github
/
OpenID-Connect-Java-Spring-Server
mirror of https://github.com/mitreid-connect/OpenID-Connect-Java-Spring-Server
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
1,326 Commits
17 Branches
69 Tags
78 MiB
Commit Graph

317 Commits (ae6721dd101478deb1b1fe911bd63cc25f283de8)

Author SHA1 Message Date
Justin Richer 51a7ccc397 entity -> embed 2013-03-05 16:33:13 -05:00
Justin Richer 0d25d4cb17 null-preserving static parsers instead of constructors 2013-03-05 12:10:33 -05:00
Justin Richer 26f03ec070 timestamp for creation date 2013-03-04 16:11:20 -05:00
Justin Richer fc978ac994 made require_auth_time nullable again 2013-03-04 15:44:49 -05:00
Justin Richer bbde2d3b90 todo 2013-03-04 15:06:31 -05:00
Justin Richer db24c203ec added parser to client registration endpoint 2013-03-04 15:01:02 -05:00
Justin Richer 5c044b9eff added extra client fields to DB model, moved services to use new client model object 2013-03-04 14:22:42 -05:00
Justin Richer 3f8d7d70e5 updated client model to match OAuth Dyn Reg and OIDC Reg 2013-03-04 12:48:05 -05:00
Justin Richer 5b9422ffdf cleaned up old unit tests 2013-03-04 11:37:49 -05:00
Justin Richer d7c857b09f switched jwk view to use nimubs 2013-03-01 17:44:44 -05:00
Justin Richer 6c1e6b2d74 refactored signing and validation, added jwk-based cache, removed keyfetcher, refactored client side class structure 2013-03-01 17:44:44 -05:00
Justin Richer 385853fa1f refactored signing and validation, added jwk-based cache, removed keyfetcher, refactored client side class structure 2013-03-01 17:44:44 -05:00
Justin Richer 0712d8c340 updated spring version 2013-03-01 17:42:48 -05:00
Amanda Anganes 60b679e942 First steps towards adding display variables to config bean 2013-02-22 17:10:14 -05:00
Justin Richer a184b79b06 store tokens with .serialize() not .toString() 2013-02-22 12:08:01 -05:00
Justin Richer 970e3f2f79 not entities after all 2013-02-22 12:08:01 -05:00
Justin Richer 3d9ec51eb3 converted client filters to nimbus-jose 2013-02-22 12:08:01 -05:00
Justin Richer 8d8010d90f missed a little bit there 2013-02-22 12:08:01 -05:00
Justin Richer 87fc92f97d extra constructors for algorithm wrappers 2013-02-22 12:08:01 -05:00
Justin Richer e5732da857 added system default signing algorithm, converted token provider and enhancer to use nimbus-jose 2013-02-22 12:08:01 -05:00
Justin Richer 10ab55a7e2 moved jwk/x509 publishing over to nimbus-jose (mostly) 2013-02-22 12:08:01 -05:00
Justin Richer fca30cd13f added provisions to bootstrap signing and validation service from config files 2013-02-22 12:08:01 -05:00
Justin Richer 520f55f960 reinstated signing and validation service 2013-02-22 12:08:01 -05:00
Justin Richer 46a3e70377 removed idtoken class, removed all jwe/jwt tests 2013-02-22 12:08:01 -05:00
Justin Richer d00b351f32 moved token classes to use Nimbus-JOSE 2013-02-22 12:08:01 -05:00
Justin Richer 1f50945831 added wrapper classes for JWE/JWS algorithms, switched client entity model to use and store them. 2013-02-22 12:08:01 -05:00
Justin Richer 6dc9020a31 deleted local JOSE implementation classes 2013-02-22 12:08:01 -05:00
Justin Richer d0fdf8140e sorting on approval page 2013-02-05 15:47:32 -05:00
Justin Richer eb4773ce46 beginning dynamic scopes on auth page 2013-02-05 11:28:39 -05:00
Justin Richer c2b9fd4db1 system scope ordering consistency 2013-02-05 11:11:41 -05:00
Justin Richer cab36a2b80 added appropriate filterered and transformative actions to scope service 2013-02-03 22:04:55 -05:00
