441b19f0c5
fixed data export to comply with new auth holder
2015-05-26 22:00:21 -04:00
a7905c9f82
only save strings in the Extensions map
2015-05-26 22:00:20 -04:00
cb8abca0f6
removed embedded JOSE classes in favor of converters
2015-05-22 13:04:21 -04:00
6be2b4f65e
added ES* and PS* support for signed objects
2015-05-22 13:04:21 -04:00
04dc037f9e
fixed unit tests to account for refresh token rotation
2015-05-14 11:17:10 -04:00
aeed2fa003
issue new refresh tokens for clients who are configured for it, closes #408
2015-05-13 18:01:49 -04:00
31d5e3ad0e
echo back requested scopes in error thrown by validator, closes #708
2015-05-13 16:55:28 -04:00
52b1bda8d8
version match and cleanup
2015-05-12 21:00:44 -04:00
24a464e142
put in a dummy resource set service so that introspection can pass through
2015-05-12 20:30:05 -04:00
a2edb31753
moved UMA server to its own module
2015-05-12 15:59:03 -04:00
7188a06488
added deletion functionality to UI
2015-05-12 11:16:51 -04:00
43a432eb9a
removed extraneous TODO
2015-05-12 10:31:22 -04:00
ed7799b54a
make RPTs optionally expire, closes #794
2015-05-11 19:00:26 -04:00
e0cdeb3571
inject uma token service
2015-05-11 18:20:57 -04:00
fc64dcc9b9
discovery endpoint cleanup
2015-05-11 15:34:50 -04:00
f4f08d9449
RPT endpoint cleanup
2015-05-11 15:28:09 -04:00
1f083c7acb
extracted RPT generation component to new token service class, closes #797
2015-05-11 15:20:26 -04:00
0ea06f01b8
moved claims processor to the right package
2015-05-11 15:07:56 -04:00
53d4f15923
shuffle authz endpoint
2015-05-11 14:56:55 -04:00
7951ff5086
separated claims processing out into its own service, closes #796
2015-05-11 14:44:21 -04:00
8d5c7d6226
fixed some rogue documentation
2015-05-11 13:03:17 -04:00
afad3a720b
Merge branch 'master' into uma
...
* master:
added strict URI matching option to redirect resolver (off by default)
2015-05-11 12:33:05 -04:00
e155cdc282
added strict URI matching option to redirect resolver (off by default)
2015-05-09 16:37:11 -04:00
06f7dc984d
switched to view constants
2015-04-12 21:20:10 -05:00
d6dfa89533
check client information on delete of resource set
2015-04-12 21:15:03 -05:00
7273b0a5b7
fixed discovery endpoint information, closes #805
2015-04-12 17:00:46 -05:00
eb49d9624c
inject claims from OIDC auth token into permission ticket
2015-03-31 18:21:34 -04:00
98cd5ba27d
added save to permission ticket system
2015-03-31 18:21:14 -04:00
08413302eb
configured OIDC client on claims collection endpoint
2015-03-31 15:35:20 -04:00
f48049be4d
deny tickets with no claims required (closes a race condition)
2015-03-31 10:26:06 -04:00
dc10779abb
removed extraneous issuer in discovery endpoint, closes #793
2015-03-31 10:10:14 -04:00
a38a0b6f75
removed extraneous bob
2015-03-30 18:19:13 -04:00
6e095e3266
can now add and remove email address claims from the UI
2015-03-30 17:54:16 -04:00
687517d7f4
Merge branch 'master' into claims-editing-ui
2015-03-30 12:21:59 -04:00
d015d17fad
search for local users first (by email), then check remote users
2015-03-30 12:20:19 -04:00
348ff7ee17
made webfinger endpoint search by email address, then by username
2015-03-30 12:18:50 -04:00
5aa5cc1a10
added search by email to user info data stack
2015-03-30 12:18:50 -04:00
e89d8cd985
added webfinger lookup helper service
2015-03-30 11:49:49 -04:00
394785b9c4
don't give resource sets default client scopes
2015-03-30 09:57:10 -04:00
7af19dbd61
added copyright text
2015-03-30 08:44:51 -04:00
3e931c68b4
added policy editing overview page
2015-03-20 17:27:10 -04:00
5698393d31
created claims API
2015-03-19 16:44:34 -04:00
bde03411f1
Merge branch 'master' into uma
2015-03-18 21:42:26 -04:00
006a4d1ec6
fixed import function of 1.2 data service
2015-03-18 21:42:18 -04:00
6f149cba69
Merge branch 'master' into uma
2015-03-18 20:10:19 -04:00
30e894a64a
put 'kid' into JWS header, closes #784
2015-03-18 20:09:06 -04:00
866186f611
pointed data API at the correct service version
2015-03-18 19:54:42 -04:00
6daeeefb33
augmented introspection unit tests with one for new permissions mode
2015-03-18 08:45:05 -04:00
9f913244a0
fixed unit tests for introspection results
2015-03-18 08:00:18 -04:00
7df31f1e87
completed rudimentary UMA authorization API.
