Justin Richer
|
8b362f23f3
|
[maven-release-plugin] prepare for next development iteration
|
2015-10-02 18:53:48 -04:00 |
Justin Richer
|
e384a6257b
|
[maven-release-plugin] prepare release mitreid-connect-1.2.1
|
2015-10-02 18:53:45 -04:00 |
Justin Richer
|
ca23521c3b
|
fixed entity relationship for address
|
2015-10-01 20:52:01 -04:00 |
Justin Richer
|
e1af979995
|
don't load user info for anonymous authentications, closes #895
|
2015-10-01 19:12:50 -04:00 |
Tony Fendall
|
f43c94314c
|
Change Address model to be an interface. Will allow consuming projects
to override this funcitonality more easily.
|
2015-10-01 15:57:34 -04:00 |
John Brooks
|
719a714735
|
Addresses issue 910 by replacing update_time with update_at for JSON
objects.
|
2015-10-01 15:43:31 -04:00 |
Justin Richer
|
22c05ec51b
|
[maven-release-plugin] prepare for next development iteration
|
2015-08-05 12:07:47 -04:00 |
Justin Richer
|
e6b64cd9cd
|
[maven-release-plugin] prepare release mitreid-connect-1.2.0
|
2015-08-05 12:07:44 -04:00 |
Justin Richer
|
489450b1c2
|
automated code format cleanup
|
2015-08-05 12:04:14 -04:00 |
Justin Richer
|
edda0218e1
|
added missing copyright statement.
|
2015-08-05 09:58:41 -04:00 |
Justin Richer
|
8a4fb5f839
|
cleaned up imports
|
2015-08-05 09:46:36 -04:00 |
Justin Richer
|
15c2b57730
|
[maven-release-plugin] prepare for next development iteration
|
2015-07-30 14:00:20 -04:00 |
Justin Richer
|
8317c759f1
|
[maven-release-plugin] prepare release mitreid-connect-1.2.0-RC2
|
2015-07-30 14:00:18 -04:00 |
Justin Richer
|
0740443768
|
added claims redirect uri set to client model for UMA usage
|
2015-07-30 13:56:14 -04:00 |
Justin Richer
|
a4e75ed733
|
[maven-release-plugin] prepare for next development iteration
|
2015-07-09 18:29:14 -04:00 |
Justin Richer
|
58a47d0e46
|
[maven-release-plugin] prepare release mitreid-connect-1.2.0-RC1
|
2015-07-09 18:29:12 -04:00 |
Justin Richer
|
064f36ef6c
|
clean up resource sets when clients are deleted
|
2015-07-09 18:07:19 -04:00 |
Justin Richer
|
f6c20ad314
|
changed to using merge() in JPA instead of persist()
|
2015-07-09 18:06:25 -04:00 |
Justin Richer
|
d1c069ad1e
|
clean up permissions and access tokens when a resource set is revoked
|
2015-07-09 16:40:07 -04:00 |
Justin Richer
|
7345a03aaa
|
added UMA import, closes #811 even harder
|
2015-07-09 11:48:52 -04:00 |
Justin Richer
|
bcd8a96b5d
|
UMA data export, closes #811
|
2015-07-08 21:27:15 -04:00 |
Justin Richer
|
8c822c0f54
|
detached whitelist from approved sites, closes #781
|
2015-07-08 17:22:55 -04:00 |
Justin Richer
|
e96eda0990
|
save dynamically registered clients to the server's database, closes #799
|
2015-07-08 14:35:20 -04:00 |
Justin Richer
|
42b93be492
|
added uri-encoded client service, closes #857
|
2015-07-07 17:55:56 -04:00 |
Justin Richer
|
aa96b1f1ed
|
made things a little null safer
closes #813 (really)
|
2015-07-03 20:16:37 -04:00 |
Justin Richer
|
6703db234d
|
added equals/hashCode/toString on UMA model objects
|
2015-07-03 20:16:34 -04:00 |
Justin Richer
|
