02-03 22:02:23 -05:00
a2e548c261
fixed claims processor for request object from user info endpoint
2013-02-03 22:02:23 -05:00
899150d636
tweak display on auth revoke page
2013-02-03 22:02:23 -05:00
3c190e044a
inject parsed parameters to make SECOAUTH happy
2013-02-03 22:02:23 -05:00
1144d511af
inject scopes
2013-02-03 22:02:23 -05:00
f9d50db1f1
don't treat openid scope special here -- by default client gets access to *all* scopes it's registered for
2013-02-03 22:02:23 -05:00
078342715b
moved request object to request manager
2013-02-03 22:02:22 -05:00
3399eed45a
Added about, contact, and stats pages. Still largely placeholders, but the topbar works correctly now at least.
2013-01-31 11:34:07 -05:00
0be254c99a
updated token introspection output to match spec and client filter
2013-01-30 15:31:32 -05:00
e02e08563c
changed order or custom filters to make assertions work, added client credentials token granter to default
2013-01-30 14:34:16 -05:00
c1d33bb55b
bugfix in assertion processor
2013-01-30 14:34:16 -05:00
2e2c0e8e6c
Fixed bug in nonce processing
2013-01-29 13:07:41 -05:00
3db74100a4
working on bug
2013-01-29 13:07:41 -05:00
dd8b48e863
Reset ConnectAuthorizationRequestManager to version from master
2013-01-29 13:07:41 -05:00
06f970e61b
Trying to fix nonce service
2013-01-29 13:07:41 -05:00
86bf51f0a7
Added java reflection code for request object handling, needs to be tested
2013-01-29 13:07:41 -05:00
677f0f2d4c
Stubbed out required functionality for request object filtering
2013-01-29 13:07:41 -05:00
67e8714671
Working on request object userinfo parsing
2013-01-29 13:07:41 -05:00
779001a8c8
updated copyright year
2013-01-28 13:39:25 -05:00
7269700dc6
switched injector from repository to service
2013-01-24 19:32:55 -05:00
f0ee36dad2
auth_type -> auth_method (addresses #258 )
2013-01-18 18:26:55 -05:00
fd2253303e
changed pointer on tabs, addresses #252
2013-01-18 18:17:39 -05:00
899e306683
fixed JS crash on "new client" operation
2013-01-18 18:15:19 -05:00
8831bc64a2
offline -> offline_access (addresses #248 )
2013-01-18 18:03:39 -05:00
27a26e0a35
(user_id/prn) -> sub
2013-01-18 16:40:05 -05:00
1ab29882b4
fixed user prepoulation table
2013-01-18 15:38:53 -05:00
0ab4ad4bbe
added "birthdate", addresses #253
2013-01-18 15:38:41 -05:00
6ef4dc817e
genericized nimbus code, added caching
2013-01-18 15:10:48 -05:00
2d21a72e7e
switched to nimbus to check JWT signature
2013-01-18 15:10:48 -05:00
60bda31c54
updated custom filter
2013-01-18 15:10:48 -05:00
c17bc05b0e
wiring configuration
2013-01-18 15:10:48 -05:00
4262be1fd3
added jwt processing to client auth provider
2013-01-18 15:06:00 -05:00
abd64eccd6
added framework for processing assertions for client auth
2013-01-18 15:06:00 -05:00
ad5e77f7ff
Made nonce storage duration configurable in application-context.xml;
2013-01-10 10:34:40 -05:00
59f1b1f05e
Testing, nonce handling seems to be working now
2013-01-07 13:28:30 -05:00
a1a117cfde
Added default constructor to ConnectAuthorizationRequestManager
2013-01-07 10:54:33 -05:00
af81e371fb
Updated application-context to use new authorization request manager
2013-01-07 10:46:55 -05:00
77b932f5a7
Added implementation of AuthorizationRequestManager. Nonce checking will go in here
2013-01-04 15:30:24 -05:00
1af6513499
Removed nonce checking from token service impl
2013-01-04 15:30:24 -05:00
7e7b2527db
Added nonce to persistence.xml
2013-01-04 15:30:24 -05:00
246ed962bb
Added stub of repository test
2013-01-04 15:30:24 -05:00
e1dffb959c
Added NonceReuseException
2013-01-04 15:30:24 -05:00
8f8a3754db
Added database tables for Nonce
2013-01-04 15:30:24 -05:00
a4637ec395
Fleshed out nonce service classes, added code to token service impl to check for and store nonces. Added JodaTime library for working with dates.
2013-01-04 15:30:24 -05:00
c7ae315e98
Added initial files for nonce service. Repository and service impls are stubs
2013-01-04 15:30:24 -05:00
cbcfe55bb9
added introspection flag to client bootstrap
2013-01-02 14:16:31 -05:00
4068952a81
fixed well size, added comment
2013-01-02 10:19:55 -05:00
655092a12b
added introspection checkbox, added access tab
...
Signed-off-by: Justin Richer <jricher@mitre.org>
2012-12-21 16:38:52 -05:00
9a1b2d7fac
made client edit page tabbable (that was seriously easy)
2012-12-21 16:26:34 -05:00
48866c15f2
button display cleanup
2012-12-21 16:07:59 -05:00
a85b1f5d74
split approved sites into two tables
2012-12-21 15:35:33 -05:00
198a45369a
buttonsize tweak
2012-12-21 15:03:45 -05:00
f12efc1b80
added dynreg caution block
2012-12-21 14:48:15 -05:00
231e81a426
updated icons
2012-12-21 14:28:07 -05:00
797d521691
cleaned up logged-in button
2012-12-21 13:04:33 -05:00
7ebbe3acc4
removed mockups
2012-12-21 11:01:22 -05:00
7459767646
fixed validation problem with new backbone
2012-12-20 17:46:34 -05:00
37bca0d5fb
cleaned out backbone validation plugin
2012-12-20 17:31:22 -05:00
9dd54d47bb
updated versions of backbone and underscore
2012-12-20 17:31:08 -05:00
e0672757bf
update to bootstrap 2.2.2
2012-12-20 12:44:02 -05:00
8ad28b41aa
fixing CSS and collapsing headerbar
2012-12-20 12:35:30 -05:00
67a682d53a
added default router to backbone app
2012-12-18 13:56:57 -05:00
87788f0710
let users visit home page without logging in
2012-12-18 13:56:46 -05:00
f265347311
tweaked error messages
2012-12-18 12:08:36 -05:00
18ddd8333f
added flag to allow introspection, relaxed same-client restrictions on introspection and chained tokens
2012-12-18 11:07:24 -05:00
6eabc895b9
moved database file to a reasonable name
2012-12-17 13:45:39 -05:00
1f53f41648
generic entity view now takes optional HttpStatus argument
2012-12-14 17:35:21 -05:00
a3790f943e
cleaned up introspection endpoint to use exceptions
2012-12-14 17:35:20 -05:00
e5206f2b92
implemented jwt assertions for id tokens
2012-12-14 17:35:20 -05:00
51b67ebc03
added queries to get access token from id token
2012-12-14 17:35:20 -05:00
1853bd7117
added assertion token granter
2012-12-14 17:35:20 -05:00
0d6c96f410
moved JPA adapter to data-context, addresses #242
2012-12-14 09:43:42 -05:00
2a74be5baf
bringing mysql tables up to date
2012-12-13 16:54:21 -05:00
2c104a71e2
cleaned up mysql table
2012-12-13 16:04:45 -05:00
cda6163d0d
null and blank handling
2012-12-12 12:29:14 -05:00
06fad3a41c
moved view for client API
2012-12-11 15:19:11 -05:00
6344a72519
missed a few applicationName references, fixed API JSON rendering
2012-12-11 15:16:18 -05:00
dfd8e9c7c7
removed unused view
2012-12-11 15:15:52 -05:00
dd04df6a22
fixed javascript bugs
2012-12-11 14:08:10 -05:00
f12d3c7d30
fixed variable reference
2012-12-11 13:37:14 -05:00
920777128d
switched to uncompressed jquery
2012-12-11 13:29:19 -05:00
829c8ae5f4
tweaked functionality of grant types and scopes
2012-12-11 13:16:33 -05:00
cc36851bdd
propagated field name change to UI
2012-12-11 12:38:55 -05:00
179903b074
propagated client changes to service
2012-12-11 12:31:01 -05:00
2f7891d02c
updated mysql table to new schema
2012-12-11 12:27:24 -05:00
bcfa37040e
missed one
2012-12-11 12:18:51 -05:00
33ceedb283
added scope and grant_type, switched to timeunit
2012-12-11 12:11:09 -05:00
e2bc15c2b2
beginning of client registration refactor to track IETF dynreg spec
2012-12-10 17:36:33 -05:00
94c37f5815
added redelegate scope to client list, fixed inconsistency with refresh token issuance (addresses #239 )
2012-12-10 16:53:05 -05:00
510ddb48b7
override the correct part of the token granter class
2012-12-10 15:54:37 -05:00
bdcc6af096
temporary sanity check for client ID's
2012-12-10 11:40:03 -05:00
cab0839430
added workarounds for quirks in SECOAUTH
2012-12-10 11:27:28 -05:00
edc96d646c
added chained token grant
2012-12-10 10:48:38 -05:00
54708fb0ac
fixed id token scopes (shouldn't inherit from parent token)
2012-12-10 10:11:02 -05:00
2a206654b6
added client credential protection to revocation endpoint
2012-12-07 17:17:19 -05:00
e38b2b0ba5
shortened revocation endpoint url
2012-12-07 17:16:03 -05:00
fbc3c46128
Introspection now draft spec compliant, requires client auth
...
