ad9b49733f
externalized queries for scopes, blacklists, user info, pairwise identifiers, and whitelists, closes #771 even harder
2015-03-11 16:13:28 -04:00
15b97b1dcb
Externalized strings for named queries on auth holders, auth codes, clients, and tokens, closes #771
2015-03-11 15:51:51 -04:00
1735dbca11
extracted controller URLs to constants, closes #769
2015-03-11 13:20:59 -04:00
617d485478
updated all references to media types to use constants instead of literals, closes #767
2015-03-11 12:06:38 -04:00
ee522100b9
Merge branch 'master' into uma-introspection
...
* master:
fixed logger variable name
made logger declarations consistent across project, closes #780
Fixed logger
null safe
removed DateUtil
added icons to scope editing panel
2015-03-10 15:03:26 -04:00
65d7b00f4d
added uma-processing of scopes to introspection results
2015-03-10 12:38:37 -04:00
627bcaee43
added client_id to resource sets
2015-03-10 12:38:13 -04:00
e5e4c15058
removed introspection authorizer hook
2015-03-10 11:12:37 -04:00
c09b63c69f
made logger declarations consistent across project, closes #780
2015-03-08 21:56:33 -04:00
e59e988809
made permission service enforce scoping
2015-03-06 15:50:14 -05:00
5ff9cd1bbb
implemented permission registration API
2015-02-28 17:59:37 -05:00
eed8fb0b28
created skeleton of permission registration API
2015-02-28 08:33:09 -05:00
c41488b103
moved an uma package to common, extracted OAuth scope enforcement utility
2015-02-28 08:32:47 -05:00
5be7d64c7d
moved all uma files to their own package
2015-02-28 07:24:53 -05:00
0d96b6a28a
changed name of scope to match uma spec
2015-02-27 20:46:48 -05:00
7a1480bb07
moved and consolidated json utilities
2015-02-26 16:20:01 -05:00
4d88e04e59
added resource set registration scope to built in set
2015-02-24 17:45:34 -05:00
4878e88d4f
added list all by owner
2015-02-24 17:41:05 -05:00
8d22ad03e2
implemented remove verb
2015-02-24 17:15:18 -05:00
89114dcf74
implemented update
2015-02-24 16:05:18 -05:00
0b480bac10
implemented get
2015-02-24 15:09:52 -05:00
3076da1ed8
functioning resource set repository layer
2015-02-24 12:10:54 -05:00
efeead52b6
fixed typos in data layer, added blank service layer to resource set
2015-02-24 12:00:58 -05:00
99bf19e21b
removed policy uri from data model
2015-02-23 13:51:52 -05:00
e7bf75e9a4
moved and consolidated json utilities
2015-02-23 13:43:08 -05:00
90a7304b4e
resource set registration endpoint and service shells
2015-02-23 11:43:05 -05:00
8992841ffa
added missing copyright
2015-02-23 11:33:20 -05:00
071ea579a3
added resource set class
2015-02-23 11:28:21 -05:00
593fac83cf
scopes can now be set as "restricted" instead of needing to be set "allowDynReg", closes #747
2015-02-17 18:25:52 -05:00
b376bc6059
removed some vestigial service/repository calls, closes #513
2015-02-17 16:22:40 -05:00
cef6cf17b6
externalized a number of strings, closes #385
2015-02-17 14:39:15 -05:00
994ce6c743
consistently named JOSE-based classes, closes #529
2015-02-17 12:11:58 -05:00
685960358c
formatting cleanup
2015-02-17 11:08:46 -05:00
e2349984b8
happy new year 2015!
