github
/
OpenID-Connect-Java-Spring-Server
mirror of https://github.com/mitreid-connect/OpenID-Connect-Java-Spring-Server
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
2,354 Commits
17 Branches
69 Tags
78 MiB
Commit Graph

1336 Commits (70751a3d4aaf197a8ee655111342c3fe32d6ff7e)

Author SHA1 Message Date
Justin Richer 7af19dbd61 added copyright text 2015-03-30 08:44:51 -04:00
Justin Richer 3e931c68b4 added policy editing overview page 2015-03-20 17:27:10 -04:00
Justin Richer 5698393d31 created claims API 2015-03-19 16:44:34 -04:00
Justin Richer bde03411f1 Merge branch 'master' into uma 2015-03-18 21:42:26 -04:00
Justin Richer 006a4d1ec6 fixed import function of 1.2 data service 2015-03-18 21:42:18 -04:00
Justin Richer 6f149cba69 Merge branch 'master' into uma 2015-03-18 20:10:19 -04:00
Justin Richer 30e894a64a put 'kid' into JWS header, closes #784 2015-03-18 20:09:06 -04:00
Justin Richer 866186f611 pointed data API at the correct service version 2015-03-18 19:54:42 -04:00
Justin Richer 6daeeefb33 augmented introspection unit tests with one for new permissions mode 2015-03-18 08:45:05 -04:00
Justin Richer 9f913244a0 fixed unit tests for introspection results 2015-03-18 08:00:18 -04:00
Justin Richer 7df31f1e87 completed rudimentary UMA authorization API. 
Working: resource set registration, permission ticket creation, RPT creation from ticket

Still missing: adding required claims to resource set, adding provided claims to permission ticket
 2015-03-17 22:26:12 -04:00
Justin Richer 1be9da52c6 separated ticket object from permission object to facilitate re-use of permission object with tokens 2015-03-17 21:16:29 -04:00
Justin Richer f123366069 added scope filtering to protection api 2015-03-17 19:43:02 -04:00
Justin Richer ff958e20b6 basic authorization support 2015-03-17 19:21:20 -04:00
Justin Richer 098519da5e added OAuth2 error reporting to permission and resource set endpoints 2015-03-17 19:01:44 -04:00
Justin Richer 2aadb09f49 started claims service, added expiration to permissions 2015-03-16 22:52:21 -04:00
Justin Richer c234f78dbd Merge branch 'master' into authorization-api 2015-03-13 19:08:14 -04:00
Justin Richer 5873b336f2 fixed erroneous import 2015-03-13 19:07:27 -04:00
Justin Richer 8352145d82 Merge branch 'master' into authorization-api 
Conflicts:
	openid-connect-common/src/main/java/org/mitre/oauth2/service/SystemScopeService.java
	openid-connect-server-webapp/src/main/webapp/WEB-INF/application-context.xml
	openid-connect-server/src/main/java/org/mitre/discovery/web/DiscoveryEndpoint.java
	openid-connect-server/src/main/java/org/mitre/oauth2/web/IntrospectionEndpoint.java
	openid-connect-server/src/main/java/org/mitre/openid/connect/web/ClientAPI.java
	openid-connect-server/src/test/java/org/mitre/oauth2/service/impl/TestDefaultIntrospectionAuthorizer.java
 2015-03-13 18:39:26 -04:00
Justin Richer ba51df0c37 consolidated client credential filter beans 
(note: imports magic from secoauth)
 2015-03-13 18:30:09 -04:00
Justin Richer 4f12fab56b made unused auth codes expired (they're still single-use), refactored auth code service layer 2015-03-13 13:45:49 -04:00
Justin Richer 2abcd96bbe set fallback locale to English, ultimate fall through is to return the code string itself 2015-03-12 17:28:27 -04:00
Justin Richer 285ad71874 made input reader use UTF8, imported the first set of Swedish text to the JSON format 2015-03-12 17:07:08 -04:00
Justin Richer 80605becf1 rudimentary json-based message source 2015-03-12 15:26:23 -04:00
Justin Richer e1fb8272cc redirect error on prompt=none, addresses #667 2015-03-12 09:26:38 -04:00
Justin Richer ad9b49733f externalized queries for scopes, blacklists, user info, pairwise identifiers, and whitelists, closes #771 even harder 2015-03-11 16:13:28 -04:00
