github
/
OpenID-Connect-Java-Spring-Server
mirror of https://github.com/mitreid-connect/OpenID-Connect-Java-Spring-Server
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
1865 Commits
17 Branches
69 Tags
78 MiB
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'd87bdb2120'
${ noResults }
Commit Graph

1129 Commits (d87bdb21206f46910dffe961eae48476aeac5f36)

Author SHA1 Message Date
Justin Richer 81cb60ad7b made introspection and revocation work with basic auth (and possible OAuth tokens, but that needs more work)
11 years ago
Justin Richer bdbff8d45c tell spring to not stuff model into the redirects, partially addresses #492
11 years ago
Justin Richer 84f097edf4 removed outdated client credentials filter, addresses #491
11 years ago
Justin Richer d7be122a21 added basic user profile view implementation
11 years ago
Justin Richer 55ea880396 hide admin panels from non-admin users, addresses #472
11 years ago
Justin Richer 235029ba0e inject user's authorities into javascript context
11 years ago
Justin Richer eab4563551 inject user's email address into contacts on dynamic registration
11 years ago
Justin Richer be6179d1ac inject the current user into the javascript context
11 years ago
Justin Richer 5c10eef8b7 added delete function
11 years ago
Justin Richer d92b7c4810 changed display of core client components, added warning
11 years ago
Justin Richer 4009d9ea82 added create and update functions
11 years ago
Justin Richer 8e6da2b936 json view and form elements
11 years ago
Justin Richer 36151975c1 added client read and oauth token support for CRUD abilities
11 years ago
Justin Richer ead99474be fixed panels for client form
11 years ago
Justin Richer fb66af2071 added form editor and control for newly-registered clients
11 years ago
Justin Richer 51973ea595 added dev page for self-service client registration
11 years ago
William Kim 2108311d65 Revert "refactored code to use the more generic JWT declaration."
11 years ago
William Kim e0b56bc72a refactored code to use the more generic JWT declaration.
11 years ago
Justin Richer ca777f7dc4 proper null check for client's preferred signature method
11 years ago
William Kim 07bec462cc added comment about why we can't use set intersection method.
11 years ago
William Kim b89436d7b9 UserInfoView returning intersection of claims request parameter and request object claims in effect now.
11 years ago
Justin Richer bd3d2a5cee created crypto tab
11 years ago
Justin Richer 3f66d16236 removed NYI tag from ID token signing alg
11 years ago
Justin Richer 48a9202f79 fixed jquery.on regex to be less aggressive
11 years ago
Amanda Anganes 941e9544e2 Compare client_ids instead of Client objects
11 years ago
Amanda Anganes 3eae6f2789 Changed client algorithm check to look for null instead of JWSAlgorithm.NONE, which is a valid value.
11 years ago
Amanda Anganes 0059c7b4cc Use clients preferred algorithm, if any, to sign
11 years ago
Justin Richer 2fb138aa19 fixed jquery.on syntax bug, addresses #346
11 years ago
Justin Richer 8edc8cc69a Disable unsupported JOSE algorithms in UI, addresses #476
11 years ago
Justin Richer 8c91861188 load server configuration into JS app
11 years ago
Justin Richer e40b1cf850 animated loading bar for management console
11 years ago
Justin Richer a80c19384f added 'use server default' to JOSE options, addresses #462
11 years ago
William Kim b54f33d0db fixed json elements of "claims" and "userinfo" being processed out of order.
11 years ago
William Kim 7b813c79ee parsing "claims" parameter directly from userinfoendpoint requests.
11 years ago
William Kim 1ffbb39a2b refactored json parser to a private static field.
11 years ago
William Kim 89056bd911 removed test-specific constructor and default constructor.
11 years ago
Justin Richer ba0c3c5d78 id tokens always expire, addresses #416
11 years ago
William Kim 7e51a361ba changed to using relative em lengths instead of hard px length values for token timeout form elements.
11 years ago
Justin Richer c1ee5141a4 added back default timeouts and fixed refresh token check
11 years ago
William Kim 00db39dab9 addresses issue #471. setting default timeout values in the backbone model to null.
11 years ago
Justin Richer 1b674b6420 restored bootstrap to out-of-the-box formatting, addresses #454
11 years ago
William Kim a6bb56ed9a unit select box appropriately disabled after saving now.
