Commit Graph

1483 Commits (a0bd2c70ac75c92f73f6de122e08a4bd155e7774)

Author SHA1 Message Date
Justin Richer d89257380f make client assertion auth work again
8 years ago
Justin Richer f9e4d75a4a use JWT bearer assertion token for assertion processing
8 years ago
Justin Richer bd9932d56f added assertion processor to token endpoint
8 years ago
Justin Richer a5a12b2f1f added assertion validation engine
8 years ago
Justin Richer fa63993896 added software statement to client model, added processor to dynamic registration parser
8 years ago
Justin Richer a951a22bf8 explicitly use language and country codes for locale resolution
8 years ago
XIAO XI LIU b8cc0a82b3 fix issue #1061: auto-detect locale country code
8 years ago
Justin Richer 7177854416 inverted boolean for #1033
9 years ago
Justin Richer 39bae3a160 make the client auth URL matcher use an existing matcher instead of custom code
9 years ago
Justin Richer 01892b6f47 use a request matcher on authorization request filter, closes #1033
9 years ago
Justin Richer ca6e867df6 manage dependency versions in parent
9 years ago
Trung Nguyen ecb4a9ed53 Check that the underlying cause of the PersistenceException is caused by a duplicate entry.
9 years ago
Trung Nguyen 6fb26856a7 Make apiAddClient in the client api return a HttpStatus.Conflict if you try to create a client with a used client id.
9 years ago
Leonard Brünings 8e71107f9b Fix NPE when checking claim extension, Simplify always true expressions
9 years ago
Fredrik Jönsson 8f81278332 We really should specify an encoding here and not depend on the
9 years ago
Justin Richer c31f42c3f3 updated versions to 1.3
9 years ago
Justin Richer 58724aa6dc [maven-release-plugin] prepare for next development iteration
9 years ago
Justin Richer 29c9ee2c46 [maven-release-plugin] prepare release mitreid-connect-1.2.6
9 years ago
Justin Richer 89316cbab1 fixed default token lifetimes for heart mode
9 years ago
Justin Richer 9691f02772 added audience parameter to parser, fixed token generator to match HEART spec
9 years ago
Justin Richer 49a8848648 count really weird URIs as "custom scheme"
9 years ago
Justin Richer d75bba218d forbid password grant type in HEART mode
9 years ago
Justin Richer 699e9bff39 testing for multiple classes of redirect URIs
9 years ago
Justin Richer 38710bd3d2 unit tests for HEART mode
9 years ago
Justin Richer 74ea42851b added check for HEART mode consistency
9 years ago
Justin Richer 028265faa6 pulled scope values to externalized strings
9 years ago
Justin Richer 5bccb602d8 always perform strict redirect URI matches in HEART mode
9 years ago
Justin Richer 51e3513307 disallow client secret JWT authentication in HEART mode
9 years ago
Justin Richer d0d6ae2ad8 [maven-release-plugin] prepare for next development iteration
9 years ago
Justin Richer 7f5b70e9e1 [maven-release-plugin] prepare release mitreid-connect-1.2.5
9 years ago
Justin Richer 183a599126 fixed OIDC discovery relation URL
9 years ago
Justin Richer 61433cc23a deepen webfinger, endpoint is looser
9 years ago
Justin Richer 82a1e49e79 [maven-release-plugin] prepare for next development iteration
9 years ago
Justin Richer e6684fb7a8 [maven-release-plugin] prepare release mitreid-connect-1.2.4
9 years ago
Misagh Moayyed 3d14b0d128 rename zone_info claim to zoneinfo
9 years ago
Justin Richer 7badfe1d17 Happy new year 2016!
9 years ago
Justin Richer d1033b693f added privacy-preserving client logo cache
9 years ago
Justin Richer e828f3f18d [maven-release-plugin] prepare for next development iteration
9 years ago
Justin Richer 01ca5ef8e2 [maven-release-plugin] prepare release mitreid-connect-1.2.3
9 years ago
Justin Richer aa878cc3cf pulled checks for expired tokens into utility functions
9 years ago
Justin Richer 698feb49cd check access token expiration on read. closes #983
9 years ago
Justin Richer 7f464c496b changed copyright to new consortium name
9 years ago
Justin Richer ea77bf2a19 quieted approved site cleanup
9 years ago
Justin Richer 1ed3e2c47a quieted logging on database cleanup tasks when no expired elements are found
9 years ago
Justin Richer fcfc620d51 updated client API with more useful errors, removed unused service reference
9 years ago
Justin Richer 2496dc114c allow language system to be loaded from multiple files. closes #817 closes #876
9 years ago
Justin Richer e255fc1a10 change default behavior of message source, closes #964
9 years ago
Cosmin Cojocar 7b34a666d9 Make the dual client support configurable
9 years ago
Cosmin Cojocar a80953a2d4 Allow both flows authorization code and client credentials. This scenario might be found when the same client supports user authentication as well as service to service authentication. Such a client is trusted (whitelisted).