Justin Richer 15b97b1dcb Externalized strings for named queries on auth holders, auth codes, clients, and tokens, closes #771 2015-03-11 15:51:51 -04:00
Justin Richer 61a596dc15 externalized strings from user info views 2015-03-11 14:00:14 -04:00
Justin Richer 86e95d9e6e externalized json entity and error parameters, closes #770 2015-03-11 13:52:32 -04:00
Justin Richer e56161e223 extracted http "code" view parameter 2015-03-11 13:39:07 -04:00
Justin Richer 1735dbca11 extracted controller URLs to constants, closes #769 2015-03-11 13:20:59 -04:00
Justin Richer 617d485478 updated all references to media types to use constants instead of literals, closes #767 2015-03-11 12:06:38 -04:00
Justin Richer c777ebfac9 added universal OAuth exception handling 2015-03-11 11:41:28 -04:00
Justin Richer 76b7324d88 fixed execution order of introspection endpoint 2015-03-10 18:29:48 -04:00
Justin Richer 8c8f912880 fixed endpoint processing to account for client id 2015-03-10 15:37:07 -04:00
Justin Richer ee522100b9 Merge branch 'master' into uma-introspection 
* master:
  fixed logger variable name
  made logger declarations consistent across project, closes #780
  Fixed logger
  null safe
  removed DateUtil
  added icons to scope editing panel
 2015-03-10 15:03:26 -04:00
Justin Richer 5d35f2c1a6 toned down errors on introspection endpoint 2015-03-10 14:58:22 -04:00
Justin Richer 65d7b00f4d added uma-processing of scopes to introspection results 2015-03-10 12:38:37 -04:00
Justin Richer 627bcaee43 added client_id to resource sets 2015-03-10 12:38:13 -04:00
Justin Richer e5e4c15058 removed introspection authorizer hook 2015-03-10 11:12:37 -04:00
Justin Richer 2a6a17486a added initial uma discovery endpoint 2015-03-09 16:15:30 -04:00
Justin Richer 621399545e cleaned up introspection endpoint processing 2015-03-09 16:15:09 -04:00
Justin Richer 764df71758 refactored introspection to allow for UMA style token access 2015-03-09 12:43:05 -04:00
Justin Richer 1da5c2cd84 fixed imports 2015-03-09 11:51:41 -04:00
Justin Richer c7f6811961 refactored scope enforcement utilities to a separate authentication class 2015-03-09 11:51:24 -04:00
Justin Richer 48b857eb85 fixed logger variable name 2015-03-09 07:37:09 -04:00
Justin Richer c09b63c69f made logger declarations consistent across project, closes #780 2015-03-08 21:56:33 -04:00
Wolter Eldering 849a2b3271 Fixed logger 2015-03-08 16:02:53 +01:00
Wolter Eldering 020b410ffe null safe 2015-03-08 15:47:58 +01:00
Wolter Eldering db2574ab53 removed DateUtil 2015-03-08 15:41:47 +01:00
Justin Richer f266d3b151 added unit test for resource set service to make sure it catches error conditions 2015-03-06 16:56:30 -05:00
Justin Richer 35f2a03b4e added unit test for permission service 2015-03-06 15:50:24 -05:00
Justin Richer e59e988809 made permission service enforce scoping 2015-03-06 15:50:14 -05:00
Justin Richer 5ff9cd1bbb implemented permission registration API 2015-02-28 17:59:37 -05:00
Justin Richer eed8fb0b28 created skeleton of permission registration API 2015-02-28 08:33:09 -05:00
Justin Richer c41488b103 moved an uma package to common, extracted OAuth scope enforcement utility 2015-02-28 08:32:47 -05:00
Justin Richer 5be7d64c7d moved all uma files to their own package 2015-02-28 07:24:53 -05:00
Justin Richer 0d96b6a28a changed name of scope to match uma spec 2015-02-27 20:46:48 -05:00
Justin Richer 7a1480bb07 moved and consolidated json utilities 2015-02-26 16:20:01 -05:00
Justin Richer 40fc70894e fixed oauth scope check 2015-02-24 18:01:03 -05:00
Justin Richer 4878e88d4f added list all by owner 2015-02-24 17:41:05 -05:00
Justin Richer 8d22ad03e2 implemented remove verb 2015-02-24 17:15:18 -05:00