a8a6e7bf31
|
downscope resulting token based on policy
|
2015-07-03 20:16:33 -04:00 |
Justin Richer
|
af798705b4
|
made claim values any JSON type, closes #853
|
2015-07-03 20:16:33 -04:00 |
Justin Richer
|
b0935086c2
|
made claims processor take in policy set and ticket directly
|
2015-07-03 20:16:33 -04:00 |
Justin Richer
|
de9f69e461
|
introduced a claims processor result data shuttle
|
2015-07-03 20:16:33 -04:00 |
Justin Richer
|
2cfaa1c1d7
|
renamed RequiredClaimSet to Policy
|
2015-07-03 20:16:32 -04:00 |
Justin Richer
|
b8a5486995
|
made required claims sets stick in the database
|
2015-07-03 20:16:32 -04:00 |
Justin Richer
|
cd47d32e2d
|
split required claim sets out as separate indirection structure, closes #813
|
2015-07-03 20:16:32 -04:00 |
Justin Richer
|
2f4d9ce54b
|
clearing out refresh tokens is now configurable, closes #409
|
2015-06-25 12:07:38 -04:00 |
Justin Richer
|
7df3597757
|
split client's auth token into pending and authorized classes
|
2015-06-24 16:00:40 -04:00 |
Justin Richer
|
b4520c170e
|
ID Token carried through as parsed JWT instead of string, closes #832
|
2015-06-24 16:00:40 -04:00 |
Justin Richer
|
f4a1b27e2e
|
better handling of HTTP and JSON errors on network fetches, added http-forcing behavior for webfinger client and sector URL service
|
2015-06-23 22:21:18 -04:00 |
Justin Richer
|
286d433da6
|
save json object inside registered client if it's available, closes #800
|
2015-06-03 11:07:45 -04:00 |
Mark Janssen
|
9e74e40453
|
Use diamond syntax instead of explicit types
|
2015-06-03 10:24:48 -04:00 |
Mark Janssen
|
13f5e4f8a6
|
Collapse identical catch branches
|
2015-06-03 10:24:48 -04:00 |
Justin Richer
|
d1e8529a7b
|
expose ID Token and UserInfo to the AuthoritiesProvider and AuthoritiesMapper, both extensible
closes #699
closes #761
|
2015-06-01 21:11:19 -04:00 |
Justin Richer
|
f7b5228109
|
UserInfo carries original JSON object along if available
|
2015-06-01 20:10:07 -04:00 |
Justin Richer
|
118237ab05
|
moved user info interceptor to pre-handle
|
2015-06-01 19:15:54 -04:00 |
Justin Richer
|
8b81b36e22
|
property editor to allow JWK Set to be represented as a string in the XML configuration
|
2015-06-01 15:35:20 -04:00 |
Justin Richer
|
e43600494a
|
minor automated code cleanup
|
2015-06-01 15:35:20 -04:00 |
Justin Richer
|
642942b5cf
|
Generalized client key handling into a single cache service
|
2015-06-01 15:35:20 -04:00 |
Justin Richer
|
032d41e5ed
|
added JWKs-by-value support to client data model and API, closes #826
|
2015-06-01 15:35:20 -04:00 |
Justin Richer
|
30162f6baa
|
added direct JWK set to data model
|
2015-05-29 13:00:13 -04:00 |
Justin Richer
|
8d3a8471aa
|
updated refresh token to use converter instead of dummy field
|
2015-05-29 12:58:00 -04:00 |
Justin Richer
|
9662f3e8b3
|
switched access token to using converter instead of dummy field
|
2015-05-29 12:40:50 -04:00 |
Justin Richer
|
caf85b990d
|
Revert "added option to send skip sending nonce if desired, closes #704, closes #683,"
This reverts commit bbeaeb06e3 .