2015-02-17 10:24:08 -05:00
cc02f8fbe8
pluralized post-logout redirect URI on client, closes #654
2015-02-16 16:43:34 -05:00
bedc101637
import cleanup
2015-02-16 15:02:34 -05:00
ef3a696972
removed getBySubject and getAll from user info repository and service layers, closes #760
2015-02-16 11:08:07 -05:00
d25602fbe7
created a locale resolved tied in with the existing server configuration bean, removed locale interceptor (it doesn't work with fixed resolvers), cleaned up comments and files
2015-02-16 10:12:27 -05:00
6c88d7c54b
removed old owner_id field, closes #636
2015-01-17 08:18:36 -05:00
e8015051d2
add @Transient to function getAuthorizedGrantTypes() so it does not persist
2015-01-14 07:09:34 -05:00
c6c09b9c6c
made default user info parser more robust against null values
2015-01-07 18:23:20 -05:00
bbeaeb06e3
added option to send skip sending nonce if desired, closes #704 , closes #683 ,
2014-12-18 23:22:59 -05:00
0e776762c2
set up data API for 1.2 format (currently the same as 1.1 format)
2014-11-15 19:59:47 -10:00
c600787f1c
added key id to id token, closes #725
2014-11-12 16:22:10 -10:00
d87bdb2120
added ROLE_CLIENT to assertion client authentication, cleaned up roles on client secret authentication, closes #728 , closes #401
2014-11-12 16:03:06 -10:00
b50facd4c2
explicitly added Jackson2 to support secoauth serialization, added string converter to work with our API
2014-11-11 00:17:03 -10:00
e6d10b67a4
update to Spring 4 and other related libraries
2014-11-10 18:29:54 -10:00
f0e2fc6700
make user info classes serializable, closes #714
2014-10-23 23:30:34 -04:00
a59fe0604e
generate random fake password for private key clients and shared secret crypto clients to avoid accidentally using client secret authentication and bypassing authentication, closes #715
2014-10-23 21:53:32 -04:00
9dfac35912
Introduce introspection result assembler to allow for customized introspection results
2014-10-14 21:06:09 -04:00
134909a82f
import cleanup
2014-10-07 19:40:38 -04:00
1e71749c23
added more generic rotation capability
2014-10-07 19:40:38 -04:00
8495617aed
Added support for whitelisted and blacklisted site import from a 1.0 config
2014-10-06 22:59:27 -04:00
03f2d8f8a0
Added service interface for data import/export service and modified AuthenticationHolderEntity and Repository to allow getting all objects
2014-10-06 22:58:26 -04:00
ec8f708472
swapped exception class for existing BeanCreationException, added example flag in config file (commented out)
...
closes #528
closes #689
2014-10-04 14:59:36 -04:00
3e3613f471
Corrected bean setup for checkForHttps case tests.
2014-10-04 11:21:01 -04:00
acc4cf16bd
Separated checkForHttps cases into separate test methods.
2014-10-04 11:21:01 -04:00
cf2837f678
Initialized forceHttps to false.
2014-10-04 11:21:00 -04:00
0461e51ddc
Changed parent class from Exception to RuntimeException; added copyright
...
language.
2014-10-04 11:21:00 -04:00
e1015e1194
Create flag to force HTTPS of value of issuer on server startup, addresses #528
2014-10-04 11:21:00 -04:00
c683131f12
externalized view name strings and tied them to view beans
2014-09-28 22:25:39 -04:00
a704277652
Removed exceptions from @PostConstruct methods, closes #663
2014-09-28 21:12:46 -04:00
81634e6165
added API for getting tokens by clientid
2014-09-22 22:55:13 -04:00
1a79949d51
made user info less transient
2014-09-14 22:03:19 -04:00
b0cce924a2
JsonFileRegisteredClientService now writes out entire client registration to disk, closes #651
2014-08-01 00:01:56 -04:00
78f3e68e8b
update unit test for Windows environment, closes #647
2014-07-31 23:22:06 -04:00
62a43165f0
added json member type checking for json utils, won't die if a string is found where an array was expected
...
closes #637
2014-07-20 09:42:57 -07:00
325a200f16
added configurable support for different token presentation methods in user info fetcher, closes #632
2014-07-20 09:27:02 -07:00
1db4227ce5
reformat / reorder
2014-07-20 09:02:42 -07:00
f997049eff
key service can now deal with missing 'kid' fields in JWKs
...