Justin Richer 89114dcf74 implemented update 2015-02-24 16:05:18 -05:00
Justin Richer ad228e8953 send the _id as a string 2015-02-24 15:52:29 -05:00
Justin Richer 3b6412219b added abbreviated view, updated OAuth error handling, fixed URL mapping 2015-02-24 15:10:48 -05:00
Justin Richer 0b480bac10 implemented get 2015-02-24 15:09:52 -05:00
Justin Richer 3076da1ed8 functioning resource set repository layer 2015-02-24 12:10:54 -05:00
Justin Richer efeead52b6 fixed typos in data layer, added blank service layer to resource set 2015-02-24 12:00:58 -05:00
Justin Richer e7bf75e9a4 moved and consolidated json utilities 2015-02-23 13:43:08 -05:00
Justin Richer 90a7304b4e resource set registration endpoint and service shells 2015-02-23 11:43:05 -05:00
Justin Richer b670f44138 added UMA to version number 2015-02-19 17:55:25 -05:00
Justin Richer 720b73939f fixed token service logic, added verification to unit tests 2015-02-18 13:57:28 -05:00
Justin Richer 97ae456099 fixed unit tests affected by scope service changes 2015-02-18 13:48:16 -05:00
Justin Richer 6885713eed added warning suppression for data layer -- non-templated generic types have to be used here 2015-02-18 10:19:36 -05:00
Justin Richer f4813fccee fixed log messages on data services 2015-02-18 09:33:13 -05:00
Justin Richer 4ae981f484 updated data layer and unit tests 2015-02-18 09:23:09 -05:00
Justin Richer 593fac83cf scopes can now be set as "restricted" instead of needing to be set "allowDynReg", closes #747 2015-02-17 18:25:52 -05:00
Justin Richer 1caf5ef8bc removed call to deprecated http components constructor 2015-02-17 17:06:34 -05:00
Justin Richer b376bc6059 removed some vestigial service/repository calls, closes #513 2015-02-17 16:22:40 -05:00
Justin Richer ecfb72bc50 additional JOSE class naming 2015-02-17 15:32:20 -05:00
Justin Richer 522edda074 additional JOSE class renaming 2015-02-17 14:57:29 -05:00
Justin Richer cef6cf17b6 externalized a number of strings, closes #385 2015-02-17 14:39:15 -05:00
Justin Richer 05f03f7c90 yet more year updates 2015-02-17 13:09:45 -05:00
Justin Richer 994ce6c743 consistently named JOSE-based classes, closes #529 2015-02-17 12:11:58 -05:00
Justin Richer 335d05bb5c renamed data service abstract class 2015-02-17 11:56:50 -05:00
Justin Richer 685960358c formatting cleanup 2015-02-17 11:08:46 -05:00
Justin Richer e2349984b8 happy new year 2015! 2015-02-17 10:24:08 -05:00
Justin Richer d56aec5652 removed extraneous version tag for managed dependency 2015-02-17 10:00:18 -05:00
Justin Richer d88cc2ec8e fixed pluralization of post logout URIs in data API services 2015-02-17 09:59:50 -05:00
Justin Richer cc02f8fbe8 pluralized post-logout redirect URI on client, closes #654 2015-02-16 16:43:34 -05:00
Justin Richer 587d4b2db6 further pom file cleanup 2015-02-16 14:24:48 -05:00
Justin Richer 377d8cb884 moved dependency version management to parent pom, closes #666 2015-02-16 13:51:25 -05:00
Justin Richer ef3a696972 removed getBySubject and getAll from user info repository and service layers, closes #760 2015-02-16 11:08:07 -05:00
Justin Richer 63dd7c0b25 removed deprecated DefaultUserInfoUserDetailsService and corresponding test, closes #413 2015-02-16 11:07:17 -05:00
Justin Richer 166c53cd6a fixed comparison of client IDs in refresh token, closes #752 
Also addresses #735 (again)
 2015-01-24 07:47:50 -05:00
Justin Richer 6c88d7c54b removed old owner_id field, closes #636 2015-01-17 08:18:36 -05:00
Justin Richer ba97fcb88a changed name of clientAuthorization to authorizationRequest (which is more accurate), closes #697 2014-12-19 00:55:06 -05:00
John Brooks a1228d19b5 Changed lastWeek logic back to correct form, removed logic used for 
testing.
