github
/
OpenID-Connect-Java-Spring-Server
mirror of https://github.com/mitreid-connect/OpenID-Connect-Java-Spring-Server
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
2,782 Commits
17 Branches
69 Tags
78 MiB
Commit Graph

416 Commits (8b6cbe4fe197a07c2d2fda9c3fc90eb8a39690eb)

Author SHA1 Message Date
Julian Schlichtholz c3d0c18af5 make HttpClient configurable, closes #1071 2016-12-02 16:23:55 -05:00
Oleksandr Shpota 476ec872ff Fixed NPE in case if algorithm is not specified 2016-12-02 16:13:26 -05:00
Sofia Ang d361f01999 Fix such that the OAuth2Authentication returned would have a `null` userAuthentication if `user_id` is not found during introspection 
`sub` cannot be used to create the user authentication because it may not necessarily refer to the user. Instead if may refer to the client
if the access token happens to be client-only.
 2016-12-02 16:08:32 -05:00
Justin Richer 74d34ab744 null-safe target link filter 2016-10-10 15:32:53 -04:00
Justin Richer d0056ae882 added target link URI capability to webfinger issuer service 2016-10-10 15:32:32 -04:00
Marco Caberletti 8c5f34a979 Merge remote-tracking branch 'upstream/master' into devel 2016-07-28 10:23:24 +02:00
Justin Richer 82c313f036 added PKCE support to client 2016-07-27 20:31:14 -04:00
Justin Richer c31f42c3f3 updated versions to 1.3 2016-07-05 14:39:22 -04:00
Marco Caberletti 641699cd99 Bumped to custom version 1.2.7.cnaf-SNAPSHOT. 
Fix getAdditionalInformation() method.
 2016-05-30 14:13:23 +02:00
Justin Richer 58724aa6dc [maven-release-plugin] prepare for next development iteration 2016-04-06 16:33:45 -04:00
Justin Richer 29c9ee2c46 [maven-release-plugin] prepare release mitreid-connect-1.2.6 2016-04-06 16:33:42 -04:00
Justin Richer d0d6ae2ad8 [maven-release-plugin] prepare for next development iteration 2016-02-23 19:02:05 -05:00
Justin Richer 7f5b70e9e1 [maven-release-plugin] prepare release mitreid-connect-1.2.5 2016-02-23 19:02:02 -05:00
Justin Richer 82a1e49e79 [maven-release-plugin] prepare for next development iteration 2016-01-21 15:55:56 -05:00
Justin Richer e6684fb7a8 [maven-release-plugin] prepare release mitreid-connect-1.2.4 2016-01-21 15:55:53 -05:00
Justin Richer 7badfe1d17 Happy new year 2016! 2016-01-21 15:50:37 -05:00
Justin Richer e828f3f18d [maven-release-plugin] prepare for next development iteration 2015-12-21 10:31:49 -05:00
Justin Richer 01ca5ef8e2 [maven-release-plugin] prepare release mitreid-connect-1.2.3 2015-12-21 10:31:47 -05:00
Justin Richer 8294dbedd5 handled HTTP and parsing errors, fixed guava cache contract, fixes #372 2015-12-18 17:42:15 -05:00
Justin Richer b3486c31a0 added cache to user info fetcher, closes #833 2015-12-18 16:30:03 -05:00
Justin Richer 7f464c496b changed copyright to new consortium name 2015-12-16 14:51:12 -05:00
Mark Janssen 4f9ea0b474 Improve state handling in handleAuthorizationCodeResponse 
Fail fast when there is no state in session, e.g. because the session
cookie was removed.

Resolves #949
 2015-11-23 21:34:35 -05:00
Mark Janssen a3d01727f9 Make FILTER_PROCESSES_URL public 
Currently hardcoded in the filter and the client's Spring Security config; would be nicer to reference the value instead.

c5e70ebd5c/src/main/webapp/WEB-INF/spring/appServlet/servlet-context.xml (L54)
 2015-11-23 21:03:08 -05:00
Justin Richer 2deec98b58 [maven-release-plugin] prepare for next development iteration 2015-10-13 18:56:47 -04:00
Justin Richer d96b2dc130 [maven-release-plugin] prepare release mitreid-connect-1.2.2 2015-10-13 18:56:44 -04:00
Justin Richer 6129cfa61a added scope-based authorities granter for introspections services, closes #835 2015-10-13 18:51:21 -04:00
Justin Richer ebb4f2c3d4 Upgraded to nimbus 4.2, closes #934 2015-10-13 04:40:01 -04:00
Justin Richer 98e1d26134 limited when login_hint is sent to the server, closes #963 2015-10-12 17:56:31 -04:00
Justin Richer 8b362f23f3 [maven-release-plugin] prepare for next development iteration 2015-10-02 18:53:48 -04:00
Justin Richer e384a6257b [maven-release-plugin] prepare release mitreid-connect-1.2.1 2015-10-02 18:53:45 -04:00
Justin Richer acb3d03052 added 'kid' to all signed tokens, closes #899 2015-10-01 18:54:38 -04:00
Justin Richer 48bc26901a added JTI to client auth 2015-10-01 18:54:15 -04:00
Bernd Frey 9fe98e0132 OIDCAuthenticationFilter: Make authenticationSignerService optional so 
it must not be provided in Spring config

