github
/
OpenID-Connect-Java-Spring-Server
mirror of https://github.com/mitreid-connect/OpenID-Connect-Java-Spring-Server
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
2,725 Commits
17 Branches
69 Tags
78 MiB
Commit Graph

716 Commits (846727e9b390155b230875b19735e8b06cc873e0)

Author SHA1 Message Date
Justin Richer f0e2fc6700 make user info classes serializable, closes #714 2014-10-23 23:30:34 -04:00
Justin Richer a59fe0604e generate random fake password for private key clients and shared secret crypto clients to avoid accidentally using client secret authentication and bypassing authentication, closes #715 2014-10-23 21:53:32 -04:00
Alexander Imfeld 9dfac35912 Introduce introspection result assembler to allow for customized introspection results 2014-10-14 21:06:09 -04:00
Pascal Bruckert bf00c1f5e0 update spring-security-oauth2 2.0.3 , closes #663 2014-10-14 20:48:34 -04:00
Justin Richer db052f11ca Moved development branch to 1.2 2014-10-07 21:02:07 -04:00
Justin Richer 134909a82f import cleanup 2014-10-07 19:40:38 -04:00
Justin Richer 1e71749c23 added more generic rotation capability 2014-10-07 19:40:38 -04:00
arielak 8495617aed Added support for whitelisted and blacklisted site import from a 1.0 config 2014-10-06 22:59:27 -04:00
arielak 03f2d8f8a0 Added service interface for data import/export service and modified AuthenticationHolderEntity and Repository to allow getting all objects 2014-10-06 22:58:26 -04:00
Justin Richer ec8f708472 swapped exception class for existing BeanCreationException, added example flag in config file (commented out) 
closes #528
closes #689
 2014-10-04 14:59:36 -04:00
John Brooks 3e3613f471 Corrected bean setup for checkForHttps case tests. 2014-10-04 11:21:01 -04:00
John Brooks acc4cf16bd Separated checkForHttps cases into separate test methods. 2014-10-04 11:21:01 -04:00
John Brooks cf2837f678 Initialized forceHttps to false. 2014-10-04 11:21:00 -04:00
John Brooks 0461e51ddc Changed parent class from Exception to RuntimeException; added copyright 
language.
 2014-10-04 11:21:00 -04:00
John Brooks e1015e1194 Create flag to force HTTPS of value of issuer on server startup, addresses #528 2014-10-04 11:21:00 -04:00
Justin Richer c683131f12 externalized view name strings and tied them to view beans 2014-09-28 22:25:39 -04:00
Justin Richer a704277652 Removed exceptions from @PostConstruct methods, closes #663 2014-09-28 21:12:46 -04:00
Justin Richer 81634e6165 added API for getting tokens by clientid 2014-09-22 22:55:13 -04:00
Justin Richer 1a79949d51 made user info less transient 2014-09-14 22:03:19 -04:00
James Agnew e0b84069d4 Update to latest spring-security-oauth2 module 2014-08-06 11:12:40 -04:00
Justin Richer 6f2f807b0b [maven-release-plugin] prepare for next development iteration 2014-08-05 21:54:51 -04:00
Justin Richer 93ae1516a5 [maven-release-plugin] prepare release mitreid-connect-1.1.9 2014-08-05 21:54:47 -04:00
Justin Richer b0cce924a2 JsonFileRegisteredClientService now writes out entire client registration to disk, closes #651 2014-08-01 00:01:56 -04:00
Justin Richer 78f3e68e8b update unit test for Windows environment, closes #647 2014-07-31 23:22:06 -04:00
ksahlmann 4ca9a593f5 update nimbus-jose-jwt to 2.26.1 due to base64 encoding issue 2014-07-31 22:08:18 -04:00
Justin Richer 62a43165f0 added json member type checking for json utils, won't die if a string is found where an array was expected 
closes #637
 2014-07-20 09:42:57 -07:00
Justin Richer 325a200f16 added configurable support for different token presentation methods in user info fetcher, closes #632 2014-07-20 09:27:02 -07:00
Justin Richer 1db4227ce5 reformat / reorder 2014-07-20 09:02:42 -07:00
Justin Richer f997049eff key service can now deal with missing 'kid' fields in JWKs 
closes #639
 2014-07-20 08:40:04 -07:00
tsitkov 5c2cb75407 Better test coverage for JWS/EAlgorithmEmbed, JWEEncryptionMethodEmbed 2014-07-16 21:39:13 -04:00
Justin Richer 3412c1877e removed unnecessary unit test 2014-07-02 15:05:37 -04:00
tsitkov e1b4df74f0 Added tests for DefaultJwtEncryptionAndDecryptionService 2014-07-02 14:57:56 -04:00
Justin Richer 5223d88e0a updated unit test to fit new nimbus version 2014-07-02 11:41:38 -04:00
Kristina Sahlmann 7bf8e2ad08 change the OctetSequenceKey constructor in SymmetricCacheService 2014-07-02 11:37:42 -04:00
Kristina Sahlmann 306c8cff17 update nimbus-jose-jwt dependency to 2.26 and fix the affected files 2014-07-02 11:37:42 -04:00
tsitkov 48431fd5c7 Unit test for JWKSetKeyStore class 2014-06-30 13:21:07 -04:00
Justin Richer adf477c64e [maven-release-plugin] prepare for next development iteration 2014-06-18 18:27:27 -04:00
Justin Richer 8d97ed61ec [maven-release-plugin] prepare release mitreid-connect-1.1.8 2014-06-18 18:27:25 -04:00
Justin Richer acf039a1f7 wrapped auth method check, added SECRET_JWT, closes #621 2014-06-18 18:24:05 -04:00
Christopher Elkins a465559ac5 Revert incorrect key-encoding change in SymmetricCacheService 2014-06-18 18:10:33 -04:00
Christopher Elkins 1dc204f975 Validate HMAC-signed ID tokens 2014-06-18 18:10:33 -04:00
tjain 276d846f4c Configuration Property Bean to load the OP wide registration token life 
time
 2014-06-12 19:12:32 -04:00