9 years ago
Mark Janssen dce80d488b Clean up ScopeClaimTranslationService
9 years ago
Justin Richer 2deec98b58 [maven-release-plugin] prepare for next development iteration
9 years ago
Justin Richer d96b2dc130 [maven-release-plugin] prepare release mitreid-connect-1.2.2
9 years ago
Justin Richer 96f4d5e8a8 fixed use of wrong constant, closes #940
9 years ago
Justin Richer c9358f348a added transactional annotations, finally closes #926 addresses #862
9 years ago
Justin Richer e1e892377f added cleaner for duplicate refresh tokens
9 years ago
Justin Richer 542afca459 cleans duplicate access tokens from DB before other cleanup happens
9 years ago
Justin Richer ebb4f2c3d4 Upgraded to nimbus 4.2, closes #934
9 years ago
Justin Richer c67611e975 added qualifier name to persistence unit and transaction manager, closes #883
9 years ago
Justin Richer d280ca40a4 login hints now handled in a slightly smarter (and more pluggable) manner, closes #851
9 years ago
Mark Janssen b5c298e0ca Remove legacy CSRF protection for approve page
9 years ago
Justin Richer 8b362f23f3 [maven-release-plugin] prepare for next development iteration
9 years ago
Justin Richer e384a6257b [maven-release-plugin] prepare release mitreid-connect-1.2.1
9 years ago
Justin Richer 4063f7f94f user info endpoint response uses correct client algorithms, addresses #921
9 years ago
Justin Richer acb3d03052 added 'kid' to all signed tokens, closes #899
9 years ago
Justin Richer d3f8ff2855 added JTI to ID tokens, closes #900
9 years ago
Justin Richer 9822748209 grabbed additional places that mention updated_time/updated_at
9 years ago
Sarah Squire 31ea96ce27 Update DefaultOIDCTokenService.java
9 years ago
Justin Richer 22c05ec51b [maven-release-plugin] prepare for next development iteration
9 years ago
Justin Richer e6b64cd9cd [maven-release-plugin] prepare release mitreid-connect-1.2.0
9 years ago
Justin Richer 489450b1c2 automated code format cleanup
9 years ago
Justin Richer 15c2b57730 [maven-release-plugin] prepare for next development iteration
9 years ago
Justin Richer 8317c759f1 [maven-release-plugin] prepare release mitreid-connect-1.2.0-RC2
9 years ago
Justin Richer 0740443768 added claims redirect uri set to client model for UMA usage
9 years ago
Justin Richer a4e75ed733 [maven-release-plugin] prepare for next development iteration
10 years ago
Justin Richer 58a47d0e46 [maven-release-plugin] prepare release mitreid-connect-1.2.0-RC1
10 years ago
Justin Richer 0714ed514e fixed errant unit test
10 years ago
Justin Richer 064f36ef6c clean up resource sets when clients are deleted
10 years ago
Justin Richer d1c069ad1e clean up permissions and access tokens when a resource set is revoked
10 years ago
Justin Richer 7345a03aaa added UMA import, closes #811 even harder
10 years ago
Justin Richer bcd8a96b5d UMA data export, closes #811
10 years ago
Justin Richer a3360e9561 externalized strings in data API (1.2)
10 years ago
Justin Richer 4a382f2b1c updated unit tests to new structure
10 years ago
Justin Richer 8c822c0f54 detached whitelist from approved sites, closes #781
10 years ago
Justin Richer c4aaa29ffc updated unit tests for new refresh token mode
10 years ago
Justin Richer d9efeb3b67 added clear access tokens to export/import
10 years ago
Justin Richer 2f4d9ce54b clearing out refresh tokens is now configurable, closes #409
10 years ago
Justin Richer 8359ac2813 fixed refresh token lookup
10 years ago
Justin Richer d2a393f7f9 converted error handlers to a single @ControllerAdvice class, closes #788
10 years ago
Justin Richer f4a1b27e2e better handling of HTTP and JSON errors on network fetches, added http-forcing behavior for webfinger client and sector URL service
10 years ago
Justin Richer f7a082d4b8 wrapped timestamp injection in a null-safe block, with warning; closes #849
10 years ago
Mark Janssen 9e74e40453 Use diamond syntax instead of explicit types
10 years ago
Mark Janssen 6dc2b2cb5e Various small improvements/bugfixes
10 years ago
Justin Richer d1e8529a7b expose ID Token and UserInfo to the AuthoritiesProvider and AuthoritiesMapper, both extensible
10 years ago
Justin Richer 4655650a68 added OAuth error display page, closes #559
10 years ago
Justin Richer dfc8df42f5 moved server configuration injection to pre-request
10 years ago
Justin Richer 79317d5b70 JWK Set by value added to admin UI, addresses #826
10 years ago
Justin Richer e43600494a minor automated code cleanup
10 years ago
Justin Richer 642942b5cf Generalized client key handling into a single cache service
