af81e371fb 
								
							
								 
							
						 
						
							
							
								
								Updated application-context to use new authorization request manager  
							
							
							
						 
						
							2013-01-07 10:46:55 -05:00  
				
					
						
							
							
								 
						
							
							
								77b932f5a7 
								
							
								 
							
						 
						
							
							
								
								Added implementation of AuthorizationRequestManager. Nonce checking will go in here  
							
							
							
						 
						
							2013-01-04 15:30:24 -05:00  
				
					
						
							
							
								 
						
							
							
								1af6513499 
								
							
								 
							
						 
						
							
							
								
								Removed nonce checking from token service impl  
							
							
							
						 
						
							2013-01-04 15:30:24 -05:00  
				
					
						
							
							
								 
						
							
							
								7e7b2527db 
								
							
								 
							
						 
						
							
							
								
								Added nonce to persistence.xml  
							
							
							
						 
						
							2013-01-04 15:30:24 -05:00  
				
					
						
							
							
								 
						
							
							
								246ed962bb 
								
							
								 
							
						 
						
							
							
								
								Added stub of repository test  
							
							
							
						 
						
							2013-01-04 15:30:24 -05:00  
				
					
						
							
							
								 
						
							
							
								e1dffb959c 
								
							
								 
							
						 
						
							
							
								
								Added NonceReuseException  
							
							
							
						 
						
							2013-01-04 15:30:24 -05:00  
				
					
						
							
							
								 
						
							
							
								8f8a3754db 
								
							
								 
							
						 
						
							
							
								
								Added database tables for Nonce  
							
							
							
						 
						
							2013-01-04 15:30:24 -05:00  
				
					
						
							
							
								 
						
							
							
								a4637ec395 
								
							
								 
							
						 
						
							
							
								
								Fleshed out nonce service classes, added code to token service impl to check for and store nonces. Added JodaTime library for working with dates.  
							
							
							
						 
						
							2013-01-04 15:30:24 -05:00  
				
					
						
							
							
								 
						
							
							
								c7ae315e98 
								
							
								 
							
						 
						
							
							
								
								Added initial files for nonce service. Repository and service impls are stubs  
							
							
							
						 
						
							2013-01-04 15:30:24 -05:00  
				
					
						
							
							
								 
						
							
							
								cbcfe55bb9 
								
							
								 
							
						 
						
							
							
								
								added introspection flag to client bootstrap  
							
							
							
						 
						
							2013-01-02 14:16:31 -05:00  
				
					
						
							
							
								 
						
							
							
								4068952a81 
								
							
								 
							
						 
						
							
							
								
								fixed well size, added comment  
							
							
							
						 
						
							2013-01-02 10:19:55 -05:00  
				
					
						
							
							
								 
						
							
							
								655092a12b 
								
							
								 
							
						 
						
							
							
								
								added introspection checkbox, added access tab  
							
							... 
							
							
							
							Signed-off-by: Justin Richer <jricher@mitre.org> 
							
						 
						
							2012-12-21 16:38:52 -05:00  
				
					
						
							
							
								 
						
							
							
								9a1b2d7fac 
								
							
								 
							
						 
						
							
							
								
								made client edit page tabbable (that was seriously easy)  
							
							
							
						 
						
							2012-12-21 16:26:34 -05:00  
				
					
						
							
							
								 
						
							
							
								48866c15f2 
								
							
								 
							
						 
						
							
							
								
								button display cleanup  
							
							
							
						 
						
							2012-12-21 16:07:59 -05:00  
				
					
						
							
							
								 
						
							
							
								a85b1f5d74 
								
							
								 
							
						 
						
							
							
								
								split approved sites into two tables  
							
							
							
						 
						
							2012-12-21 15:35:33 -05:00  
				
					
						
							
							
								 
						
							
							
								198a45369a 
								
							
								 
							
						 
						
							
							
								
								buttonsize tweak  
							
							
							
						 
						
							2012-12-21 15:03:45 -05:00  
				
					
						
							
							
								 
						
							
							
								f12efc1b80 
								
							
								 
							
						 
						
							
							
								
								added dynreg caution block  
							
							
							
						 
						