Conflicts:
openid-connect-client/src/main/java/org/mitre/openid/connect/client/OIDCAuthenticationFilter.java
openid-connect-common/src/main/java/org/mitre/openid/connect/config/ServerConfiguration.java
|
2015-05-28 16:44:26 -04:00 |
Justin Richer
|
9ba1a78d09
|
removed binary objects from data API importers, removed binary object JSON utility entirely
|
2015-05-27 19:33:05 -04:00 |
Justin Richer
|
cbf6316050
|
cleaned up logic on user info interceptor to fix detection of redirects
|
2015-05-27 12:06:58 -04:00 |
Justin Richer
|
d5a08d4996
|
cleaned up vestigial service component, to be fixed (maybe) in #825
|
2015-05-26 22:00:21 -04:00 |
Justin Richer
|
441b19f0c5
|
fixed data export to comply with new auth holder
|
2015-05-26 22:00:21 -04:00 |
Justin Richer
|
84167396da
|
made saved user auth remember original class if it gets re-used
|
2015-05-26 22:00:20 -04:00 |
Justin Richer
|
93a91c8f84
|
fixed oauth2request constructor
|
2015-05-26 22:00:20 -04:00 |
Justin Richer
|
bedda2959d
|
set table on entity class, added null-safe copies to all collection fields
|
2015-05-26 22:00:20 -04:00 |
Justin Richer
|
5e3d08ef4d
|
temporarily commented out query by authentication in both token types
|
2015-05-26 22:00:20 -04:00 |
Justin Richer
|
98e414b6df
|
broke out authentication holder class into parts, no more serializable pieces in the database, closes #696
|
2015-05-26 22:00:20 -04:00 |
Justin Richer
|
cb8abca0f6
|
removed embedded JOSE classes in favor of converters
|
2015-05-22 13:04:21 -04:00 |
Justin Richer
|
cf1cb34a5f
|
cleaned up error reporting for multiple verifiers
|
2015-05-22 13:04:21 -04:00 |
Justin Richer
|
6be2b4f65e
|
added ES* and PS* support for signed objects
|
2015-05-22 13:04:21 -04:00 |
Justin Richer
|
7f44132abc
|
made address object serializable, closes #792
|
2015-05-13 15:29:38 -04:00 |
Justin Richer
|
a44335198e
|
made HTTPS warning stand out a little better in the logs
|
2015-05-13 14:22:50 -04:00 |
Justin Richer
|
52b1bda8d8
|
version match and cleanup
|
2015-05-12 21:00:44 -04:00 |
Justin Richer
|
ed7799b54a
|
make RPTs optionally expire, closes #794
|
2015-05-11 19:00:26 -04:00 |
Justin Richer
|
1f083c7acb
|
extracted RPT generation component to new token service class, closes #797
|
2015-05-11 15:20:26 -04:00 |
Justin Richer
|
7951ff5086
|
separated claims processing out into its own service, closes #796
|
2015-05-11 14:44:21 -04:00 |
Justin Richer
|
8d5c7d6226
|
fixed some rogue documentation
|
2015-05-11 13:03:17 -04:00 |
Justin Richer
|
98cd5ba27d
|
added save to permission ticket system
|
2015-03-31 18:21:14 -04:00 |
Justin Richer
|
687517d7f4
|
Merge branch 'master' into claims-editing-ui
|
2015-03-30 12:21:59 -04:00 |
Justin Richer
|
5aa5cc1a10
|
added search by email to user info data stack
|
2015-03-30 12:18:50 -04:00 |
