c974267cde 
								
							
								 
							
						 
						
							
							
								
								return prompt=none error to client,  closes   #667  
							
							
							
						 
						
							2015-05-27 12:11:41 -04:00  
				
					
						
							
							
								 
						
							
							
								cbf6316050 
								
							
								 
							
						 
						
							
							
								
								cleaned up logic on user info interceptor to fix detection of redirects  
							
							
							
						 
						
							2015-05-27 12:06:58 -04:00  
				
					
						
							
							
								 
						
							
							
								fe6d2f8a6e 
								
							
								 
							
						 
						
							
							
								
								updated and expanded unit tests to account for new data layer  
							
							
							
						 
						
							2015-05-26 22:00:21 -04:00  
				
					
						
							
							
								 
						
							
							
								d5a08d4996 
								
							
								 
							
						 
						
							
							
								
								cleaned up vestigial service component, to be fixed (maybe) in  #825  
							
							
							
						 
						
							2015-05-26 22:00:21 -04:00  
				
					
						
							
							
								 
						
							
							
								d9e03b769b 
								
							
								 
							
						 
						
							
							
								
								fixed auth holder reference handling, import/export works now  
							
							
							
						 
						
							2015-05-26 22:00:21 -04:00  
				
					
						
							
							
								 
						
							
							
								3d1aee77b4 
								
							
								 
							
						 
						
							
							
								
								updated 1.2 import to reflect new objects  
							
							
							
						 
						
							2015-05-26 22:00:21 -04:00  
				
					
						
							
							
								 
						
							
							
								441b19f0c5 
								
							
								 
							
						 
						
							
							
								
								fixed data export to comply with new auth holder  
							
							
							
						 
						
							2015-05-26 22:00:21 -04:00  
				
					
						
							
							
								 
						
							
							
								a7905c9f82 
								
							
								 
							
						 
						
							
							
								
								only save strings in the Extensions map  
							
							
							
						 
						
							2015-05-26 22:00:20 -04:00  
				
					
						
							
							
								 
						
							
							
								cb8abca0f6 
								
							
								 
							
						 
						
							
							
								
								removed embedded JOSE classes in favor of converters  
							
							
							
						 
						
							2015-05-22 13:04:21 -04:00  
				
					
						
							
							
								 
						
							
							
								6be2b4f65e 
								
							
								 
							
						 
						
							
							
								
								added ES* and PS* support for signed objects  
							
							
							
						 
						
							2015-05-22 13:04:21 -04:00  
				
					
						
							
							
								 
						
							
							
								04dc037f9e 
								
							
								 
							
						 
						
							
							
								
								fixed unit tests to account for refresh token rotation  
							
							
							
						 
						
							2015-05-14 11:17:10 -04:00  
				
					
						
							
							
								 
						
							
							
								aeed2fa003 
								
							
								 
							
						 
						
							
							
								
								issue new refresh tokens for clients who are configured for it,  closes   #408  
							
							
							
						 
						
							2015-05-13 18:01:49 -04:00  
				
					
						
							
							
								 
						
							
							
								31d5e3ad0e 
								
							
								 
							
						 
						
							
							
								
								echo back requested scopes in error thrown by validator,  closes   #708  
							
							
							
						 
						
							2015-05-13 16:55:28 -04:00  
				
					
						
							
							
								 
						
							
							
								52b1bda8d8 
								
							
								 
							
						 
						
							
							
								
								version match and cleanup  
							
							
							
						 
						
							2015-05-12 21:00:44 -04:00  
				
					
						
							
							
								 
						
							
							
								24a464e142 
								
							
								 
							
						 
						
							
							
								
								put in a dummy resource set service so that introspection can pass through  
							
							
							
						 
						
							2015-05-12 20:30:05 -04:00  
				
					
						
							
							
								 
						
							
							
								a2edb31753 
								
							
								 
							
						 
						
							
							
								
								moved UMA server to its own module  
							
							
							
						 
						
							2015-05-12 15:59:03 -04:00  
				
					
						
							
							
								 
						
							
							
								7188a06488 
								
							
								 
							
						 
						
							
							
								
								added deletion functionality to UI  
							
							
							
						 
						
							2015-05-12 11:16:51 -04:00  
				
					
						
							
							
								 
						
							
							
