Justin Richer
8edc8cc69a
Disable unsupported JOSE algorithms in UI, addresses #476
2013-08-19 15:52:00 -04:00
Justin Richer
8c91861188
load server configuration into JS app
2013-08-19 15:52:00 -04:00
Justin Richer
e40b1cf850
animated loading bar for management console
2013-08-19 15:52:00 -04:00
Justin Richer
a80c19384f
added 'use server default' to JOSE options, addresses #462
2013-08-19 15:52:00 -04:00
William Kim
b54f33d0db
fixed json elements of "claims" and "userinfo" being processed out of order.
2013-08-19 14:15:53 -04:00
William Kim
7b813c79ee
parsing "claims" parameter directly from userinfoendpoint requests.
2013-08-19 13:32:34 -04:00
William Kim
1ffbb39a2b
refactored json parser to a private static field.
2013-08-19 13:30:56 -04:00
William Kim
89056bd911
removed test-specific constructor and default constructor.
2013-08-19 13:30:56 -04:00
Justin Richer
ba0c3c5d78
id tokens always expire, addresses #416
2013-08-19 12:42:37 -04:00
William Kim
7e51a361ba
changed to using relative em lengths instead of hard px length values for token timeout form elements.
2013-08-15 16:19:47 -04:00
Justin Richer
c1ee5141a4
added back default timeouts and fixed refresh token check
2013-08-15 15:50:36 -04:00
William Kim
00db39dab9
addresses issue #471 . setting default timeout values in the backbone model to null.
2013-08-15 15:29:16 -04:00
Justin Richer
1b674b6420
restored bootstrap to out-of-the-box formatting, addresses #454
2013-08-15 14:50:18 -04:00
William Kim
a6bb56ed9a
unit select box appropriately disabled after saving now.
2013-08-15 14:03:25 -04:00
William Kim
86c6a0ea8b
clear token timeout form fields when disabled and also disable unit selector.
2013-08-15 13:09:53 -04:00
William Kim
3f01ae1a71
renamed token expiration form field ids from -seconds to -time.
2013-08-15 11:13:29 -04:00
William Kim
2242db5c11
shortened token timeout form fields.
2013-08-15 11:13:29 -04:00
William Kim
6f8143937e
dropdown time unit chooser added for token expiration.
2013-08-15 11:13:29 -04:00
William Kim
7ab53795b1
refactor js. getFormTokenValue() -> getFormTokenNumberValue().
2013-08-15 11:13:29 -04:00
Justin Richer
7d51335055
added prompt=login support, addresses #323
2013-08-14 17:00:56 -04:00
Justin Richer
a0646452ab
test for max_age, force login if not fresh enough, addresses #467
2013-08-14 16:50:51 -04:00
Justin Richer
6c1e91b7e3
auth_time is now tracked, addresses #288
2013-08-14 15:39:41 -04:00
Amanda Anganes
e88c6c4943
Changed predicates methods to use Collections2.filter rather than Sets.filter
2013-08-13 10:31:39 -04:00
William Kim
f1357cceb4
corrected output for badly-formatted timeout date.
2013-08-12 16:20:42 -04:00
William Kim
025eb05d3a
added date format validity check for moment.js usage.
2013-08-12 16:15:06 -04:00
William Kim
c1607b53e4
null-checking in date display for approved sites.
2013-08-12 15:52:30 -04:00
William Kim
d67a492b6c
date display logic to use moment.js.
2013-08-12 15:03:46 -04:00
William Kim
ba7e791985
initial moment time formatting commit.
2013-08-12 12:15:47 -04:00
William Kim
a72ba6d98b
importing moment.js library.
2013-08-12 11:23:43 -04:00
William Kim
6687e3a831
override createOAuth2Request method for factory iss #465 .
2013-08-09 13:03:46 -04:00
Amanda Anganes
ef4482249c
Dyn-reg endpoint now creates the registration access token from scratch instead of calling token services; token services no longer needs to check for RAT scope to avoid expiring RATs
2013-08-09 11:49:11 -04:00
Justin Richer
15e512cec3
renamed JWSUtils -> IdTokenHashUtils, renamed internal variables
2013-08-08 14:34:19 -04:00
William Kim
0f16bacc63
TestJWSUtils done.
2013-08-08 14:10:35 -04:00
William Kim
2ba8ad71f1
updated hash tests.
2013-08-08 14:10:35 -04:00
William Kim
cdd3a6d478
changed at_hash/c_hash impl. HMAC-SHA --> regular SHA.
2013-08-08 14:10:35 -04:00
Amanda Anganes
fd611ce353
Had an unsaved file hanging around - formatting JSPs
2013-08-08 14:03:59 -04:00
Amanda Anganes
a91f160e34
Fixed formatting in tag files
2013-08-08 14:00:01 -04:00
Amanda Anganes
5beac9d50d
Fixed formatting in JSPs
2013-08-08 13:18:14 -04:00
Amanda Anganes
2d4d7f7be9
Had to hand-merge some things; git got confused
2013-08-07 10:59:55 -04:00
Amanda Anganes
861beeba64
Added c_hash function, added stub of unit test for JWSUtils
2013-08-07 10:43:26 -04:00
Amanda Anganes
37580cc21e
JWSUtils uses JWSAlgorithm to match bit length; ConnectTokenEnhancer calls the util method now
2013-08-07 10:41:53 -04:00
Amanda Anganes
3a591dc1f4
Added JWSUtils class;
2013-08-07 10:38:28 -04:00
Amanda Anganes
be97aedbc7
Used Predicates to filter expired tokens and approved sites;
2013-08-06 16:42:49 -04:00
Amanda Anganes
b3bb43881d
Moved getExpired to service layers
2013-08-06 16:33:27 -04:00
Amanda Anganes
eea37cf79c
Fixed token expiration bug by removing jsql queries. Instead expired tokens or approved sites are filtered at the repository level
2013-08-06 11:28:13 -04:00
Amanda Anganes
ce4ab6a766
Updated spring version to 3.2.3; added a 10-minute initial delay to the scheduled tasks in task-config.xml
2013-08-05 16:31:56 -04:00
Amanda Anganes
265214511c
Renamed oAuth2RequestFactory
2013-08-05 14:04:48 -04:00
Amanda Anganes
a4c1a7a37d
Issue 449
2013-08-02 11:20:47 -04:00
Amanda Anganes
9dda789488
Updated database tables
2013-08-02 11:16:11 -04:00
Amanda Anganes
2f711c88a7
Removed nonce service
2013-08-02 10:56:28 -04:00
Amanda Anganes
d4fbb4f599
Removed Event class
2013-08-02 10:06:41 -04:00
William Kim
88863f4910
replaced mock TokenRequest and the storedAuth test field with concrete objects. test should pass now.
2013-07-30 11:42:11 -04:00
William Kim
1392faa83c
replaced mock client auth with concrete OAuth2Request object
2013-07-30 11:42:11 -04:00
Amanda Anganes
ad2ace6d74
Do not expire registration tokens
2013-07-30 11:33:15 -04:00
Justin Richer
beaeaa4ccc
I can spell "consortium", I promise
2013-07-29 17:40:26 -04:00
Justin Richer
b2b6fd6448
further cleanup
2013-07-29 17:00:35 -04:00
Justin Richer
856c0ea0b5
Merge commit '023dd440d4a0e6e59a14c88013837d79a77c74e0' into 1.1-merge
...