 2014-12-19 00:39:07 -05:00
Justin Richer e9d764e53e added support for login_hint, closes #250 2014-11-26 09:55:39 -05:00
Justin Richer 3e7ade9a67 fixed unit tests 2014-11-22 23:46:25 -05:00
Justin Richer 1a2ca25359 relaxed scope constraints on protected resources registered through self-service page 2014-11-22 23:46:25 -05:00
Justin Richer e371ad345f fixed checking of refresh token permissions in client service, clients can now request either refresh_token grant type or offline_access scope and it will work. added checkbox to dynreg page for ease-of-use 
closes #734
 2014-11-22 23:46:25 -05:00
Justin Richer 56344fa12b make sure that client presenting refresh token is the same client the refresh token was issued to 
closes #735
 2014-11-22 23:46:25 -05:00
Justin Richer 0e776762c2 set up data API for 1.2 format (currently the same as 1.1 format) 2014-11-15 19:59:47 -10:00
Justin Richer b14dfa6458 approval page defaults to "ask again" when prompt=consent is passed, closes #669 2014-11-13 11:23:54 -10:00
Justin Richer 775b77b367 updated date format of token introspection response, closes #719 2014-11-13 11:08:20 -10:00
Justin Richer c600787f1c added key id to id token, closes #725 2014-11-12 16:22:10 -10:00
Justin Richer d87bdb2120 added ROLE_CLIENT to assertion client authentication, cleaned up roles on client secret authentication, closes #728, closes #401 2014-11-12 16:03:06 -10:00
Justin Richer e6d10b67a4 update to Spring 4 and other related libraries 2014-11-10 18:29:54 -10:00
Alexander Imfeld 9dfac35912 Introduce introspection result assembler to allow for customized introspection results 2014-10-14 21:06:09 -04:00
arielak d557b1e2c2 RefreshToken to AuthHolder linkage test now using AuthHolder ID to verify 2014-10-14 20:30:50 -04:00
arielak ff436a6738 Added tests for ensuring the references between a refresh token and its authentication holder are preserved over import. Minor cleanup of other tests. 2014-10-14 20:30:50 -04:00
arielak d18d325c0c Better method of creating test AuthenticationHolderEntity, added some more testing to testImport/ExportGrants 
Conflicts:

	openid-connect-server/src/test/java/org/mitre/openid/connect/service/impl/TestMITREidDataService_1_1.java
 2014-10-14 20:30:50 -04:00
arielak ff28e1a383 Added new data service tests, separated date parsing/formatting utilities into DateUtil class 
Conflicts:

	openid-connect-server/src/main/java/org/mitre/openid/connect/service/impl/MITREidDataService_1_0.java
	openid-connect-server/src/main/java/org/mitre/openid/connect/service/impl/MITREidDataService_1_X.java
	openid-connect-server/src/main/java/org/mitre/openid/connect/util/DateUtil.java
 2014-10-14 20:30:50 -04:00
Justin Richer 188818dc0d added null check to confirmation controller, closes #684 2014-10-07 21:58:15 -04:00
Justin Richer db052f11ca Moved development branch to 1.2 2014-10-07 21:02:07 -04:00
Justin Richer 134909a82f import cleanup 2014-10-07 19:40:38 -04:00
Justin Richer 1e71749c23 added more generic rotation capability 2014-10-07 19:40:38 -04:00
Justin Richer 0b8dbc4f68 added registration token API 2014-10-07 19:40:38 -04:00
Justin Richer 13cee6bf06 Ported date format changes from 1.0.x 2014-10-06 23:41:33 -04:00
arielak 98ace5c9fb Separated date formatting and parsing functions to DateUtil class. Modified how timezone is printed to workaround Java date formatting issue. 