Justin Richer
|
06ae8545ae
|
Merge branch 'master' into uma
|
2015-03-20 18:15:27 -04:00 |
Justin Richer
|
ba0c679e60
|
made "en" the default locale explicitly
|
2015-03-20 10:20:37 -04:00 |
Justin Richer
|
e1769d1545
|
added (optional) permissions sets to access tokens
|
2015-03-17 21:42:36 -04:00 |
Justin Richer
|
1be9da52c6
|
separated ticket object from permission object to facilitate re-use of permission object with tokens
|
2015-03-17 21:16:29 -04:00 |
Justin Richer
|
b635a2bc88
|
fixed DB mapping
|
2015-03-17 19:21:30 -04:00 |
Justin Richer
|
1393251da9
|
added value to claim
|
2015-03-17 18:57:35 -04:00 |
Justin Richer
|
2aadb09f49
|
started claims service, added expiration to permissions
|
2015-03-16 22:52:21 -04:00 |
Justin Richer
|
a57c336e11
|
added uma_authorization to default scope set
|
2015-03-16 12:29:17 -04:00 |
Justin Richer
|
8352145d82
|
Merge branch 'master' into authorization-api
Conflicts:
openid-connect-common/src/main/java/org/mitre/oauth2/service/SystemScopeService.java
openid-connect-server-webapp/src/main/webapp/WEB-INF/application-context.xml
openid-connect-server/src/main/java/org/mitre/discovery/web/DiscoveryEndpoint.java
openid-connect-server/src/main/java/org/mitre/oauth2/web/IntrospectionEndpoint.java
openid-connect-server/src/main/java/org/mitre/openid/connect/web/ClientAPI.java
openid-connect-server/src/test/java/org/mitre/oauth2/service/impl/TestDefaultIntrospectionAuthorizer.java
|
2015-03-13 18:39:26 -04:00 |
Justin Richer
|
4f12fab56b
|
made unused auth codes expired (they're still single-use), refactored auth code service layer
|
2015-03-13 13:45:49 -04:00 |
Justin Richer
|
ad9b49733f
|
externalized queries for scopes, blacklists, user info, pairwise identifiers, and whitelists, closes #771 even harder
|
2015-03-11 16:13:28 -04:00 |
Justin Richer
|
15b97b1dcb
|
Externalized strings for named queries on auth holders, auth codes, clients, and tokens, closes #771
|
2015-03-11 15:51:51 -04:00 |
Justin Richer
|
1735dbca11
|
extracted controller URLs to constants, closes #769
|
2015-03-11 13:20:59 -04:00 |
Justin Richer
|
617d485478
|
updated all references to media types to use constants instead of literals, closes #767
|
2015-03-11 12:06:38 -04:00 |
Justin Richer
|
ee522100b9
|
Merge branch 'master' into uma-introspection
* master:
fixed logger variable name
made logger declarations consistent across project, closes #780
Fixed logger
null safe
removed DateUtil
added icons to scope editing panel
|
2015-03-10 15:03:26 -04:00 |
Justin Richer
|
65d7b00f4d
|
added uma-processing of scopes to introspection results
|
2015-03-10 12:38:37 -04:00 |
Justin Richer
|
627bcaee43
|
added client_id to resource sets
|
2015-03-10 12:38:13 -04:00 |
Justin Richer
|
e5e4c15058
|
removed introspection authorizer hook
|
2015-03-10 11:12:37 -04:00 |