							2012-12-21 14:48:15 -05:00  
				
					
						
							
							
								 
						
							
							
								231e81a426 
								
							
								 
							
						 
						
							
							
								
								updated icons  
							
							
							
						 
						
							2012-12-21 14:28:07 -05:00  
				
					
						
							
							
								 
						
							
							
								797d521691 
								
							
								 
							
						 
						
							
							
								
								cleaned up logged-in button  
							
							
							
						 
						
							2012-12-21 13:04:33 -05:00  
				
					
						
							
							
								 
						
							
							
								7ebbe3acc4 
								
							
								 
							
						 
						
							
							
								
								removed mockups  
							
							
							
						 
						
							2012-12-21 11:01:22 -05:00  
				
					
						
							
							
								 
						
							
							
								7459767646 
								
							
								 
							
						 
						
							
							
								
								fixed validation problem with new backbone  
							
							
							
						 
						
							2012-12-20 17:46:34 -05:00  
				
					
						
							
							
								 
						
							
							
								37bca0d5fb 
								
							
								 
							
						 
						
							
							
								
								cleaned out backbone validation plugin  
							
							
							
						 
						
							2012-12-20 17:31:22 -05:00  
				
					
						
							
							
								 
						
							
							
								9dd54d47bb 
								
							
								 
							
						 
						
							
							
								
								updated versions of backbone and underscore  
							
							
							
						 
						
							2012-12-20 17:31:08 -05:00  
				
					
						
							
							
								 
						
							
							
								e0672757bf 
								
							
								 
							
						 
						
							
							
								
								update to bootstrap 2.2.2  
							
							
							
						 
						
							2012-12-20 12:44:02 -05:00  
				
					
						
							
							
								 
						
							
							
								8ad28b41aa 
								
							
								 
							
						 
						
							
							
								
								fixing CSS and collapsing headerbar  
							
							
							
						 
						
							2012-12-20 12:35:30 -05:00  
				
					
						
							
							
								 
						
							
							
								67a682d53a 
								
							
								 
							
						 
						
							
							
								
								added default router to backbone app  
							
							
							
						 
						
							2012-12-18 13:56:57 -05:00  
				
					
						
							
							
								 
						
							
							
								87788f0710 
								
							
								 
							
						 
						
							
							
								
								let users visit home page without logging in  
							
							
							
						 
						
							2012-12-18 13:56:46 -05:00  
				
					
						
							
							
								 
						
							
							
								f265347311 
								
							
								 
							
						 
						
							
							
								
								tweaked error messages  
							
							
							
						 
						
							2012-12-18 12:08:36 -05:00  
				
					
						
							
							
								 
						
							
							
								18ddd8333f 
								
							
								 
							
						 
						
							
							
								
								added flag to allow introspection, relaxed same-client restrictions on introspection and chained tokens  
							
							
							
						 
						
							2012-12-18 11:07:24 -05:00  
				
					
						
							
							
								 
						
							
							
								6eabc895b9 
								
							
								 
							
						 
						
							
							
								
								moved database file to a reasonable name  
							
							
							
						 
						
							2012-12-17 13:45:39 -05:00  
				
					
						
							
							
								 
						
							
							
								1f53f41648 
								
							
								 
							
						 
						
							
							
								
								generic entity view now takes optional HttpStatus argument  
							
							
							
						 
						
							2012-12-14 17:35:21 -05:00  
				
					
						
							
							
								 
						
							
							
								a3790f943e 
								
							
								 
							
						 
						
							
							
								
								cleaned up introspection endpoint to use exceptions  
							
							
							
						 
						
							2012-12-14 17:35:20 -05:00  
				
					
						
							
							
								 
						
							
							
								e5206f2b92 
								
							
								 
							
						 
						
							
							
								
								implemented jwt assertions for id tokens  
							
							
							
						 
						
							2012-12-14 17:35:20 -05:00  
				
					
						
							
							
								 
						
							
							
								51b67ebc03 
								
							
								 
							
						 
						
							
							
								
								added queries to get access token from id token  
							
							
							
						 
						
							2012-12-14 17:35:20 -05:00  
				
					
						
							
							
								 
						
							
							