closes #639
2014-07-20 08:40:04 -07:00
5c2cb75407
Better test coverage for JWS/EAlgorithmEmbed, JWEEncryptionMethodEmbed
2014-07-16 21:39:13 -04:00
3412c1877e
removed unnecessary unit test
2014-07-02 15:05:37 -04:00
e1b4df74f0
Added tests for DefaultJwtEncryptionAndDecryptionService
2014-07-02 14:57:56 -04:00
5223d88e0a
updated unit test to fit new nimbus version
2014-07-02 11:41:38 -04:00
7bf8e2ad08
change the OctetSequenceKey constructor in SymmetricCacheService
2014-07-02 11:37:42 -04:00
306c8cff17
update nimbus-jose-jwt dependency to 2.26 and fix the affected files
2014-07-02 11:37:42 -04:00
48431fd5c7
Unit test for JWKSetKeyStore class
2014-06-30 13:21:07 -04:00
acf039a1f7
wrapped auth method check, added SECRET_JWT, closes #621
2014-06-18 18:24:05 -04:00
a465559ac5
Revert incorrect key-encoding change in SymmetricCacheService
2014-06-18 18:10:33 -04:00
1dc204f975
Validate HMAC-signed ID tokens
2014-06-18 18:10:33 -04:00
276d846f4c
Configuration Property Bean to load the OP wide registration token life
...
time
2014-06-12 19:12:32 -04:00
71fa796b42
Allow public clients to use token endpoint, closes #611 , closes #613
2014-06-09 15:55:06 -04:00
257312d5da
made user info interceptor more null safe for client side
2014-05-29 22:15:30 -04:00
943fae25a1
make user info interceptor more compatible with standalone OIDC client software (with no user info service)
2014-05-29 12:13:38 -04:00
0c8cacd59a
added missing copyright headers
2014-05-27 13:46:47 -04:00
525f3aa2a8
Cleaned up indentation, whitespace, and imports.
2014-05-27 13:02:49 -04:00
c34357a433
added resource registration endpoint with basic functionality and specialized tokens
2014-05-26 16:30:24 -04:00
05e9624ae3
added support for encrypted and symmetrically signed id tokens and user info responses
2014-05-23 21:15:50 -04:00
e4d5f4a540
added system wide cache for all symmetric validators, closes # 557
2014-05-23 16:16:06 -04:00
ca333d256b
Appropriately catch runtime exceptions in all guava caches, closes #603
2014-05-23 15:00:40 -04:00
7cd36b471f
Make introspection endpoint access authorization pluggable.
2014-05-07 16:44:56 +02:00
521017c5c2
updated stats service to have a resettable cache triggered by other service events
2014-04-16 21:39:37 -04:00
26c464e440
fixed bad JPQL in auth holder cleanup class
2014-04-16 21:17:56 -04:00
39509bfdc4
Performance improvement of token cleanup:
...
an alternative token cleanup mechanism designed to maintain a very compact memory footprint while performing cleanup in consecutive runs of the cleanup thread. This serves to address OutOfMemoryException issues of the original token cleanup mechanism when process is under load. Also, added cleanup of the authentication_holder table.
2014-04-10 23:38:37 -04:00
b67121f0cd
added client_secret_jwt auth method support, closes #174
2014-03-04 23:45:36 +00:00
1289d4737a
Changed references of DefaultHttpClient to SystemDefaultHttpClient to inherit system proxy settings, should address #548
2014-02-04 10:51:14 -05:00
3b52ce8201
happy new year!
2014-01-20 12:38:42 -05:00
ebbc7209aa
automated code formatting and cleanup
2013-12-03 14:19:34 -05:00
d330bd1c9b
cleanup, added revocation uri to server config
2013-11-27 12:23:04 -05:00
a24eadeb11
cleaned up responseType calls, addresses #451
2013-11-27 11:03:15 -05:00
d3dbb00e77
ensure clients and tokens don't get special system scopes, addresses #320
2013-11-27 10:35:56 -05:00
ef01de168d
Moved special token scopes to scope service interface
2013-11-27 10:21:52 -05:00
4f986d6a38
clean up some auto generated functions
2013-11-27 09:57:56 -05:00
27f391ef01
Fixed compilation errors for SECOAUTH milestone updates
2013-11-25 09:31:50 -05:00
190caee9a1
refactored userinfo serializer
2013-11-18 09:49:23 -05:00
7a4366c083
collapsed two serialization functions into one
2013-09-26 16:15:30 -04:00
d919e2e330
change from lists to sets
2013-09-26 16:15:11 -04:00
65a7e1d724
Added UserInfo.toJson method; added ScopeClaimTranslationService; rewrote UserInfoSerializer to use both
2013-09-26 12:03:39 -04:00
952acccbf3
Removed address fields
2013-09-26 12:03:39 -04:00
78fa5f9b1d
Started to write ScopeClaimTranslationService
2013-09-26 12:03:39 -04:00
cb449c25b1
Made a UserInfoSerializer class, attempted to switch UserInfoInterceptor over to use it, but it requires a bad hack. I might be missing something.
