f12d3c7d30
fixed variable reference
2012-12-11 13:37:14 -05:00
920777128d
switched to uncompressed jquery
2012-12-11 13:29:19 -05:00
829c8ae5f4
tweaked functionality of grant types and scopes
2012-12-11 13:16:33 -05:00
cc36851bdd
propagated field name change to UI
2012-12-11 12:38:55 -05:00
94c37f5815
added redelegate scope to client list, fixed inconsistency with refresh token issuance (addresses #239 )
2012-12-10 16:53:05 -05:00
edc96d646c
added chained token grant
2012-12-10 10:48:38 -05:00
2a206654b6
added client credential protection to revocation endpoint
2012-12-07 17:17:19 -05:00
fbc3c46128
Introspection now draft spec compliant, requires client auth
...
Currently this is the client that originally sent the token, we want to have a way to bind other "clients" to this token as well, like resource services. Also want to let open calls, sometimes.
2012-12-07 17:12:13 -05:00
64ef752f08
added refresh token granter for testing
2012-12-07 09:56:43 -05:00
7561ac9e8c
client dynamic registration now protected by access token, addresses #199
2012-12-06 17:48:23 -05:00
ba7ddf17f9
added bootstrapping for clients, cleaned up sql files
2012-12-05 15:04:14 -05:00
cf7ceb74f3
betterer logout button
2012-12-04 16:40:28 -05:00
2f1a6864b8
made a better logout button
2012-12-04 16:37:57 -05:00
838e029db1
added logout button
2012-12-04 16:18:58 -05:00
f091343d84
moved back to in-memory database by default
2012-12-04 15:56:03 -05:00
49e216412e
Added bootstrapped users set.
2012-12-04 15:51:10 -05:00
e305d3b16b
Making stable in-memory and in-file database with HSQL
2012-12-03 17:53:25 -05:00
061c0f0814
minor cleanup
2012-12-03 16:10:07 -05:00
1bcaa68cb4
Added user_info stuff... and changed serverconfig for issuer...
2012-12-03 14:56:40 -05:00
4fdb0816eb
Moved DB to use in memory HSQLDB. Made authentication-provider use a jdbc-user-service in that in-memory hsqldb.
2012-12-03 14:56:40 -05:00
fce47c239a
added slashes to patterns what needed them, removed vestigial intercept from user-context
2012-11-26 16:23:46 -05:00
122a2de074
First attempt at making API not redirect to /login, failed
2012-11-26 16:05:46 -05:00
d07f67bd76
let user select when grants time out
2012-11-26 14:26:07 -05:00
50040a8ef4
fixed checkbox labels
2012-11-26 12:57:49 -05:00
667c3abc8a
dynamic scope display/selection on approval page
2012-11-26 11:53:19 -05:00
cf4581a5eb
updated configuration to reflect secoauth changes
2012-11-26 11:53:19 -05:00
58b97f7371
stupid javascript
2012-11-20 13:16:08 -05:00
51920ee381
switched to using "uneditable-input" classes instead of disabled input fields
2012-11-19 16:32:04 -05:00
e303319701
got rid of postrender
2012-11-19 16:13:49 -05:00
7a6c96a759
fixed links
2012-11-19 14:10:37 -05:00
4e18fb4525
blacklist management UI
2012-11-19 13:01:16 -05:00
d576df4b31
fixed render length limits on list widget
2012-11-19 11:52:30 -05:00
757e21a722
added blacklist API
2012-11-16 11:57:46 -05:00
1f4b97bc7e
fixed icon and variable reference
2012-11-16 10:14:28 -05:00
e86f19bd7c
added dynamic icons to whitelist table
2012-11-15 17:53:38 -05:00
2beff07d4b
added icons and tooltips to approved site table
2012-11-15 17:51:31 -05:00
20b73ea0c4
tooltip works!