...
Working: resource set registration, permission ticket creation, RPT creation from ticket
Still missing: adding required claims to resource set, adding provided claims to permission ticket
2015-03-17 22:26:12 -04:00
1be9da52c6
separated ticket object from permission object to facilitate re-use of permission object with tokens
2015-03-17 21:16:29 -04:00
f123366069
added scope filtering to protection api
2015-03-17 19:43:02 -04:00
ff958e20b6
basic authorization support
2015-03-17 19:21:20 -04:00
098519da5e
added OAuth2 error reporting to permission and resource set endpoints
2015-03-17 19:01:44 -04:00
2aadb09f49
started claims service, added expiration to permissions
2015-03-16 22:52:21 -04:00
c234f78dbd
Merge branch 'master' into authorization-api
2015-03-13 19:08:14 -04:00
5873b336f2
fixed erroneous import
2015-03-13 19:07:27 -04:00
8352145d82
Merge branch 'master' into authorization-api
...
Conflicts:
openid-connect-common/src/main/java/org/mitre/oauth2/service/SystemScopeService.java
openid-connect-server-webapp/src/main/webapp/WEB-INF/application-context.xml
openid-connect-server/src/main/java/org/mitre/discovery/web/DiscoveryEndpoint.java
openid-connect-server/src/main/java/org/mitre/oauth2/web/IntrospectionEndpoint.java
openid-connect-server/src/main/java/org/mitre/openid/connect/web/ClientAPI.java
openid-connect-server/src/test/java/org/mitre/oauth2/service/impl/TestDefaultIntrospectionAuthorizer.java
2015-03-13 18:39:26 -04:00
ba51df0c37
consolidated client credential filter beans
...
(note: imports magic from secoauth)
2015-03-13 18:30:09 -04:00
4f12fab56b
made unused auth codes expired (they're still single-use), refactored auth code service layer
2015-03-13 13:45:49 -04:00
2abcd96bbe
set fallback locale to English, ultimate fall through is to return the code string itself
2015-03-12 17:28:27 -04:00
285ad71874
made input reader use UTF8, imported the first set of Swedish text to the JSON format
2015-03-12 17:07:08 -04:00
80605becf1
rudimentary json-based message source
2015-03-12 15:26:23 -04:00
e1fb8272cc
redirect error on prompt=none, addresses #667
2015-03-12 09:26:38 -04:00
ad9b49733f
externalized queries for scopes, blacklists, user info, pairwise identifiers, and whitelists, closes #771 even harder
2015-03-11 16:13:28 -04:00
15b97b1dcb
Externalized strings for named queries on auth holders, auth codes, clients, and tokens, closes #771
2015-03-11 15:51:51 -04:00
61a596dc15
externalized strings from user info views
2015-03-11 14:00:14 -04:00
86e95d9e6e
externalized json entity and error parameters, closes #770
2015-03-11 13:52:32 -04:00
e56161e223
extracted http "code" view parameter
2015-03-11 13:39:07 -04:00
1735dbca11
extracted controller URLs to constants, closes #769
2015-03-11 13:20:59 -04:00
617d485478
updated all references to media types to use constants instead of literals, closes #767
2015-03-11 12:06:38 -04:00
c777ebfac9
added universal OAuth exception handling
2015-03-11 11:41:28 -04:00
76b7324d88
fixed execution order of introspection endpoint
2015-03-10 18:29:48 -04:00
8c8f912880
fixed endpoint processing to account for client id
2015-03-10 15:37:07 -04:00
ee522100b9
Merge branch 'master' into uma-introspection
...
