17411f59e7
Check for suspended clients before issuing new AT
2024-03-14 11:48:11 +00:00
19243821ed
Fix Charset to UTF-8 used by token value hash function ( #11 )
2024-01-24 12:05:23 +01:00
29ec962d01
Removed AT expiration in case of infinite token
...
Bump version to 1.3.6-cnaf-20231129
2023-12-01 10:34:07 +01:00
20a9ed1a1a
Always set access token exp claim
...
It follows RFC https://datatracker.ietf.org/doc/html/rfc9068
Bumped MitreID version 1.3.6.cnaf-20230914
2023-09-14 12:21:43 +02:00
521019fed8
Use unencoded hash function and bump version to v1.3.6.cnaf.20230726
2023-07-26 10:55:10 +01:00
8cbb974e09
Use Guava libraries to compute token value hash
2023-07-13 22:47:07 +02:00
1329edd6ae
Merge remote-tracking branch 'origin/issue/iam-579' into v1.3.6
2023-07-12 19:20:11 +02:00
d58c826937
Merge pull request #4 from indigo-iam/merge-remote
...
Merge updates from source repo into our development branch
2023-07-12 19:12:01 +02:00
66caae9589
Merge remote-tracking branch 'mitre/master' into merge-remote
2023-07-12 18:46:54 +02:00
bd24a3b85d
Clear access tokens in one query
2023-07-12 16:44:32 +02:00
f86ab09f65
Fix query name
2023-06-16 17:50:28 +02:00
b72baa335f
Change query in order to search by AT value hash
...
instead of AT value
2023-06-16 17:34:59 +02:00
6906f616e2
Upgrade to Java 11 and Spring 5
2021-12-18 22:30:43 +00:00
5b96fb6512
Fix date format
2021-10-25 18:06:42 +02:00
85891ecd39
Removed obsolete tests
2021-10-25 17:55:28 +02:00
12bfab4f55
MitreID code compiles against latest Spring libraries
2021-10-25 17:13:07 +02:00
699669977b
Make client details service transactional
...
This fixes transaction management errors observed when deleting
dynamically registered clients from the client management API.
2021-08-03 11:43:45 +02:00
7eba3c12fe
Fix Spring Autobinding vulnerability
...
1. Make authorizationRequest no longer affected by http request parameters due to @ModelAttribute. See http://agrrrdog.blogspot.com/2017/03/autobinding-vulns-and-spring-mvc.html
2021-02-18 16:13:36 -05:00
be8f32452e
Propagate refresh token request to token enhancer
2020-01-19 21:22:20 +01:00
9d0967f529
Enable audience handling in IAM for refresh token flow
2020-01-15 21:50:34 +01:00
2c48a4625c
Fix scope checking in refresh token flow
2020-01-15 16:33:16 +01:00
caa687f979
Improved DI for client validator
2019-10-04 13:09:07 +02:00
846727e9b3
Move dyn client validation to dedicated service
...
Which allows easier overriding for integrations
2019-10-04 07:40:16 +02:00
9683cd6158
Fix device code timeout setting for dynreg clients
2019-07-05 06:53:07 +02:00
ae7debba2f
added refresh_token into grant_types_supported
2019-03-07 12:14:30 -05:00
e3392dd759
Merge upstream 1.3.5 with our local changes
2019-02-22 19:20:50 +01:00
0ba26c1c03
inthemerge
2018-11-28 14:38:27 +01:00
676451c73d
fix bug #1397 Attempting to execute an operation on a closed EntityManager.
2018-06-21 10:05:49 +08:00
ea6960e66a
Merge pull request #1259 from sbke/patch-1
...
Adjustment to generate longer codes
2018-05-03 14:48:52 -04:00
dd922b4cf7
Merge pull request #1378 from ketola/fetch-tokens-by-sub
...
Fetch tokens by user name
2018-05-03 14:44:51 -04:00
938d7e00c2
Merge branch 'ondrejvelisek/verification-uri-complete'
...
Closes #1386
2018-05-03 14:39:23 -04:00
a596cc1fd4
Made full URLs for device flow switchable server-wide instead of per-client
2018-05-03 14:37:50 -04:00
7ad29ae9c6
Revert "Add possibility to disable verification_uri_complete per client"
...
This reverts commit dae674af67
2018-05-03 13:59:38 -04:00
dae674af67
Add possibility to disable verification_uri_complete per client
2018-05-01 13:46:23 +02:00
67c87d56a6
Add support for verification_uri_complete
2018-05-01 10:45:49 +02:00
2eb5d1b3e2
Set device code validity in seconds for dynreg clients
2018-04-27 19:35:03 +02:00
fe000d91cb
undid autoformatting again
2018-04-23 14:30:43 -04:00
011bf8adb8
addressed review feedback
2018-04-23 14:29:38 -04:00
0ee4ee2f58
undid some autoformatting changes
2018-04-21 13:22:17 -04:00
0b531a0fd3
fixed an issue where missing locales would generate a lot of ERROR level log messages
2018-04-21 13:19:44 -04:00
f09efec031
dynreg: filter requested grant types
...
This commit introduces filtering on requested grant types for
dynamically registered clients.
Since extension on the library could support additional grant types,
here we want to be strict about known grant types that cannot be
requested at dynamic client registration (or update) time, but at the
same time we want to preserve grant types that could have been granted
to a client by an administrator.
So at client registration time the list of requested grant types is
filtered to only allow grant types currently enabled for dynamically
registered clients.
OTOH, at client update time the same filtering is implemented while at
the same time preserving grant types assigned the client in other ways.
2018-04-12 15:24:52 +02:00
e6a8e0c17d
Integration tests for new repository methods
2018-04-11 13:16:28 +03:00
a070f61edf
Clean up code in modified classes, remove line breaks, add static imports
2018-04-06 09:12:47 +03:00
51b580aa18
Use 'userName' instead of 'sub' in naming
2018-04-06 08:55:06 +03:00
3f277047e3
Use query by user sub to get all tokens for user
2018-04-06 08:47:37 +03:00
417a6b7c74
Removed some line breaks and auto generated comments for consistency
2018-04-05 19:29:54 +03:00
bf8149605a
Create queries for getting access and refresh tokens by user sub
2018-04-05 19:25:23 +03:00
3c2549faf2
Cosmetic fix on DefaultIdTokenClaimsEnhancer
2018-02-26 16:45:27 +01:00
f6e6954450
Include additional claims in ID token
...
Read https://github.com/indigo-iam/iam/issues/202
2018-02-26 10:35:43 +01:00
e2d94f422a
new year 2018
2018-02-12 10:39:04 -05:00
Manoj Garai