2666 Commits (dae674af67a12b96145ec295a2170a69ac19e15e)

 

All Branches   

Search

Author	SHA1	Message	Date
Justin Richer	71bb8d6439	Spring 4.3 namespace	8 years ago
Justin Richer	fc91043807	using defaults from spring 4	8 years ago
Justin Richer	d5e8dd31a8	update to Spring Security 4	8 years ago
Justin Richer	0e703ef9f9	update a few dependency versions, closes #1145	8 years ago
Justin Richer	275c1b7e1c	user info fetcher cache throws error instead of returning null (as per library contract), closes #1144	8 years ago
Justin Richer	bea3af2470	database table sync	8 years ago
Justin Richer	63bd8d18fb	cleaned ID token views from UI	8 years ago
Justin Richer	91da3935f5	Made ID tokens ephemeral, made access token’s “additional information” extensible	8 years ago
Justin Richer	91ed758ed1	removed “attributeName” from annotation as this breaks EclipseLink JPA	8 years ago
Mikko Tommila	4f4c8de1c8	Fix JPA issues to allow using Hibernate	8 years ago
Justin Richer	375a5f2e47	removed token count from grant admin page	8 years ago
Justin Richer	22fa3605ef	Patched unit tests, still needs updates for checking approved site to token mapping on data import/export	8 years ago
Justin Richer	55b1b00b73	Updated relationship between approved sites and access tokens, closes #874	8 years ago
Justin Richer	d875d52be7	updated data import/export services for 1.3	8 years ago
HeXetic	7725fcfa2b	createAuthorizationCode should be @Transactional ... An Authentication should not exist without its matching AuthorizationCode, but typically an AuthorizationCode will have a foreign key on an Authentication, meaning it can't be saved first. This block should be wrapped in a transaction so that other DB clients (say, for example, clearExpiredAuthorizationCodes) don't see an inconsistent snapshot and then misbehave.	8 years ago
Julian Schlichtholz	c3d0c18af5	make HttpClient configurable, closes #1071	8 years ago
ngriesser	f45a6ef56a	use the same encoding as on client side ... see OIDCAuthenticationFilter line 336	8 years ago
Oleksandr Shpota	476ec872ff	Fixed NPE in case if algorithm is not specified	8 years ago
Sofia Ang	bb6bb81dbc	Add new tests which asserts that `user_id` should not be present in the introspection response if there's no user authentication available	8 years ago
Sofia Ang	52da5e769a	Fix test by returning a new OAuth2Authentication instead of mocking it	8 years ago
Sofia Ang	d361f01999	Fix such that the OAuth2Authentication returned would have a `null` userAuthentication if `user_id` is not found during introspection ... `sub` cannot be used to create the user authentication because it may not necessarily refer to the user. Instead if may refer to the client if the access token happens to be client-only.	8 years ago
Sofia Ang	b2fab9642e	Fix such that `user_id` is only added if user authentication is available ... OAuth2Authentication#getPrincipal() used by OAuth2Authentication#getName() defaults to the client id if user authentication is not available. Prior to this fix, an introspection of a client-only access token would result to the user_id also being the client_id. This causes problems when this introspection result is converted into an OAuth2Authentication by a resource server's IntrospectingTokenService -- the user_id is populated with the client_id and so OAuth2Authentication's userAuthentication is populated falsely.	8 years ago
Justin Richer	4ac3916db3	spaces to tabs	8 years ago
Justin Richer	8333d035b4	move database files to match new layouts	8 years ago
Tomasz Borowiec	fa122e7ad6	ojdbc driver uncommented in dep mgmnt	8 years ago
Tomasz Borowiec	4b3284ffd2	ojdbc6 dependency moved to parent pom, added check constraints for boolean columns, fixed invalid column type	8 years ago
Tomasz Borowiec	83a9fef14d	Oracle support added	8 years ago
Nicolas Liampotis	dea6044e77	Set the encoding of the UserInfo response body to UTF-8 ... See http://openid.net/specs/openid-connect-core-1_0.html#UserInfoResponse	8 years ago
Neths	1b7612a26d	add db init script for mysql ... add data-context example with mysql db initializer	8 years ago
Neths	cbe6b9e1df	add db init script for pgsql ... add data-context example with pgsql db initializer	8 years ago
pwolf23	6f5ca3fd2f	Fixed missing "final" modifier in constant	8 years ago
Justin Richer	337513a559	sync’d database tables from HSQL to MySQL and PGSQL ... closes #1154 closes #1148	8 years ago
Justin Richer	74d34ab744	null-safe target link filter	8 years ago
Justin Richer	d0056ae882	added target link URI capability to webfinger issuer service	8 years ago
Justin Richer	74f3e2d0c0	maven site generator working, closes #984 #941	8 years ago
Justin Richer	af7c1f7d45	added PKCE support to discovery endpoint	8 years ago
Justin Richer	82c313f036	added PKCE support to client	8 years ago
Justin Richer	ba0d0aab0b	use parameter constants for extensions maps in token service	8 years ago
Justin Richer	ac0cafe7b3	parse and process PKCE requests	8 years ago
Justin Richer	5dcda2812e	added code challenge method to client model (properly this time)	8 years ago
Justin Richer	2cc90ba5f2	created PKCE algorithm class	8 years ago
Justin Richer	83d7627ed0	serialize phone_number and phone_number_verified, closes #1030	8 years ago
Justin Richer	d1d05e506e	added software statement to dynamic registration self-service	8 years ago
Justin Richer	57208ac35d	added software statements to client API	8 years ago
Justin Richer	d89257380f	make client assertion auth work again	8 years ago
Justin Richer	f9e4d75a4a	use JWT bearer assertion token for assertion processing	8 years ago
Justin Richer	42ccb8b39e	make software statement processing null-safe	8 years ago
Justin Richer	bd9932d56f	added assertion processor to token endpoint	8 years ago
Justin Richer	8c021ad403	added assertion validator that validates assertions signed by the local server only	8 years ago
Justin Richer	8e016a8d30	make the null assertion processor the default	8 years ago