* master:
fixed logger variable name
made logger declarations consistent across project, closes #780
Fixed logger
null safe
removed DateUtil
added icons to scope editing panel
2015-03-10 15:03:26 -04:00
5d35f2c1a6
toned down errors on introspection endpoint
2015-03-10 14:58:22 -04:00
65d7b00f4d
added uma-processing of scopes to introspection results
2015-03-10 12:38:37 -04:00
627bcaee43
added client_id to resource sets
2015-03-10 12:38:13 -04:00
e5e4c15058
removed introspection authorizer hook
2015-03-10 11:12:37 -04:00
2a6a17486a
added initial uma discovery endpoint
2015-03-09 16:15:30 -04:00
621399545e
cleaned up introspection endpoint processing
2015-03-09 16:15:09 -04:00
764df71758
refactored introspection to allow for UMA style token access
2015-03-09 12:43:05 -04:00
1da5c2cd84
fixed imports
2015-03-09 11:51:41 -04:00
c7f6811961
refactored scope enforcement utilities to a separate authentication class
2015-03-09 11:51:24 -04:00
48b857eb85
fixed logger variable name
2015-03-09 07:37:09 -04:00
c09b63c69f
made logger declarations consistent across project, closes #780
2015-03-08 21:56:33 -04:00
849a2b3271
Fixed logger
2015-03-08 16:02:53 +01:00
020b410ffe
null safe
2015-03-08 15:47:58 +01:00
db2574ab53
removed DateUtil
2015-03-08 15:41:47 +01:00
f266d3b151
added unit test for resource set service to make sure it catches error conditions
2015-03-06 16:56:30 -05:00
35f2a03b4e
added unit test for permission service
2015-03-06 15:50:24 -05:00
e59e988809
made permission service enforce scoping
2015-03-06 15:50:14 -05:00
5ff9cd1bbb
implemented permission registration API
2015-02-28 17:59:37 -05:00
eed8fb0b28
created skeleton of permission registration API
2015-02-28 08:33:09 -05:00
c41488b103
moved an uma package to common, extracted OAuth scope enforcement utility
2015-02-28 08:32:47 -05:00
5be7d64c7d
moved all uma files to their own package
2015-02-28 07:24:53 -05:00
0d96b6a28a
changed name of scope to match uma spec
2015-02-27 20:46:48 -05:00
7a1480bb07
moved and consolidated json utilities
2015-02-26 16:20:01 -05:00
40fc70894e
fixed oauth scope check
2015-02-24 18:01:03 -05:00
4878e88d4f
added list all by owner
2015-02-24 17:41:05 -05:00
8d22ad03e2
implemented remove verb
2015-02-24 17:15:18 -05:00
89114dcf74
implemented update
2015-02-24 16:05:18 -05:00
ad228e8953
send the _id as a string
2015-02-24 15:52:29 -05:00
3b6412219b
added abbreviated view, updated OAuth error handling, fixed URL mapping
2015-02-24 15:10:48 -05:00
0b480bac10
implemented get
2015-02-24 15:09:52 -05:00
3076da1ed8
functioning resource set repository layer
2015-02-24 12:10:54 -05:00
efeead52b6
fixed typos in data layer, added blank service layer to resource set
2015-02-24 12:00:58 -05:00
e7bf75e9a4
moved and consolidated json utilities
2015-02-23 13:43:08 -05:00
90a7304b4e
resource set registration endpoint and service shells
2015-02-23 11:43:05 -05:00
b670f44138
added UMA to version number
2015-02-19 17:55:25 -05:00
720b73939f
fixed token service logic, added verification to unit tests
2015-02-18 13:57:28 -05:00
97ae456099
fixed unit tests affected by scope service changes
2015-02-18 13:48:16 -05:00
6885713eed
added warning suppression for data layer -- non-templated generic types have to be used here
2015-02-18 10:19:36 -05:00
f4813fccee
fixed log messages on data services
2015-02-18 09:33:13 -05:00
4ae981f484
updated data layer and unit tests
2015-02-18 09:23:09 -05:00
593fac83cf
scopes can now be set as "restricted" instead of needing to be set "allowDynReg", closes #747
2015-02-17 18:25:52 -05:00
1caf5ef8bc
removed call to deprecated http components constructor