								43a432eb9a 
								
							
								 
							
						 
						
							
							
								
								removed extraneous TODO  
							
							
							
						 
						
							2015-05-12 10:31:22 -04:00  
				
					
						
							
							
								 
						
							
							
								ed7799b54a 
								
							
								 
							
						 
						
							
							
								
								make RPTs optionally expire,  closes   #794  
							
							
							
						 
						
							2015-05-11 19:00:26 -04:00  
				
					
						
							
							
								 
						
							
							
								e0cdeb3571 
								
							
								 
							
						 
						
							
							
								
								inject uma token service  
							
							
							
						 
						
							2015-05-11 18:20:57 -04:00  
				
					
						
							
							
								 
						
							
							
								fc64dcc9b9 
								
							
								 
							
						 
						
							
							
								
								discovery endpoint cleanup  
							
							
							
						 
						
							2015-05-11 15:34:50 -04:00  
				
					
						
							
							
								 
						
							
							
								f4f08d9449 
								
							
								 
							
						 
						
							
							
								
								RPT endpoint cleanup  
							
							
							
						 
						
							2015-05-11 15:28:09 -04:00  
				
					
						
							
							
								 
						
							
							
								1f083c7acb 
								
							
								 
							
						 
						
							
							
								
								extracted RPT generation component to new token service class,  closes   #797  
							
							
							
						 
						
							2015-05-11 15:20:26 -04:00  
				
					
						
							
							
								 
						
							
							
								0ea06f01b8 
								
							
								 
							
						 
						
							
							
								
								moved claims processor to the right package  
							
							
							
						 
						
							2015-05-11 15:07:56 -04:00  
				
					
						
							
							
								 
						
							
							
								53d4f15923 
								
							
								 
							
						 
						
							
							
								
								shuffle authz endpoint  
							
							
							
						 
						
							2015-05-11 14:56:55 -04:00  
				
					
						
							
							
								 
						
							
							
								7951ff5086 
								
							
								 
							
						 
						
							
							
								
								separated claims processing out into its own service,  closes   #796  
							
							
							
						 
						
							2015-05-11 14:44:21 -04:00  
				
					
						
							
							
								 
						
							
							
								8d5c7d6226 
								
							
								 
							
						 
						
							
							
								
								fixed some rogue documentation  
							
							
							
						 
						
							2015-05-11 13:03:17 -04:00  
				
					
						
							
							
								 
						
							
							
								afad3a720b 
								
							
								 
							
						 
						
							
							
								
								Merge branch 'master' into uma  
							
							... 
							
							
							
							* master:
  added strict URI matching option to redirect resolver (off by default) 
							
						 
						
							2015-05-11 12:33:05 -04:00  
				
					
						
							
							
								 
						
							
							
								e155cdc282 
								
							
								 
							
						 
						
							
							
								
								added strict URI matching option to redirect resolver (off by default)  
							
							
							
						 
						
							2015-05-09 16:37:11 -04:00  
				
					
						
							
							
								 
						
							
							
								06f7dc984d 
								
							
								 
							
						 
						
							
							
								
								switched to view constants  
							
							
							
						 
						
							2015-04-12 21:20:10 -05:00  
				
					
						
							
							
								 
						
							
							
								d6dfa89533 
								
							
								 
							
						 
						
							
							
								
								check client information on delete of resource set  
							
							
							
						 
						
							2015-04-12 21:15:03 -05:00  
				
					
						
							
							
								 
						
							
							
								7273b0a5b7 
								
							
								 
							
						 
						
							
							
								
								fixed discovery endpoint information,  closes   #805  
							
							
							
						 
						
							2015-04-12 17:00:46 -05:00  
				
					
						
							
							
								 
						
							
							
								eb49d9624c 
								
							
								 
							
						 
						
							
							
								
								inject claims from OIDC auth token into permission ticket  
							
							
							
						 
						
							2015-03-31 18:21:34 -04:00  
				
					
						
							
							
								 
						
							
							
								98cd5ba27d 
								
							
								 
							
						 
						
							
							
								
								added save to permission ticket system  
							
							
							
						 
						
							2015-03-31 18:21:14 -04:00  
				
					
						
							
							
								 
						
							
							
								08413302eb 
								
							
								 
							
						 
						
							
