2bdbb283b7
removed dependency on abstract endpoint class. added methods needed to authRequestObjectEndpoint (afterPropertiesSet())
2012-08-14 10:55:08 -04:00
51ec529861
readded implementation of initializingBean
2012-08-14 10:55:08 -04:00
638ebf2010
cleaned up AuthRequestObjectEndpoint class
2012-08-14 10:55:08 -04:00
d93f5f18e5
added state value to jwt that gets passed as request object. certain methods from SECOAUTH use this
2012-08-14 10:55:08 -04:00
3486ea28f1
updated mimicked methods to not use jwt, but rather a jwt in an auth request
2012-08-14 10:55:08 -04:00
1a20dcbc6e
added methods that mimic behavior of private SECOATH methods
2012-08-14 10:55:08 -04:00
d5caa0b543
changed server endpoint to act like an endpoint. WIP to accept request objects, validate, and redirect
2012-08-14 10:55:08 -04:00
7d6211afd7
cleaned up some imports, added serverEndpointRequest class
2012-08-14 10:55:08 -04:00
28344a3c91
auth endpoint got into client code. removed
2012-08-14 10:55:08 -04:00
2888c08083
changed cookie claim to include the response
2012-08-14 10:55:07 -04:00
c0a61fe47a
moved jquery to page header instead of footer, added focus call on login form
2012-08-14 10:48:38 -04:00
484abc4915
fixed client delete
2012-08-10 17:24:21 -04:00
5e898a7b0b
Id toke timeout binding for UI
2012-08-10 17:20:23 -04:00
aaa38a761d
Mis-type for client secret
2012-08-10 17:18:43 -04:00
b99d2ed9dc
Client Id null fix
2012-08-10 17:15:35 -04:00
935b5ed43a
Client Id is now editable
2012-08-10 17:11:13 -04:00
0f9d4ef255
Id refactor UI
2012-08-10 17:05:28 -04:00
155974d8e3
moved services and api over to using new client Id field (instead of client_id)
2012-08-10 16:53:31 -04:00
eb5a24690f
added method to get client by its (new) Long id
2012-08-10 16:29:16 -04:00
480fb8e593
Id refactor UI
2012-08-10 16:26:54 -04:00
ae5e1ca859
Merge remote branch 'origin/master'
2012-08-10 16:12:54 -04:00
3f9e2cfa52
Horizontal UI refactor
2012-08-10 15:29:11 -04:00
bb7d6b2e94
split scopes table
2012-08-10 14:26:47 -04:00
66e5cf3f04
Client table button UI tweaks
2012-08-10 14:23:54 -04:00
8d57e0e9ef
Issue # 81 Client UI - Creating new client creates duplicate
2012-08-10 14:19:33 -04:00
a5a102bbe4
Github Issue #116
2012-08-10 11:25:50 -04:00
170036e0b8
Added expiration to id tokens
2012-08-09 12:44:22 -04:00
49cb8bd0cb
fixing bugs; needed to make all ids BIGINT AUTO-INCREMENT PRIMARY KEY in sql files
2012-08-09 12:44:21 -04:00
d7deda1699
Propogated AuthenticationHolder effects; this is untested but compiles and I think it is mostly correct
2012-08-09 12:44:21 -04:00
90df91c351
Added AuthenticationHolder object, got references squared away for AccessToken side. Compiles.
2012-08-09 12:44:21 -04:00
cf348590b0
Removed unused ClientGeneratorFactory
2012-08-09 12:44:21 -04:00
d6d80c3e60
Gave OAuth2RefreshTokenEntity a Long Id
2012-08-09 12:44:21 -04:00
6b1dad7215
Gave OAuth2AccessTokenEntity a Long Id
2012-08-09 12:44:21 -04:00
780839dbf9
Made things compile after ClientDetailsEntity refactoring
2012-08-09 12:44:21 -04:00
09e528e113
added discovery info for x509 and client auth
2012-08-07 17:30:36 -04:00
dc7aac12f9
added custom login form, changed footer to only optionally load app
2012-08-07 12:09:32 -04:00
8d4e046408
All logging is now org.slf4j. We had a mix of org.slf4j and apache commons-logging. Added error logging to all view which throw errors.
