Commit Graph

1917 Commits (714acb8bdd8381887b2c2171d6a6d09e95b96022)
 

Author SHA1 Message Date
Justin Richer 714acb8bdd [maven-release-plugin] prepare for next development iteration
9 years ago
Justin Richer 90d188653d [maven-release-plugin] prepare release mitreid-connect-1.1.19
9 years ago
Justin Richer f36efce95c backported error handler from 1.2, closes remote execution exploit
9 years ago
lgangloff cdd51061b5 https://github.com/mitreid-connect/OpenID-Connect-Java-Spring-Server/issues/838
9 years ago
Justin Richer e1f711a107 [maven-release-plugin] prepare for next development iteration
9 years ago
Justin Richer 73da330310 [maven-release-plugin] prepare release mitreid-connect-1.1.18
9 years ago
Justin Richer b09503aadb user info endpoint response uses correct client algorithms, addresses #921
9 years ago
Justin Richer d03bebe5bf fixed backported 'kid' injection
9 years ago
Justin Richer 9fac632024 added 'kid' to all signed tokens, closes #899
9 years ago
Justin Richer 89a728669a added JTI to ID tokens, closes #900
9 years ago
Justin Richer 4bb28052a1 [maven-release-plugin] prepare for next development iteration
9 years ago
Justin Richer 2cc6476295 [maven-release-plugin] prepare release mitreid-connect-1.1.17
9 years ago
Justin Richer 747e9f0bde replaced deprecated http components calls, closes #838
9 years ago
Justin Richer 629bc652b9 updated HTTP Components version
9 years ago
Justin Richer 2f172fa1e0 restricted access to /authorize to ROLE_USER accounts, closes #892
9 years ago
Mark Janssen 4e83b173f4 Upgrade Spring versions
10 years ago
Justin Richer f05981829b added JWKS URI import on data API
10 years ago
Justin Richer 7ce1286070 [maven-release-plugin] prepare for next development iteration
10 years ago
Justin Richer 166243e833 [maven-release-plugin] prepare release mitreid-connect-1.1.16
10 years ago
Justin Richer 661892bbaf added non-binary support for 1.2+ data export compatibility
10 years ago
Justin Richer 5624c12232 back ported prompt behavior to 1.1, closes #810, addresses #667
10 years ago
Justin Richer 9fd059d091 [maven-release-plugin] prepare for next development iteration
10 years ago
Justin Richer 4c53112923 [maven-release-plugin] prepare release mitreid-connect-1.1.15
10 years ago
Justin Richer 2627a4438f added strict URI matching option to redirect resolver (off by default)
10 years ago
Justin Richer 22c86d09f8 put 'kid' into JWS header, closes #784
10 years ago
Justin Richer 8569213994 moved requirement to different component, closes #759
10 years ago
William Kim 3ae8d46e44 Made the constructor public for OIDCAuthentication filter.
10 years ago
Justin Richer b74df7b583 [maven-release-plugin] prepare for next development iteration
10 years ago
Justin Richer 2b6a4a32fa [maven-release-plugin] prepare release openid-connect-parent-1.1.14
10 years ago
Justin Richer 7cf22d98b1 updated spring release for CVE-2014-3578
10 years ago
Justin Richer f6c956825d updated copyright tag to 2015
10 years ago
Justin Richer 5214eab1e9 [maven-release-plugin] prepare for next development iteration
10 years ago
Justin Richer 3ac61839bb [maven-release-plugin] prepare release mitreid-connect-1.1.13
10 years ago
Justin Richer b65fc88809 fixed comparison of client IDs in refresh token, closes #752
10 years ago
Charif Belhaffef 7d649e5c9c add @Transient to function getAuthorizedGrantTypes() so it does not persist
10 years ago
John Brooks 321b3350f2 Changed lastWeek logic back to correct form, removed logic used for
10 years ago
Justin Richer 9979bd0603 [maven-release-plugin] prepare for next development iteration
10 years ago
Justin Richer 70237f35ad [maven-release-plugin] prepare release mitreid-connect-1.1.12
10 years ago
Justin Richer c77c9a70e8 fixed unit tests
10 years ago
Justin Richer 1ce3b51416 relaxed scope constraints on protected resources registered through self-service page
10 years ago
Justin Richer 5510f2f62c removed unused variable in dynreg page
10 years ago
Justin Richer ad5f3ef847 made offline access non-default
10 years ago
Justin Richer 4ccd948ad2 fixed checking of refresh token permissions in client service, clients can now request either refresh_token grant type or offline_access scope and it will work. added checkbox to dynreg page for ease-of-use
10 years ago
Justin Richer e983e8a0c9 make sure that client presenting refresh token is the same client the refresh token was issued to
10 years ago
Justin Richer 5561b75f48 removed java 1.7 operator
10 years ago
Justin Richer b5ae05162e moved test into test package
10 years ago
Justin Richer 4d22ec61cf applied list widget catch to all objects
10 years ago
Justin Richer 740e5407ef more comprehensive list widget leftover object handling in client
10 years ago
Justin Richer 57648cd9d5 client scopes now added appropriately
10 years ago
Justin Richer 51b477679a removed blur detection, started work on alternative
10 years ago