OIDCAuthenticationProvider: Setter for UserInfoFetcher, so own
implementation can be wired

UserInfoFetcher: Call to DefaultUserInfo.fromJson moved to method, so it
can be overwritten by own implementation to use own UserInfo
implementation
 2015-08-21 17:33:23 -04:00
Justin Richer 22c05ec51b [maven-release-plugin] prepare for next development iteration 2015-08-05 12:07:47 -04:00
Justin Richer e6b64cd9cd [maven-release-plugin] prepare release mitreid-connect-1.2.0 2015-08-05 12:07:44 -04:00
Justin Richer 489450b1c2 automated code format cleanup 2015-08-05 12:04:14 -04:00
Justin Richer 15c2b57730 [maven-release-plugin] prepare for next development iteration 2015-07-30 14:00:20 -04:00
Justin Richer 8317c759f1 [maven-release-plugin] prepare release mitreid-connect-1.2.0-RC2 2015-07-30 14:00:18 -04:00
Justin Richer a4e75ed733 [maven-release-plugin] prepare for next development iteration 2015-07-09 18:29:14 -04:00
Justin Richer 58a47d0e46 [maven-release-plugin] prepare release mitreid-connect-1.2.0-RC1 2015-07-09 18:29:12 -04:00
Justin Richer 3c297ba18f collapsed error clause 2015-07-08 14:35:45 -04:00
Justin Richer 42b93be492 added uri-encoded client service, closes #857 2015-07-07 17:55:56 -04:00
Justin Richer 667c766273 reverted over-reaching check on webfinger fetcher 2015-07-03 20:16:32 -04:00
Justin Richer d2a393f7f9 converted error handlers to a single @ControllerAdvice class, closes #788 2015-06-24 17:26:10 -04:00
Justin Richer 7df3597757 split client's auth token into pending and authorized classes 2015-06-24 16:00:40 -04:00
Justin Richer b4520c170e ID Token carried through as parsed JWT instead of string, closes #832 2015-06-24 16:00:40 -04:00
Justin Richer f4a1b27e2e better handling of HTTP and JSON errors on network fetches, added http-forcing behavior for webfinger client and sector URL service 2015-06-23 22:21:18 -04:00
Justin Richer 9ae92b983a added http and json error handling to webfinger service 2015-06-23 21:50:16 -04:00
Justin Richer c166cbe49c added login hint capability to client library 2015-06-23 21:21:41 -04:00
Stephen Moore a259841eaf Added getters and setters to IntrospectingTokenService 
Fixed TokenCacheObject constructor for setting TCO's expire time
 2015-06-09 13:37:07 -04:00
Stephen Moore 698fe55b85 IntrospectingTokenService now takes parameters (cacheTokens, cacheNonExpiringTokens, defaultExpireTime, forceCacheExpireTime) to change the behavior or even disable the caching of responses from the IntrospectionEndpoint. 2015-06-04 16:33:37 -04:00
Mark Janssen 9e74e40453 Use diamond syntax instead of explicit types 2015-06-03 10:24:48 -04:00
Mark Janssen 13f5e4f8a6 Collapse identical catch branches 2015-06-03 10:24:48 -04:00
Mark Janssen 6dc2b2cb5e Various small improvements/bugfixes 2015-06-03 10:24:41 -04:00
William Kim 54fbf0d0ac Added null check for expiration during introspection. Making assumption that null exp means tokens dont expire. 2015-06-03 09:57:22 -04:00
Justin Richer d1e8529a7b expose ID Token and UserInfo to the AuthoritiesProvider and AuthoritiesMapper, both extensible 
closes #699
closes #761
 2015-06-01 21:11:19 -04:00
Mark Janssen effe955953 Fix blacklist/whitelist for DynamicRegistrationClientConfigurationService 
ClientConfigurationService#getClientConfiguration has ServerConfiguration as parameter, not String
 2015-05-28 17:05:55 -04:00
Justin Richer caf85b990d Revert "added option to send skip sending nonce if desired, closes #704, closes #683," 
This reverts commit bbeaeb06e3.

Conflicts:
	openid-connect-client/src/main/java/org/mitre/openid/connect/client/OIDCAuthenticationFilter.java
	openid-connect-common/src/main/java/org/mitre/openid/connect/config/ServerConfiguration.java
 2015-05-28 16:44:26 -04:00
Justin Richer d32118d017 Revert "added unit tests for nonce-less url builders (exception cases)" 
This reverts commit ada1b0d24e.