11 years ago
William Kim 86c6a0ea8b clear token timeout form fields when disabled and also disable unit selector.
11 years ago
William Kim 3f01ae1a71 renamed token expiration form field ids from -seconds to -time.
11 years ago
William Kim 2242db5c11 shortened token timeout form fields.
11 years ago
William Kim 6f8143937e dropdown time unit chooser added for token expiration.
11 years ago
William Kim 7ab53795b1 refactor js. getFormTokenValue() -> getFormTokenNumberValue().
11 years ago
Justin Richer 7d51335055 added prompt=login support, addresses #323
11 years ago
Justin Richer a0646452ab test for max_age, force login if not fresh enough, addresses #467
11 years ago
Justin Richer 6c1e91b7e3 auth_time is now tracked, addresses #288
11 years ago
Amanda Anganes e88c6c4943 Changed predicates methods to use Collections2.filter rather than Sets.filter
11 years ago
William Kim f1357cceb4 corrected output for badly-formatted timeout date.
11 years ago
William Kim 025eb05d3a added date format validity check for moment.js usage.
11 years ago
William Kim c1607b53e4 null-checking in date display for approved sites.
11 years ago
William Kim d67a492b6c date display logic to use moment.js.
11 years ago
William Kim ba7e791985 initial moment time formatting commit.
11 years ago
William Kim a72ba6d98b importing moment.js library.
11 years ago
William Kim 6687e3a831 override createOAuth2Request method for factory iss #465.
11 years ago
Amanda Anganes ef4482249c Dyn-reg endpoint now creates the registration access token from scratch instead of calling token services; token services no longer needs to check for RAT scope to avoid expiring RATs
11 years ago
Justin Richer 15e512cec3 renamed JWSUtils -> IdTokenHashUtils, renamed internal variables
11 years ago
William Kim 0f16bacc63 TestJWSUtils done.
11 years ago
William Kim 2ba8ad71f1 updated hash tests.
11 years ago
William Kim cdd3a6d478 changed at_hash/c_hash impl. HMAC-SHA --> regular SHA.
11 years ago
Amanda Anganes fd611ce353 Had an unsaved file hanging around - formatting JSPs
11 years ago
Amanda Anganes a91f160e34 Fixed formatting in tag files
11 years ago
Amanda Anganes 5beac9d50d Fixed formatting in JSPs
11 years ago
Amanda Anganes 2d4d7f7be9 Had to hand-merge some things; git got confused
11 years ago
Amanda Anganes 861beeba64 Added c_hash function, added stub of unit test for JWSUtils
11 years ago
Amanda Anganes 37580cc21e JWSUtils uses JWSAlgorithm to match bit length; ConnectTokenEnhancer calls the util method now
11 years ago
Amanda Anganes 3a591dc1f4 Added JWSUtils class;
11 years ago
Amanda Anganes be97aedbc7 Used Predicates to filter expired tokens and approved sites;
11 years ago
Amanda Anganes b3bb43881d Moved getExpired to service layers
11 years ago
Amanda Anganes eea37cf79c Fixed token expiration bug by removing jsql queries. Instead expired tokens or approved sites are filtered at the repository level
11 years ago
Amanda Anganes ce4ab6a766 Updated spring version to 3.2.3; added a 10-minute initial delay to the scheduled tasks in task-config.xml
11 years ago
Amanda Anganes 265214511c Renamed oAuth2RequestFactory
11 years ago
Amanda Anganes a4c1a7a37d Issue 449
11 years ago
Amanda Anganes 9dda789488 Updated database tables
11 years ago
Amanda Anganes 2f711c88a7 Removed nonce service
11 years ago
Amanda Anganes d4fbb4f599 Removed Event class
11 years ago
William Kim 88863f4910 replaced mock TokenRequest and the storedAuth test field with concrete objects. test should pass now.