2013-09-26 12:03:39 -04:00
59da1960eb
added token_endpoint_auth_signing_alg, addresses #511
...
affects #455
2013-09-26 11:11:09 -04:00
38f20afe04
added necessary dependencies to common
2013-09-24 13:50:36 -04:00
47d304851d
Created token service for OIDC special tokens; removed creation of id tokens and registration_access_tokens to the new service.
2013-09-17 16:56:46 -04:00
26a7d0b8a8
Fixed typo
2013-09-17 11:03:09 -04:00
c98f77c405
Remove @PostConstruct from JWKSetKeyStore
2013-09-17 10:54:19 -04:00
b75d77495a
if there's only one key, return it as the default
2013-09-16 17:27:05 -04:00
fb2f2f9792
spelling, property access, and cleanup
2013-09-16 17:27:04 -04:00
1d0560edbc
refactored some json utils to their own static class
2013-09-16 17:27:04 -04:00
aeab1ac3cb
added encryption method list to encryption/decryption service
2013-09-16 17:27:04 -04:00
6605877a1b
added encryption/decryption to cached JWK-URI service
2013-09-16 17:27:04 -04:00
2b0d02dc72
added additional discoverable fields to ServerConfig object
2013-09-16 17:27:04 -04:00
85d9e07a94
Removed @PostConstruct; placed buildSignersAndVerifiers() calls inside both constructors.
2013-09-13 14:44:38 -04:00
c22cd62977
Added null check;
2013-09-13 14:44:38 -04:00
aecf4958ed
Testing removing extra method calls
2013-09-13 14:44:38 -04:00
e67a41c556
added transient passthroughs to JOSE algorithms for client
2013-09-12 14:08:37 -04:00
f9ca15139d
added phone-number verified, addresses #505
...
affects #455
2013-09-12 10:19:14 -04:00
0281cf02fe
calculate pairwise based on redirect uri rather than client id
2013-09-11 14:37:17 -04:00
b1a6127d06
added equality checks to data model objects
2013-09-11 11:59:40 -04:00
dbdc2e777d
added pairwise identifier service and repository
2013-09-10 17:15:58 -04:00
914f2e4d93
added new call to get the UserInfo in context with the requesting client to allow for pairwise identifiers.
...
temporary implementation of pairwise identifiers in place
2013-09-10 16:01:17 -04:00
596b385d2a
interceptor shouldn't ever overwrite stuff from the base model
2013-09-10 15:27:04 -04:00
b9da10d176
look up by username instead of subject
2013-09-10 11:39:00 -04:00
61544ed774
cleanup
2013-09-06 16:07:24 -04:00
72f0ab631d
added transient structured value to system scope, added scope matcher function to scope service
2013-09-06 16:07:24 -04:00
1ef18a3a93
missed a service definition
2013-09-06 16:07:24 -04:00
b416888b07
Structured Scopes from BB+
2013-09-06 16:07:24 -04:00
0a962e17fa
stopgap to prevent some leaks due to #492
2013-08-30 16:38:11 -04:00
235029ba0e
inject user's authorities into javascript context
2013-08-29 16:58:36 -04:00
be6179d1ac
inject the current user into the javascript context
2013-08-29 16:44:01 -04:00
6276ec8e66
Revert "PlainSigner and PlainVerifier created for alg:none JWS support."
...
This reverts commit 30d7aaa66a
2013-08-26 15:33:14 -04:00
2108311d65
Revert "refactored code to use the more generic JWT declaration."
...
This reverts commit e0b56bc72a
2013-08-26 15:33:08 -04:00
1514b2d2e0
Revert "placeholder"
...
This reverts commit d763a954da
2013-08-26 15:33:00 -04:00
dd35dc60df
Revert "implemented alg:none at the signing service."
...
This reverts commit 02078ebccb
2013-08-26 15:32:55 -04:00
78559b625a
Revert "removed the plain verifer. validating a no-signature is simply handled as a special case in validateSignature(). Also, doing some type safety checks."
...