Justin Richer 71fa796b42 Allow public clients to use token endpoint, closes #611, closes #613 2014-06-09 15:55:06 -04:00
Justin Richer 85acfa90db [maven-release-plugin] prepare for next development iteration 2014-06-04 14:51:32 -04:00
Justin Richer d5e4cb45a2 [maven-release-plugin] prepare release mitreid-connect-1.1.7 2014-06-04 14:51:29 -04:00
Justin Richer 257312d5da made user info interceptor more null safe for client side 2014-05-29 22:15:30 -04:00
Justin Richer 943fae25a1 make user info interceptor more compatible with standalone OIDC client software (with no user info service) 2014-05-29 12:13:38 -04:00
Justin Richer be98b9cd0b [maven-release-plugin] prepare for next development iteration 2014-05-27 14:00:40 -04:00
Justin Richer 8320f0eefe [maven-release-plugin] prepare release mitreid-connect-1.1.6 2014-05-27 14:00:37 -04:00
Justin Richer 0c8cacd59a added missing copyright headers 2014-05-27 13:46:47 -04:00
Justin Richer 525f3aa2a8 Cleaned up indentation, whitespace, and imports. 2014-05-27 13:02:49 -04:00
Justin Richer c34357a433 added resource registration endpoint with basic functionality and specialized tokens 2014-05-26 16:30:24 -04:00
Justin Richer 05e9624ae3 added support for encrypted and symmetrically signed id tokens and user info responses 2014-05-23 21:15:50 -04:00
Justin Richer e4d5f4a540 added system wide cache for all symmetric validators, closes # 557 2014-05-23 16:16:06 -04:00
Justin Richer ca333d256b Appropriately catch runtime exceptions in all guava caches, closes #603 2014-05-23 15:00:40 -04:00
Justin Richer 880014176f [maven-release-plugin] prepare for next development iteration 2014-05-13 18:23:11 -04:00
Justin Richer ca8a003e3d [maven-release-plugin] prepare release mitreid-connect-1.1.5 2014-05-13 18:23:08 -04:00
Alexander Imfeld 7cd36b471f Make introspection endpoint access authorization pluggable. 2014-05-07 16:44:56 +02:00
Justin Richer b8129bf60d [maven-release-plugin] prepare for next development iteration 2014-04-21 19:19:10 -04:00
Justin Richer a9e34ac9bd [maven-release-plugin] prepare release mitreid-connect-1.1.4 2014-04-21 19:19:07 -04:00
Justin Richer 521017c5c2 updated stats service to have a resettable cache triggered by other service events 2014-04-16 21:39:37 -04:00
Justin Richer 26c464e440 fixed bad JPQL in auth holder cleanup class 2014-04-16 21:17:56 -04:00
kangelov 39509bfdc4 Performance improvement of token cleanup: 
an alternative token cleanup mechanism designed to maintain a very compact memory footprint while performing cleanup in consecutive runs of the cleanup thread. This serves to address OutOfMemoryException issues of the original token cleanup mechanism when process is under load. Also, added cleanup of the authentication_holder table.
 2014-04-10 23:38:37 -04:00
Justin Richer aa9a25a2d7 updated to even newer versions of eclipselink and JPA, closes #580 even harder 2014-04-10 21:37:19 -04:00
Justin Richer 8f13410e42 updated JPA and eclipselink to remove eclipselink repository dependency, closes #580 2014-04-10 21:11:54 -04:00
Justin Richer 97cd00e06c [maven-release-plugin] prepare for next development iteration 2014-03-19 21:40:21 -04:00
Justin Richer 23c7cf6996 [maven-release-plugin] prepare release mitreid-connect-1.1.3 2014-03-19 21:40:18 -04:00
Justin Richer ad5ffb64e8 [maven-release-plugin] prepare for next development iteration 2014-03-08 11:17:40 +00:00
Justin Richer 1635cf957d [maven-release-plugin] prepare release mitreid-connect-1.1.2 2014-03-08 11:17:35 +00:00
Justin Richer b67121f0cd added client_secret_jwt auth method support, closes #174 2014-03-04 23:45:36 +00:00
Justin Richer 9395c3802d [maven-release-plugin] prepare for next development iteration 2014-02-10 15:28:14 -05:00
Justin Richer 4f8311962a [maven-release-plugin] prepare release mitreid-connect-1.1.1 2014-02-10 15:28:11 -05:00
Justin Richer 1289d4737a Changed references of DefaultHttpClient to SystemDefaultHttpClient to inherit system proxy settings, should address #548 2014-02-04 10:51:14 -05:00
Justin Richer e9d4acfd03 upgraded nimbus jose jwt library 2014-01-21 20:43:24 -05:00
Justin Richer 11064b540a upgrade guava to 16 2014-01-20 20:53:13 -05:00
Justin Richer 3b52ce8201 happy new year! 2014-01-20 12:38:42 -05:00
Justin Richer ebbc7209aa automated code formatting and cleanup 2013-12-03 14:19:34 -05:00
Justin Richer e1e7f7a579 [maven-release-plugin] prepare for next development iteration 2013-12-02 12:18:11 -05:00
Justin Richer 42fe973f7b [maven-release-plugin] prepare release mitreid-connect-1.1.0 2013-12-02 12:18:08 -05:00
Justin Richer d330bd1c9b cleanup, added revocation uri to server config 2013-11-27 12:23:04 -05:00
Justin Richer a24eadeb11 cleaned up responseType calls, addresses #451 2013-11-27 11:03:15 -05:00
Justin Richer d3dbb00e77 ensure clients and tokens don't get special system scopes, addresses #320 2013-11-27 10:35:56 -05:00
Justin Richer ef01de168d Moved special token scopes to scope service interface 2013-11-27 10:21:52 -05:00
Justin Richer 4f986d6a38 clean up some auto generated functions 2013-11-27 09:57:56 -05:00
Justin Richer 27f391ef01 Fixed compilation errors for SECOAUTH milestone updates 2013-11-25 09:31:50 -05:00
Justin Richer 61f0db20f6 updated to secoauth 2.0.0.M2 2013-11-19 09:46:27 -05:00