2012-08-07 10:04:38 -04:00
a061e64abf
Merge branch 'user-approval-handler-updated-rebase'
2012-08-06 16:30:03 -04:00
32dc92119f
Cleanup completed, this works for the most part. TODO: need to make an upstream change in order to inject a new set of scopes into the AuthorizationRequest.
2012-08-06 16:29:22 -04:00
5fb67ab7bb
Did a lot of cleanup; untested but compiles
2012-08-06 14:33:16 -04:00
ae44bd5e0c
Works; about to do some cleanup
2012-08-06 13:40:27 -04:00
2f28cf33e7
Changed UserInfo refs in WhitelistedSite to String ids; updated the user approval handler to check if "remember this decision" is checked and only make a new AP if so, and to pull in the scopes selected on the approval page as the saved allowed scopes for that AP.
2012-08-03 16:43:37 -04:00
b87d54b06e
Changed UserInfo references to String "userId" references
2012-08-03 13:32:17 -04:00
845976b8ac
First stages of getting the graylist portion to work. Currently no mechanism for telling the system NOT to remember your decision; that will come later. All approvals will be automatically stored with this code.
2012-08-03 12:49:40 -04:00
51b8dbe065
Revert "updated jwtHeader typ to use an enum" -- set things back to using a string
...
This reverts commit 3b2268c622
2012-08-02 14:16:55 -04:00
9a7e40fee7
moved all bean definitions to annotations, removed orphaned CheckID view
2012-08-02 12:46:35 -04:00
1508369548
now with Walsh-flavored certificate generation
2012-08-01 18:04:26 -04:00
61a8d4a787
x509 take -- bouncycastley version
2012-08-01 17:19:33 -04:00
db415bfa2b
Working on user approval handler
2012-07-31 14:50:24 -04:00
a223565364
updating user approval handler
2012-07-31 14:50:24 -04:00
676808bdac
got things to deploy - could not reference UserInfo directly in ApprovedSite and WhitelistedSite; needed to reference DefaultUserInfo instead.
2012-07-31 14:50:24 -04:00
4e10fce7ef
Implementing user approval handler; made some modifications to ApprovedSite and WhitelistedSite models, repositories, and service layers.
2012-07-31 14:50:24 -04:00
7c33e19950
Changed authorization endpoint to /authorize rather than /auth; updated SWD entry. Also removed checkid entry from SWD.
2012-07-31 14:39:27 -04:00
863693cf59
Merge pull request #128 from mtderryberry/jwe-and-jwt-fixes
...
Jwe and jwt fixes
2012-07-31 10:52:04 -07:00
3982561a5b
Removing "throws exception" from views. Addresses issue #70
2012-07-31 12:28:46 -04:00
5cf6359f7d
Merge branch 'master' of github.com:mitreid-connect/OpenID-Connect-Java-Spring-Server
2012-07-31 12:14:19 -04:00
686412757f
shortened urls
2012-07-31 12:02:21 -04:00
3b2268c622
updated jwtHeader typ to use an enum
2012-07-31 11:29:48 -04:00
1b5f99efec
added .json mapping to SWD
2012-07-31 10:42:42 -04:00
02da9fceed
fixed imports
2012-07-31 09:16:05 -04:00
d07667576e
cleaned up old code
2012-07-30 16:50:44 -04:00
40f39a18e0
cleaning up introspection endpoint
2012-07-30 16:50:44 -04:00
e7449901a6
Removed IdTokenGeneratorService. Addresses issue #75
2012-07-30 16:46:20 -04:00
ee9288a72a
turned down cache in default
2012-07-30 16:16:02 -04:00
c80f7f1fcd
removed keystore dependency where it is not needed
2012-07-30 14:58:29 -04:00
319568d971
refactored JWA algorithm markers to use enum instead of string as stored class
2012-07-23 20:21:31 -04:00
165f3ea292
fixed some unit tests, broke others
2012-07-23 18:44:47 -04:00
1f68c835c0
updated openid connect image
2012-07-16 15:12:35 -06:00
7a3ae5a757
Merge remote branch 'origin/master'
2012-07-10 17:00:30 -04:00
30addb5439
Redirect URI now displayed on approval page.
