5c38a3393a
stopgap to prevent some leaks due to #492
2013-08-30 16:38:36 -04:00
a59704559a
inject user's authorities into javascript context
2013-08-29 17:40:01 -04:00
61acbbe3b8
inject the current user into the javascript context
...
Conflicts:
openid-connect-server/src/main/webapp/WEB-INF/tags/header.tag
2013-08-29 17:39:59 -04:00
1840a67aad
explicitly try to initialize the JWK set if it's null by the time the getter is called
2013-08-22 14:26:06 -04:00
9df10d3871
id tokens always expire, addresses #416
...
Conflicts:
openid-connect-server/src/main/webapp/resources/template/client.html
2013-08-20 16:07:25 -04:00
682d9b9406
added 'use server default' to JOSE options, addresses #462
2013-08-20 14:46:35 -04:00
f866e5addc
Use clients preferred algorithm, if any, to sign
2013-08-20 14:33:36 -04:00
5c40539561
cached jwk services expire after an hour
2013-08-20 14:12:41 -04:00
44f0e89048
I can spell "consortium"!
2013-08-14 14:15:42 -04:00
f58141e6a7
Fixed token expiration bug by removing jsql queries. Instead expired tokens or approved sites are filtered at the repository level
...
Moved getExpired to service layers
Used Predicates to filter expired tokens and approved sites;
2013-08-09 13:55:41 -04:00
e658ffd7fc
format/cleanup and copyright
2013-07-29 11:28:51 -04:00
906db0ac86
Opened token api access to all users; restricted to only show currently-logged-in-users tokens
2013-07-29 09:18:08 -04:00
fb448a246a
converted test data to map, use new serializer
2013-07-26 12:55:22 -04:00
8edd6da136
added serializer for non-heirarchical URIs
2013-07-26 12:55:03 -04:00
5893d8f8f8
fixed up parsing regular expression
2013-07-26 12:54:09 -04:00
f565688e59
changed name issuer->normalized. the result of normalization is not necessarily the issuer.
2013-07-25 18:12:02 -04:00
d80aaced9a
reorganized test data and test methods.
2013-07-25 17:56:33 -04:00
809a243b64
tests for webfinger url normalization.
2013-07-25 15:00:10 -04:00
eaa7298ef1
init commit for Webfinger normilizer utility class.
2013-07-25 12:15:50 -04:00
b397f0ae15
First go at adding token API; needs to be tested
2013-07-24 09:14:46 -04:00
88db457fc4
Removed .springBeans from tracking; removed initializingbean in favor of @PostConstruct
2013-07-18 09:34:52 -04:00
a4a18fd54c
externalized introspection URL from client's introspecting token service, addresses #435
...
added service to parses token as JWT and pulls out issuer to find server
added introspection url to serverconfig object
added introspection parsing (and parse checks) to dynamic server config object
2013-07-16 17:00:40 -04:00
aad432c5d7
replaced stracktrace-printing with logger messages. removed some unused imports.
2013-07-16 13:52:32 -04:00
e00d696c60
deleted auto-generated TODO.
2013-07-12 11:40:11 -04:00
e9c246808f
only our entity version may be stored in our storage layer. removed TODO.
2013-07-12 11:40:11 -04:00
77be0d0ea8
implemented getExpiresIn() for oauth access token entities.
2013-07-11 15:22:35 -04:00
2d3f43e3b8
Added task scheduling for deleting expired tokens and approved sites. Configuration is all done in application-context.xml so that it is easy to configure
2013-07-10 14:34:37 -04:00
a668fb964d
changed String comparison implementation for better readability
2013-06-28 15:31:50 -04:00
ab4d1da9d4
added logger warning if issuer url does not use http scheme.
2013-06-28 15:31:50 -04:00
b438e87f98
passed wire testing and updated unit tests.
2013-06-24 15:09:12 -04:00
e74444e3d1
addresses issue #366
2013-06-24 15:09:12 -04:00
d6109fd1ae
explicitly mapped missing JPA columns in common->openid.connect.model #317
2013-06-18 15:19:17 -04:00
46641a2fa1
explicitly mapped missing JPA columns in common-oauth2.model #317
2013-06-18 15:19:17 -04:00
c577b691c7
moved OIDC auth token and userinfo interception filter to common package, addresses #353
2013-06-12 14:45:03 -04:00
6ed7477bc0
added stats to admin UI page, restyled scopes and dynamically registered flags
2013-06-07 18:05:07 -04:00
de77f2c75a
commentary!
2013-05-31 15:48:56 -04:00
d0eb98b8ff
tests for embedded JOSE objects
2013-05-31 15:46:27 -04:00
8ee299aab3
added tests for ClientDetailsEntity and RegisteredClient data objects
2013-05-31 15:46:27 -04:00
c760ebf4a4
changed expires_at -> client_secret_expires_at, issued_at -> client_id_issued_at
2013-05-31 15:46:27 -04:00
317526b1ad
unit tests for basic data classes
2013-05-29 17:47:04 -04:00
cc1da67639
fixed expires_at property, hid helper functions
2013-05-29 17:46:54 -04:00
81cd13f6d3
added RegisteredClient class to facilitate client configuration and dynamic registration, addresses #335
2013-05-20 17:19:28 -04:00
1e870703f8
added licence/copyright header
2013-05-02 11:45:20 -04:00
8afab04544
whitespace, import, brace, annotation, and format cleanups
2013-05-02 10:47:15 -04:00
7307b4b19d
added tostring to system scope to help with debugging
2013-04-19 16:11:42 -04:00
fb859fc39a
added client dynamic registration service, extracted clientdetails<->json processing into its own static class
2013-04-19 14:23:11 -04:00
cf39b49657
added registration uri to server config, changed index of client config service to be server config not just issuer
2013-04-19 14:21:53 -04:00
f76f44b999
added dynamic discovery to client
2013-04-16 15:01:08 -04:00
33af3b1ad6
updated discovery endpoint to latest spec, removed surplus specialized view
2013-04-16 15:00:57 -04:00
23c318f6c2
Updating guava to 14.0.1
2013-04-10 15:31:32 -04:00
Justin Richer