11 years ago
William Kim 1392faa83c replaced mock client auth with concrete OAuth2Request object
11 years ago
Amanda Anganes ad2ace6d74 Do not expire registration tokens
11 years ago
Justin Richer beaeaa4ccc I can spell "consortium", I promise
11 years ago
Justin Richer b2b6fd6448 further cleanup
11 years ago
Justin Richer 856c0ea0b5 Merge commit '023dd440d4a0e6e59a14c88013837d79a77c74e0' into 1.1-merge
11 years ago
Justin Richer 023dd440d4 [maven-release-plugin] prepare for next development iteration
11 years ago
Justin Richer 5e8f93cf15 [maven-release-plugin] prepare release mitreid-connect-1.0.6
11 years ago
Justin Richer e658ffd7fc format/cleanup and copyright
11 years ago
Justin Richer d4b544d519 disable token API (for now)
11 years ago
Amanda Anganes 906db0ac86 Opened token api access to all users; restricted to only show currently-logged-in-users tokens
11 years ago
Justin Richer 71da5b3d94 clean up some discovery values
12 years ago
Justin Richer c62bed37ff convert server to use normalizer
12 years ago
William Kim 93c3e7906f put in line breaks into the extra long comments in DiscoveryEndpoint.java
12 years ago
Justin Richer 20871852c0 updated dependencies for secoauth 1.1
12 years ago
Amanda Anganes b397f0ae15 First go at adding token API; needs to be tested
12 years ago
Amanda Anganes 88db457fc4 Removed .springBeans from tracking; removed initializingbean in favor of @PostConstruct
12 years ago
Amanda Anganes dfbf01c9e3 Added .springBeans to gitignore
12 years ago
William Kim aad432c5d7 replaced stracktrace-printing with logger messages. removed some unused imports.
12 years ago
William Kim f483d41b88 getCustomClaim -> getClaim. Also, removed outdated TODOs.
12 years ago
William Kim 17a96ca122 removed resolved TODOs. Fixed by the resolution of issue #345.
12 years ago
William Kim 0d882faeca added a TODO and fixed some comment typos.
12 years ago
Amanda Anganes 15aea61fbe Applied code cleanup
12 years ago
Amanda Anganes 3e23967b46 Updated code to reflect SECOAUTH changes
12 years ago
William Kim 9a6f345e15 yes, allow default scoping if the client doesn't ask for any.
12 years ago
William Kim 3d312b7eb5 Deleted PermissionDeniedException class. Unused.
12 years ago
William Kim c5743dc810 updated unit tests to reflect new exception-throwing behavior.
12 years ago
William Kim ada54c297d addresses issue #382. Throw an exception when client tries to upscope.
12 years ago
Justin Richer 0d8c2442d2 [maven-release-plugin] prepare for next development iteration
12 years ago
Justin Richer 9bf5f70957 [maven-release-plugin] prepare release mitreid-connect-1.0.5
12 years ago
Amanda Anganes 12cb672c6d Added new file for task config
12 years ago
Amanda Anganes 059c2545c9 Split task configuration out into its own spring file
12 years ago
William Kim 910839e5d9 fixed typo referring to client id as a client secret in code comments.
12 years ago
Amanda Anganes 2d3f43e3b8 Added task scheduling for deleting expired tokens and approved sites. Configuration is all done in application-context.xml so that it is easy to configure
12 years ago
Justin Richer 93a0492e97 made optional parameters optional
12 years ago
Justin Richer a9da88fb79 brought introspection endpoint and introspection token services into compliance with draft, addresses #376
12 years ago
Josh Mandel 34373d777c base URL of the server is set by the issuer.
12 years ago
William Kim 3eddd58ae4 added unit test for checking expiration date of refreshed tokens.
12 years ago
William Kim 24b24f6fa3 More unit tests for refreshing access tokens--specifically, checking scope processing.
12 years ago
William Kim 5ffe1a50a2 Added null-handling for Scope values from the auth request. (Without this, a NullPointerException gets thrown with null scope values).
12 years ago
William Kim ed2223cae3 unit tests of exceptions cases for refreshing access tokens.
12 years ago
William Kim 3353b92426 deeper unit tests on access token creation.
12 years ago
Justin Richer 936f581a0b [maven-release-plugin] prepare for next development iteration
12 years ago
Justin Richer 27edec1a56 [maven-release-plugin] prepare release mitreid-connect-1.0.4
12 years ago
William Kim 10f9858870 fixed typo on the about page.
12 years ago
William Kim 42027e451c added REQUIRED response types to discovery doc. Also, fixed 2 typos in the list of supported grant types.