Conflicts:
	openid-connect-server/src/main/java/org/mitre/openid/connect/service/impl/MITREidDataService_1_0.java
 2014-10-06 23:28:20 -04:00
Justin Richer 1fbdd240f1 made binary encode/decode null safe 2014-10-06 23:25:48 -04:00
arielak a8377513a6 Fixed reading/writing of approved access tokens 2014-10-06 22:59:27 -04:00
arielak 0320bae15c Fixed netbeans copyright weirdness 2014-10-06 22:59:27 -04:00
arielak dcf66fadc4 Added support for 1.1 config import/export, and separated common functions into 1_X abstract class 2014-10-06 22:59:27 -04:00
arielak ad841a03df Added support for whitelisted and blacklisted site export 2014-10-06 22:59:27 -04:00
arielak 8495617aed Added support for whitelisted and blacklisted site import from a 1.0 config 2014-10-06 22:59:27 -04:00
arielak 16f15cc3c8 NPE fix 2014-10-06 22:59:27 -04:00
arielak 6333b1e4b1 Re-enabled reading of system scopes. Added 1.1 data export functionality 2014-10-06 22:59:27 -04:00
arielak d5551e9692 Added services for data import/export and modified JpaAuthenticationHolderEntity and Repository to allow getting all objects 2014-10-06 22:58:26 -04:00
Justin Richer c683131f12 externalized view name strings and tied them to view beans 2014-09-28 22:25:39 -04:00
Justin Richer 9e88a62479 moved the API endpoints, made resource tokens accessible too 2014-09-22 23:38:12 -04:00
Justin Richer 6d80a00d65 import cleanup 2014-09-22 23:04:23 -04:00
Justin Richer 81634e6165 added API for getting tokens by clientid 2014-09-22 22:55:13 -04:00
Justin Richer dee78c130c fixed missing null check in request object parser 2014-08-25 22:48:42 -04:00
James Agnew e0b84069d4 Update to latest spring-security-oauth2 module 2014-08-06 11:12:40 -04:00
Justin Richer 6f2f807b0b [maven-release-plugin] prepare for next development iteration 2014-08-05 21:54:51 -04:00
Justin Richer 93ae1516a5 [maven-release-plugin] prepare release mitreid-connect-1.1.9 2014-08-05 21:54:47 -04:00
Justin Richer 39c50b76f4 added null checks to endpoint auth method switches, closes #652 2014-07-31 23:05:17 -04:00
Justin Richer 8768188133 makes the grant types checker softer, closes #640 2014-07-19 23:54:02 -07:00
Justin Richer 9666404d54 added "none" to discovery endpoint 2014-07-16 23:48:18 -04:00
Justin Richer 7476edb310 added unsigned ID token support to server 2014-07-16 22:29:13 -04:00
Justin Richer 538c4031bb added in better default checks for content negotiation 2014-07-02 16:01:26 -04:00
Justin Richer 078bf5e464 combine HTTP content negotiation with client preferences for user info endpoint 2014-06-28 23:44:37 -04:00
Justin Richer 1de2a61176 made accept header optional for user info request 2014-06-28 22:20:05 -04:00
Justin Richer 04acc21eea removed injection of admin email address from client API, will happen browser-side now 2014-06-26 13:00:36 -04:00
Justin Richer adf477c64e [maven-release-plugin] prepare for next development iteration 2014-06-18 18:27:27 -04:00
Justin Richer 8d97ed61ec [maven-release-plugin] prepare release mitreid-connect-1.1.8 2014-06-18 18:27:25 -04:00
Justin Richer 5773fe195b set proper content type on user info JWT response 2014-06-18 18:05:11 -04:00
Justin Richer 5f97ce0ca1 fixed error code string 2014-06-18 14:50:17 -04:00