1116 Commits (98ace5c9fbab87f08fb8a45ea217b133ddb1551d)

Author	SHA1	Message	Date
arielak	98ace5c9fb	Separated date formatting and parsing functions to DateUtil class. Modified how timezone is printed to workaround Java date formatting issue. ... Conflicts: openid-connect-server/src/main/java/org/mitre/openid/connect/service/impl/MITREidDataService_1_0.java	2014-10-06 23:28:20 -04:00
Justin Richer	1fbdd240f1	made binary encode/decode null safe	2014-10-06 23:25:48 -04:00
arielak	a8377513a6	Fixed reading/writing of approved access tokens	2014-10-06 22:59:27 -04:00
arielak	0320bae15c	Fixed netbeans copyright weirdness	2014-10-06 22:59:27 -04:00
arielak	dcf66fadc4	Added support for 1.1 config import/export, and separated common functions into 1_X abstract class	2014-10-06 22:59:27 -04:00
arielak	ad841a03df	Added support for whitelisted and blacklisted site export	2014-10-06 22:59:27 -04:00
arielak	8495617aed	Added support for whitelisted and blacklisted site import from a 1.0 config	2014-10-06 22:59:27 -04:00
arielak	16f15cc3c8	NPE fix	2014-10-06 22:59:27 -04:00
arielak	6333b1e4b1	Re-enabled reading of system scopes. Added 1.1 data export functionality	2014-10-06 22:59:27 -04:00
arielak	d5551e9692	Added services for data import/export and modified JpaAuthenticationHolderEntity and Repository to allow getting all objects	2014-10-06 22:58:26 -04:00
Justin Richer	c683131f12	externalized view name strings and tied them to view beans	2014-09-28 22:25:39 -04:00
Justin Richer	9e88a62479	moved the API endpoints, made resource tokens accessible too	2014-09-22 23:38:12 -04:00
Justin Richer	6d80a00d65	import cleanup	2014-09-22 23:04:23 -04:00
Justin Richer	81634e6165	added API for getting tokens by clientid	2014-09-22 22:55:13 -04:00
Justin Richer	dee78c130c	fixed missing null check in request object parser	2014-08-25 22:48:42 -04:00
James Agnew	e0b84069d4	Update to latest spring-security-oauth2 module	2014-08-06 11:12:40 -04:00
Justin Richer	6f2f807b0b	[maven-release-plugin] prepare for next development iteration	2014-08-05 21:54:51 -04:00
Justin Richer	93ae1516a5	[maven-release-plugin] prepare release mitreid-connect-1.1.9	2014-08-05 21:54:47 -04:00
Justin Richer	39c50b76f4	added null checks to endpoint auth method switches, closes #652	2014-07-31 23:05:17 -04:00
Justin Richer	8768188133	makes the grant types checker softer, closes #640	2014-07-19 23:54:02 -07:00
Justin Richer	9666404d54	added "none" to discovery endpoint	2014-07-16 23:48:18 -04:00
Justin Richer	7476edb310	added unsigned ID token support to server	2014-07-16 22:29:13 -04:00
Justin Richer	538c4031bb	added in better default checks for content negotiation	2014-07-02 16:01:26 -04:00
Justin Richer	078bf5e464	combine HTTP content negotiation with client preferences for user info endpoint	2014-06-28 23:44:37 -04:00
Justin Richer	1de2a61176	made accept header optional for user info request	2014-06-28 22:20:05 -04:00
Justin Richer	04acc21eea	removed injection of admin email address from client API, will happen browser-side now	2014-06-26 13:00:36 -04:00
Justin Richer	adf477c64e	[maven-release-plugin] prepare for next development iteration	2014-06-18 18:27:27 -04:00
Justin Richer	8d97ed61ec	[maven-release-plugin] prepare release mitreid-connect-1.1.8	2014-06-18 18:27:25 -04:00
Justin Richer	5773fe195b	set proper content type on user info JWT response	2014-06-18 18:05:11 -04:00
Justin Richer	5f97ce0ca1	fixed error code string	2014-06-18 14:50:17 -04:00
Justin Richer	6589cd717d	disallow fragments in redirect uris for dynamic clients, closes #622	2014-06-18 14:49:29 -04:00
Justin Richer	4e52543091	more properly respond to some client registration errors	2014-06-18 14:45:55 -04:00
Justin Richer	c493f438e7	applied token rotation to protected resources	2014-06-12 19:37:50 -04:00
Justin Richer	f4edd3164f	made timeout field optional, tokens don't expire in the default case	2014-06-12 19:37:32 -04:00
Trilok Jain	4e09ec687b	Registration Token regeneration - when they are beyond their lifetime ... (in read/update calls)	2014-06-12 19:12:32 -04:00
Trilok Jain	ed3e6a2814	https://github.com/mitreid-connect/OpenID-Connect-Java-Spring-Server/issues/431: ... Generating a new registration access token on read/update call and revoking the token issued earlier.	2014-06-12 19:12:32 -04:00
Justin Richer	a106121af3	created blacklist aware redirect resolver and wired it in, closes #549	2014-06-10 16:29:45 -04:00
Justin Richer	a97f3e2d65	don't throw away creation time on protected resource update (oops)	2014-06-09 20:22:58 -04:00
Justin Richer	e0fe22e4ba	don't regenerate client secrets every single time	2014-06-09 20:20:36 -04:00
Justin Richer	53148f2c87	better auth method checking in dynamic registration and resource registration	2014-06-09 17:41:27 -04:00
Justin Richer	f15b4a0f74	resource registration returned the wrong URL	2014-06-09 17:41:01 -04:00
Justin Richer	47cc005fe5	more sanity checking for client secrets	2014-06-09 16:06:57 -04:00
Justin Richer	cac645484f	client API now generates client secret only for clients that require a client secret	2014-06-09 16:00:55 -04:00
Justin Richer	52e53ba219	extracted validation exception, refactored protected resource registration endpoint to use this format	2014-06-06 11:13:41 -04:00
Justin Richer	b7a8bbdddc	cleanup, error wrappers on protected resource registration	2014-06-06 10:58:40 -04:00
Justin Richer	deaccf437e	refactored dynamic registration endpoint's checks for client consistency	2014-06-06 10:18:40 -04:00
Justin Richer	04f7a698ea	added response type consistency checking, closes #430	2014-06-05 19:41:06 -04:00
Justin Richer	32101ff7b2	added parsing checks, fixed inverted logic, cleaned up redundant settings, closes #597	2014-06-05 19:06:03 -04:00
Justin Richer	ab083c0963	added checks to dynamic registration endpoint that disallow registration of multiple incompatible grant types	2014-06-05 17:16:35 -04:00
Justin Richer	cdd23df7ee	token introspection now returns user "sub" when available in addition to "user_id", closes #507 (might cause incompatibility problems)	2014-06-04 17:27:38 -04:00