Conflicts:
openid-connect-client/pom.xml
openid-connect-client/src/main/java/org/mitre/oauth2/introspectingfilter/AuthorizationRequestImpl.java
openid-connect-client/src/main/java/org/mitre/oauth2/introspectingfilter/IntrospectingTokenService.java
openid-connect-client/src/main/java/org/mitre/oauth2/introspectingfilter/IntrospectionAuthorityGranter.java
openid-connect-client/src/main/java/org/mitre/oauth2/introspectingfilter/IntrospectionUrlProvider.java
openid-connect-client/src/main/java/org/mitre/openid/connect/client/OIDCAuthenticationFilter.java
openid-connect-client/src/main/java/org/mitre/openid/connect/client/OIDCAuthenticationProvider.java
openid-connect-client/src/main/java/org/mitre/openid/connect/client/keypublisher/ClientKeyPublisher.java
openid-connect-client/src/main/java/org/mitre/openid/connect/client/keypublisher/ClientKeyPublisherMapping.java
openid-connect-client/src/main/java/org/mitre/openid/connect/client/keypublisher/JwkViewResolver.java
openid-connect-client/src/main/java/org/mitre/openid/connect/client/service/AuthRequestUrlBuilder.java
openid-connect-client/src/main/java/org/mitre/openid/connect/client/service/ClientConfigurationService.java
openid-connect-client/src/main/java/org/mitre/openid/connect/client/service/impl/StaticClientConfigurationService.java
openid-connect-client/src/main/java/org/mitre/openid/connect/client/service/impl/StaticServerConfigurationService.java
openid-connect-client/src/main/java/org/mitre/openid/connect/client/service/impl/StaticSingleIssuerService.java
openid-connect-client/src/main/java/org/mitre/openid/connect/client/service/impl/ThirdPartyIssuerService.java
openid-connect-client/src/test/java/org/mitre/openid/connect/client/AbstractOIDCAuthenticationFilterTest.java
openid-connect-common/pom.xml
openid-connect-common/src/main/java/org/mitre/jose/keystore/JWKSetKeyStore.java
openid-connect-common/src/main/java/org/mitre/jwt/signer/service/JwtSigningAndValidationService.java
openid-connect-common/src/main/java/org/mitre/jwt/signer/service/impl/DefaultJwtSigningAndValidationService.java
openid-connect-common/src/main/java/org/mitre/jwt/signer/service/impl/JWKSetSigningAndValidationServiceCacheService.java
openid-connect-common/src/main/java/org/mitre/oauth2/model/AuthorizationCodeEntity.java
openid-connect-common/src/main/java/org/mitre/oauth2/model/ClientDetailsEntity.java
openid-connect-common/src/main/java/org/mitre/oauth2/model/OAuth2AccessTokenEntity.java
openid-connect-common/src/main/java/org/mitre/oauth2/model/OAuth2RefreshTokenEntity.java
openid-connect-common/src/main/java/org/mitre/oauth2/model/SystemScope.java
openid-connect-common/src/main/java/org/mitre/oauth2/repository/AuthorizationCodeRepository.java
openid-connect-common/src/main/java/org/mitre/oauth2/repository/OAuth2TokenRepository.java
openid-connect-common/src/main/java/org/mitre/oauth2/service/OAuth2TokenEntityService.java
openid-connect-common/src/main/java/org/mitre/openid/connect/config/ConfigurationPropertiesBean.java
openid-connect-common/src/main/java/org/mitre/openid/connect/config/ServerConfiguration.java
openid-connect-common/src/main/java/org/mitre/openid/connect/model/ApprovedSite.java
openid-connect-common/src/main/java/org/mitre/openid/connect/model/BlacklistedSite.java
openid-connect-common/src/main/java/org/mitre/openid/connect/model/Event.java
openid-connect-common/src/main/java/org/mitre/openid/connect/model/OIDCAuthenticationToken.java
openid-connect-common/src/main/java/org/mitre/openid/connect/model/WhitelistedSite.java
openid-connect-common/src/main/java/org/mitre/util/jpa/JpaUtil.java
openid-connect-server/.gitignore
openid-connect-server/pom.xml
openid-connect-server/src/main/java/org/mitre/oauth2/repository/impl/JpaAuthorizationCodeRepository.java
openid-connect-server/src/main/java/org/mitre/oauth2/service/impl/DefaultOAuth2AuthorizationCodeService.java
openid-connect-server/src/main/java/org/mitre/oauth2/service/impl/DefaultOAuth2ClientDetailsEntityService.java
openid-connect-server/src/main/java/org/mitre/oauth2/service/impl/DefaultOAuth2ProviderTokenService.java
openid-connect-server/src/main/java/org/mitre/oauth2/service/impl/DefaultSystemScopeService.java
openid-connect-server/src/main/java/org/mitre/oauth2/token/ChainedTokenGranter.java
openid-connect-server/src/main/java/org/mitre/oauth2/token/JwtAssertionTokenGranter.java
openid-connect-server/src/main/java/org/mitre/oauth2/view/TokenIntrospectionView.java
openid-connect-server/src/main/java/org/mitre/oauth2/web/IntrospectionEndpoint.java
openid-connect-server/src/main/java/org/mitre/oauth2/web/OAuthConfirmationController.java
openid-connect-server/src/main/java/org/mitre/oauth2/web/RevocationEndpoint.java
openid-connect-server/src/main/java/org/mitre/openid/connect/ConnectOAuth2RequestFactory.java
openid-connect-server/src/main/java/org/mitre/openid/connect/assertion/JwtBearerAuthenticationProvider.java
openid-connect-server/src/main/java/org/mitre/openid/connect/assertion/JwtBearerClientAssertionTokenEndpointFilter.java
openid-connect-server/src/main/java/org/mitre/openid/connect/exception/InvalidJwtSignatureException.java
openid-connect-server/src/main/java/org/mitre/openid/connect/exception/UnknownUserInfoSchemaException.java
openid-connect-server/src/main/java/org/mitre/openid/connect/exception/UserNotFoundException.java
openid-connect-server/src/main/java/org/mitre/openid/connect/repository/impl/JpaApprovedSiteRepository.java
openid-connect-server/src/main/java/org/mitre/openid/connect/repository/impl/JpaUserInfoRepository.java
openid-connect-server/src/main/java/org/mitre/openid/connect/service/impl/DefaultApprovedSiteService.java
openid-connect-server/src/main/java/org/mitre/openid/connect/service/impl/DefaultNonceService.java
openid-connect-server/src/main/java/org/mitre/openid/connect/service/impl/DefaultStatsService.java
openid-connect-server/src/main/java/org/mitre/openid/connect/service/impl/DefaultUserInfoUserDetailsService.java
openid-connect-server/src/main/java/org/mitre/openid/connect/service/impl/DefaultWhitelistedSiteService.java
openid-connect-server/src/main/java/org/mitre/openid/connect/token/ConnectTokenEnhancer.java
openid-connect-server/src/main/java/org/mitre/openid/connect/token/TofuUserApprovalHandler.java
openid-connect-server/src/main/java/org/mitre/openid/connect/view/AbstractClientEntityView.java
openid-connect-server/src/main/java/org/mitre/openid/connect/view/ClientInformationResponseView.java
openid-connect-server/src/main/java/org/mitre/openid/connect/view/ExceptionAsJSONView.java
openid-connect-server/src/main/java/org/mitre/openid/connect/view/JsonEntityView.java
openid-connect-server/src/main/java/org/mitre/openid/connect/view/JsonErrorView.java
openid-connect-server/src/main/java/org/mitre/openid/connect/view/POCOUserInfoView.java
openid-connect-server/src/main/java/org/mitre/openid/connect/view/StatsSummary.java
openid-connect-server/src/main/java/org/mitre/openid/connect/view/UserInfoView.java
openid-connect-server/src/main/java/org/mitre/openid/connect/web/ApprovedSiteAPI.java
openid-connect-server/src/main/java/org/mitre/openid/connect/web/BlacklistAPI.java
openid-connect-server/src/main/java/org/mitre/openid/connect/web/ClientAPI.java
openid-connect-server/src/main/java/org/mitre/openid/connect/web/ClientDynamicRegistrationEndpoint.java
openid-connect-server/src/main/java/org/mitre/openid/connect/web/ManagerController.java
openid-connect-server/src/main/java/org/mitre/openid/connect/web/RequestObjectAuthorizationEndpoint.java
openid-connect-server/src/main/java/org/mitre/openid/connect/web/StatsAPI.java
openid-connect-server/src/main/java/org/mitre/openid/connect/web/UserInfoEndpoint.java
openid-connect-server/src/main/java/org/mitre/openid/connect/web/UserInfoInterceptor.java
openid-connect-server/src/main/java/org/mitre/openid/connect/web/WhitelistAPI.java
openid-connect-server/src/main/webapp/WEB-INF/tags/aboutContent.tag
openid-connect-server/src/main/webapp/WEB-INF/tags/breadcrumbs.tag
openid-connect-server/src/main/webapp/WEB-INF/tags/contactContent.tag
openid-connect-server/src/main/webapp/WEB-INF/tags/copyright.tag
openid-connect-server/src/main/webapp/WEB-INF/tags/header.tag
openid-connect-server/src/main/webapp/WEB-INF/tags/landingPageAbout.tag
openid-connect-server/src/main/webapp/WEB-INF/tags/landingPageContact.tag
openid-connect-server/src/main/webapp/WEB-INF/tags/landingPageStats.tag
openid-connect-server/src/main/webapp/WEB-INF/tags/landingPageWelcome.tag
openid-connect-server/src/main/webapp/WEB-INF/tags/sidebar.tag
openid-connect-server/src/main/webapp/WEB-INF/tags/statsContent.tag
openid-connect-server/src/main/webapp/WEB-INF/tags/topbar.tag
openid-connect-server/src/main/webapp/WEB-INF/views/about.jsp
openid-connect-server/src/main/webapp/WEB-INF/views/approve.jsp
openid-connect-server/src/main/webapp/WEB-INF/views/contact.jsp
openid-connect-server/src/main/webapp/WEB-INF/views/exception/usernotfound.jsp
openid-connect-server/src/main/webapp/WEB-INF/views/login.jsp
openid-connect-server/src/main/webapp/WEB-INF/views/manage.jsp
openid-connect-server/src/main/webapp/WEB-INF/views/stats.jsp
pom.xml
2013-07-29 16:21:20 -04:00
Justin Richer
023dd440d4
[maven-release-plugin] prepare for next development iteration
2013-07-29 11:30:08 -04:00
Justin Richer
5e8f93cf15
[maven-release-plugin] prepare release mitreid-connect-1.0.6
2013-07-29 11:30:04 -04:00
Justin Richer
e658ffd7fc
format/cleanup and copyright
2013-07-29 11:28:51 -04:00
Justin Richer
d4b544d519
disable token API (for now)
2013-07-29 11:23:07 -04:00
Amanda Anganes
906db0ac86
Opened token api access to all users; restricted to only show currently-logged-in-users tokens
2013-07-29 09:18:08 -04:00
Justin Richer
71da5b3d94
clean up some discovery values
2013-07-26 17:07:28 -04:00
Justin Richer
c62bed37ff
convert server to use normalizer
2013-07-26 17:07:08 -04:00
William Kim
93c3e7906f
put in line breaks into the extra long comments in DiscoveryEndpoint.java
2013-07-25 09:25:06 -04:00
Justin Richer
20871852c0
updated dependencies for secoauth 1.1
2013-07-24 09:38:47 -04:00
Amanda Anganes
b397f0ae15
First go at adding token API; needs to be tested
2013-07-24 09:14:46 -04:00
Amanda Anganes
88db457fc4
Removed .springBeans from tracking; removed initializingbean in favor of @PostConstruct
2013-07-18 09:34:52 -04:00
Amanda Anganes
dfbf01c9e3
Added .springBeans to gitignore
2013-07-16 15:03:44 -04:00
William Kim
aad432c5d7
replaced stracktrace-printing with logger messages. removed some unused imports.