Justin Richer ab35186696 added scope service, repository, and API 2013-02-03 22:02:24 -05:00
Justin Richer 19e7b62a42 removed persistence.xml and moved to pure spring-based config, addresses #194 2013-02-03 22:02:23 -05:00
Justin Richer a3619240e6 added site scope 2013-02-03 22:02:23 -05:00
Justin Richer f0ee36dad2 auth_type -> auth_method (addresses #258) 2013-01-18 18:26:55 -05:00
Justin Richer e4284353e8 added azp, addresses #247 2013-01-18 18:09:32 -05:00
Justin Richer da43ba4d55 audience field is now plural 2013-01-18 17:59:46 -05:00
Justin Richer 27a26e0a35 (user_id/prn) -> sub 2013-01-18 16:40:05 -05:00
Justin Richer 0ab4ad4bbe added "birthdate", addresses #253 2013-01-18 15:38:41 -05:00
Justin Richer a6806255b8 use sign-magnatude not twos-complement in key parsing 2013-01-18 15:10:48 -05:00
Justin Richer e8095bab26 principal and audience are different (I thought I fixed this??) 2013-01-18 15:10:48 -05:00
Justin Richer c946a84b09 adapted keyfetcher to be more general 2013-01-18 15:06:00 -05:00
Amanda Anganes a4637ec395 Fleshed out nonce service classes, added code to token service impl to check for and store nonces. Added JodaTime library for working with dates. 2013-01-04 15:30:24 -05:00
Amanda Anganes c7ae315e98 Added initial files for nonce service. Repository and service impls are stubs 2013-01-04 15:30:24 -05:00
Justin Richer 18ddd8333f added flag to allow introspection, relaxed same-client restrictions on introspection and chained tokens 2012-12-18 11:07:24 -05:00
Justin Richer 51b67ebc03 added queries to get access token from id token 2012-12-14 17:35:20 -05:00
Justin Richer b49c6571e8 fixed empty constructor of id token, fixed bug in copy constructor of claimset 2012-12-14 17:35:20 -05:00
Justin Richer 6344a72519 missed a few applicationName references, fixed API JSON rendering 2012-12-11 15:16:18 -05:00
Justin Richer 33ceedb283 added scope and grant_type, switched to timeunit 2012-12-11 12:11:09 -05:00
Justin Richer e2bc15c2b2 beginning of client registration refactor to track IETF dynreg spec 2012-12-10 17:36:33 -05:00
Justin Richer 0659432561 removed builder 2012-12-10 17:16:57 -05:00
Justin Richer 7586c6d661 added "NONE" type auth 2012-12-10 17:16:35 -05:00
Justin Richer 4bd289c18c shadowed null id token from serializer 2012-12-10 11:30:16 -05:00
Justin Richer f072aba3f5 moved client details service, fixed authorities mapper 2012-12-10 09:49:07 -05:00
Justin Richer 7342da6a51 completed making id tokens into access tokens 2012-12-06 16:24:04 -05:00
Justin Richer b8f701d9d8 switched id tokens to entities, they're now access tokens also 
still needs some work to get the auth object right, for now we're just copying from the access token
 2012-12-06 10:19:21 -05:00
Justin Richer 4698552c2d made email_verified nullable, addresses #237 2012-12-05 16:54:15 -05:00
Justin Richer 413c477879 utility method for approved sites to check expiration 2012-11-26 14:25:38 -05:00
Justin Richer 45ca4e565e updated to SECOAUTH-1.0.1-BUILD-SNAPSHOT 2012-11-26 11:53:19 -05:00
Amanda Anganes f50726ab31 Issue 209 - typo 2012-11-21 14:51:30 -05:00
Justin Richer 9c08944a02 Changed arity on approved sites (now can have many per user/site combo) 2012-11-20 14:07:55 -05:00
Justin Richer e9d1ed270d service layer cleanups 2012-11-19 13:46:09 -05:00
Justin Richer 757e21a722 added blacklist API 2012-11-16 11:57:46 -05:00
Amanda Anganes 2a0602863e Conveted Booleans to booleans 2012-09-20 11:32:59 -04:00