								1853bd7117 
								
							
								 
							
						 
						
							
							
								
								added assertion token granter  
							
							
							
						 
						
							2012-12-14 17:35:20 -05:00  
				
					
						
							
							
								 
						
							
							
								0d6c96f410 
								
							
								 
							
						 
						
							
							
								
								moved JPA adapter to data-context, addresses  #242  
							
							
							
						 
						
							2012-12-14 09:43:42 -05:00  
				
					
						
							
							
								 
						
							
							
								2a74be5baf 
								
							
								 
							
						 
						
							
							
								
								bringing mysql tables up to date  
							
							
							
						 
						
							2012-12-13 16:54:21 -05:00  
				
					
						
							
							
								 
						
							
							
								2c104a71e2 
								
							
								 
							
						 
						
							
							
								
								cleaned up mysql table  
							
							
							
						 
						
							2012-12-13 16:04:45 -05:00  
				
					
						
							
							
								 
						
							
							
								cda6163d0d 
								
							
								 
							
						 
						
							
							
								
								null and blank handling  
							
							
							
						 
						
							2012-12-12 12:29:14 -05:00  
				
					
						
							
							
								 
						
							
							
								06fad3a41c 
								
							
								 
							
						 
						
							
							
								
								moved view for client API  
							
							
							
						 
						
							2012-12-11 15:19:11 -05:00  
				
					
						
							
							
								 
						
							
							
								6344a72519 
								
							
								 
							
						 
						
							
							
								
								missed a few applicationName references, fixed API JSON rendering  
							
							
							
						 
						
							2012-12-11 15:16:18 -05:00  
				
					
						
							
							
								 
						
							
							
								dfd8e9c7c7 
								
							
								 
							
						 
						
							
							
								
								removed unused view  
							
							
							
						 
						
							2012-12-11 15:15:52 -05:00  
				
					
						
							
							
								 
						
							
							
								dd04df6a22 
								
							
								 
							
						 
						
							
							
								
								fixed javascript bugs  
							
							
							
						 
						
							2012-12-11 14:08:10 -05:00  
				
					
						
							
							
								 
						
							
							
								f12d3c7d30 
								
							
								 
							
						 
						
							
							
								
								fixed variable reference  
							
							
							
						 
						
							2012-12-11 13:37:14 -05:00  
				
					
						
							
							
								 
						
							
							
								920777128d 
								
							
								 
							
						 
						
							
							
								
								switched to uncompressed jquery  
							
							
							
						 
						
							2012-12-11 13:29:19 -05:00  
				
					
						
							
							
								 
						
							
							
								829c8ae5f4 
								
							
								 
							
						 
						
							
							
								
								tweaked functionality of grant types and scopes  
							
							
							
						 
						
							2012-12-11 13:16:33 -05:00  
				
					
						
							
							
								 
						
							
							
								cc36851bdd 
								
							
								 
							
						 
						
							
							
								
								propagated field name change to UI  
							
							
							
						 
						
							2012-12-11 12:38:55 -05:00  
				
					
						
							
							
								 
						
							
							
								179903b074 
								
							
								 
							
						 
						
							
							
								
								propagated client changes to service  
							
							
							
						 
						
							2012-12-11 12:31:01 -05:00  
				
					
						
							
							
								 
						
							
							
								2f7891d02c 
								
							
								 
							
						 
						
							
							
								
								updated mysql table to new schema  
							
							
							
						 
						
							2012-12-11 12:27:24 -05:00  
				
					
						
							
							
								 
						
							
							
								bcfa37040e 
								
							
								 
							
						 
						
							
							
								
								missed one  
							
							
							
						 
						
							2012-12-11 12:18:51 -05:00  
				
					
						
							
							
								 
						
							
							
								33ceedb283 
								
							
								 
							
						 
						
							
							
								
								added scope and grant_type, switched to timeunit  
							
							
							
						 
						
							2012-12-11 12:11:09 -05:00  
				
					
						
							
							
								 
						
							
							
								e2bc15c2b2 
								
							
								 
							
						 
						
							
							
								
								beginning of client registration refactor to track IETF dynreg spec  
							
							
							
						 
						