2013-07-16 13:52:32 -04:00
William Kim
f483d41b88
getCustomClaim -> getClaim. Also, removed outdated TODOs.
2013-07-16 13:17:25 -04:00
William Kim
17a96ca122
removed resolved TODOs. Fixed by the resolution of issue #345 .
2013-07-15 14:54:01 -04:00
William Kim
0d882faeca
added a TODO and fixed some comment typos.
2013-07-15 14:24:04 -04:00
Amanda Anganes
15aea61fbe
Applied code cleanup
2013-07-12 16:58:41 -04:00
Amanda Anganes
3e23967b46
Updated code to reflect SECOAUTH changes
2013-07-12 16:21:05 -04:00
William Kim
9a6f345e15
yes, allow default scoping if the client doesn't ask for any.
2013-07-12 15:05:17 -04:00
William Kim
3d312b7eb5
Deleted PermissionDeniedException class. Unused.
2013-07-12 11:40:11 -04:00
William Kim
c5743dc810
updated unit tests to reflect new exception-throwing behavior.
2013-07-12 11:36:34 -04:00
William Kim
ada54c297d
addresses issue #382 . Throw an exception when client tries to upscope.
2013-07-12 11:36:33 -04:00
Justin Richer
0d8c2442d2
[maven-release-plugin] prepare for next development iteration
2013-07-12 10:09:41 -04:00
Justin Richer
9bf5f70957
[maven-release-plugin] prepare release mitreid-connect-1.0.5
2013-07-12 10:09:38 -04:00
Amanda Anganes
12cb672c6d
Added new file for task config
2013-07-12 09:46:18 -04:00
Amanda Anganes
059c2545c9
Split task configuration out into its own spring file
2013-07-12 09:46:18 -04:00
William Kim
910839e5d9
fixed typo referring to client id as a client secret in code comments.
2013-07-10 16:53:49 -04:00
Amanda Anganes
2d3f43e3b8
Added task scheduling for deleting expired tokens and approved sites. Configuration is all done in application-context.xml so that it is easy to configure
2013-07-10 14:34:37 -04:00
Justin Richer
93a0492e97
made optional parameters optional
2013-07-10 12:50:57 -04:00
Justin Richer
a9da88fb79
brought introspection endpoint and introspection token services into compliance with draft, addresses #376
2013-07-10 12:50:57 -04:00
Josh Mandel
34373d777c
base URL of the server is set by the issuer.
2013-07-08 13:06:52 -04:00
William Kim
3eddd58ae4
added unit test for checking expiration date of refreshed tokens.
2013-07-05 15:35:23 -04:00
William Kim
24b24f6fa3
More unit tests for refreshing access tokens--specifically, checking scope processing.
2013-07-05 15:22:45 -04:00
William Kim
5ffe1a50a2
Added null-handling for Scope values from the auth request. (Without this, a NullPointerException gets thrown with null scope values).
2013-07-05 15:14:56 -04:00
William Kim
ed2223cae3
unit tests of exceptions cases for refreshing access tokens.
2013-07-05 12:32:45 -04:00
William Kim
3353b92426
deeper unit tests on access token creation.
2013-07-05 12:03:56 -04:00
Justin Richer
936f581a0b
[maven-release-plugin] prepare for next development iteration
2013-06-28 16:00:52 -04:00
Justin Richer
27edec1a56
[maven-release-plugin] prepare release mitreid-connect-1.0.4
2013-06-28 16:00:46 -04:00
William Kim
10f9858870
fixed typo on the about page.
2013-06-28 15:44:08 -04:00
William Kim
42027e451c
added REQUIRED response types to discovery doc. Also, fixed 2 typos in the list of supported grant types.
2013-06-28 15:31:50 -04:00
William Kim
2a92185433
added introspection endpoint URL to discovery document.
2013-06-28 15:31:50 -04:00
William Kim
741946d1ae
updated server discovery code comments.
2013-06-28 15:31:50 -04:00
William Kim
f27b69d06b
removed Version field from server discovery configuration.
2013-06-28 15:31:50 -04:00
Justin Richer
5505b26aac
Form fix for login elements
...
addresses #352
2013-06-28 13:17:58 -04:00
William Kim
4f9cbb4b3f
added check for null
2013-06-27 09:29:47 -04:00
William Kim
1528c93acd
TestDefaultSystemScopeService unit tests done.
2013-06-25 16:31:45 -04:00
William Kim
eca62f2d36
initial commit for TestDefaultSystemScopeService.
2013-06-25 16:31:45 -04:00
William Kim
d0dc3c79cb
more unit tests for TestDefaultOAuth2ProviderTokenService.
2013-06-25 16:31:45 -04:00
William Kim
dc51af5b83
removed testing builder inner class from DefaultOAuth2ProviderTokenService. Also, added more unit tests.
2013-06-25 16:31:45 -04:00
William Kim
5ee7aae5d2
initial commit TestDefaultOAuth2ProviderTokenService.
2013-06-25 16:31:45 -04:00
William Kim
abc4f01dde
TestDefaultStatsService done.
2013-06-25 16:31:45 -04:00
Amanda Anganes
c212821267
Fixed ChainedTokenGranter setup
2013-06-24 10:14:10 -04:00
Amanda Anganes
530c3a75ee
Applyed refactoring
2013-06-24 09:44:59 -04:00
William Kim
f0f2fbea40
updated secoauth library version in poms
2013-06-21 14:23:58 -04:00
Amanda Anganes
8b1a538464
Updated msql table definitions
2013-06-20 16:28:09 -04:00
William Kim
cf3cee5ec2
removed lolcat :(
2013-06-20 11:14:29 -04:00
William Kim
37dd7e7042
changed demo user accounts for server
2013-06-19 16:08:06 -04:00
Justin Richer
2b3376e0ed
[maven-release-plugin] prepare for next development iteration
2013-06-18 16:13:04 -04:00
Justin Richer
7fe4bc3b56
[maven-release-plugin] prepare release mitreid-connect-1.0.3
2013-06-18 16:12:59 -04:00
Justin Richer
d6f5ca68bf
Added time skew to nonce service test
2013-06-18 15:30:36 -04:00
William Kim
8935a87c23
TestDefaultWhitelistedSiteService done. Removed constructors from DefaultWhitelistedSiteService.
2013-06-18 15:20:06 -04:00
William Kim
5fb1ef3aca
Revised test methods for checking for offline_access scope. Previous tests were doing trivial checking.
2013-06-18 15:19:55 -04:00
William Kim
8851f4d037
TestDefaultOAuth2ClientDetailsEntityService done. Removed constructors from DefaultOAuth2ClientDetailsEntityService.
2013-06-18 15:19:55 -04:00
William Kim
701217d98c
TestDefaultNonceService done.
2013-06-18 15:19:55 -04:00
William Kim
4ee904cbfd
removed setter/getter from DefaultUserInfoUserDetailsService and updated test class with Mockito annotations.
2013-06-18 15:19:46 -04:00
William Kim
5428848627
updated TestDefaultApprovedSiteService to use annotation style Mocking. Allows for removal of injector constructor.
2013-06-18 15:19:46 -04:00
William Kim
01fcb4828d
removed test constructors for DefaultBlacklistedSiteService.java. Used annotation method of injecting mock objects into testing class (@InjectMocks).
2013-06-18 15:19:33 -04:00
William Kim
9a3625ae2b
made unit test for checking blacklisted sites. Introduced a new constructor to be able to inject repository for testing.
2013-06-18 15:19:33 -04:00
Justin Richer
c577b691c7
moved OIDC auth token and userinfo interception filter to common package, addresses #353
2013-06-12 14:45:03 -04:00
Justin Richer
8290d198c2
added passthrough of userinfo for remote OIDC users
2013-06-12 14:22:13 -04:00
Justin Richer
aea562f565
moved mockito dependency to core project
2013-06-10 14:11:43 -04:00
Justin Richer
6ed7477bc0
added stats to admin UI page, restyled scopes and dynamically registered flags
2013-06-07 18:05:07 -04:00
Justin Richer
6ec8b77f81
beans version update (is this a config file? should this even be in here?)