Justin Richer 190caee9a1 refactored userinfo serializer 2013-11-18 09:49:23 -05:00
Justin Richer 7a4366c083 collapsed two serialization functions into one 2013-09-26 16:15:30 -04:00
Justin Richer d919e2e330 change from lists to sets 2013-09-26 16:15:11 -04:00
Amanda Anganes 65a7e1d724 Added UserInfo.toJson method; added ScopeClaimTranslationService; rewrote UserInfoSerializer to use both 2013-09-26 12:03:39 -04:00
Amanda Anganes 952acccbf3 Removed address fields 2013-09-26 12:03:39 -04:00
Amanda Anganes 78fa5f9b1d Started to write ScopeClaimTranslationService 2013-09-26 12:03:39 -04:00
Amanda Anganes cb449c25b1 Made a UserInfoSerializer class, attempted to switch UserInfoInterceptor over to use it, but it requires a bad hack. I might be missing something. 2013-09-26 12:03:39 -04:00
Justin Richer 59da1960eb added token_endpoint_auth_signing_alg, addresses #511 
affects #455
 2013-09-26 11:11:09 -04:00
Justin Richer f227724caa dependency juggling 2013-09-24 15:39:25 -04:00
Justin Richer 998b00fd38 moved repo references to parent, added dependencies for webapp 2013-09-24 14:14:42 -04:00
Justin Richer d9ad6d20e8 added spring core, moved servlet and test dependencies up to parent 2013-09-24 14:07:34 -04:00
Justin Richer 38f20afe04 added necessary dependencies to common 2013-09-24 13:50:36 -04:00
Justin Richer 8a5a16f374 refactored project into four modules: 
Common
 Client
 Server Library
 Server Webapp

addresses #367
 2013-09-23 17:19:09 -04:00
Amanda Anganes 47d304851d Created token service for OIDC special tokens; removed creation of id tokens and registration_access_tokens to the new service. 2013-09-17 16:56:46 -04:00
Amanda Anganes 26a7d0b8a8 Fixed typo 2013-09-17 11:03:09 -04:00
Amanda Anganes c98f77c405 Remove @PostConstruct from JWKSetKeyStore 2013-09-17 10:54:19 -04:00
Justin Richer b75d77495a if there's only one key, return it as the default 2013-09-16 17:27:05 -04:00
Justin Richer fb2f2f9792 spelling, property access, and cleanup 2013-09-16 17:27:04 -04:00
Justin Richer 1d0560edbc refactored some json utils to their own static class 2013-09-16 17:27:04 -04:00
Justin Richer aeab1ac3cb added encryption method list to encryption/decryption service 2013-09-16 17:27:04 -04:00
Justin Richer 6605877a1b added encryption/decryption to cached JWK-URI service 2013-09-16 17:27:04 -04:00
Justin Richer 2b0d02dc72 added additional discoverable fields to ServerConfig object 2013-09-16 17:27:04 -04:00
Amanda Anganes 85d9e07a94 Removed @PostConstruct; placed buildSignersAndVerifiers() calls inside both constructors. 2013-09-13 14:44:38 -04:00
Amanda Anganes c22cd62977 Added null check; 2013-09-13 14:44:38 -04:00
Amanda Anganes aecf4958ed Testing removing extra method calls 2013-09-13 14:44:38 -04:00
Justin Richer e67a41c556 added transient passthroughs to JOSE algorithms for client 2013-09-12 14:08:37 -04:00
Justin Richer f9ca15139d added phone-number verified, addresses #505 
affects #455
 2013-09-12 10:19:14 -04:00
Justin Richer 0281cf02fe calculate pairwise based on redirect uri rather than client id 2013-09-11 14:37:17 -04:00
Justin Richer b1a6127d06 added equality checks to data model objects 2013-09-11 11:59:40 -04:00
Justin Richer dbdc2e777d added pairwise identifier service and repository 2013-09-10 17:15:58 -04:00
Justin Richer 914f2e4d93 added new call to get the UserInfo in context with the requesting client to allow for pairwise identifiers. 
temporary implementation of pairwise identifiers in place
 2013-09-10 16:01:17 -04:00
Justin Richer 596b385d2a interceptor shouldn't ever overwrite stuff from the base model 2013-09-10 15:27:04 -04:00
Justin Richer b9da10d176 look up by username instead of subject 2013-09-10 11:39:00 -04:00
Justin Richer 61544ed774 cleanup 2013-09-06 16:07:24 -04:00
Justin Richer 72f0ab631d added transient structured value to system scope, added scope matcher function to scope service 2013-09-06 16:07:24 -04:00
Justin Richer 1ef18a3a93 missed a service definition 2013-09-06 16:07:24 -04:00
Josh Mandel b416888b07 Structured Scopes from BB+ 2013-09-06 16:07:24 -04:00
Justin Richer 0a962e17fa stopgap to prevent some leaks due to #492 2013-08-30 16:38:11 -04:00
Justin Richer 235029ba0e inject user's authorities into javascript context 2013-08-29 16:58:36 -04:00
Justin Richer be6179d1ac inject the current user into the javascript context 2013-08-29 16:44:01 -04:00
William Kim 6276ec8e66 Revert "PlainSigner and PlainVerifier created for alg:none JWS support." 
This reverts commit 30d7aaa66a.
 2013-08-26 15:33:14 -04:00
William Kim 2108311d65 Revert "refactored code to use the more generic JWT declaration." 
This reverts commit e0b56bc72a.
 2013-08-26 15:33:08 -04:00
William Kim 1514b2d2e0 Revert "placeholder" 
This reverts commit d763a954da.
 2013-08-26 15:33:00 -04:00
William Kim dd35dc60df Revert "implemented alg:none at the signing service." 
This reverts commit 02078ebccb.
 2013-08-26 15:32:55 -04:00
William Kim 78559b625a Revert "removed the plain verifer. validating a no-signature is simply handled as a special case in validateSignature(). Also, doing some type safety checks." 
This reverts commit c957d59f7c.
 2013-08-26 15:32:50 -04:00
William Kim 15ec027505 Revert "junit test added for signing service." 
This reverts commit 9f89f84da1.