This reverts commit c957d59f7c
2013-08-26 15:32:50 -04:00
15ec027505
Revert "junit test added for signing service."
...
This reverts commit 9f89f84da1
2013-08-26 15:32:43 -04:00
9f89f84da1
junit test added for signing service.
2013-08-26 14:57:26 -04:00
c957d59f7c
removed the plain verifer. validating a no-signature is simply handled as a special case in validateSignature(). Also, doing some type safety checks.
2013-08-26 14:55:52 -04:00
02078ebccb
implemented alg:none at the signing service.
2013-08-26 14:21:09 -04:00
d763a954da
placeholder
2013-08-26 11:48:23 -04:00
e0b56bc72a
refactored code to use the more generic JWT declaration.
2013-08-26 11:32:46 -04:00
30d7aaa66a
PlainSigner and PlainVerifier created for alg:none JWS support.
2013-08-23 14:07:19 -04:00
da915d8b35
explicitly try to initialize the JWK set if it's null by the time the getter is called
2013-08-22 14:08:54 -04:00
0059c7b4cc
Use clients preferred algorithm, if any, to sign
2013-08-19 16:33:18 -04:00
a80c19384f
added 'use server default' to JOSE options, addresses #462
2013-08-19 15:52:00 -04:00
ba0c3c5d78
id tokens always expire, addresses #416
2013-08-19 12:42:37 -04:00
21068f57e6
cached jwk services expire after an hour
2013-08-16 12:06:49 -04:00
6e2baa3ec4
updated comments for jwe service.
2013-08-08 09:13:54 -04:00
e1b072c991
Updated nimbusds library version to 2.17.2 and made relevant changes in enc./dec. service and test
2013-08-07 18:07:58 -04:00
372675fd2a
changed encrypt/decrypt parameter to use JWEObject instead of EncryptedJWT
2013-08-07 18:07:58 -04:00
f0b77f8614
RSA encryption service tested.
2013-08-07 18:07:58 -04:00
3a1c551ff7
implemented symmetric key encryption.
2013-08-07 18:07:58 -04:00
dfbefe0780
encrypt/decrypt implemented. initial commit for unit testing of jwe service.
2013-08-07 18:07:58 -04:00
ae6721dd10
jwe service accessor methods and private initializing method done.
2013-08-07 18:07:58 -04:00
887338b2d9
jwe service init commit.
2013-08-07 18:07:57 -04:00
be97aedbc7
Used Predicates to filter expired tokens and approved sites;
2013-08-06 16:42:49 -04:00
b3bb43881d
Moved getExpired to service layers
2013-08-06 16:33:27 -04:00
eea37cf79c
Fixed token expiration bug by removing jsql queries. Instead expired tokens or approved sites are filtered at the repository level
2013-08-06 11:28:13 -04:00
2f711c88a7
Removed nonce service
2013-08-02 10:56:28 -04:00
d4fbb4f599
Removed Event class
2013-08-02 10:06:41 -04:00
beaeaa4ccc
I can spell "consortium", I promise
2013-07-29 17:40:26 -04:00
856c0ea0b5
Merge commit '023dd440d4a0e6e59a14c88013837d79a77c74e0' into 1.1-merge
...