2013-06-07 18:05:07 -04:00
William Kim
338edcce31
fixed typos in admin.js
2013-06-07 15:41:13 -04:00
Justin Richer
9388c664ab
moved reuse refresh token checkbox to its own div/label, addresses #345
2013-06-06 16:42:26 -04:00
Justin Richer
567a3314d6
[maven-release-plugin] prepare for next development iteration
2013-06-06 16:05:59 -04:00
Justin Richer
1286726188
[maven-release-plugin] prepare release mitreid-connect-1.0.2
2013-06-06 16:05:52 -04:00
Justin Richer
dc9d5c667e
cleaned up error log messages
2013-06-06 13:44:50 -04:00
William Kim
1b601abd6f
Removed previous constructor from DefaultUserInforUserDetailsService.java and put in getter/setter for UserInfoRepository as a replacement.
2013-06-04 16:58:14 -04:00
Amanda Anganes
3f7fe30f5c
Added comments to unit tests
2013-05-31 15:31:54 -04:00
Amanda Anganes
a7f2e605fa
Added two unit tests using the Mockito framework
2013-05-31 15:04:18 -04:00
Josh Mandel
b0dc5fb4e2
Fix a bug where a client is deleted before details looked up. Also return 204 on success
2013-05-31 14:30:51 -04:00
Amanda Anganes
3c5025c52b
Updated version number for secoauth
2013-05-28 15:38:36 -04:00
Amanda Anganes
76e5ff8053
Finished cleanup, ready to create pull request
2013-05-28 12:43:33 -04:00
Josh Mandel
c46095b6a3
Warning message for unimplemented UI features
2013-05-22 22:41:35 -07:00
Justin Richer
25d75a1b30
[maven-release-plugin] prepare for next development iteration
2013-05-20 17:38:01 -04:00
Justin Richer
5418bdef5a
[maven-release-plugin] prepare release mitreid-connect-1.0.1
2013-05-20 17:37:52 -04:00
Justin Richer
81cd13f6d3
added RegisteredClient class to facilitate client configuration and dynamic registration, addresses #335
2013-05-20 17:19:28 -04:00
Justin Richer
545ddace95
updated registration URI, addresses #321
2013-05-10 11:54:48 -07:00
Justin Richer
cc9eea5b3d
updated issuer to more common deployment pattern for simple Tomcat instances, addresses #333
2013-05-10 11:46:16 -07:00
Amanda Anganes
713f0a4d25
Renamed OAuth2Request authorizatoinParameters map to requestParameters
2013-05-03 17:07:04 -04:00
Amanda Anganes
967b3f2953
Cleanup from renaming
2013-05-03 16:15:42 -04:00
Amanda Anganes
1e24b31cc3
Propogating rename of AuthorizationRequest to OAuth2Request
2013-05-03 13:53:57 -04:00
Justin Richer
defa5b8fbc
[maven-release-plugin] prepare for next development iteration
2013-05-02 15:01:59 -04:00
Justin Richer
dbdc99361e
[maven-release-plugin] prepare release mitreid-connect-1.0.0
2013-05-02 15:01:53 -04:00
Justin Richer
4276a14978
fixed stats api view
2013-05-02 14:55:37 -04:00
Justin Richer
a7c92524f3
Updated contact page text
2013-05-02 11:56:42 -04:00
Justin Richer
e99bfc256d
cleaned about page text
2013-05-02 11:54:47 -04:00
Justin Richer
1e870703f8
added licence/copyright header
2013-05-02 11:45:20 -04:00
Justin Richer
8afab04544
whitespace, import, brace, annotation, and format cleanups
2013-05-02 10:47:15 -04:00
Justin Richer
b663cd5f8d
style system scopes and non-system scopes differently in the admin UI, addresses #269
2013-04-29 17:00:12 -04:00
Justin Richer
6a20e7aaa9
re-fixed enter key handling in lists, addresses #236
2013-04-29 16:57:26 -04:00
Justin Richer
39e06292fd
made page title dynamic and configurable, addresses #310 #311
2013-04-29 14:59:53 -04:00
Justin Richer
b78d499801
added version number to footer
2013-04-29 14:44:15 -04:00
Justin Richer
b8c385e5c9
pom file cleanups
2013-04-29 11:47:15 -04:00
Amanda Anganes
a3771177a1
Updated json serialization of approved site objects
2013-04-29 11:17:36 -04:00
Justin Richer
9b03801f9d
[maven-release-plugin] prepare for next development iteration
2013-04-26 13:21:36 -04:00
Justin Richer
d76304b9a6
[maven-release-plugin] prepare release mitreid-connect-0.9.3
2013-04-26 13:21:31 -04:00
Justin Richer
dcf41eaa9e
tried to make prompt=login work, backed off for now
2013-04-25 15:19:11 -04:00
Justin Richer
8d53149d03
added functionality for prompt=none
2013-04-25 11:38:10 -04:00
Justin Richer
37723e3757
opened up access to /resources/**
2013-04-24 16:43:49 -04:00
Justin Richer
7292766b51
implemented prompt=consent
2013-04-24 14:08:14 -04:00
Justin Richer
ce2c90fb30
fixed error messages in auth request manager
2013-04-24 12:10:59 -04:00
Amanda Anganes
c80b1081cc
Cleaning up approvedsite => token linkage
2013-04-24 11:52:03 -04:00
Amanda Anganes
939a801048
Redid approved site -> token mapping so it is unidirectional from ApprovedSite side. Fixed some error logging, added a new view for ApprovedSite which will only show the IDs of the tokens in the approvedTokens list
2013-04-23 17:40:22 -04:00
Amanda Anganes
a79aca906e
Fixed error logging; added ApprovedSite tracking to tokens
2013-04-22 15:49:06 -04:00
Justin Richer
94aa279290
[maven-release-plugin] prepare for next development iteration
2013-04-19 16:17:53 -04:00
Justin Richer
cc92743888
[maven-release-plugin] prepare release mitreid-connect-0.9.2
2013-04-19 16:17:45 -04:00
Justin Richer
d7689152b8
fixed inadvertent consistency bug in granting offline_access to clients
2013-04-19 16:12:09 -04:00
Justin Richer
0e2d5830a4
updated newly-registered clients to not get refresh tokens unless they ask for offline_access scope explicitly
2013-04-19 15:40:20 -04:00
Justin Richer
fb859fc39a
added client dynamic registration service, extracted clientdetails<->json processing into its own static class
2013-04-19 14:23:11 -04:00
Justin Richer
fc1088c841
fixed display of algorithms in discovery endpoint
2013-04-19 13:39:53 -04:00
Amanda Anganes
82fca45412
Removed RequestObjectAuthorizationEndpoint as it is no longer needed with the changes to the AuthorizationEndpoint.
2013-04-17 13:10:40 -04:00
Amanda Anganes
9db8119930
Fixed request object processing, had a small bug
2013-04-17 11:28:35 -04:00
Amanda Anganes
e708f77eb3
Fixed up OIDC code so that it runs with new SECOAUTH changes; removed old AuthorizationRequestImpl class which is no longer needed
2013-04-17 09:52:09 -04:00
Justin Richer
895690df54
added webfinger discovery to server, addresses #279
2013-04-16 17:22:18 -04:00
Justin Richer
9c6b08d919
effectively removed auth_time calculations
2013-04-16 16:04:26 -04:00
Justin Richer
33af3b1ad6
updated discovery endpoint to latest spec, removed surplus specialized view
2013-04-16 15:00:57 -04:00
Justin Richer
8e8e14c638
added at_hash
2013-04-15 17:12:47 -04:00
Justin Richer
3bb43f417a
added auth time tracking
2013-04-15 16:16:18 -04:00
Justin Richer
ce2e630304
fixed login page display (thanks to Jett), addresses #289
2013-04-15 12:47:35 -04:00
Justin Richer
e665aec36f
dependency cleanup
2013-04-12 16:53:55 -04:00
Justin Richer
98fff8fe99
updated error handling on introspection and revocation endpoints
2013-04-12 16:34:51 -04:00
Justin Richer
35cb14a73f
fixed comment
2013-04-12 16:08:32 -04:00
Justin Richer
743a3023dc
removed old error handlers
2013-04-12 16:04:40 -04:00
Justin Richer
31e3c5e5e7
moved user approval page
2013-04-12 15:57:32 -04:00
Justin Richer
694761c026
cleaned up userinfo view
2013-04-12 15:40:05 -04:00
Justin Richer
71d6dc6afe
removed special stats view
2013-04-12 15:15:43 -04:00
Justin Richer
1630648925
updated logo, added large logo
2013-04-11 17:24:32 -04:00
Amanda Anganes
7e59421f33
Commented out XRD endpoint and added TODO reference to webfinger issue
2013-04-11 10:33:27 -04:00
Amanda Anganes
34b243e0e1
Added back discovery endpoint, but renamed to not say SWD
2013-04-11 10:27:31 -04:00
Justin Richer
ac2993c402
[maven-release-plugin] prepare for next development iteration
2013-04-10 16:12:04 -04:00
Justin Richer
f0d75f9144
[maven-release-plugin] prepare release mitreid-connect-0.9.1
2013-04-10 16:11:38 -04:00
Stephen Moore
23c318f6c2
Updating guava to 14.0.1
2013-04-10 15:31:32 -04:00
Amanda Anganes
a723c9d921
Removed references to DefaultAuthorizationRequest in connect code
2013-04-08 10:37:13 -04:00
Amanda Anganes
e17eaa499e
Cleaned up classes affected by SECOAUTH changes; added Connect implementation of AuthorizationRequest and updated manager class to reflect new class & updated interface;
...
