5773fe195b
set proper content type on user info JWT response
2014-06-18 18:05:11 -04:00
5f97ce0ca1
fixed error code string
2014-06-18 14:50:17 -04:00
6589cd717d
disallow fragments in redirect uris for dynamic clients, closes #622
2014-06-18 14:49:29 -04:00
4e52543091
more properly respond to some client registration errors
2014-06-18 14:45:55 -04:00
c493f438e7
applied token rotation to protected resources
2014-06-12 19:37:50 -04:00
f4edd3164f
made timeout field optional, tokens don't expire in the default case
2014-06-12 19:37:32 -04:00
4e09ec687b
Registration Token regeneration - when they are beyond their lifetime
...
(in read/update calls)
2014-06-12 19:12:32 -04:00
ed3e6a2814
https://github.com/mitreid-connect/OpenID-Connect-Java-Spring-Server/issues/431 :
...
Generating a new registration access token on read/update call and
revoking the token issued earlier.
2014-06-12 19:12:32 -04:00
a106121af3
created blacklist aware redirect resolver and wired it in, closes #549
2014-06-10 16:29:45 -04:00
a97f3e2d65
don't throw away creation time on protected resource update (oops)
2014-06-09 20:22:58 -04:00
e0fe22e4ba
don't regenerate client secrets every single time
2014-06-09 20:20:36 -04:00
53148f2c87
better auth method checking in dynamic registration and resource registration
2014-06-09 17:41:27 -04:00
f15b4a0f74
resource registration returned the wrong URL
2014-06-09 17:41:01 -04:00
47cc005fe5
more sanity checking for client secrets
2014-06-09 16:06:57 -04:00
cac645484f
client API now generates client secret only for clients that require a client secret
2014-06-09 16:00:55 -04:00
52e53ba219
extracted validation exception, refactored protected resource registration endpoint to use this format
2014-06-06 11:13:41 -04:00
b7a8bbdddc
cleanup, error wrappers on protected resource registration
2014-06-06 10:58:40 -04:00
deaccf437e
refactored dynamic registration endpoint's checks for client consistency
2014-06-06 10:18:40 -04:00
04f7a698ea
added response type consistency checking, closes #430
2014-06-05 19:41:06 -04:00
32101ff7b2
added parsing checks, fixed inverted logic, cleaned up redundant settings, closes #597
2014-06-05 19:06:03 -04:00
ab083c0963
added checks to dynamic registration endpoint that disallow registration of multiple incompatible grant types
2014-06-05 17:16:35 -04:00
cdd23df7ee
token introspection now returns user "sub" when available in addition to "user_id", closes #507 (might cause incompatibility problems)
2014-06-04 17:27:38 -04:00
85acfa90db
[maven-release-plugin] prepare for next development iteration
2014-06-04 14:51:32 -04:00
d5e4cb45a2
[maven-release-plugin] prepare release mitreid-connect-1.1.7
2014-06-04 14:51:29 -04:00
8861220632
stats on home page are now loaded in the background (makes main site load much faster)
2014-06-04 14:39:30 -04:00
3e4aae6c8a
hash tests now pass on Java8
2014-05-29 17:41:56 -04:00
dfdc4ed52d
fixed information leaks from approved site API
2014-05-28 18:21:46 -04:00
a84c10fc1c
Change copyright from Netcetera to MITRE/MIT-KIT.
2014-05-28 08:52:31 +02:00
2797731597
fixed unit test to account for cascading tokens
2014-05-27 20:39:19 -04:00
d2c83104fb
cascade token saves
2014-05-27 19:28:38 -04:00
7f8cbcea39
Use return value from TokenEnhancer.enhance
2014-05-27 19:23:44 -04:00
be98b9cd0b
[maven-release-plugin] prepare for next development iteration
2014-05-27 14:00:40 -04:00
8320f0eefe
[maven-release-plugin] prepare release mitreid-connect-1.1.6
2014-05-27 14:00:37 -04:00
0c8cacd59a
added missing copyright headers
2014-05-27 13:46:47 -04:00
525f3aa2a8
Cleaned up indentation, whitespace, and imports.
2014-05-27 13:02:49 -04:00
8185171119
minor clean up
2014-05-27 11:54:45 -04:00
5ab516de48
prevent clients from registering with special resource scope
2014-05-26 17:39:20 -04:00
c34357a433
added resource registration endpoint with basic functionality and specialized tokens
2014-05-26 16:30:24 -04:00
960319b796
improved logging configuration, removed transactional from service
2014-05-25 15:38:44 -04:00
85fd4e71ce
typo in error message
2014-05-25 15:37:58 -04:00
2af51dc77a
better URI check for prompt filter short circuit
2014-05-25 14:24:25 -04:00
f4a1a2acff
fixed prompt filter coding error
2014-05-24 23:16:29 -04:00
89d55e3d33
added support for default max auth age and require auth time, made prompt filter only work on authorization endpoint
2014-05-24 22:12:41 -04:00
5c6e75bd53
cleaned up UI for client editing
2014-05-24 20:56:54 -04:00
05e9624ae3
added support for encrypted and symmetrically signed id tokens and user info responses
2014-05-23 21:15:50 -04:00
ffe1b29906
Added Signed JWT support to UserInfo endpoint response, closes #593
2014-05-23 19:15:03 -04:00
e4d5f4a540
added system wide cache for all symmetric validators, closes # 557
2014-05-23 16:16:06 -04:00
ca333d256b
Appropriately catch runtime exceptions in all guava caches, closes #603
2014-05-23 15:00:40 -04:00
df9c9747ce
more reasonable check for whether or not a user auth is present, addresses #602
2014-05-23 11:49:51 -04:00
4e890a4d7d
enforce clients using a redirect flow have at least one redirect uri registered when using dynamic registration, made error handling more consistent across all APIs
...
closes #596
2014-05-21 18:29:51 -04:00
a225b00920
added null check and permissions check to ID token generation, closes #602
2014-05-21 17:45:25 -04:00
880014176f
[maven-release-plugin] prepare for next development iteration
2014-05-13 18:23:11 -04:00
ca8a003e3d
[maven-release-plugin] prepare release mitreid-connect-1.1.5
2014-05-13 18:23:08 -04:00
dcf36234c4
moved CSRF generator to request parser instead of confirmation controller
2014-05-13 09:48:34 -04:00
a253ebc908
added CSRF protection to approval page
2014-05-13 09:27:02 -04:00
fcfbf1080f
renamed auth request variable
2014-05-13 09:26:27 -04:00
7cd36b471f
Make introspection endpoint access authorization pluggable.
2014-05-07 16:44:56 +02:00
4b697ba909
webfinger checks host on acct: URIs, closes #404
2014-04-25 21:21:00 -04:00
b8129bf60d
[maven-release-plugin] prepare for next development iteration
2014-04-21 19:19:10 -04:00
a9e34ac9bd
[maven-release-plugin] prepare release mitreid-connect-1.1.4
2014-04-21 19:19:07 -04:00
376403fa4a
account for registration time in approval page, closes #550
2014-04-19 07:28:20 -04:00
1d2f968bd1
configuration cleanup, closes #568
2014-04-18 22:11:58 -04:00
318a28ddf8
added stats mock to unit tests
2014-04-16 22:05:03 -04:00
521017c5c2
updated stats service to have a resettable cache triggered by other service events
2014-04-16 21:39:37 -04:00
7f310400b1
simple cache for stats
2014-04-16 21:18:12 -04:00
39509bfdc4
Performance improvement of token cleanup:
...
an alternative token cleanup mechanism designed to maintain a very compact memory footprint while performing cleanup in consecutive runs of the cleanup thread. This serves to address OutOfMemoryException issues of the original token cleanup mechanism when process is under load. Also, added cleanup of the authentication_holder table.