Amanda Anganes 51073a7f8d Refactor part 3 2012-09-18 15:01:05 -04:00
Amanda Anganes dd2abd94d1 Refactoring part 2 2012-09-18 14:36:27 -04:00
Amanda Anganes c40efda6b5 Refactor part 1 2012-09-18 14:24:34 -04:00
Justin Richer 920b2a59ba Fixed error logging 2012-09-10 17:17:03 -04:00
Justin Richer 2d24435365 Created custom resolver, handler mapper 
moved endpoint back to server
 2012-09-10 17:17:03 -04:00
Justin Richer be1046f9b6 bean-based configuration 2012-09-10 17:17:03 -04:00
Justin Richer 7eb0a6f3d2 Moved JWK to commons 2012-09-10 17:17:03 -04:00
Justin Richer 42389286e4 removed non-RSA algorithms from JWE encrypter/decrypter functions 2012-09-06 17:28:17 -04:00
Justin Richer 558a6286e2 switched to Guava for parsing ints into bytes, addresses #154 2012-09-06 17:26:20 -04:00
Justin Richer 2b62042696 unshadowed Jwe header, unshadowed IdTokenClaims, added smart copy constructor to ClaimSet 2012-09-06 17:20:22 -04:00
Justin Richer 11b35267b4 Refactored stats processor into a service, made home page into a smart page. 2012-08-28 17:42:43 -04:00
Justin Richer d041ddb0e1 Added approvedSite API and support structure 2012-08-28 15:28:55 -04:00
Justin Richer 8ae1b376fe updated whitelist service and repository 2012-08-28 15:28:55 -04:00
Justin Richer 140de779fd converted userid type to enum 2012-08-27 16:00:27 -04:00
Justin Richer 1c34f83297 Fixed JWS algorithm parsing 2012-08-27 15:58:23 -04:00
Justin Richer 29ac1a3a70 reverse lookup for clientdetails utiltiy classes 2012-08-27 14:45:14 -04:00
Justin Richer 21ff134383 JWS coment/format cleanup 2012-08-27 14:45:02 -04:00
Justin Richer b5ce8d5e8b added getByUsername to userinfo repositories and supporting classes, updated calling classes to use this 
fixed namedquery
 2012-08-23 18:23:47 -04:00
Justin Richer ba24ca1f60 removed unused utility method 2012-08-23 18:22:29 -04:00
Amanda Anganes ba5572b28a Tidied up a bit, added javadoc comments to new classes 2012-08-23 11:05:10 -04:00
Amanda Anganes c23b176567 Database backed authorization-code-service now works. 2012-08-23 10:46:08 -04:00
Amanda Anganes 4b76cc514b Added a database-backed authorization-code system. Untested; needs to be injected into configuration in the place of the in-memory one and tested 2012-08-22 16:54:00 -04:00
Amanda Anganes dc61068702 Split approved site and whitelisted site scope tables. 2012-08-22 15:21:42 -04:00
Justin Richer a02f37cec3 added generators to client service API 2012-08-20 12:22:18 -04:00
Justin Richer 26d5a846e0 Updated validator structure and id token checking. 2012-08-17 16:18:08 -04:00
Justin Richer 012bb4afd7 Changed casing on "URI" to "Url" to match other parameters. 2012-08-17 15:32:04 -04:00
Justin Richer d14f55004c added parser to userinfo object, userinfo url in filter, fixed bug in user_id check 2012-08-17 14:40:13 -04:00
Justin Richer fbd6e67af8 Refactored auth provider to call the userinfo endpoint and provide info inside the auth token. 2012-08-17 14:40:13 -04:00
Mike Derryberry 1efe7a1fc3 updated check of algorithm in signing method" 2012-08-14 10:55:07 -04:00
Justin Richer 155974d8e3 moved services and api over to using new client Id field (instead of client_id) 2012-08-10 16:53:31 -04:00
Justin Richer eb5a24690f added method to get client by its (new) Long id 2012-08-10 16:29:16 -04:00
Justin Richer 47ff885032 removed unnecessary cached token values 2012-08-10 14:26:47 -04:00
Justin Richer 74a40fc973 changed auth holder reference, moved dates to timestamps 2012-08-10 14:26:47 -04:00
