github
/
OpenID-Connect-Java-Spring-Server
mirror of https://github.com/mitreid-connect/OpenID-Connect-Java-Spring-Server
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
2,421 Commits
17 Branches
69 Tags
78 MiB
Commit Graph

356 Commits (f1c4b79d4d07922fab99c458e7d7ffc6d96d7293)

Author SHA1 Message Date
jevanlingen f1c4b79d4d Log response body if one exists 
If the OpenID Connect server returns an invalid client error, you can't find that in the logging (because the real error is only visible in the response body).

Logged:
`HTTP Status 401 - Authentication Failed: Unable to obtain Access Token: 401 Unauthorized`

Non logged:
`{"error_description":"Client authentication failed: Invalid authentication","error":"invalid_client"}`
 2016-03-29 10:44:28 +02:00
Justin Richer d0d6ae2ad8 [maven-release-plugin] prepare for next development iteration 2016-02-23 19:02:05 -05:00
Justin Richer 7f5b70e9e1 [maven-release-plugin] prepare release mitreid-connect-1.2.5 2016-02-23 19:02:02 -05:00
Justin Richer 82a1e49e79 [maven-release-plugin] prepare for next development iteration 2016-01-21 15:55:56 -05:00
Justin Richer e6684fb7a8 [maven-release-plugin] prepare release mitreid-connect-1.2.4 2016-01-21 15:55:53 -05:00
Justin Richer 7badfe1d17 Happy new year 2016! 2016-01-21 15:50:37 -05:00
Justin Richer e828f3f18d [maven-release-plugin] prepare for next development iteration 2015-12-21 10:31:49 -05:00
Justin Richer 01ca5ef8e2 [maven-release-plugin] prepare release mitreid-connect-1.2.3 2015-12-21 10:31:47 -05:00
Justin Richer 8294dbedd5 handled HTTP and parsing errors, fixed guava cache contract, fixes #372 2015-12-18 17:42:15 -05:00
Justin Richer b3486c31a0 added cache to user info fetcher, closes #833 2015-12-18 16:30:03 -05:00
Justin Richer 7f464c496b changed copyright to new consortium name 2015-12-16 14:51:12 -05:00
Mark Janssen 4f9ea0b474 Improve state handling in handleAuthorizationCodeResponse 
Fail fast when there is no state in session, e.g. because the session
cookie was removed.

Resolves #949
 2015-11-23 21:34:35 -05:00
Mark Janssen a3d01727f9 Make FILTER_PROCESSES_URL public 
Currently hardcoded in the filter and the client's Spring Security config; would be nicer to reference the value instead.

c5e70ebd5c/src/main/webapp/WEB-INF/spring/appServlet/servlet-context.xml (L54)
 2015-11-23 21:03:08 -05:00
Justin Richer 2deec98b58 [maven-release-plugin] prepare for next development iteration 2015-10-13 18:56:47 -04:00
Justin Richer d96b2dc130 [maven-release-plugin] prepare release mitreid-connect-1.2.2 2015-10-13 18:56:44 -04:00
Justin Richer 6129cfa61a added scope-based authorities granter for introspections services, closes #835 2015-10-13 18:51:21 -04:00
Justin Richer ebb4f2c3d4 Upgraded to nimbus 4.2, closes #934 2015-10-13 04:40:01 -04:00
Justin Richer 98e1d26134 limited when login_hint is sent to the server, closes #963 2015-10-12 17:56:31 -04:00
Justin Richer 8b362f23f3 [maven-release-plugin] prepare for next development iteration 2015-10-02 18:53:48 -04:00
Justin Richer e384a6257b [maven-release-plugin] prepare release mitreid-connect-1.2.1 2015-10-02 18:53:45 -04:00
Justin Richer acb3d03052 added 'kid' to all signed tokens, closes #899 2015-10-01 18:54:38 -04:00
Justin Richer 48bc26901a added JTI to client auth 2015-10-01 18:54:15 -04:00
Bernd Frey 9fe98e0132 OIDCAuthenticationFilter: Make authenticationSignerService optional so 
it must not be provided in Spring config

OIDCAuthenticationProvider: Setter for UserInfoFetcher, so own
implementation can be wired