12 years ago
William Kim 2a92185433 added introspection endpoint URL to discovery document.
12 years ago
William Kim 741946d1ae updated server discovery code comments.
12 years ago
William Kim f27b69d06b removed Version field from server discovery configuration.
12 years ago
Justin Richer 5505b26aac Form fix for login elements
12 years ago
William Kim 4f9cbb4b3f added check for null
12 years ago
William Kim 1528c93acd TestDefaultSystemScopeService unit tests done.
12 years ago
William Kim eca62f2d36 initial commit for TestDefaultSystemScopeService.
12 years ago
William Kim d0dc3c79cb more unit tests for TestDefaultOAuth2ProviderTokenService.
12 years ago
William Kim dc51af5b83 removed testing builder inner class from DefaultOAuth2ProviderTokenService. Also, added more unit tests.
12 years ago
William Kim 5ee7aae5d2 initial commit TestDefaultOAuth2ProviderTokenService.
12 years ago
William Kim abc4f01dde TestDefaultStatsService done.
12 years ago
Amanda Anganes c212821267 Fixed ChainedTokenGranter setup
12 years ago
Amanda Anganes 530c3a75ee Applyed refactoring
12 years ago
William Kim f0f2fbea40 updated secoauth library version in poms
12 years ago
Amanda Anganes 8b1a538464 Updated msql table definitions
12 years ago
William Kim cf3cee5ec2 removed lolcat :(
12 years ago
William Kim 37dd7e7042 changed demo user accounts for server
12 years ago
Justin Richer 2b3376e0ed [maven-release-plugin] prepare for next development iteration
12 years ago
Justin Richer 7fe4bc3b56 [maven-release-plugin] prepare release mitreid-connect-1.0.3
12 years ago
Justin Richer d6f5ca68bf Added time skew to nonce service test
12 years ago
William Kim 8935a87c23 TestDefaultWhitelistedSiteService done. Removed constructors from DefaultWhitelistedSiteService.
12 years ago
William Kim 5fb1ef3aca Revised test methods for checking for offline_access scope. Previous tests were doing trivial checking.
12 years ago
William Kim 8851f4d037 TestDefaultOAuth2ClientDetailsEntityService done. Removed constructors from DefaultOAuth2ClientDetailsEntityService.
12 years ago
William Kim 701217d98c TestDefaultNonceService done.
12 years ago
William Kim 4ee904cbfd removed setter/getter from DefaultUserInfoUserDetailsService and updated test class with Mockito annotations.
12 years ago
William Kim 5428848627 updated TestDefaultApprovedSiteService to use annotation style Mocking. Allows for removal of injector constructor.
12 years ago
William Kim 01fcb4828d removed test constructors for DefaultBlacklistedSiteService.java. Used annotation method of injecting mock objects into testing class (@InjectMocks).
12 years ago
William Kim 9a3625ae2b made unit test for checking blacklisted sites. Introduced a new constructor to be able to inject repository for testing.
12 years ago
Justin Richer c577b691c7 moved OIDC auth token and userinfo interception filter to common package, addresses #353
12 years ago
Justin Richer 8290d198c2 added passthrough of userinfo for remote OIDC users
12 years ago
Justin Richer aea562f565 moved mockito dependency to core project
12 years ago
Justin Richer 6ed7477bc0 added stats to admin UI page, restyled scopes and dynamically registered flags
12 years ago
Justin Richer 6ec8b77f81 beans version update (is this a config file? should this even be in here?)
12 years ago
William Kim 338edcce31 fixed typos in admin.js
12 years ago
Justin Richer 9388c664ab moved reuse refresh token checkbox to its own div/label, addresses #345
12 years ago
Justin Richer 567a3314d6 [maven-release-plugin] prepare for next development iteration
12 years ago
Justin Richer 1286726188 [maven-release-plugin] prepare release mitreid-connect-1.0.2
12 years ago
Justin Richer dc9d5c667e cleaned up error log messages
12 years ago
William Kim 1b601abd6f Removed previous constructor from DefaultUserInforUserDetailsService.java and put in getter/setter for UserInfoRepository as a replacement.