2014-04-10 23:38:37 -04:00
265624b285
a fix for a NullPointerException whenever a client requests a client scope to be granted.
2014-04-10 22:41:20 -04:00
97cd00e06c
[maven-release-plugin] prepare for next development iteration
2014-03-19 21:40:21 -04:00
23c7cf6996
[maven-release-plugin] prepare release mitreid-connect-1.1.3
2014-03-19 21:40:18 -04:00
ad5ffb64e8
[maven-release-plugin] prepare for next development iteration
2014-03-08 11:17:40 +00:00
1635cf957d
[maven-release-plugin] prepare release mitreid-connect-1.1.2
2014-03-08 11:17:35 +00:00
53cc7ef447
Fixed audience claim on client auth assertion
2014-03-06 19:45:05 +00:00
1fcef858c6
updated server discovery document to reflect new capabilities
2014-03-06 16:48:27 +00:00
b67121f0cd
added client_secret_jwt auth method support, closes #174
2014-03-04 23:45:36 +00:00
15b017992c
added DELETE to token api because revocation endpoint doesn't work for this kind of management, closes #191
2014-03-01 11:05:46 +00:00
89f015cf1c
Updated Token API to be less leaky
2014-02-28 21:14:27 +00:00
dd391ebf3c
Display contacts, popup for image, cleanup of more info
2014-02-16 21:58:16 -05:00
dab52ca8a0
enhancements to approval page
2014-02-16 18:25:05 -05:00
ec6a78c1ba
made prompt pluralizable to comply with spec, closes #519
2014-02-16 01:41:08 -05:00
9395c3802d
[maven-release-plugin] prepare for next development iteration
2014-02-10 15:28:14 -05:00
4f8311962a
[maven-release-plugin] prepare release mitreid-connect-1.1.1
2014-02-10 15:28:11 -05:00
19dbe92d4e
initial support for displaying claim values for requested scopes
2014-01-20 20:56:04 -05:00
3b52ce8201
happy new year!
2014-01-20 12:38:42 -05:00
ebbc7209aa
automated code formatting and cleanup
2013-12-03 14:19:34 -05:00
e1e7f7a579
[maven-release-plugin] prepare for next development iteration
2013-12-02 12:18:11 -05:00
42fe973f7b
[maven-release-plugin] prepare release mitreid-connect-1.1.0
2013-12-02 12:18:08 -05:00
4a8d693746
fixed prompt filter map mismatch (I hate type erasure)
2013-12-02 11:55:09 -05:00
ce1f3f2f94
updated mockito, fixed some unit tests
2013-11-27 12:37:05 -05:00
d330bd1c9b
cleanup, added revocation uri to server config
2013-11-27 12:23:04 -05:00
ed06b14406
publish revocation endpoint, addresses #520
2013-11-27 12:13:42 -05:00
b7011f508e
urlencode client IDs in client registration URIs, addresses #422
2013-11-27 12:12:10 -05:00
8c1bfb7e0c
set current user's email address to owner when using admin UI
2013-11-27 12:11:36 -05:00
6c4d2a8e8d
vestigial comment cleanup
2013-11-27 12:06:53 -05:00
db5532e9bf
comment cleanup
2013-11-27 11:34:41 -05:00
39fb96a802
pull request from extensions map
2013-11-27 11:20:38 -05:00
86e0f0c7ee
cleaned up old comments
2013-11-27 11:20:01 -05:00
a24eadeb11
cleaned up responseType calls, addresses #451
2013-11-27 11:03:15 -05:00
df511a81cc
override from #465 no longer needed
2013-11-27 10:53:16 -05:00
d3dbb00e77
ensure clients and tokens don't get special system scopes, addresses #320
2013-11-27 10:35:56 -05:00
ef01de168d
Moved special token scopes to scope service interface
2013-11-27 10:21:52 -05:00
4f986d6a38
clean up some auto generated functions
2013-11-27 09:57:56 -05:00
f56135810c
Fixed request object precedence order
2013-11-27 09:52:26 -05:00
447df56947
removed unused nonce exception
2013-11-27 09:10:35 -05:00
27f391ef01
Fixed compilation errors for SECOAUTH milestone updates
2013-11-25 09:31:50 -05:00
190caee9a1
refactored userinfo serializer
2013-11-18 09:49:23 -05:00
46be502ed1
Enforces minimum Java version 1.6 on the openid-connect-server project.
2013-10-22 18:08:02 -07:00
2a34994383
cleanup view
2013-09-26 17:07:38 -04:00
7a4366c083
collapsed two serialization functions into one
2013-09-26 16:15:30 -04:00
65a7e1d724
Added UserInfo.toJson method; added ScopeClaimTranslationService; rewrote UserInfoSerializer to use both
2013-09-26 12:03:39 -04:00
cb449c25b1
Made a UserInfoSerializer class, attempted to switch UserInfoInterceptor over to use it, but it requires a bad hack. I might be missing something.
2013-09-26 12:03:39 -04:00
73863302e9
added spring-tx dependency to server
2013-09-24 14:08:53 -04:00
8a5a16f374
refactored project into four modules:
...
Common
Client
Server Library
Server Webapp
addresses #367
2013-09-23 17:19:09 -04:00
bf3e0033fe
initial refactor of userinfoview for new model components
2013-09-19 12:36:22 -04:00
9debf1486d
pass authorized and requested claims as strings to view
2013-09-19 12:36:22 -04:00
b396610f35
refactor processing of request object
2013-09-19 12:36:22 -04:00
47d304851d
Created token service for OIDC special tokens; removed creation of id tokens and registration_access_tokens to the new service.
2013-09-17 16:56:46 -04:00
66e837f650
Move extension parameters into OAuth2Request.extensions map; remove all calls to OAuth2Request.getRequestParameters.
2013-09-17 10:54:19 -04:00
e1ed53a229
added missing parts to discovery
2013-09-16 17:27:04 -04:00
6605877a1b
added encryption/decryption to cached JWK-URI service
2013-09-16 17:27:04 -04:00
9f13dc8f77
wrap errors in saving the client in an HTTP 400 (instead of HTTP 500) error
2013-09-13 14:22:42 -04:00
9b72c6b1f3
check sector identifier URI's contents and match against redirect URIs, addresses #504
2013-09-13 14:22:24 -04:00
1aa5fe25c6
re-decrypt request object at userinfo endpoint (this shouldn't need to happen)
2013-09-12 17:05:34 -04:00
09cd752c86
added basic support for encrypted request objects, addresses #475
2013-09-12 17:05:12 -04:00
a52f86db49
removed NYI tags from request object algorithm fields
2013-09-12 16:46:22 -04:00
d09b3b50d6
call encode() instead of new() on Base64URL utility
2013-09-12 15:19:14 -04:00
35bd9c8eda
throw appropriate errors from request factory
2013-09-12 14:48:54 -04:00
e67a41c556
added transient passthroughs to JOSE algorithms for client
2013-09-12 14:08:37 -04:00
c9aa42dbef
better processing for signed request objects
2013-09-12 13:56:10 -04:00
f9ca15139d
added phone-number verified, addresses #505
...
affects #455
2013-09-12 10:19:14 -04:00
6cbed133b2
let user know that the client is using a pairwise identifier on approval
2013-09-11 17:39:55 -04:00
a9f639a718
moved subject type and sector identifier controls to the 'access' tab
2013-09-11 17:14:35 -04:00
6b66139ead
added unit test for uuid service
2013-09-11 15:28:00 -04:00
0281cf02fe
calculate pairwise based on redirect uri rather than client id
2013-09-11 14:37:17 -04:00
f6a8ac4529
added unit test for default userinfo service (with pairwise checks)
2013-09-11 11:59:40 -04:00
77c0473438
fixed comparison order to be null safe
...
cleaned up type check
2013-09-11 11:59:34 -04:00
dbdc2e777d
added pairwise identifier service and repository
2013-09-10 17:15:58 -04:00
bdf62eaa36
need to check the sector identifier at some point
2013-09-10 16:35:51 -04:00
914f2e4d93
added new call to get the UserInfo in context with the requesting client to allow for pairwise identifiers.
