d92cc4d488
fixed constants for spring 4.2
2017-01-17 17:06:18 -05:00
b17a7f43ae
removed structured scopes
2017-01-17 17:06:04 -05:00
524794fe2e
Ignore timeout test as it's vulnerable to a race condition.
2017-01-17 15:36:57 -05:00
bdaf7cba23
Fixed race condition in test and added timeouts to prevent possibility of infinite loop.
2017-01-17 15:36:57 -05:00
46046b574a
Implemented paged operations and used for database cleanup tasks.
2017-01-17 15:36:57 -05:00
099211593c
Fix high load performance issue in token expiration task
2017-01-17 15:36:57 -05:00
ffc5782810
Fix field definition in the model object.
2017-01-17 15:27:26 -05:00
0c09a17f59
Adapted uma-server-webapp overlayed spring configuration files to changes in base webapp
2017-01-17 15:25:45 -05:00
93deef952f
Adapted uma-webapp-server database initialization scripts to base changes
2017-01-17 15:25:45 -05:00
99d1b0cfec
Adapted changes from base admin.js to overlayed admin.js in uma-server-webapp
2017-01-17 15:25:45 -05:00
0c821fcb51
Adapted overlayed application-context.xml in uma-server-webapp to base file
2017-01-17 15:25:45 -05:00
5993c879a6
Removed version from created war and added maven jetty plugin with context so URLs are prefixed correctly in uma-server-webapp
2017-01-17 15:25:45 -05:00
0dd7eef428
Updated database examples, closes #1167
2017-01-17 14:38:51 -05:00
d862ba9fd8
add indexes on certain fields to shorten time taken to issue a new access token
2017-01-16 15:39:13 -05:00
9b715f9632
put error logging inside the curried callback
2017-01-05 17:38:03 -05:00
0d162b1423
disabled CSRF on API endpoints, changed auth manager to a bean ID instead of reference, changed filter order to keep SECOAUTH from clearing out security contexts.
2017-01-05 17:37:22 -05:00
71bb8d6439
Spring 4.3 namespace
2016-12-27 21:04:38 -05:00
fc91043807
using defaults from spring 4
2016-12-22 15:17:18 -05:00
d5e8dd31a8
update to Spring Security 4
2016-12-22 14:30:59 -05:00
0e703ef9f9
update a few dependency versions, closes #1145
2016-12-21 15:50:24 -05:00
275c1b7e1c
user info fetcher cache throws error instead of returning null (as per library contract), closes #1144
2016-12-21 14:48:37 -05:00
bea3af2470
database table sync
2016-12-21 13:44:49 -05:00
63bd8d18fb
cleaned ID token views from UI
2016-12-21 13:44:40 -05:00
91da3935f5
Made ID tokens ephemeral, made access token’s “additional information” extensible
2016-12-21 13:01:15 -05:00
91ed758ed1
removed “attributeName” from annotation as this breaks EclipseLink JPA
2016-12-09 16:58:43 -05:00
4f4c8de1c8
Fix JPA issues to allow using Hibernate
2016-12-09 15:15:50 -05:00
375a5f2e47
removed token count from grant admin page
2016-12-09 15:10:07 -05:00
22fa3605ef
Patched unit tests, still needs updates for checking approved site to token mapping on data import/export
2016-12-09 12:56:06 -05:00
55b1b00b73
Updated relationship between approved sites and access tokens, closes #874
2016-12-09 12:55:42 -05:00
d875d52be7
updated data import/export services for 1.3
2016-12-08 17:01:55 -05:00
7725fcfa2b
createAuthorizationCode should be @Transactional
...
An Authentication should not exist without its matching AuthorizationCode, but typically an AuthorizationCode will have a foreign key on an Authentication, meaning it can't be saved first. This block should be wrapped in a transaction so that other DB clients (say, for example, clearExpiredAuthorizationCodes) don't see an inconsistent snapshot and then misbehave.
2016-12-02 16:29:48 -05:00
c3d0c18af5
make HttpClient configurable, closes #1071
2016-12-02 16:23:55 -05:00
f45a6ef56a
use the same encoding as on client side
...
see OIDCAuthenticationFilter line 336
2016-12-02 16:20:09 -05:00
476ec872ff
Fixed NPE in case if algorithm is not specified
2016-12-02 16:13:26 -05:00
bb6bb81dbc
Add new tests which asserts that `user_id` should not be present in the introspection response if there's no user authentication available
2016-12-02 16:08:32 -05:00
52da5e769a
Fix test by returning a new OAuth2Authentication instead of mocking it
2016-12-02 16:08:32 -05:00
d361f01999
Fix such that the OAuth2Authentication returned would have a `null` userAuthentication if `user_id` is not found during introspection
...
`sub` cannot be used to create the user authentication because it may not necessarily refer to the user. Instead if may refer to the client
if the access token happens to be client-only.
2016-12-02 16:08:32 -05:00
b2fab9642e
Fix such that `user_id` is only added if user authentication is available
...
OAuth2Authentication#getPrincipal() used by OAuth2Authentication#getName() defaults to the client id if user authentication is not available.
Prior to this fix, an introspection of a client-only access token would result to the user_id also being the client_id. This causes problems when this
introspection result is converted into an OAuth2Authentication by a resource server's IntrospectingTokenService -- the user_id is populated with
the client_id and so OAuth2Authentication's userAuthentication is populated falsely.
2016-12-02 16:08:32 -05:00
4ac3916db3
spaces to tabs
2016-12-02 15:50:22 -05:00
8333d035b4
move database files to match new layouts
2016-12-02 15:50:15 -05:00
fa122e7ad6
ojdbc driver uncommented in dep mgmnt
2016-12-02 15:37:41 -05:00
4b3284ffd2
ojdbc6 dependency moved to parent pom, added check constraints for boolean columns, fixed invalid column type
2016-12-02 15:37:41 -05:00
83a9fef14d
Oracle support added
2016-12-02 15:37:41 -05:00
dea6044e77
Set the encoding of the UserInfo response body to UTF-8
...
See http://openid.net/specs/openid-connect-core-1_0.html#UserInfoResponse
2016-12-02 14:44:55 -05:00
1b7612a26d
add db init script for mysql
...
add data-context example with mysql db initializer
2016-12-02 14:43:18 -05:00
cbe6b9e1df
add db init script for pgsql
...
add data-context example with pgsql db initializer
2016-12-02 14:43:18 -05:00
6f5ca3fd2f
Fixed missing "final" modifier in constant
2016-12-02 14:31:25 -05:00
337513a559
sync’d database tables from HSQL to MySQL and PGSQL
...
closes #1154
closes #1148
2016-12-02 14:28:56 -05:00
74d34ab744
null-safe target link filter
2016-10-10 15:32:53 -04:00
d0056ae882
added target link URI capability to webfinger issuer service
2016-10-10 15:32:32 -04:00
Justin Richer