e708f77eb3
Fixed up OIDC code so that it runs with new SECOAUTH changes; removed old AuthorizationRequestImpl class which is no longer needed
2013-04-17 09:52:09 -04:00
51dfd67d0c
started webfinger client
2013-04-16 17:32:06 -04:00
f76f44b999
added dynamic discovery to client
2013-04-16 15:01:08 -04:00
e665aec36f
dependency cleanup
2013-04-12 16:53:55 -04:00
ac2993c402
[maven-release-plugin] prepare for next development iteration
2013-04-10 16:12:04 -04:00
f0d75f9144
[maven-release-plugin] prepare release mitreid-connect-0.9.1
2013-04-10 16:11:38 -04:00
5f54777109
[maven-release-plugin] prepare for next development iteration
2013-04-03 10:01:58 -04:00
620a60ddc2
[maven-release-plugin] prepare release mitreid-connect-0.9.0
2013-04-03 10:01:52 -04:00
54f1ae972b
Added properties and updated poms for sync to central
2013-04-02 12:42:40 -04:00
f101dcc512
moved to released version of SECOAUTH
2013-04-01 11:59:40 -04:00
72e2c7cb6c
Updated build references
2013-04-01 10:59:25 -04:00
6cc50e7cd5
switched signing & validation service to use JWK natively for keys
2013-03-28 16:43:26 -04:00
e2ad4d2e8f
cleaned up spurious nosuchalgorithm exceptions, addresses #285
2013-03-28 15:06:30 -04:00
30c6271e72
cleaned up some more x509 references
2013-03-15 15:10:59 -04:00
ecf99f960a
added bean property check
2013-03-14 18:05:50 -04:00
b1c89783ff
added functionality for account chooser and third-party login support
2013-03-14 18:05:50 -04:00
2be305810f
added getters and setters
2013-03-14 18:05:50 -04:00
4dedec76ec
moved back to form variables for auth because rest template is dumb
2013-03-14 18:05:50 -04:00
ca40b2fd3e
added getters and setters
2013-03-14 18:05:50 -04:00
1251082c6d
implemented simple static configuration services
2013-03-14 18:05:50 -04:00
f44c704472
major refactor of client filter
...
Collapsed filter into single class
pulled server config and client config management into service classes
created service for issuer (will handle account chooser)
created auth request services (handle signed and unsigned requests)
2013-03-14 18:05:50 -04:00
999999a822
import cleanup
2013-03-01 17:44:44 -05:00
6c1e6b2d74
refactored signing and validation, added jwk-based cache, removed keyfetcher, refactored client side class structure
2013-03-01 17:44:44 -05:00
385853fa1f
refactored signing and validation, added jwk-based cache, removed keyfetcher, refactored client side class structure
2013-03-01 17:44:44 -05:00
5dd6cce790
made default scopes in client a bit more sensible
2013-03-01 17:42:48 -05:00
2a855a1952
pulled client key publication into its own class to help deal with bean processors
2013-03-01 17:42:48 -05:00
92f5f31dfc
use serialize instead of toString
2013-02-22 15:20:42 -05:00
da7c74affd
passthrough for default algorithm config
2013-02-22 14:38:33 -05:00
774f80dd58
helps when you actually add the verifier you created
2013-02-22 13:21:29 -05:00
9a98d241e8
updates to track Nimbus JOSE API changes to audience and date fields
2013-02-22 12:08:01 -05:00
3d9ec51eb3
converted client filters to nimbus-jose
2013-02-22 12:08:01 -05:00
1c14ce4c1a
note well
2013-02-03 22:04:54 -05:00
a6ca7cb31b
Merge pull request #263 from ssayer/introspection-fix
...
fixed typos and dumbness in introspection endpoint filter thingy
2013-02-01 09:04:23 -08:00
458486ac9c
fixed typos and dumbness in introspection endpoint filter thingy
2013-02-01 11:16:54 -05:00
67e8714671
Working on request object userinfo parsing
2013-01-29 13:07:41 -05:00
19e91e9272
fixed typo in form handling in introspecting filter
2013-01-25 14:04:33 -05:00
27a26e0a35
(user_id/prn) -> sub
2013-01-18 16:40:05 -05:00
c946a84b09
adapted keyfetcher to be more general
2013-01-18 15:06:00 -05:00
358bf7fc1c
Generic introspecting token services
2013-01-08 16:55:07 -05:00
c7ae315e98
Added initial files for nonce service. Repository and service impls are stubs
2013-01-04 15:30:24 -05:00
45ca4e565e
updated to SECOAUTH-1.0.1-BUILD-SNAPSHOT
2012-11-26 11:53:19 -05:00
695091ca82
Refactor part 4 - should be final bit
2012-09-18 15:08:53 -04:00
c40efda6b5
Refactor part 1
2012-09-18 14:24:34 -04:00
7aec0dfe80
added randomized view names to lower possibility of conflicting with local views
2012-09-10 17:17:03 -04:00
d11005fc5f
added x509 support
2012-09-10 17:17:03 -04:00
2d24435365
Created custom resolver, handler mapper
...
moved endpoint back to server
2012-09-10 17:17:03 -04:00
edeae29bef
client publisher mapping test
2012-09-10 17:17:03 -04:00
be1046f9b6
bean-based configuration
2012-09-10 17:17:03 -04:00
4eee172f79
buildRedirectURI moved to URLUtils
2012-09-07 15:52:56 -04:00
05efdbf39d
buildURL uses URIUtils now.