							
								
								configured OIDC client on claims collection endpoint  
							
							
							
						 
						
							2015-03-31 15:35:20 -04:00  
				
					
						
							
							
								 
						
							
							
								f48049be4d 
								
							
								 
							
						 
						
							
							
								
								deny tickets with no claims required (closes a race condition)  
							
							
							
						 
						
							2015-03-31 10:26:06 -04:00  
				
					
						
							
							
								 
						
							
							
								dc10779abb 
								
							
								 
							
						 
						
							
							
								
								removed extraneous issuer in discovery endpoint,  closes   #793  
							
							
							
						 
						
							2015-03-31 10:10:14 -04:00  
				
					
						
							
							
								 
						
							
							
								a38a0b6f75 
								
							
								 
							
						 
						
							
							
								
								removed extraneous bob  
							
							
							
						 
						
							2015-03-30 18:19:13 -04:00  
				
					
						
							
							
								 
						
							
							
								6e095e3266 
								
							
								 
							
						 
						
							
							
								
								can now add and remove email address claims from the UI  
							
							
							
						 
						
							2015-03-30 17:54:16 -04:00  
				
					
						
							
							
								 
						
							
							
								687517d7f4 
								
							
								 
							
						 
						
							
							
								
								Merge branch 'master' into claims-editing-ui  
							
							
							
						 
						
							2015-03-30 12:21:59 -04:00  
				
					
						
							
							
								 
						
							
							
								d015d17fad 
								
							
								 
							
						 
						
							
							
								
								search for local users first (by email), then check remote users  
							
							
							
						 
						
							2015-03-30 12:20:19 -04:00  
				
					
						
							
							
								 
						
							
							
								348ff7ee17 
								
							
								 
							
						 
						
							
							
								
								made webfinger endpoint search by email address, then by username  
							
							
							
						 
						
							2015-03-30 12:18:50 -04:00  
				
					
						
							
							
								 
						
							
							
								5aa5cc1a10 
								
							
								 
							
						 
						
							
							
								
								added search by email to user info data stack  
							
							
							
						 
						
							2015-03-30 12:18:50 -04:00  
				
					
						
							
							
								 
						
							
							
								e89d8cd985 
								
							
								 
							
						 
						
							
							
								
								added webfinger lookup helper service  
							
							
							
						 
						
							2015-03-30 11:49:49 -04:00  
				
					
						
							
							
								 
						
							
							
								394785b9c4 
								
							
								 
							
						 
						
							
							
								
								don't give resource sets default client scopes  
							
							
							
						 
						
							2015-03-30 09:57:10 -04:00  
				
					
						
							
							
								 
						
							
							
								7af19dbd61 
								
							
								 
							
						 
						
							
							
								
								added copyright text  
							
							
							
						 
						
							2015-03-30 08:44:51 -04:00  
				
					
						
							
							
								 
						
							
							
								3e931c68b4 
								
							
								 
							
						 
						
							
							
								
								added policy editing overview page  
							
							
							
						 
						
							2015-03-20 17:27:10 -04:00  
				
					
						
							
							
								 
						
							
							
								5698393d31 
								
							
								 
							
						 
						
							
							
								
								created claims API  
							
							
							
						 
						
							2015-03-19 16:44:34 -04:00  
				
					
						
							
							
								 
						
							
							
								bde03411f1 
								
							
								 
							
						 
						
							
							
								
								Merge branch 'master' into uma  
							
							
							
						 
						
							2015-03-18 21:42:26 -04:00  
				
					
						
							
							
								 
						
							
							
								006a4d1ec6 
								
							
								 
							
						 
						
							
							
								
								fixed import function of 1.2 data service  
							
							
							
						 
						
							2015-03-18 21:42:18 -04:00  
				
					
						
							
							
								 
						
							
							
								6f149cba69 
								
							
								 
							
						 
						
							
							
								
								Merge branch 'master' into uma  
							
							
							
						 
						
							2015-03-18 20:10:19 -04:00  
				
					
						
							
							
								 
						
							
							
								30e894a64a 
								
							
								 
							
						 
						
							
							
								
								put 'kid' into JWS header,  closes   #784  
							
							
							
						 
						
							2015-03-18 20:09:06 -04:00  
				
					
						
							
							
								 
						
							
							