 2013-08-26 15:32:43 -04:00
William Kim 9f89f84da1 junit test added for signing service. 2013-08-26 14:57:26 -04:00
William Kim c957d59f7c removed the plain verifer. validating a no-signature is simply handled as a special case in validateSignature(). Also, doing some type safety checks. 2013-08-26 14:55:52 -04:00
William Kim 02078ebccb implemented alg:none at the signing service. 2013-08-26 14:21:09 -04:00
William Kim d763a954da placeholder 2013-08-26 11:48:23 -04:00
William Kim e0b56bc72a refactored code to use the more generic JWT declaration. 2013-08-26 11:32:46 -04:00
William Kim 30d7aaa66a PlainSigner and PlainVerifier created for alg:none JWS support. 2013-08-23 14:07:19 -04:00
Justin Richer da915d8b35 explicitly try to initialize the JWK set if it's null by the time the getter is called 2013-08-22 14:08:54 -04:00
Amanda Anganes 0059c7b4cc Use clients preferred algorithm, if any, to sign 2013-08-19 16:33:18 -04:00
Justin Richer a80c19384f added 'use server default' to JOSE options, addresses #462 2013-08-19 15:52:00 -04:00
Justin Richer ba0c3c5d78 id tokens always expire, addresses #416 2013-08-19 12:42:37 -04:00
Justin Richer 21068f57e6 cached jwk services expire after an hour 2013-08-16 12:06:49 -04:00
William Kim 6e2baa3ec4 updated comments for jwe service. 2013-08-08 09:13:54 -04:00
William Kim e1b072c991 Updated nimbusds library version to 2.17.2 and made relevant changes in enc./dec. service and test 2013-08-07 18:07:58 -04:00
William Kim 372675fd2a changed encrypt/decrypt parameter to use JWEObject instead of EncryptedJWT 2013-08-07 18:07:58 -04:00
William Kim f0b77f8614 RSA encryption service tested. 2013-08-07 18:07:58 -04:00
William Kim 3a1c551ff7 implemented symmetric key encryption. 2013-08-07 18:07:58 -04:00
William Kim dfbefe0780 encrypt/decrypt implemented. initial commit for unit testing of jwe service. 2013-08-07 18:07:58 -04:00
William Kim ae6721dd10 jwe service accessor methods and private initializing method done. 2013-08-07 18:07:58 -04:00
William Kim 887338b2d9 jwe service init commit. 2013-08-07 18:07:57 -04:00
Amanda Anganes be97aedbc7 Used Predicates to filter expired tokens and approved sites; 2013-08-06 16:42:49 -04:00
Amanda Anganes b3bb43881d Moved getExpired to service layers 2013-08-06 16:33:27 -04:00
Amanda Anganes eea37cf79c Fixed token expiration bug by removing jsql queries. Instead expired tokens or approved sites are filtered at the repository level 2013-08-06 11:28:13 -04:00
Amanda Anganes 2f711c88a7 Removed nonce service 2013-08-02 10:56:28 -04:00
Amanda Anganes d4fbb4f599 Removed Event class 2013-08-02 10:06:41 -04:00
Justin Richer beaeaa4ccc I can spell "consortium", I promise 2013-07-29 17:40:26 -04:00
Justin Richer b2b6fd6448 further cleanup 2013-07-29 17:00:35 -04:00
Justin Richer 856c0ea0b5 Merge commit '023dd440d4a0e6e59a14c88013837d79a77c74e0' into 1.1-merge 
Conflicts:
	openid-connect-client/pom.xml
	openid-connect-client/src/main/java/org/mitre/oauth2/introspectingfilter/AuthorizationRequestImpl.java
	openid-connect-client/src/main/java/org/mitre/oauth2/introspectingfilter/IntrospectingTokenService.java
	openid-connect-client/src/main/java/org/mitre/oauth2/introspectingfilter/IntrospectionAuthorityGranter.java
	openid-connect-client/src/main/java/org/mitre/oauth2/introspectingfilter/IntrospectionUrlProvider.java
	openid-connect-client/src/main/java/org/mitre/openid/connect/client/OIDCAuthenticationFilter.java
	openid-connect-client/src/main/java/org/mitre/openid/connect/client/OIDCAuthenticationProvider.java
	openid-connect-client/src/main/java/org/mitre/openid/connect/client/keypublisher/ClientKeyPublisher.java
	openid-connect-client/src/main/java/org/mitre/openid/connect/client/keypublisher/ClientKeyPublisherMapping.java
	openid-connect-client/src/main/java/org/mitre/openid/connect/client/keypublisher/JwkViewResolver.java
	openid-connect-client/src/main/java/org/mitre/openid/connect/client/service/AuthRequestUrlBuilder.java
	openid-connect-client/src/main/java/org/mitre/openid/connect/client/service/ClientConfigurationService.java
	openid-connect-client/src/main/java/org/mitre/openid/connect/client/service/impl/StaticClientConfigurationService.java
	openid-connect-client/src/main/java/org/mitre/openid/connect/client/service/impl/StaticServerConfigurationService.java
	openid-connect-client/src/main/java/org/mitre/openid/connect/client/service/impl/StaticSingleIssuerService.java
	openid-connect-client/src/main/java/org/mitre/openid/connect/client/service/impl/ThirdPartyIssuerService.java
	openid-connect-client/src/test/java/org/mitre/openid/connect/client/AbstractOIDCAuthenticationFilterTest.java
	openid-connect-common/pom.xml
	openid-connect-common/src/main/java/org/mitre/jose/keystore/JWKSetKeyStore.java
	openid-connect-common/src/main/java/org/mitre/jwt/signer/service/JwtSigningAndValidationService.java
	openid-connect-common/src/main/java/org/mitre/jwt/signer/service/impl/DefaultJwtSigningAndValidationService.java
	openid-connect-common/src/main/java/org/mitre/jwt/signer/service/impl/JWKSetSigningAndValidationServiceCacheService.java
	openid-connect-common/src/main/java/org/mitre/oauth2/model/AuthorizationCodeEntity.java
	openid-connect-common/src/main/java/org/mitre/oauth2/model/ClientDetailsEntity.java
	openid-connect-common/src/main/java/org/mitre/oauth2/model/OAuth2AccessTokenEntity.java
	openid-connect-common/src/main/java/org/mitre/oauth2/model/OAuth2RefreshTokenEntity.java
	openid-connect-common/src/main/java/org/mitre/oauth2/model/SystemScope.java
