|  Justin Richer | 71da72de81 | import cleanup | 2014-10-07 16:19:59 -04:00 | 
				
					
						|  Justin Richer | 9fcc5077ca | added API for getting tokens by clientid | 2014-10-07 16:19:59 -04:00 | 
				
					
						|  Justin Richer | 9ebeeb4b79 | fixed missing null check in request object parser | 2014-10-07 16:19:58 -04:00 | 
				
					
						|  Justin Richer | 39c50b76f4 | added null checks to endpoint auth method switches, closes #652 | 2014-07-31 23:05:17 -04:00 | 
				
					
						|  Justin Richer | 8768188133 | makes the grant types checker softer, closes #640 | 2014-07-19 23:54:02 -07:00 | 
				
					
						|  Justin Richer | 9666404d54 | added "none" to discovery endpoint | 2014-07-16 23:48:18 -04:00 | 
				
					
						|  Justin Richer | 7476edb310 | added unsigned ID token support to server | 2014-07-16 22:29:13 -04:00 | 
				
					
						|  Justin Richer | 538c4031bb | added in better default checks for content negotiation | 2014-07-02 16:01:26 -04:00 | 
				
					
						|  Justin Richer | 078bf5e464 | combine HTTP content negotiation with client preferences for user info endpoint | 2014-06-28 23:44:37 -04:00 | 
				
					
						|  Justin Richer | 1de2a61176 | made accept header optional for user info request | 2014-06-28 22:20:05 -04:00 | 
				
					
						|  Justin Richer | 04acc21eea | removed injection of admin email address from client API, will happen browser-side now | 2014-06-26 13:00:36 -04:00 | 
				
					
						|  Justin Richer | 5773fe195b | set proper content type on user info JWT response | 2014-06-18 18:05:11 -04:00 | 
				
					
						|  Justin Richer | 5f97ce0ca1 | fixed error code string | 2014-06-18 14:50:17 -04:00 | 
				
					
						|  Justin Richer | 6589cd717d | disallow fragments in redirect uris for dynamic clients, closes #622 | 2014-06-18 14:49:29 -04:00 | 
				
					
						|  Justin Richer | 4e52543091 | more properly respond to some client registration errors | 2014-06-18 14:45:55 -04:00 | 
				
					
						|  Justin Richer | c493f438e7 | applied token rotation to protected resources | 2014-06-12 19:37:50 -04:00 | 
				
					
						|  Justin Richer | f4edd3164f | made timeout field optional, tokens don't expire in the default case | 2014-06-12 19:37:32 -04:00 | 
				
					
						|  Trilok Jain | 4e09ec687b | Registration Token regeneration - when they are beyond their lifetime (in read/update calls) | 2014-06-12 19:12:32 -04:00 | 
				
					
						|  Trilok Jain | ed3e6a2814 | https://github.com/mitreid-connect/OpenID-Connect-Java-Spring-Server/issues/431: Generating a new registration access token on read/update call and
revoking the token issued earlier. | 2014-06-12 19:12:32 -04:00 | 
				
					
						|  Justin Richer | a106121af3 | created blacklist aware redirect resolver and wired it in, closes #549 | 2014-06-10 16:29:45 -04:00 | 
				
					
						|  Justin Richer | a97f3e2d65 | don't throw away creation time on protected resource update (oops) | 2014-06-09 20:22:58 -04:00 | 
				
					
						|  Justin Richer | e0fe22e4ba | don't regenerate client secrets every single time | 2014-06-09 20:20:36 -04:00 | 
				
					
						|  Justin Richer | 53148f2c87 | better auth method checking in dynamic registration and resource registration | 2014-06-09 17:41:27 -04:00 | 
				
					
						|  Justin Richer | f15b4a0f74 | resource registration returned the wrong URL | 2014-06-09 17:41:01 -04:00 | 
				
					
						|  Justin Richer | 47cc005fe5 | more sanity checking for client secrets | 2014-06-09 16:06:57 -04:00 | 
				