Conflicts:
openid-connect-client/pom.xml
openid-connect-client/src/main/java/org/mitre/oauth2/introspectingfilter/AuthorizationRequestImpl.java
openid-connect-client/src/main/java/org/mitre/oauth2/introspectingfilter/IntrospectingTokenService.java
openid-connect-client/src/main/java/org/mitre/oauth2/introspectingfilter/IntrospectionAuthorityGranter.java
openid-connect-client/src/main/java/org/mitre/oauth2/introspectingfilter/IntrospectionUrlProvider.java
openid-connect-client/src/main/java/org/mitre/openid/connect/client/OIDCAuthenticationFilter.java
openid-connect-client/src/main/java/org/mitre/openid/connect/client/OIDCAuthenticationProvider.java
openid-connect-client/src/main/java/org/mitre/openid/connect/client/keypublisher/ClientKeyPublisher.java
openid-connect-client/src/main/java/org/mitre/openid/connect/client/keypublisher/ClientKeyPublisherMapping.java
openid-connect-client/src/main/java/org/mitre/openid/connect/client/keypublisher/JwkViewResolver.java
openid-connect-client/src/main/java/org/mitre/openid/connect/client/service/AuthRequestUrlBuilder.java
openid-connect-client/src/main/java/org/mitre/openid/connect/client/service/ClientConfigurationService.java
openid-connect-client/src/main/java/org/mitre/openid/connect/client/service/impl/StaticClientConfigurationService.java
openid-connect-client/src/main/java/org/mitre/openid/connect/client/service/impl/StaticServerConfigurationService.java
openid-connect-client/src/main/java/org/mitre/openid/connect/client/service/impl/StaticSingleIssuerService.java
openid-connect-client/src/main/java/org/mitre/openid/connect/client/service/impl/ThirdPartyIssuerService.java
openid-connect-client/src/test/java/org/mitre/openid/connect/client/AbstractOIDCAuthenticationFilterTest.java
openid-connect-common/pom.xml
openid-connect-common/src/main/java/org/mitre/jose/keystore/JWKSetKeyStore.java
openid-connect-common/src/main/java/org/mitre/jwt/signer/service/JwtSigningAndValidationService.java
openid-connect-common/src/main/java/org/mitre/jwt/signer/service/impl/DefaultJwtSigningAndValidationService.java
openid-connect-common/src/main/java/org/mitre/jwt/signer/service/impl/JWKSetSigningAndValidationServiceCacheService.java
openid-connect-common/src/main/java/org/mitre/oauth2/model/AuthorizationCodeEntity.java
openid-connect-common/src/main/java/org/mitre/oauth2/model/ClientDetailsEntity.java
openid-connect-common/src/main/java/org/mitre/oauth2/model/OAuth2AccessTokenEntity.java
openid-connect-common/src/main/java/org/mitre/oauth2/model/OAuth2RefreshTokenEntity.java
openid-connect-common/src/main/java/org/mitre/oauth2/model/SystemScope.java
openid-connect-common/src/main/java/org/mitre/oauth2/repository/AuthorizationCodeRepository.java
openid-connect-common/src/main/java/org/mitre/oauth2/repository/OAuth2TokenRepository.java
openid-connect-common/src/main/java/org/mitre/oauth2/service/OAuth2TokenEntityService.java
openid-connect-common/src/main/java/org/mitre/openid/connect/config/ConfigurationPropertiesBean.java
openid-connect-common/src/main/java/org/mitre/openid/connect/config/ServerConfiguration.java
openid-connect-common/src/main/java/org/mitre/openid/connect/model/ApprovedSite.java
openid-connect-common/src/main/java/org/mitre/openid/connect/model/BlacklistedSite.java
openid-connect-common/src/main/java/org/mitre/openid/connect/model/Event.java
openid-connect-common/src/main/java/org/mitre/openid/connect/model/OIDCAuthenticationToken.java
openid-connect-common/src/main/java/org/mitre/openid/connect/model/WhitelistedSite.java
openid-connect-common/src/main/java/org/mitre/util/jpa/JpaUtil.java
openid-connect-server/.gitignore
openid-connect-server/pom.xml
openid-connect-server/src/main/java/org/mitre/oauth2/repository/impl/JpaAuthorizationCodeRepository.java
openid-connect-server/src/main/java/org/mitre/oauth2/service/impl/DefaultOAuth2AuthorizationCodeService.java
openid-connect-server/src/main/java/org/mitre/oauth2/service/impl/DefaultOAuth2ClientDetailsEntityService.java
