github
/
OpenID-Connect-Java-Spring-Server
mirror of https://github.com/mitreid-connect/OpenID-Connect-Java-Spring-Server
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
1,845 Commits
17 Branches
69 Tags
78 MiB
Commit Graph

1121 Commits (793740cf083c701b4f6e227966e02b1a046ddcb7)

Author SHA1 Message Date
Justin Richer 97cd00e06c [maven-release-plugin] prepare for next development iteration 2014-03-19 21:40:21 -04:00
Justin Richer 23c7cf6996 [maven-release-plugin] prepare release mitreid-connect-1.1.3 2014-03-19 21:40:18 -04:00
Justin Richer ad5ffb64e8 [maven-release-plugin] prepare for next development iteration 2014-03-08 11:17:40 +00:00
Justin Richer 1635cf957d [maven-release-plugin] prepare release mitreid-connect-1.1.2 2014-03-08 11:17:35 +00:00
Justin Richer 53cc7ef447 Fixed audience claim on client auth assertion 2014-03-06 19:45:05 +00:00
Justin Richer 1fcef858c6 updated server discovery document to reflect new capabilities 2014-03-06 16:48:27 +00:00
Justin Richer b67121f0cd added client_secret_jwt auth method support, closes #174 2014-03-04 23:45:36 +00:00
Justin Richer 15b017992c added DELETE to token api because revocation endpoint doesn't work for this kind of management, closes #191 2014-03-01 11:05:46 +00:00
Justin Richer 89f015cf1c Updated Token API to be less leaky 2014-02-28 21:14:27 +00:00
Justin Richer dd391ebf3c Display contacts, popup for image, cleanup of more info 2014-02-16 21:58:16 -05:00
Justin Richer dab52ca8a0 enhancements to approval page 2014-02-16 18:25:05 -05:00
Justin Richer ec6a78c1ba made prompt pluralizable to comply with spec, closes #519 2014-02-16 01:41:08 -05:00
Justin Richer 9395c3802d [maven-release-plugin] prepare for next development iteration 2014-02-10 15:28:14 -05:00
Justin Richer 4f8311962a [maven-release-plugin] prepare release mitreid-connect-1.1.1 2014-02-10 15:28:11 -05:00
Justin Richer 19dbe92d4e initial support for displaying claim values for requested scopes 2014-01-20 20:56:04 -05:00
Justin Richer 3b52ce8201 happy new year! 2014-01-20 12:38:42 -05:00
Justin Richer ebbc7209aa automated code formatting and cleanup 2013-12-03 14:19:34 -05:00
Justin Richer e1e7f7a579 [maven-release-plugin] prepare for next development iteration 2013-12-02 12:18:11 -05:00
Justin Richer 42fe973f7b [maven-release-plugin] prepare release mitreid-connect-1.1.0 2013-12-02 12:18:08 -05:00
Justin Richer 4a8d693746 fixed prompt filter map mismatch (I hate type erasure) 2013-12-02 11:55:09 -05:00
Justin Richer ce1f3f2f94 updated mockito, fixed some unit tests 2013-11-27 12:37:05 -05:00
Justin Richer d330bd1c9b cleanup, added revocation uri to server config 2013-11-27 12:23:04 -05:00
Justin Richer ed06b14406 publish revocation endpoint, addresses #520 2013-11-27 12:13:42 -05:00
Justin Richer b7011f508e urlencode client IDs in client registration URIs, addresses #422 2013-11-27 12:12:10 -05:00
Justin Richer 8c1bfb7e0c set current user's email address to owner when using admin UI 2013-11-27 12:11:36 -05:00
Justin Richer 6c4d2a8e8d vestigial comment cleanup 2013-11-27 12:06:53 -05:00
Justin Richer db5532e9bf comment cleanup 2013-11-27 11:34:41 -05:00
Justin Richer 39fb96a802 pull request from extensions map 2013-11-27 11:20:38 -05:00
Justin Richer 86e0f0c7ee cleaned up old comments 2013-11-27 11:20:01 -05:00