2015-02-17 17:06:34 -05:00
b376bc6059
removed some vestigial service/repository calls, closes #513
2015-02-17 16:22:40 -05:00
ecfb72bc50
additional JOSE class naming
2015-02-17 15:32:20 -05:00
522edda074
additional JOSE class renaming
2015-02-17 14:57:29 -05:00
cef6cf17b6
externalized a number of strings, closes #385
2015-02-17 14:39:15 -05:00
05f03f7c90
yet more year updates
2015-02-17 13:09:45 -05:00
994ce6c743
consistently named JOSE-based classes, closes #529
2015-02-17 12:11:58 -05:00
335d05bb5c
renamed data service abstract class
2015-02-17 11:56:50 -05:00
685960358c
formatting cleanup
2015-02-17 11:08:46 -05:00
e2349984b8
happy new year 2015!
2015-02-17 10:24:08 -05:00
d56aec5652
removed extraneous version tag for managed dependency
2015-02-17 10:00:18 -05:00
d88cc2ec8e
fixed pluralization of post logout URIs in data API services
2015-02-17 09:59:50 -05:00
cc02f8fbe8
pluralized post-logout redirect URI on client, closes #654
2015-02-16 16:43:34 -05:00
587d4b2db6
further pom file cleanup
2015-02-16 14:24:48 -05:00
377d8cb884
moved dependency version management to parent pom, closes #666
2015-02-16 13:51:25 -05:00
ef3a696972
removed getBySubject and getAll from user info repository and service layers, closes #760
2015-02-16 11:08:07 -05:00
63dd7c0b25
removed deprecated DefaultUserInfoUserDetailsService and corresponding test, closes #413
2015-02-16 11:07:17 -05:00
166c53cd6a
fixed comparison of client IDs in refresh token, closes #752
...
Also addresses #735 (again)
2015-01-24 07:47:50 -05:00
6c88d7c54b
removed old owner_id field, closes #636
2015-01-17 08:18:36 -05:00
ba97fcb88a
changed name of clientAuthorization to authorizationRequest (which is more accurate), closes #697
2014-12-19 00:55:06 -05:00
a1228d19b5
Changed lastWeek logic back to correct form, removed logic used for
...
testing.
2014-12-19 00:39:07 -05:00
e9d764e53e
added support for login_hint, closes #250
2014-11-26 09:55:39 -05:00
3e7ade9a67
fixed unit tests
2014-11-22 23:46:25 -05:00
1a2ca25359
relaxed scope constraints on protected resources registered through self-service page
2014-11-22 23:46:25 -05:00
e371ad345f
fixed checking of refresh token permissions in client service, clients can now request either refresh_token grant type or offline_access scope and it will work. added checkbox to dynreg page for ease-of-use
...
closes #734
2014-11-22 23:46:25 -05:00
56344fa12b
make sure that client presenting refresh token is the same client the refresh token was issued to
...
closes #735
2014-11-22 23:46:25 -05:00
0e776762c2
set up data API for 1.2 format (currently the same as 1.1 format)
2014-11-15 19:59:47 -10:00
b14dfa6458
approval page defaults to "ask again" when prompt=consent is passed, closes #669
2014-11-13 11:23:54 -10:00
775b77b367
updated date format of token introspection response, closes #719
2014-11-13 11:08:20 -10:00
c600787f1c
added key id to id token, closes #725
2014-11-12 16:22:10 -10:00
d87bdb2120
added ROLE_CLIENT to assertion client authentication, cleaned up roles on client secret authentication, closes #728 , closes #401
2014-11-12 16:03:06 -10:00
e6d10b67a4
update to Spring 4 and other related libraries
2014-11-10 18:29:54 -10:00
9dfac35912
Introduce introspection result assembler to allow for customized introspection results
2014-10-14 21:06:09 -04:00
d557b1e2c2
RefreshToken to AuthHolder linkage test now using AuthHolder ID to verify
2014-10-14 20:30:50 -04:00
ff436a6738
Added tests for ensuring the references between a refresh token and its authentication holder are preserved over import. Minor cleanup of other tests.