2012-11-15 17:46:13 -05:00
8ecdb8a4ab
added icon to template, popover doesn't work yet
2012-11-15 17:41:00 -05:00
9064b49a54
added refresh buttons to all tables, fixed loading behavior to a proper cascading function call
2012-11-15 16:55:51 -05:00
a88ae8258a
Updated plus and minus buttons in list views, addresses #202
2012-11-15 16:35:17 -05:00
f9aafb5edd
approved sites UI
2012-11-15 14:50:30 -05:00
f4605ef2fc
cleaned out startAfter function
2012-11-15 12:18:47 -05:00
845c11ad3a
methods for creating, editing, and deleting whitelist sites all function
2012-11-14 17:08:58 -05:00
321172c40c
fixed load/fetch order, fixed edit form display, robustified whitelist views against missing client IDs
2012-11-14 16:30:10 -05:00
f39c254353
updated variables for consistency, tracking down a data-loading bug
2012-11-14 15:21:41 -05:00
51cfe1746d
whitelist editing
2012-11-14 15:20:32 -05:00
bb589fc29a
fixed logic error in script inclusion
2012-11-13 18:05:15 -05:00
cccbad2ca1
added whitelist button to table view
2012-11-13 17:55:29 -05:00
7a9d7e6363
Fixed sidebar menu
2012-11-13 17:13:20 -05:00
7b1a2529dc
added whitelist model and template
2012-11-13 17:11:09 -05:00
ee0fe4a9d3
applied placeholder CSS hack to header CSS
2012-11-13 15:35:01 -05:00
86ebdff82b
Revert "Placeholder UI updates"
...
This reverts commit fd89312b0c
2012-11-13 15:08:22 -05:00
030e2ce2df
fixed link scanner
2012-11-13 15:06:09 -05:00
706858c41f
added comments, fixed paths, uncommented logo hide function
2012-11-13 13:27:57 -05:00
f2e1317365
added purl.js library for URL parsing
2012-11-13 13:12:15 -05:00
33f11cb98f
cleanly applied pushstate changes, new URL structure
2012-11-13 13:10:34 -05:00
1d8254bf2f
changed target of approve form
2012-10-24 15:06:56 -04:00
be506ae952
Moved fonts local, fixed loading indicator
2012-09-25 13:37:36 -04:00
84cedbb45e
Support the "Enter" key on list widget
2012-09-25 13:24:38 -04:00
8fc6b2b680
Removing the rest of Justin's load hack
2012-09-25 13:18:31 -04:00
fd89312b0c
Placeholder UI updates
2012-09-25 12:52:55 -04:00
48941f1713
Dynamic JS loading and UI updates
2012-09-25 12:52:54 -04:00
2311cdf1f2
Revert "Dynamic Client Loading Initial Commit"
...
This reverts commit a4e5335eda02cdb6b32a966d194035429ca52915.
2012-09-25 12:52:52 -04:00
d7455dba14
Dynamic Client Loading Initial Commit
2012-09-25 12:52:51 -04:00
29862f15bd
Removed a bunch of commented-out configuration
2012-09-18 15:21:55 -04:00
c40efda6b5
Refactor part 1
2012-09-18 14:24:34 -04:00
0b6aebfefe
Revert "removed postrender function, use render function instead"
...
This reverts commit 2b1e78d195
2012-09-13 11:27:50 -04:00
ebf77bea68
Updated timeout functions
2012-09-13 11:24:48 -04:00
6fdd088125
Updated client secret panel display
2012-09-13 11:24:29 -04:00
be17133a99
Changed "submit" label to "save"
2012-09-13 11:02:53 -04:00
2b1e78d195
removed postrender function, use render function instead
2012-09-13 10:33:52 -04:00
ece1b56095
added missing brackets
2012-09-13 10:33:52 -04:00
fe3e890bb3
changed to table head for input control
2012-09-13 10:33:52 -04:00
d8221a2a35
added missing semicolon
2012-09-13 10:33:52 -04:00
ed75b38ecc
changed list view table styling
2012-09-13 10:33:52 -04:00
d9771f2322
Timout Bugfixes
2012-09-12 13:55:30 -04:00
26c3cf5989
Timout UI refactor
2012-09-12 13:48:01 -04:00
19df5ae032
Timeout form updates. Logo URL updates
2012-09-11 15:06:20 -04:00
cb6767dfb4
Timout form updates
2012-09-11 15:06:17 -04:00
f3c225d8f2
Updated SECOAUTH reference, made required alterations to our configuration
2012-09-07 16:08:15 -04:00
ea16f4e2b6
Fixed merge weirdness
2012-09-07 14:09:10 -04:00
b58ed8b616
Added logoURL stuff
2012-09-07 13:51:58 -04:00
c8f9a3de76
Merge remote-tracking branch 'origin/UI-form-updates'
2012-09-04 13:25:16 -04:00
332fe282be
List Widget UI values cannot be null
2012-08-29 14:40:23 -04:00
fe837c4fa5
comment edit
2012-08-29 13:56:10 -04:00
4fcbbe639f
visual error indicators for redirect uri and scope
2012-08-29 13:54:04 -04:00
15359a236a
Scope UI Auto-complete
2012-08-29 13:36:46 -04:00
11b35267b4
Refactored stats processor into a service, made home page into a smart page.