Justin Richer a24eadeb11 cleaned up responseType calls, addresses #451 2013-11-27 11:03:15 -05:00
Justin Richer df511a81cc override from #465 no longer needed 2013-11-27 10:53:16 -05:00
Justin Richer d3dbb00e77 ensure clients and tokens don't get special system scopes, addresses #320 2013-11-27 10:35:56 -05:00
Justin Richer ef01de168d Moved special token scopes to scope service interface 2013-11-27 10:21:52 -05:00
Justin Richer 4f986d6a38 clean up some auto generated functions 2013-11-27 09:57:56 -05:00
Justin Richer f56135810c Fixed request object precedence order 2013-11-27 09:52:26 -05:00
Justin Richer 447df56947 removed unused nonce exception 2013-11-27 09:10:35 -05:00
Justin Richer 27f391ef01 Fixed compilation errors for SECOAUTH milestone updates 2013-11-25 09:31:50 -05:00
Justin Richer 190caee9a1 refactored userinfo serializer 2013-11-18 09:49:23 -05:00
Megan Boggess 46be502ed1 Enforces minimum Java version 1.6 on the openid-connect-server project. 2013-10-22 18:08:02 -07:00
Justin Richer 2a34994383 cleanup view 2013-09-26 17:07:38 -04:00
Justin Richer 7a4366c083 collapsed two serialization functions into one 2013-09-26 16:15:30 -04:00
Amanda Anganes 65a7e1d724 Added UserInfo.toJson method; added ScopeClaimTranslationService; rewrote UserInfoSerializer to use both 2013-09-26 12:03:39 -04:00
Amanda Anganes cb449c25b1 Made a UserInfoSerializer class, attempted to switch UserInfoInterceptor over to use it, but it requires a bad hack. I might be missing something. 2013-09-26 12:03:39 -04:00
Justin Richer 73863302e9 added spring-tx dependency to server 2013-09-24 14:08:53 -04:00
Justin Richer 8a5a16f374 refactored project into four modules: 
Common
 Client
 Server Library
 Server Webapp

addresses #367
 2013-09-23 17:19:09 -04:00
Justin Richer bf3e0033fe initial refactor of userinfoview for new model components 2013-09-19 12:36:22 -04:00
Justin Richer 9debf1486d pass authorized and requested claims as strings to view 2013-09-19 12:36:22 -04:00
Justin Richer b396610f35 refactor processing of request object 2013-09-19 12:36:22 -04:00
Amanda Anganes 47d304851d Created token service for OIDC special tokens; removed creation of id tokens and registration_access_tokens to the new service. 2013-09-17 16:56:46 -04:00
Amanda Anganes 66e837f650 Move extension parameters into OAuth2Request.extensions map; remove all calls to OAuth2Request.getRequestParameters. 2013-09-17 10:54:19 -04:00
Justin Richer e1ed53a229 added missing parts to discovery 2013-09-16 17:27:04 -04:00
Justin Richer 6605877a1b added encryption/decryption to cached JWK-URI service 2013-09-16 17:27:04 -04:00
Justin Richer 9f13dc8f77 wrap errors in saving the client in an HTTP 400 (instead of HTTP 500) error 2013-09-13 14:22:42 -04:00
Justin Richer 9b72c6b1f3 check sector identifier URI's contents and match against redirect URIs, addresses #504 2013-09-13 14:22:24 -04:00
Justin Richer 1aa5fe25c6 re-decrypt request object at userinfo endpoint (this shouldn't need to happen) 2013-09-12 17:05:34 -04:00
Justin Richer 09cd752c86 added basic support for encrypted request objects, addresses #475 2013-09-12 17:05:12 -04:00
Justin Richer a52f86db49 removed NYI tags from request object algorithm fields 2013-09-12 16:46:22 -04:00
Justin Richer d09b3b50d6 call encode() instead of new() on Base64URL utility 2013-09-12 15:19:14 -04:00