Currently this is the client that originally sent the token, we want to have a way to bind other "clients" to this token as well, like resource services. Also want to let open calls, sometimes.
2012-12-07 17:12:13 -05:00
544e3d7b43
added copy constructors because Dave likes to use unmodifiable sets for no apparent reason
2012-12-07 10:06:10 -05:00
64ef752f08
added refresh token granter for testing
2012-12-07 09:56:43 -05:00
7561ac9e8c
client dynamic registration now protected by access token, addresses #199
2012-12-06 17:48:23 -05:00
7342da6a51
completed making id tokens into access tokens
2012-12-06 16:24:04 -05:00
e4f9fa2bbf
labeled introspection endpoint
2012-12-06 16:19:25 -05:00
17374a57e0
added ISO date format to generic entity view, addresses #232
2012-12-06 16:15:14 -05:00
3378cd5c4c
cleaned table
2012-12-06 14:24:38 -05:00
b8f701d9d8
switched id tokens to entities, they're now access tokens also
...
still needs some work to get the auth object right, for now we're just copying from the access token
2012-12-06 10:19:21 -05:00
2ef8d16e9c
typo, formatting
2012-12-05 15:49:50 -05:00
ba7ddf17f9
added bootstrapping for clients, cleaned up sql files
2012-12-05 15:04:14 -05:00
cf7ceb74f3
betterer logout button
2012-12-04 16:40:28 -05:00
2f1a6864b8
made a better logout button
2012-12-04 16:37:57 -05:00
838e029db1
added logout button
2012-12-04 16:18:58 -05:00
d7d9e84e70
fixed user_id mapping
2012-12-04 16:18:37 -05:00
f091343d84
moved back to in-memory database by default
2012-12-04 15:56:03 -05:00
49e216412e
Added bootstrapped users set.
2012-12-04 15:51:10 -05:00
dcc56ec9dd
temporary tables to prevent casts from leaking
2012-12-04 14:38:08 -05:00
8b37011244
added casts to varchar to avoid extraneous spaces
2012-12-04 13:35:40 -05:00
e305d3b16b
Making stable in-memory and in-file database with HSQL
2012-12-03 17:53:25 -05:00
061c0f0814
minor cleanup
2012-12-03 16:10:07 -05:00
250432ce7f
Added information into the user_info table
2012-12-03 14:56:40 -05:00
1bcaa68cb4
Added user_info stuff... and changed serverconfig for issuer...
2012-12-03 14:56:40 -05:00
47b34d2b1b
Added blacklist table to HSQLDB sql script
2012-12-03 14:56:40 -05:00
4fdb0816eb
Moved DB to use in memory HSQLDB. Made authentication-provider use a jdbc-user-service in that in-memory hsqldb.
2012-12-03 14:56:40 -05:00
fce47c239a
added slashes to patterns what needed them, removed vestigial intercept from user-context
2012-11-26 16:23:46 -05:00
122a2de074
First attempt at making API not redirect to /login, failed
2012-11-26 16:05:46 -05:00
d07f67bd76
let user select when grants time out
2012-11-26 14:26:07 -05:00
84401531ae
tie refresh token generation to "offline" scope tag
2012-11-26 13:16:19 -05:00
50040a8ef4
fixed checkbox labels
2012-11-26 12:57:49 -05:00
667c3abc8a
dynamic scope display/selection on approval page
2012-11-26 11:53:19 -05:00
1281d75aa9
stopped re-parsing scopes
2012-11-26 11:53:19 -05:00
9c3a40779b
updated to SECOAUTH's horrible new object-breaking authorization request paradigm.
...
Bonus: it works!
2012-11-26 11:53:19 -05:00
3e327b9df6
reverted to original controller behavior
2012-11-26 11:53:19 -05:00
cf4581a5eb
updated configuration to reflect secoauth changes
2012-11-26 11:53:19 -05:00
45ca4e565e
updated to SECOAUTH-1.0.1-BUILD-SNAPSHOT
2012-11-26 11:53:19 -05:00
cf1ddf0457
Determined that init binder was not needed to fix default for Boolean require_auth_time; instead use defaultValue=\"true\" in the RequestParam declaration. Also fixed bug in ClientDetails service so that it will not blow up if the client has no redirect uris registered
2012-11-21 15:39:07 -05:00
2084639828
Working on init binder for ClientDynamicRegistrationEndpoint
2012-11-21 14:54:24 -05:00
8b0c520534
Issue 213, writing init binder to convert null Boolean values to false before calling setters
2012-11-21 14:53:41 -05:00
a2a29e7b76
trying out new confirmation controller
2012-11-21 10:00:35 -05:00
d9b6918bc2
softened error from scope checker -- returns false now, allows things to pass through
2012-11-20 14:08:18 -05:00
9c08944a02
Changed arity on approved sites (now can have many per user/site combo)
2012-11-20 14:07:55 -05:00
58b97f7371
stupid javascript
2012-11-20 13:16:08 -05:00
fda86e23e9
moved everything to use the consumes/produces framework of Spring 3.1
2012-11-20 13:12:21 -05:00
51920ee381
switched to using "uneditable-input" classes instead of disabled input fields
2012-11-19 16:32:04 -05:00
e303319701
got rid of postrender
2012-11-19 16:13:49 -05:00
5b0c17c5de
added in checks to blacklist service upon client registration and update
2012-11-19 14:10:55 -05:00
7a6c96a759
fixed links
2012-11-19 14:10:37 -05:00
e9d1ed270d
service layer cleanups
2012-11-19 13:46:09 -05:00
4e18fb4525
blacklist management UI
2012-11-19 13:01:16 -05:00
d576df4b31
fixed render length limits on list widget
2012-11-19 11:52:30 -05:00
757e21a722
added blacklist API
2012-11-16 11:57:46 -05:00
1f4b97bc7e
fixed icon and variable reference
2012-11-16 10:14:28 -05:00
e86f19bd7c
added dynamic icons to whitelist table
2012-11-15 17:53:38 -05:00
2beff07d4b
added icons and tooltips to approved site table
2012-11-15 17:51:31 -05:00
20b73ea0c4
tooltip works!