Justin Richer
|
c09b63c69f
|
made logger declarations consistent across project, closes #780
|
2015-03-08 21:56:33 -04:00 |
Justin Richer
|
e59e988809
|
made permission service enforce scoping
|
2015-03-06 15:50:14 -05:00 |
Justin Richer
|
5ff9cd1bbb
|
implemented permission registration API
|
2015-02-28 17:59:37 -05:00 |
Justin Richer
|
eed8fb0b28
|
created skeleton of permission registration API
|
2015-02-28 08:33:09 -05:00 |
Justin Richer
|
c41488b103
|
moved an uma package to common, extracted OAuth scope enforcement utility
|
2015-02-28 08:32:47 -05:00 |
Justin Richer
|
5be7d64c7d
|
moved all uma files to their own package
|
2015-02-28 07:24:53 -05:00 |
Justin Richer
|
0d96b6a28a
|
changed name of scope to match uma spec
|
2015-02-27 20:46:48 -05:00 |
Justin Richer
|
7a1480bb07
|
moved and consolidated json utilities
|
2015-02-26 16:20:01 -05:00 |
Justin Richer
|
4d88e04e59
|
added resource set registration scope to built in set
|
2015-02-24 17:45:34 -05:00 |
Justin Richer
|
4878e88d4f
|
added list all by owner
|
2015-02-24 17:41:05 -05:00 |
Justin Richer
|
8d22ad03e2
|
implemented remove verb
|
2015-02-24 17:15:18 -05:00 |
Justin Richer
|
89114dcf74
|
implemented update
|
2015-02-24 16:05:18 -05:00 |
Justin Richer
|
0b480bac10
|
implemented get
|
2015-02-24 15:09:52 -05:00 |
Justin Richer
|
3076da1ed8
|
functioning resource set repository layer
|
2015-02-24 12:10:54 -05:00 |
Justin Richer
|
efeead52b6
|
fixed typos in data layer, added blank service layer to resource set
|
2015-02-24 12:00:58 -05:00 |
Justin Richer
|
99bf19e21b
|
removed policy uri from data model
|
2015-02-23 13:51:52 -05:00 |
Justin Richer
|
e7bf75e9a4
|
moved and consolidated json utilities
|
2015-02-23 13:43:08 -05:00 |
Justin Richer
|
90a7304b4e
|
resource set registration endpoint and service shells
|
2015-02-23 11:43:05 -05:00 |
Justin Richer
|
8992841ffa
|
added missing copyright
|
2015-02-23 11:33:20 -05:00 |
Justin Richer
|
071ea579a3
|
added resource set class
|
2015-02-23 11:28:21 -05:00 |
Justin Richer
|
b670f44138
|
added UMA to version number
|
2015-02-19 17:55:25 -05:00 |
Justin Richer
|
593fac83cf
|
scopes can now be set as "restricted" instead of needing to be set "allowDynReg", closes #747
|
2015-02-17 18:25:52 -05:00 |
Justin Richer
|
b376bc6059
|
removed some vestigial service/repository calls, closes #513
|
2015-02-17 16:22:40 -05:00 |
Justin Richer
|
cef6cf17b6
|
externalized a number of strings, closes #385
|
2015-02-17 14:39:15 -05:00 |
Justin Richer
|
05f03f7c90
|
yet more year updates
|
2015-02-17 13:09:45 -05:00 |
Justin Richer
|
994ce6c743
|
consistently named JOSE-based classes, closes #529
|
2015-02-17 12:11:58 -05:00 |
Justin Richer
|
685960358c
|
formatting cleanup
|
2015-02-17 11:08:46 -05:00 |
Justin Richer
|
e2349984b8
|
happy new year 2015!
