538c4031bb 
								
							
								 
							
						 
						
							
							
								
								added in better default checks for content negotiation  
							
							
							
						 
						
							2014-07-02 16:01:26 -04:00  
				
					
						
							
							
								 
						
							
							
								078bf5e464 
								
							
								 
							
						 
						
							
							
								
								combine HTTP content negotiation with client preferences for user info endpoint  
							
							
							
						 
						
							2014-06-28 23:44:37 -04:00  
				
					
						
							
							
								 
						
							
							
								1de2a61176 
								
							
								 
							
						 
						
							
							
								
								made accept header optional for user info request  
							
							
							
						 
						
							2014-06-28 22:20:05 -04:00  
				
					
						
							
							
								 
						
							
							
								04acc21eea 
								
							
								 
							
						 
						
							
							
								
								removed injection of admin email address from client API, will happen browser-side now  
							
							
							
						 
						
							2014-06-26 13:00:36 -04:00  
				
					
						
							
							
								 
						
							
							
								adf477c64e 
								
							
								 
							
						 
						
							
							
								
								[maven-release-plugin] prepare for next development iteration  
							
							
							
						 
						
							2014-06-18 18:27:27 -04:00  
				
					
						
							
							
								 
						
							
							
								8d97ed61ec 
								
							
								 
							
						 
						
							
							
								
								[maven-release-plugin] prepare release mitreid-connect-1.1.8  
							
							
							
						 
						
							2014-06-18 18:27:25 -04:00  
				
					
						
							
							
								 
						
							
							
								5773fe195b 
								
							
								 
							
						 
						
							
							
								
								set proper content type on user info JWT response  
							
							
							
						 
						
							2014-06-18 18:05:11 -04:00  
				
					
						
							
							
								 
						
							
							
								5f97ce0ca1 
								
							
								 
							
						 
						
							
							
								
								fixed error code string  
							
							
							
						 
						
							2014-06-18 14:50:17 -04:00  
				
					
						
							
							
								 
						
							
							
								6589cd717d 
								
							
								 
							
						 
						
							
							
								
								disallow fragments in redirect uris for dynamic clients,  closes   #622  
							
							
							
						 
						
							2014-06-18 14:49:29 -04:00  
				
					
						
							
							
								 
						
							
							
								4e52543091 
								
							
								 
							
						 
						
							
							
								
								more properly respond to some client registration errors  
							
							
							
						 
						
							2014-06-18 14:45:55 -04:00  
				
					
						
							
							
								 
						
							
							
								c493f438e7 
								
							
								 
							
						 
						
							
							
								
								applied token rotation to protected resources  
							
							
							
						 
						
							2014-06-12 19:37:50 -04:00  
				
					
						
							
							
								 
						
							
							
								f4edd3164f 
								
							
								 
							
						 
						
							
							
								
								made timeout field optional, tokens don't expire in the default case  
							
							
							
						 
						
							2014-06-12 19:37:32 -04:00  
				
					
						
							
							
								 
						
							
							
								4e09ec687b 
								
							
								 
							
						 
						
							
							
								
								Registration Token regeneration - when they are beyond their lifetime  
							
							... 
							
							
							
							(in read/update calls) 
							
						 
						
							2014-06-12 19:12:32 -04:00  
				
					
						
							
							
								 
						
							
							
								ed3e6a2814 
								
							
								 
							
						 
						
							
							
								
								https://github.com/mitreid-connect/OpenID-Connect-Java-Spring-Server/issues/431 :  
							
							... 
							
							
							
							Generating a new registration access token on read/update call and
revoking the token issued earlier. 
							
						 
						
							2014-06-12 19:12:32 -04:00  
				
					
						
							
							
								 
						
							
							
								a106121af3 
								
							
								 
							
						 
						
							
							
								
								created blacklist aware redirect resolver and wired it in,  closes   #549  
							
							
							
						 
						
							2014-06-10 16:29:45 -04:00  
				
					
						
							
							
								 
						
							
							
								a97f3e2d65 
								
							
								 
							
						 
						
							
							
								
								don't throw away creation time on protected resource update (oops)  
							
							
							
						 
						
							2014-06-09 20:22:58 -04:00  
				
					
						
							
							
								 
						
							
							
								e0fe22e4ba 
								
							
								 
							
						 
						
							
							
								
								don't regenerate client secrets every single time  
							
							
							
						 
						
							2014-06-09 20:20:36 -04:00  
				
					
						