2012-11-15 17:46:13 -05:00
8ecdb8a4ab
added icon to template, popover doesn't work yet
2012-11-15 17:41:00 -05:00
9064b49a54
added refresh buttons to all tables, fixed loading behavior to a proper cascading function call
2012-11-15 16:55:51 -05:00
a88ae8258a
Updated plus and minus buttons in list views, addresses #202
2012-11-15 16:35:17 -05:00
150c4032fd
WTF MYSQL!!
...
Added "NULL" option to all appropriate TIMESTAMP columns so that they behave how we expect them to.
2012-11-15 15:23:54 -05:00
f9aafb5edd
approved sites UI
2012-11-15 14:50:30 -05:00
f4605ef2fc
cleaned out startAfter function
2012-11-15 12:18:47 -05:00
845c11ad3a
methods for creating, editing, and deleting whitelist sites all function
2012-11-14 17:08:58 -05:00
321172c40c
fixed load/fetch order, fixed edit form display, robustified whitelist views against missing client IDs
2012-11-14 16:30:10 -05:00
f39c254353
updated variables for consistency, tracking down a data-loading bug
2012-11-14 15:21:41 -05:00
51cfe1746d
whitelist editing
2012-11-14 15:20:32 -05:00
bb589fc29a
fixed logic error in script inclusion
2012-11-13 18:05:15 -05:00
cccbad2ca1
added whitelist button to table view
2012-11-13 17:55:29 -05:00
7a9d7e6363
Fixed sidebar menu
2012-11-13 17:13:20 -05:00
7b1a2529dc
added whitelist model and template
2012-11-13 17:11:09 -05:00
ee0fe4a9d3
applied placeholder CSS hack to header CSS
2012-11-13 15:35:01 -05:00
86ebdff82b
Revert "Placeholder UI updates"
...
This reverts commit fd89312b0c
2012-11-13 15:08:22 -05:00
030e2ce2df
fixed link scanner
2012-11-13 15:06:09 -05:00
706858c41f
added comments, fixed paths, uncommented logo hide function
2012-11-13 13:27:57 -05:00
f2e1317365
added purl.js library for URL parsing
2012-11-13 13:12:15 -05:00
33f11cb98f
cleanly applied pushstate changes, new URL structure
2012-11-13 13:10:34 -05:00
1d8254bf2f
changed target of approve form
2012-10-24 15:06:56 -04:00
be506ae952
Moved fonts local, fixed loading indicator
2012-09-25 13:37:36 -04:00
84cedbb45e
Support the "Enter" key on list widget
2012-09-25 13:24:38 -04:00
8fc6b2b680
Removing the rest of Justin's load hack
2012-09-25 13:18:31 -04:00
fd89312b0c
Placeholder UI updates
2012-09-25 12:52:55 -04:00
48941f1713
Dynamic JS loading and UI updates
2012-09-25 12:52:54 -04:00
2311cdf1f2
Revert "Dynamic Client Loading Initial Commit"
...
This reverts commit a4e5335eda02cdb6b32a966d194035429ca52915.
2012-09-25 12:52:52 -04:00
d7455dba14
Dynamic Client Loading Initial Commit
2012-09-25 12:52:51 -04:00
29862f15bd
Removed a bunch of commented-out configuration
2012-09-18 15:21:55 -04:00
51073a7f8d
Refactor part 3
2012-09-18 15:01:05 -04:00
ef80676dc1
Cleaned up web package a bit - lots of unused imports and variables
2012-09-18 14:39:07 -04:00
dd2abd94d1
Refactoring part 2
2012-09-18 14:36:27 -04:00
c40efda6b5
Refactor part 1
2012-09-18 14:24:34 -04:00
0b6aebfefe
Revert "removed postrender function, use render function instead"
...
This reverts commit 2b1e78d195
2012-09-13 11:27:50 -04:00
ebf77bea68
Updated timeout functions
2012-09-13 11:24:48 -04:00
6fdd088125
Updated client secret panel display
2012-09-13 11:24:29 -04:00
be17133a99
Changed "submit" label to "save"
2012-09-13 11:02:53 -04:00
2b1e78d195
removed postrender function, use render function instead
2012-09-13 10:33:52 -04:00
ece1b56095
added missing brackets
2012-09-13 10:33:52 -04:00
fe3e890bb3
changed to table head for input control
2012-09-13 10:33:52 -04:00
d8221a2a35
added missing semicolon
2012-09-13 10:33:52 -04:00
ed75b38ecc
changed list view table styling
2012-09-13 10:33:52 -04:00
a4a40ffae5
unit test for x509 endpoint
2012-09-12 14:14:15 -04:00
d9771f2322
Timout Bugfixes
2012-09-12 13:55:30 -04:00
26c3cf5989
Timout UI refactor
2012-09-12 13:48:01 -04:00
19df5ae032
Timeout form updates. Logo URL updates
2012-09-11 15:06:20 -04:00
cb6767dfb4
Timout form updates
2012-09-11 15:06:17 -04:00
a9d1799eda
added getter/setter to UIE schema-to-view map
2012-09-11 12:44:47 -04:00
920b2a59ba
Fixed error logging
2012-09-10 17:17:03 -04:00
2d24435365
Created custom resolver, handler mapper
...
moved endpoint back to server
2012-09-10 17:17:03 -04:00
7eb0a6f3d2
Moved JWK to commons
2012-09-10 17:17:03 -04:00
f3c225d8f2
Updated SECOAUTH reference, made required alterations to our configuration
2012-09-07 16:08:15 -04:00
ea16f4e2b6
Fixed merge weirdness
2012-09-07 14:09:10 -04:00
b58ed8b616
Added logoURL stuff
2012-09-07 13:51:58 -04:00
61b828e182
Fixed bug - removed service layer @Transactional annotations, which negated need for flush at repository level; moved @Transactional annotations.
2012-09-04 17:53:02 -04:00
c8f9a3de76
Merge remote-tracking branch 'origin/UI-form-updates'
2012-09-04 13:25:16 -04:00
ee7a5fd2e1
added registration URL to discovery endpoint
2012-08-30 17:18:36 -04:00
332fe282be
List Widget UI values cannot be null
2012-08-29 14:40:23 -04:00
fe837c4fa5
comment edit
2012-08-29 13:56:10 -04:00
4fcbbe639f
visual error indicators for redirect uri and scope
2012-08-29 13:54:04 -04:00
15359a236a
Scope UI Auto-complete
2012-08-29 13:36:46 -04:00
11b35267b4
Refactored stats processor into a service, made home page into a smart page.
