Commit Graph

309 Commits (b2b6fd6448bec9fe75c346fa07e1f76d687bb394)

Author SHA1 Message Date
Amanda Anganes cf348590b0 Removed unused ClientGeneratorFactory 2012-08-09 12:44:21 -04:00
Amanda Anganes d6d80c3e60 Gave OAuth2RefreshTokenEntity a Long Id 2012-08-09 12:44:21 -04:00
Amanda Anganes 6b1dad7215 Gave OAuth2AccessTokenEntity a Long Id 2012-08-09 12:44:21 -04:00
Amanda Anganes 780839dbf9 Made things compile after ClientDetailsEntity refactoring 2012-08-09 12:44:21 -04:00
Amanda Anganes a68a4f9796 Organized ClientDetailsEntity, updated JPA annotations. Updated sql files to match. Naming conventions: table and column names with multiple words should be seperated by underscores; table and column names should be singular. 2012-08-09 12:44:21 -04:00
Amanda Anganes 15428a875e Added additional fields to ClientDetailsEntity and did some reorganization, still some more to do. Added "id" field to the sql file, but the sql still needs all of the other additional fields. 2012-08-09 12:44:21 -04:00
Amanda Anganes 8d4e046408 All logging is now org.slf4j. We had a mix of org.slf4j and apache commons-logging. Added error logging to all view which throw errors. 2012-08-07 10:04:38 -04:00
Amanda Anganes a061e64abf Merge branch 'user-approval-handler-updated-rebase' 2012-08-06 16:30:03 -04:00
Amanda Anganes 5fb67ab7bb Did a lot of cleanup; untested but compiles 2012-08-06 14:33:16 -04:00
Amanda Anganes 2f28cf33e7 Changed UserInfo refs in WhitelistedSite to String ids; updated the user approval handler to check if "remember this decision" is checked and only make a new AP if so, and to pull in the scopes selected on the approval page as the saved allowed scopes for that AP. 2012-08-03 16:43:37 -04:00
Amanda Anganes b87d54b06e Changed UserInfo references to String "userId" references 2012-08-03 13:32:17 -04:00
Amanda Anganes 845976b8ac First stages of getting the graylist portion to work. Currently no mechanism for telling the system NOT to remember your decision; that will come later. All approvals will be automatically stored with this code. 2012-08-03 12:49:40 -04:00
Justin Richer 51b8dbe065 Revert "updated jwtHeader typ to use an enum" -- set things back to using a string
This reverts commit 3b2268c622.
2012-08-02 14:16:55 -04:00
Justin Richer 164090e9d5 added jwt string stability to several places, fixed jwe parser 2012-07-31 15:29:33 -04:00
Amanda Anganes 676808bdac got things to deploy - could not reference UserInfo directly in ApprovedSite and WhitelistedSite; needed to reference DefaultUserInfo instead. 2012-07-31 14:50:24 -04:00
Amanda Anganes 4e10fce7ef Implementing user approval handler; made some modifications to ApprovedSite and WhitelistedSite models, repositories, and service layers. 2012-07-31 14:50:24 -04:00
Mike Derryberry 3b2268c622 updated jwtHeader typ to use an enum 2012-07-31 11:29:48 -04:00
Mike Derryberry 95dcb10472 updated encrypter/decrypter to store keys as member variables rather than to pass them in 2012-07-31 11:29:32 -04:00
Mike Derryberry 61c7231d9a updated encrypter and decrypter to use enum class rather than fragile parsing 2012-07-31 11:28:46 -04:00
Mike Derryberry 5f80ebc89a changing encryption/decryption code to use enum classes rather than shady parsing techniques 2012-07-31 11:28:23 -04:00
Justin Richer 789f41bdbe fixed client details regression 2012-07-31 10:44:25 -04:00
Justin Richer 3e6f66e2dc Merge branch 'master' of https://github.com/ssayer/OpenID-Connect-Java-Spring-Server into ssayer-pullreq-124 2012-07-31 10:43:33 -04:00
