Commit Graph

544 Commits (93a91c8f848179fcc34347d129fdc8fc665f6016)

Author SHA1 Message Date
Justin Richer 99bf19e21b removed policy uri from data model 2015-02-23 13:51:52 -05:00
Justin Richer e7bf75e9a4 moved and consolidated json utilities 2015-02-23 13:43:08 -05:00
Justin Richer 90a7304b4e resource set registration endpoint and service shells 2015-02-23 11:43:05 -05:00
Justin Richer 8992841ffa added missing copyright 2015-02-23 11:33:20 -05:00
Justin Richer 071ea579a3 added resource set class 2015-02-23 11:28:21 -05:00
Justin Richer b670f44138 added UMA to version number 2015-02-19 17:55:25 -05:00
Justin Richer 593fac83cf scopes can now be set as "restricted" instead of needing to be set "allowDynReg", closes #747 2015-02-17 18:25:52 -05:00
Justin Richer b376bc6059 removed some vestigial service/repository calls, closes #513 2015-02-17 16:22:40 -05:00
Justin Richer cef6cf17b6 externalized a number of strings, closes #385 2015-02-17 14:39:15 -05:00
Justin Richer 05f03f7c90 yet more year updates 2015-02-17 13:09:45 -05:00
Justin Richer 994ce6c743 consistently named JOSE-based classes, closes #529 2015-02-17 12:11:58 -05:00
Justin Richer 685960358c formatting cleanup 2015-02-17 11:08:46 -05:00
Justin Richer e2349984b8 happy new year 2015! 2015-02-17 10:24:08 -05:00
Justin Richer cc02f8fbe8 pluralized post-logout redirect URI on client, closes #654 2015-02-16 16:43:34 -05:00
Justin Richer bedc101637 import cleanup 2015-02-16 15:02:34 -05:00
Justin Richer 587d4b2db6 further pom file cleanup 2015-02-16 14:24:48 -05:00
Justin Richer 377d8cb884 moved dependency version management to parent pom, closes #666 2015-02-16 13:51:25 -05:00
Justin Richer ef3a696972 removed getBySubject and getAll from user info repository and service layers, closes #760 2015-02-16 11:08:07 -05:00
Justin Richer d25602fbe7 created a locale resolved tied in with the existing server configuration bean, removed locale interceptor (it doesn't work with fixed resolvers), cleaned up comments and files 2015-02-16 10:12:27 -05:00
Justin Richer 6c88d7c54b removed old owner_id field, closes #636 2015-01-17 08:18:36 -05:00
Charif Belhaffef e8015051d2 add @Transient to function getAuthorizedGrantTypes() so it does not persist 2015-01-14 07:09:34 -05:00
Justin Richer c6c09b9c6c made default user info parser more robust against null values 2015-01-07 18:23:20 -05:00
Justin Richer bbeaeb06e3 added option to send skip sending nonce if desired, closes #704, closes #683, 2014-12-18 23:22:59 -05:00
Justin Richer 0e776762c2 set up data API for 1.2 format (currently the same as 1.1 format) 2014-11-15 19:59:47 -10:00
Justin Richer c600787f1c added key id to id token, closes #725 2014-11-12 16:22:10 -10:00
Justin Richer d87bdb2120 added ROLE_CLIENT to assertion client authentication, cleaned up roles on client secret authentication, closes #728, closes #401 2014-11-12 16:03:06 -10:00
Justin Richer b50facd4c2 explicitly added Jackson2 to support secoauth serialization, added string converter to work with our API 2014-11-11 00:17:03 -10:00
Justin Richer e6d10b67a4 update to Spring 4 and other related libraries 2014-11-10 18:29:54 -10:00
Justin Richer f0e2fc6700 make user info classes serializable, closes #714 2014-10-23 23:30:34 -04:00
Justin Richer a59fe0604e generate random fake password for private key clients and shared secret crypto clients to avoid accidentally using client secret authentication and bypassing authentication, closes #715 2014-10-23 21:53:32 -04:00
Alexander Imfeld 9dfac35912 Introduce introspection result assembler to allow for customized introspection results 2014-10-14 21:06:09 -04:00
Pascal Bruckert bf00c1f5e0 update spring-security-oauth2 2.0.3 , closes #663 2014-10-14 20:48:34 -04:00
Justin Richer db052f11ca Moved development branch to 1.2 2014-10-07 21:02:07 -04:00
Justin Richer 134909a82f import cleanup 2014-10-07 19:40:38 -04:00
Justin Richer 1e71749c23 added more generic rotation capability 2014-10-07 19:40:38 -04:00
arielak 8495617aed Added support for whitelisted and blacklisted site import from a 1.0 config 2014-10-06 22:59:27 -04:00
arielak 03f2d8f8a0 Added service interface for data import/export service and modified AuthenticationHolderEntity and Repository to allow getting all objects 2014-10-06 22:58:26 -04:00
Justin Richer ec8f708472 swapped exception class for existing BeanCreationException, added example flag in config file (commented out)
closes #528
closes #689
2014-10-04 14:59:36 -04:00
John Brooks 3e3613f471 Corrected bean setup for checkForHttps case tests. 2014-10-04 11:21:01 -04:00
John Brooks acc4cf16bd Separated checkForHttps cases into separate test methods. 2014-10-04 11:21:01 -04:00
John Brooks cf2837f678 Initialized forceHttps to false. 2014-10-04 11:21:00 -04:00
John Brooks 0461e51ddc Changed parent class from Exception to RuntimeException; added copyright
language.
