OpenID-Connect-Java-Spring-Server

Commit Graph

Author	SHA1	Message	Date
Justin Richer	2496dc114c	allow language system to be loaded from multiple files. closes #817 closes #876	2015-11-24 20:33:55 -05:00
Justin Richer	e255fc1a10	change default behavior of message source, closes #964	2015-11-24 20:33:54 -05:00
Cosmin Cojocar	7b34a666d9	Make the dual client support configurable	2015-11-24 12:10:27 -05:00
Cosmin Cojocar	a80953a2d4	Allow both flows authorization code and client credentials. This scenario might be found when the same client supports user authentication as well as service to service authentication. Such a client is trusted (whitelisted).	2015-11-24 12:10:27 -05:00
Mark Janssen	dce80d488b	Clean up ScopeClaimTranslationService `getFieldNameForClaim` method is never used.	2015-11-23 21:35:16 -05:00
Justin Richer	2deec98b58	[maven-release-plugin] prepare for next development iteration	2015-10-13 18:56:47 -04:00
Justin Richer	d96b2dc130	[maven-release-plugin] prepare release mitreid-connect-1.2.2	2015-10-13 18:56:44 -04:00
Justin Richer	96f4d5e8a8	fixed use of wrong constant, closes #940	2015-10-13 18:08:56 -04:00
Justin Richer	c9358f348a	added transactional annotations, finally closes #926 addresses #862	2015-10-13 16:59:11 -04:00
Justin Richer	e1e892377f	added cleaner for duplicate refresh tokens	2015-10-13 15:38:07 -04:00
Justin Richer	542afca459	cleans duplicate access tokens from DB before other cleanup happens	2015-10-13 15:33:23 -04:00
Justin Richer	ebb4f2c3d4	Upgraded to nimbus 4.2, closes #934	2015-10-13 04:40:01 -04:00
Justin Richer	c67611e975	added qualifier name to persistence unit and transaction manager, closes #883	2015-10-12 21:15:30 -04:00
Justin Richer	d280ca40a4	login hints now handled in a slightly smarter (and more pluggable) manner, closes #851	2015-10-12 20:04:02 -04:00
Mark Janssen	b5c298e0ca	Remove legacy CSRF protection for approve page Instead, we rely on the Spring Security CSRF protection, like we already do for the login page. Additionally, we remove the authentication check in`isApproved`, because this is already done by Spring Security (and if not, we have bigger problems to worry about).	2015-10-09 17:09:46 +02:00
Justin Richer	8b362f23f3	[maven-release-plugin] prepare for next development iteration	2015-10-02 18:53:48 -04:00
Justin Richer	e384a6257b	[maven-release-plugin] prepare release mitreid-connect-1.2.1	2015-10-02 18:53:45 -04:00
Justin Richer	4063f7f94f	user info endpoint response uses correct client algorithms, addresses #921	2015-10-02 18:48:11 -04:00
Justin Richer	acb3d03052	added 'kid' to all signed tokens, closes #899	2015-10-01 18:54:38 -04:00
Justin Richer	d3f8ff2855	added JTI to ID tokens, closes #900	2015-10-01 17:24:47 -04:00
Justin Richer	9822748209	grabbed additional places that mention updated_time/updated_at	2015-10-01 15:53:21 -04:00
Sarah Squire	31ea96ce27	Update DefaultOIDCTokenService.java fixed typo	2015-10-01 15:34:01 -04:00
Justin Richer	22c05ec51b	[maven-release-plugin] prepare for next development iteration	2015-08-05 12:07:47 -04:00
Justin Richer	e6b64cd9cd	[maven-release-plugin] prepare release mitreid-connect-1.2.0	2015-08-05 12:07:44 -04:00
Justin Richer	489450b1c2	automated code format cleanup	2015-08-05 12:04:14 -04:00
Justin Richer	15c2b57730	[maven-release-plugin] prepare for next development iteration	2015-07-30 14:00:20 -04:00
Justin Richer	8317c759f1	[maven-release-plugin] prepare release mitreid-connect-1.2.0-RC2	2015-07-30 14:00:18 -04:00
Justin Richer	0740443768	added claims redirect uri set to client model for UMA usage	2015-07-30 13:56:14 -04:00
Justin Richer	a4e75ed733	[maven-release-plugin] prepare for next development iteration	2015-07-09 18:29:14 -04:00
Justin Richer	58a47d0e46	[maven-release-plugin] prepare release mitreid-connect-1.2.0-RC1	2015-07-09 18:29:12 -04:00
Justin Richer	0714ed514e	fixed errant unit test why do they always get away like that??	2015-07-09 18:16:42 -04:00
Justin Richer	064f36ef6c	clean up resource sets when clients are deleted	2015-07-09 18:07:19 -04:00
Justin Richer	d1c069ad1e	clean up permissions and access tokens when a resource set is revoked	2015-07-09 16:40:07 -04:00
Justin Richer	7345a03aaa	added UMA import, closes #811 even harder	2015-07-09 11:48:52 -04:00
Justin Richer	bcd8a96b5d	UMA data export, closes #811	2015-07-08 21:27:15 -04:00
Justin Richer	a3360e9561	externalized strings in data API (1.2)	2015-07-08 18:05:17 -04:00
Justin Richer	4a382f2b1c	updated unit tests to new structure	2015-07-08 17:32:15 -04:00
Justin Richer	8c822c0f54	detached whitelist from approved sites, closes #781	2015-07-08 17:22:55 -04:00
Justin Richer	c4aaa29ffc	updated unit tests for new refresh token mode	2015-06-25 12:44:52 -04:00
Justin Richer	d9efeb3b67	added clear access tokens to export/import	2015-06-25 12:40:28 -04:00
Justin Richer	2f4d9ce54b	clearing out refresh tokens is now configurable, closes #409	2015-06-25 12:07:38 -04:00
Justin Richer	8359ac2813	fixed refresh token lookup	2015-06-25 11:55:58 -04:00
Justin Richer	d2a393f7f9	converted error handlers to a single @ControllerAdvice class, closes #788	2015-06-24 17:26:10 -04:00
Justin Richer	f4a1b27e2e	better handling of HTTP and JSON errors on network fetches, added http-forcing behavior for webfinger client and sector URL service	2015-06-23 22:21:18 -04:00
Justin Richer	f7a082d4b8	wrapped timestamp injection in a null-safe block, with warning; closes #849	2015-06-23 20:57:24 -04:00
Mark Janssen	9e74e40453	Use diamond syntax instead of explicit types	2015-06-03 10:24:48 -04:00
Mark Janssen	6dc2b2cb5e	Various small improvements/bugfixes	2015-06-03 10:24:41 -04:00
Justin Richer	d1e8529a7b	expose ID Token and UserInfo to the AuthoritiesProvider and AuthoritiesMapper, both extensible closes #699 closes #761	2015-06-01 21:11:19 -04:00
Justin Richer	4655650a68	added OAuth error display page, closes #559	2015-06-01 19:21:32 -04:00
Justin Richer	dfc8df42f5	moved server configuration injection to pre-request	2015-06-01 19:09:42 -04:00

1 2 3 4 5 ...

1338 Commits (c59f722cc2b2cf951b94c9680f092ea318957f92)