12 years ago
Amanda Anganes 3f7fe30f5c Added comments to unit tests
12 years ago
Amanda Anganes a7f2e605fa Added two unit tests using the Mockito framework
12 years ago
Josh Mandel b0dc5fb4e2 Fix a bug where a client is deleted before details looked up. Also return 204 on success
12 years ago
Amanda Anganes 3c5025c52b Updated version number for secoauth
12 years ago
Amanda Anganes 76e5ff8053 Finished cleanup, ready to create pull request
12 years ago
Josh Mandel c46095b6a3 Warning message for unimplemented UI features
12 years ago
Justin Richer 25d75a1b30 [maven-release-plugin] prepare for next development iteration
12 years ago
Justin Richer 5418bdef5a [maven-release-plugin] prepare release mitreid-connect-1.0.1
12 years ago
Justin Richer 81cd13f6d3 added RegisteredClient class to facilitate client configuration and dynamic registration, addresses #335
12 years ago
Justin Richer 545ddace95 updated registration URI, addresses #321
12 years ago
Justin Richer cc9eea5b3d updated issuer to more common deployment pattern for simple Tomcat instances, addresses #333
12 years ago
Amanda Anganes 713f0a4d25 Renamed OAuth2Request authorizatoinParameters map to requestParameters
12 years ago
Amanda Anganes 967b3f2953 Cleanup from renaming
12 years ago
Amanda Anganes 1e24b31cc3 Propogating rename of AuthorizationRequest to OAuth2Request
12 years ago
Justin Richer defa5b8fbc [maven-release-plugin] prepare for next development iteration
12 years ago
Justin Richer dbdc99361e [maven-release-plugin] prepare release mitreid-connect-1.0.0
12 years ago
Justin Richer 4276a14978 fixed stats api view
12 years ago
Justin Richer a7c92524f3 Updated contact page text
12 years ago
Justin Richer e99bfc256d cleaned about page text
12 years ago
Justin Richer 1e870703f8 added licence/copyright header
12 years ago
Justin Richer 8afab04544 whitespace, import, brace, annotation, and format cleanups
12 years ago
Justin Richer b663cd5f8d style system scopes and non-system scopes differently in the admin UI, addresses #269
12 years ago
Justin Richer 6a20e7aaa9 re-fixed enter key handling in lists, addresses #236
12 years ago
Justin Richer 39e06292fd made page title dynamic and configurable, addresses #310 #311
12 years ago
Justin Richer b78d499801 added version number to footer
12 years ago
Justin Richer b8c385e5c9 pom file cleanups
12 years ago
Amanda Anganes a3771177a1 Updated json serialization of approved site objects
12 years ago
Justin Richer 9b03801f9d [maven-release-plugin] prepare for next development iteration
12 years ago
Justin Richer d76304b9a6 [maven-release-plugin] prepare release mitreid-connect-0.9.3
12 years ago
Justin Richer dcf41eaa9e tried to make prompt=login work, backed off for now
12 years ago
Justin Richer 8d53149d03 added functionality for prompt=none
12 years ago
Justin Richer 37723e3757 opened up access to /resources/**
12 years ago
Justin Richer 7292766b51 implemented prompt=consent
12 years ago
Justin Richer ce2c90fb30 fixed error messages in auth request manager
12 years ago
Amanda Anganes c80b1081cc Cleaning up approvedsite => token linkage
12 years ago
Amanda Anganes 939a801048 Redid approved site -> token mapping so it is unidirectional from ApprovedSite side. Fixed some error logging, added a new view for ApprovedSite which will only show the IDs of the tokens in the approvedTokens list
12 years ago
Amanda Anganes a79aca906e Fixed error logging; added ApprovedSite tracking to tokens
12 years ago
Justin Richer 94aa279290 [maven-release-plugin] prepare for next development iteration
12 years ago
Justin Richer cc92743888 [maven-release-plugin] prepare release mitreid-connect-0.9.2
12 years ago
Justin Richer d7689152b8 fixed inadvertent consistency bug in granting offline_access to clients
12 years ago
Justin Richer 0e2d5830a4 updated newly-registered clients to not get refresh tokens unless they ask for offline_access scope explicitly
12 years ago
Justin Richer fb859fc39a added client dynamic registration service, extracted clientdetails<->json processing into its own static class
12 years ago
Justin Richer fc1088c841 fixed display of algorithms in discovery endpoint
12 years ago
Amanda Anganes 82fca45412 Removed RequestObjectAuthorizationEndpoint as it is no longer needed with the changes to the AuthorizationEndpoint.