							2012-12-10 17:36:33 -05:00  
				
					
						
							
							
								 
						
							
							
								94c37f5815 
								
							
								 
							
						 
						
							
							
								
								added redelegate scope to client list, fixed inconsistency with refresh token issuance (addresses  #239 )  
							
							
							
						 
						
							2012-12-10 16:53:05 -05:00  
				
					
						
							
							
								 
						
							
							
								510ddb48b7 
								
							
								 
							
						 
						
							
							
								
								override the correct part of the token granter class  
							
							
							
						 
						
							2012-12-10 15:54:37 -05:00  
				
					
						
							
							
								 
						
							
							
								bdcc6af096 
								
							
								 
							
						 
						
							
							
								
								temporary sanity check for client ID's  
							
							
							
						 
						
							2012-12-10 11:40:03 -05:00  
				
					
						
							
							
								 
						
							
							
								cab0839430 
								
							
								 
							
						 
						
							
							
								
								added workarounds for quirks in SECOAUTH  
							
							
							
						 
						
							2012-12-10 11:27:28 -05:00  
				
					
						
							
							
								 
						
							
							
								edc96d646c 
								
							
								 
							
						 
						
							
							
								
								added chained token grant  
							
							
							
						 
						
							2012-12-10 10:48:38 -05:00  
				
					
						
							
							
								 
						
							
							
								54708fb0ac 
								
							
								 
							
						 
						
							
							
								
								fixed id token scopes (shouldn't inherit from parent token)  
							
							
							
						 
						
							2012-12-10 10:11:02 -05:00  
				
					
						
							
							
								 
						
							
							
								2a206654b6 
								
							
								 
							
						 
						
							
							
								
								added client credential protection to revocation endpoint  
							
							
							
						 
						
							2012-12-07 17:17:19 -05:00  
				
					
						
							
							
								 
						
							
							
								e38b2b0ba5 
								
							
								 
							
						 
						
							
							
								
								shortened revocation endpoint url  
							
							
							
						 
						
							2012-12-07 17:16:03 -05:00  
				
					
						
							
							
								 
						
							
							
								fbc3c46128 
								
							
								 
							
						 
						
							
							
								
								Introspection now draft spec compliant, requires client auth  
							
							... 
							
							
							
							Currently this is the client that originally sent the token, we want to have a way to bind other "clients" to this token as well, like resource services. Also want to let open calls, sometimes. 
							
						 
						
							2012-12-07 17:12:13 -05:00  
				
					
						
							
							
								 
						
							
							
								544e3d7b43 
								
							
								 
							
						 
						
							
							
								
								added copy constructors because Dave likes to use unmodifiable sets for no apparent reason  
							
							
							
						 
						
							2012-12-07 10:06:10 -05:00  
				
					
						
							
							
								 
						
							
							
								64ef752f08 
								
							
								 
							
						 
						
							
							
								
								added refresh token granter for testing  
							
							
							
						 
						
							2012-12-07 09:56:43 -05:00  
				
					
						
							
							
								 
						
							
							
								7561ac9e8c 
								
							
								 
							
						 
						
							
							
								
								client dynamic registration now protected by access token, addresses  #199  
							
							
							
						 
						
							2012-12-06 17:48:23 -05:00  
				
					
						
							
							
								 
						
							
							
								7342da6a51 
								
							
								 
							
						 
						
							
							
								
								completed making id tokens into access tokens  
							
							
							
						 
						
							2012-12-06 16:24:04 -05:00  
				
					
						
							
							
								 
						
							
							
								e4f9fa2bbf 
								
							
								 
							
						 
						
							
							
								
								labeled introspection endpoint  
							
							
							
						 
						
							2012-12-06 16:19:25 -05:00  
				
					
						
							
							
								 
						
							
							
								17374a57e0 
								
							
								 
							
						 
						
							
							
								
								added ISO date format to generic entity view, addresses  #232  
							
							
							
						 
						
							2012-12-06 16:15:14 -05:00  
				
					
						
							
							
								 
						
							
							
								3378cd5c4c 
								
							
								 
							
						 
						
							
							
								
								cleaned table  
							
							
							
						 
						
							2012-12-06 14:24:38 -05:00  
				
					
						
							
							
								 
						
							
							
								b8f701d9d8 
								
							
								 
							
						 
						
							
							
								
								switched id tokens to entities, they're now access tokens also  
							
							... 
							