							
							
								 
						
							
							
								53148f2c87 
								
							
								 
							
						 
						
							
							
								
								better auth method checking in dynamic registration and resource registration  
							
							
							
						 
						
							2014-06-09 17:41:27 -04:00  
				
					
						
							
							
								 
						
							
							
								f15b4a0f74 
								
							
								 
							
						 
						
							
							
								
								resource registration returned the wrong URL  
							
							
							
						 
						
							2014-06-09 17:41:01 -04:00  
				
					
						
							
							
								 
						
							
							
								47cc005fe5 
								
							
								 
							
						 
						
							
							
								
								more sanity checking for client secrets  
							
							
							
						 
						
							2014-06-09 16:06:57 -04:00  
				
					
						
							
							
								 
						
							
							
								cac645484f 
								
							
								 
							
						 
						
							
							
								
								client API now generates client secret only for clients that require a client secret  
							
							
							
						 
						
							2014-06-09 16:00:55 -04:00  
				
					
						
							
							
								 
						
							
							
								52e53ba219 
								
							
								 
							
						 
						
							
							
								
								extracted validation exception, refactored protected resource registration endpoint to use this format  
							
							
							
						 
						
							2014-06-06 11:13:41 -04:00  
				
					
						
							
							
								 
						
							
							
								b7a8bbdddc 
								
							
								 
							
						 
						
							
							
								
								cleanup, error wrappers on protected resource registration  
							
							
							
						 
						
							2014-06-06 10:58:40 -04:00  
				
					
						
							
							
								 
						
							
							
								deaccf437e 
								
							
								 
							
						 
						
							
							
								
								refactored dynamic registration endpoint's checks for client consistency  
							
							
							
						 
						
							2014-06-06 10:18:40 -04:00  
				
					
						
							
							
								 
						
							
							
								04f7a698ea 
								
							
								 
							
						 
						
							
							
								
								added response type consistency checking,  closes   #430  
							
							
							
						 
						
							2014-06-05 19:41:06 -04:00  
				
					
						
							
							
								 
						
							
							
								32101ff7b2 
								
							
								 
							
						 
						
							
							
								
								added parsing checks, fixed inverted logic, cleaned up redundant settings,  closes   #597  
							
							
							
						 
						
							2014-06-05 19:06:03 -04:00  
				
					
						
							
							
								 
						
							
							
								ab083c0963 
								
							
								 
							
						 
						
							
							
								
								added checks to dynamic registration endpoint that disallow registration of multiple incompatible grant types  
							
							
							
						 
						
							2014-06-05 17:16:35 -04:00  
				
					
						
							
							
								 
						
							
							
								cdd23df7ee 
								
							
								 
							
						 
						
							
							
								
								token introspection now returns user "sub" when available in addition to "user_id",  closes   #507  (might cause incompatibility problems)  
							
							
							
						 
						
							2014-06-04 17:27:38 -04:00  
				
					
						
							
							
								 
						
							
							
								85acfa90db 
								
							
								 
							
						 
						
							
							
								
								[maven-release-plugin] prepare for next development iteration  
							
							
							
						 
						
							2014-06-04 14:51:32 -04:00  
				
					
						
							
							
								 
						
							
							
								d5e4cb45a2 
								
							
								 
							
						 
						
							
							
								
								[maven-release-plugin] prepare release mitreid-connect-1.1.7  
							
							
							
						 
						
							2014-06-04 14:51:29 -04:00  
				
					
						
							
							
								 
						
							
							
								8861220632 
								
							
								 
							
						 
						
							
							
								
								stats on home page are now loaded in the background (makes main site load much faster)  
							
							
							
						 
						
							2014-06-04 14:39:30 -04:00  
				
					
						
							
							
								 
						
							
							
								3e4aae6c8a 
								
							
								 
							
						 
						
							
							
								
								hash tests now pass on Java8  
							
							
							
						 
						
							2014-05-29 17:41:56 -04:00  
				
					
						
							
							
								 
						
							
							
								dfdc4ed52d 
								
							
								 
							
						 
						
							
							
								
								fixed information leaks from approved site API  
							
							
							
						 
						
							2014-05-28 18:21:46 -04:00  
				
					
						
							
							
								 
						
							
							
								a84c10fc1c 
								
							
								 
							
						 
						
							
							
								
								Change copyright from Netcetera to MITRE/MIT-KIT.  
							