...
temporary implementation of pairwise identifiers in place
2013-09-10 16:01:17 -04:00
149fb1bac1
services shouldn't be transactional
2013-09-10 15:26:09 -04:00
29d1c7d54a
userinfo endpoint now uses OAuth2Authentication exclusively
...
(which is all it was really doing before)
2013-09-10 14:16:34 -04:00
ac42c00062
id token now uses userinfo's sub
2013-09-10 13:50:49 -04:00
f139541485
added randomized subs to demo users
2013-09-10 13:48:37 -04:00
b9da10d176
look up by username instead of subject
2013-09-10 11:39:00 -04:00
9ea82aacf0
clean up unused getter/setter
2013-09-10 11:38:42 -04:00
9720b60f05
allow loading of structured scopes from scopes.sql file (and temp tables)
2013-09-06 16:07:25 -04:00
5e676e0e59
fixed scope UI
2013-09-06 16:07:25 -04:00
2b663bb23c
UI for scope editing
2013-09-06 16:07:25 -04:00
469e722f72
defer to system scope matcher in approval handler
2013-09-06 16:07:25 -04:00
99ad9b883e
added validator that knows how to deal with structured scopes
2013-09-06 16:07:25 -04:00
59187d47e4
use new unified parsing for approval page
2013-09-06 16:07:25 -04:00
85533d50cf
scope comparison for TofuUserApprovalHandler
2013-09-06 16:07:25 -04:00
1c4c53f252
scope comparison for introspection endpoint
2013-09-06 16:07:24 -04:00
6152a943d8
serialize structured scopes properly (with tests)
2013-09-06 16:07:24 -04:00
72f0ab631d
added transient structured value to system scope, added scope matcher function to scope service
2013-09-06 16:07:24 -04:00
3fc34f15c8
added structured scope update to mysql (affects #455 )
2013-09-06 16:07:24 -04:00
b416888b07
Structured Scopes from BB+
2013-09-06 16:07:24 -04:00
127507246e
if the client doesn't ask for any system scopes, but asks for some non-system scopes, they'll now get the defaults instead of none
...
addresses #498
2013-09-06 13:30:22 -04:00
64bbb73d1b
cleaned up CORS filter implementation
2013-09-03 16:01:19 -04:00
6ff4ae1458
added CORS filter
2013-09-03 15:17:18 -04:00
81cb60ad7b
made introspection and revocation work with basic auth (and possible OAuth tokens, but that needs more work)
2013-09-03 15:17:16 -04:00
bdbff8d45c
tell spring to not stuff model into the redirects, partially addresses #492
2013-08-30 16:38:07 -04:00
84f097edf4
removed outdated client credentials filter, addresses #491
2013-08-30 11:48:52 -04:00
d7be122a21
added basic user profile view implementation
2013-08-29 17:33:42 -04:00
55ea880396
hide admin panels from non-admin users, addresses #472
2013-08-29 17:15:13 -04:00
235029ba0e
inject user's authorities into javascript context
2013-08-29 16:58:36 -04:00
eab4563551
inject user's email address into contacts on dynamic registration
2013-08-29 16:58:24 -04:00
be6179d1ac
inject the current user into the javascript context
2013-08-29 16:44:01 -04:00
5c10eef8b7
added delete function
2013-08-29 14:18:54 -04:00
d92b7c4810
changed display of core client components, added warning
2013-08-29 11:50:05 -04:00
4009d9ea82
added create and update functions
2013-08-29 11:11:37 -04:00
8e6da2b936
json view and form elements
2013-08-28 16:42:43 -04:00
36151975c1
added client read and oauth token support for CRUD abilities
2013-08-28 15:32:18 -04:00
ead99474be
fixed panels for client form
2013-08-28 14:38:03 -04:00
fb66af2071
added form editor and control for newly-registered clients
2013-08-28 14:20:20 -04:00
51973ea595
added dev page for self-service client registration
2013-08-28 14:17:30 -04:00
2108311d65
Revert "refactored code to use the more generic JWT declaration."
...
This reverts commit e0b56bc72a
2013-08-26 15:33:08 -04:00
e0b56bc72a
refactored code to use the more generic JWT declaration.
2013-08-26 11:32:46 -04:00
ca777f7dc4
proper null check for client's preferred signature method
2013-08-20 16:45:45 -04:00
07bec462cc
added comment about why we can't use set intersection method.
2013-08-20 14:09:14 -04:00
b89436d7b9
UserInfoView returning intersection of claims request parameter and request object claims in effect now.
2013-08-20 08:55:56 -04:00
bd3d2a5cee
created crypto tab
2013-08-19 17:35:05 -04:00
3f66d16236
removed NYI tag from ID token signing alg
2013-08-19 17:31:13 -04:00
48a9202f79
fixed jquery.on regex to be less aggressive
2013-08-19 17:20:29 -04:00
941e9544e2
Compare client_ids instead of Client objects
2013-08-19 16:55:56 -04:00
3eae6f2789
Changed client algorithm check to look for null instead of JWSAlgorithm.NONE, which is a valid value.
2013-08-19 16:55:29 -04:00
0059c7b4cc
Use clients preferred algorithm, if any, to sign
2013-08-19 16:33:18 -04:00
2fb138aa19
fixed jquery.on syntax bug, addresses #346
2013-08-19 16:07:34 -04:00
8edc8cc69a
Disable unsupported JOSE algorithms in UI, addresses #476
2013-08-19 15:52:00 -04:00
8c91861188
load server configuration into JS app
2013-08-19 15:52:00 -04:00
e40b1cf850
animated loading bar for management console
2013-08-19 15:52:00 -04:00
a80c19384f
added 'use server default' to JOSE options, addresses #462
2013-08-19 15:52:00 -04:00
b54f33d0db
fixed json elements of "claims" and "userinfo" being processed out of order.
2013-08-19 14:15:53 -04:00
7b813c79ee
parsing "claims" parameter directly from userinfoendpoint requests.
2013-08-19 13:32:34 -04:00
1ffbb39a2b
refactored json parser to a private static field.
2013-08-19 13:30:56 -04:00
89056bd911
removed test-specific constructor and default constructor.
2013-08-19 13:30:56 -04:00
ba0c3c5d78
id tokens always expire, addresses #416
2013-08-19 12:42:37 -04:00
7e51a361ba
changed to using relative em lengths instead of hard px length values for token timeout form elements.
2013-08-15 16:19:47 -04:00
c1ee5141a4
added back default timeouts and fixed refresh token check
2013-08-15 15:50:36 -04:00
00db39dab9
addresses issue #471 . setting default timeout values in the backbone model to null.
2013-08-15 15:29:16 -04:00
1b674b6420
restored bootstrap to out-of-the-box formatting, addresses #454
2013-08-15 14:50:18 -04:00
a6bb56ed9a
unit select box appropriately disabled after saving now.
2013-08-15 14:03:25 -04:00
86c6a0ea8b
clear token timeout form fields when disabled and also disable unit selector.
2013-08-15 13:09:53 -04:00
3f01ae1a71
renamed token expiration form field ids from -seconds to -time.
2013-08-15 11:13:29 -04:00
2242db5c11
shortened token timeout form fields.