							
							
							still needs some work to get the auth object right, for now we're just copying from the access token 
							
						 
						
							2012-12-06 10:19:21 -05:00  
				
					
						
							
							
								 
						
							
							
								2ef8d16e9c 
								
							
								 
							
						 
						
							
							
								
								typo, formatting  
							
							
							
						 
						
							2012-12-05 15:49:50 -05:00  
				
					
						
							
							
								 
						
							
							
								ba7ddf17f9 
								
							
								 
							
						 
						
							
							
								
								added bootstrapping for clients, cleaned up sql files  
							
							
							
						 
						
							2012-12-05 15:04:14 -05:00  
				
					
						
							
							
								 
						
							
							
								cf7ceb74f3 
								
							
								 
							
						 
						
							
							
								
								betterer logout button  
							
							
							
						 
						
							2012-12-04 16:40:28 -05:00  
				
					
						
							
							
								 
						
							
							
								2f1a6864b8 
								
							
								 
							
						 
						
							
							
								
								made a better logout button  
							
							
							
						 
						
							2012-12-04 16:37:57 -05:00  
				
					
						
							
							
								 
						
							
							
								838e029db1 
								
							
								 
							
						 
						
							
							
								
								added logout button  
							
							
							
						 
						
							2012-12-04 16:18:58 -05:00  
				
					
						
							
							
								 
						
							
							
								d7d9e84e70 
								
							
								 
							
						 
						
							
							
								
								fixed user_id mapping  
							
							
							
						 
						
							2012-12-04 16:18:37 -05:00  
				
					
						
							
							
								 
						
							
							
								f091343d84 
								
							
								 
							
						 
						
							
							
								
								moved back to in-memory database by default  
							
							
							
						 
						
							2012-12-04 15:56:03 -05:00  
				
					
						
							
							
								 
						
							
							
								49e216412e 
								
							
								 
							
						 
						
							
							
								
								Added bootstrapped users set.  
							
							
							
						 
						
							2012-12-04 15:51:10 -05:00  
				
					
						
							
							
								 
						
							
							
								dcc56ec9dd 
								
							
								 
							
						 
						
							
							
								
								temporary tables to prevent casts from leaking  
							
							
							
						 
						
							2012-12-04 14:38:08 -05:00  
				
					
						
							
							
								 
						
							
							
								8b37011244 
								
							
								 
							
						 
						
							
							
								
								added casts to varchar to avoid extraneous spaces  
							
							
							
						 
						
							2012-12-04 13:35:40 -05:00  
				
					
						
							
							
								 
						
							
							
								e305d3b16b 
								
							
								 
							
						 
						
							
							
								
								Making stable in-memory and in-file database with HSQL  
							
							
							
						 
						
							2012-12-03 17:53:25 -05:00  
				
					
						
							
							
								 
						
							
							
								061c0f0814 
								
							
								 
							
						 
						
							
							
								
								minor cleanup  
							
							
							
						 
						
							2012-12-03 16:10:07 -05:00  
				
					
						
							
							
								 
						
							
							
								250432ce7f 
								
							
								 
							
						 
						
							
							
								
								Added information into the user_info table  
							
							
							
						 
						
							2012-12-03 14:56:40 -05:00  
				
					
						
							
							
								 
						
							
							
								1bcaa68cb4 
								
							
								 
							
						 
						
							
							
								
								Added user_info stuff... and changed serverconfig for issuer...  
							
							
							
						 
						
							2012-12-03 14:56:40 -05:00  
				
					
						
							
							
								 
						
							
							
								47b34d2b1b 
								
							
								 
							
						 
						
							
							
								
								Added blacklist table to HSQLDB sql script  
							
							
							
						 
						
							2012-12-03 14:56:40 -05:00  
				
					
						
							
							
								 
						
							
							
								4fdb0816eb 
								
							
								 
							
						 
						
							
							
								
								Moved DB to use in memory HSQLDB. Made authentication-provider use a jdbc-user-service in that in-memory hsqldb.  
							