2012-08-28 17:42:43 -04:00
85e13bd11d
Initial Scope UI updates
2012-08-28 15:59:03 -04:00
bc0ee4cbab
force id consistency
2012-08-28 15:28:55 -04:00
8876217baf
Added cleanups to client service
2012-08-28 15:28:55 -04:00
d041ddb0e1
Added approvedSite API and support structure
2012-08-28 15:28:55 -04:00
2bf5cfc041
service bug fix
2012-08-28 15:28:55 -04:00
b462d6dd96
added empty http code view
2012-08-28 15:28:55 -04:00
8ae1b376fe
updated whitelist service and repository
2012-08-28 15:28:55 -04:00
6a180acf3c
added preliminary whitelist api
2012-08-28 15:28:55 -04:00
59e2f0e127
Backbone List View Widget Initial Commit
2012-08-28 12:49:33 -04:00
4af3dd89be
cleaned up client api
2012-08-28 12:29:59 -04:00
72c125ba64
refactored binder into two parts
2012-08-28 12:29:33 -04:00
be54696603
Generic GSON entity printer
2012-08-28 12:29:10 -04:00
0aa6da67de
Bootstrap JS Upgrade
2012-08-28 12:03:08 -04:00
306e07bc36
UI Dynamic List updates
2012-08-27 23:46:06 -04:00
5377a2bac4
Redirect URI UI updates
2012-08-27 17:12:02 -04:00
0b1bb4f8aa
call the right service api
2012-08-27 16:57:52 -04:00
407c14d0dc
added missing bean annotation
2012-08-27 16:52:00 -04:00
3e423e9e04
explicitly exposed registration url
2012-08-27 16:46:58 -04:00
a674589db0
added client editing capability
2012-08-27 16:46:45 -04:00
a45c8bf96d
upped default client secret strength
2012-08-27 16:46:25 -04:00
e39dcb63dd
added views, fixed registration for SECOAUTH required parameter
2012-08-27 16:25:43 -04:00
d8037c0513
Redirect URL UI initial commit
2012-08-27 16:17:22 -04:00
83873f8ae2
added defaults for SECOAUTH
2012-08-27 16:09:01 -04:00
9f84126cb8
more dynamic registration
2012-08-27 16:00:47 -04:00
aeb6644d38
exploded version of attribute binding/processing
2012-08-27 14:47:04 -04:00
e4470c9361
mapped the invalid scope exception, addresses #102
...
Still can't access userinfo if you're not using OAuth2
2012-08-27 13:28:54 -04:00
259e84c871
put null check into interceptor, addresses #183
2012-08-27 11:55:06 -04:00
8361f74932
removed innocuous change
2012-08-24 16:00:58 -04:00
42287edc9b
junk comentt showwhich brnach we'ron
2012-08-24 15:27:39 -04:00
a61d94e07e
Cancel buttons on client forms
2012-08-24 14:32:13 -04:00
149080f776
Breadcrumbs are now fully dynamic.
2012-08-24 12:57:10 -04:00
37d6d63772
inject userinfo into context for use in JSPs
...
addresses #99 (for real this time)
2012-08-23 18:23:52 -04:00
b5ce8d5e8b
added getByUsername to userinfo repositories and supporting classes, updated calling classes to use this
...
fixed namedquery
2012-08-23 18:23:47 -04:00
6cb0269629
Merge remote branch 'origin/master'
2012-08-23 18:08:13 -04:00
dc1f1965af
Refactoring breadcrumbs. The breadcrumb bar will disappear momentarily.
2012-08-23 18:07:22 -04:00
ba5572b28a
Tidied up a bit, added javadoc comments to new classes
2012-08-23 11:05:10 -04:00
c23b176567
Database backed authorization-code-service now works.
2012-08-23 10:46:08 -04:00
4b76cc514b
Added a database-backed authorization-code system. Untested; needs to be injected into configuration in the place of the in-memory one and tested
2012-08-22 16:54:00 -04:00
dc61068702
Split approved site and whitelisted site scope tables.
2012-08-22 15:21:42 -04:00
e5b62e8935
fixed patterns and expressions on http blocks
2012-08-21 14:02:35 -04:00
9eb328831f
changed to proper prefix
2012-08-21 13:55:47 -04:00
af01e26e10
Split up permitAll on enpoints
2012-08-21 12:54:55 -04:00
d2f7e8edf9
Moved SPEL to app-context, and added enpoint permitAlls
2012-08-21 12:53:48 -04:00
bdfdbbadbc
stats summary, addresses #62
2012-08-21 12:20:05 -04:00
6cb7e74046
updated default handling to user proper backbone model handling
2012-08-20 16:49:39 -04:00
74b4fab58c
Client secret processing
2012-08-20 16:06:12 -04:00
05fa7b148c
added checks for generated client secret
2012-08-20 12:23:02 -04:00
9e60da2675
added controls for client secret processing
2012-08-20 12:22:38 -04:00
a02f37cec3
added generators to client service API
2012-08-20 12:22:18 -04:00
8520fcbf72
removed deprecated granted authority reference
2012-08-17 14:40:13 -04:00
a65504c0cb
added new exception for userinfo, addresses #133
2012-08-15 16:02:06 -04:00
209fc2d249
refactored request object endpoint to avoid urlspace conflict with SECOAUTH
2012-08-15 12:06:37 -04:00
d1218efb2a
cleaned up imports
2012-08-14 10:55:08 -04:00
55e7a4d707
moved request object auth endpoint in project setup
2012-08-14 10:55:08 -04:00
ec286b9644
removed auth bean from application-context. Added extra parameter checks in request object auth endpoint
2012-08-14 10:55:08 -04:00
04d8faa90a
updated autowired annotation
2012-08-14 10:55:08 -04:00
20a7ebc576
autowired all member variables in request object auth endpoint
2012-08-14 10:55:08 -04:00
694074ee58
moved endpoint, added param processing
2012-08-14 10:55:08 -04:00
36b9c805d9
added reference to abstract endpoint class to get token granter
2012-08-14 10:55:08 -04:00
2bdbb283b7
removed dependency on abstract endpoint class. added methods needed to authRequestObjectEndpoint (afterPropertiesSet())
2012-08-14 10:55:08 -04:00
51ec529861
readded implementation of initializingBean
2012-08-14 10:55:08 -04:00
638ebf2010
cleaned up AuthRequestObjectEndpoint class
2012-08-14 10:55:08 -04:00
d93f5f18e5
added state value to jwt that gets passed as request object. certain methods from SECOAUTH use this
2012-08-14 10:55:08 -04:00
3486ea28f1
updated mimicked methods to not use jwt, but rather a jwt in an auth request
2012-08-14 10:55:08 -04:00
1a20dcbc6e
added methods that mimic behavior of private SECOATH methods
2012-08-14 10:55:08 -04:00
d5caa0b543
changed server endpoint to act like an endpoint. WIP to accept request objects, validate, and redirect
2012-08-14 10:55:08 -04:00
7d6211afd7
cleaned up some imports, added serverEndpointRequest class
2012-08-14 10:55:08 -04:00
28344a3c91
auth endpoint got into client code. removed
2012-08-14 10:55:08 -04:00
2888c08083
changed cookie claim to include the response
2012-08-14 10:55:07 -04:00
c0a61fe47a
moved jquery to page header instead of footer, added focus call on login form
2012-08-14 10:48:38 -04:00
484abc4915
fixed client delete
2012-08-10 17:24:21 -04:00
5e898a7b0b
Id toke timeout binding for UI
2012-08-10 17:20:23 -04:00
aaa38a761d
Mis-type for client secret
2012-08-10 17:18:43 -04:00
b99d2ed9dc
Client Id null fix
2012-08-10 17:15:35 -04:00
935b5ed43a
Client Id is now editable
2012-08-10 17:11:13 -04:00
0f9d4ef255
Id refactor UI
2012-08-10 17:05:28 -04:00
155974d8e3
moved services and api over to using new client Id field (instead of client_id)
2012-08-10 16:53:31 -04:00
eb5a24690f
added method to get client by its (new) Long id
2012-08-10 16:29:16 -04:00
480fb8e593
Id refactor UI
2012-08-10 16:26:54 -04:00
ae5e1ca859
Merge remote branch 'origin/master'
2012-08-10 16:12:54 -04:00
3f9e2cfa52
Horizontal UI refactor
2012-08-10 15:29:11 -04:00
74a40fc973
changed auth holder reference, moved dates to timestamps
2012-08-10 14:26:47 -04:00
bb7d6b2e94
split scopes table
2012-08-10 14:26:47 -04:00
ed99bd36cf
changed clientdetails entity to use @Enumerated, cleaned up .sql file foreign keys
2012-08-10 14:26:47 -04:00
66e5cf3f04
Client table button UI tweaks
2012-08-10 14:23:54 -04:00
8d57e0e9ef
Issue # 81 Client UI - Creating new client creates duplicate
2012-08-10 14:19:33 -04:00
a5a102bbe4
Github Issue #116
2012-08-10 11:25:50 -04:00
97d7bc9c13
added field to indicate whether the client has been dynamically registered
2012-08-09 15:55:07 -04:00
170036e0b8
Added expiration to id tokens
2012-08-09 12:44:22 -04:00
6bb9f67f5e
Removed individual .sql files. All table definitions are now concatenated in database_tables.sql.