2014-10-14 20:30:50 -04:00
d18d325c0c
Better method of creating test AuthenticationHolderEntity, added some more testing to testImport/ExportGrants
...
Conflicts:
openid-connect-server/src/test/java/org/mitre/openid/connect/service/impl/TestMITREidDataService_1_1.java
2014-10-14 20:30:50 -04:00
ff28e1a383
Added new data service tests, separated date parsing/formatting utilities into DateUtil class
...
Conflicts:
openid-connect-server/src/main/java/org/mitre/openid/connect/service/impl/MITREidDataService_1_0.java
openid-connect-server/src/main/java/org/mitre/openid/connect/service/impl/MITREidDataService_1_X.java
openid-connect-server/src/main/java/org/mitre/openid/connect/util/DateUtil.java
2014-10-14 20:30:50 -04:00
188818dc0d
added null check to confirmation controller, closes #684
2014-10-07 21:58:15 -04:00
db052f11ca
Moved development branch to 1.2
2014-10-07 21:02:07 -04:00
134909a82f
import cleanup
2014-10-07 19:40:38 -04:00
1e71749c23
added more generic rotation capability
2014-10-07 19:40:38 -04:00
0b8dbc4f68
added registration token API
2014-10-07 19:40:38 -04:00
13cee6bf06
Ported date format changes from 1.0.x
2014-10-06 23:41:33 -04:00
98ace5c9fb
Separated date formatting and parsing functions to DateUtil class. Modified how timezone is printed to workaround Java date formatting issue.
...
Conflicts:
openid-connect-server/src/main/java/org/mitre/openid/connect/service/impl/MITREidDataService_1_0.java
2014-10-06 23:28:20 -04:00
1fbdd240f1
made binary encode/decode null safe
2014-10-06 23:25:48 -04:00
a8377513a6
Fixed reading/writing of approved access tokens
2014-10-06 22:59:27 -04:00
0320bae15c
Fixed netbeans copyright weirdness
2014-10-06 22:59:27 -04:00
dcf66fadc4
Added support for 1.1 config import/export, and separated common functions into 1_X abstract class
2014-10-06 22:59:27 -04:00
ad841a03df
Added support for whitelisted and blacklisted site export
2014-10-06 22:59:27 -04:00
8495617aed
Added support for whitelisted and blacklisted site import from a 1.0 config
2014-10-06 22:59:27 -04:00
16f15cc3c8
NPE fix
2014-10-06 22:59:27 -04:00
6333b1e4b1
Re-enabled reading of system scopes. Added 1.1 data export functionality
2014-10-06 22:59:27 -04:00
d5551e9692
Added services for data import/export and modified JpaAuthenticationHolderEntity and Repository to allow getting all objects
2014-10-06 22:58:26 -04:00
c683131f12
externalized view name strings and tied them to view beans
2014-09-28 22:25:39 -04:00
9e88a62479
moved the API endpoints, made resource tokens accessible too
2014-09-22 23:38:12 -04:00
6d80a00d65
import cleanup
2014-09-22 23:04:23 -04:00
81634e6165
added API for getting tokens by clientid
2014-09-22 22:55:13 -04:00
dee78c130c
fixed missing null check in request object parser
2014-08-25 22:48:42 -04:00
e0b84069d4
Update to latest spring-security-oauth2 module
2014-08-06 11:12:40 -04:00
6f2f807b0b
[maven-release-plugin] prepare for next development iteration
2014-08-05 21:54:51 -04:00
93ae1516a5
[maven-release-plugin] prepare release mitreid-connect-1.1.9
2014-08-05 21:54:47 -04:00
39c50b76f4
added null checks to endpoint auth method switches, closes #652
2014-07-31 23:05:17 -04:00
8768188133
makes the grant types checker softer, closes #640
2014-07-19 23:54:02 -07:00
9666404d54
added "none" to discovery endpoint
2014-07-16 23:48:18 -04:00
7476edb310
added unsigned ID token support to server
2014-07-16 22:29:13 -04:00
538c4031bb
added in better default checks for content negotiation
2014-07-02 16:01:26 -04:00
078bf5e464