							
							
						 
						
							2012-12-03 14:56:40 -05:00  
				
					
						
							
							
								 
						
							
							
								fce47c239a 
								
							
								 
							
						 
						
							
							
								
								added slashes to patterns what needed them, removed vestigial intercept from user-context  
							
							
							
						 
						
							2012-11-26 16:23:46 -05:00  
				
					
						
							
							
								 
						
							
							
								122a2de074 
								
							
								 
							
						 
						
							
							
								
								First attempt at making API not redirect to /login, failed  
							
							
							
						 
						
							2012-11-26 16:05:46 -05:00  
				
					
						
							
							
								 
						
							
							
								d07f67bd76 
								
							
								 
							
						 
						
							
							
								
								let user select when grants time out  
							
							
							
						 
						
							2012-11-26 14:26:07 -05:00  
				
					
						
							
							
								 
						
							
							
								84401531ae 
								
							
								 
							
						 
						
							
							
								
								tie refresh token generation to "offline" scope tag  
							
							
							
						 
						
							2012-11-26 13:16:19 -05:00  
				
					
						
							
							
								 
						
							
							
								50040a8ef4 
								
							
								 
							
						 
						
							
							
								
								fixed checkbox labels  
							
							
							
						 
						
							2012-11-26 12:57:49 -05:00  
				
					
						
							
							
								 
						
							
							
								667c3abc8a 
								
							
								 
							
						 
						
							
							
								
								dynamic scope display/selection on approval page  
							
							
							
						 
						
							2012-11-26 11:53:19 -05:00  
				
					
						
							
							
								 
						
							
							
								1281d75aa9 
								
							
								 
							
						 
						
							
							
								
								stopped re-parsing scopes  
							
							
							
						 
						
							2012-11-26 11:53:19 -05:00  
				
					
						
							
							
								 
						
							
							
								9c3a40779b 
								
							
								 
							
						 
						
							
							
								
								updated to SECOAUTH's horrible new object-breaking authorization request paradigm.  
							
							... 
							
							
							
							Bonus: it works! 
							
						 
						
							2012-11-26 11:53:19 -05:00  
				
					
						
							
							
								 
						
							
							
								3e327b9df6 
								
							
								 
							
						 
						
							
							
								
								reverted to original controller behavior  
							
							
							
						 
						
							2012-11-26 11:53:19 -05:00  
				
					
						
							
							
								 
						
							
							
								cf4581a5eb 
								
							
								 
							
						 
						
							
							
								
								updated configuration to reflect secoauth changes  
							
							
							
						 
						
							2012-11-26 11:53:19 -05:00  
				
					
						
							
							
								 
						
							
							
								45ca4e565e 
								
							
								 
							
						 
						
							
							
								
								updated to SECOAUTH-1.0.1-BUILD-SNAPSHOT  
							
							
							
						 
						
							2012-11-26 11:53:19 -05:00  
				
					
						
							
							
								 
						
							
							
								cf1ddf0457 
								
							
								 
							
						 
						
							
							
								
								Determined that init binder was not needed to fix default for Boolean require_auth_time; instead use defaultValue=\"true\" in the RequestParam declaration. Also fixed bug in ClientDetails service so that it will not blow up if the client has no redirect uris registered  
							
							
							
						 
						
							2012-11-21 15:39:07 -05:00  
				
					
						
							
							
								 
						
							
							
								2084639828 
								
							
								 
							
						 
						
							
							
								
								Working on init binder for ClientDynamicRegistrationEndpoint  
							
							
							
						 
						
							2012-11-21 14:54:24 -05:00  
				
					
						
							
							
								 
						
							
							
								8b0c520534 
								
							
								 
							
						 
						
							
							
								
								Issue 213, writing init binder to convert null Boolean values to false before calling setters  
							
							
							
						 
						
							2012-11-21 14:53:41 -05:00  
				
					
						
							
							
								 
						
							
							
								a2a29e7b76 
								
							
								 
							
						 
						
							
							
								
								trying out new confirmation controller  
							
							
							
						 
						
							2012-11-21 10:00:35 -05:00