Justin Richer d07667576e cleaned up old code 2012-07-30 16:50:44 -04:00
Justin Richer 40f39a18e0 cleaning up introspection endpoint 2012-07-30 16:50:44 -04:00
Justin Richer f9dd9df7cd added skip to test for encryption if not running unlimited strength java 2012-07-30 14:47:02 -04:00
Justin Richer 92e779257d testing key sizes, still failing outside of bouncycastle 2012-07-30 13:40:20 -04:00
Samuel Sayer 1dd2aaf8a1 add JsonObject export for JWK keys 2012-07-30 09:27:03 -04:00
Justin Richer 319568d971 refactored JWA algorithm markers to use enum instead of string as stored class 2012-07-23 20:21:31 -04:00
Justin Richer 165f3ea292 fixed some unit tests, broke others 2012-07-23 18:44:47 -04:00
Mike Derryberry e4bc66ba33 small TODO statements cleared up 2012-07-23 18:31:27 -04:00
Mike Derryberry 4deaffd686 updated hmac and rsa signer to use afterPropertiesSet(), abstract oidc auth filter now adds multiple signers to map and then picks the one it needs, and key fetcher now gets jwk 2012-07-23 18:31:27 -04:00
Justin Richer 8b848af0fb cleaned up signer initialization calls and algorithm-setting code, cleaned up algorithm names, renamed encrypter/decrypter classes 2012-07-23 18:17:31 -04:00
Mike Derryberry d204ff1e69 removed constructor for RsaDecrypter and RsaEncrypter 2012-07-17 14:07:58 -04:00
Mike Derryberry 4f78c3db80 removed verification of signature in decryption 2012-07-17 13:40:14 -04:00
Mike Derryberry 1dbf2808c1 changed imports 2012-07-17 10:57:36 -04:00
Mike Derryberry e380d85ad7 updated encryption/decryption to dynamically get mode for cipher. also made the keyDataLen come from the kdf parameter rather than enc 2012-07-17 10:57:10 -04:00
Mike Derryberry 5d3d888c3f finished testing. fixed MessageDigest problems in generating cek and cik 2012-07-17 10:56:43 -04:00
Mike Derryberry 13e0a7c4bb tests for encryption/decryption done 2012-07-17 10:56:09 -04:00
Mike Derryberry 88a052019a added testing for encryption and decryption. slight bug where [ ] gets appended to clearText. working on that 2012-07-17 10:55:46 -04:00
Mike Derryberry 5152fa1c69 added tests for encryption and decryption. WIP 2012-07-17 10:55:10 -04:00
Mike Derryberry 26792d2fba updated decryption to generate cik and cek based off of key derivation 2012-07-17 10:54:36 -04:00
Mike Derryberry d86ee2329b updated encryption to generate cek and cik through key derivation. also fixed signers to use afterPropertiesSet() 2012-07-17 10:54:09 -04:00
Mike Derryberry 7e7cd4f480 update to encryption/decryption. added cmk, cek, and cik use 2012-07-17 10:53:36 -04:00
Mike Derryberry bc1ff0d964 updated jwe, jwt, and jwk models to have new parameters that were released in latest JOSE update 2012-07-17 10:53:04 -04:00
Mike Derryberry 70e90bc4c1 updated decryption 2012-07-17 10:52:38 -04:00
Mike Derryberry 025f7f3d66 updated encryption to sign using int value rather than alg 2012-07-17 10:52:16 -04:00
Justin Richer cd222ad66e got rid of ghost dependency in pom.xml for common 2012-07-17 10:51:49 -04:00
Mike Derryberry 754e8406bb removed web app from this git repository 2012-07-17 10:51:20 -04:00
Mike Derryberry 99a574d303 encryption completed, decryption WIP 2012-07-17 10:50:35 -04:00
Mike Derryberry cee44de3d1 updated encryption class to include AbstractJwtEncrypter 2012-07-17 10:50:06 -04:00
Mike Derryberry caf2a7b494 updated encryption service to encrypt key and claims and then sign the jwe. decryption updated to decrypt encrypted key and ciphertext 2012-07-17 10:49:29 -04:00