2013-08-15 11:13:29 -04:00
6f8143937e
dropdown time unit chooser added for token expiration.
2013-08-15 11:13:29 -04:00
7ab53795b1
refactor js. getFormTokenValue() -> getFormTokenNumberValue().
2013-08-15 11:13:29 -04:00
7d51335055
added prompt=login support, addresses #323
2013-08-14 17:00:56 -04:00
a0646452ab
test for max_age, force login if not fresh enough, addresses #467
2013-08-14 16:50:51 -04:00
6c1e91b7e3
auth_time is now tracked, addresses #288
2013-08-14 15:39:41 -04:00
e88c6c4943
Changed predicates methods to use Collections2.filter rather than Sets.filter
2013-08-13 10:31:39 -04:00
f1357cceb4
corrected output for badly-formatted timeout date.
2013-08-12 16:20:42 -04:00
025eb05d3a
added date format validity check for moment.js usage.
2013-08-12 16:15:06 -04:00
c1607b53e4
null-checking in date display for approved sites.
2013-08-12 15:52:30 -04:00
d67a492b6c
date display logic to use moment.js.
2013-08-12 15:03:46 -04:00
ba7e791985
initial moment time formatting commit.
2013-08-12 12:15:47 -04:00
a72ba6d98b
importing moment.js library.
2013-08-12 11:23:43 -04:00
6687e3a831
override createOAuth2Request method for factory iss #465 .
2013-08-09 13:03:46 -04:00
ef4482249c
Dyn-reg endpoint now creates the registration access token from scratch instead of calling token services; token services no longer needs to check for RAT scope to avoid expiring RATs
2013-08-09 11:49:11 -04:00
15e512cec3
renamed JWSUtils -> IdTokenHashUtils, renamed internal variables
2013-08-08 14:34:19 -04:00
0f16bacc63
TestJWSUtils done.
2013-08-08 14:10:35 -04:00
2ba8ad71f1
updated hash tests.
2013-08-08 14:10:35 -04:00
cdd3a6d478
changed at_hash/c_hash impl. HMAC-SHA --> regular SHA.
2013-08-08 14:10:35 -04:00
fd611ce353
Had an unsaved file hanging around - formatting JSPs
2013-08-08 14:03:59 -04:00
a91f160e34
Fixed formatting in tag files
2013-08-08 14:00:01 -04:00
5beac9d50d
Fixed formatting in JSPs
2013-08-08 13:18:14 -04:00
2d4d7f7be9
Had to hand-merge some things; git got confused
2013-08-07 10:59:55 -04:00
861beeba64
Added c_hash function, added stub of unit test for JWSUtils
2013-08-07 10:43:26 -04:00
37580cc21e
JWSUtils uses JWSAlgorithm to match bit length; ConnectTokenEnhancer calls the util method now
2013-08-07 10:41:53 -04:00
3a591dc1f4
Added JWSUtils class;
2013-08-07 10:38:28 -04:00
be97aedbc7
Used Predicates to filter expired tokens and approved sites;
2013-08-06 16:42:49 -04:00
b3bb43881d
Moved getExpired to service layers
2013-08-06 16:33:27 -04:00
eea37cf79c
Fixed token expiration bug by removing jsql queries. Instead expired tokens or approved sites are filtered at the repository level
2013-08-06 11:28:13 -04:00
ce4ab6a766
Updated spring version to 3.2.3; added a 10-minute initial delay to the scheduled tasks in task-config.xml
2013-08-05 16:31:56 -04:00
265214511c
Renamed oAuth2RequestFactory
2013-08-05 14:04:48 -04:00
a4c1a7a37d
Issue 449
2013-08-02 11:20:47 -04:00
9dda789488
Updated database tables
2013-08-02 11:16:11 -04:00
2f711c88a7
Removed nonce service
2013-08-02 10:56:28 -04:00
d4fbb4f599
Removed Event class
2013-08-02 10:06:41 -04:00
88863f4910
replaced mock TokenRequest and the storedAuth test field with concrete objects. test should pass now.
2013-07-30 11:42:11 -04:00
1392faa83c
replaced mock client auth with concrete OAuth2Request object
2013-07-30 11:42:11 -04:00
ad2ace6d74
Do not expire registration tokens
2013-07-30 11:33:15 -04:00
beaeaa4ccc
I can spell "consortium", I promise
2013-07-29 17:40:26 -04:00
b2b6fd6448
further cleanup
2013-07-29 17:00:35 -04:00
856c0ea0b5
Merge commit '023dd440d4a0e6e59a14c88013837d79a77c74e0' into 1.1-merge
...
Conflicts:
openid-connect-client/pom.xml
openid-connect-client/src/main/java/org/mitre/oauth2/introspectingfilter/AuthorizationRequestImpl.java
openid-connect-client/src/main/java/org/mitre/oauth2/introspectingfilter/IntrospectingTokenService.java
openid-connect-client/src/main/java/org/mitre/oauth2/introspectingfilter/IntrospectionAuthorityGranter.java
openid-connect-client/src/main/java/org/mitre/oauth2/introspectingfilter/IntrospectionUrlProvider.java
openid-connect-client/src/main/java/org/mitre/openid/connect/client/OIDCAuthenticationFilter.java
openid-connect-client/src/main/java/org/mitre/openid/connect/client/OIDCAuthenticationProvider.java
openid-connect-client/src/main/java/org/mitre/openid/connect/client/keypublisher/ClientKeyPublisher.java
openid-connect-client/src/main/java/org/mitre/openid/connect/client/keypublisher/ClientKeyPublisherMapping.java
openid-connect-client/src/main/java/org/mitre/openid/connect/client/keypublisher/JwkViewResolver.java
openid-connect-client/src/main/java/org/mitre/openid/connect/client/service/AuthRequestUrlBuilder.java
openid-connect-client/src/main/java/org/mitre/openid/connect/client/service/ClientConfigurationService.java
openid-connect-client/src/main/java/org/mitre/openid/connect/client/service/impl/StaticClientConfigurationService.java
openid-connect-client/src/main/java/org/mitre/openid/connect/client/service/impl/StaticServerConfigurationService.java
openid-connect-client/src/main/java/org/mitre/openid/connect/client/service/impl/StaticSingleIssuerService.java
openid-connect-client/src/main/java/org/mitre/openid/connect/client/service/impl/ThirdPartyIssuerService.java
openid-connect-client/src/test/java/org/mitre/openid/connect/client/AbstractOIDCAuthenticationFilterTest.java
openid-connect-common/pom.xml
openid-connect-common/src/main/java/org/mitre/jose/keystore/JWKSetKeyStore.java
openid-connect-common/src/main/java/org/mitre/jwt/signer/service/JwtSigningAndValidationService.java
openid-connect-common/src/main/java/org/mitre/jwt/signer/service/impl/DefaultJwtSigningAndValidationService.java
openid-connect-common/src/main/java/org/mitre/jwt/signer/service/impl/JWKSetSigningAndValidationServiceCacheService.java
openid-connect-common/src/main/java/org/mitre/oauth2/model/AuthorizationCodeEntity.java
openid-connect-common/src/main/java/org/mitre/oauth2/model/ClientDetailsEntity.java
openid-connect-common/src/main/java/org/mitre/oauth2/model/OAuth2AccessTokenEntity.java
openid-connect-common/src/main/java/org/mitre/oauth2/model/OAuth2RefreshTokenEntity.java
openid-connect-common/src/main/java/org/mitre/oauth2/model/SystemScope.java
openid-connect-common/src/main/java/org/mitre/oauth2/repository/AuthorizationCodeRepository.java
openid-connect-common/src/main/java/org/mitre/oauth2/repository/OAuth2TokenRepository.java
openid-connect-common/src/main/java/org/mitre/oauth2/service/OAuth2TokenEntityService.java
openid-connect-common/src/main/java/org/mitre/openid/connect/config/ConfigurationPropertiesBean.java
openid-connect-common/src/main/java/org/mitre/openid/connect/config/ServerConfiguration.java
openid-connect-common/src/main/java/org/mitre/openid/connect/model/ApprovedSite.java
openid-connect-common/src/main/java/org/mitre/openid/connect/model/BlacklistedSite.java
openid-connect-common/src/main/java/org/mitre/openid/connect/model/Event.java