					
						|  Justin Richer | cac645484f | client API now generates client secret only for clients that require a client secret | 2014-06-09 16:00:55 -04:00 | 
				
					
						|  Justin Richer | 52e53ba219 | extracted validation exception, refactored protected resource registration endpoint to use this format | 2014-06-06 11:13:41 -04:00 | 
				
					
						|  Justin Richer | b7a8bbdddc | cleanup, error wrappers on protected resource registration | 2014-06-06 10:58:40 -04:00 | 
				
					
						|  Justin Richer | deaccf437e | refactored dynamic registration endpoint's checks for client consistency | 2014-06-06 10:18:40 -04:00 | 
				
					
						|  Justin Richer | 04f7a698ea | added response type consistency checking, closes #430 | 2014-06-05 19:41:06 -04:00 | 
				
					
						|  Justin Richer | 32101ff7b2 | added parsing checks, fixed inverted logic, cleaned up redundant settings, closes #597 | 2014-06-05 19:06:03 -04:00 | 
				
					
						|  Justin Richer | ab083c0963 | added checks to dynamic registration endpoint that disallow registration of multiple incompatible grant types | 2014-06-05 17:16:35 -04:00 | 
				
					
						|  Justin Richer | cdd23df7ee | token introspection now returns user "sub" when available in addition to "user_id", closes #507 (might cause incompatibility problems) | 2014-06-04 17:27:38 -04:00 | 
				
					
						|  Justin Richer | 8861220632 | stats on home page are now loaded in the background (makes main site load much faster) | 2014-06-04 14:39:30 -04:00 | 
				
					
						|  Justin Richer | 3e4aae6c8a | hash tests now pass on Java8 | 2014-05-29 17:41:56 -04:00 | 
				
					
						|  Justin Richer | dfdc4ed52d | fixed information leaks from approved site API | 2014-05-28 18:21:46 -04:00 | 
				
					
						|  Alexander Imfeld | a84c10fc1c | Change copyright from Netcetera to MITRE/MIT-KIT. | 2014-05-28 08:52:31 +02:00 | 
				
					
						|  Justin Richer | 2797731597 | fixed unit test to account for cascading tokens | 2014-05-27 20:39:19 -04:00 | 
				
					
						|  Justin Richer | d2c83104fb | cascade token saves | 2014-05-27 19:28:38 -04:00 | 
				
					
						|  Josh Mandel | 7f8cbcea39 | Use return value from TokenEnhancer.enhance | 2014-05-27 19:23:44 -04:00 | 
				
					
						|  Justin Richer | 0c8cacd59a | added missing copyright headers | 2014-05-27 13:46:47 -04:00 | 
				
					
						|  Justin Richer | 525f3aa2a8 | Cleaned up indentation, whitespace, and imports. | 2014-05-27 13:02:49 -04:00 | 
				
					
						|  Justin Richer | 8185171119 | minor clean up | 2014-05-27 11:54:45 -04:00 | 
				
					
						|  Justin Richer | 5ab516de48 | prevent clients from registering with special resource scope | 2014-05-26 17:39:20 -04:00 | 
				
					
						|  Justin Richer | c34357a433 | added resource registration endpoint with basic functionality and specialized tokens | 2014-05-26 16:30:24 -04:00 | 
				
					
						|  Justin Richer | 960319b796 | improved logging configuration, removed transactional from service | 2014-05-25 15:38:44 -04:00 | 
				
					
						|  Justin Richer | 85fd4e71ce | typo in error message | 2014-05-25 15:37:58 -04:00 | 
				
					
						|  Justin Richer | 2af51dc77a | better URI check for prompt filter short circuit | 2014-05-25 14:24:25 -04:00 | 
				
					
						|  Justin Richer | f4a1a2acff | fixed prompt filter coding error | 2014-05-24 23:16:29 -04:00 | 
				
					
						|  Justin Richer | 89d55e3d33 | added support for default max auth age and require auth time, made prompt filter only work on authorization endpoint | 2014-05-24 22:12:41 -04:00 |