10 years ago
Justin Richer 032d41e5ed added JWKs-by-value support to client data model and API, closes #826
10 years ago
Justin Richer 8d3a8471aa updated refresh token to use converter instead of dummy field
10 years ago
Justin Richer 9662f3e8b3 switched access token to using converter instead of dummy field
10 years ago
Justin Richer 9ba1a78d09 removed binary objects from data API importers, removed binary object JSON utility entirely
10 years ago
Justin Richer c974267cde return prompt=none error to client, closes #667
10 years ago
Justin Richer cbf6316050 cleaned up logic on user info interceptor to fix detection of redirects
10 years ago
Justin Richer fe6d2f8a6e updated and expanded unit tests to account for new data layer
10 years ago
Justin Richer d5a08d4996 cleaned up vestigial service component, to be fixed (maybe) in #825
10 years ago
Justin Richer d9e03b769b fixed auth holder reference handling, import/export works now
10 years ago
Justin Richer 3d1aee77b4 updated 1.2 import to reflect new objects
10 years ago
Justin Richer 441b19f0c5 fixed data export to comply with new auth holder
10 years ago
Justin Richer a7905c9f82 only save strings in the Extensions map
10 years ago
Justin Richer cb8abca0f6 removed embedded JOSE classes in favor of converters
10 years ago
Justin Richer 6be2b4f65e added ES* and PS* support for signed objects
10 years ago
Justin Richer 04dc037f9e fixed unit tests to account for refresh token rotation
10 years ago
Justin Richer aeed2fa003 issue new refresh tokens for clients who are configured for it, closes #408
10 years ago
Justin Richer 31d5e3ad0e echo back requested scopes in error thrown by validator, closes #708
10 years ago
Justin Richer 52b1bda8d8 version match and cleanup
10 years ago
Justin Richer 24a464e142 put in a dummy resource set service so that introspection can pass through
10 years ago
Justin Richer a2edb31753 moved UMA server to its own module
10 years ago
Justin Richer 7188a06488 added deletion functionality to UI
10 years ago
Justin Richer 43a432eb9a removed extraneous TODO
10 years ago
Justin Richer ed7799b54a make RPTs optionally expire, closes #794
10 years ago
Justin Richer e0cdeb3571 inject uma token service
10 years ago
Justin Richer fc64dcc9b9 discovery endpoint cleanup
10 years ago
Justin Richer f4f08d9449 RPT endpoint cleanup
10 years ago
Justin Richer 1f083c7acb extracted RPT generation component to new token service class, closes #797
10 years ago
Justin Richer 0ea06f01b8 moved claims processor to the right package
10 years ago
Justin Richer 53d4f15923 shuffle authz endpoint
10 years ago
Justin Richer 7951ff5086 separated claims processing out into its own service, closes #796
10 years ago
Justin Richer 8d5c7d6226 fixed some rogue documentation
10 years ago
Justin Richer afad3a720b Merge branch 'master' into uma
10 years ago
Justin Richer e155cdc282 added strict URI matching option to redirect resolver (off by default)
10 years ago
Justin Richer 06f7dc984d switched to view constants
10 years ago
Justin Richer d6dfa89533 check client information on delete of resource set
10 years ago
Justin Richer 7273b0a5b7 fixed discovery endpoint information, closes #805
10 years ago
Justin Richer eb49d9624c inject claims from OIDC auth token into permission ticket
10 years ago
Justin Richer 98cd5ba27d added save to permission ticket system
10 years ago
Justin Richer 08413302eb configured OIDC client on claims collection endpoint
10 years ago
Justin Richer f48049be4d deny tickets with no claims required (closes a race condition)
10 years ago
Justin Richer dc10779abb removed extraneous issuer in discovery endpoint, closes #793
10 years ago
Justin Richer a38a0b6f75 removed extraneous bob
10 years ago
Justin Richer 6e095e3266 can now add and remove email address claims from the UI
10 years ago
Justin Richer 687517d7f4 Merge branch 'master' into claims-editing-ui
10 years ago
Justin Richer d015d17fad search for local users first (by email), then check remote users
10 years ago
Justin Richer 348ff7ee17 made webfinger endpoint search by email address, then by username
10 years ago
Justin Richer 5aa5cc1a10 added search by email to user info data stack
10 years ago
Justin Richer e89d8cd985 added webfinger lookup helper service
10 years ago
Justin Richer 394785b9c4 don't give resource sets default client scopes
10 years ago
Justin Richer 7af19dbd61 added copyright text
10 years ago
Justin Richer 3e931c68b4 added policy editing overview page
10 years ago
Justin Richer 5698393d31 created claims API
10 years ago