Justin Richer 35bd9c8eda throw appropriate errors from request factory 2013-09-12 14:48:54 -04:00
Justin Richer e67a41c556 added transient passthroughs to JOSE algorithms for client 2013-09-12 14:08:37 -04:00
Justin Richer c9aa42dbef better processing for signed request objects 2013-09-12 13:56:10 -04:00
Justin Richer f9ca15139d added phone-number verified, addresses #505 
affects #455
 2013-09-12 10:19:14 -04:00
Justin Richer 6cbed133b2 let user know that the client is using a pairwise identifier on approval 2013-09-11 17:39:55 -04:00
Justin Richer a9f639a718 moved subject type and sector identifier controls to the 'access' tab 2013-09-11 17:14:35 -04:00
Justin Richer 6b66139ead added unit test for uuid service 2013-09-11 15:28:00 -04:00
Justin Richer 0281cf02fe calculate pairwise based on redirect uri rather than client id 2013-09-11 14:37:17 -04:00
Justin Richer f6a8ac4529 added unit test for default userinfo service (with pairwise checks) 2013-09-11 11:59:40 -04:00
Justin Richer 77c0473438 fixed comparison order to be null safe 
cleaned up type check
 2013-09-11 11:59:34 -04:00
Justin Richer dbdc2e777d added pairwise identifier service and repository 2013-09-10 17:15:58 -04:00
Justin Richer bdf62eaa36 need to check the sector identifier at some point 2013-09-10 16:35:51 -04:00
Justin Richer 914f2e4d93 added new call to get the UserInfo in context with the requesting client to allow for pairwise identifiers. 
temporary implementation of pairwise identifiers in place
 2013-09-10 16:01:17 -04:00
Justin Richer 149fb1bac1 services shouldn't be transactional 2013-09-10 15:26:09 -04:00
Justin Richer 29d1c7d54a userinfo endpoint now uses OAuth2Authentication exclusively 
(which is all it was really doing before)
 2013-09-10 14:16:34 -04:00
Justin Richer ac42c00062 id token now uses userinfo's sub 2013-09-10 13:50:49 -04:00
Justin Richer f139541485 added randomized subs to demo users 2013-09-10 13:48:37 -04:00
Justin Richer b9da10d176 look up by username instead of subject 2013-09-10 11:39:00 -04:00
Justin Richer 9ea82aacf0 clean up unused getter/setter 2013-09-10 11:38:42 -04:00
Justin Richer 9720b60f05 allow loading of structured scopes from scopes.sql file (and temp tables) 2013-09-06 16:07:25 -04:00
Justin Richer 5e676e0e59 fixed scope UI 2013-09-06 16:07:25 -04:00
Justin Richer 2b663bb23c UI for scope editing 2013-09-06 16:07:25 -04:00
Justin Richer 469e722f72 defer to system scope matcher in approval handler 2013-09-06 16:07:25 -04:00
Justin Richer 99ad9b883e added validator that knows how to deal with structured scopes 2013-09-06 16:07:25 -04:00
Justin Richer 59187d47e4 use new unified parsing for approval page 2013-09-06 16:07:25 -04:00
Justin Richer 85533d50cf scope comparison for TofuUserApprovalHandler 2013-09-06 16:07:25 -04:00
Justin Richer 1c4c53f252 scope comparison for introspection endpoint 2013-09-06 16:07:24 -04:00
Justin Richer 6152a943d8 serialize structured scopes properly (with tests) 2013-09-06 16:07:24 -04:00
Justin Richer 72f0ab631d added transient structured value to system scope, added scope matcher function to scope service 2013-09-06 16:07:24 -04:00
Justin Richer 3fc34f15c8 added structured scope update to mysql (affects #455) 2013-09-06 16:07:24 -04:00
Josh Mandel b416888b07 Structured Scopes from BB+ 2013-09-06 16:07:24 -04:00