2012-08-28 17:42:43 -04:00
85e13bd11d
Initial Scope UI updates
2012-08-28 15:59:03 -04:00
59e2f0e127
Backbone List View Widget Initial Commit
2012-08-28 12:49:33 -04:00
0aa6da67de
Bootstrap JS Upgrade
2012-08-28 12:03:08 -04:00
306e07bc36
UI Dynamic List updates
2012-08-27 23:46:06 -04:00
5377a2bac4
Redirect URI UI updates
2012-08-27 17:12:02 -04:00
3e423e9e04
explicitly exposed registration url
2012-08-27 16:46:58 -04:00
d8037c0513
Redirect URL UI initial commit
2012-08-27 16:17:22 -04:00
e4470c9361
mapped the invalid scope exception, addresses #102
...
Still can't access userinfo if you're not using OAuth2
2012-08-27 13:28:54 -04:00
8361f74932
removed innocuous change
2012-08-24 16:00:58 -04:00
42287edc9b
junk comentt showwhich brnach we'ron
2012-08-24 15:27:39 -04:00
a61d94e07e
Cancel buttons on client forms
2012-08-24 14:32:13 -04:00
149080f776
Breadcrumbs are now fully dynamic.
2012-08-24 12:57:10 -04:00
37d6d63772
inject userinfo into context for use in JSPs
...
addresses #99 (for real this time)
2012-08-23 18:23:52 -04:00
6cb0269629
Merge remote branch 'origin/master'
2012-08-23 18:08:13 -04:00
dc1f1965af
Refactoring breadcrumbs. The breadcrumb bar will disappear momentarily.
2012-08-23 18:07:22 -04:00
c23b176567
Database backed authorization-code-service now works.
2012-08-23 10:46:08 -04:00
e5b62e8935
fixed patterns and expressions on http blocks
2012-08-21 14:02:35 -04:00
9eb328831f
changed to proper prefix
2012-08-21 13:55:47 -04:00
af01e26e10
Split up permitAll on enpoints
2012-08-21 12:54:55 -04:00
d2f7e8edf9
Moved SPEL to app-context, and added enpoint permitAlls
2012-08-21 12:53:48 -04:00
6cb7e74046
updated default handling to user proper backbone model handling
2012-08-20 16:49:39 -04:00
74b4fab58c
Client secret processing
2012-08-20 16:06:12 -04:00
9e60da2675
added controls for client secret processing
2012-08-20 12:22:38 -04:00
a65504c0cb
added new exception for userinfo, addresses #133
2012-08-15 16:02:06 -04:00
ec286b9644
removed auth bean from application-context. Added extra parameter checks in request object auth endpoint
2012-08-14 10:55:08 -04:00
c0a61fe47a
moved jquery to page header instead of footer, added focus call on login form
2012-08-14 10:48:38 -04:00
5e898a7b0b
Id toke timeout binding for UI
2012-08-10 17:20:23 -04:00
aaa38a761d
Mis-type for client secret
2012-08-10 17:18:43 -04:00
b99d2ed9dc
Client Id null fix
2012-08-10 17:15:35 -04:00
935b5ed43a
Client Id is now editable
2012-08-10 17:11:13 -04:00
0f9d4ef255
Id refactor UI
2012-08-10 17:05:28 -04:00
480fb8e593
Id refactor UI
2012-08-10 16:26:54 -04:00
3f9e2cfa52
Horizontal UI refactor
2012-08-10 15:29:11 -04:00
66e5cf3f04
Client table button UI tweaks
2012-08-10 14:23:54 -04:00
8d57e0e9ef
Issue # 81 Client UI - Creating new client creates duplicate
2012-08-10 14:19:33 -04:00
a5a102bbe4
Github Issue #116
2012-08-10 11:25:50 -04:00
49cb8bd0cb
fixing bugs; needed to make all ids BIGINT AUTO-INCREMENT PRIMARY KEY in sql files
2012-08-09 12:44:21 -04:00
dc7aac12f9
added custom login form, changed footer to only optionally load app
2012-08-07 12:09:32 -04:00
a061e64abf
Merge branch 'user-approval-handler-updated-rebase'
2012-08-06 16:30:03 -04:00
5fb67ab7bb
Did a lot of cleanup; untested but compiles
2012-08-06 14:33:16 -04:00
2f28cf33e7
Changed UserInfo refs in WhitelistedSite to String ids; updated the user approval handler to check if "remember this decision" is checked and only make a new AP if so, and to pull in the scopes selected on the approval page as the saved allowed scopes for that AP.