2012-08-09 12:44:22 -04:00
f724d3a9fe
updated userinfo table definitions
2012-08-09 12:44:22 -04:00
617e9568d8
Fixed bugs; I can get tokens now. User approval handler seems to be working corrrectly.
2012-08-09 12:44:22 -04:00
49cb8bd0cb
fixing bugs; needed to make all ids BIGINT AUTO-INCREMENT PRIMARY KEY in sql files
2012-08-09 12:44:21 -04:00
0757642e67
removed "s" from allowed_scopes
2012-08-09 12:44:21 -04:00
9c32e92da5
Cleaned up sql tables some more; sticking to _ naming convention
2012-08-09 12:44:21 -04:00
d7deda1699
Propogated AuthenticationHolder effects; this is untested but compiles and I think it is mostly correct
2012-08-09 12:44:21 -04:00
90df91c351
Added AuthenticationHolder object, got references squared away for AccessToken side. Compiles.
2012-08-09 12:44:21 -04:00
cf348590b0
Removed unused ClientGeneratorFactory
2012-08-09 12:44:21 -04:00
d6d80c3e60
Gave OAuth2RefreshTokenEntity a Long Id
2012-08-09 12:44:21 -04:00
6b1dad7215
Gave OAuth2AccessTokenEntity a Long Id
2012-08-09 12:44:21 -04:00
780839dbf9
Made things compile after ClientDetailsEntity refactoring
2012-08-09 12:44:21 -04:00
a68a4f9796
Organized ClientDetailsEntity, updated JPA annotations. Updated sql files to match. Naming conventions: table and column names with multiple words should be seperated by underscores; table and column names should be singular.
2012-08-09 12:44:21 -04:00
15428a875e
Added additional fields to ClientDetailsEntity and did some reorganization, still some more to do. Added "id" field to the sql file, but the sql still needs all of the other additional fields.
2012-08-09 12:44:21 -04:00
09e528e113
added discovery info for x509 and client auth
2012-08-07 17:30:36 -04:00
dc7aac12f9
added custom login form, changed footer to only optionally load app
2012-08-07 12:09:32 -04:00
8d4e046408
All logging is now org.slf4j. We had a mix of org.slf4j and apache commons-logging. Added error logging to all view which throw errors.
2012-08-07 10:04:38 -04:00
a061e64abf
Merge branch 'user-approval-handler-updated-rebase'
2012-08-06 16:30:03 -04:00
32dc92119f
Cleanup completed, this works for the most part. TODO: need to make an upstream change in order to inject a new set of scopes into the AuthorizationRequest.
2012-08-06 16:29:22 -04:00
5fb67ab7bb
Did a lot of cleanup; untested but compiles
2012-08-06 14:33:16 -04:00
ae44bd5e0c
Works; about to do some cleanup
2012-08-06 13:40:27 -04:00
2f28cf33e7
Changed UserInfo refs in WhitelistedSite to String ids; updated the user approval handler to check if "remember this decision" is checked and only make a new AP if so, and to pull in the scopes selected on the approval page as the saved allowed scopes for that AP.
2012-08-03 16:43:37 -04:00
b87d54b06e
Changed UserInfo references to String "userId" references
2012-08-03 13:32:17 -04:00
845976b8ac
First stages of getting the graylist portion to work. Currently no mechanism for telling the system NOT to remember your decision; that will come later. All approvals will be automatically stored with this code.
2012-08-03 12:49:40 -04:00
51b8dbe065
Revert "updated jwtHeader typ to use an enum" -- set things back to using a string
...
This reverts commit 3b2268c622
2012-08-02 14:16:55 -04:00
9a7e40fee7
moved all bean definitions to annotations, removed orphaned CheckID view
2012-08-02 12:46:35 -04:00
1508369548
now with Walsh-flavored certificate generation
2012-08-01 18:04:26 -04:00
61a8d4a787
x509 take -- bouncycastley version
2012-08-01 17:19:33 -04:00
db415bfa2b
Working on user approval handler
2012-07-31 14:50:24 -04:00
a223565364
updating user approval handler
2012-07-31 14:50:24 -04:00
676808bdac
got things to deploy - could not reference UserInfo directly in ApprovedSite and WhitelistedSite; needed to reference DefaultUserInfo instead.
2012-07-31 14:50:24 -04:00
4e10fce7ef
Implementing user approval handler; made some modifications to ApprovedSite and WhitelistedSite models, repositories, and service layers.
2012-07-31 14:50:24 -04:00
7c33e19950
Changed authorization endpoint to /authorize rather than /auth; updated SWD entry. Also removed checkid entry from SWD.
2012-07-31 14:39:27 -04:00
863693cf59
Merge pull request #128 from mtderryberry/jwe-and-jwt-fixes
...
Jwe and jwt fixes
2012-07-31 10:52:04 -07:00
3982561a5b
Removing "throws exception" from views. Addresses issue #70
2012-07-31 12:28:46 -04:00
5cf6359f7d
Merge branch 'master' of github.com:mitreid-connect/OpenID-Connect-Java-Spring-Server
2012-07-31 12:14:19 -04:00
686412757f
shortened urls
2012-07-31 12:02:21 -04:00
3b2268c622
updated jwtHeader typ to use an enum
2012-07-31 11:29:48 -04:00
1b5f99efec
added .json mapping to SWD
2012-07-31 10:42:42 -04:00
02da9fceed
fixed imports
2012-07-31 09:16:05 -04:00
d07667576e
cleaned up old code
2012-07-30 16:50:44 -04:00
40f39a18e0
cleaning up introspection endpoint
2012-07-30 16:50:44 -04:00
e7449901a6
Removed IdTokenGeneratorService. Addresses issue #75
2012-07-30 16:46:20 -04:00
ee9288a72a
turned down cache in default
2012-07-30 16:16:02 -04:00
c80f7f1fcd
removed keystore dependency where it is not needed
2012-07-30 14:58:29 -04:00
319568d971
refactored JWA algorithm markers to use enum instead of string as stored class
2012-07-23 20:21:31 -04:00
165f3ea292
fixed some unit tests, broke others
2012-07-23 18:44:47 -04:00
1f68c835c0
updated openid connect image
2012-07-16 15:12:35 -06:00
7a3ae5a757
Merge remote branch 'origin/master'
2012-07-10 17:00:30 -04:00
30addb5439
Redirect URI now displayed on approval page.
2012-07-10 16:54:55 -04:00
9f16f309bd
updated userinfouserdetailsservice to use username instead of userid -- this should actually be a wrapper class though
2012-07-10 16:44:29 -04:00
b0a7ebd9b1
fixed JWK algorithm display
2012-07-10 14:57:12 -04:00
84aa451095
Added comment for spring-servlet.xml
2012-07-10 13:29:53 -04:00
5657bc8f28
updated configuration, confirmed works pending SECOAUTH-299
2012-07-09 11:25:45 -04:00
e5eb2e03d8
added implicit beans
2012-07-09 11:25:45 -04:00
01793ec57f
added preferred_username claim to userinfo endpoint
2012-07-06 16:02:11 -04:00
8abbce3a2d
fixed broken unit tests - they were pointing to the wrong spring context file;
2012-07-06 14:22:06 -04:00
50241e4da1
changed UserInfo.verified to UserInfo.emailVerified.
