f45a6ef56a
use the same encoding as on client side
...
see OIDCAuthenticationFilter line 336
2016-12-02 16:20:09 -05:00
476ec872ff
Fixed NPE in case if algorithm is not specified
2016-12-02 16:13:26 -05:00
bb6bb81dbc
Add new tests which asserts that `user_id` should not be present in the introspection response if there's no user authentication available
2016-12-02 16:08:32 -05:00
52da5e769a
Fix test by returning a new OAuth2Authentication instead of mocking it
2016-12-02 16:08:32 -05:00
d361f01999
Fix such that the OAuth2Authentication returned would have a `null` userAuthentication if `user_id` is not found during introspection
...
`sub` cannot be used to create the user authentication because it may not necessarily refer to the user. Instead if may refer to the client
if the access token happens to be client-only.
2016-12-02 16:08:32 -05:00
b2fab9642e
Fix such that `user_id` is only added if user authentication is available
...
OAuth2Authentication#getPrincipal() used by OAuth2Authentication#getName() defaults to the client id if user authentication is not available.
Prior to this fix, an introspection of a client-only access token would result to the user_id also being the client_id. This causes problems when this
introspection result is converted into an OAuth2Authentication by a resource server's IntrospectingTokenService -- the user_id is populated with
the client_id and so OAuth2Authentication's userAuthentication is populated falsely.
2016-12-02 16:08:32 -05:00
4ac3916db3
spaces to tabs
2016-12-02 15:50:22 -05:00
8333d035b4
move database files to match new layouts
2016-12-02 15:50:15 -05:00
fa122e7ad6
ojdbc driver uncommented in dep mgmnt
2016-12-02 15:37:41 -05:00
4b3284ffd2
ojdbc6 dependency moved to parent pom, added check constraints for boolean columns, fixed invalid column type
2016-12-02 15:37:41 -05:00
83a9fef14d
Oracle support added
2016-12-02 15:37:41 -05:00
dea6044e77
Set the encoding of the UserInfo response body to UTF-8
...
See http://openid.net/specs/openid-connect-core-1_0.html#UserInfoResponse
2016-12-02 14:44:55 -05:00
1b7612a26d
add db init script for mysql
...
add data-context example with mysql db initializer
2016-12-02 14:43:18 -05:00
cbe6b9e1df
add db init script for pgsql
...
add data-context example with pgsql db initializer
2016-12-02 14:43:18 -05:00
6f5ca3fd2f
Fixed missing "final" modifier in constant
2016-12-02 14:31:25 -05:00
337513a559
sync’d database tables from HSQL to MySQL and PGSQL
...
closes #1154
closes #1148
2016-12-02 14:28:56 -05:00
74d34ab744
null-safe target link filter
2016-10-10 15:32:53 -04:00
d0056ae882
added target link URI capability to webfinger issuer service
2016-10-10 15:32:32 -04:00
74f3e2d0c0
maven site generator working, closes #984 #941
2016-08-01 13:36:06 -04:00
af7c1f7d45
added PKCE support to discovery endpoint
2016-07-27 20:31:27 -04:00
82c313f036
added PKCE support to client
2016-07-27 20:31:14 -04:00
ba0d0aab0b
use parameter constants for extensions maps in token service
2016-07-24 17:46:04 -04:00
ac0cafe7b3
parse and process PKCE requests
2016-07-24 17:45:43 -04:00
5dcda2812e
added code challenge method to client model (properly this time)
2016-07-24 17:45:04 -04:00
2cc90ba5f2
created PKCE algorithm class
2016-07-24 17:06:29 -04:00
83d7627ed0
serialize phone_number and phone_number_verified, closes #1030
2016-07-24 16:49:46 -04:00
d1d05e506e
added software statement to dynamic registration self-service
2016-07-24 16:28:08 -04:00
57208ac35d
added software statements to client API
2016-07-24 16:12:56 -04:00
d89257380f
make client assertion auth work again
2016-07-24 15:28:51 -04:00
f9e4d75a4a
use JWT bearer assertion token for assertion processing
2016-07-24 14:55:45 -04:00
42ccb8b39e
make software statement processing null-safe
2016-07-24 14:55:12 -04:00
bd9932d56f
added assertion processor to token endpoint
2016-07-22 15:31:00 -04:00
8c021ad403
added assertion validator that validates assertions signed by the local server only
2016-07-22 14:04:33 -04:00
8e016a8d30
make the null assertion processor the default
2016-07-22 13:50:37 -04:00
a5a12b2f1f
added assertion validation engine
2016-07-22 13:47:20 -04:00
fa63993896
added software statement to client model, added processor to dynamic registration parser
2016-07-21 16:55:46 -04:00
17be89fe98
updated whitelist to use error function
2016-07-18 17:01:34 -04:00
6e8a728c68
updated token management to use error handler
2016-07-18 16:59:54 -04:00
1366db3b48
updated scopes to use error handler
2016-07-18 16:57:35 -04:00
838fcb6789
changed resource set registration to use error handler
2016-07-18 16:54:36 -04:00
241bc0f649
updated approved sites to use error handler
2016-07-18 16:49:58 -04:00
055b5cc4da
fixed title on saved client dialog
2016-07-18 16:48:17 -04:00
cdf5147706
ported dyn reg to new error handler
2016-07-18 16:48:07 -04:00
40863f4696
converted list item to use error handler
2016-07-18 16:03:38 -04:00
bba0b2fcd2
converted blacklist to new error handler
2016-07-18 15:53:58 -04:00
ed7536837b
fixed display errors for error dialog
2016-07-18 15:48:53 -04:00
e073df614f
made the modal display sit on top for real this time
2016-07-18 15:47:57 -04:00
d79bbaf430
instrumented client error handling to use new framework
2016-07-18 14:47:57 -04:00
8749e1124e
added generic error message handler
2016-07-18 14:42:38 -04:00
44313c4e10
reformatted error template
2016-07-18 11:58:02 -04:00
ngriesser