	openid-connect-common/src/main/java/org/mitre/oauth2/repository/AuthorizationCodeRepository.java
	openid-connect-common/src/main/java/org/mitre/oauth2/repository/OAuth2TokenRepository.java
	openid-connect-common/src/main/java/org/mitre/oauth2/service/OAuth2TokenEntityService.java
	openid-connect-common/src/main/java/org/mitre/openid/connect/config/ConfigurationPropertiesBean.java
	openid-connect-common/src/main/java/org/mitre/openid/connect/config/ServerConfiguration.java
	openid-connect-common/src/main/java/org/mitre/openid/connect/model/ApprovedSite.java
	openid-connect-common/src/main/java/org/mitre/openid/connect/model/BlacklistedSite.java
	openid-connect-common/src/main/java/org/mitre/openid/connect/model/Event.java
	openid-connect-common/src/main/java/org/mitre/openid/connect/model/OIDCAuthenticationToken.java
	openid-connect-common/src/main/java/org/mitre/openid/connect/model/WhitelistedSite.java
	openid-connect-common/src/main/java/org/mitre/util/jpa/JpaUtil.java
	openid-connect-server/.gitignore
	openid-connect-server/pom.xml
	openid-connect-server/src/main/java/org/mitre/oauth2/repository/impl/JpaAuthorizationCodeRepository.java
	openid-connect-server/src/main/java/org/mitre/oauth2/service/impl/DefaultOAuth2AuthorizationCodeService.java
	openid-connect-server/src/main/java/org/mitre/oauth2/service/impl/DefaultOAuth2ClientDetailsEntityService.java
	openid-connect-server/src/main/java/org/mitre/oauth2/service/impl/DefaultOAuth2ProviderTokenService.java
	openid-connect-server/src/main/java/org/mitre/oauth2/service/impl/DefaultSystemScopeService.java
	openid-connect-server/src/main/java/org/mitre/oauth2/token/ChainedTokenGranter.java
	openid-connect-server/src/main/java/org/mitre/oauth2/token/JwtAssertionTokenGranter.java
	openid-connect-server/src/main/java/org/mitre/oauth2/view/TokenIntrospectionView.java
	openid-connect-server/src/main/java/org/mitre/oauth2/web/IntrospectionEndpoint.java
	openid-connect-server/src/main/java/org/mitre/oauth2/web/OAuthConfirmationController.java
	openid-connect-server/src/main/java/org/mitre/oauth2/web/RevocationEndpoint.java
	openid-connect-server/src/main/java/org/mitre/openid/connect/ConnectOAuth2RequestFactory.java
	openid-connect-server/src/main/java/org/mitre/openid/connect/assertion/JwtBearerAuthenticationProvider.java
	openid-connect-server/src/main/java/org/mitre/openid/connect/assertion/JwtBearerClientAssertionTokenEndpointFilter.java
	openid-connect-server/src/main/java/org/mitre/openid/connect/exception/InvalidJwtSignatureException.java
	openid-connect-server/src/main/java/org/mitre/openid/connect/exception/UnknownUserInfoSchemaException.java
	openid-connect-server/src/main/java/org/mitre/openid/connect/exception/UserNotFoundException.java
	openid-connect-server/src/main/java/org/mitre/openid/connect/repository/impl/JpaApprovedSiteRepository.java
	openid-connect-server/src/main/java/org/mitre/openid/connect/repository/impl/JpaUserInfoRepository.java
	openid-connect-server/src/main/java/org/mitre/openid/connect/service/impl/DefaultApprovedSiteService.java
	openid-connect-server/src/main/java/org/mitre/openid/connect/service/impl/DefaultNonceService.java
	openid-connect-server/src/main/java/org/mitre/openid/connect/service/impl/DefaultStatsService.java
	openid-connect-server/src/main/java/org/mitre/openid/connect/service/impl/DefaultUserInfoUserDetailsService.java
	openid-connect-server/src/main/java/org/mitre/openid/connect/service/impl/DefaultWhitelistedSiteService.java
	openid-connect-server/src/main/java/org/mitre/openid/connect/token/ConnectTokenEnhancer.java
	openid-connect-server/src/main/java/org/mitre/openid/connect/token/TofuUserApprovalHandler.java
	openid-connect-server/src/main/java/org/mitre/openid/connect/view/AbstractClientEntityView.java
	openid-connect-server/src/main/java/org/mitre/openid/connect/view/ClientInformationResponseView.java
	openid-connect-server/src/main/java/org/mitre/openid/connect/view/ExceptionAsJSONView.java
	openid-connect-server/src/main/java/org/mitre/openid/connect/view/JsonEntityView.java
	openid-connect-server/src/main/java/org/mitre/openid/connect/view/JsonErrorView.java
	openid-connect-server/src/main/java/org/mitre/openid/connect/view/POCOUserInfoView.java
	openid-connect-server/src/main/java/org/mitre/openid/connect/view/StatsSummary.java
	openid-connect-server/src/main/java/org/mitre/openid/connect/view/UserInfoView.java
	openid-connect-server/src/main/java/org/mitre/openid/connect/web/ApprovedSiteAPI.java
	openid-connect-server/src/main/java/org/mitre/openid/connect/web/BlacklistAPI.java
	openid-connect-server/src/main/java/org/mitre/openid/connect/web/ClientAPI.java
	openid-connect-server/src/main/java/org/mitre/openid/connect/web/ClientDynamicRegistrationEndpoint.java
	openid-connect-server/src/main/java/org/mitre/openid/connect/web/ManagerController.java
	openid-connect-server/src/main/java/org/mitre/openid/connect/web/RequestObjectAuthorizationEndpoint.java
	openid-connect-server/src/main/java/org/mitre/openid/connect/web/StatsAPI.java
	openid-connect-server/src/main/java/org/mitre/openid/connect/web/UserInfoEndpoint.java
	openid-connect-server/src/main/java/org/mitre/openid/connect/web/UserInfoInterceptor.java
	openid-connect-server/src/main/java/org/mitre/openid/connect/web/WhitelistAPI.java
	openid-connect-server/src/main/webapp/WEB-INF/tags/aboutContent.tag
	openid-connect-server/src/main/webapp/WEB-INF/tags/breadcrumbs.tag
	openid-connect-server/src/main/webapp/WEB-INF/tags/contactContent.tag
	openid-connect-server/src/main/webapp/WEB-INF/tags/copyright.tag
	openid-connect-server/src/main/webapp/WEB-INF/tags/header.tag