Justin Richer 127507246e if the client doesn't ask for any system scopes, but asks for some non-system scopes, they'll now get the defaults instead of none 
addresses #498
 2013-09-06 13:30:22 -04:00
Justin Richer 64bbb73d1b cleaned up CORS filter implementation 2013-09-03 16:01:19 -04:00
Justin Richer 6ff4ae1458 added CORS filter 2013-09-03 15:17:18 -04:00
Justin Richer 81cb60ad7b made introspection and revocation work with basic auth (and possible OAuth tokens, but that needs more work) 2013-09-03 15:17:16 -04:00
Justin Richer bdbff8d45c tell spring to not stuff model into the redirects, partially addresses #492 2013-08-30 16:38:07 -04:00
Justin Richer 84f097edf4 removed outdated client credentials filter, addresses #491 2013-08-30 11:48:52 -04:00
Justin Richer d7be122a21 added basic user profile view implementation 2013-08-29 17:33:42 -04:00
Justin Richer 55ea880396 hide admin panels from non-admin users, addresses #472 2013-08-29 17:15:13 -04:00
Justin Richer 235029ba0e inject user's authorities into javascript context 2013-08-29 16:58:36 -04:00
Justin Richer eab4563551 inject user's email address into contacts on dynamic registration 2013-08-29 16:58:24 -04:00
Justin Richer be6179d1ac inject the current user into the javascript context 2013-08-29 16:44:01 -04:00
Justin Richer 5c10eef8b7 added delete function 2013-08-29 14:18:54 -04:00
Justin Richer d92b7c4810 changed display of core client components, added warning 2013-08-29 11:50:05 -04:00
Justin Richer 4009d9ea82 added create and update functions 2013-08-29 11:11:37 -04:00
Justin Richer 8e6da2b936 json view and form elements 2013-08-28 16:42:43 -04:00
Justin Richer 36151975c1 added client read and oauth token support for CRUD abilities 2013-08-28 15:32:18 -04:00
Justin Richer ead99474be fixed panels for client form 2013-08-28 14:38:03 -04:00
Justin Richer fb66af2071 added form editor and control for newly-registered clients 2013-08-28 14:20:20 -04:00
Justin Richer 51973ea595 added dev page for self-service client registration 2013-08-28 14:17:30 -04:00
William Kim 2108311d65 Revert "refactored code to use the more generic JWT declaration." 
This reverts commit e0b56bc72a.
 2013-08-26 15:33:08 -04:00
William Kim e0b56bc72a refactored code to use the more generic JWT declaration. 2013-08-26 11:32:46 -04:00
Justin Richer ca777f7dc4 proper null check for client's preferred signature method 2013-08-20 16:45:45 -04:00
William Kim 07bec462cc added comment about why we can't use set intersection method. 2013-08-20 14:09:14 -04:00
William Kim b89436d7b9 UserInfoView returning intersection of claims request parameter and request object claims in effect now. 2013-08-20 08:55:56 -04:00
Justin Richer bd3d2a5cee created crypto tab 2013-08-19 17:35:05 -04:00
Justin Richer 3f66d16236 removed NYI tag from ID token signing alg 2013-08-19 17:31:13 -04:00
Justin Richer 48a9202f79 fixed jquery.on regex to be less aggressive 2013-08-19 17:20:29 -04:00
Amanda Anganes 941e9544e2 Compare client_ids instead of Client objects 2013-08-19 16:55:56 -04:00
Amanda Anganes 3eae6f2789 Changed client algorithm check to look for null instead of JWSAlgorithm.NONE, which is a valid value. 2013-08-19 16:55:29 -04:00
Amanda Anganes 0059c7b4cc Use clients preferred algorithm, if any, to sign 2013-08-19 16:33:18 -04:00