2012-08-03 16:43:37 -04:00
845976b8ac
First stages of getting the graylist portion to work. Currently no mechanism for telling the system NOT to remember your decision; that will come later. All approvals will be automatically stored with this code.
2012-08-03 12:49:40 -04:00
9a7e40fee7
moved all bean definitions to annotations, removed orphaned CheckID view
2012-08-02 12:46:35 -04:00
7c33e19950
Changed authorization endpoint to /authorize rather than /auth; updated SWD entry. Also removed checkid entry from SWD.
2012-07-31 14:39:27 -04:00
686412757f
shortened urls
2012-07-31 12:02:21 -04:00
d07667576e
cleaned up old code
2012-07-30 16:50:44 -04:00
1f68c835c0
updated openid connect image
2012-07-16 15:12:35 -06:00
30addb5439
Redirect URI now displayed on approval page.
2012-07-10 16:54:55 -04:00
84aa451095
Added comment for spring-servlet.xml
2012-07-10 13:29:53 -04:00
e5eb2e03d8
added implicit beans
2012-07-09 11:25:45 -04:00
8fe132cb53
formatting
2012-07-05 18:32:31 -04:00
830e07c35c
moved whole configuration from servlet context into application context
2012-07-05 18:26:12 -04:00
dbd563f3f2
attempting to allow make use of SPEL
2012-07-05 18:21:52 -04:00
0dc568e5d0
Fixed more information link on approval page
2012-06-28 14:54:59 -04:00
a022f4d713
Authorized grant types now supported client-side
2012-06-28 14:40:37 -04:00
bff34f647c
Allowing a null value for redirectURIs
2012-06-28 12:07:02 -04:00
8fbea2516a
Updated client side variable names to reflect name changes to access token and refresh token timeout
2012-06-28 11:37:34 -04:00
b6e00b9884
Base white-list functionality and template
2012-06-26 12:50:13 -04:00
94256d95a1
added crypto configuration file
2012-06-19 16:25:13 -04:00
a38dc0ce29
added crypto configuration file
2012-06-19 16:24:50 -04:00
ace5dd1f1e
imported userinfouserdetails filter from MITRE codebase
2012-06-13 16:33:55 -04:00
bbf9591c92
Merge branch 'master' into issue52
...
Conflicts:
openid-connect-server/src/main/java/org/mitre/oauth2/service/impl/DefaultOAuth2ProviderTokenService.java
openid-connect-server/src/main/webapp/WEB-INF/spring-servlet.xml
openid-connect-server/src/main/webapp/WEB-INF/views/oauth/approve.jsp
2012-06-11 15:04:01 -04:00
7a207dc162
Merge branch 'discoveryupdate'
2012-06-05 16:37:04 -04:00
fbdccdb78e
added Xrd support ( fixes #63 ), updated configuration locations ( fixes #47 )
2012-06-05 16:32:49 -04:00
3b4e95ac10
Approval page updates
2012-06-05 15:52:09 -04:00
d424f44b8c
Removing some whitespace
2012-06-05 13:08:55 -04:00
8e33a17307
moved DB schema files up a few levels, fixed test context to point to new locations
2012-06-05 11:32:51 -04:00
c89b1814d6
Fixed approve.jsp checkboxes (both had the same name).
2012-06-01 17:12:33 -04:00
8684bb969f
Updated approve.jsp with Jett's new code to display some checkboxes. This has been tested, and the additional parameters are persisted correctly and are available to the TokenGranter.
2012-05-31 13:39:24 -04:00
68483536a6
Approval page updates. Approval and denial buttons are now in one form. Generic checkboxes are in place.
2012-05-31 12:12:56 -04:00
424f8bb737
Refactored to use TokenEnhancer rather than a custom TokenGranter.