							
							
						 
						
							2014-05-28 08:52:31 +02:00  
				
					
						
							
							
								 
						
							
							
								2797731597 
								
							
								 
							
						 
						
							
							
								
								fixed unit test to account for cascading tokens  
							
							
							
						 
						
							2014-05-27 20:39:19 -04:00  
				
					
						
							
							
								 
						
							
							
								d2c83104fb 
								
							
								 
							
						 
						
							
							
								
								cascade token saves  
							
							
							
						 
						
							2014-05-27 19:28:38 -04:00  
				
					
						
							
							
								 
						
							
							
								7f8cbcea39 
								
							
								 
							
						 
						
							
							
								
								Use return value from TokenEnhancer.enhance  
							
							
							
						 
						
							2014-05-27 19:23:44 -04:00  
				
					
						
							
							
								 
						
							
							
								be98b9cd0b 
								
							
								 
							
						 
						
							
							
								
								[maven-release-plugin] prepare for next development iteration  
							
							
							
						 
						
							2014-05-27 14:00:40 -04:00  
				
					
						
							
							
								 
						
							
							
								8320f0eefe 
								
							
								 
							
						 
						
							
							
								
								[maven-release-plugin] prepare release mitreid-connect-1.1.6  
							
							
							
						 
						
							2014-05-27 14:00:37 -04:00  
				
					
						
							
							
								 
						
							
							
								0c8cacd59a 
								
							
								 
							
						 
						
							
							
								
								added missing copyright headers  
							
							
							
						 
						
							2014-05-27 13:46:47 -04:00  
				
					
						
							
							
								 
						
							
							
								525f3aa2a8 
								
							
								 
							
						 
						
							
							
								
								Cleaned up indentation, whitespace, and imports.  
							
							
							
						 
						
							2014-05-27 13:02:49 -04:00  
				
					
						
							
							
								 
						
							
							
								8185171119 
								
							
								 
							
						 
						
							
							
								
								minor clean up  
							
							
							
						 
						
							2014-05-27 11:54:45 -04:00  
				
					
						
							
							
								 
						
							
							
								5ab516de48 
								
							
								 
							
						 
						
							
							
								
								prevent clients from registering with special resource scope  
							
							
							
						 
						
							2014-05-26 17:39:20 -04:00  
				
					
						
							
							
								 
						
							
							
								c34357a433 
								
							
								 
							
						 
						
							
							
								
								added resource registration endpoint with basic functionality and specialized tokens  
							
							
							
						 
						
							2014-05-26 16:30:24 -04:00  
				
					
						
							
							
								 
						
							
							
								960319b796 
								
							
								 
							
						 
						
							
							
								
								improved logging configuration, removed transactional from service  
							
							
							
						 
						
							2014-05-25 15:38:44 -04:00  
				
					
						
							
							
								 
						
							
							
								85fd4e71ce 
								
							
								 
							
						 
						
							
							
								
								typo in error message  
							
							
							
						 
						
							2014-05-25 15:37:58 -04:00  
				
					
						
							
							
								 
						
							
							
								2af51dc77a 
								
							
								 
							
						 
						
							
							
								
								better URI check for prompt filter short circuit  
							
							
							
						 
						
							2014-05-25 14:24:25 -04:00  
				
					
						
							
							
								 
						
							
							
								f4a1a2acff 
								
							
								 
							
						 
						
							
							
								
								fixed prompt filter coding error  
							
							
							
						 
						
							2014-05-24 23:16:29 -04:00  
				
					
						
							
							
								 
						
							
							
								89d55e3d33 
								
							
								 
							
						 
						
							
							
								
								added support for default max auth age and require auth time, made prompt filter only work on authorization endpoint  
							
							
							
						 
						
							2014-05-24 22:12:41 -04:00  
				
					
						
							
							
								 
						
							
							
								5c6e75bd53 
								
							
								 
							
						 
						
							
							
								
								cleaned up UI for client editing  
							
							
							
						 
						
							2014-05-24 20:56:54 -04:00  
				
					
						
							
							
								 
						
							
							
								05e9624ae3 
								
							
								 
							
						 
						
							
							
								
								added support for encrypted and symmetrically signed id tokens and user info responses  
							
							
							
						 
						
							2014-05-23 21:15:50 -04:00  
				
					
						
							
							
								 
						
							
							
								ffe1b29906 
								
							
								 
							
						 
						
							
							
								