openid-connect-common/src/main/java/org/mitre/openid/connect/model/OIDCAuthenticationToken.java
openid-connect-common/src/main/java/org/mitre/openid/connect/model/WhitelistedSite.java
openid-connect-common/src/main/java/org/mitre/util/jpa/JpaUtil.java
openid-connect-server/.gitignore
openid-connect-server/pom.xml
openid-connect-server/src/main/java/org/mitre/oauth2/repository/impl/JpaAuthorizationCodeRepository.java
openid-connect-server/src/main/java/org/mitre/oauth2/service/impl/DefaultOAuth2AuthorizationCodeService.java
openid-connect-server/src/main/java/org/mitre/oauth2/service/impl/DefaultOAuth2ClientDetailsEntityService.java
openid-connect-server/src/main/java/org/mitre/oauth2/service/impl/DefaultOAuth2ProviderTokenService.java
openid-connect-server/src/main/java/org/mitre/oauth2/service/impl/DefaultSystemScopeService.java
openid-connect-server/src/main/java/org/mitre/oauth2/token/ChainedTokenGranter.java
openid-connect-server/src/main/java/org/mitre/oauth2/token/JwtAssertionTokenGranter.java
openid-connect-server/src/main/java/org/mitre/oauth2/view/TokenIntrospectionView.java
openid-connect-server/src/main/java/org/mitre/oauth2/web/IntrospectionEndpoint.java
openid-connect-server/src/main/java/org/mitre/oauth2/web/OAuthConfirmationController.java
openid-connect-server/src/main/java/org/mitre/oauth2/web/RevocationEndpoint.java
openid-connect-server/src/main/java/org/mitre/openid/connect/ConnectOAuth2RequestFactory.java
openid-connect-server/src/main/java/org/mitre/openid/connect/assertion/JwtBearerAuthenticationProvider.java
openid-connect-server/src/main/java/org/mitre/openid/connect/assertion/JwtBearerClientAssertionTokenEndpointFilter.java
openid-connect-server/src/main/java/org/mitre/openid/connect/exception/InvalidJwtSignatureException.java
openid-connect-server/src/main/java/org/mitre/openid/connect/exception/UnknownUserInfoSchemaException.java
openid-connect-server/src/main/java/org/mitre/openid/connect/exception/UserNotFoundException.java
openid-connect-server/src/main/java/org/mitre/openid/connect/repository/impl/JpaApprovedSiteRepository.java
openid-connect-server/src/main/java/org/mitre/openid/connect/repository/impl/JpaUserInfoRepository.java
openid-connect-server/src/main/java/org/mitre/openid/connect/service/impl/DefaultApprovedSiteService.java
openid-connect-server/src/main/java/org/mitre/openid/connect/service/impl/DefaultNonceService.java
openid-connect-server/src/main/java/org/mitre/openid/connect/service/impl/DefaultStatsService.java
openid-connect-server/src/main/java/org/mitre/openid/connect/service/impl/DefaultUserInfoUserDetailsService.java
openid-connect-server/src/main/java/org/mitre/openid/connect/service/impl/DefaultWhitelistedSiteService.java
openid-connect-server/src/main/java/org/mitre/openid/connect/token/ConnectTokenEnhancer.java
openid-connect-server/src/main/java/org/mitre/openid/connect/token/TofuUserApprovalHandler.java
openid-connect-server/src/main/java/org/mitre/openid/connect/view/AbstractClientEntityView.java
openid-connect-server/src/main/java/org/mitre/openid/connect/view/ClientInformationResponseView.java
openid-connect-server/src/main/java/org/mitre/openid/connect/view/ExceptionAsJSONView.java
openid-connect-server/src/main/java/org/mitre/openid/connect/view/JsonEntityView.java
openid-connect-server/src/main/java/org/mitre/openid/connect/view/JsonErrorView.java
openid-connect-server/src/main/java/org/mitre/openid/connect/view/POCOUserInfoView.java
openid-connect-server/src/main/java/org/mitre/openid/connect/view/StatsSummary.java
openid-connect-server/src/main/java/org/mitre/openid/connect/view/UserInfoView.java
openid-connect-server/src/main/java/org/mitre/openid/connect/web/ApprovedSiteAPI.java
openid-connect-server/src/main/java/org/mitre/openid/connect/web/BlacklistAPI.java
openid-connect-server/src/main/java/org/mitre/openid/connect/web/ClientAPI.java
openid-connect-server/src/main/java/org/mitre/openid/connect/web/ClientDynamicRegistrationEndpoint.java
openid-connect-server/src/main/java/org/mitre/openid/connect/web/ManagerController.java
openid-connect-server/src/main/java/org/mitre/openid/connect/web/RequestObjectAuthorizationEndpoint.java
openid-connect-server/src/main/java/org/mitre/openid/connect/web/StatsAPI.java
openid-connect-server/src/main/java/org/mitre/openid/connect/web/UserInfoEndpoint.java
openid-connect-server/src/main/java/org/mitre/openid/connect/web/UserInfoInterceptor.java
openid-connect-server/src/main/java/org/mitre/openid/connect/web/WhitelistAPI.java
openid-connect-server/src/main/webapp/WEB-INF/tags/aboutContent.tag
openid-connect-server/src/main/webapp/WEB-INF/tags/breadcrumbs.tag
openid-connect-server/src/main/webapp/WEB-INF/tags/contactContent.tag
openid-connect-server/src/main/webapp/WEB-INF/tags/copyright.tag
openid-connect-server/src/main/webapp/WEB-INF/tags/header.tag
openid-connect-server/src/main/webapp/WEB-INF/tags/landingPageAbout.tag
openid-connect-server/src/main/webapp/WEB-INF/tags/landingPageContact.tag
openid-connect-server/src/main/webapp/WEB-INF/tags/landingPageStats.tag
openid-connect-server/src/main/webapp/WEB-INF/tags/landingPageWelcome.tag
openid-connect-server/src/main/webapp/WEB-INF/tags/sidebar.tag
openid-connect-server/src/main/webapp/WEB-INF/tags/statsContent.tag
openid-connect-server/src/main/webapp/WEB-INF/tags/topbar.tag
openid-connect-server/src/main/webapp/WEB-INF/views/about.jsp
openid-connect-server/src/main/webapp/WEB-INF/views/approve.jsp
openid-connect-server/src/main/webapp/WEB-INF/views/contact.jsp
openid-connect-server/src/main/webapp/WEB-INF/views/exception/usernotfound.jsp
openid-connect-server/src/main/webapp/WEB-INF/views/login.jsp
openid-connect-server/src/main/webapp/WEB-INF/views/manage.jsp
openid-connect-server/src/main/webapp/WEB-INF/views/stats.jsp
pom.xml
2013-07-29 16:21:20 -04:00
023dd440d4
[maven-release-plugin] prepare for next development iteration
2013-07-29 11:30:08 -04:00
5e8f93cf15
[maven-release-plugin] prepare release mitreid-connect-1.0.6
2013-07-29 11:30:04 -04:00
e658ffd7fc
format/cleanup and copyright
2013-07-29 11:28:51 -04:00
d4b544d519
disable token API (for now)
2013-07-29 11:23:07 -04:00
906db0ac86
Opened token api access to all users; restricted to only show currently-logged-in-users tokens
2013-07-29 09:18:08 -04:00
71da5b3d94
clean up some discovery values
2013-07-26 17:07:28 -04:00
c62bed37ff
convert server to use normalizer
2013-07-26 17:07:08 -04:00
93c3e7906f
put in line breaks into the extra long comments in DiscoveryEndpoint.java
2013-07-25 09:25:06 -04:00
20871852c0
updated dependencies for secoauth 1.1
2013-07-24 09:38:47 -04:00
b397f0ae15
First go at adding token API; needs to be tested
2013-07-24 09:14:46 -04:00
88db457fc4
Removed .springBeans from tracking; removed initializingbean in favor of @PostConstruct
2013-07-18 09:34:52 -04:00
dfbf01c9e3
Added .springBeans to gitignore
2013-07-16 15:03:44 -04:00
aad432c5d7
replaced stracktrace-printing with logger messages. removed some unused imports.