|
2015-02-17 10:24:08 -05:00 |
Justin Richer
|
cc02f8fbe8
|
pluralized post-logout redirect URI on client, closes #654
|
2015-02-16 16:43:34 -05:00 |
Justin Richer
|
bedc101637
|
import cleanup
|
2015-02-16 15:02:34 -05:00 |
Justin Richer
|
587d4b2db6
|
further pom file cleanup
|
2015-02-16 14:24:48 -05:00 |
Justin Richer
|
377d8cb884
|
moved dependency version management to parent pom, closes #666
|
2015-02-16 13:51:25 -05:00 |
Justin Richer
|
ef3a696972
|
removed getBySubject and getAll from user info repository and service layers, closes #760
|
2015-02-16 11:08:07 -05:00 |
Justin Richer
|
d25602fbe7
|
created a locale resolved tied in with the existing server configuration bean, removed locale interceptor (it doesn't work with fixed resolvers), cleaned up comments and files
|
2015-02-16 10:12:27 -05:00 |
Justin Richer
|
6c88d7c54b
|
removed old owner_id field, closes #636
|
2015-01-17 08:18:36 -05:00 |
Charif Belhaffef
|
e8015051d2
|
add @Transient to function getAuthorizedGrantTypes() so it does not persist
|
2015-01-14 07:09:34 -05:00 |
Justin Richer
|
c6c09b9c6c
|
made default user info parser more robust against null values
|
2015-01-07 18:23:20 -05:00 |
Justin Richer
|
bbeaeb06e3
|
added option to send skip sending nonce if desired, closes #704, closes #683,
|
2014-12-18 23:22:59 -05:00 |
Justin Richer
|
0e776762c2
|
set up data API for 1.2 format (currently the same as 1.1 format)
|
2014-11-15 19:59:47 -10:00 |
Justin Richer
|
c600787f1c
|
added key id to id token, closes #725
|
2014-11-12 16:22:10 -10:00 |
Justin Richer
|
d87bdb2120
|
added ROLE_CLIENT to assertion client authentication, cleaned up roles on client secret authentication, closes #728, closes #401
|
2014-11-12 16:03:06 -10:00 |
Justin Richer
|
b50facd4c2
|
explicitly added Jackson2 to support secoauth serialization, added string converter to work with our API
|
2014-11-11 00:17:03 -10:00 |
Justin Richer
|
e6d10b67a4
|
update to Spring 4 and other related libraries
|
2014-11-10 18:29:54 -10:00 |
Justin Richer
|
f0e2fc6700
|
make user info classes serializable, closes #714
|
2014-10-23 23:30:34 -04:00 |
Justin Richer
|
a59fe0604e
|
generate random fake password for private key clients and shared secret crypto clients to avoid accidentally using client secret authentication and bypassing authentication, closes #715
|
2014-10-23 21:53:32 -04:00 |
Alexander Imfeld
|
9dfac35912
|
Introduce introspection result assembler to allow for customized introspection results
|
2014-10-14 21:06:09 -04:00 |
Pascal Bruckert
|
bf00c1f5e0
|
update spring-security-oauth2 2.0.3 , closes #663
|
2014-10-14 20:48:34 -04:00 |
Justin Richer
|
db052f11ca
|
Moved development branch to 1.2
|
2014-10-07 21:02:07 -04:00 |
Justin Richer
|
134909a82f
|
import cleanup
|
2014-10-07 19:40:38 -04:00 |
Justin Richer
|
1e71749c23
|
added more generic rotation capability
|
2014-10-07 19:40:38 -04:00 |
arielak
|
8495617aed
|
Added support for whitelisted and blacklisted site import from a 1.0 config
|
2014-10-06 22:59:27 -04:00 |
arielak
|
03f2d8f8a0
|
Added service interface for data import/export service and modified AuthenticationHolderEntity and Repository to allow getting all objects
|
2014-10-06 22:58:26 -04:00 |
Justin Richer
|
ec8f708472
|
swapped exception class for existing BeanCreationException, added example flag in config file (commented out)
closes #528
closes #689
|
2014-10-04 14:59:36 -04:00 |
John Brooks
|
3e3613f471
|
Corrected bean setup for checkForHttps case tests.
|
2014-10-04 11:21:01 -04:00 |
John Brooks
|
acc4cf16bd
|
Separated checkForHttps cases into separate test methods.
|
2014-10-04 11:21:01 -04:00 |
John Brooks
|
cf2837f678
|
Initialized forceHttps to false.
|
2014-10-04 11:21:00 -04:00 |
John Brooks
|
0461e51ddc
|
Changed parent class from Exception to RuntimeException; added copyright
language.
|
2014-10-04 11:21:00 -04:00 |
John Brooks
|
e1015e1194
|
Create flag to force HTTPS of value of issuer on server startup, addresses #528
|
2014-10-04 11:21:00 -04:00 |
Justin Richer
|
c683131f12
|
externalized view name strings and tied them to view beans
|
2014-09-28 22:25:39 -04:00 |