								Added Signed JWT support to UserInfo endpoint response,  closes   #593  
							
							
							
						 
						
							2014-05-23 19:15:03 -04:00  
				
					
						
							
							
								 
						
							
							
								e4d5f4a540 
								
							
								 
							
						 
						
							
							
								
								added system wide cache for all symmetric validators, closes # 557  
							
							
							
						 
						
							2014-05-23 16:16:06 -04:00  
				
					
						
							
							
								 
						
							
							
								ca333d256b 
								
							
								 
							
						 
						
							
							
								
								Appropriately catch runtime exceptions in all guava caches,  closes   #603  
							
							
							
						 
						
							2014-05-23 15:00:40 -04:00  
				
					
						
							
							
								 
						
							
							
								df9c9747ce 
								
							
								 
							
						 
						
							
							
								
								more reasonable check for whether or not a user auth is present, addresses  #602  
							
							
							
						 
						
							2014-05-23 11:49:51 -04:00  
				
					
						
							
							
								 
						
							
							
								4e890a4d7d 
								
							
								 
							
						 
						
							
							
								
								enforce clients using a redirect flow have at least one redirect uri registered when using dynamic registration, made error handling more consistent across all APIs  
							
							... 
							
							
							
							closes  #596  
						
							2014-05-21 18:29:51 -04:00  
				
					
						
							
							
								 
						
							
							
								a225b00920 
								
							
								 
							
						 
						
							
							
								
								added null check and permissions check to ID token generation,  closes   #602  
							
							
							
						 
						
							2014-05-21 17:45:25 -04:00  
				
					
						
							
							
								 
						
							
							
								880014176f 
								
							
								 
							
						 
						
							
							
								
								[maven-release-plugin] prepare for next development iteration  
							
							
							
						 
						
							2014-05-13 18:23:11 -04:00  
				
					
						
							
							
								 
						
							
							
								ca8a003e3d 
								
							
								 
							
						 
						
							
							
								
								[maven-release-plugin] prepare release mitreid-connect-1.1.5  
							
							
							
						 
						
							2014-05-13 18:23:08 -04:00  
				
					
						
							
							
								 
						
							
							
								dcf36234c4 
								
							
								 
							
						 
						
							
							
								
								moved CSRF generator to request parser instead of confirmation controller  
							
							
							
						 
						
							2014-05-13 09:48:34 -04:00  
				
					
						
							
							
								 
						
							
							
								a253ebc908 
								
							
								 
							
						 
						
							
							
								
								added CSRF protection to approval page  
							
							
							
						 
						
							2014-05-13 09:27:02 -04:00  
				
					
						
							
							
								 
						
							
							
								fcfbf1080f 
								
							
								 
							
						 
						
							
							
								
								renamed auth request variable  
							
							
							
						 
						
							2014-05-13 09:26:27 -04:00  
				
					
						
							
							
								 
						
							
							
								7cd36b471f 
								
							
								 
							
						 
						
							
							
								
								Make introspection endpoint access authorization pluggable.  
							
							
							
						 
						
							2014-05-07 16:44:56 +02:00  
				
					
						
							
							
								 
						
							
							
								4b697ba909 
								
							
								 
							
						 
						
							
							
								
								webfinger checks host on acct: URIs,  closes   #404  
							
							
							
						 
						
							2014-04-25 21:21:00 -04:00  
				
					
						
							
							
								 
						
							
							
								b8129bf60d 
								
							
								 
							
						 
						
							
							
								
								[maven-release-plugin] prepare for next development iteration  
							
							
							
						 
						
							2014-04-21 19:19:10 -04:00  
				
					
						
							
							
								 
						
							
							
								a9e34ac9bd 
								
							
								 
							
						 
						
							
							
								
								[maven-release-plugin] prepare release mitreid-connect-1.1.4  
							
							
							
						 
						
							2014-04-21 19:19:07 -04:00  
				
					
						
							
							
								 
						
							
							
								376403fa4a 
								
							
								 
							
						 
						
							
							
								
								account for registration time in approval page,  closes   #550  
							
							
							
						 
						
							2014-04-19 07:28:20 -04:00  
				
					
						
							
							
								 
						
							
							
								1d2f968bd1 
								
							
								 
							
						 
						
							
							
								
								configuration cleanup,  closes   #568  
							
							
							
						 
						
							2014-04-18 22:11:58 -04:00  
				
					
						
							
							
								 
						
							
							