2013-07-16 13:52:32 -04:00
f483d41b88
getCustomClaim -> getClaim. Also, removed outdated TODOs.
2013-07-16 13:17:25 -04:00
17a96ca122
removed resolved TODOs. Fixed by the resolution of issue #345 .
2013-07-15 14:54:01 -04:00
0d882faeca
added a TODO and fixed some comment typos.
2013-07-15 14:24:04 -04:00
15aea61fbe
Applied code cleanup
2013-07-12 16:58:41 -04:00
3e23967b46
Updated code to reflect SECOAUTH changes
2013-07-12 16:21:05 -04:00
9a6f345e15
yes, allow default scoping if the client doesn't ask for any.
2013-07-12 15:05:17 -04:00
3d312b7eb5
Deleted PermissionDeniedException class. Unused.
2013-07-12 11:40:11 -04:00
c5743dc810
updated unit tests to reflect new exception-throwing behavior.
2013-07-12 11:36:34 -04:00
ada54c297d
addresses issue #382 . Throw an exception when client tries to upscope.
2013-07-12 11:36:33 -04:00
0d8c2442d2
[maven-release-plugin] prepare for next development iteration
2013-07-12 10:09:41 -04:00
9bf5f70957
[maven-release-plugin] prepare release mitreid-connect-1.0.5
2013-07-12 10:09:38 -04:00
12cb672c6d
Added new file for task config
2013-07-12 09:46:18 -04:00
059c2545c9
Split task configuration out into its own spring file
2013-07-12 09:46:18 -04:00
910839e5d9
fixed typo referring to client id as a client secret in code comments.
2013-07-10 16:53:49 -04:00
2d3f43e3b8
Added task scheduling for deleting expired tokens and approved sites. Configuration is all done in application-context.xml so that it is easy to configure
2013-07-10 14:34:37 -04:00
93a0492e97
made optional parameters optional
2013-07-10 12:50:57 -04:00
a9da88fb79
brought introspection endpoint and introspection token services into compliance with draft, addresses #376
2013-07-10 12:50:57 -04:00
34373d777c
base URL of the server is set by the issuer.
2013-07-08 13:06:52 -04:00
3eddd58ae4
added unit test for checking expiration date of refreshed tokens.
2013-07-05 15:35:23 -04:00
24b24f6fa3
More unit tests for refreshing access tokens--specifically, checking scope processing.
2013-07-05 15:22:45 -04:00
5ffe1a50a2
Added null-handling for Scope values from the auth request. (Without this, a NullPointerException gets thrown with null scope values).
2013-07-05 15:14:56 -04:00
ed2223cae3
unit tests of exceptions cases for refreshing access tokens.
2013-07-05 12:32:45 -04:00
3353b92426
deeper unit tests on access token creation.
2013-07-05 12:03:56 -04:00
936f581a0b
[maven-release-plugin] prepare for next development iteration
2013-06-28 16:00:52 -04:00
27edec1a56
[maven-release-plugin] prepare release mitreid-connect-1.0.4
2013-06-28 16:00:46 -04:00
10f9858870
fixed typo on the about page.
2013-06-28 15:44:08 -04:00
42027e451c
added REQUIRED response types to discovery doc. Also, fixed 2 typos in the list of supported grant types.
2013-06-28 15:31:50 -04:00
2a92185433
added introspection endpoint URL to discovery document.
2013-06-28 15:31:50 -04:00
741946d1ae
updated server discovery code comments.
2013-06-28 15:31:50 -04:00
f27b69d06b
removed Version field from server discovery configuration.
2013-06-28 15:31:50 -04:00
5505b26aac
Form fix for login elements
...
addresses #352
2013-06-28 13:17:58 -04:00
4f9cbb4b3f
added check for null
2013-06-27 09:29:47 -04:00
1528c93acd
TestDefaultSystemScopeService unit tests done.
2013-06-25 16:31:45 -04:00
eca62f2d36
initial commit for TestDefaultSystemScopeService.
2013-06-25 16:31:45 -04:00
d0dc3c79cb
more unit tests for TestDefaultOAuth2ProviderTokenService.
2013-06-25 16:31:45 -04:00
dc51af5b83
removed testing builder inner class from DefaultOAuth2ProviderTokenService. Also, added more unit tests.
2013-06-25 16:31:45 -04:00
5ee7aae5d2
initial commit TestDefaultOAuth2ProviderTokenService.
2013-06-25 16:31:45 -04:00
abc4f01dde
TestDefaultStatsService done.
2013-06-25 16:31:45 -04:00
c212821267
Fixed ChainedTokenGranter setup
2013-06-24 10:14:10 -04:00
530c3a75ee
Applyed refactoring
2013-06-24 09:44:59 -04:00
f0f2fbea40
updated secoauth library version in poms
2013-06-21 14:23:58 -04:00
8b1a538464
Updated msql table definitions
2013-06-20 16:28:09 -04:00
cf3cee5ec2
removed lolcat :(
2013-06-20 11:14:29 -04:00
37dd7e7042
changed demo user accounts for server
2013-06-19 16:08:06 -04:00
2b3376e0ed
[maven-release-plugin] prepare for next development iteration
2013-06-18 16:13:04 -04:00
7fe4bc3b56
[maven-release-plugin] prepare release mitreid-connect-1.0.3
2013-06-18 16:12:59 -04:00
d6f5ca68bf
Added time skew to nonce service test
2013-06-18 15:30:36 -04:00
8935a87c23
TestDefaultWhitelistedSiteService done. Removed constructors from DefaultWhitelistedSiteService.
2013-06-18 15:20:06 -04:00
5fb1ef3aca
Revised test methods for checking for offline_access scope. Previous tests were doing trivial checking.
2013-06-18 15:19:55 -04:00
8851f4d037
TestDefaultOAuth2ClientDetailsEntityService done. Removed constructors from DefaultOAuth2ClientDetailsEntityService.
2013-06-18 15:19:55 -04:00
701217d98c
TestDefaultNonceService done.
2013-06-18 15:19:55 -04:00
4ee904cbfd
removed setter/getter from DefaultUserInfoUserDetailsService and updated test class with Mockito annotations.
2013-06-18 15:19:46 -04:00
5428848627
updated TestDefaultApprovedSiteService to use annotation style Mocking. Allows for removal of injector constructor.
2013-06-18 15:19:46 -04:00
01fcb4828d
removed test constructors for DefaultBlacklistedSiteService.java. Used annotation method of injecting mock objects into testing class (@InjectMocks).
2013-06-18 15:19:33 -04:00
9a3625ae2b
made unit test for checking blacklisted sites. Introduced a new constructor to be able to inject repository for testing.