Justin Richer 2fb138aa19 fixed jquery.on syntax bug, addresses #346 2013-08-19 16:07:34 -04:00
Justin Richer 8edc8cc69a Disable unsupported JOSE algorithms in UI, addresses #476 2013-08-19 15:52:00 -04:00
Justin Richer 8c91861188 load server configuration into JS app 2013-08-19 15:52:00 -04:00
Justin Richer e40b1cf850 animated loading bar for management console 2013-08-19 15:52:00 -04:00
Justin Richer a80c19384f added 'use server default' to JOSE options, addresses #462 2013-08-19 15:52:00 -04:00
William Kim b54f33d0db fixed json elements of "claims" and "userinfo" being processed out of order. 2013-08-19 14:15:53 -04:00
William Kim 7b813c79ee parsing "claims" parameter directly from userinfoendpoint requests. 2013-08-19 13:32:34 -04:00
William Kim 1ffbb39a2b refactored json parser to a private static field. 2013-08-19 13:30:56 -04:00
William Kim 89056bd911 removed test-specific constructor and default constructor. 2013-08-19 13:30:56 -04:00
Justin Richer ba0c3c5d78 id tokens always expire, addresses #416 2013-08-19 12:42:37 -04:00
William Kim 7e51a361ba changed to using relative em lengths instead of hard px length values for token timeout form elements. 2013-08-15 16:19:47 -04:00
Justin Richer c1ee5141a4 added back default timeouts and fixed refresh token check 2013-08-15 15:50:36 -04:00
William Kim 00db39dab9 addresses issue #471. setting default timeout values in the backbone model to null. 2013-08-15 15:29:16 -04:00
Justin Richer 1b674b6420 restored bootstrap to out-of-the-box formatting, addresses #454 2013-08-15 14:50:18 -04:00
William Kim a6bb56ed9a unit select box appropriately disabled after saving now. 2013-08-15 14:03:25 -04:00
William Kim 86c6a0ea8b clear token timeout form fields when disabled and also disable unit selector. 2013-08-15 13:09:53 -04:00
William Kim 3f01ae1a71 renamed token expiration form field ids from -seconds to -time. 2013-08-15 11:13:29 -04:00
William Kim 2242db5c11 shortened token timeout form fields. 2013-08-15 11:13:29 -04:00
William Kim 6f8143937e dropdown time unit chooser added for token expiration. 2013-08-15 11:13:29 -04:00
William Kim 7ab53795b1 refactor js. getFormTokenValue() -> getFormTokenNumberValue(). 2013-08-15 11:13:29 -04:00
Justin Richer 7d51335055 added prompt=login support, addresses #323 2013-08-14 17:00:56 -04:00
Justin Richer a0646452ab test for max_age, force login if not fresh enough, addresses #467 2013-08-14 16:50:51 -04:00
Justin Richer 6c1e91b7e3 auth_time is now tracked, addresses #288 2013-08-14 15:39:41 -04:00
Amanda Anganes e88c6c4943 Changed predicates methods to use Collections2.filter rather than Sets.filter 2013-08-13 10:31:39 -04:00
William Kim f1357cceb4 corrected output for badly-formatted timeout date. 2013-08-12 16:20:42 -04:00
William Kim 025eb05d3a added date format validity check for moment.js usage. 2013-08-12 16:15:06 -04:00
William Kim c1607b53e4 null-checking in date display for approved sites. 2013-08-12 15:52:30 -04:00
William Kim d67a492b6c date display logic to use moment.js. 2013-08-12 15:03:46 -04:00
William Kim ba7e791985 initial moment time formatting commit. 2013-08-12 12:15:47 -04:00
William Kim a72ba6d98b importing moment.js library. 2013-08-12 11:23:43 -04:00
William Kim 6687e3a831 override createOAuth2Request method for factory iss #465. 2013-08-09 13:03:46 -04:00