	openid-connect-server/src/main/webapp/WEB-INF/tags/landingPageAbout.tag
	openid-connect-server/src/main/webapp/WEB-INF/tags/landingPageContact.tag
	openid-connect-server/src/main/webapp/WEB-INF/tags/landingPageStats.tag
	openid-connect-server/src/main/webapp/WEB-INF/tags/landingPageWelcome.tag
	openid-connect-server/src/main/webapp/WEB-INF/tags/sidebar.tag
	openid-connect-server/src/main/webapp/WEB-INF/tags/statsContent.tag
	openid-connect-server/src/main/webapp/WEB-INF/tags/topbar.tag
	openid-connect-server/src/main/webapp/WEB-INF/views/about.jsp
	openid-connect-server/src/main/webapp/WEB-INF/views/approve.jsp
	openid-connect-server/src/main/webapp/WEB-INF/views/contact.jsp
	openid-connect-server/src/main/webapp/WEB-INF/views/exception/usernotfound.jsp
	openid-connect-server/src/main/webapp/WEB-INF/views/login.jsp
	openid-connect-server/src/main/webapp/WEB-INF/views/manage.jsp
	openid-connect-server/src/main/webapp/WEB-INF/views/stats.jsp
	pom.xml
 2013-07-29 16:21:20 -04:00
Justin Richer 023dd440d4 [maven-release-plugin] prepare for next development iteration 2013-07-29 11:30:08 -04:00
Justin Richer 5e8f93cf15 [maven-release-plugin] prepare release mitreid-connect-1.0.6 2013-07-29 11:30:04 -04:00
Justin Richer e658ffd7fc format/cleanup and copyright 2013-07-29 11:28:51 -04:00
Amanda Anganes 906db0ac86 Opened token api access to all users; restricted to only show currently-logged-in-users tokens 2013-07-29 09:18:08 -04:00
Justin Richer fb448a246a converted test data to map, use new serializer 2013-07-26 12:55:22 -04:00
Justin Richer 8edd6da136 added serializer for non-heirarchical URIs 2013-07-26 12:55:03 -04:00
Justin Richer 5893d8f8f8 fixed up parsing regular expression 2013-07-26 12:54:09 -04:00
William Kim f565688e59 changed name issuer->normalized. the result of normalization is not necessarily the issuer. 2013-07-25 18:12:02 -04:00
William Kim d80aaced9a reorganized test data and test methods. 2013-07-25 17:56:33 -04:00
William Kim 809a243b64 tests for webfinger url normalization. 2013-07-25 15:00:10 -04:00
William Kim eaa7298ef1 init commit for Webfinger normilizer utility class. 2013-07-25 12:15:50 -04:00
Justin Richer 20871852c0 updated dependencies for secoauth 1.1 2013-07-24 09:38:47 -04:00
Amanda Anganes b397f0ae15 First go at adding token API; needs to be tested 2013-07-24 09:14:46 -04:00
Amanda Anganes 88db457fc4 Removed .springBeans from tracking; removed initializingbean in favor of @PostConstruct 2013-07-18 09:34:52 -04:00
Justin Richer a4a18fd54c externalized introspection URL from client's introspecting token service, addresses #435 
added service to parses token as JWT and pulls out issuer to find server
added introspection url to serverconfig object
added introspection parsing (and parse checks) to dynamic server config object
 2013-07-16 17:00:40 -04:00
William Kim aad432c5d7 replaced stracktrace-printing with logger messages. removed some unused imports. 2013-07-16 13:52:32 -04:00
Amanda Anganes 15aea61fbe Applied code cleanup 2013-07-12 16:58:41 -04:00
William Kim e00d696c60 deleted auto-generated TODO. 2013-07-12 11:40:11 -04:00
William Kim e9c246808f only our entity version may be stored in our storage layer. removed TODO. 2013-07-12 11:40:11 -04:00
Justin Richer 0d8c2442d2 [maven-release-plugin] prepare for next development iteration 2013-07-12 10:09:41 -04:00
Justin Richer 9bf5f70957 [maven-release-plugin] prepare release mitreid-connect-1.0.5 2013-07-12 10:09:38 -04:00
William Kim 77be0d0ea8 implemented getExpiresIn() for oauth access token entities. 2013-07-11 15:22:35 -04:00
Amanda Anganes 2d3f43e3b8 Added task scheduling for deleting expired tokens and approved sites. Configuration is all done in application-context.xml so that it is easy to configure 2013-07-10 14:34:37 -04:00
Justin Richer 936f581a0b [maven-release-plugin] prepare for next development iteration 2013-06-28 16:00:52 -04:00
Justin Richer 27edec1a56 [maven-release-plugin] prepare release mitreid-connect-1.0.4 2013-06-28 16:00:46 -04:00
William Kim a668fb964d changed String comparison implementation for better readability 2013-06-28 15:31:50 -04:00
William Kim ab4d1da9d4 added logger warning if issuer url does not use http scheme. 2013-06-28 15:31:50 -04:00
William Kim b438e87f98 passed wire testing and updated unit tests. 2013-06-24 15:09:12 -04:00
William Kim e74444e3d1 addresses issue #366 2013-06-24 15:09:12 -04:00
Amanda Anganes 530c3a75ee Applyed refactoring 2013-06-24 09:44:59 -04:00
William Kim f0f2fbea40 updated secoauth library version in poms 2013-06-21 14:23:58 -04:00
Justin Richer 2b3376e0ed [maven-release-plugin] prepare for next development iteration 2013-06-18 16:13:04 -04:00
Justin Richer 7fe4bc3b56 [maven-release-plugin] prepare release mitreid-connect-1.0.3 2013-06-18 16:12:59 -04:00
William Kim d6109fd1ae explicitly mapped missing JPA columns in common->openid.connect.model #317 2013-06-18 15:19:17 -04:00
William Kim 46641a2fa1 explicitly mapped missing JPA columns in common-oauth2.model #317 2013-06-18 15:19:17 -04:00
Justin Richer c577b691c7 moved OIDC auth token and userinfo interception filter to common package, addresses #353 2013-06-12 14:45:03 -04:00
Justin Richer 6ed7477bc0 added stats to admin UI page, restyled scopes and dynamically registered flags 2013-06-07 18:05:07 -04:00
Justin Richer 567a3314d6 [maven-release-plugin] prepare for next development iteration 2013-06-06 16:05:59 -04:00
Justin Richer 1286726188 [maven-release-plugin] prepare release mitreid-connect-1.0.2 2013-06-06 16:05:52 -04:00