openid-connect-server/src/main/java/org/mitre/oauth2/service/impl/DefaultOAuth2ProviderTokenService.java
openid-connect-server/src/main/java/org/mitre/oauth2/service/impl/DefaultSystemScopeService.java
openid-connect-server/src/main/java/org/mitre/oauth2/token/ChainedTokenGranter.java
openid-connect-server/src/main/java/org/mitre/oauth2/token/JwtAssertionTokenGranter.java
openid-connect-server/src/main/java/org/mitre/oauth2/view/TokenIntrospectionView.java
openid-connect-server/src/main/java/org/mitre/oauth2/web/IntrospectionEndpoint.java
openid-connect-server/src/main/java/org/mitre/oauth2/web/OAuthConfirmationController.java
openid-connect-server/src/main/java/org/mitre/oauth2/web/RevocationEndpoint.java
openid-connect-server/src/main/java/org/mitre/openid/connect/ConnectOAuth2RequestFactory.java
openid-connect-server/src/main/java/org/mitre/openid/connect/assertion/JwtBearerAuthenticationProvider.java
openid-connect-server/src/main/java/org/mitre/openid/connect/assertion/JwtBearerClientAssertionTokenEndpointFilter.java
openid-connect-server/src/main/java/org/mitre/openid/connect/exception/InvalidJwtSignatureException.java
openid-connect-server/src/main/java/org/mitre/openid/connect/exception/UnknownUserInfoSchemaException.java
openid-connect-server/src/main/java/org/mitre/openid/connect/exception/UserNotFoundException.java
openid-connect-server/src/main/java/org/mitre/openid/connect/repository/impl/JpaApprovedSiteRepository.java
openid-connect-server/src/main/java/org/mitre/openid/connect/repository/impl/JpaUserInfoRepository.java
openid-connect-server/src/main/java/org/mitre/openid/connect/service/impl/DefaultApprovedSiteService.java
openid-connect-server/src/main/java/org/mitre/openid/connect/service/impl/DefaultNonceService.java
openid-connect-server/src/main/java/org/mitre/openid/connect/service/impl/DefaultStatsService.java
openid-connect-server/src/main/java/org/mitre/openid/connect/service/impl/DefaultUserInfoUserDetailsService.java
openid-connect-server/src/main/java/org/mitre/openid/connect/service/impl/DefaultWhitelistedSiteService.java
openid-connect-server/src/main/java/org/mitre/openid/connect/token/ConnectTokenEnhancer.java
openid-connect-server/src/main/java/org/mitre/openid/connect/token/TofuUserApprovalHandler.java
openid-connect-server/src/main/java/org/mitre/openid/connect/view/AbstractClientEntityView.java
openid-connect-server/src/main/java/org/mitre/openid/connect/view/ClientInformationResponseView.java
openid-connect-server/src/main/java/org/mitre/openid/connect/view/ExceptionAsJSONView.java
openid-connect-server/src/main/java/org/mitre/openid/connect/view/JsonEntityView.java
openid-connect-server/src/main/java/org/mitre/openid/connect/view/JsonErrorView.java
openid-connect-server/src/main/java/org/mitre/openid/connect/view/POCOUserInfoView.java
openid-connect-server/src/main/java/org/mitre/openid/connect/view/StatsSummary.java
openid-connect-server/src/main/java/org/mitre/openid/connect/view/UserInfoView.java
openid-connect-server/src/main/java/org/mitre/openid/connect/web/ApprovedSiteAPI.java
openid-connect-server/src/main/java/org/mitre/openid/connect/web/BlacklistAPI.java
openid-connect-server/src/main/java/org/mitre/openid/connect/web/ClientAPI.java
openid-connect-server/src/main/java/org/mitre/openid/connect/web/ClientDynamicRegistrationEndpoint.java
openid-connect-server/src/main/java/org/mitre/openid/connect/web/ManagerController.java
openid-connect-server/src/main/java/org/mitre/openid/connect/web/RequestObjectAuthorizationEndpoint.java
openid-connect-server/src/main/java/org/mitre/openid/connect/web/StatsAPI.java
openid-connect-server/src/main/java/org/mitre/openid/connect/web/UserInfoEndpoint.java
openid-connect-server/src/main/java/org/mitre/openid/connect/web/UserInfoInterceptor.java
openid-connect-server/src/main/java/org/mitre/openid/connect/web/WhitelistAPI.java
openid-connect-server/src/main/webapp/WEB-INF/tags/aboutContent.tag
openid-connect-server/src/main/webapp/WEB-INF/tags/breadcrumbs.tag
openid-connect-server/src/main/webapp/WEB-INF/tags/contactContent.tag