								318a28ddf8 
								
							
								 
							
						 
						
							
							
								
								added stats mock to unit tests  
							
							
							
						 
						
							2014-04-16 22:05:03 -04:00  
				
					
						
							
							
								 
						
							
							
								521017c5c2 
								
							
								 
							
						 
						
							
							
								
								updated stats service to have a resettable cache triggered by other service events  
							
							
							
						 
						
							2014-04-16 21:39:37 -04:00  
				
					
						
							
							
								 
						
							
							
								7f310400b1 
								
							
								 
							
						 
						
							
							
								
								simple cache for stats  
							
							
							
						 
						
							2014-04-16 21:18:12 -04:00  
				
					
						
							
							
								 
						
							
							
								39509bfdc4 
								
							
								 
							
						 
						
							
							
								
								Performance improvement of token cleanup:  
							
							... 
							
							
							
							an alternative token cleanup mechanism designed to maintain a very compact memory footprint while performing cleanup in consecutive runs of the cleanup thread. This serves to address OutOfMemoryException issues of the original token cleanup mechanism when process is under load. Also, added cleanup of the authentication_holder table. 
							
						 
						
							2014-04-10 23:38:37 -04:00  
				
					
						
							
							
								 
						
							
							
								265624b285 
								
							
								 
							
						 
						
							
							
								
								a fix for a NullPointerException whenever a client requests a client scope to be granted.  
							
							
							
						 
						
							2014-04-10 22:41:20 -04:00  
				
					
						
							
							
								 
						
							
							
								97cd00e06c 
								
							
								 
							
						 
						
							
							
								
								[maven-release-plugin] prepare for next development iteration  
							
							
							
						 
						
							2014-03-19 21:40:21 -04:00  
				
					
						
							
							
								 
						
							
							
								23c7cf6996 
								
							
								 
							
						 
						
							
							
								
								[maven-release-plugin] prepare release mitreid-connect-1.1.3  
							
							
							
						 
						
							2014-03-19 21:40:18 -04:00  
				
					
						
							
							
								 
						
							
							
								ad5ffb64e8 
								
							
								 
							
						 
						
							
							
								
								[maven-release-plugin] prepare for next development iteration  
							
							
							
						 
						
							2014-03-08 11:17:40 +00:00  
				
					
						
							
							
								 
						
							
							
								1635cf957d 
								
							
								 
							
						 
						
							
							
								
								[maven-release-plugin] prepare release mitreid-connect-1.1.2  
							
							
							
						 
						
							2014-03-08 11:17:35 +00:00  
				
					
						
							
							
								 
						
							
							
								53cc7ef447 
								
							
								 
							
						 
						
							
							
								
								Fixed audience claim on client auth assertion  
							
							
							
						 
						
							2014-03-06 19:45:05 +00:00  
				
					
						
							
							
								 
						
							
							
								1fcef858c6 
								
							
								 
							
						 
						
							
							
								
								updated server discovery document to reflect new capabilities  
							
							
							
						 
						
							2014-03-06 16:48:27 +00:00  
				
					
						
							
							
								 
						
							
							
								b67121f0cd 
								
							
								 
							
						 
						
							
							
								
								added client_secret_jwt auth method support,  closes   #174  
							
							
							
						 
						
							2014-03-04 23:45:36 +00:00  
				
					
						
							
							
								 
						
							
							
								15b017992c 
								
							
								 
							
						 
						
							
							
								
								added DELETE to token api because revocation endpoint doesn't work for this kind of management,  closes   #191  
							
							
							
						 
						
							2014-03-01 11:05:46 +00:00  
				
					
						
							
							
								 
						
							
							
								89f015cf1c 
								
							
								 
							
						 
						
							
							
								
								Updated Token API to be less leaky  
							
							
							
						 
						
							2014-02-28 21:14:27 +00:00  
				
					
						
							
							
								 
						
							
							
								dd391ebf3c 
								
							
								 
							
						 
						
							
							
								
								Display contacts, popup for image, cleanup of more info  
							
							
							
						 
						
							2014-02-16 21:58:16 -05:00  
				
					
						
							
							
								 
						
							
							
								dab52ca8a0 
								
							
								 
							
						 
						
							
							
								
								enhancements to approval page  
							
							
							
						 
						
							2014-02-16 18:25:05 -05:00  
				
					
						
							
							
								 
						
							
							
								ec6a78c1ba 
								
							
								 
							
						 
						
							