2012-09-07 15:17:08 -04:00
2b62042696
unshadowed Jwe header, unshadowed IdTokenClaims, added smart copy constructor to ClaimSet
2012-09-06 17:20:22 -04:00
e8eaf48efd
Added check for token NotBefore
...
Added timeSkewAllowance magic
2012-08-28 15:42:29 -04:00
b47dcf8e6b
fixed timestamp math
...
(I hate timestamp math)
2012-08-17 16:35:27 -04:00
26d5a846e0
Updated validator structure and id token checking.
2012-08-17 16:18:08 -04:00
a0df7ad04b
client documentation updates, addresses #135
2012-08-17 15:35:08 -04:00
012bb4afd7
Changed casing on "URI" to "Url" to match other parameters.
2012-08-17 15:32:04 -04:00
d14f55004c
added parser to userinfo object, userinfo url in filter, fixed bug in user_id check
2012-08-17 14:40:13 -04:00
fbd6e67af8
Refactored auth provider to call the userinfo endpoint and provide info inside the auth token.
2012-08-17 14:40:13 -04:00
6ccbf480b3
added token values into the OpenIDConnectAuthToken class and authenticator, still need to do authuserdetailsservice
2012-08-15 16:11:57 -04:00
c5244db1a2
moved nonce from cookie to session, added state processing, cleaned up unused classes
2012-08-15 14:52:49 -04:00
269c2c9835
fixed nonce cookie handling
2012-08-14 12:11:51 -04:00
d93f5f18e5
added state value to jwt that gets passed as request object. certain methods from SECOAUTH use this
2012-08-14 10:55:08 -04:00
eff7a2c504
changed nonce claim addition
2012-08-14 10:55:08 -04:00
9d73cd2243
cleaned up imports in filter class
2012-08-14 10:55:07 -04:00
2888c08083
changed cookie claim to include the response
2012-08-14 10:55:07 -04:00
bc216785b8
added cookie to response in auth filter for request objects
2012-08-14 10:55:07 -04:00
f7cfb39777
updated imports of signed request filter
2012-08-14 10:55:07 -04:00
c0d353d7ce
removed state parameter from claims. added way to create random nonce value
2012-08-14 10:55:07 -04:00
8e95734f22
changed response-type to code rather than token
2012-08-14 10:55:07 -04:00
f8d938630e
added passthrough parameters to server config
2012-08-14 10:55:07 -04:00
c4ebf5c145
updated signer service
2012-08-14 10:55:07 -04:00
d6b0b87769
added state parameter to reqeuest object
2012-08-14 10:55:07 -04:00
99bc1294e3
removed repetative check of "token" parameter in signed request object
2012-08-14 10:55:07 -04:00
685734ce35
updated signing request object in OIDC client by pulling out construction of JWT to its own method.
2012-08-14 10:55:07 -04:00
76c91ea79f
removed encrypted request object for OIDC client. will deal with it at a later point
2012-08-14 10:55:07 -04:00
8f22517c81
encrypted request object wip. need to add header parameters to allow encryption. also need to get public key for encryption
2012-08-14 10:55:07 -04:00
70c4c25fa3
finished signed request object for client, created encrypted request object for client
2012-08-14 10:55:07 -04:00
42a9b67f5e
updated signed request filter to create jwt from parameters, sign it, create url for request, and send a redirect
2012-08-14 10:55:07 -04:00
b0eca780d1
changed class to request filter rather than jwt filter
2012-08-14 10:55:07 -04:00
5f0ea41e0e
added class for signed request object
2012-08-14 10:55:07 -04:00
1fd4d8a4b8
fixed signer map in client/AbstractOIDCAuthenticationFilter.java
2012-07-31 12:17:01 -04:00
4deaffd686
updated hmac and rsa signer to use afterPropertiesSet(), abstract oidc auth filter now adds multiple signers to map and then picks the one it needs, and key fetcher now gets jwk
2012-07-23 18:31:27 -04:00
caf2a7b494
updated encryption service to encrypt key and claims and then sign the jwe. decryption updated to decrypt encrypted key and ciphertext
2012-07-17 10:49:29 -04:00
e252951612
added encrypter/decrypter for claims to get ciphertext
2012-07-17 10:48:07 -04:00
33cc3fa899
Added spring simple web app for testing, encryption and decryption classes for rsa and hmac, still WIP
2012-07-17 10:47:41 -04:00
a03129f70a
added documentation updates
2012-07-02 14:18:25 -04:00
c619e736f9
removed eclipse files from repository
2012-06-29 15:13:52 -04:00
5c1b07ae65
don't overwrite an existing JWT nonce
2012-06-28 17:04:21 -04:00