2012-07-06 14:11:43 -04:00
8fe132cb53
formatting
2012-07-05 18:32:31 -04:00
830e07c35c
moved whole configuration from servlet context into application context
2012-07-05 18:26:12 -04:00
dbd563f3f2
attempting to allow make use of SPEL
2012-07-05 18:21:52 -04:00
f0c949fd09
added scope-based filter for userinfo
2012-07-05 17:14:51 -04:00
c619e736f9
removed eclipse files from repository
2012-06-29 15:13:52 -04:00
5c1b07ae65
don't overwrite an existing JWT nonce
2012-06-28 17:04:21 -04:00
29731d52f6
Merge branch 'refreshtokens' of file:///home/jricher/Projects/workspace-sts/OpenIDConnect-MITRE/OpenID-Connect-Java-Spring-Server into refreshtokens
2012-06-28 17:00:17 -04:00
de1597b214
refresh token handling fixed, removed token factory references
2012-06-28 16:55:11 -04:00
0dc568e5d0
Fixed more information link on approval page
2012-06-28 14:54:59 -04:00
a022f4d713
Authorized grant types now supported client-side
2012-06-28 14:40:37 -04:00
bff34f647c
Allowing a null value for redirectURIs
2012-06-28 12:07:02 -04:00
8fbea2516a
Updated client side variable names to reflect name changes to access token and refresh token timeout
2012-06-28 11:37:34 -04:00
4e3c99abe4
Merge branch 'validityIntegers'
2012-06-26 13:55:26 -04:00
81d1af40bd
Updated our ClientDetailsEntity *TokenTimeout fields to be *ValiditySeconds, which are now typed as proper Integers in the SECOAUTH ClientDetails interface
2012-06-26 13:54:01 -04:00
b6e00b9884
Base white-list functionality and template
2012-06-26 12:50:13 -04:00
1127a7cfbc
refactored JWKs, updated signing servier to use them
2012-06-25 17:19:25 -04:00
adb8499bee
merged derryberry code, plus tweaks, still WIP
2012-06-25 16:42:41 -04:00
baa7ce5e7b
Merge branch 'master' of github.com:mitreid-connect/OpenID-Connect-Java-Spring-Server
2012-06-20 15:10:58 -04:00
2930719700
Added architecture diagram
2012-06-20 15:07:37 -04:00
b94fbd7439
updated -common and -client code by removing throws exception, changing to rest templates, and updating test cases to use annotations
2012-06-20 09:36:55 -04:00
94256d95a1
added crypto configuration file
2012-06-19 16:25:13 -04:00
a38dc0ce29
added crypto configuration file
2012-06-19 16:24:50 -04:00
fe3bbfb3d5
Further cleanups. Still missing:
...
- All tests extend TestCase, should use annotations instead
- Several elements throw Exception
- Key Fetchers should use RESTTemplates and be in a separate utility set
2012-06-15 17:11:58 -04:00
b86abdd761
merge from pull request, plus cleanup
2012-06-15 15:36:14 -04:00
731ad2e2e2
updated SECOAUTH reference, fixed some SQL files, temporarily closed token timeout issue
2012-06-15 12:05:08 -04:00
f9558f0955
stripped out check id endpoint interaction as it deprecated, refactored nonce checking based on spec change, pull user_id as id_token token claim
2012-06-13 18:31:13 -04:00
ace5dd1f1e
imported userinfouserdetails filter from MITRE codebase
2012-06-13 16:33:55 -04:00
65dc3daaf8
smart client
2012-06-12 16:09:01 -04:00
2a05ff995d
Added support for additional field in ClientDetailsEntity.java.
2012-06-11 16:27:35 -04:00
bbf9591c92
Merge branch 'master' into issue52
...
Conflicts:
openid-connect-server/src/main/java/org/mitre/oauth2/service/impl/DefaultOAuth2ProviderTokenService.java
openid-connect-server/src/main/webapp/WEB-INF/spring-servlet.xml
openid-connect-server/src/main/webapp/WEB-INF/views/oauth/approve.jsp
2012-06-11 15:04:01 -04:00
c3cffe1eac
cleaned up bad config file
2012-06-05 16:42:26 -04:00
195810fc63
Merge branch 'architecturedocs'
2012-06-05 16:38:07 -04:00
7a207dc162
Merge branch 'discoveryupdate'
2012-06-05 16:37:04 -04:00
250e0c730e
Merge branch 'jwtupdate'
2012-06-05 16:36:32 -04:00
7df2663e00
added final slashification of configuration URLs
2012-06-05 16:36:11 -04:00
fbdccdb78e
added Xrd support ( fixes #63 ), updated configuration locations ( fixes #47 )
2012-06-05 16:32:49 -04:00
e44697cef9
updated JWK display to latest, closes #58
2012-06-05 16:07:19 -04:00
3b4e95ac10
Approval page updates
2012-06-05 15:52:09 -04:00
d424f44b8c
Removing some whitespace
2012-06-05 13:08:55 -04:00
46cd08071d
cleaned up sql table references to redirect uris, see #48
2012-06-05 11:45:06 -04:00
8e33a17307
moved DB schema files up a few levels, fixed test context to point to new locations
2012-06-05 11:32:51 -04:00
5c72d8b95f
revocation endpoint cleanup, still needs views
2012-06-05 11:24:11 -04:00
27219c066d
refactored our service to reflect upstream
2012-06-05 10:18:26 -04:00
e95528a08d
added implementation to stub to read an access token by value
2012-06-05 10:11:24 -04:00
c89b1814d6
Fixed approve.jsp checkboxes (both had the same name).
2012-06-01 17:12:33 -04:00
8684bb969f
Updated approve.jsp with Jett's new code to display some checkboxes. This has been tested, and the additional parameters are persisted correctly and are available to the TokenGranter.
2012-05-31 13:39:24 -04:00
68483536a6
Approval page updates. Approval and denial buttons are now in one form. Generic checkboxes are in place.
2012-05-31 12:12:56 -04:00
424f8bb737
Refactored to use TokenEnhancer rather than a custom TokenGranter.
2012-05-30 16:14:00 -04:00
998fc7f98b
cleaned up beans layout
2012-05-30 15:17:33 -04:00
8917e75010
see issue #19
2012-05-30 15:14:15 -04:00
16aa0c59b5
Added token enhancer. Now to plug it in.
2012-05-30 12:31:12 -04:00
d4e107caf1
updating
2012-05-30 12:08:44 -04:00
2070d2e413
Updated to use AuthorizationRequestFactory rather than ClientCredentialsChecker.
2012-05-30 12:08:08 -04:00
ce847dd4f7
updated poco user view to contain name
2012-05-24 15:57:34 -04:00
c418ccabb1
Merge branch 'master' into userInfoEndpoint
2012-05-24 13:06:29 -04:00
1bff5ef19f
Added POCO view, Added UnknownUserInfoScheamException runtime exception
2012-05-24 11:00:49 -04:00
b838ddb786
Client ID display fix
2012-05-23 14:24:53 -04:00
a1d85e281e
Client ID now showing on display and edit page
2012-05-23 14:21:08 -04:00
48ff2d3d77
Merge remote branch 'origin/master'
2012-05-23 14:01:40 -04:00
f8af7bf884
Adding help text for time-out options
2012-05-23 14:01:31 -04:00
5c544dfe7c
Merge branch 'master' into userInfoEndpoint
2012-05-23 13:43:32 -04:00
7d4d65c359
Merge branch 'userinfo_integration'
2012-05-23 13:39:03 -04:00
a8e9f1d2cd
fixed rendering issues with user info view
2012-05-23 13:36:53 -04:00
9612fde10e
Check for null address, and added email
2012-05-23 13:35:05 -04:00
08958d4137
Merge remote-tracking branch 'remotes/steve/userInfoEndpoint' into userinfo_integration
2012-05-23 13:11:40 -04:00
06fadb5f2b
oauth provider configuration started
2012-05-23 12:55:21 -04:00
9b03831d4e
Filled in the UserInfoEndpoint, and added the JSON view for userInfo (openIdSchema)
2012-05-22 16:56:22 -04:00
668952ec09
Fixing typo
2012-05-22 16:12:21 -04:00
b59baa09a9
Cleaning up placeholder fields
2012-05-22 16:07:51 -04:00
c85248c40c
Editing bug fix for validation
2012-05-22 15:19:47 -04:00
a44dee1fd6
Fixing IE compatibility with saving and editing clients
2012-05-22 15:06:06 -04:00
e5312b4c99
Client secret now editable and dynamically generated if not present
2012-05-22 14:36:40 -04:00
bd054bfd58
Client delete now requires confirmation
2012-05-22 12:28:48 -04:00
6c8aeba041
Default scope is "openid"
2012-05-22 12:25:29 -04:00
e4f2446569
- no restraints on client name and description (neither of them required)
...