combine HTTP content negotiation with client preferences for user info endpoint
2014-06-28 23:44:37 -04:00
1de2a61176
made accept header optional for user info request
2014-06-28 22:20:05 -04:00
04acc21eea
removed injection of admin email address from client API, will happen browser-side now
2014-06-26 13:00:36 -04:00
adf477c64e
[maven-release-plugin] prepare for next development iteration
2014-06-18 18:27:27 -04:00
8d97ed61ec
[maven-release-plugin] prepare release mitreid-connect-1.1.8
2014-06-18 18:27:25 -04:00
5773fe195b
set proper content type on user info JWT response
2014-06-18 18:05:11 -04:00
5f97ce0ca1
fixed error code string
2014-06-18 14:50:17 -04:00
6589cd717d
disallow fragments in redirect uris for dynamic clients, closes #622
2014-06-18 14:49:29 -04:00
4e52543091
more properly respond to some client registration errors
2014-06-18 14:45:55 -04:00
c493f438e7
applied token rotation to protected resources
2014-06-12 19:37:50 -04:00
f4edd3164f
made timeout field optional, tokens don't expire in the default case
2014-06-12 19:37:32 -04:00
4e09ec687b
Registration Token regeneration - when they are beyond their lifetime
...
(in read/update calls)
2014-06-12 19:12:32 -04:00
ed3e6a2814
https://github.com/mitreid-connect/OpenID-Connect-Java-Spring-Server/issues/431 :
...
Generating a new registration access token on read/update call and
revoking the token issued earlier.
2014-06-12 19:12:32 -04:00
a106121af3
created blacklist aware redirect resolver and wired it in, closes #549
2014-06-10 16:29:45 -04:00
a97f3e2d65
don't throw away creation time on protected resource update (oops)
2014-06-09 20:22:58 -04:00
e0fe22e4ba
don't regenerate client secrets every single time
2014-06-09 20:20:36 -04:00
53148f2c87
better auth method checking in dynamic registration and resource registration
2014-06-09 17:41:27 -04:00
f15b4a0f74
resource registration returned the wrong URL
2014-06-09 17:41:01 -04:00
47cc005fe5
more sanity checking for client secrets
2014-06-09 16:06:57 -04:00
cac645484f
client API now generates client secret only for clients that require a client secret
2014-06-09 16:00:55 -04:00
52e53ba219
extracted validation exception, refactored protected resource registration endpoint to use this format
2014-06-06 11:13:41 -04:00
b7a8bbdddc
cleanup, error wrappers on protected resource registration
2014-06-06 10:58:40 -04:00
deaccf437e
refactored dynamic registration endpoint's checks for client consistency
2014-06-06 10:18:40 -04:00
04f7a698ea
added response type consistency checking, closes #430
2014-06-05 19:41:06 -04:00
32101ff7b2
added parsing checks, fixed inverted logic, cleaned up redundant settings, closes #597
2014-06-05 19:06:03 -04:00
ab083c0963
added checks to dynamic registration endpoint that disallow registration of multiple incompatible grant types
2014-06-05 17:16:35 -04:00
cdd23df7ee
token introspection now returns user "sub" when available in addition to "user_id", closes #507 (might cause incompatibility problems)
2014-06-04 17:27:38 -04:00
85acfa90db
[maven-release-plugin] prepare for next development iteration
2014-06-04 14:51:32 -04:00
d5e4cb45a2
[maven-release-plugin] prepare release mitreid-connect-1.1.7
2014-06-04 14:51:29 -04:00
8861220632
stats on home page are now loaded in the background (makes main site load much faster)
2014-06-04 14:39:30 -04:00
3e4aae6c8a
hash tests now pass on Java8
2014-05-29 17:41:56 -04:00
dfdc4ed52d
fixed information leaks from approved site API
2014-05-28 18:21:46 -04:00
a84c10fc1c
Change copyright from Netcetera to MITRE/MIT-KIT.
