* mitre/master: (153 commits)
removed old document PDFs from repo
check for missing refresh token value on refresh, closes#1242
removed unused field from UI config bean
fixed client readme file
Updated copyrights
Corrected typo
fixed unit test for new default redirect behavior
set redirect URI matching to strict by default
escaped output values on approval page, closes#1111
added changelog file
[maven-release-plugin] prepare for next development iteration
[maven-release-plugin] prepare release mitreid-connect-1.3.1
downgrade mysql dependency to GA version
Removed double 'sure'
fixed discovery endpoint, closes#1230
Completed end session endpoint
end session endpoint
skeleton of end session endpoint, maybe need a change to user info lookup
Fix psql_database script, replace SERIAL with BIGSERIAL and fix ...
[maven-release-plugin] prepare for next development iteration
...
An Authentication should not exist without its matching AuthorizationCode, but typically an AuthorizationCode will have a foreign key on an Authentication, meaning it can't be saved first. This block should be wrapped in a transaction so that other DB clients (say, for example, clearExpiredAuthorizationCodes) don't see an inconsistent snapshot and then misbehave.
OAuth2Authentication#getPrincipal() used by OAuth2Authentication#getName() defaults to the client id if user authentication is not available.
Prior to this fix, an introspection of a client-only access token would result to the user_id also being the client_id. This causes problems when this
introspection result is converted into an OAuth2Authentication by a resource server's IntrospectingTokenService -- the user_id is populated with
the client_id and so OAuth2Authentication's userAuthentication is populated falsely.
- The logic to create and query AuthenticationHolder entities have been
moved to a service, and other services that depended on
AuthenticationHolderRepository now depend on
AuthenticationHolderEntityService
- An additionalInfo map collection has been added to
SavedUserAuthentication. This map can be used to store other
information related to user authentication (like authn type,
attributes etc.)
Andrea Ceccanti