2012-07-10 16:54:55 -04:00
9f16f309bd
updated userinfouserdetailsservice to use username instead of userid -- this should actually be a wrapper class though
2012-07-10 16:44:29 -04:00
b0a7ebd9b1
fixed JWK algorithm display
2012-07-10 14:57:12 -04:00
84aa451095
Added comment for spring-servlet.xml
2012-07-10 13:29:53 -04:00
5657bc8f28
updated configuration, confirmed works pending SECOAUTH-299
2012-07-09 11:25:45 -04:00
e5eb2e03d8
added implicit beans
2012-07-09 11:25:45 -04:00
01793ec57f
added preferred_username claim to userinfo endpoint
2012-07-06 16:02:11 -04:00
8abbce3a2d
fixed broken unit tests - they were pointing to the wrong spring context file;
2012-07-06 14:22:06 -04:00
50241e4da1
changed UserInfo.verified to UserInfo.emailVerified.
2012-07-06 14:11:43 -04:00
8fe132cb53
formatting
2012-07-05 18:32:31 -04:00
830e07c35c
moved whole configuration from servlet context into application context
2012-07-05 18:26:12 -04:00
dbd563f3f2
attempting to allow make use of SPEL
2012-07-05 18:21:52 -04:00
f0c949fd09
added scope-based filter for userinfo
2012-07-05 17:14:51 -04:00
5c1b07ae65
don't overwrite an existing JWT nonce
2012-06-28 17:04:21 -04:00
29731d52f6
Merge branch 'refreshtokens' of file:///home/jricher/Projects/workspace-sts/OpenIDConnect-MITRE/OpenID-Connect-Java-Spring-Server into refreshtokens
2012-06-28 17:00:17 -04:00
de1597b214
refresh token handling fixed, removed token factory references
2012-06-28 16:55:11 -04:00
0dc568e5d0
Fixed more information link on approval page
2012-06-28 14:54:59 -04:00
a022f4d713
Authorized grant types now supported client-side
2012-06-28 14:40:37 -04:00
bff34f647c
Allowing a null value for redirectURIs
2012-06-28 12:07:02 -04:00
8fbea2516a
Updated client side variable names to reflect name changes to access token and refresh token timeout
2012-06-28 11:37:34 -04:00
4e3c99abe4
Merge branch 'validityIntegers'
2012-06-26 13:55:26 -04:00
81d1af40bd
Updated our ClientDetailsEntity *TokenTimeout fields to be *ValiditySeconds, which are now typed as proper Integers in the SECOAUTH ClientDetails interface
2012-06-26 13:54:01 -04:00
b6e00b9884
Base white-list functionality and template
2012-06-26 12:50:13 -04:00
1127a7cfbc
refactored JWKs, updated signing servier to use them
2012-06-25 17:19:25 -04:00
adb8499bee
merged derryberry code, plus tweaks, still WIP
2012-06-25 16:42:41 -04:00
b94fbd7439
updated -common and -client code by removing throws exception, changing to rest templates, and updating test cases to use annotations
2012-06-20 09:36:55 -04:00
94256d95a1
added crypto configuration file
2012-06-19 16:25:13 -04:00
a38dc0ce29
added crypto configuration file
2012-06-19 16:24:50 -04:00
fe3bbfb3d5
Further cleanups. Still missing:
...
- All tests extend TestCase, should use annotations instead
- Several elements throw Exception
- Key Fetchers should use RESTTemplates and be in a separate utility set
2012-06-15 17:11:58 -04:00
b86abdd761
merge from pull request, plus cleanup
2012-06-15 15:36:14 -04:00
731ad2e2e2
updated SECOAUTH reference, fixed some SQL files, temporarily closed token timeout issue
2012-06-15 12:05:08 -04:00
Mike Derryberry