Mike Derryberry cf0ce7b1fb updated encryption and decryption for claims. WIP 2012-07-17 10:48:47 -04:00
Mike Derryberry e252951612 added encrypter/decrypter for claims to get ciphertext 2012-07-17 10:48:07 -04:00
Mike Derryberry 33cc3fa899 Added spring simple web app for testing, encryption and decryption classes for rsa and hmac, still WIP 2012-07-17 10:47:41 -04:00
Amanda Anganes 01793ec57f added preferred_username claim to userinfo endpoint 2012-07-06 16:02:11 -04:00
Amanda Anganes 50241e4da1 changed UserInfo.verified to UserInfo.emailVerified. 2012-07-06 14:11:43 -04:00
Justin Richer f0c949fd09 added scope-based filter for userinfo 2012-07-05 17:14:51 -04:00
Justin Richer c24a2206e9 updated jwtheader parser 2012-07-03 16:43:00 -04:00
Justin Richer ac7a53b234 bugfix: call setNonce instead of setType 2012-07-03 16:38:53 -04:00
Justin Richer a03129f70a added documentation updates 2012-07-02 14:18:25 -04:00
Justin Richer c619e736f9 removed eclipse files from repository 2012-06-29 15:13:52 -04:00
Justin Richer de1597b214 refresh token handling fixed, removed token factory references 2012-06-28 16:55:11 -04:00
Amanda Anganes 4e3c99abe4 Merge branch 'validityIntegers' 2012-06-26 13:55:26 -04:00
Amanda Anganes 81d1af40bd Updated our ClientDetailsEntity *TokenTimeout fields to be *ValiditySeconds, which are now typed as proper Integers in the SECOAUTH ClientDetails interface 2012-06-26 13:54:01 -04:00
Justin Richer 1127a7cfbc refactored JWKs, updated signing servier to use them 2012-06-25 17:19:25 -04:00
Justin Richer adb8499bee merged derryberry code, plus tweaks, still WIP 2012-06-25 16:42:41 -04:00
Mike Derryberry b1fc07bcb8 updated -common code to get a validation service from a server configuration 2012-06-21 14:37:30 -04:00
Amanda Anganes 2930719700 Added architecture diagram 2012-06-20 15:07:37 -04:00
Mike Derryberry b94fbd7439 updated -common and -client code by removing throws exception, changing to rest templates, and updating test cases to use annotations 2012-06-20 09:36:55 -04:00
Justin Richer fe3bbfb3d5 Further cleanups. Still missing:
- All tests extend TestCase, should use annotations instead
- Several elements throw Exception
- Key Fetchers should use RESTTemplates and be in a separate utility set
2012-06-15 17:11:58 -04:00
Justin Richer b86abdd761 merge from pull request, plus cleanup 2012-06-15 15:36:14 -04:00
Justin Richer 731ad2e2e2 updated SECOAUTH reference, fixed some SQL files, temporarily closed token timeout issue 2012-06-15 12:05:08 -04:00
Justin Richer ace5dd1f1e imported userinfouserdetails filter from MITRE codebase 2012-06-13 16:33:55 -04:00
Mike Derryberry 65dc3daaf8 smart client 2012-06-12 16:09:01 -04:00
Amanda Anganes 2a05ff995d Added support for additional field in ClientDetailsEntity.java. 2012-06-11 16:27:35 -04:00
Mike Derryberry 3e810cb5dc Merge remote-tracking branch 'mitre/master' 2012-06-07 14:29:13 -04:00
Mike Derryberry fad6caa968 Added testing for signers for Hmac, Rsa, and Plaintext 2012-06-07 14:28:09 -04:00
Justin Richer e44697cef9 updated JWK display to latest, closes #58 2012-06-05 16:07:19 -04:00
Justin Richer 5c72d8b95f revocation endpoint cleanup, still needs views 2012-06-05 11:24:11 -04:00
Justin Richer 27219c066d refactored our service to reflect upstream 2012-06-05 10:18:26 -04:00
Mike Derryberry ee28d56031 initial implementation of x509 and JWK key retrieval 2012-06-01 10:51:28 -04:00
nemonik 8917e75010 see issue #19 2012-05-30 15:14:15 -04:00