Justin Richer bb7d6b2e94 split scopes table 2012-08-10 14:26:47 -04:00
Justin Richer ed99bd36cf changed clientdetails entity to use @Enumerated, cleaned up .sql file foreign keys 2012-08-10 14:26:47 -04:00
Justin Richer 2d8a5763a3 javafied auth holder class 2012-08-10 14:26:47 -04:00
Amanda Anganes 97d7bc9c13 added field to indicate whether the client has been dynamically registered 2012-08-09 15:55:07 -04:00
Amanda Anganes f724d3a9fe updated userinfo table definitions 2012-08-09 12:44:22 -04:00
Amanda Anganes 617e9568d8 Fixed bugs; I can get tokens now. User approval handler seems to be working corrrectly. 2012-08-09 12:44:22 -04:00
Amanda Anganes 49cb8bd0cb fixing bugs; needed to make all ids BIGINT AUTO-INCREMENT PRIMARY KEY in sql files 2012-08-09 12:44:21 -04:00
Amanda Anganes 0757642e67 removed "s" from allowed_scopes 2012-08-09 12:44:21 -04:00
Amanda Anganes 9c32e92da5 Cleaned up sql tables some more; sticking to _ naming convention 2012-08-09 12:44:21 -04:00
Amanda Anganes d7deda1699 Propogated AuthenticationHolder effects; this is untested but compiles and I think it is mostly correct 2012-08-09 12:44:21 -04:00
Amanda Anganes 90df91c351 Added AuthenticationHolder object, got references squared away for AccessToken side. Compiles. 2012-08-09 12:44:21 -04:00
Amanda Anganes cf348590b0 Removed unused ClientGeneratorFactory 2012-08-09 12:44:21 -04:00
Amanda Anganes d6d80c3e60 Gave OAuth2RefreshTokenEntity a Long Id 2012-08-09 12:44:21 -04:00
Amanda Anganes 6b1dad7215 Gave OAuth2AccessTokenEntity a Long Id 2012-08-09 12:44:21 -04:00
Amanda Anganes 780839dbf9 Made things compile after ClientDetailsEntity refactoring 2012-08-09 12:44:21 -04:00
Amanda Anganes a68a4f9796 Organized ClientDetailsEntity, updated JPA annotations. Updated sql files to match. Naming conventions: table and column names with multiple words should be seperated by underscores; table and column names should be singular. 2012-08-09 12:44:21 -04:00
Amanda Anganes 15428a875e Added additional fields to ClientDetailsEntity and did some reorganization, still some more to do. Added "id" field to the sql file, but the sql still needs all of the other additional fields. 2012-08-09 12:44:21 -04:00
Amanda Anganes 8d4e046408 All logging is now org.slf4j. We had a mix of org.slf4j and apache commons-logging. Added error logging to all view which throw errors. 2012-08-07 10:04:38 -04:00
Amanda Anganes a061e64abf Merge branch 'user-approval-handler-updated-rebase' 2012-08-06 16:30:03 -04:00
Amanda Anganes 5fb67ab7bb Did a lot of cleanup; untested but compiles 2012-08-06 14:33:16 -04:00
Amanda Anganes 2f28cf33e7 Changed UserInfo refs in WhitelistedSite to String ids; updated the user approval handler to check if "remember this decision" is checked and only make a new AP if so, and to pull in the scopes selected on the approval page as the saved allowed scopes for that AP. 2012-08-03 16:43:37 -04:00
Amanda Anganes b87d54b06e Changed UserInfo references to String "userId" references 2012-08-03 13:32:17 -04:00
Amanda Anganes 845976b8ac First stages of getting the graylist portion to work. Currently no mechanism for telling the system NOT to remember your decision; that will come later. All approvals will be automatically stored with this code. 2012-08-03 12:49:40 -04:00
Justin Richer 51b8dbe065 Revert "updated jwtHeader typ to use an enum" -- set things back to using a string 
This reverts commit 3b2268c622.
