960319b796
improved logging configuration, removed transactional from service
2014-05-25 15:38:44 -04:00
85fd4e71ce
typo in error message
2014-05-25 15:37:58 -04:00
2af51dc77a
better URI check for prompt filter short circuit
2014-05-25 14:24:25 -04:00
6d5a967d8a
fixed client editor lazy loading
2014-05-25 07:58:25 -04:00
f4a1a2acff
fixed prompt filter coding error
2014-05-24 23:16:29 -04:00
73b00905bb
cleaned up UI components for client creation (fixed defaults and loading)
2014-05-24 22:13:00 -04:00
89d55e3d33
added support for default max auth age and require auth time, made prompt filter only work on authorization endpoint
2014-05-24 22:12:41 -04:00
5c6e75bd53
cleaned up UI for client editing
2014-05-24 20:56:54 -04:00
05e9624ae3
added support for encrypted and symmetrically signed id tokens and user info responses
2014-05-23 21:15:50 -04:00
ffe1b29906
Added Signed JWT support to UserInfo endpoint response, closes #593
2014-05-23 19:15:03 -04:00
27e68f1d56
added service to optionally check "target_uri" links, closes #547
2014-05-23 16:50:18 -04:00
e4d5f4a540
added system wide cache for all symmetric validators, closes # 557
2014-05-23 16:16:06 -04:00
ca333d256b
Appropriately catch runtime exceptions in all guava caches, closes #603
2014-05-23 15:00:40 -04:00
df9c9747ce
more reasonable check for whether or not a user auth is present, addresses #602
2014-05-23 11:49:51 -04:00
4e890a4d7d
enforce clients using a redirect flow have at least one redirect uri registered when using dynamic registration, made error handling more consistent across all APIs
...
closes #596
2014-05-21 18:29:51 -04:00
c38761cc23
fix dynamic registration of public clients
2014-05-21 18:00:54 -04:00
a225b00920
added null check and permissions check to ID token generation, closes #602
2014-05-21 17:45:25 -04:00
fa418402de
externalized application CSS, closes #221
...
added favicon, cleaned up header and footer code
2014-05-21 17:14:43 -04:00
880014176f
[maven-release-plugin] prepare for next development iteration
2014-05-13 18:23:11 -04:00
ca8a003e3d
[maven-release-plugin] prepare release mitreid-connect-1.1.5
2014-05-13 18:23:08 -04:00
dcf36234c4
moved CSRF generator to request parser instead of confirmation controller
2014-05-13 09:48:34 -04:00
a253ebc908
added CSRF protection to approval page
2014-05-13 09:27:02 -04:00
fcfbf1080f
renamed auth request variable
2014-05-13 09:26:27 -04:00
7cd36b471f
Make introspection endpoint access authorization pluggable.
2014-05-07 16:44:56 +02:00
4b697ba909
webfinger checks host on acct: URIs, closes #404
2014-04-25 21:21:00 -04:00
b6304e268a
blacklist control uses URI model, closes #423
2014-04-25 21:09:30 -04:00
37af569890
cleaned up unintentional pom version override
2014-04-25 20:59:35 -04:00
761d015bf7
made all placeholder URLs https
2014-04-25 20:59:17 -04:00
3b59e7ff48
Make placeholder dynreg URLs use "https://"
2014-04-25 10:17:48 -07:00
b8129bf60d
[maven-release-plugin] prepare for next development iteration
2014-04-21 19:19:10 -04:00
a9e34ac9bd
[maven-release-plugin] prepare release mitreid-connect-1.1.4
2014-04-21 19:19:07 -04:00
84f1fe631b
clean up time display
2014-04-19 08:42:26 -04:00
376403fa4a
account for registration time in approval page, closes #550
2014-04-19 07:28:20 -04:00
90b10d7bad
Added Getter/Setter for IntospectionAuthorityGranter. Still defaults to SimpleIntrospectionAuthorityGranter
2014-04-18 23:06:06 -04:00
1d2f968bd1
configuration cleanup, closes #568
2014-04-18 22:11:58 -04:00
318a28ddf8
added stats mock to unit tests
2014-04-16 22:05:03 -04:00
521017c5c2
updated stats service to have a resettable cache triggered by other service events
2014-04-16 21:39:37 -04:00
7f310400b1
simple cache for stats
2014-04-16 21:18:12 -04:00
26c464e440
fixed bad JPQL in auth holder cleanup class
2014-04-16 21:17:56 -04:00
39509bfdc4
Performance improvement of token cleanup:
...
an alternative token cleanup mechanism designed to maintain a very compact memory footprint while performing cleanup in consecutive runs of the cleanup thread. This serves to address OutOfMemoryException issues of the original token cleanup mechanism when process is under load. Also, added cleanup of the authentication_holder table.
2014-04-10 23:38:37 -04:00
fcb3ccb0ff
fixed subjectType typo, closes #579
2014-04-10 23:03:01 -04:00
265624b285
a fix for a NullPointerException whenever a client requests a client scope to be granted.
2014-04-10 22:41:20 -04:00
41e76fd6c9
fixed an incorrect name to one of the fields in the underlying model causing errors once a user logs in.
2014-04-10 22:39:31 -04:00
d59d0d41e9
extracted JPA configuration, closes #569
2014-04-10 22:02:58 -04:00
aa9a25a2d7
updated to even newer versions of eclipselink and JPA, closes #580 even harder
2014-04-10 21:37:19 -04:00
78ae6ff322
fix JS errors in scope management page
2014-04-10 21:36:10 -04:00
292b160918
fixed icons on scope page
2014-04-10 21:16:31 -04:00
8f13410e42
updated JPA and eclipselink to remove eclipselink repository dependency, closes #580
2014-04-10 21:11:54 -04:00
79bd7e420c
made scope handling consistent for introspection services (now a space-separated string), closes #570
2014-04-03 22:47:28 -04:00
c6eea670c8
fixed lazy loading in self-service, closes #571
2014-04-03 22:44:06 -04:00
Justin Richer