2013-06-18 15:19:33 -04:00
c577b691c7
moved OIDC auth token and userinfo interception filter to common package, addresses #353
2013-06-12 14:45:03 -04:00
8290d198c2
added passthrough of userinfo for remote OIDC users
2013-06-12 14:22:13 -04:00
aea562f565
moved mockito dependency to core project
2013-06-10 14:11:43 -04:00
6ed7477bc0
added stats to admin UI page, restyled scopes and dynamically registered flags
2013-06-07 18:05:07 -04:00
6ec8b77f81
beans version update (is this a config file? should this even be in here?)
2013-06-07 18:05:07 -04:00
338edcce31
fixed typos in admin.js
2013-06-07 15:41:13 -04:00
9388c664ab
moved reuse refresh token checkbox to its own div/label, addresses #345
2013-06-06 16:42:26 -04:00
567a3314d6
[maven-release-plugin] prepare for next development iteration
2013-06-06 16:05:59 -04:00
1286726188
[maven-release-plugin] prepare release mitreid-connect-1.0.2
2013-06-06 16:05:52 -04:00
dc9d5c667e
cleaned up error log messages
2013-06-06 13:44:50 -04:00
1b601abd6f
Removed previous constructor from DefaultUserInforUserDetailsService.java and put in getter/setter for UserInfoRepository as a replacement.
2013-06-04 16:58:14 -04:00
3f7fe30f5c
Added comments to unit tests
2013-05-31 15:31:54 -04:00
a7f2e605fa
Added two unit tests using the Mockito framework
2013-05-31 15:04:18 -04:00
b0dc5fb4e2
Fix a bug where a client is deleted before details looked up. Also return 204 on success
2013-05-31 14:30:51 -04:00
3c5025c52b
Updated version number for secoauth
2013-05-28 15:38:36 -04:00
76e5ff8053
Finished cleanup, ready to create pull request
2013-05-28 12:43:33 -04:00
c46095b6a3
Warning message for unimplemented UI features
2013-05-22 22:41:35 -07:00
25d75a1b30
[maven-release-plugin] prepare for next development iteration
2013-05-20 17:38:01 -04:00
5418bdef5a
[maven-release-plugin] prepare release mitreid-connect-1.0.1
2013-05-20 17:37:52 -04:00
81cd13f6d3
added RegisteredClient class to facilitate client configuration and dynamic registration, addresses #335
2013-05-20 17:19:28 -04:00
545ddace95
updated registration URI, addresses #321
2013-05-10 11:54:48 -07:00
cc9eea5b3d
updated issuer to more common deployment pattern for simple Tomcat instances, addresses #333
2013-05-10 11:46:16 -07:00
713f0a4d25
Renamed OAuth2Request authorizatoinParameters map to requestParameters
2013-05-03 17:07:04 -04:00
967b3f2953
Cleanup from renaming
2013-05-03 16:15:42 -04:00
1e24b31cc3
Propogating rename of AuthorizationRequest to OAuth2Request
2013-05-03 13:53:57 -04:00
defa5b8fbc
[maven-release-plugin] prepare for next development iteration
2013-05-02 15:01:59 -04:00
dbdc99361e
[maven-release-plugin] prepare release mitreid-connect-1.0.0
2013-05-02 15:01:53 -04:00
4276a14978
fixed stats api view
2013-05-02 14:55:37 -04:00
a7c92524f3
Updated contact page text
2013-05-02 11:56:42 -04:00
e99bfc256d
cleaned about page text
2013-05-02 11:54:47 -04:00
1e870703f8
added licence/copyright header
2013-05-02 11:45:20 -04:00
8afab04544
whitespace, import, brace, annotation, and format cleanups
2013-05-02 10:47:15 -04:00
b663cd5f8d
style system scopes and non-system scopes differently in the admin UI, addresses #269
2013-04-29 17:00:12 -04:00
6a20e7aaa9
re-fixed enter key handling in lists, addresses #236
2013-04-29 16:57:26 -04:00
39e06292fd
made page title dynamic and configurable, addresses #310 #311
2013-04-29 14:59:53 -04:00
b78d499801
added version number to footer
2013-04-29 14:44:15 -04:00
b8c385e5c9
pom file cleanups
2013-04-29 11:47:15 -04:00
a3771177a1
Updated json serialization of approved site objects
2013-04-29 11:17:36 -04:00
9b03801f9d
[maven-release-plugin] prepare for next development iteration
2013-04-26 13:21:36 -04:00
d76304b9a6
[maven-release-plugin] prepare release mitreid-connect-0.9.3
2013-04-26 13:21:31 -04:00
dcf41eaa9e
tried to make prompt=login work, backed off for now
2013-04-25 15:19:11 -04:00
8d53149d03
added functionality for prompt=none
2013-04-25 11:38:10 -04:00
37723e3757
opened up access to /resources/**
2013-04-24 16:43:49 -04:00
7292766b51
implemented prompt=consent
2013-04-24 14:08:14 -04:00
ce2c90fb30
fixed error messages in auth request manager
2013-04-24 12:10:59 -04:00
c80b1081cc
Cleaning up approvedsite => token linkage
2013-04-24 11:52:03 -04:00
939a801048
Redid approved site -> token mapping so it is unidirectional from ApprovedSite side. Fixed some error logging, added a new view for ApprovedSite which will only show the IDs of the tokens in the approvedTokens list
2013-04-23 17:40:22 -04:00
a79aca906e
Fixed error logging; added ApprovedSite tracking to tokens
2013-04-22 15:49:06 -04:00
94aa279290
[maven-release-plugin] prepare for next development iteration
2013-04-19 16:17:53 -04:00
cc92743888
[maven-release-plugin] prepare release mitreid-connect-0.9.2
2013-04-19 16:17:45 -04:00
d7689152b8
fixed inadvertent consistency bug in granting offline_access to clients
2013-04-19 16:12:09 -04:00
0e2d5830a4
updated newly-registered clients to not get refresh tokens unless they ask for offline_access scope explicitly
2013-04-19 15:40:20 -04:00
fb859fc39a
added client dynamic registration service, extracted clientdetails<->json processing into its own static class
2013-04-19 14:23:11 -04:00
fc1088c841
fixed display of algorithms in discovery endpoint
2013-04-19 13:39:53 -04:00
82fca45412
Removed RequestObjectAuthorizationEndpoint as it is no longer needed with the changes to the AuthorizationEndpoint.
2013-04-17 13:10:40 -04:00
9db8119930
Fixed request object processing, had a small bug
2013-04-17 11:28:35 -04:00
e708f77eb3
Fixed up OIDC code so that it runs with new SECOAUTH changes; removed old AuthorizationRequestImpl class which is no longer needed
2013-04-17 09:52:09 -04:00
895690df54
added webfinger discovery to server, addresses #279
2013-04-16 17:22:18 -04:00
9c6b08d919
effectively removed auth_time calculations
2013-04-16 16:04:26 -04:00
33af3b1ad6
updated discovery endpoint to latest spec, removed surplus specialized view
2013-04-16 15:00:57 -04:00
8e8e14c638
added at_hash
2013-04-15 17:12:47 -04:00
3bb43f417a
added auth time tracking
2013-04-15 16:16:18 -04:00
ce2e630304
fixed login page display (thanks to Jett), addresses #289
2013-04-15 12:47:35 -04:00
e665aec36f
dependency cleanup
2013-04-12 16:53:55 -04:00
98fff8fe99
updated error handling on introspection and revocation endpoints
2013-04-12 16:34:51 -04:00
35cb14a73f
fixed comment
2013-04-12 16:08:32 -04:00
743a3023dc
removed old error handlers
2013-04-12 16:04:40 -04:00
31e3c5e5e7
moved user approval page
2013-04-12 15:57:32 -04:00
694761c026
cleaned up userinfo view
2013-04-12 15:40:05 -04:00
71d6dc6afe
removed special stats view
2013-04-12 15:15:43 -04:00
1630648925
updated logo, added large logo
2013-04-11 17:24:32 -04:00
7e59421f33
Commented out XRD endpoint and added TODO reference to webfinger issue
2013-04-11 10:33:27 -04:00
34b243e0e1
Added back discovery endpoint, but renamed to not say SWD
2013-04-11 10:27:31 -04:00
ac2993c402
[maven-release-plugin] prepare for next development iteration
2013-04-10 16:12:04 -04:00
f0d75f9144
[maven-release-plugin] prepare release mitreid-connect-0.9.1
2013-04-10 16:11:38 -04:00
23c318f6c2
Updating guava to 14.0.1
2013-04-10 15:31:32 -04:00
a723c9d921
Removed references to DefaultAuthorizationRequest in connect code
2013-04-08 10:37:13 -04:00
e17eaa499e
Cleaned up classes affected by SECOAUTH changes; added Connect implementation of AuthorizationRequest and updated manager class to reflect new class & updated interface;
...