openid-connect-server/src/main/webapp/WEB-INF/tags/copyright.tag
openid-connect-server/src/main/webapp/WEB-INF/tags/header.tag
openid-connect-server/src/main/webapp/WEB-INF/tags/landingPageAbout.tag
openid-connect-server/src/main/webapp/WEB-INF/tags/landingPageContact.tag
openid-connect-server/src/main/webapp/WEB-INF/tags/landingPageStats.tag
openid-connect-server/src/main/webapp/WEB-INF/tags/landingPageWelcome.tag
openid-connect-server/src/main/webapp/WEB-INF/tags/sidebar.tag
openid-connect-server/src/main/webapp/WEB-INF/tags/statsContent.tag
openid-connect-server/src/main/webapp/WEB-INF/tags/topbar.tag
openid-connect-server/src/main/webapp/WEB-INF/views/about.jsp
openid-connect-server/src/main/webapp/WEB-INF/views/approve.jsp
openid-connect-server/src/main/webapp/WEB-INF/views/contact.jsp
openid-connect-server/src/main/webapp/WEB-INF/views/exception/usernotfound.jsp
openid-connect-server/src/main/webapp/WEB-INF/views/login.jsp
openid-connect-server/src/main/webapp/WEB-INF/views/manage.jsp
openid-connect-server/src/main/webapp/WEB-INF/views/stats.jsp
pom.xml
2013-07-29 16:21:20 -04:00
e658ffd7fc
format/cleanup and copyright
2013-07-29 11:28:51 -04:00
906db0ac86
Opened token api access to all users; restricted to only show currently-logged-in-users tokens
2013-07-29 09:18:08 -04:00
fb448a246a
converted test data to map, use new serializer
2013-07-26 12:55:22 -04:00
8edd6da136
added serializer for non-heirarchical URIs
2013-07-26 12:55:03 -04:00
5893d8f8f8
fixed up parsing regular expression
2013-07-26 12:54:09 -04:00
f565688e59
changed name issuer->normalized. the result of normalization is not necessarily the issuer.
2013-07-25 18:12:02 -04:00
d80aaced9a
reorganized test data and test methods.
2013-07-25 17:56:33 -04:00
809a243b64
tests for webfinger url normalization.
2013-07-25 15:00:10 -04:00
eaa7298ef1
init commit for Webfinger normilizer utility class.
2013-07-25 12:15:50 -04:00
b397f0ae15
First go at adding token API; needs to be tested
2013-07-24 09:14:46 -04:00
88db457fc4
Removed .springBeans from tracking; removed initializingbean in favor of @PostConstruct
2013-07-18 09:34:52 -04:00
a4a18fd54c
externalized introspection URL from client's introspecting token service, addresses #435
...
added service to parses token as JWT and pulls out issuer to find server
added introspection url to serverconfig object
added introspection parsing (and parse checks) to dynamic server config object
2013-07-16 17:00:40 -04:00
aad432c5d7
replaced stracktrace-printing with logger messages. removed some unused imports.
2013-07-16 13:52:32 -04:00
15aea61fbe
Applied code cleanup
2013-07-12 16:58:41 -04:00
e00d696c60
deleted auto-generated TODO.
2013-07-12 11:40:11 -04:00
e9c246808f
only our entity version may be stored in our storage layer. removed TODO.
2013-07-12 11:40:11 -04:00
77be0d0ea8
implemented getExpiresIn() for oauth access token entities.
2013-07-11 15:22:35 -04:00
2d3f43e3b8
Added task scheduling for deleting expired tokens and approved sites. Configuration is all done in application-context.xml so that it is easy to configure
2013-07-10 14:34:37 -04:00
a668fb964d
changed String comparison implementation for better readability
2013-06-28 15:31:50 -04:00
ab4d1da9d4
added logger warning if issuer url does not use http scheme.
2013-06-28 15:31:50 -04:00
b438e87f98
passed wire testing and updated unit tests.
2013-06-24 15:09:12 -04:00
e74444e3d1
addresses issue #366
2013-06-24 15:09:12 -04:00
530c3a75ee
Applyed refactoring
2013-06-24 09:44:59 -04:00
d6109fd1ae
explicitly mapped missing JPA columns in common->openid.connect.model #317
2013-06-18 15:19:17 -04:00
46641a2fa1
explicitly mapped missing JPA columns in common-oauth2.model #317
2013-06-18 15:19:17 -04:00
c577b691c7
moved OIDC auth token and userinfo interception filter to common package, addresses #353
2013-06-12 14:45:03 -04:00
6ed7477bc0
added stats to admin UI page, restyled scopes and dynamically registered flags
2013-06-07 18:05:07 -04:00
de77f2c75a
commentary!
2013-05-31 15:48:56 -04:00
Justin Richer