2014-05-28 08:52:31 +02:00
2797731597
fixed unit test to account for cascading tokens
2014-05-27 20:39:19 -04:00
d2c83104fb
cascade token saves
2014-05-27 19:28:38 -04:00
7f8cbcea39
Use return value from TokenEnhancer.enhance
2014-05-27 19:23:44 -04:00
be98b9cd0b
[maven-release-plugin] prepare for next development iteration
2014-05-27 14:00:40 -04:00
8320f0eefe
[maven-release-plugin] prepare release mitreid-connect-1.1.6
2014-05-27 14:00:37 -04:00
0c8cacd59a
added missing copyright headers
2014-05-27 13:46:47 -04:00
525f3aa2a8
Cleaned up indentation, whitespace, and imports.
2014-05-27 13:02:49 -04:00
8185171119
minor clean up
2014-05-27 11:54:45 -04:00
5ab516de48
prevent clients from registering with special resource scope
2014-05-26 17:39:20 -04:00
c34357a433
added resource registration endpoint with basic functionality and specialized tokens
2014-05-26 16:30:24 -04:00
960319b796
improved logging configuration, removed transactional from service
2014-05-25 15:38:44 -04:00
85fd4e71ce
typo in error message
2014-05-25 15:37:58 -04:00
2af51dc77a
better URI check for prompt filter short circuit
2014-05-25 14:24:25 -04:00
f4a1a2acff
fixed prompt filter coding error
2014-05-24 23:16:29 -04:00
89d55e3d33
added support for default max auth age and require auth time, made prompt filter only work on authorization endpoint
2014-05-24 22:12:41 -04:00
5c6e75bd53
cleaned up UI for client editing
2014-05-24 20:56:54 -04:00
05e9624ae3
added support for encrypted and symmetrically signed id tokens and user info responses
2014-05-23 21:15:50 -04:00
ffe1b29906
Added Signed JWT support to UserInfo endpoint response, closes #593
2014-05-23 19:15:03 -04:00
e4d5f4a540
added system wide cache for all symmetric validators, closes # 557
2014-05-23 16:16:06 -04:00
ca333d256b
Appropriately catch runtime exceptions in all guava caches, closes #603
2014-05-23 15:00:40 -04:00
df9c9747ce
more reasonable check for whether or not a user auth is present, addresses #602
2014-05-23 11:49:51 -04:00
4e890a4d7d
enforce clients using a redirect flow have at least one redirect uri registered when using dynamic registration, made error handling more consistent across all APIs
...
closes #596
2014-05-21 18:29:51 -04:00
a225b00920
added null check and permissions check to ID token generation, closes #602
2014-05-21 17:45:25 -04:00
880014176f
[maven-release-plugin] prepare for next development iteration
2014-05-13 18:23:11 -04:00
ca8a003e3d
[maven-release-plugin] prepare release mitreid-connect-1.1.5
2014-05-13 18:23:08 -04:00
dcf36234c4
moved CSRF generator to request parser instead of confirmation controller
2014-05-13 09:48:34 -04:00
a253ebc908
added CSRF protection to approval page
2014-05-13 09:27:02 -04:00
fcfbf1080f
renamed auth request variable
2014-05-13 09:26:27 -04:00
7cd36b471f
Make introspection endpoint access authorization pluggable.
2014-05-07 16:44:56 +02:00
4b697ba909
webfinger checks host on acct: URIs, closes #404
2014-04-25 21:21:00 -04:00
b8129bf60d
[maven-release-plugin] prepare for next development iteration
2014-04-21 19:19:10 -04:00
a9e34ac9bd
[maven-release-plugin] prepare release mitreid-connect-1.1.4
2014-04-21 19:19:07 -04:00
376403fa4a
account for registration time in approval page, closes #550
2014-04-19 07:28:20 -04:00
1d2f968bd1
configuration cleanup, closes #568
2014-04-18 22:11:58 -04:00
318a28ddf8
added stats mock to unit tests
2014-04-16 22:05:03 -04:00
Justin Richer