Conflicts:
	openid-connect-client/src/test/java/org/mitre/openid/connect/client/service/impl/TestPlainAuthRequestUrlBuilder.java
 2015-05-28 16:41:24 -04:00
Justin Richer 0d6775dfa8 made auth request url builder handle multiple keys 2015-05-22 13:04:21 -04:00
Justin Richer da72ce02ad added token endpoint options to client filter, closes #803 2015-05-13 16:53:35 -04:00
Justin Richer 617d485478 updated all references to media types to use constants instead of literals, closes #767 2015-03-11 12:06:38 -04:00
Justin Richer c09b63c69f made logger declarations consistent across project, closes #780 2015-03-08 21:56:33 -04:00
Justin Richer 7a1480bb07 moved and consolidated json utilities 2015-02-26 16:20:01 -05:00
Justin Richer b376bc6059 removed some vestigial service/repository calls, closes #513 2015-02-17 16:22:40 -05:00
Justin Richer 05f03f7c90 yet more year updates 2015-02-17 13:09:45 -05:00
Justin Richer 994ce6c743 consistently named JOSE-based classes, closes #529 2015-02-17 12:11:58 -05:00
Justin Richer 685960358c formatting cleanup 2015-02-17 11:08:46 -05:00
Justin Richer e2349984b8 happy new year 2015! 2015-02-17 10:24:08 -05:00
Justin Richer 70779a69ea reorganized dependency management section, managed cross-module dependencies, updated Nimbus JWT library 2015-02-16 14:45:13 -05:00
Justin Richer 587d4b2db6 further pom file cleanup 2015-02-16 14:24:48 -05:00
Justin Richer a9544059cf flagged spurious serialization warnings from the libraries (we're not actually serializing things here) 2015-02-16 12:31:43 -05:00
Justin Richer 77c06e9557 replaced deprecated http components calls, closes #744 2015-02-16 12:31:16 -05:00
Justin Richer 3708b531df moved requirement to different component, closes #759 
also cleaned up comments in filter
 2015-02-16 11:16:24 -05:00
Justin Richer ada1b0d24e added unit tests for nonce-less url builders (exception cases) 2014-12-19 20:55:40 -05:00
Justin Richer bbeaeb06e3 added option to send skip sending nonce if desired, closes #704, closes #683, 2014-12-18 23:22:59 -05:00
William Kim 9aa45f8efb Made the constructor public for OIDCAuthentication filter. 2014-12-18 20:55:15 -05:00
Justin Richer 69c19d35fa moved test into test package 2014-11-13 22:17:45 -10:00
Justin Richer 775b77b367 updated date format of token introspection response, closes #719 2014-11-13 11:08:20 -10:00
Justin Richer e6d10b67a4 update to Spring 4 and other related libraries 2014-11-10 18:29:54 -10:00
Justin Richer bc9942e929 relaxed issuer constraints in client, closes #638 2014-11-01 23:46:57 +00:00
Justin Richer 3f5e2acfeb if no alg is explicitly set, use the default from the signer 2014-10-23 22:09:02 -04:00
David Steinkopff 659880b4dc fix broken dependency declaration, that follow up to org.springframework.beans.NotWritablePropertyException: Invalid property 'jwkKeyList' of bean class exception 2014-10-14 20:30:50 -04:00
Justin Richer db052f11ca Moved development branch to 1.2 2014-10-07 21:02:07 -04:00
Justin Richer 134909a82f import cleanup 2014-10-07 19:40:38 -04:00
Justin Richer c683131f12 externalized view name strings and tied them to view beans 2014-09-28 22:25:39 -04:00
Justin Richer a704277652 Removed exceptions from @PostConstruct methods, closes #663 2014-09-28 21:12:46 -04:00
Justin Richer 6f2f807b0b [maven-release-plugin] prepare for next development iteration 2014-08-05 21:54:51 -04:00
Justin Richer 93ae1516a5 [maven-release-plugin] prepare release mitreid-connect-1.1.9 2014-08-05 21:54:47 -04:00
Justin Richer b0cce924a2 JsonFileRegisteredClientService now writes out entire client registration to disk, closes #651 2014-08-01 00:01:56 -04:00
Brenden Keyes 863dbd17b8 Added setClientConfigurationService method. 2014-07-31 22:26:04 -04:00
Justin Richer 325a200f16 added configurable support for different token presentation methods in user info fetcher, closes #632 2014-07-20 09:27:02 -07:00
Justin Richer c7a6c4fafe added support for unsigned ID tokens in client, use client configuration to turn this on, closes #633 2014-07-16 22:18:07 -04:00
Kristina Sahlmann 306c8cff17 update nimbus-jose-jwt dependency to 2.26 and fix the affected files 2014-07-02 11:37:42 -04:00
Justin Richer adf477c64e [maven-release-plugin] prepare for next development iteration 2014-06-18 18:27:27 -04:00
Justin Richer 8d97ed61ec [maven-release-plugin] prepare release mitreid-connect-1.1.8 2014-06-18 18:27:25 -04:00
Justin Richer 9f9b49fc63 refactored validator checks to cascade better, throw an authentication exception if we can't find a validator for the ID Token 2014-06-18 18:17:14 -04:00
Christopher Elkins 1dc204f975 Validate HMAC-signed ID tokens 2014-06-18 18:10:33 -04:00
Justin Richer 85acfa90db [maven-release-plugin] prepare for next development iteration 2014-06-04 14:51:32 -04:00
Justin Richer d5e4cb45a2 [maven-release-plugin] prepare release mitreid-connect-1.1.7 2014-06-04 14:51:29 -04:00