Justin Richer de77f2c75a commentary! 2013-05-31 15:48:56 -04:00
Justin Richer d0eb98b8ff tests for embedded JOSE objects 2013-05-31 15:46:27 -04:00
Justin Richer 8ee299aab3 added tests for ClientDetailsEntity and RegisteredClient data objects 2013-05-31 15:46:27 -04:00
Justin Richer c760ebf4a4 changed expires_at -> client_secret_expires_at, issued_at -> client_id_issued_at 2013-05-31 15:46:27 -04:00
Justin Richer 317526b1ad unit tests for basic data classes 2013-05-29 17:47:04 -04:00
Justin Richer cc1da67639 fixed expires_at property, hid helper functions 2013-05-29 17:46:54 -04:00
Amanda Anganes 3c5025c52b Updated version number for secoauth 2013-05-28 15:38:36 -04:00
Justin Richer 25d75a1b30 [maven-release-plugin] prepare for next development iteration 2013-05-20 17:38:01 -04:00
Justin Richer 5418bdef5a [maven-release-plugin] prepare release mitreid-connect-1.0.1 2013-05-20 17:37:52 -04:00
Justin Richer 81cd13f6d3 added RegisteredClient class to facilitate client configuration and dynamic registration, addresses #335 2013-05-20 17:19:28 -04:00
Justin Richer defa5b8fbc [maven-release-plugin] prepare for next development iteration 2013-05-02 15:01:59 -04:00
Justin Richer dbdc99361e [maven-release-plugin] prepare release mitreid-connect-1.0.0 2013-05-02 15:01:53 -04:00
Justin Richer 1e870703f8 added licence/copyright header 2013-05-02 11:45:20 -04:00
Justin Richer 8afab04544 whitespace, import, brace, annotation, and format cleanups 2013-05-02 10:47:15 -04:00
Justin Richer b8c385e5c9 pom file cleanups 2013-04-29 11:47:15 -04:00
Justin Richer 9b03801f9d [maven-release-plugin] prepare for next development iteration 2013-04-26 13:21:36 -04:00
Justin Richer d76304b9a6 [maven-release-plugin] prepare release mitreid-connect-0.9.3 2013-04-26 13:21:31 -04:00
Amanda Anganes c80b1081cc Cleaning up approvedsite => token linkage 2013-04-24 11:52:03 -04:00
Amanda Anganes 939a801048 Redid approved site -> token mapping so it is unidirectional from ApprovedSite side. Fixed some error logging, added a new view for ApprovedSite which will only show the IDs of the tokens in the approvedTokens list 2013-04-23 17:40:22 -04:00
Amanda Anganes a79aca906e Fixed error logging; added ApprovedSite tracking to tokens 2013-04-22 15:49:06 -04:00
Justin Richer 94aa279290 [maven-release-plugin] prepare for next development iteration 2013-04-19 16:17:53 -04:00
Justin Richer cc92743888 [maven-release-plugin] prepare release mitreid-connect-0.9.2 2013-04-19 16:17:45 -04:00
Justin Richer 7307b4b19d added tostring to system scope to help with debugging 2013-04-19 16:11:42 -04:00
Justin Richer fb859fc39a added client dynamic registration service, extracted clientdetails<->json processing into its own static class 2013-04-19 14:23:11 -04:00
Justin Richer cf39b49657 added registration uri to server config, changed index of client config service to be server config not just issuer 2013-04-19 14:21:53 -04:00
Justin Richer f76f44b999 added dynamic discovery to client 2013-04-16 15:01:08 -04:00
Justin Richer 33af3b1ad6 updated discovery endpoint to latest spec, removed surplus specialized view 2013-04-16 15:00:57 -04:00
Justin Richer ac2993c402 [maven-release-plugin] prepare for next development iteration 2013-04-10 16:12:04 -04:00
Justin Richer f0d75f9144 [maven-release-plugin] prepare release mitreid-connect-0.9.1 2013-04-10 16:11:38 -04:00
Stephen Moore 23c318f6c2 Updating guava to 14.0.1 2013-04-10 15:31:32 -04:00
Justin Richer 86a42ce294 fixed typo for older versions of java/maven 2013-04-09 21:48:23 -04:00
Justin Richer 5f54777109 [maven-release-plugin] prepare for next development iteration 2013-04-03 10:01:58 -04:00
Justin Richer 620a60ddc2 [maven-release-plugin] prepare release mitreid-connect-0.9.0 2013-04-03 10:01:52 -04:00
Justin Richer 54f1ae972b Added properties and updated poms for sync to central 2013-04-02 12:42:40 -04:00
Justin Richer f101dcc512 moved to released version of SECOAUTH 2013-04-01 11:59:40 -04:00
Amanda Anganes 72e2c7cb6c Updated build references 2013-04-01 10:59:25 -04:00
Justin Richer 4538d8fb14 made signing and verification service construction safe for public-only keys 2013-03-28 17:03:18 -04:00
Justin Richer 6cc50e7cd5 switched signing & validation service to use JWK natively for keys 2013-03-28 16:43:26 -04:00
Justin Richer 5a04198eac moved to JPSK based key store 2013-03-28 15:06:30 -04:00
Justin Richer e2ad4d2e8f cleaned up spurious nosuchalgorithm exceptions, addresses #285 2013-03-28 15:06:30 -04:00
Justin Richer 5f7c46aecd updated to nimbus 2.13 2013-03-28 15:06:30 -04:00
Amanda Anganes fcc95f8a0a Moved nonce processing stuff into nonce service and out of ConnectAuthorizationRequestManager 2013-03-22 14:38:37 -04:00
Justin Richer 08eaaa0a12 updated repository to use proper concrete class 2013-03-21 15:20:36 -04:00
Justin Richer 8fccbf3483 added Id field to DefaultUserInfo object, switched "userId" terminology to "subject" 2013-03-20 14:29:00 -04:00
Justin Richer b8d2adcf31 added fixme note to hardcoded JWS algorithm, cleaned up x509 view 2013-03-15 15:01:30 -04:00
Justin Richer f44c704472 major refactor of client filter 
Collapsed filter into single class
pulled server config and client config management into service classes
created service for issuer (will handle account chooser)
created auth request services (handle signed and unsigned requests)
 2013-03-14 18:05:50 -04:00
Justin Richer 6320fce9fd url -> uri in approval page 2013-03-07 10:39:33 -05:00
Justin Richer ad3a22e5d4 changed client defaults for JOSE bits 2013-03-06 15:24:46 -05:00