								866186f611 
								
							
								 
							
						 
						
							
							
								
								pointed data API at the correct service version  
							
							
							
						 
						
							2015-03-18 19:54:42 -04:00  
				
					
						
							
							
								 
						
							
							
								6daeeefb33 
								
							
								 
							
						 
						
							
							
								
								augmented introspection unit tests with one for new permissions mode  
							
							
							
						 
						
							2015-03-18 08:45:05 -04:00  
				
					
						
							
							
								 
						
							
							
								9f913244a0 
								
							
								 
							
						 
						
							
							
								
								fixed unit tests for introspection results  
							
							
							
						 
						
							2015-03-18 08:00:18 -04:00  
				
					
						
							
							
								 
						
							
							
								7df31f1e87 
								
							
								 
							
						 
						
							
							
								
								completed rudimentary UMA authorization API.  
							
							... 
							
							
							
							Working: resource set registration, permission ticket creation, RPT creation from ticket
Still missing: adding required claims to resource set, adding provided claims to permission ticket 
							
						 
						
							2015-03-17 22:26:12 -04:00  
				
					
						
							
							
								 
						
							
							
								1be9da52c6 
								
							
								 
							
						 
						
							
							
								
								separated ticket object from permission object to facilitate re-use of permission object with tokens  
							
							
							
						 
						
							2015-03-17 21:16:29 -04:00  
				
					
						
							
							
								 
						
							
							
								f123366069 
								
							
								 
							
						 
						
							
							
								
								added scope filtering to protection api  
							
							
							
						 
						
							2015-03-17 19:43:02 -04:00  
				
					
						
							
							
								 
						
							
							
								ff958e20b6 
								
							
								 
							
						 
						
							
							
								
								basic authorization support  
							
							
							
						 
						
							2015-03-17 19:21:20 -04:00  
				
					
						
							
							
								 
						
							
							
								098519da5e 
								
							
								 
							
						 
						
							
							
								
								added OAuth2 error reporting to permission and resource set endpoints  
							
							
							
						 
						
							2015-03-17 19:01:44 -04:00  
				
					
						
							
							
								 
						
							
							
								2aadb09f49 
								
							
								 
							
						 
						
							
							
								
								started claims service, added expiration to permissions  
							
							
							
						 
						
							2015-03-16 22:52:21 -04:00  
				
					
						
							
							
								 
						
							
							
								c234f78dbd 
								
							
								 
							
						 
						
							
							
								
								Merge branch 'master' into authorization-api  
							
							
							
						 
						
							2015-03-13 19:08:14 -04:00  
				
					
						
							
							
								 
						
							
							
								5873b336f2 
								
							
								 
							
						 
						
							
							
								
								fixed erroneous import  
							
							
							
						 
						
							2015-03-13 19:07:27 -04:00  
				
					
						
							
							
								 
						
							
							
								8352145d82 
								
							
								 
							
						 
						
							
							
								
								Merge branch 'master' into authorization-api  
							
							... 
							
							
							
							Conflicts:
	openid-connect-common/src/main/java/org/mitre/oauth2/service/SystemScopeService.java
	openid-connect-server-webapp/src/main/webapp/WEB-INF/application-context.xml
	openid-connect-server/src/main/java/org/mitre/discovery/web/DiscoveryEndpoint.java
	openid-connect-server/src/main/java/org/mitre/oauth2/web/IntrospectionEndpoint.java
	openid-connect-server/src/main/java/org/mitre/openid/connect/web/ClientAPI.java
	openid-connect-server/src/test/java/org/mitre/oauth2/service/impl/TestDefaultIntrospectionAuthorizer.java 
							
						 
						
							2015-03-13 18:39:26 -04:00  
				
					
						
							
							
								 
						
							
							
								ba51df0c37 
								
							
								 
							
						 
						
							
							
								
								consolidated client credential filter beans  
							
							... 
							