;
2013-04-08 10:13:27 -04:00
Justin Richer
5f54777109
[maven-release-plugin] prepare for next development iteration
2013-04-03 10:01:58 -04:00
Justin Richer
620a60ddc2
[maven-release-plugin] prepare release mitreid-connect-0.9.0
2013-04-03 10:01:52 -04:00
Justin Richer
54f1ae972b
Added properties and updated poms for sync to central
2013-04-02 12:42:40 -04:00
Justin Richer
f63ea94b37
fixed bean name
2013-04-01 12:05:39 -04:00
Justin Richer
f101dcc512
moved to released version of SECOAUTH
2013-04-01 11:59:40 -04:00
Justin Richer
c0c1847f38
fixed bean name
2013-04-01 11:59:23 -04:00
Amanda Anganes
72e2c7cb6c
Updated build references
2013-04-01 10:59:25 -04:00
Amanda Anganes
02220a411a
Fixed typo
2013-03-29 12:59:49 -04:00
Amanda Anganes
0f327a772b
Updated js files to use results returned from JsonErrorView; factored out markup into modal definition.
2013-03-29 12:47:03 -04:00
Amanda Anganes
2265a3f8c3
Updated error handling messages for scope, approved site, blacklist, whitelist, and client APIs using new JsonErrorView
2013-03-29 12:47:03 -04:00
Amanda Anganes
ee5b21b542
Added JsonErrorView
2013-03-29 12:47:03 -04:00
Amanda Anganes
07686d8e00
Removed superfluous try/catch around save call in ScopeAPI.
2013-03-29 12:47:03 -04:00
Justin Richer
4538d8fb14
made signing and verification service construction safe for public-only keys
2013-03-28 17:03:18 -04:00
Justin Richer
6cc50e7cd5
switched signing & validation service to use JWK natively for keys
2013-03-28 16:43:26 -04:00
Justin Richer
f54dddd8c0
fixed blacklisted field name, addresses #295
2013-03-28 16:06:02 -04:00
Justin Richer
5a04198eac
moved to JPSK based key store
2013-03-28 15:06:30 -04:00
Justin Richer
e2ad4d2e8f
cleaned up spurious nosuchalgorithm exceptions, addresses #285
2013-03-28 15:06:30 -04:00
Amanda Anganes
5b321b9c86
Updated whitelist api for ui error handling
2013-03-28 12:43:47 -04:00
Amanda Anganes
666573cd34
Updated blacklist and client api for ui error handling
2013-03-28 12:37:18 -04:00
Amanda Anganes
218fe9328c
Updated approved site API for error handling
2013-03-27 16:49:33 -04:00
Amanda Anganes
435fff3b1c
Updated scope API for error handling
2013-03-27 16:27:55 -04:00
Amanda Anganes
18e319379e
Got bootstrap modal alert working, but not sure if it is the right approach. It looks different than the confirmation window.
2013-03-27 15:27:34 -04:00
Amanda Anganes
49863e70ae
Got scope "value" error handling set
2013-03-27 15:27:34 -04:00
Amanda Anganes
d24ecd2e7c
Removed extra scope validation endpoint
2013-03-27 15:27:34 -04:00
Amanda Anganes
96e333afa6
Working on error handling
2013-03-27 15:27:34 -04:00
Amanda Anganes
fa0a6a7b4e
Finding my way around Backbone, Underscore, and Bootstrap
2013-03-27 15:27:34 -04:00
Amanda Anganes
5704271973
Fixed client error: added all client fields to model in client.js; lined them up with the fields in ClientDetailsEntity.java for easier comparison
2013-03-22 17:15:14 -04:00
Amanda Anganes
36b08dcd6e
Removed SWD code
2013-03-22 15:23:08 -04:00
Amanda Anganes
fcc95f8a0a
Moved nonce processing stuff into nonce service and out of ConnectAuthorizationRequestManager
2013-03-22 14:38:37 -04:00
Amanda Anganes
d38c5b4200
Pared down nonce reuse exception message to just say that the nonce has already been used
2013-03-22 12:36:24 -04:00
Amanda Anganes
b28b0615fa
removed vestigial ClientDetailsEntityService references
2013-03-22 12:32:31 -04:00
Justin Richer
08eaaa0a12
updated repository to use proper concrete class
2013-03-21 15:20:36 -04:00
Justin Richer
8fccbf3483
added Id field to DefaultUserInfo object, switched "userId" terminology to "subject"
2013-03-20 14:29:00 -04:00
Justin Richer
f44c704472
major refactor of client filter
...
Collapsed filter into single class
pulled server config and client config management into service classes
created service for issuer (will handle account chooser)
created auth request services (handle signed and unsigned requests)
2013-03-14 18:05:50 -04:00
Justin Richer
2b45dd1104
cleaned up stats display
2013-03-14 18:05:50 -04:00
Amanda Anganes
8992506a1d
Fixing up logging changes
2013-03-08 09:52:24 -05:00
Amanda Anganes
f9b0670ae9
Merged ClientAPI and ClientDynamicRegistrationEndpoitn by hand
2013-03-07 12:12:27 -05:00
Amanda Anganes
5cac7055a9
Standardized error handling and added logging for error conditions in endpoints
2013-03-07 11:56:57 -05:00
Amanda Anganes
dbc68e4074
Working on error handling
2013-03-07 11:51:18 -05:00
Amanda Anganes
1630814b9f
Marked classes where error handling needs to be added/changed
2013-03-07 11:51:18 -05:00
Justin Richer
0f6faf3609
removed old namespace config files
2013-03-07 10:46:25 -05:00
Justin Richer
6320fce9fd
url -> uri in approval page
2013-03-07 10:39:33 -05:00
Justin Richer
7c36f9fb38
made sidebar size-responsive, added sticky footer
2013-03-06 17:52:38 -05:00
Justin Richer
ad3a22e5d4
changed client defaults for JOSE bits
2013-03-06 15:24:46 -05:00
Justin Richer
3268726747
changed to dict-based model for saving
2013-03-06 15:17:11 -05:00
Justin Richer
8f4ecac8d5
forgot a field
2013-03-06 15:16:48 -05:00
Justin Richer
27a8bcf440
now with more documentation and actual deletion
2013-03-06 11:53:16 -05:00
Justin Richer
eaa9e1ded4
typo for grant types in parser
2013-03-06 11:33:54 -05:00
Justin Richer
a6a2d43e8f
added Read, Update, and Delete operations to dynreg endpoint
2013-03-06 11:33:31 -05:00
Justin Richer
d37bac1775
simplification and documentation of client api views
2013-03-06 11:33:06 -05:00
Justin Richer
4c3c2dce52
removed sessions from endpoints, properly mapped registration endpoint
2013-03-06 11:31:54 -05:00
Justin Richer
217916603f
cleaned out broken unit tests -- now we can start fresh
2013-03-06 09:48:04 -05:00
Justin Richer
c9bdba3f3a
API now bound to USER for read, ADMIN for write, addresses #267
2013-03-05 17:45:33 -05:00
Justin Richer
1daf5bd357
dispatch to different views based on user role
2013-03-05 17:34:24 -05:00
Justin Richer
70b2342864
fixed split client views, fixed typos in various places
2013-03-05 17:26:25 -05:00
Justin Richer
f07c31bbe2
JOSE selectors
2013-03-05 16:52:34 -05:00
Justin Richer
51a7ccc397
entity -> embed
2013-03-05 16:33:13 -05:00
Justin Richer
7b8623edbb
typo
2013-03-05 16:15:21 -05:00
Justin Richer
93851ab94d
request URIs and default ACR values
2013-03-05 16:11:32 -05:00
Justin Richer
6c136b5696
contacts
2013-03-05 15:43:38 -05:00
Justin Richer
79bf862924
added Not Yet Implemented tags
2013-03-05 15:32:08 -05:00
Justin Richer
9b6dfd4e1d
require auth time, reuse refresh token, and default max age
2013-03-05 15:01:25 -05:00
Justin Richer
ff53d71e6f
sector identifier, initiate login, and post logout URIs ; reuse refresh tokens
2013-03-05 14:44:40 -05:00
Justin Richer
23bd6a2ffb
response types
2013-03-05 14:29:51 -05:00
Justin Richer
82ecef144d
token endpoint auth method
2013-03-05 14:05:46 -05:00
Justin Richer
c9b769818e
changed script loading methods to help debugging, fixed subjectype data pull
2013-03-05 13:34:18 -05:00
Justin Richer
1fcb67e885
JWKS and subject type
2013-03-05 12:33:14 -05:00
Justin Richer
29b46bfd58
stupid javascript templates
2013-03-05 12:21:06 -05:00
Justin Richer
0d25d4cb17
null-preserving static parsers instead of constructors
2013-03-05 12:10:33 -05:00
Justin Richer
9244d6413c
application type
2013-03-05 11:50:47 -05:00
Justin Richer
e7282d53fe
added client URI bits
2013-03-05 11:22:55 -05:00
Justin Richer
6a88c13675
split client view into two classes
2013-03-04 17:50:02 -05:00
Justin Richer
4095f2179c
added custom client view for API
2013-03-04 17:33:18 -05:00