2012-05-30 16:14:00 -04:00
998fc7f98b
cleaned up beans layout
2012-05-30 15:17:33 -04:00
8917e75010
see issue #19
2012-05-30 15:14:15 -04:00
c418ccabb1
Merge branch 'master' into userInfoEndpoint
2012-05-24 13:06:29 -04:00
1bff5ef19f
Added POCO view, Added UnknownUserInfoScheamException runtime exception
2012-05-24 11:00:49 -04:00
b838ddb786
Client ID display fix
2012-05-23 14:24:53 -04:00
a1d85e281e
Client ID now showing on display and edit page
2012-05-23 14:21:08 -04:00
48ff2d3d77
Merge remote branch 'origin/master'
2012-05-23 14:01:40 -04:00
f8af7bf884
Adding help text for time-out options
2012-05-23 14:01:31 -04:00
7d4d65c359
Merge branch 'userinfo_integration'
2012-05-23 13:39:03 -04:00
06fadb5f2b
oauth provider configuration started
2012-05-23 12:55:21 -04:00
668952ec09
Fixing typo
2012-05-22 16:12:21 -04:00
b59baa09a9
Cleaning up placeholder fields
2012-05-22 16:07:51 -04:00
c85248c40c
Editing bug fix for validation
2012-05-22 15:19:47 -04:00
a44dee1fd6
Fixing IE compatibility with saving and editing clients
2012-05-22 15:06:06 -04:00
e5312b4c99
Client secret now editable and dynamically generated if not present
2012-05-22 14:36:40 -04:00
bd054bfd58
Client delete now requires confirmation
2012-05-22 12:28:48 -04:00
6c8aeba041
Default scope is "openid"
2012-05-22 12:25:29 -04:00
e4f2446569
- no restraints on client name and description (neither of them required)
...
- URI regex updated
2012-05-22 12:23:05 -04:00
f7a0b8de32
Client scope now supported
2012-05-18 14:09:23 -04:00
a1234a4fcd
Timeout form fields now supported. Backbone.JS Validation error handling updates.
2012-05-17 17:15:37 -04:00
2d980a4d8f
Refactoring of routing. Client updates
2012-05-17 16:33:22 -04:00
b06640c921
First stages of client-side validation worked into application
2012-05-16 17:22:25 -04:00
c45991b561
Adding backbone.js validations framework
2012-05-16 16:04:30 -04:00
3402a3e463
ClientAPI now fully supports RESTful DELETE
2012-05-16 14:32:40 -04:00
af6e043239
Client Entity now initialized with non-null values so JPA won't flip. Added unified method for saving. Sync'd class member names to allow proper binding.
2012-05-16 13:27:53 -04:00
0c7ea88323
Client updates.
2012-05-15 17:03:17 -04:00
a4fc4e939e
ClientAPI cleanup
2012-05-15 12:41:41 -04:00
f91071c350
New clients now attempt to POST to client API
2012-05-14 15:33:27 -04:00
7375d00e88
added taglib hack
2012-05-11 16:10:06 -04:00
e00bba7ede
factored out one more piece of the security config
2012-05-11 13:43:29 -04:00
ffe31e6049
merged config from bean config config bean bean
2012-05-09 15:32:13 -04:00
e158ef6fc2
added config bean
2012-05-09 15:20:15 -04:00
95fc66de31
Merge branch 'master' of github.com:jricher/OpenID-Connect-Java-Spring-Server
2012-05-09 15:17:53 -04:00
e33f277bbe
Updated classes to track newest version of SECOAUTH. This update closes issues #3 , #4 , #8 , and #36 (infinite redirects). This revision changes the authorization and token endpoints to be /openidconnect/auth and /openidconnect/token, respectively.
2012-05-09 15:16:56 -04:00
9abb15a559
Approval page style upgraded to bootstrap 2 classes
2012-05-09 14:20:44 -04:00
e6f77fd061
Merge branch 'master' of github.com:jricher/OpenID-Connect-Java-Spring-Server
2012-05-08 16:58:37 -04:00
c003bbf2c6
extracted user information from spring servlet config
2012-05-08 16:58:04 -04:00
4f0ffd872b
Removing older version of bootstrap
2012-05-08 14:31:24 -04:00
7dd81ac2de
Server-side dynamics
2012-05-08 13:53:21 -04:00
eb9f2617ba
New look
2012-05-08 12:11:39 -04:00
23fd7b1b21
Renaming Client View class
2012-05-08 11:20:40 -04:00
Justin Richer