2014-10-04 11:21:00 -04:00
John Brooks e1015e1194 Create flag to force HTTPS of value of issuer on server startup, addresses #528 2014-10-04 11:21:00 -04:00
Justin Richer c683131f12 externalized view name strings and tied them to view beans 2014-09-28 22:25:39 -04:00
Justin Richer a704277652 Removed exceptions from @PostConstruct methods, closes #663 2014-09-28 21:12:46 -04:00
Justin Richer 81634e6165 added API for getting tokens by clientid 2014-09-22 22:55:13 -04:00
Justin Richer 1a79949d51 made user info less transient 2014-09-14 22:03:19 -04:00
James Agnew e0b84069d4 Update to latest spring-security-oauth2 module 2014-08-06 11:12:40 -04:00
Justin Richer 6f2f807b0b [maven-release-plugin] prepare for next development iteration 2014-08-05 21:54:51 -04:00
Justin Richer 93ae1516a5 [maven-release-plugin] prepare release mitreid-connect-1.1.9 2014-08-05 21:54:47 -04:00
Justin Richer b0cce924a2 JsonFileRegisteredClientService now writes out entire client registration to disk, closes #651 2014-08-01 00:01:56 -04:00
Justin Richer 78f3e68e8b update unit test for Windows environment, closes #647 2014-07-31 23:22:06 -04:00
ksahlmann 4ca9a593f5 update nimbus-jose-jwt to 2.26.1 due to base64 encoding issue 2014-07-31 22:08:18 -04:00
Justin Richer 62a43165f0 added json member type checking for json utils, won't die if a string is found where an array was expected
closes #637
2014-07-20 09:42:57 -07:00
Justin Richer 325a200f16 added configurable support for different token presentation methods in user info fetcher, closes #632 2014-07-20 09:27:02 -07:00
Justin Richer 1db4227ce5 reformat / reorder 2014-07-20 09:02:42 -07:00
Justin Richer f997049eff key service can now deal with missing 'kid' fields in JWKs
closes #639
2014-07-20 08:40:04 -07:00
tsitkov 5c2cb75407 Better test coverage for JWS/EAlgorithmEmbed, JWEEncryptionMethodEmbed 2014-07-16 21:39:13 -04:00
Justin Richer 3412c1877e removed unnecessary unit test 2014-07-02 15:05:37 -04:00
tsitkov e1b4df74f0 Added tests for DefaultJwtEncryptionAndDecryptionService 2014-07-02 14:57:56 -04:00
Justin Richer 5223d88e0a updated unit test to fit new nimbus version 2014-07-02 11:41:38 -04:00
Kristina Sahlmann 7bf8e2ad08 change the OctetSequenceKey constructor in SymmetricCacheService 2014-07-02 11:37:42 -04:00
Kristina Sahlmann 306c8cff17 update nimbus-jose-jwt dependency to 2.26 and fix the affected files 2014-07-02 11:37:42 -04:00
tsitkov 48431fd5c7 Unit test for JWKSetKeyStore class 2014-06-30 13:21:07 -04:00
Justin Richer adf477c64e [maven-release-plugin] prepare for next development iteration 2014-06-18 18:27:27 -04:00
Justin Richer 8d97ed61ec [maven-release-plugin] prepare release mitreid-connect-1.1.8 2014-06-18 18:27:25 -04:00
Justin Richer acf039a1f7 wrapped auth method check, added SECRET_JWT, closes #621 2014-06-18 18:24:05 -04:00
Christopher Elkins a465559ac5 Revert incorrect key-encoding change in SymmetricCacheService 2014-06-18 18:10:33 -04:00
Christopher Elkins 1dc204f975 Validate HMAC-signed ID tokens 2014-06-18 18:10:33 -04:00
tjain 276d846f4c Configuration Property Bean to load the OP wide registration token life
time
2014-06-12 19:12:32 -04:00
Justin Richer 71fa796b42 Allow public clients to use token endpoint, closes #611, closes #613 2014-06-09 15:55:06 -04:00
Justin Richer 85acfa90db [maven-release-plugin] prepare for next development iteration 2014-06-04 14:51:32 -04:00
Justin Richer d5e4cb45a2 [maven-release-plugin] prepare release mitreid-connect-1.1.7 2014-06-04 14:51:29 -04:00