							
							
							(note: imports magic from secoauth) 
							
						 
						
							2015-03-13 18:30:09 -04:00  
				
					
						
							
							
								 
						
							
							
								4f12fab56b 
								
							
								 
							
						 
						
							
							
								
								made unused auth codes expired (they're still single-use), refactored auth code service layer  
							
							
							
						 
						
							2015-03-13 13:45:49 -04:00  
				
					
						
							
							
								 
						
							
							
								2abcd96bbe 
								
							
								 
							
						 
						
							
							
								
								set fallback locale to English, ultimate fall through is to return the code string itself  
							
							
							
						 
						
							2015-03-12 17:28:27 -04:00  
				
					
						
							
							
								 
						
							
							
								285ad71874 
								
							
								 
							
						 
						
							
							
								
								made input reader use UTF8, imported the first set of Swedish text to the JSON format  
							
							
							
						 
						
							2015-03-12 17:07:08 -04:00  
				
					
						
							
							
								 
						
							
							
								80605becf1 
								
							
								 
							
						 
						
							
							
								
								rudimentary json-based message source  
							
							
							
						 
						
							2015-03-12 15:26:23 -04:00  
				
					
						
							
							
								 
						
							
							
								e1fb8272cc 
								
							
								 
							
						 
						
							
							
								
								redirect error on prompt=none, addresses  #667  
							
							
							
						 
						
							2015-03-12 09:26:38 -04:00  
				
					
						
							
							
								 
						
							
							
								ad9b49733f 
								
							
								 
							
						 
						
							
							
								
								externalized queries for scopes, blacklists, user info, pairwise identifiers, and whitelists,  closes   #771  even harder  
							
							
							
						 
						
							2015-03-11 16:13:28 -04:00  
				
					
						
							
							
								 
						
							
							
								15b97b1dcb 
								
							
								 
							
						 
						
							
							
								
								Externalized strings for named queries on auth holders, auth codes, clients, and tokens,  closes   #771  
							
							
							
						 
						
							2015-03-11 15:51:51 -04:00  
				
					
						
							
							
								 
						
							
							
								61a596dc15 
								
							
								 
							
						 
						
							
							
								
								externalized strings from user info views  
							
							
							
						 
						
							2015-03-11 14:00:14 -04:00  
				
					
						
							
							
								 
						
							
							
								86e95d9e6e 
								
							
								 
							
						 
						
							
							
								
								externalized json entity and error parameters,  closes   #770  
							
							
							
						 
						
							2015-03-11 13:52:32 -04:00  
				
					
						
							
							
								 
						
							
							
								e56161e223 
								
							
								 
							
						 
						
							
							
								
								extracted http "code" view parameter  
							
							
							
						 
						
							2015-03-11 13:39:07 -04:00  
				
					
						
							
							
								 
						
							
							
								1735dbca11 
								
							
								 
							
						 
						
							
							
								
								extracted controller URLs to constants,  closes   #769  
							
							
							
						 
						
							2015-03-11 13:20:59 -04:00  
				
					
						
							
							
								 
						
							
							
								617d485478 
								
							
								 
							
						 
						
							
							
								
								updated all references to media types to use constants instead of literals,  closes   #767  
							
							
							
						 
						
							2015-03-11 12:06:38 -04:00  
				
					
						
							
							
								 
						
							
							
								c777ebfac9 
								
							
								 
							
						 
						
							
							
								
								added universal OAuth exception handling  
							
							
							
						 
						
							2015-03-11 11:41:28 -04:00  
				
					
						
							
							
								 
						
							
							
								76b7324d88 
								
							
								 
							
						 
						
							
							
								
								fixed execution order of introspection endpoint  
							
							
							
						 
						
							2015-03-10 18:29:48 -04:00  
				
					
						
							
							
								 
						
							
							
								8c8f912880 
								
							
								 
							
						 
						
							
							
								
								fixed endpoint processing to account for client id  
							
							
							
						 
						
							2015-03-10 15:37:07 -04:00  
				
					
						
							
							
								 
						
							
							
								ee522100b9 
								
							
								 
							
						 
						
							
							
								
								Merge branch 'master' into uma-introspection  
							
							... 
							