Justin Richer
a0c2e94922
added in all extra fields to JS processor
2013-03-04 17:11:44 -05:00
Justin Richer
ac44020305
grant types rename
2013-03-04 17:11:25 -05:00
Justin Richer
33c488d9ae
logo url -> uri
2013-03-04 16:53:09 -05:00
Justin Richer
7c3ddd0a86
redirect uri with new name
2013-03-04 16:49:17 -05:00
Justin Richer
9aebca2e97
fixed gson parser in client API
2013-03-04 16:38:11 -05:00
Justin Richer
23efdf9f51
fix viewbean name, nullsafe client creation time, fixed default scope handling
2013-03-04 16:12:06 -05:00
Justin Richer
26f03ec070
timestamp for creation date
2013-03-04 16:11:20 -05:00
Justin Richer
ea034f7d4a
database preload fixed to match new schema
2013-03-04 16:10:32 -05:00
Justin Richer
1f5f7c8aac
updates for java 7
2013-03-04 16:00:12 -05:00
Justin Richer
235a3bf2c4
added client information response view
2013-03-04 15:45:35 -05:00
Justin Richer
fc978ac994
made require_auth_time nullable again
2013-03-04 15:44:49 -05:00
Justin Richer
a2d6894f62
started serialization for client information view
2013-03-04 15:13:55 -05:00
Justin Richer
db24c203ec
added parser to client registration endpoint
2013-03-04 15:01:02 -05:00
Justin Richer
5c044b9eff
added extra client fields to DB model, moved services to use new client model object
2013-03-04 14:22:42 -05:00
Justin Richer
3f8d7d70e5
updated client model to match OAuth Dyn Reg and OIDC Reg
2013-03-04 12:48:05 -05:00
Justin Richer
5b9422ffdf
cleaned up old unit tests
2013-03-04 11:37:49 -05:00
Justin Richer
f8f925c08f
removed exploded war (no longer needed), addresses #260
2013-03-04 10:59:04 -05:00
Justin Richer
bd877dde82
added signature checking to request objects
2013-03-01 17:44:44 -05:00
Justin Richer
6c1e6b2d74
refactored signing and validation, added jwk-based cache, removed keyfetcher, refactored client side class structure
2013-03-01 17:44:44 -05:00
Justin Richer
385853fa1f
refactored signing and validation, added jwk-based cache, removed keyfetcher, refactored client side class structure
2013-03-01 17:44:44 -05:00
Justin Richer
7e64c4bffc
deleted duplicate login button, addresses #276
2013-03-01 17:42:48 -05:00
Justin Richer
13a3e97113
updated request object forwarding hack
2013-03-01 17:42:48 -05:00
Justin Richer
0712d8c340
updated spring version
2013-03-01 17:42:48 -05:00
Amanda Anganes
42ea2468c9
Split up about, contact, stats tags into two each and removed logic from the *Content tag files
2013-02-28 13:56:09 -05:00
Amanda Anganes
8677f6516d
Template-ized most of the home page UI
2013-02-28 11:25:37 -05:00
Amanda Anganes
987a05302d
Added configured logo url
2013-02-25 13:01:26 -05:00
Amanda Anganes
60b679e942
First steps towards adding display variables to config bean
2013-02-22 17:10:14 -05:00
Justin Richer
4d725b88dd
more updates to track nimbus-jose-jwt classes and use them properly
2013-02-22 12:08:01 -05:00
Justin Richer
9a98d241e8
updates to track Nimbus JOSE API changes to audience and date fields
2013-02-22 12:08:01 -05:00
Justin Richer
cc727cee3e
patched unit test to new format
2013-02-22 12:08:01 -05:00
Justin Richer
03e7337b9f
client registration endpoint needs general rewrite to fit new spec.
...
Most of the problematic references will change with the rewrite, so this is a slapdash patch to make things compile for now.
2013-02-22 12:08:01 -05:00
Justin Richer
25b9940a68
request object endpoint is a placeholder, cleaning out for now
2013-02-22 12:08:01 -05:00
Justin Richer
e5732da857
added system default signing algorithm, converted token provider and enhancer to use nimbus-jose
2013-02-22 12:08:01 -05:00
Justin Richer
c01e873019
request object processor moved to nimbus-jose
2013-02-22 12:08:01 -05:00
Justin Richer
0f99e0e06d
assertion token granter moved to nimbus-jose
2013-02-22 12:08:01 -05:00
Justin Richer
10ab55a7e2
moved jwk/x509 publishing over to nimbus-jose (mostly)
2013-02-22 12:08:01 -05:00
Justin Richer
fca30cd13f
added provisions to bootstrap signing and validation service from config files
2013-02-22 12:08:01 -05:00
Justin Richer
a078f7d202
patched userinfo view to use nimbus
2013-02-22 12:08:01 -05:00
Justin Richer
c7d1b47b38
converted bearer assertion framework to nimbus-jose
2013-02-22 12:08:01 -05:00
Justin Richer
910a6cf1a0
remvoed idtoken repository that was never used
2013-02-22 12:08:01 -05:00
Justin Richer
46a3e70377
removed idtoken class, removed all jwe/jwt tests
2013-02-22 12:08:01 -05:00
Justin Richer
46f0e6f3cb
restyled login page
2013-02-20 16:39:46 -05:00
Justin Richer
b840b31c74
added cleaner login/logout failure handling and processing
2013-02-20 16:11:08 -05:00
Amanda Anganes
1398575061
Added additional joda time dependency
2013-02-20 15:44:53 -05:00
Justin Richer
58ea01f0f8
added hints to login form to discourage mobile browsers from trying to do something clever like autocorrect
2013-02-13 13:27:31 -05:00
Justin Richer
991f37a1e6
refactored javascript and template files into components
2013-02-13 10:12:31 -05:00
Justin Richer
137e5e5ca1
added placeholder blocks in place of empty tables, addresses #244
2013-02-06 17:42:10 -05:00
Justin Richer
62b931ee0d
scope icons now show up everywhere
2013-02-05 17:39:38 -05:00
Justin Richer
d0fdf8140e
sorting on approval page
2013-02-05 15:47:32 -05:00
Justin Richer
328fa221bd
scope bootstrapping
2013-02-05 15:08:49 -05:00
Justin Richer
02846c0a8d
typo fix, DB constraints
2013-02-05 14:40:06 -05:00
Justin Richer
88f2ea3e7e
icon selector
2013-02-05 14:33:58 -05:00
Justin Richer
e622202e9e
display scopes based on request, pull scope information dynamically, addresses #208
2013-02-05 11:36:59 -05:00
Justin Richer
eb4773ce46
beginning dynamic scopes on auth page
2013-02-05 11:28:39 -05:00
Justin Richer
c2b9fd4db1
system scope ordering consistency
2013-02-05 11:11:41 -05:00
Justin Richer
173281f039
DB consistency fix
2013-02-05 11:11:15 -05:00
Justin Richer
801a45cc49
several bugfixes to scopes UI, works now
2013-02-03 22:04:56 -05:00
Justin Richer
e5171a196a
minor bugfixes
2013-02-03 22:04:55 -05:00
Justin Richer
d1968f624a
scope ui bugfixes
2013-02-03 22:04:55 -05:00
Justin Richer
fbfc977f3b
system scope ui updates
2013-02-03 22:04:55 -05:00
Justin Richer
9dc603a759
scope management UI
2013-02-03 22:04:55 -05:00
Justin Richer
1ceee853f9
scope management UI
2013-02-03 22:04:55 -05:00
Justin Richer
a3037a18a7
system scope service applied to client creation UI
2013-02-03 22:04:55 -05:00
Justin Richer
cab36a2b80
added appropriate filterered and transformative actions to scope service
2013-02-03 22:04:55 -05:00
Justin Richer
ab35186696
added scope service, repository, and API
2013-02-03 22:02:24 -05:00
Justin Richer
19e7b62a42
removed persistence.xml and moved to pure spring-based config, addresses #194
2013-02-03 22:02:23 -05:00
Justin Richer
a3619240e6
added site scope
2013-02-03 22:02:23 -05:00
Justin Richer
a2e548c261
fixed claims processor for request object from user info endpoint
2013-02-03 22:02:23 -05:00
Justin Richer
899150d636
tweak display on auth revoke page
2013-02-03 22:02:23 -05:00
Justin Richer
3c190e044a
inject parsed parameters to make SECOAUTH happy
2013-02-03 22:02:23 -05:00
Justin Richer
1144d511af
inject scopes
2013-02-03 22:02:23 -05:00
Justin Richer
f9d50db1f1
don't treat openid scope special here -- by default client gets access to *all* scopes it's registered for
2013-02-03 22:02:23 -05:00
Justin Richer
078342715b
moved request object to request manager
2013-02-03 22:02:22 -05:00
Amanda Anganes
3399eed45a
Added about, contact, and stats pages. Still largely placeholders, but the topbar works correctly now at least.