UserInfoFetcher: Call to DefaultUserInfo.fromJson moved to method, so it
can be overwritten by own implementation to use own UserInfo
implementation
 2015-08-21 17:33:23 -04:00
Justin Richer 22c05ec51b [maven-release-plugin] prepare for next development iteration 2015-08-05 12:07:47 -04:00
Justin Richer e6b64cd9cd [maven-release-plugin] prepare release mitreid-connect-1.2.0 2015-08-05 12:07:44 -04:00
Justin Richer 489450b1c2 automated code format cleanup 2015-08-05 12:04:14 -04:00
Justin Richer 15c2b57730 [maven-release-plugin] prepare for next development iteration 2015-07-30 14:00:20 -04:00
Justin Richer 8317c759f1 [maven-release-plugin] prepare release mitreid-connect-1.2.0-RC2 2015-07-30 14:00:18 -04:00
Justin Richer a4e75ed733 [maven-release-plugin] prepare for next development iteration 2015-07-09 18:29:14 -04:00
Justin Richer 58a47d0e46 [maven-release-plugin] prepare release mitreid-connect-1.2.0-RC1 2015-07-09 18:29:12 -04:00
Justin Richer 3c297ba18f collapsed error clause 2015-07-08 14:35:45 -04:00
Justin Richer 42b93be492 added uri-encoded client service, closes #857 2015-07-07 17:55:56 -04:00
Justin Richer 667c766273 reverted over-reaching check on webfinger fetcher 2015-07-03 20:16:32 -04:00
Justin Richer d2a393f7f9 converted error handlers to a single @ControllerAdvice class, closes #788 2015-06-24 17:26:10 -04:00
Justin Richer 7df3597757 split client's auth token into pending and authorized classes 2015-06-24 16:00:40 -04:00
Justin Richer b4520c170e ID Token carried through as parsed JWT instead of string, closes #832 2015-06-24 16:00:40 -04:00
Justin Richer f4a1b27e2e better handling of HTTP and JSON errors on network fetches, added http-forcing behavior for webfinger client and sector URL service 2015-06-23 22:21:18 -04:00
Justin Richer 9ae92b983a added http and json error handling to webfinger service 2015-06-23 21:50:16 -04:00
Justin Richer c166cbe49c added login hint capability to client library 2015-06-23 21:21:41 -04:00
Stephen Moore a259841eaf Added getters and setters to IntrospectingTokenService 
Fixed TokenCacheObject constructor for setting TCO's expire time
 2015-06-09 13:37:07 -04:00
Stephen Moore 698fe55b85 IntrospectingTokenService now takes parameters (cacheTokens, cacheNonExpiringTokens, defaultExpireTime, forceCacheExpireTime) to change the behavior or even disable the caching of responses from the IntrospectionEndpoint. 2015-06-04 16:33:37 -04:00
Mark Janssen 9e74e40453 Use diamond syntax instead of explicit types 2015-06-03 10:24:48 -04:00
Mark Janssen 13f5e4f8a6 Collapse identical catch branches 2015-06-03 10:24:48 -04:00
Mark Janssen 6dc2b2cb5e Various small improvements/bugfixes 2015-06-03 10:24:41 -04:00
William Kim 54fbf0d0ac Added null check for expiration during introspection. Making assumption that null exp means tokens dont expire. 2015-06-03 09:57:22 -04:00
Justin Richer d1e8529a7b expose ID Token and UserInfo to the AuthoritiesProvider and AuthoritiesMapper, both extensible 
closes #699
closes #761
 2015-06-01 21:11:19 -04:00
Mark Janssen effe955953 Fix blacklist/whitelist for DynamicRegistrationClientConfigurationService 
ClientConfigurationService#getClientConfiguration has ServerConfiguration as parameter, not String
 2015-05-28 17:05:55 -04:00
Justin Richer caf85b990d Revert "added option to send skip sending nonce if desired, closes #704, closes #683," 
This reverts commit bbeaeb06e3.

Conflicts:
	openid-connect-client/src/main/java/org/mitre/openid/connect/client/OIDCAuthenticationFilter.java
	openid-connect-common/src/main/java/org/mitre/openid/connect/config/ServerConfiguration.java
 2015-05-28 16:44:26 -04:00
Justin Richer d32118d017 Revert "added unit tests for nonce-less url builders (exception cases)" 
This reverts commit ada1b0d24e.

Conflicts:
	openid-connect-client/src/test/java/org/mitre/openid/connect/client/service/impl/TestPlainAuthRequestUrlBuilder.java
 2015-05-28 16:41:24 -04:00
Justin Richer 0d6775dfa8 made auth request url builder handle multiple keys 2015-05-22 13:04:21 -04:00