;
2013-04-08 10:13:27 -04:00
5f54777109
[maven-release-plugin] prepare for next development iteration
2013-04-03 10:01:58 -04:00
620a60ddc2
[maven-release-plugin] prepare release mitreid-connect-0.9.0
2013-04-03 10:01:52 -04:00
54f1ae972b
Added properties and updated poms for sync to central
2013-04-02 12:42:40 -04:00
f63ea94b37
fixed bean name
2013-04-01 12:05:39 -04:00
f101dcc512
moved to released version of SECOAUTH
2013-04-01 11:59:40 -04:00
c0c1847f38
fixed bean name
2013-04-01 11:59:23 -04:00
72e2c7cb6c
Updated build references
2013-04-01 10:59:25 -04:00
02220a411a
Fixed typo
2013-03-29 12:59:49 -04:00
0f327a772b
Updated js files to use results returned from JsonErrorView; factored out markup into modal definition.
2013-03-29 12:47:03 -04:00
2265a3f8c3
Updated error handling messages for scope, approved site, blacklist, whitelist, and client APIs using new JsonErrorView
2013-03-29 12:47:03 -04:00
ee5b21b542
Added JsonErrorView
2013-03-29 12:47:03 -04:00
07686d8e00
Removed superfluous try/catch around save call in ScopeAPI.
2013-03-29 12:47:03 -04:00
4538d8fb14
made signing and verification service construction safe for public-only keys
2013-03-28 17:03:18 -04:00
6cc50e7cd5
switched signing & validation service to use JWK natively for keys
2013-03-28 16:43:26 -04:00
f54dddd8c0
fixed blacklisted field name, addresses #295
2013-03-28 16:06:02 -04:00
5a04198eac
moved to JPSK based key store
2013-03-28 15:06:30 -04:00
e2ad4d2e8f
cleaned up spurious nosuchalgorithm exceptions, addresses #285
2013-03-28 15:06:30 -04:00
5b321b9c86
Updated whitelist api for ui error handling
2013-03-28 12:43:47 -04:00
666573cd34
Updated blacklist and client api for ui error handling
2013-03-28 12:37:18 -04:00
218fe9328c
Updated approved site API for error handling
2013-03-27 16:49:33 -04:00
435fff3b1c
Updated scope API for error handling
2013-03-27 16:27:55 -04:00
18e319379e
Got bootstrap modal alert working, but not sure if it is the right approach. It looks different than the confirmation window.
2013-03-27 15:27:34 -04:00
49863e70ae
Got scope "value" error handling set
2013-03-27 15:27:34 -04:00
d24ecd2e7c
Removed extra scope validation endpoint
2013-03-27 15:27:34 -04:00
96e333afa6
Working on error handling
2013-03-27 15:27:34 -04:00
fa0a6a7b4e
Finding my way around Backbone, Underscore, and Bootstrap
2013-03-27 15:27:34 -04:00
5704271973
Fixed client error: added all client fields to model in client.js; lined them up with the fields in ClientDetailsEntity.java for easier comparison
2013-03-22 17:15:14 -04:00
36b08dcd6e
Removed SWD code
2013-03-22 15:23:08 -04:00
fcc95f8a0a
Moved nonce processing stuff into nonce service and out of ConnectAuthorizationRequestManager
2013-03-22 14:38:37 -04:00
d38c5b4200
Pared down nonce reuse exception message to just say that the nonce has already been used
2013-03-22 12:36:24 -04:00
b28b0615fa
removed vestigial ClientDetailsEntityService references
2013-03-22 12:32:31 -04:00
08eaaa0a12
updated repository to use proper concrete class
2013-03-21 15:20:36 -04:00
8fccbf3483
added Id field to DefaultUserInfo object, switched "userId" terminology to "subject"
2013-03-20 14:29:00 -04:00
f44c704472
major refactor of client filter
...
Collapsed filter into single class
pulled server config and client config management into service classes
created service for issuer (will handle account chooser)
created auth request services (handle signed and unsigned requests)
2013-03-14 18:05:50 -04:00
2b45dd1104
cleaned up stats display
2013-03-14 18:05:50 -04:00
8992506a1d
Fixing up logging changes
2013-03-08 09:52:24 -05:00
f9b0670ae9
Merged ClientAPI and ClientDynamicRegistrationEndpoitn by hand
2013-03-07 12:12:27 -05:00
5cac7055a9
Standardized error handling and added logging for error conditions in endpoints
2013-03-07 11:56:57 -05:00
dbc68e4074
Working on error handling
2013-03-07 11:51:18 -05:00
1630814b9f
Marked classes where error handling needs to be added/changed
2013-03-07 11:51:18 -05:00
0f6faf3609
removed old namespace config files
2013-03-07 10:46:25 -05:00
6320fce9fd
url -> uri in approval page
2013-03-07 10:39:33 -05:00
7c36f9fb38
made sidebar size-responsive, added sticky footer
2013-03-06 17:52:38 -05:00
ad3a22e5d4
changed client defaults for JOSE bits
2013-03-06 15:24:46 -05:00
3268726747
changed to dict-based model for saving
2013-03-06 15:17:11 -05:00
8f4ecac8d5
forgot a field
2013-03-06 15:16:48 -05:00
27a8bcf440
now with more documentation and actual deletion
2013-03-06 11:53:16 -05:00
eaa9e1ded4
typo for grant types in parser
2013-03-06 11:33:54 -05:00
a6a2d43e8f
added Read, Update, and Delete operations to dynreg endpoint
2013-03-06 11:33:31 -05:00
d37bac1775
simplification and documentation of client api views
2013-03-06 11:33:06 -05:00
4c3c2dce52
removed sessions from endpoints, properly mapped registration endpoint
2013-03-06 11:31:54 -05:00
217916603f
cleaned out broken unit tests -- now we can start fresh
2013-03-06 09:48:04 -05:00
c9bdba3f3a
API now bound to USER for read, ADMIN for write, addresses #267
2013-03-05 17:45:33 -05:00
1daf5bd357
dispatch to different views based on user role
2013-03-05 17:34:24 -05:00
70b2342864
fixed split client views, fixed typos in various places
2013-03-05 17:26:25 -05:00
f07c31bbe2
JOSE selectors
2013-03-05 16:52:34 -05:00
51a7ccc397
entity -> embed
2013-03-05 16:33:13 -05:00
7b8623edbb
typo
2013-03-05 16:15:21 -05:00
93851ab94d
request URIs and default ACR values
2013-03-05 16:11:32 -05:00
6c136b5696
contacts
2013-03-05 15:43:38 -05:00
Justin Richer