- URI regex updated
2012-05-22 12:23:05 -04:00
51fe98b383
ClientAPI now sets owner for clients
2012-05-18 14:23:19 -04:00
f7a0b8de32
Client scope now supported
2012-05-18 14:09:23 -04:00
a1234a4fcd
Timeout form fields now supported. Backbone.JS Validation error handling updates.
2012-05-17 17:15:37 -04:00
2d980a4d8f
Refactoring of routing. Client updates
2012-05-17 16:33:22 -04:00
6f43040587
slight sequence diagrams tweaks, mods to account-chooser and openid-connect-client
2012-05-16 21:12:58 -04:00
b06640c921
First stages of client-side validation worked into application
2012-05-16 17:22:25 -04:00
c45991b561
Adding backbone.js validations framework
2012-05-16 16:04:30 -04:00
3402a3e463
ClientAPI now fully supports RESTful DELETE
2012-05-16 14:32:40 -04:00
7f5b9e2c82
ClientAPI now supports DELETE method
2012-05-16 14:03:49 -04:00
abf3f0ec33
Merge remote branch 'origin/master'
2012-05-16 13:28:24 -04:00
af6e043239
Client Entity now initialized with non-null values so JPA won't flip. Added unified method for saving. Sync'd class member names to allow proper binding.
2012-05-16 13:27:53 -04:00
7e3ce2d583
mods to reflect client <-> account chooser protocol, and refactoring...
2012-05-15 18:43:45 -04:00
0c7ea88323
Client updates.
2012-05-15 17:03:17 -04:00
0f9b828066
ClientAPI admin requirement now global
2012-05-15 14:10:12 -04:00
32e67730d8
ClientAPI maps to individual clients by IDs
2012-05-15 13:41:27 -04:00
6b481cd3bb
ClientAPI header updates
2012-05-15 13:09:16 -04:00
a4fc4e939e
ClientAPI cleanup
2012-05-15 12:41:41 -04:00
f91071c350
New clients now attempt to POST to client API
2012-05-14 15:33:27 -04:00
5e81ed6346
added some content to the architecture file
2012-05-14 15:00:06 -04:00
7375d00e88
added taglib hack
2012-05-11 16:10:06 -04:00
e00bba7ede
factored out one more piece of the security config
2012-05-11 13:43:29 -04:00
fd91c884bb
Made interfaces... deleted a thing.
2012-05-10 17:45:10 -04:00
ffe31e6049
merged config from bean config config bean bean
2012-05-09 15:32:13 -04:00
e158ef6fc2
added config bean
2012-05-09 15:20:15 -04:00
95fc66de31
Merge branch 'master' of github.com:jricher/OpenID-Connect-Java-Spring-Server
2012-05-09 15:17:53 -04:00
e33f277bbe
Updated classes to track newest version of SECOAUTH. This update closes issues #3 , #4 , #8 , and #36 (infinite redirects). This revision changes the authorization and token endpoints to be /openidconnect/auth and /openidconnect/token, respectively.
2012-05-09 15:16:56 -04:00
9abb15a559
Approval page style upgraded to bootstrap 2 classes
2012-05-09 14:20:44 -04:00
e6f77fd061
Merge branch 'master' of github.com:jricher/OpenID-Connect-Java-Spring-Server
2012-05-08 16:58:37 -04:00
c003bbf2c6
extracted user information from spring servlet config
2012-05-08 16:58:04 -04:00
4f0ffd872b
Removing older version of bootstrap
2012-05-08 14:31:24 -04:00
c8e3f70115
Now requiring homepage login
2012-05-08 14:09:24 -04:00
7dd81ac2de
Server-side dynamics
2012-05-08 13:53:21 -04:00
eb9f2617ba
New look
2012-05-08 12:11:39 -04:00
23fd7b1b21
Renaming Client View class
2012-05-08 11:20:40 -04:00
eda7505b7b
Client API now renders JSON for all Clients
2012-05-08 11:16:45 -04:00
ba56c00318
Backbone JS support for creating a new client.
2012-05-07 18:20:40 -04:00
c02bac8c38
New client actions rendered as buttons rather than anchors
2012-05-07 14:41:39 -04:00
4c503a7f40
Client table now fully rendered client-side with JS templates.
2012-05-07 14:39:32 -04:00
e9954f4439
Bootstrap spelling correction
2012-05-07 13:18:04 -04:00
df174a1695
Test Client JS now valid. App.JS updates
2012-05-04 15:56:12 -04:00
e2e2dfca43
TD now rendered dynamically
2012-05-03 18:00:50 -04:00
9f979cb742
Views now load after fetching templates
2012-05-03 12:57:09 -04:00
784fd14917
Client manager now renders views in bootstrap.
2012-05-01 15:50:24 -04:00
3859429ed6
Client javascript test updates
2012-04-30 17:04:22 -04:00
5622ccbf41
Removing Javascript CDN. This will fix cross domain issue when requesting JSON objects.
2012-04-30 11:45:37 -04:00
0134c4ea96
Merge remote branch 'origin/master'
2012-04-30 11:32:05 -04:00
df67c23dba
Removing Resig templating. Backbone.js provides template support.
2012-04-30 11:31:52 -04:00
97dffb6414
added copyright to all java files. closes #11
2012-04-27 17:55:58 -04:00
6724866099
moved jwt components, utilities, and various interfaces to -common from -server
2012-04-27 15:20:49 -04:00
59ecb03548
added getter/setter for userinforepository, closes #40
2012-04-27 15:11:25 -04:00
37452f4bb5
Client side JS updates
2012-04-26 16:30:03 -04:00
c98204e705
Renamed mockup directory
2012-04-26 16:29:46 -04:00
d1a773d512
Client backbone.js Model initial commit
2012-04-24 16:37:25 -04:00
181b0ce605
Removing unneeded div el
2012-04-24 13:02:20 -04:00
703a8abab5
client management now bootstrap 2 compatible
2012-04-20 12:14:06 -04:00
57ebb7d287
Adding global JS to template
2012-04-20 12:13:29 -04:00
897e6e85d3
Removing inline client editing popup
2012-04-20 11:35:15 -04:00
2573c98c2d
Re-write of base template using bootstrap 2
2012-04-19 16:27:25 -04:00
b38c8c18d6
Edit form mock-up updates. Organized forms and input.
2012-04-19 15:51:38 -04:00
51b8650327
Bootstrap 2 html test updates - removing compile javascript
2012-04-19 12:37:40 -04:00
2e4f312f79
Fixed tests - they were pointing to the wrong context file.
2012-04-18 10:55:28 -04:00
a9088b4999
Merge branch 'Single_Spring_Context_file'
2012-04-18 10:33:57 -04:00
07a305b8b7
Refactored code to use a single spring context file. This uses the default oauth/authorize and oauth/token URLs, but it seems to be free of the infinite redirect issue. Next up: try putting in our custom URLs.