29731d52f6
Merge branch 'refreshtokens' of file:///home/jricher/Projects/workspace-sts/OpenIDConnect-MITRE/OpenID-Connect-Java-Spring-Server into refreshtokens
2012-06-28 17:00:17 -04:00
d4b45006d5
settings file, will be removed shortly
2012-06-28 16:55:37 -04:00
de1597b214
refresh token handling fixed, removed token factory references
2012-06-28 16:55:11 -04:00
ef6c2b56e8
oidc client README.md tweaks
2012-06-27 16:09:05 -04:00
1127a7cfbc
refactored JWKs, updated signing servier to use them
2012-06-25 17:19:25 -04:00
adb8499bee
merged derryberry code, plus tweaks, still WIP
2012-06-25 16:42:41 -04:00
b1fc07bcb8
updated -common code to get a validation service from a server configuration
2012-06-21 14:37:30 -04:00
baa7ce5e7b
Merge branch 'master' of github.com:mitreid-connect/OpenID-Connect-Java-Spring-Server
2012-06-20 15:10:58 -04:00
2930719700
Added architecture diagram
2012-06-20 15:07:37 -04:00
b94fbd7439
updated -common and -client code by removing throws exception, changing to rest templates, and updating test cases to use annotations
2012-06-20 09:36:55 -04:00
488f01cada
existence of nonce claim check added
2012-06-19 18:14:51 -04:00
fe3bbfb3d5
Further cleanups. Still missing:
...
- All tests extend TestCase, should use annotations instead
- Several elements throw Exception
- Key Fetchers should use RESTTemplates and be in a separate utility set
2012-06-15 17:11:58 -04:00
b86abdd761
merge from pull request, plus cleanup
2012-06-15 15:36:14 -04:00
731ad2e2e2
updated SECOAUTH reference, fixed some SQL files, temporarily closed token timeout issue
2012-06-15 12:05:08 -04:00
f9558f0955
stripped out check id endpoint interaction as it deprecated, refactored nonce checking based on spec change, pull user_id as id_token token claim
2012-06-13 18:31:13 -04:00
65dc3daaf8
smart client
2012-06-12 16:09:01 -04:00
2a05ff995d
Added support for additional field in ClientDetailsEntity.java.
2012-06-11 16:27:35 -04:00
ee28d56031
initial implementation of x509 and JWK key retrieval
2012-06-01 10:51:28 -04:00
8917e75010
see issue #19
2012-05-30 15:14:15 -04:00
e5720b9ce9
added UserDetailsService example
2012-05-21 16:02:28 -04:00
579954f966
grammar tune up
2012-05-21 15:28:55 -04:00
6f43040587
slight sequence diagrams tweaks, mods to account-chooser and openid-connect-client
2012-05-16 21:12:58 -04:00
7e3ce2d583
mods to reflect client <-> account chooser protocol, and refactoring...
2012-05-15 18:43:45 -04:00
e33f277bbe
Updated classes to track newest version of SECOAUTH. This update closes issues #3 , #4 , #8 , and #36 (infinite redirects). This revision changes the authorization and token endpoints to be /openidconnect/auth and /openidconnect/token, respectively.
2012-05-09 15:16:56 -04:00
77e630473a
readme tweaks.
2012-05-08 20:04:51 -04:00
755d0d4c88
issue #39
2012-05-08 19:52:13 -04:00
2cf12d4078
Made getAll use ? extends UserInfo
2012-05-08 16:23:36 -04:00
97dffb6414
added copyright to all java files. closes #11
2012-04-27 17:55:58 -04:00
59ecb03548
added getter/setter for userinforepository, closes #40
2012-04-27 15:11:25 -04:00
6eb8284695
version needed to be modified to 0.1-SNAPSHOT in order to deploy snapshot to nexus
2012-04-13 13:43:39 -04:00
f215cfc50c
fix for issue 5, code refactoring across signers
2012-03-29 12:34:51 -04:00
c84c751991
client refactoring, and javadocing
2012-03-26 14:18:54 -04:00
b8c953281e
integration changes to client
2012-03-23 17:01:43 -04:00
1a1ae4c5b5
Removed Replacer plugin
2012-03-23 15:55:30 -04:00
02d0471acf
scope wasn't quite right, needed a space
2012-03-22 17:55:59 -04:00
b4836a0302
mods to auth filter including config comments, http socket time out...
2012-03-22 17:49:30 -04:00
3f2631367f
added comments on configuration of client
2012-03-22 12:16:24 -04:00
626779b58e
refactored client package name to something sensible
2012-03-16 17:07:49 -04:00
b463cabc69
fixed configuration, moved sql file
2012-03-16 16:46:46 -04:00
baf7c1c166
fixed dependencies and project configurations
2012-03-16 16:18:33 -04:00
e6e7504213
added files and shuffled things to new packages
2012-03-16 15:46:23 -04:00
Amanda Anganes