Michael Joseph Walsh 6f43040587 slight sequence diagrams tweaks, mods to account-chooser and openid-connect-client 2012-05-16 21:12:58 -04:00
Michael Jett 3402a3e463 ClientAPI now fully supports RESTful DELETE 2012-05-16 14:32:40 -04:00
Michael Jett af6e043239 Client Entity now initialized with non-null values so JPA won't flip. Added unified method for saving. Sync'd class member names to allow proper binding. 2012-05-16 13:27:53 -04:00
Michael Jett 0c7ea88323 Client updates. 2012-05-15 17:03:17 -04:00
Stephen Moore 49e96778b8 Missed a file 2012-05-10 17:46:09 -04:00
Stephen Moore fd91c884bb Made interfaces... deleted a thing. 2012-05-10 17:45:10 -04:00
Justin Richer ffe31e6049 merged config from bean config config bean bean 2012-05-09 15:32:13 -04:00
Justin Richer e158ef6fc2 added config bean 2012-05-09 15:20:15 -04:00
Amanda Anganes e33f277bbe Updated classes to track newest version of SECOAUTH. This update closes issues #3, #4, #8, and #36 (infinite redirects). This revision changes the authorization and token endpoints to be /openidconnect/auth and /openidconnect/token, respectively. 2012-05-09 15:16:56 -04:00
Stephen Moore 2cf12d4078 Made getAll use ? extends UserInfo 2012-05-08 16:23:36 -04:00
Justin Richer 97dffb6414 added copyright to all java files. closes #11 2012-04-27 17:55:58 -04:00
Justin Richer 6724866099 moved jwt components, utilities, and various interfaces to -common from -server 2012-04-27 15:20:49 -04:00
Justin Richer 59ecb03548 added getter/setter for userinforepository, closes #40 2012-04-27 15:11:25 -04:00
nemonik 6eb8284695 version needed to be modified to 0.1-SNAPSHOT in order to deploy snapshot to nexus 2012-04-13 13:43:39 -04:00
Amanda Anganes 269a354f8c Added tables.sql, which is just a concatenation of all the other sql files. Added redirect_uris.sql, which is a NEW table needed to support clients registering multiple redirect uris.
This updates us to the HEAD revision of SECOAUTH, where the redirect uri field on ClientDetails has been updated to be a Set<String> instead of a single string. I updated the UI code so that it will still work, but it will need to be updated to allow users to register multiple uris.
This also closes issue #2 from the issue tracker.
2012-04-10 13:44:10 -04:00
Stephen Moore 1a1ae4c5b5 Removed Replacer plugin 2012-03-23 15:55:30 -04:00
Amanda Anganes 8b10b83516 Added setNonce to JwtClaims. 2012-03-23 11:08:49 -04:00
U-MITRE\mjwalsh b4836a0302 mods to auth filter including config comments, http socket time out... 2012-03-22 17:49:30 -04:00
Justin Richer c51bb72fe5 merged keystore changes 2012-03-22 13:50:47 -04:00
nemonik 3f2631367f added comments on configuration of client 2012-03-22 12:16:24 -04:00
Justin Richer 664dd1df46 JWT claims can now have nulls in them without barfing 2012-03-22 11:46:48 -04:00
Justin Richer c59d3fe963 it spits out JWTs! and id tokens! JWT still needs to handle nulls 2012-03-21 17:59:48 -04:00
Amanda Anganes ebe72412fe Authorization Grant flow works up to serializing the returned Access Token. Justin is investigating serialization problems. 2012-03-21 16:44:16 -04:00
Justin Richer b463cabc69 fixed configuration, moved sql file 2012-03-16 16:46:46 -04:00
Justin Richer 2f29cc52b2 Merge branch 'client_refactor' 2012-03-16 16:28:51 -04:00
Justin Richer baf7c1c166 fixed dependencies and project configurations 2012-03-16 16:18:33 -04:00
Justin Richer e6e7504213 added files and shuffled things to new packages 2012-03-16 15:46:23 -04:00