Justin Richer 87c8672948 nullsafe check for refresh 2013-03-06 11:32:36 -05:00
Justin Richer 217916603f cleaned out broken unit tests -- now we can start fresh 2013-03-06 09:48:04 -05:00
Justin Richer 70b2342864 fixed split client views, fixed typos in various places 2013-03-05 17:26:25 -05:00
Justin Richer 51a7ccc397 entity -> embed 2013-03-05 16:33:13 -05:00
Justin Richer 0d25d4cb17 null-preserving static parsers instead of constructors 2013-03-05 12:10:33 -05:00
Justin Richer 26f03ec070 timestamp for creation date 2013-03-04 16:11:20 -05:00
Justin Richer fc978ac994 made require_auth_time nullable again 2013-03-04 15:44:49 -05:00
Justin Richer bbde2d3b90 todo 2013-03-04 15:06:31 -05:00
Justin Richer db24c203ec added parser to client registration endpoint 2013-03-04 15:01:02 -05:00
Justin Richer 5c044b9eff added extra client fields to DB model, moved services to use new client model object 2013-03-04 14:22:42 -05:00
Justin Richer 3f8d7d70e5 updated client model to match OAuth Dyn Reg and OIDC Reg 2013-03-04 12:48:05 -05:00
Justin Richer 5b9422ffdf cleaned up old unit tests 2013-03-04 11:37:49 -05:00
Justin Richer d7c857b09f switched jwk view to use nimubs 2013-03-01 17:44:44 -05:00
Justin Richer 6c1e6b2d74 refactored signing and validation, added jwk-based cache, removed keyfetcher, refactored client side class structure 2013-03-01 17:44:44 -05:00
Justin Richer 385853fa1f refactored signing and validation, added jwk-based cache, removed keyfetcher, refactored client side class structure 2013-03-01 17:44:44 -05:00
Justin Richer 0712d8c340 updated spring version 2013-03-01 17:42:48 -05:00
Amanda Anganes 60b679e942 First steps towards adding display variables to config bean 2013-02-22 17:10:14 -05:00
Justin Richer a184b79b06 store tokens with .serialize() not .toString() 2013-02-22 12:08:01 -05:00
Justin Richer 970e3f2f79 not entities after all 2013-02-22 12:08:01 -05:00
Justin Richer 3d9ec51eb3 converted client filters to nimbus-jose 2013-02-22 12:08:01 -05:00
Justin Richer 8d8010d90f missed a little bit there 2013-02-22 12:08:01 -05:00
Justin Richer 87fc92f97d extra constructors for algorithm wrappers 2013-02-22 12:08:01 -05:00
Justin Richer e5732da857 added system default signing algorithm, converted token provider and enhancer to use nimbus-jose 2013-02-22 12:08:01 -05:00
Justin Richer 10ab55a7e2 moved jwk/x509 publishing over to nimbus-jose (mostly) 2013-02-22 12:08:01 -05:00
Justin Richer fca30cd13f added provisions to bootstrap signing and validation service from config files 2013-02-22 12:08:01 -05:00
Justin Richer 520f55f960 reinstated signing and validation service 2013-02-22 12:08:01 -05:00
Justin Richer 46a3e70377 removed idtoken class, removed all jwe/jwt tests 2013-02-22 12:08:01 -05:00
Justin Richer d00b351f32 moved token classes to use Nimbus-JOSE 2013-02-22 12:08:01 -05:00
Justin Richer 1f50945831 added wrapper classes for JWE/JWS algorithms, switched client entity model to use and store them. 2013-02-22 12:08:01 -05:00
Justin Richer 6dc9020a31 deleted local JOSE implementation classes 2013-02-22 12:08:01 -05:00
Justin Richer d0fdf8140e sorting on approval page 2013-02-05 15:47:32 -05:00
Justin Richer eb4773ce46 beginning dynamic scopes on auth page 2013-02-05 11:28:39 -05:00
Justin Richer c2b9fd4db1 system scope ordering consistency 2013-02-05 11:11:41 -05:00
Justin Richer cab36a2b80 added appropriate filterered and transformative actions to scope service 2013-02-03 22:04:55 -05:00
Justin Richer ab35186696 added scope service, repository, and API 2013-02-03 22:02:24 -05:00
Justin Richer 19e7b62a42 removed persistence.xml and moved to pure spring-based config, addresses #194 2013-02-03 22:02:23 -05:00
Justin Richer a3619240e6 added site scope 2013-02-03 22:02:23 -05:00
Justin Richer f0ee36dad2 auth_type -> auth_method (addresses #258) 2013-01-18 18:26:55 -05:00
Justin Richer e4284353e8 added azp, addresses #247 2013-01-18 18:09:32 -05:00
Justin Richer da43ba4d55 audience field is now plural 2013-01-18 17:59:46 -05:00
Justin Richer 27a26e0a35 (user_id/prn) -> sub 2013-01-18 16:40:05 -05:00
Justin Richer 0ab4ad4bbe added "birthdate", addresses #253 2013-01-18 15:38:41 -05:00
Justin Richer a6806255b8 use sign-magnatude not twos-complement in key parsing 2013-01-18 15:10:48 -05:00
Justin Richer e8095bab26 principal and audience are different (I thought I fixed this??) 2013-01-18 15:10:48 -05:00
Justin Richer c946a84b09 adapted keyfetcher to be more general 2013-01-18 15:06:00 -05:00
Amanda Anganes a4637ec395 Fleshed out nonce service classes, added code to token service impl to check for and store nonces. Added JodaTime library for working with dates. 2013-01-04 15:30:24 -05:00
Amanda Anganes c7ae315e98 Added initial files for nonce service. Repository and service impls are stubs 2013-01-04 15:30:24 -05:00
Justin Richer 18ddd8333f added flag to allow introspection, relaxed same-client restrictions on introspection and chained tokens 2012-12-18 11:07:24 -05:00
Justin Richer 51b67ebc03 added queries to get access token from id token 2012-12-14 17:35:20 -05:00
Justin Richer b49c6571e8 fixed empty constructor of id token, fixed bug in copy constructor of claimset 2012-12-14 17:35:20 -05:00
Justin Richer 6344a72519 missed a few applicationName references, fixed API JSON rendering 2012-12-11 15:16:18 -05:00
Justin Richer 33ceedb283 added scope and grant_type, switched to timeunit 2012-12-11 12:11:09 -05:00
Justin Richer e2bc15c2b2 beginning of client registration refactor to track IETF dynreg spec 2012-12-10 17:36:33 -05:00
Justin Richer 0659432561 removed builder 2012-12-10 17:16:57 -05:00