15428a875e
Added additional fields to ClientDetailsEntity and did some reorganization, still some more to do. Added "id" field to the sql file, but the sql still needs all of the other additional fields.
12 years ago
8d4e046408
All logging is now org.slf4j. We had a mix of org.slf4j and apache commons-logging. Added error logging to all view which throw errors.
12 years ago
a061e64abf
Merge branch 'user-approval-handler-updated-rebase'
12 years ago
5fb67ab7bb
Did a lot of cleanup; untested but compiles
12 years ago
2f28cf33e7
Changed UserInfo refs in WhitelistedSite to String ids; updated the user approval handler to check if "remember this decision" is checked and only make a new AP if so, and to pull in the scopes selected on the approval page as the saved allowed scopes for that AP.
12 years ago
b87d54b06e
Changed UserInfo references to String "userId" references
12 years ago
845976b8ac
First stages of getting the graylist portion to work. Currently no mechanism for telling the system NOT to remember your decision; that will come later. All approvals will be automatically stored with this code.
12 years ago
51b8dbe065
Revert "updated jwtHeader typ to use an enum" -- set things back to using a string
...
This reverts commit 3b2268c622
13 years ago
164090e9d5
added jwt string stability to several places, fixed jwe parser
13 years ago
676808bdac
got things to deploy - could not reference UserInfo directly in ApprovedSite and WhitelistedSite; needed to reference DefaultUserInfo instead.
13 years ago
4e10fce7ef
Implementing user approval handler; made some modifications to ApprovedSite and WhitelistedSite models, repositories, and service layers.
13 years ago
3b2268c622
updated jwtHeader typ to use an enum
13 years ago
95dcb10472
updated encrypter/decrypter to store keys as member variables rather than to pass them in
13 years ago
61c7231d9a
updated encrypter and decrypter to use enum class rather than fragile parsing
13 years ago
5f80ebc89a
changing encryption/decryption code to use enum classes rather than shady parsing techniques
13 years ago
789f41bdbe
fixed client details regression
13 years ago
3e6f66e2dc
Merge branch 'master' of https://github.com/ssayer/OpenID-Connect-Java-Spring-Server into ssayer-pullreq-124
13 years ago
d07667576e
cleaned up old code
13 years ago
40f39a18e0
cleaning up introspection endpoint
13 years ago
f9dd9df7cd
added skip to test for encryption if not running unlimited strength java
13 years ago
92e779257d
testing key sizes, still failing outside of bouncycastle
13 years ago
1dd2aaf8a1
add JsonObject export for JWK keys
13 years ago
319568d971
refactored JWA algorithm markers to use enum instead of string as stored class
13 years ago
165f3ea292
fixed some unit tests, broke others
13 years ago
e4bc66ba33
small TODO statements cleared up
13 years ago
4deaffd686
updated hmac and rsa signer to use afterPropertiesSet(), abstract oidc auth filter now adds multiple signers to map and then picks the one it needs, and key fetcher now gets jwk
13 years ago
8b848af0fb
cleaned up signer initialization calls and algorithm-setting code, cleaned up algorithm names, renamed encrypter/decrypter classes
13 years ago
d204ff1e69
removed constructor for RsaDecrypter and RsaEncrypter
13 years ago
4f78c3db80
removed verification of signature in decryption
13 years ago
1dbf2808c1
changed imports
13 years ago
e380d85ad7
updated encryption/decryption to dynamically get mode for cipher. also made the keyDataLen come from the kdf parameter rather than enc
13 years ago
5d3d888c3f
finished testing. fixed MessageDigest problems in generating cek and cik
13 years ago
13e0a7c4bb
tests for encryption/decryption done
13 years ago
88a052019a
added testing for encryption and decryption. slight bug where [ ] gets appended to clearText. working on that
13 years ago
5152fa1c69
added tests for encryption and decryption. WIP
13 years ago
26792d2fba
updated decryption to generate cik and cek based off of key derivation
13 years ago
d86ee2329b
updated encryption to generate cek and cik through key derivation. also fixed signers to use afterPropertiesSet()
13 years ago
7e7cd4f480
update to encryption/decryption. added cmk, cek, and cik use
13 years ago
bc1ff0d964
updated jwe, jwt, and jwk models to have new parameters that were released in latest JOSE update
13 years ago
70e90bc4c1
updated decryption
13 years ago
025f7f3d66
updated encryption to sign using int value rather than alg
13 years ago
cd222ad66e
got rid of ghost dependency in pom.xml for common
13 years ago
754e8406bb
removed web app from this git repository
13 years ago
99a574d303
encryption completed, decryption WIP
13 years ago
cee44de3d1
updated encryption class to include AbstractJwtEncrypter
13 years ago
caf2a7b494
updated encryption service to encrypt key and claims and then sign the jwe. decryption updated to decrypt encrypted key and ciphertext
13 years ago
cf0ce7b1fb
updated encryption and decryption for claims. WIP
13 years ago
e252951612
added encrypter/decrypter for claims to get ciphertext
13 years ago
33cc3fa899
Added spring simple web app for testing, encryption and decryption classes for rsa and hmac, still WIP
13 years ago
01793ec57f
added preferred_username claim to userinfo endpoint
13 years ago
50241e4da1
changed UserInfo.verified to UserInfo.emailVerified.