							
							
							* master:
  fixed logger variable name
  made logger declarations consistent across project, closes  #780 
  Fixed logger
  null safe
  removed DateUtil
  added icons to scope editing panel 
							
						 
						
							2015-03-10 15:03:26 -04:00  
				
					
						
							
							
								 
						
							
							
								5d35f2c1a6 
								
							
								 
							
						 
						
							
							
								
								toned down errors on introspection endpoint  
							
							
							
						 
						
							2015-03-10 14:58:22 -04:00  
				
					
						
							
							
								 
						
							
							
								65d7b00f4d 
								
							
								 
							
						 
						
							
							
								
								added uma-processing of scopes to introspection results  
							
							
							
						 
						
							2015-03-10 12:38:37 -04:00  
				
					
						
							
							
								 
						
							
							
								627bcaee43 
								
							
								 
							
						 
						
							
							
								
								added client_id to resource sets  
							
							
							
						 
						
							2015-03-10 12:38:13 -04:00  
				
					
						
							
							
								 
						
							
							
								e5e4c15058 
								
							
								 
							
						 
						
							
							
								
								removed introspection authorizer hook  
							
							
							
						 
						
							2015-03-10 11:12:37 -04:00  
				
					
						
							
							
								 
						
							
							
								2a6a17486a 
								
							
								 
							
						 
						
							
							
								
								added initial uma discovery endpoint  
							
							
							
						 
						
							2015-03-09 16:15:30 -04:00  
				
					
						
							
							
								 
						
							
							
								621399545e 
								
							
								 
							
						 
						
							
							
								
								cleaned up introspection endpoint processing  
							
							
							
						 
						
							2015-03-09 16:15:09 -04:00  
				
					
						
							
							
								 
						
							
							
								764df71758 
								
							
								 
							
						 
						
							
							
								
								refactored introspection to allow for UMA style token access  
							
							
							
						 
						
							2015-03-09 12:43:05 -04:00  
				
					
						
							
							
								 
						
							
							
								1da5c2cd84 
								
							
								 
							
						 
						
							
							
								
								fixed imports  
							
							
							
						 
						
							2015-03-09 11:51:41 -04:00  
				
					
						
							
							
								 
						
							
							
								c7f6811961 
								
							
								 
							
						 
						
							
							
								
								refactored scope enforcement utilities to a separate authentication class  
							
							
							
						 
						
							2015-03-09 11:51:24 -04:00  
				
					
						
							
							
								 
						
							
							
								48b857eb85 
								
							
								 
							
						 
						
							
							
								
								fixed logger variable name  
							
							
							
						 
						
							2015-03-09 07:37:09 -04:00  
				
					
						
							
							
								 
						
							
							
								c09b63c69f 
								
							
								 
							
						 
						
							
							
								
								made logger declarations consistent across project,  closes   #780  
							
							
							
						 
						
							2015-03-08 21:56:33 -04:00  
				
					
						
							
							
								 
						
							
							
								849a2b3271 
								
							
								 
							
						 
						
							
							
								
								Fixed logger  
							
							
							
						 
						
							2015-03-08 16:02:53 +01:00  
				
					
						
							
							
								 
						
							
							
								020b410ffe 
								
							
								 
							
						 
						
							
							
								
								null safe  
							
							
							
						 
						
							2015-03-08 15:47:58 +01:00  
				
					
						
							
							
								 
						
							
							
								db2574ab53 
								
							
								 
							
						 
						
							
							
								
								removed DateUtil  
							
							
							
						 
						
							2015-03-08 15:41:47 +01:00  
				
					
						
							
							
								 
						
							
							
								f266d3b151 
								
							
								 
							
						 
						
							
							
								
								added unit test for resource set service to make sure it catches error conditions  
							
							
							
						 
						
							2015-03-06 16:56:30 -05:00  
				
					
						
							
							
								 
						
							
							
								35f2a03b4e 
								
							
								 
							
						 
						
							
							
								
								added unit test for permission service  
							
							
							
						 
						
							2015-03-06 15:50:24 -05:00  
				
					
						
							
							
								 
						
							
							
								e59e988809 
								
							
								 
							
						 
						
							
							
								
								made permission service enforce scoping  
							
							
							
						 
						
							2015-03-06 15:50:14 -05:00  
				
					
						
							
							
								 
						
							
							
								5ff9cd1bbb 
								
							
								 
							
						 
						
							
							
								
								implemented permission registration API  
							
							
							
						 
						
							2015-02-28 17:59:37 -05:00  
				
					
						
							
							
								 
						
							
							
								eed8fb0b28 
								
							
								 
							
						 
						
							
							
								
								created skeleton of permission registration API  
							
							
							
						 
						
							2015-02-28 08:33:09 -05:00