12 years ago
Amanda Anganes 9db8119930 Fixed request object processing, had a small bug
12 years ago
Amanda Anganes e708f77eb3 Fixed up OIDC code so that it runs with new SECOAUTH changes; removed old AuthorizationRequestImpl class which is no longer needed
12 years ago
Justin Richer 895690df54 added webfinger discovery to server, addresses #279
12 years ago
Justin Richer 9c6b08d919 effectively removed auth_time calculations
12 years ago
Justin Richer 33af3b1ad6 updated discovery endpoint to latest spec, removed surplus specialized view
12 years ago
Justin Richer 8e8e14c638 added at_hash
12 years ago
Justin Richer 3bb43f417a added auth time tracking
12 years ago
Justin Richer ce2e630304 fixed login page display (thanks to Jett), addresses #289
12 years ago
Justin Richer e665aec36f dependency cleanup
12 years ago
Justin Richer 98fff8fe99 updated error handling on introspection and revocation endpoints
12 years ago
Justin Richer 35cb14a73f fixed comment
12 years ago
Justin Richer 743a3023dc removed old error handlers
12 years ago
Justin Richer 31e3c5e5e7 moved user approval page
12 years ago
Justin Richer 694761c026 cleaned up userinfo view
12 years ago
Justin Richer 71d6dc6afe removed special stats view
12 years ago
Justin Richer 1630648925 updated logo, added large logo
12 years ago
Amanda Anganes 7e59421f33 Commented out XRD endpoint and added TODO reference to webfinger issue
12 years ago
Amanda Anganes 34b243e0e1 Added back discovery endpoint, but renamed to not say SWD
12 years ago
Justin Richer ac2993c402 [maven-release-plugin] prepare for next development iteration
12 years ago
Justin Richer f0d75f9144 [maven-release-plugin] prepare release mitreid-connect-0.9.1
12 years ago
Stephen Moore 23c318f6c2 Updating guava to 14.0.1
12 years ago
Amanda Anganes a723c9d921 Removed references to DefaultAuthorizationRequest in connect code
12 years ago
Amanda Anganes e17eaa499e Cleaned up classes affected by SECOAUTH changes; added Connect implementation of AuthorizationRequest and updated manager class to reflect new class & updated interface;
12 years ago
Justin Richer 5f54777109 [maven-release-plugin] prepare for next development iteration
12 years ago
Justin Richer 620a60ddc2 [maven-release-plugin] prepare release mitreid-connect-0.9.0
12 years ago
Justin Richer 54f1ae972b Added properties and updated poms for sync to central
12 years ago
Justin Richer f63ea94b37 fixed bean name
12 years ago
Justin Richer f101dcc512 moved to released version of SECOAUTH
12 years ago
Justin Richer c0c1847f38 fixed bean name
12 years ago
Amanda Anganes 72e2c7cb6c Updated build references
12 years ago
Amanda Anganes 02220a411a Fixed typo
12 years ago
Amanda Anganes 0f327a772b Updated js files to use results returned from JsonErrorView; factored out markup into modal definition.
12 years ago
Amanda Anganes 2265a3f8c3 Updated error handling messages for scope, approved site, blacklist, whitelist, and client APIs using new JsonErrorView
12 years ago
Amanda Anganes ee5b21b542 Added JsonErrorView
12 years ago
Amanda Anganes 07686d8e00 Removed superfluous try/catch around save call in ScopeAPI.
12 years ago
Justin Richer 4538d8fb14 made signing and verification service construction safe for public-only keys
12 years ago
Justin Richer 6cc50e7cd5 switched signing & validation service to use JWK natively for keys
12 years ago
Justin Richer f54dddd8c0 fixed blacklisted field name, addresses #295
12 years ago
Justin Richer 5a04198eac moved to JPSK based key store
12 years ago
Justin Richer e2ad4d2e8f cleaned up spurious nosuchalgorithm exceptions, addresses #285
12 years ago
Amanda Anganes 5b321b9c86 Updated whitelist api for ui error handling
12 years ago
Amanda Anganes 666573cd34 Updated blacklist and client api for ui error handling
12 years ago