13 years ago
f0c949fd09
added scope-based filter for userinfo
13 years ago
c24a2206e9
updated jwtheader parser
13 years ago
ac7a53b234
bugfix: call setNonce instead of setType
13 years ago
a03129f70a
added documentation updates
13 years ago
c619e736f9
removed eclipse files from repository
13 years ago
de1597b214
refresh token handling fixed, removed token factory references
13 years ago
4e3c99abe4
Merge branch 'validityIntegers'
13 years ago
81d1af40bd
Updated our ClientDetailsEntity *TokenTimeout fields to be *ValiditySeconds, which are now typed as proper Integers in the SECOAUTH ClientDetails interface
13 years ago
1127a7cfbc
refactored JWKs, updated signing servier to use them
13 years ago
adb8499bee
merged derryberry code, plus tweaks, still WIP
13 years ago
b1fc07bcb8
updated -common code to get a validation service from a server configuration
13 years ago
2930719700
Added architecture diagram
13 years ago
b94fbd7439
updated -common and -client code by removing throws exception, changing to rest templates, and updating test cases to use annotations
13 years ago
fe3bbfb3d5
Further cleanups. Still missing:
...
- All tests extend TestCase, should use annotations instead
- Several elements throw Exception
- Key Fetchers should use RESTTemplates and be in a separate utility set
13 years ago
b86abdd761
merge from pull request, plus cleanup
13 years ago
731ad2e2e2
updated SECOAUTH reference, fixed some SQL files, temporarily closed token timeout issue
13 years ago
ace5dd1f1e
imported userinfouserdetails filter from MITRE codebase
13 years ago
65dc3daaf8
smart client
13 years ago
2a05ff995d
Added support for additional field in ClientDetailsEntity.java.
13 years ago
3e810cb5dc
Merge remote-tracking branch 'mitre/master'
13 years ago
fad6caa968
Added testing for signers for Hmac, Rsa, and Plaintext
13 years ago
e44697cef9
updated JWK display to latest, closes #58
13 years ago
5c72d8b95f
revocation endpoint cleanup, still needs views
13 years ago
27219c066d
refactored our service to reflect upstream
13 years ago
ee28d56031
initial implementation of x509 and JWK key retrieval
13 years ago
8917e75010
see issue #19
13 years ago
6f43040587
slight sequence diagrams tweaks, mods to account-chooser and openid-connect-client
13 years ago
3402a3e463
ClientAPI now fully supports RESTful DELETE
13 years ago
af6e043239
Client Entity now initialized with non-null values so JPA won't flip. Added unified method for saving. Sync'd class member names to allow proper binding.
13 years ago
0c7ea88323
Client updates.
13 years ago
49e96778b8
Missed a file
13 years ago
fd91c884bb
Made interfaces... deleted a thing.
13 years ago
ffe31e6049
merged config from bean config config bean bean
13 years ago
e158ef6fc2
added config bean
13 years ago
e33f277bbe
Updated classes to track newest version of SECOAUTH. This update closes issues #3 , #4 , #8 , and #36 (infinite redirects). This revision changes the authorization and token endpoints to be /openidconnect/auth and /openidconnect/token, respectively.
13 years ago
2cf12d4078
Made getAll use ? extends UserInfo
13 years ago
97dffb6414
added copyright to all java files. closes #11
13 years ago
6724866099
moved jwt components, utilities, and various interfaces to -common from -server
13 years ago
59ecb03548
added getter/setter for userinforepository, closes #40
13 years ago
6eb8284695
version needed to be modified to 0.1-SNAPSHOT in order to deploy snapshot to nexus
13 years ago
269a354f8c
Added tables.sql, which is just a concatenation of all the other sql files. Added redirect_uris.sql, which is a NEW table needed to support clients registering multiple redirect uris.
...
This updates us to the HEAD revision of SECOAUTH, where the redirect uri field on ClientDetails has been updated to be a Set<String> instead of a single string. I updated the UI code so that it will still work, but it will need to be updated to allow users to register multiple uris.
This also closes issue #2 from the issue tracker.
13 years ago
1a1ae4c5b5
Removed Replacer plugin
13 years ago
8b10b83516
Added setNonce to JwtClaims.
13 years ago
b4836a0302
mods to auth filter including config comments, http socket time out...
13 years ago
c51bb72fe5
merged keystore changes
13 years ago
3f2631367f
added comments on configuration of client
13 years ago
664dd1df46
JWT claims can now have nulls in them without barfing
13 years ago
c59d3fe963
it spits out JWTs! and id tokens! JWT still needs to handle nulls
13 years ago
ebe72412fe
Authorization Grant flow works up to serializing the returned Access Token. Justin is investigating serialization problems.
13 years ago
Amanda Anganes