f0d628bf27
made Policy API fit the new data model (used to be Claims API)
2015-07-03 20:16:34 -04:00
d7af4b2cf9
added scope consistent check to resource set service
2015-07-03 20:16:34 -04:00
6703db234d
added equals/hashCode/toString on UMA model objects
2015-07-03 20:16:34 -04:00
bfd70efcc3
tweak demo claim values for testing
2015-07-03 20:16:34 -04:00
a8a6e7bf31
downscope resulting token based on policy
2015-07-03 20:16:33 -04:00
7909e3e9ce
made claim collection null safe
2015-07-03 20:16:33 -04:00
af798705b4
made claim values any JSON type, closes #853
2015-07-03 20:16:33 -04:00
b0935086c2
made claims processor take in policy set and ticket directly
2015-07-03 20:16:33 -04:00
de9f69e461
introduced a claims processor result data shuttle
2015-07-03 20:16:33 -04:00
2cfaa1c1d7
renamed RequiredClaimSet to Policy
2015-07-03 20:16:32 -04:00
b8a5486995
made required claims sets stick in the database
2015-07-03 20:16:32 -04:00
667c766273
reverted over-reaching check on webfinger fetcher
2015-07-03 20:16:32 -04:00
cd47d32e2d
split required claim sets out as separate indirection structure, closes #813
2015-07-03 20:16:32 -04:00
13239c1754
make eclipse happy with the warpath plugin
2015-06-26 15:24:45 -04:00
c4aaa29ffc
updated unit tests for new refresh token mode
2015-06-25 12:44:52 -04:00
d9efeb3b67
added clear access tokens to export/import
2015-06-25 12:40:28 -04:00
50cbeb3e4c
DB table sync
2015-06-25 12:11:31 -04:00
2f4d9ce54b
clearing out refresh tokens is now configurable, closes #409
2015-06-25 12:07:38 -04:00
8359ac2813
fixed refresh token lookup
2015-06-25 11:55:58 -04:00
d2a393f7f9
converted error handlers to a single @ControllerAdvice class, closes #788
2015-06-24 17:26:10 -04:00
b18bea6b9f
switched connection pool to use HikariCP, closes #821
2015-06-24 16:21:31 -04:00
7df3597757
split client's auth token into pending and authorized classes
2015-06-24 16:00:40 -04:00
b4520c170e
ID Token carried through as parsed JWT instead of string, closes #832
2015-06-24 16:00:40 -04:00
f4a1b27e2e
better handling of HTTP and JSON errors on network fetches, added http-forcing behavior for webfinger client and sector URL service
2015-06-23 22:21:18 -04:00
9ae92b983a
added http and json error handling to webfinger service
2015-06-23 21:50:16 -04:00
c166cbe49c
added login hint capability to client library
2015-06-23 21:21:41 -04:00
f7a082d4b8
wrapped timestamp injection in a null-safe block, with warning; closes #849
2015-06-23 20:57:24 -04:00
fdf8c4d620
Updated UMA's ExternalAuthoritiesMapper to new OIDCAuthoritiesMapper class, closes #850
2015-06-23 20:49:03 -04:00
445099fc74
Sync database changes across all three platforms
2015-06-23 20:31:28 -04:00
84b595ea6f
Synch with HSQLDB version
...
Few fields were missing, e.g. user_info::src, causing an application crash with MySQL.
2015-06-23 20:24:29 -04:00
bf295b4c67
Improve Spring Security dependency management
2015-06-23 20:21:35 -04:00
a7c0a45e5d
Add empty <relativePath> to avoid Maven warnings
...
Occurs when using a Git submodule in overlay project.
[WARNING] Some problems were encountered while building the effective model for org.mitre:openid-connect-common:jar:1.2.0-SNAPSHOT
[WARNING] 'parent.relativePath' of POM org.mitre:openid-connect-parent:1.2.0-SNAPSHOT (…/OpenID-Connect-Java-Spring-Server/pom.xml) points at …:…-overlay instead of org.sonatype.oss:oss-parent, please verify your project structure @ org.mitre:openid-connect-parent:1.2.0-SNAPSHOT, …/OpenID-Connect-Java-Spring-Server/pom.xml, line 26, column 10
2015-06-23 20:17:01 -04:00
a259841eaf
Added getters and setters to IntrospectingTokenService
...
Fixed TokenCacheObject constructor for setting TCO's expire time
2015-06-09 13:37:07 -04:00
698fe55b85
IntrospectingTokenService now takes parameters (cacheTokens, cacheNonExpiringTokens, defaultExpireTime, forceCacheExpireTime) to change the behavior or even disable the caching of responses from the IntrospectionEndpoint.
2015-06-04 16:33:37 -04:00
286d433da6
save json object inside registered client if it's available, closes #800
2015-06-03 11:07:45 -04:00
9e74e40453
Use diamond syntax instead of explicit types
2015-06-03 10:24:48 -04:00
13f5e4f8a6
Collapse identical catch branches
2015-06-03 10:24:48 -04:00
6dc2b2cb5e
Various small improvements/bugfixes
2015-06-03 10:24:41 -04:00
54fbf0d0ac
Added null check for expiration during introspection. Making assumption that null exp means tokens dont expire.
2015-06-03 09:57:22 -04:00
2d5e53c0f2
Fix syntax error: , at the end of table creation
...
Fix syntax error: , at the end of table creation
2015-06-03 14:56:03 +03:00
d1e8529a7b
expose ID Token and UserInfo to the AuthoritiesProvider and AuthoritiesMapper, both extensible
...
closes #699
closes #761
2015-06-01 21:11:19 -04:00
f7b5228109
UserInfo carries original JSON object along if available
2015-06-01 20:10:07 -04:00
23e1e87368
dressed up error message a little
2015-06-01 19:39:09 -04:00
0aabb7226d
internationalized the error and login pages
2015-06-01 19:34:43 -04:00
4655650a68
added OAuth error display page, closes #559
2015-06-01 19:21:32 -04:00
118237ab05
moved user info interceptor to pre-handle
2015-06-01 19:15:54 -04:00
dfc8df42f5
moved server configuration injection to pre-request
2015-06-01 19:09:42 -04:00
54e3b7e8d3
added new messages for JWK Set handling
2015-06-01 19:08:51 -04:00
49c8804a1c
JWK Set by value UI added to resource registration
2015-06-01 15:35:21 -04:00
d09b003bc3
JWK Set by value UI added to dynamic registration
2015-06-01 15:35:21 -04:00
Justin Richer