2012-04-17 15:32:07 -04:00
8ab1fc1b60
Bootstrap 2 html tests
2012-04-16 16:44:31 -04:00
9c86a23ee1
Bootstrap 2
2012-04-16 16:14:25 -04:00
ed304fa391
Edit client mock-up.
2012-04-16 15:09:06 -04:00
c4edd7111e
Breadcrumb tag renders "crumb" attribute
2012-04-16 13:13:41 -04:00
dc42eb7789
Client management page now renders test JSON
2012-04-16 13:13:41 -04:00
59078cc68d
eclipse updates from maven
2012-04-16 12:56:08 -04:00
6899a16c2f
Merge branch 'Really_fixing_redirects'
2012-04-16 12:39:06 -04:00
5d78bc4e0a
Infinite redirect issue fully fixed, with our custom urls for the authorization and token endpoints. See issue #8 .
2012-04-16 12:37:14 -04:00
67edc1c191
Seems to be fixed! Added the "security:" prefix to the first http block in application-context. The compiler should have been catching that there was no matching for http w/o it, but it was just letting it through.
2012-04-16 12:23:23 -04:00
05b2cf8fff
removed vestigial user details code
2012-04-16 12:02:24 -04:00
f0f339d45f
current state
2012-04-16 11:05:36 -04:00
6eb8284695
version needed to be modified to 0.1-SNAPSHOT in order to deploy snapshot to nexus
2012-04-13 13:43:39 -04:00
69dc1fe361
Removing our custom authorization endpoint and token endpoint urls, as well as the filter required by those custom urls (in web.xml), fixes the infinite redirect problem. This has been submitted as an issue to the SECOAUTH team.
2012-04-11 17:08:15 -04:00
2fc4ce177c
This commit fixes the infinite redirect, somewhat. See updated issue #8 .
2012-04-11 15:55:19 -04:00
17f6e2a2fb
Removed tables.sql.
2012-04-10 14:05:39 -04:00
486b7723d3
Merge branch 'master' of github.com:jricher/OpenID-Connect-Java-Spring-Server
2012-04-10 13:45:26 -04:00
269a354f8c
Added tables.sql, which is just a concatenation of all the other sql files. Added redirect_uris.sql, which is a NEW table needed to support clients registering multiple redirect uris.
...
This updates us to the HEAD revision of SECOAUTH, where the redirect uri field on ClientDetails has been updated to be a Set<String> instead of a single string. I updated the UI code so that it will still work, but it will need to be updated to allow users to register multiple uris.
This also closes issue #2 from the issue tracker.
2012-04-10 13:44:10 -04:00
d056079fea
Support for ECDSA JWT signer was removed as it would require the system-wide installation and configuration of the Bouncy Castle Security Provider in order for the server to work when deployed to Tomcat. See issue ticket #20
2012-04-10 13:41:18 -04:00
14f6eca026
Merge branch 'fixing_redirects'
2012-04-09 10:53:39 -04:00
5b09c93024
Cleaned up the context files a bit, no big changes yet.
2012-04-09 10:53:02 -04:00
eabc49cb01
fixed documentation, included python source to generate signature
2012-04-09 10:52:17 -04:00
c21607dcbe
fixed hmac unit test after signature base string was fixed in underlying code
2012-04-09 10:48:02 -04:00
6c8661f3ad
the signature base created in the verify method of the AbstractJwtSigner did not match how the Jwt.getSignatureBase creates the signature base. also, modified the testGenerateHmacSignature to exercise
2012-04-02 22:12:03 -04:00
267f1b2de3
bas64 decoded signature prior to verifying, modified unit rsa unit test, and fixed ecdsa signer verify
2012-04-02 21:32:42 -04:00
985a4619fa
abstracted keystore loader to new function
2012-04-02 15:06:58 -04:00
3dfe6df410
refactored algorithms out to their own separate Enum
2012-04-02 13:13:13 -04:00
fec6a3a876
removed definition parsers, may be picked up again later
2012-04-02 12:40:53 -04:00
b986b30695
Fixed unit tests - they were broken due to an error in application-context.xml; not because of the refactor. App context was trying to instantiate an Hmac signer with name "HMACSHA256", which should have been "HS256". I updated the exceptions thrown by the signer impls so that if an Algorithm name mismatch occurs it will tell you what it is trying to match against.
2012-03-30 13:45:04 -04:00
0a29eba617
unit test correction, slight refactor of tested classes
2012-03-29 14:02:51 -04:00
1209e9a83f
fix to JwtTest unit test
2012-03-29 12:54:03 -04:00
f215cfc50c
fix for issue 5, code refactoring across signers
2012-03-29 12:34:51 -04:00
4f407a3a11
added rsa1024 key to keystore
2012-03-28 18:02:03 -04:00
1a1ae4c5b5
Removed Replacer plugin
2012-03-23 15:55:30 -04:00
c50f968748
Merged to use idToken.setNonce().
2012-03-23 11:11:38 -04:00
268b82e31d
Merge branch 'Branch_master3-23-2012'
2012-03-23 11:09:27 -04:00
8b10b83516
Added setNonce to JwtClaims.
2012-03-23 11:08:49 -04:00
34f24deb3e
Merge branch 'mitreaccounts'
2012-03-23 10:52:36 -04:00
4a15e51e12
pass through nonce
2012-03-23 10:52:04 -04:00
6c3552ebfa
changed mitre account names
2012-03-23 10:37:58 -04:00
b4836a0302
mods to auth filter including config comments, http socket time out...
2012-03-22 17:49:30 -04:00
27fe3c9eca
Implemented signing. Works, but validation does not fail if you remove the signature.
2012-03-22 14:49:02 -04:00
68c8d1a9d2
Changed parameter for check id endpoint to access_token instead of auth_token
2012-03-22 14:19:45 -04:00
826be5a1a1
changed parameter name to match spec change
2012-03-22 14:10:50 -04:00
5fe036878a
fixed view for idtoken in checkid endpoint
2012-03-22 14:09:25 -04:00
c51bb72fe5
merged keystore changes
2012-03-22 13:50:47 -04:00
6c01134095
JWK display support for key maps, still no key ids
2012-03-22 13:48:16 -04:00
776748f908
Merge branch '3-22-2012'
2012-03-22 13:43:59 -04:00
ae9b5e792a
Added a ConfigurationPropertiesBean.java to hold configuration properties. Fixed up CheckIDEndpoint.java a bit - it works, but is outputting the wrong thing.
2012-03-22 13:43:30 -04:00
d5e7000365
disabled custom namespace parsers for keystores
2012-03-22 13:39:51 -04:00
524a8e153e
signers turned into a map
2012-03-22 13:37:21 -04:00
664dd1df46
JWT claims can now have nulls in them without barfing
2012-03-22 11:46:48 -04:00
c59d3fe963
it spits out JWTs! and id tokens! JWT still needs to handle nulls
2012-03-21 17:59:48 -04:00
ebe72412fe
Authorization Grant flow works up to serializing the returned Access Token. Justin is investigating serialization problems.
2012-03-21 16:44:16 -04:00
d94eb338ee
Auth code flow works through user approval page. Current problem is that it doesn't seem to be matching up auth codes correctly (I keep getting "invalid code" error). But, it looks like it's going through our custom token granter so that is good.
2012-03-20 15:07:18 -04:00
8263ce0dd5
added external class to persistence context
2012-03-16 17:01:24 -04:00
b463cabc69
fixed configuration, moved sql file
2012-03-16 16:46:46 -04:00
2f29cc52b2
Merge branch 'client_refactor'
2012-03-16 16:28:51 -04:00
baf7c1c166
fixed dependencies and project configurations
2012-03-16 16:18:33 -04:00
e6e7504213
added files and shuffled things to new packages
2012-03-16 15:46:23 -04:00
a0cdd8bf2f
moved server to new package location
2012-03-16 15:01:53 -04:00
Justin Richer