Sauli Ketola
bca388d740
Add an index for refresh_token.token_value
7 years ago
Justin Richer
e2d94f422a
new year 2018
7 years ago
Justin Richer
a5a16f27c7
Merge pull request #1353 from col-panic/master
...
Minor typo in en/messages.json (Registrered -> Registered)
7 years ago
Justin Richer
4dd907ea16
Merge pull request #1357 from praseodym/spring-security-4.2.4
...
Upgrade to Spring Security 4.2.4
7 years ago
Mark Janssen
d119559d4d
Upgrade to Spring Security 4.2.4
...
https://spring.io/blog/2018/01/30/cve-2018-1199-spring-security-5-0-1-4-2-4-4-1-5-released
7 years ago
Justin Richer
b804f22bc8
[maven-release-plugin] prepare for next development iteration
7 years ago
Justin Richer
f72e6b3e08
[maven-release-plugin] prepare release mitreid-connect-1.3.2
7 years ago
Justin Richer
1feb0958bd
prepare for release
7 years ago
Justin Richer
6497af40e8
removed erroneous not yet implemented tag from client page
7 years ago
Justin Richer
7dc309c5af
Update CHANGELOG.md
7 years ago
Justin Richer
7f956a5854
Merge pull request #1355 from ocadotechnology/jwt_fix
...
Throwing exception on all other JWT types than SignedJWT
7 years ago
Tomasz Borowiec
37fba622b9
Throwing exception on all other JWT types than SignedJWT
7 years ago
Tomasz Borowiec
c38b9d7a42
added PlainJWT and EncryptedJWT support + tests
7 years ago
Marco Descher
36ec1b82e6
Minor type (Registrered -> Registered)
7 years ago
Justin Richer
fcb119ff6a
Merge pull request #1270 from bodewig/custom_claim_friendly_token_enhancer
...
add hook for custom JWT claims to ConnectTokenEnhancer
7 years ago
Justin Richer
8fb9adefc1
Merge pull request #1342 from bodewig/custom_claims_in_id_token
...
add hook for custom JWT claims to DefaultOIDCTokenService
7 years ago
Justin Richer
0ce55d079a
Merge pull request #1352 from blm126/upgrade-nimbus
...
Upgrade nimbus-jose-jwt to 5.4.
7 years ago
Brady Mulhollem
f7da25fbe8
Upgrade nimbus-jose-jwt to 5.4.
7 years ago
Justin Richer
1c7b9d5b44
Merge pull request #1346 from praseodym/fix-admin-interface-without-trailing-slash
...
Fix interface for issuer URI without trailing slash
7 years ago
Mark Janssen
a1a45aa36a
Fix interface for issuer URI without trailing slash
7 years ago
Stefan Bodewig
01eb1401a3
add hook for custom JWT claims to DefaultOIDCTokenService
7 years ago
Justin Richer
e6130872a9
Merge pull request #1324 from patfrat/master
...
Add French messages
7 years ago
Patrick Fratczak
ca3642b6c3
Add French messages
7 years ago
Bas Verhoeven
85246d2d3e
Parse 'sub' to identify resource owner
...
As per https://tools.ietf.org/html/rfc7662#section-2.2 the `sub` key should
identify the resource owner in oauth2 introspection responses.
This change adds support for the `sub` key and will allow the introspection
response of RFC-compliant servers to be parsed.
Will still try `user_id` first as to not break backward compatibility.
7 years ago
Justin Richer
ce9bf3507f
Merge pull request #1312 from kules/master
...
Correct minor typo error for confirmation message displayed when logging out from IDP
7 years ago
still fetalvero
9bff58085d
Fix typo error for log out to IDP confirmation message
7 years ago
Stefan Bodewig
514dcc3851
add hook for custom JWT claims to ConnectTokenEnhancer
7 years ago
sbke
8b4e461748
Adjustment to generate longer codes
...
RandomValueStringGenerator default constructor creates a code of length six only. The RFC 6819 (OAuth 2.0 Threat Model and Security Considerations) suggests (5.1.4.2.2. Use High Entropy for Secrets) that secrets that aren't used by humans (e.g. client secrets or token handles) have a reasonable level of enthropy. They propose a token lengths of at least 128 bits. Since the RandomValueStringGenerator only uses case sensitive alpha numeric symbols, 22 symbols are needed to achieve an enthropy >=128 bits.
8 years ago
Justin Richer
ef01d3032e
Merge pull request #1228 from leonard84/fix-psql-scripts
...
Fix psql_database script, replace SERIAL with BIGSERIAL and fix ...
8 years ago
Justin Richer
bba18fd118
Merge pull request #1240 from Connz/patch-2
...
Corrected typo
8 years ago
Justin Richer
28ad78e9f3
Merge pull request #1233 from Connz/patch-1
...
Removed double 'sure'
8 years ago
Justin Richer
059e140164
removed old document PDFs from repo
8 years ago
Justin Richer
0b1f9000db
check for missing refresh token value on refresh, closes #1242
8 years ago
Justin Richer
705ac9879c
removed unused field from UI config bean
8 years ago
Justin Richer
4dc31cdfbd
fixed client readme file
8 years ago
Justin Richer
661c242a9f
Updated copyrights
8 years ago
Connz
0859a5d122
Corrected typo
8 years ago
Justin Richer
c11e47a75b
fixed unit test for new default redirect behavior
8 years ago
Justin Richer
2f31ceddf8
set redirect URI matching to strict by default
8 years ago
Justin Richer
7e6864ff38
escaped output values on approval page, closes #1111
8 years ago
Justin Richer
a316306f33
added changelog file
8 years ago
Justin Richer
7b06d91700
[maven-release-plugin] prepare for next development iteration
8 years ago
Justin Richer
8301f35e17
[maven-release-plugin] prepare release mitreid-connect-1.3.1
8 years ago
Justin Richer
f17a44e9b4
downgrade mysql dependency to GA version
8 years ago
Connz
90c3c396ee
Removed double 'sure'
8 years ago
Justin Richer
713e872b8a
fixed discovery endpoint, closes #1230
8 years ago
Justin Richer
9baacc0eaf
Completed end session endpoint
...
Addresses #1129 , addresses #972 , addresses #891 , addresses #1223
8 years ago
Justin Richer
2aa12fc0e3
end session endpoint
8 years ago
Justin Richer
0c46e7cb7a
skeleton of end session endpoint, maybe need a change to user info lookup
8 years ago
Leonard Brünings
e6679b6e4b
Fix psql_database script, replace SERIAL with BIGSERIAL and fix ...
...
BIGINT AUTO_INCREMENT to BIGSERIAL
Change-Id: I19b4433d3bae29b0879be7d9dd9405eabe490482
8 years ago