2013-01-31 11:34:07 -05:00
Justin Richer
0be254c99a
updated token introspection output to match spec and client filter
2013-01-30 15:31:32 -05:00
Justin Richer
e02e08563c
changed order or custom filters to make assertions work, added client credentials token granter to default
2013-01-30 14:34:16 -05:00
Justin Richer
c1d33bb55b
bugfix in assertion processor
2013-01-30 14:34:16 -05:00
Amanda Anganes
2e2c0e8e6c
Fixed bug in nonce processing
2013-01-29 13:07:41 -05:00
Amanda Anganes
3db74100a4
working on bug
2013-01-29 13:07:41 -05:00
Amanda Anganes
dd8b48e863
Reset ConnectAuthorizationRequestManager to version from master
2013-01-29 13:07:41 -05:00
Amanda Anganes
06f970e61b
Trying to fix nonce service
2013-01-29 13:07:41 -05:00
Amanda Anganes
86bf51f0a7
Added java reflection code for request object handling, needs to be tested
2013-01-29 13:07:41 -05:00
Amanda Anganes
677f0f2d4c
Stubbed out required functionality for request object filtering
2013-01-29 13:07:41 -05:00
Amanda Anganes
67e8714671
Working on request object userinfo parsing
2013-01-29 13:07:41 -05:00
Justin Richer
779001a8c8
updated copyright year
2013-01-28 13:39:25 -05:00
Justin Richer
7269700dc6
switched injector from repository to service
2013-01-24 19:32:55 -05:00
Justin Richer
f0ee36dad2
auth_type -> auth_method (addresses #258 )
2013-01-18 18:26:55 -05:00
Justin Richer
fd2253303e
changed pointer on tabs, addresses #252
2013-01-18 18:17:39 -05:00
Justin Richer
899e306683
fixed JS crash on "new client" operation
2013-01-18 18:15:19 -05:00
Justin Richer
8831bc64a2
offline -> offline_access (addresses #248 )
2013-01-18 18:03:39 -05:00
Justin Richer
27a26e0a35
(user_id/prn) -> sub
2013-01-18 16:40:05 -05:00
Justin Richer
1ab29882b4
fixed user prepoulation table
2013-01-18 15:38:53 -05:00
Justin Richer
0ab4ad4bbe
added "birthdate", addresses #253
2013-01-18 15:38:41 -05:00
Justin Richer
6ef4dc817e
genericized nimbus code, added caching
2013-01-18 15:10:48 -05:00
Justin Richer
2d21a72e7e
switched to nimbus to check JWT signature
2013-01-18 15:10:48 -05:00
Justin Richer
60bda31c54
updated custom filter
2013-01-18 15:10:48 -05:00
Justin Richer
c17bc05b0e
wiring configuration
2013-01-18 15:10:48 -05:00
Justin Richer
4262be1fd3
added jwt processing to client auth provider
2013-01-18 15:06:00 -05:00
Justin Richer
abd64eccd6
added framework for processing assertions for client auth
2013-01-18 15:06:00 -05:00
Amanda Anganes
ad5e77f7ff
Made nonce storage duration configurable in application-context.xml;
2013-01-10 10:34:40 -05:00
Amanda Anganes
59f1b1f05e
Testing, nonce handling seems to be working now
2013-01-07 13:28:30 -05:00
Amanda Anganes
a1a117cfde
Added default constructor to ConnectAuthorizationRequestManager
2013-01-07 10:54:33 -05:00
Amanda Anganes
af81e371fb
Updated application-context to use new authorization request manager
2013-01-07 10:46:55 -05:00
Amanda Anganes
77b932f5a7
Added implementation of AuthorizationRequestManager. Nonce checking will go in here
2013-01-04 15:30:24 -05:00
Amanda Anganes
1af6513499
Removed nonce checking from token service impl
2013-01-04 15:30:24 -05:00
Amanda Anganes
7e7b2527db
Added nonce to persistence.xml
2013-01-04 15:30:24 -05:00
Amanda Anganes
246ed962bb
Added stub of repository test
2013-01-04 15:30:24 -05:00
Amanda Anganes
e1dffb959c
Added NonceReuseException
2013-01-04 15:30:24 -05:00
Amanda Anganes
8f8a3754db
Added database tables for Nonce
2013-01-04 15:30:24 -05:00
Amanda Anganes
a4637ec395
Fleshed out nonce service classes, added code to token service impl to check for and store nonces. Added JodaTime library for working with dates.
2013-01-04 15:30:24 -05:00
Amanda Anganes
c7ae315e98
Added initial files for nonce service. Repository and service impls are stubs
2013-01-04 15:30:24 -05:00
Justin Richer
cbcfe55bb9
added introspection flag to client bootstrap
2013-01-02 14:16:31 -05:00
Justin Richer
4068952a81
fixed well size, added comment
2013-01-02 10:19:55 -05:00
Justin Richer
655092a12b
added introspection checkbox, added access tab
...
Signed-off-by: Justin Richer <jricher@mitre.org>
2012-12-21 16:38:52 -05:00
Justin Richer
9a1b2d7fac
made client edit page tabbable (that was seriously easy)
2012-12-21 16:26:34 -05:00
Justin Richer
48866c15f2
button display cleanup
2012-12-21 16:07:59 -05:00
Justin Richer
a85b1f5d74
split approved sites into two tables
2012-12-21 15:35:33 -05:00
Justin Richer
198a45369a
buttonsize tweak
2012-12-21 15:03:45 -05:00
Justin Richer
f12efc1b80
added dynreg caution block
2012-12-21 14:48:15 -05:00
Justin Richer
231e81a426
updated icons
2012-12-21 14:28:07 -05:00
Justin Richer
797d521691
cleaned up logged-in button
2012-12-21 13:04:33 -05:00
Justin Richer
7ebbe3acc4
removed mockups
2012-12-21 11:01:22 -05:00
Justin Richer
7459767646
fixed validation problem with new backbone
2012-12-20 17:46:34 -05:00
Justin Richer
37bca0d5fb
cleaned out backbone validation plugin
2012-12-20 17:31:22 -05:00
Justin Richer
9dd54d47bb
updated versions of backbone and underscore
2012-12-20 17:31:08 -05:00
Justin Richer
e0672757bf
update to bootstrap 2.2.2
2012-12-20 12:44:02 -05:00
Justin Richer
8ad28b41aa
fixing CSS and collapsing headerbar
2012-12-20 12:35:30 -05:00
Justin Richer
67a682d53a
added default router to backbone app
2012-12-18 13:56:57 -05:00
Justin Richer
87788f0710
let users visit home page without logging in
2012-12-18 13:56:46 -05:00
Justin Richer
f265347311
tweaked error messages
2012-12-18 12:08:36 -05:00
Justin Richer
18ddd8333f
added flag to allow introspection, relaxed same-client restrictions on introspection and chained tokens
2012-12-18 11:07:24 -05:00
Justin Richer
6eabc895b9
moved database file to a reasonable name
2012-12-17 13:45:39 -05:00
Justin Richer
1f53f41648
generic entity view now takes optional HttpStatus argument
2012-12-14 17:35:21 -05:00
Justin Richer
a3790f943e
cleaned up introspection endpoint to use exceptions
2012-12-14 17:35:20 -05:00
Justin Richer
e5206f2b92
implemented jwt assertions for id tokens
2012-12-14 17:35:20 -05:00
Justin Richer
51b67ebc03
added queries to get access token from id token
2012-12-14 17:35:20 -05:00
Justin Richer
1853bd7117
added assertion token granter
2012-12-14 17:35:20 -05:00
Justin Richer
0d6c96f410
moved JPA adapter to data-context, addresses #242
2012-12-14 09:43:42 -05:00
Justin Richer
2a74be5baf
bringing mysql tables up to date
2012-12-13 16:54:21 -05:00
Justin Richer
2c104a71e2
cleaned up mysql table
2012-12-13 16:04:45 -05:00
Justin Richer
cda6163d0d
null and blank handling
2012-12-12 12:29:14 -05:00
Justin Richer
06fad3a41c
moved view for client API
2012-12-11 15:19:11 -05:00
Justin Richer
6344a72519
missed a few applicationName references, fixed API JSON rendering
2012-12-11 15:16:18 -05:00
Justin Richer
dfd8e9c7c7
removed unused view
2012-12-11 15:15:52 -05:00
Justin Richer
dd04df6a22
fixed javascript bugs
2012-12-11 14:08:10 -05:00
Justin Richer
f12d3c7d30
fixed variable reference
2012-12-11 13:37:14 -05:00
Justin Richer
920777128d
switched to uncompressed jquery
2012-12-11 13:29:19 -05:00
Justin Richer
829c8ae5f4
tweaked functionality of grant types and scopes
2012-12-11 13:16:33 -05:00
Justin Richer
cc36851bdd
propagated field name change to UI
2012-12-11 12:38:55 -05:00
Justin Richer
179903b074
propagated client changes to service
2012-12-11 12:31:01 -05:00
Justin Richer
2f7891d02c
updated mysql table to new schema
2012-12-11 12:27:24 -05:00
Justin Richer
bcfa37040e
missed one
2012-12-11 12:18:51 -05:00
Justin Richer
33ceedb283
added scope and grant_type, switched to timeunit
2012-12-11 12:11:09 -05:00
Justin Richer
e2bc15c2b2
beginning of client registration refactor to track IETF dynreg spec
2012-12-10 17:36:33 -05:00
Justin Richer
94c37f5815
added redelegate scope to client list, fixed inconsistency with refresh token issuance (addresses #239 )
2012-12-10 16:53:05 -05:00
Justin Richer
510ddb48b7
override the correct part of the token granter class
2012-12-10 15:54:37 -05:00
Justin Richer
bdcc6af096
temporary sanity check for client ID's
2012-12-10 11:40:03 -05:00
Justin Richer
cab0839430
added workarounds for quirks in SECOAUTH
2012-12-10 11:27:28 -05:00
Justin Richer
edc96d646c
added chained token grant
2012-12-10 10:48:38 -05:00
Justin Richer
54708fb0ac
fixed id token scopes (shouldn't inherit from parent token)
2012-12-10 10:11:02 -05:00
Justin Richer
2a206654b6
added client credential protection to revocation endpoint
2012-12-07 17:17:19 -05:00
Justin Richer
e38b2b0ba5
shortened revocation endpoint url
2012-12-07 17:16:03 -05:00
Justin Richer
fbc3c46128
Introspection now draft spec compliant, requires client auth
...
