1116 Commits (9c732fd1cd8284aea8824ac196b2bd187d096a57)

Author	SHA1	Message	Date
Justin Richer	9c732fd1cd	Ported date format changes from 1.0.x	2014-10-07 16:20:01 -04:00
arielak	01448d99c1	Separated date formatting and parsing functions to DateUtil class. Modified how timezone is printed to workaround Java date formatting issue. ... Conflicts: openid-connect-server/src/main/java/org/mitre/openid/connect/service/impl/MITREidDataService_1_0.java	2014-10-07 16:20:01 -04:00
Justin Richer	44715bd230	made binary encode/decode null safe	2014-10-07 16:20:01 -04:00
arielak	274b3dae18	Fixed reading/writing of approved access tokens	2014-10-07 16:20:00 -04:00
arielak	500b13f374	Fixed netbeans copyright weirdness	2014-10-07 16:20:00 -04:00
arielak	a444850898	Added support for 1.1 config import/export, and separated common functions into 1_X abstract class	2014-10-07 16:20:00 -04:00
arielak	cc8718c83d	Added support for whitelisted and blacklisted site export	2014-10-07 16:20:00 -04:00
arielak	a44e5e22fe	Added support for whitelisted and blacklisted site import from a 1.0 config	2014-10-07 16:20:00 -04:00
arielak	942696c99f	NPE fix	2014-10-07 16:20:00 -04:00
arielak	b677b96595	Re-enabled reading of system scopes. Added 1.1 data export functionality	2014-10-07 16:20:00 -04:00
arielak	e2119884a5	Added services for data import/export and modified JpaAuthenticationHolderEntity and Repository to allow getting all objects	2014-10-07 16:20:00 -04:00
Justin Richer	b617fe0c4b	externalized view name strings and tied them to view beans	2014-10-07 16:19:59 -04:00
Justin Richer	f18f1701a3	moved the API endpoints, made resource tokens accessible too	2014-10-07 16:19:59 -04:00
Justin Richer	71da72de81	import cleanup	2014-10-07 16:19:59 -04:00
Justin Richer	9fcc5077ca	added API for getting tokens by clientid	2014-10-07 16:19:59 -04:00
Justin Richer	9ebeeb4b79	fixed missing null check in request object parser	2014-10-07 16:19:58 -04:00
Justin Richer	6f2f807b0b	[maven-release-plugin] prepare for next development iteration	2014-08-05 21:54:51 -04:00
Justin Richer	93ae1516a5	[maven-release-plugin] prepare release mitreid-connect-1.1.9	2014-08-05 21:54:47 -04:00
Justin Richer	39c50b76f4	added null checks to endpoint auth method switches, closes #652	2014-07-31 23:05:17 -04:00
Justin Richer	8768188133	makes the grant types checker softer, closes #640	2014-07-19 23:54:02 -07:00
Justin Richer	9666404d54	added "none" to discovery endpoint	2014-07-16 23:48:18 -04:00
Justin Richer	7476edb310	added unsigned ID token support to server	2014-07-16 22:29:13 -04:00
Justin Richer	538c4031bb	added in better default checks for content negotiation	2014-07-02 16:01:26 -04:00
Justin Richer	078bf5e464	combine HTTP content negotiation with client preferences for user info endpoint	2014-06-28 23:44:37 -04:00
Justin Richer	1de2a61176	made accept header optional for user info request	2014-06-28 22:20:05 -04:00
Justin Richer	04acc21eea	removed injection of admin email address from client API, will happen browser-side now	2014-06-26 13:00:36 -04:00
Justin Richer	adf477c64e	[maven-release-plugin] prepare for next development iteration	2014-06-18 18:27:27 -04:00
Justin Richer	8d97ed61ec	[maven-release-plugin] prepare release mitreid-connect-1.1.8	2014-06-18 18:27:25 -04:00
Justin Richer	5773fe195b	set proper content type on user info JWT response	2014-06-18 18:05:11 -04:00
Justin Richer	5f97ce0ca1	fixed error code string	2014-06-18 14:50:17 -04:00
Justin Richer	6589cd717d	disallow fragments in redirect uris for dynamic clients, closes #622	2014-06-18 14:49:29 -04:00
Justin Richer	4e52543091	more properly respond to some client registration errors	2014-06-18 14:45:55 -04:00
Justin Richer	c493f438e7	applied token rotation to protected resources	2014-06-12 19:37:50 -04:00
Justin Richer	f4edd3164f	made timeout field optional, tokens don't expire in the default case	2014-06-12 19:37:32 -04:00
Trilok Jain	4e09ec687b	Registration Token regeneration - when they are beyond their lifetime ... (in read/update calls)	2014-06-12 19:12:32 -04:00
Trilok Jain	ed3e6a2814	https://github.com/mitreid-connect/OpenID-Connect-Java-Spring-Server/issues/431: ... Generating a new registration access token on read/update call and revoking the token issued earlier.	2014-06-12 19:12:32 -04:00
Justin Richer	a106121af3	created blacklist aware redirect resolver and wired it in, closes #549	2014-06-10 16:29:45 -04:00
Justin Richer	a97f3e2d65	don't throw away creation time on protected resource update (oops)	2014-06-09 20:22:58 -04:00
Justin Richer	e0fe22e4ba	don't regenerate client secrets every single time	2014-06-09 20:20:36 -04:00
Justin Richer	53148f2c87	better auth method checking in dynamic registration and resource registration	2014-06-09 17:41:27 -04:00
Justin Richer	f15b4a0f74	resource registration returned the wrong URL	2014-06-09 17:41:01 -04:00
Justin Richer	47cc005fe5	more sanity checking for client secrets	2014-06-09 16:06:57 -04:00
Justin Richer	cac645484f	client API now generates client secret only for clients that require a client secret	2014-06-09 16:00:55 -04:00
Justin Richer	52e53ba219	extracted validation exception, refactored protected resource registration endpoint to use this format	2014-06-06 11:13:41 -04:00
Justin Richer	b7a8bbdddc	cleanup, error wrappers on protected resource registration	2014-06-06 10:58:40 -04:00
Justin Richer	deaccf437e	refactored dynamic registration endpoint's checks for client consistency	2014-06-06 10:18:40 -04:00
Justin Richer	04f7a698ea	added response type consistency checking, closes #430	2014-06-05 19:41:06 -04:00
Justin Richer	32101ff7b2	added parsing checks, fixed inverted logic, cleaned up redundant settings, closes #597	2014-06-05 19:06:03 -04:00
Justin Richer	ab083c0963	added checks to dynamic registration endpoint that disallow registration of multiple incompatible grant types	2014-06-05 17:16:35 -04:00
Justin Richer	cdd23df7ee	token introspection now returns user "sub" when available in addition to "user_id", closes #507 (might cause incompatibility problems)	2014-06-04 17:27:38 -04:00