github
/
OpenID-Connect-Java-Spring-Server
mirror of https://github.com/mitreid-connect/OpenID-Connect-Java-Spring-Server
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
2,426 Commits
17 Branches
69 Tags
78 MiB
Commit Graph

1368 Commits (832f5c0199a61faf09f06ff925135d38162fa2c2)

Author SHA1 Message Date
Justin Richer c31f42c3f3 updated versions to 1.3 2016-07-05 14:39:22 -04:00
Justin Richer 58724aa6dc [maven-release-plugin] prepare for next development iteration 2016-04-06 16:33:45 -04:00
Justin Richer 29c9ee2c46 [maven-release-plugin] prepare release mitreid-connect-1.2.6 2016-04-06 16:33:42 -04:00
Justin Richer 89316cbab1 fixed default token lifetimes for heart mode 2016-03-18 22:02:28 -04:00
Justin Richer 9691f02772 added audience parameter to parser, fixed token generator to match HEART spec 2016-03-11 17:12:36 -05:00
Justin Richer 49a8848648 count really weird URIs as "custom scheme" 2016-03-10 12:50:47 -05:00
Justin Richer d75bba218d forbid password grant type in HEART mode 2016-03-10 12:30:48 -05:00
Justin Richer 699e9bff39 testing for multiple classes of redirect URIs 2016-02-24 16:34:58 -05:00
Justin Richer 38710bd3d2 unit tests for HEART mode 2016-02-24 15:33:52 -05:00
Justin Richer 74ea42851b added check for HEART mode consistency 2016-02-24 13:09:58 -05:00
Justin Richer 028265faa6 pulled scope values to externalized strings 2016-02-24 13:09:39 -05:00
Justin Richer 5bccb602d8 always perform strict redirect URI matches in HEART mode 2016-02-24 13:09:00 -05:00
Justin Richer 51e3513307 disallow client secret JWT authentication in HEART mode 2016-02-24 13:07:14 -05:00
Justin Richer d0d6ae2ad8 [maven-release-plugin] prepare for next development iteration 2016-02-23 19:02:05 -05:00
Justin Richer 7f5b70e9e1 [maven-release-plugin] prepare release mitreid-connect-1.2.5 2016-02-23 19:02:02 -05:00
Justin Richer 183a599126 fixed OIDC discovery relation URL 2016-01-29 17:17:35 -05:00
Justin Richer 61433cc23a deepen webfinger, endpoint is looser 
closes #1008
 2016-01-29 15:38:17 -05:00
Justin Richer 82a1e49e79 [maven-release-plugin] prepare for next development iteration 2016-01-21 15:55:56 -05:00
Justin Richer e6684fb7a8 [maven-release-plugin] prepare release mitreid-connect-1.2.4 2016-01-21 15:55:53 -05:00
Misagh Moayyed 3d14b0d128 rename zone_info claim to zoneinfo 2016-01-21 15:52:59 -05:00
Justin Richer 7badfe1d17 Happy new year 2016! 2016-01-21 15:50:37 -05:00
Justin Richer d1033b693f added privacy-preserving client logo cache 2015-12-21 15:51:39 -05:00
Justin Richer e828f3f18d [maven-release-plugin] prepare for next development iteration 2015-12-21 10:31:49 -05:00
Justin Richer 01ca5ef8e2 [maven-release-plugin] prepare release mitreid-connect-1.2.3 2015-12-21 10:31:47 -05:00
Justin Richer aa878cc3cf pulled checks for expired tokens into utility functions 2015-12-18 11:22:50 -05:00
Justin Richer 698feb49cd check access token expiration on read. closes #983 2015-12-16 22:46:42 -05:00
Justin Richer 7f464c496b changed copyright to new consortium name 2015-12-16 14:51:12 -05:00
Justin Richer ea77bf2a19 quieted approved site cleanup 2015-12-02 16:51:55 -05:00
Justin Richer 1ed3e2c47a quieted logging on database cleanup tasks when no expired elements are found 2015-11-25 15:55:16 -05:00
Justin Richer fcfc620d51 updated client API with more useful errors, removed unused service reference 2015-11-25 15:42:09 -05:00
Justin Richer 2496dc114c allow language system to be loaded from multiple files. closes #817 closes #876 2015-11-24 20:33:55 -05:00
Justin Richer e255fc1a10 change default behavior of message source, closes #964 2015-11-24 20:33:54 -05:00
Cosmin Cojocar 7b34a666d9 Make the dual client support configurable 2015-11-24 12:10:27 -05:00
Cosmin Cojocar a80953a2d4 Allow both flows authorization code and client credentials. This scenario might be found when the same client supports user authentication as well as service to service authentication. Such a client is trusted (whitelisted). 2015-11-24 12:10:27 -05:00
Mark Janssen dce80d488b Clean up ScopeClaimTranslationService 
`getFieldNameForClaim` method is never used.
 2015-11-23 21:35:16 -05:00
Justin Richer 2deec98b58 [maven-release-plugin] prepare for next development iteration 2015-10-13 18:56:47 -04:00
Justin Richer d96b2dc130 [maven-release-plugin] prepare release mitreid-connect-1.2.2 2015-10-13 18:56:44 -04:00
Justin Richer 96f4d5e8a8 fixed use of wrong constant, closes #940 2015-10-13 18:08:56 -04:00
Justin Richer c9358f348a added transactional annotations, finally closes #926 addresses #862 2015-10-13 16:59:11 -04:00
Justin Richer e1e892377f added cleaner for duplicate refresh tokens 2015-10-13 15:38:07 -04:00
Justin Richer 542afca459 cleans duplicate access tokens from DB before other cleanup happens 2015-10-13 15:33:23 -04:00
Justin Richer ebb4f2c3d4 Upgraded to nimbus 4.2, closes #934 2015-10-13 04:40:01 -04:00
Justin Richer c67611e975 added qualifier name to persistence unit and transaction manager, closes #883 2015-10-12 21:15:30 -04:00
Justin Richer d280ca40a4 login hints now handled in a slightly smarter (and more pluggable) manner, closes #851 2015-10-12 20:04:02 -04:00
Mark Janssen b5c298e0ca Remove legacy CSRF protection for approve page 
Instead, we rely on the Spring Security CSRF protection, like we already do for the login page. Additionally, we remove the authentication check in`isApproved`, because this is already done by Spring Security (and if not, we have bigger problems to worry about).
 2015-10-09 17:09:46 +02:00
Justin Richer 8b362f23f3 [maven-release-plugin] prepare for next development iteration 2015-10-02 18:53:48 -04:00
Justin Richer e384a6257b [maven-release-plugin] prepare release mitreid-connect-1.2.1 2015-10-02 18:53:45 -04:00
Justin Richer 4063f7f94f user info endpoint response uses correct client algorithms, addresses #921 2015-10-02 18:48:11 -04:00
Justin Richer acb3d03052 added 'kid' to all signed tokens, closes #899 2015-10-01 18:54:38 -04:00
Justin Richer d3f8ff2855 added JTI to ID tokens, closes #900 2015-10-01 17:24:47 -04:00