Currently this is the client that originally sent the token, we want to have a way to bind other "clients" to this token as well, like resource services. Also want to let open calls, sometimes.
2012-12-07 17:12:13 -05:00
Justin Richer
544e3d7b43
added copy constructors because Dave likes to use unmodifiable sets for no apparent reason
2012-12-07 10:06:10 -05:00
Justin Richer
64ef752f08
added refresh token granter for testing
2012-12-07 09:56:43 -05:00
Justin Richer
7561ac9e8c
client dynamic registration now protected by access token, addresses #199
2012-12-06 17:48:23 -05:00
Justin Richer
7342da6a51
completed making id tokens into access tokens
2012-12-06 16:24:04 -05:00
Justin Richer
e4f9fa2bbf
labeled introspection endpoint
2012-12-06 16:19:25 -05:00
Justin Richer
17374a57e0
added ISO date format to generic entity view, addresses #232
2012-12-06 16:15:14 -05:00
Justin Richer
3378cd5c4c
cleaned table
2012-12-06 14:24:38 -05:00
Justin Richer
b8f701d9d8
switched id tokens to entities, they're now access tokens also
...
still needs some work to get the auth object right, for now we're just copying from the access token
2012-12-06 10:19:21 -05:00
Justin Richer
2ef8d16e9c
typo, formatting
2012-12-05 15:49:50 -05:00
Justin Richer
ba7ddf17f9
added bootstrapping for clients, cleaned up sql files
2012-12-05 15:04:14 -05:00
Justin Richer
cf7ceb74f3
betterer logout button
2012-12-04 16:40:28 -05:00
Justin Richer
2f1a6864b8
made a better logout button
2012-12-04 16:37:57 -05:00
Justin Richer
838e029db1
added logout button
2012-12-04 16:18:58 -05:00
Justin Richer
d7d9e84e70
fixed user_id mapping
2012-12-04 16:18:37 -05:00
Justin Richer
f091343d84
moved back to in-memory database by default
2012-12-04 15:56:03 -05:00
Justin Richer
49e216412e
Added bootstrapped users set.
2012-12-04 15:51:10 -05:00
Justin Richer
dcc56ec9dd
temporary tables to prevent casts from leaking
2012-12-04 14:38:08 -05:00
Justin Richer
8b37011244
added casts to varchar to avoid extraneous spaces
2012-12-04 13:35:40 -05:00
Justin Richer
e305d3b16b
Making stable in-memory and in-file database with HSQL
2012-12-03 17:53:25 -05:00
Justin Richer
061c0f0814
minor cleanup
2012-12-03 16:10:07 -05:00
Stephen Moore
250432ce7f
Added information into the user_info table
2012-12-03 14:56:40 -05:00
Stephen Moore
1bcaa68cb4
Added user_info stuff... and changed serverconfig for issuer...
2012-12-03 14:56:40 -05:00
Stephen Moore
47b34d2b1b
Added blacklist table to HSQLDB sql script
2012-12-03 14:56:40 -05:00
Stephen Moore
4fdb0816eb
Moved DB to use in memory HSQLDB. Made authentication-provider use a jdbc-user-service in that in-memory hsqldb.
2012-12-03 14:56:40 -05:00
Justin Richer
fce47c239a
added slashes to patterns what needed them, removed vestigial intercept from user-context
2012-11-26 16:23:46 -05:00
Justin Richer
122a2de074
First attempt at making API not redirect to /login, failed
2012-11-26 16:05:46 -05:00
Justin Richer
d07f67bd76
let user select when grants time out
2012-11-26 14:26:07 -05:00
Justin Richer
84401531ae
tie refresh token generation to "offline" scope tag
2012-11-26 13:16:19 -05:00
Justin Richer
50040a8ef4
fixed checkbox labels
2012-11-26 12:57:49 -05:00
Justin Richer
667c3abc8a
dynamic scope display/selection on approval page
2012-11-26 11:53:19 -05:00
Justin Richer
1281d75aa9
stopped re-parsing scopes
2012-11-26 11:53:19 -05:00
Justin Richer
9c3a40779b
updated to SECOAUTH's horrible new object-breaking authorization request paradigm.
...
Bonus: it works!
2012-11-26 11:53:19 -05:00
Justin Richer
3e327b9df6
reverted to original controller behavior
2012-11-26 11:53:19 -05:00
Justin Richer
cf4581a5eb
updated configuration to reflect secoauth changes
2012-11-26 11:53:19 -05:00
Justin Richer
45ca4e565e
updated to SECOAUTH-1.0.1-BUILD-SNAPSHOT
2012-11-26 11:53:19 -05:00
Amanda Anganes
cf1ddf0457
Determined that init binder was not needed to fix default for Boolean require_auth_time; instead use defaultValue=\"true\" in the RequestParam declaration. Also fixed bug in ClientDetails service so that it will not blow up if the client has no redirect uris registered
2012-11-21 15:39:07 -05:00
Amanda Anganes
2084639828
Working on init binder for ClientDynamicRegistrationEndpoint
2012-11-21 14:54:24 -05:00
Amanda Anganes
8b0c520534
Issue 213, writing init binder to convert null Boolean values to false before calling setters
2012-11-21 14:53:41 -05:00
Justin Richer
a2a29e7b76
trying out new confirmation controller
2012-11-21 10:00:35 -05:00
Justin Richer
d9b6918bc2
softened error from scope checker -- returns false now, allows things to pass through
2012-11-20 14:08:18 -05:00
Justin Richer
9c08944a02
Changed arity on approved sites (now can have many per user/site combo)
2012-11-20 14:07:55 -05:00
Justin Richer
58b97f7371
stupid javascript
2012-11-20 13:16:08 -05:00
Justin Richer
fda86e23e9
moved everything to use the consumes/produces framework of Spring 3.1
2012-11-20 13:12:21 -05:00
Justin Richer
51920ee381
switched to using "uneditable-input" classes instead of disabled input fields
2012-11-19 16:32:04 -05:00
Justin Richer
e303319701
got rid of postrender
2012-11-19 16:13:49 -05:00
Justin Richer
5b0c17c5de
added in checks to blacklist service upon client registration and update
2012-11-19 14:10:55 -05:00
Justin Richer
7a6c96a759
fixed links
2012-11-19 14:10:37 -05:00
Justin Richer
e9d1ed270d
service layer cleanups
2012-11-19 13:46:09 -05:00
Justin Richer
4e18fb4525
blacklist management UI
2012-11-19 13:01:16 -05:00
Justin Richer
d576df4b31
fixed render length limits on list widget
2012-11-19 11:52:30 -05:00
Justin Richer
757e21a722
added blacklist API
2012-11-16 11:57:46 -05:00
Justin Richer
1f4b97bc7e
fixed icon and variable reference
2012-11-16 10:14:28 -05:00
Justin Richer
e86f19bd7c
added dynamic icons to whitelist table
2012-11-15 17:53:38 -05:00
Justin Richer
2beff07d4b
added icons and tooltips to approved site table
2012-11-15 17:51:31 -05:00
Justin Richer
20b73ea0c4
tooltip works!
2012-11-15 17:46:13 -05:00
Justin Richer
8ecdb8a4ab
added icon to template, popover doesn't work yet
2012-11-15 17:41:00 -05:00
Justin Richer
9064b49a54
added refresh buttons to all tables, fixed loading behavior to a proper cascading function call
2012-11-15 16:55:51 -05:00
Justin Richer
a88ae8258a
Updated plus and minus buttons in list views, addresses #202
2012-11-15 16:35:17 -05:00
Justin Richer
150c4032fd
WTF MYSQL!!
...
Added "NULL" option to all appropriate TIMESTAMP columns so that they behave how we expect them to.
2012-11-15 15:23:54 -05:00
Justin Richer
f9aafb5edd
approved sites UI
2012-11-15 14:50:30 -05:00
Justin Richer
f4605ef2fc
cleaned out startAfter function
2012-11-15 12:18:47 -05:00