 2012-08-02 14:16:55 -04:00
Justin Richer 164090e9d5 added jwt string stability to several places, fixed jwe parser 2012-07-31 15:29:33 -04:00
Amanda Anganes 676808bdac got things to deploy - could not reference UserInfo directly in ApprovedSite and WhitelistedSite; needed to reference DefaultUserInfo instead. 2012-07-31 14:50:24 -04:00
Amanda Anganes 4e10fce7ef Implementing user approval handler; made some modifications to ApprovedSite and WhitelistedSite models, repositories, and service layers. 2012-07-31 14:50:24 -04:00
Mike Derryberry 3b2268c622 updated jwtHeader typ to use an enum 2012-07-31 11:29:48 -04:00
Mike Derryberry 95dcb10472 updated encrypter/decrypter to store keys as member variables rather than to pass them in 2012-07-31 11:29:32 -04:00
Mike Derryberry 61c7231d9a updated encrypter and decrypter to use enum class rather than fragile parsing 2012-07-31 11:28:46 -04:00
Mike Derryberry 5f80ebc89a changing encryption/decryption code to use enum classes rather than shady parsing techniques 2012-07-31 11:28:23 -04:00
Justin Richer 789f41bdbe fixed client details regression 2012-07-31 10:44:25 -04:00
Justin Richer 3e6f66e2dc Merge branch 'master' of https://github.com/ssayer/OpenID-Connect-Java-Spring-Server into ssayer-pullreq-124 2012-07-31 10:43:33 -04:00
Justin Richer d07667576e cleaned up old code 2012-07-30 16:50:44 -04:00
Justin Richer 40f39a18e0 cleaning up introspection endpoint 2012-07-30 16:50:44 -04:00
Justin Richer f9dd9df7cd added skip to test for encryption if not running unlimited strength java 2012-07-30 14:47:02 -04:00
Justin Richer 92e779257d testing key sizes, still failing outside of bouncycastle 2012-07-30 13:40:20 -04:00
Samuel Sayer 1dd2aaf8a1 add JsonObject export for JWK keys 2012-07-30 09:27:03 -04:00
Justin Richer 319568d971 refactored JWA algorithm markers to use enum instead of string as stored class 2012-07-23 20:21:31 -04:00
Justin Richer 165f3ea292 fixed some unit tests, broke others 2012-07-23 18:44:47 -04:00
Mike Derryberry e4bc66ba33 small TODO statements cleared up 2012-07-23 18:31:27 -04:00
Mike Derryberry 4deaffd686 updated hmac and rsa signer to use afterPropertiesSet(), abstract oidc auth filter now adds multiple signers to map and then picks the one it needs, and key fetcher now gets jwk 2012-07-23 18:31:27 -04:00
Justin Richer 8b848af0fb cleaned up signer initialization calls and algorithm-setting code, cleaned up algorithm names, renamed encrypter/decrypter classes 2012-07-23 18:17:31 -04:00
Mike Derryberry d204ff1e69 removed constructor for RsaDecrypter and RsaEncrypter 2012-07-17 14:07:58 -04:00
Mike Derryberry 4f78c3db80 removed verification of signature in decryption 2012-07-17 13:40:14 -04:00
Mike Derryberry 1dbf2808c1 changed imports 2012-07-17 10:57:36 -04:00
Mike Derryberry e380d85ad7 updated encryption/decryption to dynamically get mode for cipher. also made the keyDataLen come from the kdf parameter rather than enc 2012-07-17 10:57:10 -04:00
Mike Derryberry 5d3d888c3f finished testing. fixed MessageDigest problems in generating cek and cik 2012-07-17 10:56:43 -04:00
Mike Derryberry 13e0a7c4bb tests for encryption/decryption done 2012-07-17 10:56:09 -04:00
Mike Derryberry 88a052019a added testing for encryption and decryption. slight bug where [ ] gets appended to clearText. working on that 2012-07-17 10:55:46 -04:00
Mike Derryberry 5152fa1c69 added tests for encryption and decryption. WIP 2012-07-17 10:55:10 -04:00
Mike Derryberry 26792d2fba updated decryption to generate cik and cek based off of key derivation 2012-07-17 10:54:36 -04:00
Mike Derryberry d86ee2329b updated encryption to generate cek and cik through key derivation. also fixed signers to use afterPropertiesSet() 2012-07-17 10:54:09 -04:00