Justin Richer 257312d5da made user info interceptor more null safe for client side 2014-05-29 22:15:30 -04:00
Justin Richer 943fae25a1 make user info interceptor more compatible with standalone OIDC client software (with no user info service) 2014-05-29 12:13:38 -04:00
Justin Richer be98b9cd0b [maven-release-plugin] prepare for next development iteration 2014-05-27 14:00:40 -04:00
Justin Richer 8320f0eefe [maven-release-plugin] prepare release mitreid-connect-1.1.6 2014-05-27 14:00:37 -04:00
Justin Richer 0c8cacd59a added missing copyright headers 2014-05-27 13:46:47 -04:00
Justin Richer 525f3aa2a8 Cleaned up indentation, whitespace, and imports. 2014-05-27 13:02:49 -04:00
Justin Richer c34357a433 added resource registration endpoint with basic functionality and specialized tokens 2014-05-26 16:30:24 -04:00
Justin Richer 05e9624ae3 added support for encrypted and symmetrically signed id tokens and user info responses 2014-05-23 21:15:50 -04:00
Justin Richer e4d5f4a540 added system wide cache for all symmetric validators, closes # 557 2014-05-23 16:16:06 -04:00
Justin Richer ca333d256b Appropriately catch runtime exceptions in all guava caches, closes #603 2014-05-23 15:00:40 -04:00
Justin Richer 880014176f [maven-release-plugin] prepare for next development iteration 2014-05-13 18:23:11 -04:00
Justin Richer ca8a003e3d [maven-release-plugin] prepare release mitreid-connect-1.1.5 2014-05-13 18:23:08 -04:00
Alexander Imfeld 7cd36b471f Make introspection endpoint access authorization pluggable. 2014-05-07 16:44:56 +02:00
Justin Richer b8129bf60d [maven-release-plugin] prepare for next development iteration 2014-04-21 19:19:10 -04:00
Justin Richer a9e34ac9bd [maven-release-plugin] prepare release mitreid-connect-1.1.4 2014-04-21 19:19:07 -04:00
Justin Richer 521017c5c2 updated stats service to have a resettable cache triggered by other service events 2014-04-16 21:39:37 -04:00
Justin Richer 26c464e440 fixed bad JPQL in auth holder cleanup class 2014-04-16 21:17:56 -04:00
kangelov 39509bfdc4 Performance improvement of token cleanup:
an alternative token cleanup mechanism designed to maintain a very compact memory footprint while performing cleanup in consecutive runs of the cleanup thread. This serves to address OutOfMemoryException issues of the original token cleanup mechanism when process is under load. Also, added cleanup of the authentication_holder table.
2014-04-10 23:38:37 -04:00
Justin Richer aa9a25a2d7 updated to even newer versions of eclipselink and JPA, closes #580 even harder 2014-04-10 21:37:19 -04:00
Justin Richer 8f13410e42 updated JPA and eclipselink to remove eclipselink repository dependency, closes #580 2014-04-10 21:11:54 -04:00
Justin Richer 97cd00e06c [maven-release-plugin] prepare for next development iteration 2014-03-19 21:40:21 -04:00
Justin Richer 23c7cf6996 [maven-release-plugin] prepare release mitreid-connect-1.1.3 2014-03-19 21:40:18 -04:00
Justin Richer ad5ffb64e8 [maven-release-plugin] prepare for next development iteration 2014-03-08 11:17:40 +00:00
Justin Richer 1635cf957d [maven-release-plugin] prepare release mitreid-connect-1.1.2 2014-03-08 11:17:35 +00:00
Justin Richer b67121f0cd added client_secret_jwt auth method support, closes #174 2014-03-04 23:45:36 +00:00
Justin Richer 9395c3802d [maven-release-plugin] prepare for next development iteration 2014-02-10 15:28:14 -05:00
Justin Richer 4f8311962a [maven-release-plugin] prepare release mitreid-connect-1.1.1 2014-02-10 15:28:11 -05:00