							
								
								made prompt pluralizable to comply with spec,  closes   #519  
							
							
							
						 
						
							2014-02-16 01:41:08 -05:00  
				
					
						
							
							
								 
						
							
							
								9395c3802d 
								
							
								 
							
						 
						
							
							
								
								[maven-release-plugin] prepare for next development iteration  
							
							
							
						 
						
							2014-02-10 15:28:14 -05:00  
				
					
						
							
							
								 
						
							
							
								4f8311962a 
								
							
								 
							
						 
						
							
							
								
								[maven-release-plugin] prepare release mitreid-connect-1.1.1  
							
							
							
						 
						
							2014-02-10 15:28:11 -05:00  
				
					
						
							
							
								 
						
							
							
								19dbe92d4e 
								
							
								 
							
						 
						
							
							
								
								initial support for displaying claim values for requested scopes  
							
							
							
						 
						
							2014-01-20 20:56:04 -05:00  
				
					
						
							
							
								 
						
							
							
								3b52ce8201 
								
							
								 
							
						 
						
							
							
								
								happy new year!  
							
							
							
						 
						
							2014-01-20 12:38:42 -05:00  
				
					
						
							
							
								 
						
							
							
								ebbc7209aa 
								
							
								 
							
						 
						
							
							
								
								automated code formatting and cleanup  
							
							
							
						 
						
							2013-12-03 14:19:34 -05:00  
				
					
						
							
							
								 
						
							
							
								e1e7f7a579 
								
							
								 
							
						 
						
							
							
								
								[maven-release-plugin] prepare for next development iteration  
							
							
							
						 
						
							2013-12-02 12:18:11 -05:00  
				
					
						
							
							
								 
						
							
							
								42fe973f7b 
								
							
								 
							
						 
						
							
							
								
								[maven-release-plugin] prepare release mitreid-connect-1.1.0  
							
							
							
						 
						
							2013-12-02 12:18:08 -05:00  
				
					
						
							
							
								 
						
							
							
								4a8d693746 
								
							
								 
							
						 
						
							
							
								
								fixed prompt filter map mismatch (I hate type erasure)  
							
							
							
						 
						
							2013-12-02 11:55:09 -05:00  
				
					
						
							
							
								 
						
							
							
								ce1f3f2f94 
								
							
								 
							
						 
						
							
							
								
								updated mockito, fixed some unit tests  
							
							
							
						 
						
							2013-11-27 12:37:05 -05:00  
				
					
						
							
							
								 
						
							
							
								d330bd1c9b 
								
							
								 
							
						 
						
							
							
								
								cleanup, added revocation uri to server config  
							
							
							
						 
						
							2013-11-27 12:23:04 -05:00  
				
					
						
							
							
								 
						
							
							
								ed06b14406 
								
							
								 
							
						 
						
							
							
								
								publish revocation endpoint, addresses  #520  
							
							
							
						 
						
							2013-11-27 12:13:42 -05:00  
				
					
						
							
							
								 
						
							
							
								b7011f508e 
								
							
								 
							
						 
						
							
							
								
								urlencode client IDs in client registration URIs, addresses  #422  
							
							
							
						 
						
							2013-11-27 12:12:10 -05:00  
				
					
						
							
							
								 
						
							
							
								8c1bfb7e0c 
								
							
								 
							
						 
						
							
							
								
								set current user's email address to owner when using admin UI  
							
							
							
						 
						
							2013-11-27 12:11:36 -05:00  
				
					
						
							
							
								 
						
							
							
								6c4d2a8e8d 
								
							
								 
							
						 
						
							
							
								
								vestigial comment cleanup  
							
							
							
						 
						
							2013-11-27 12:06:53 -05:00  
				
					
						
							
							
								 
						
							
							
								db5532e9bf 
								
							
								 
							
						 
						
							
							
								
								comment cleanup  
							
							
							
						 
						
							2013-11-27 11:34:41 -05:00  
				
					
						
							
							
								 
						
							
							
								39fb96a802 
								
							
								 
							
						 
						
							
							
								
								pull request from extensions map  
							
							
							
						 
						
							2013-11-27 11:20:38 -05:00  
				
					
						
							
							
								 
						
							
							
								86e0f0c7ee 
								
							
								 
							
						 
						
							
							
								
								cleaned up old comments  
							
							
							
						 
						
							2013-11-27 11:20:01 -05:00  
				
					
						
							
							
								 
						
							
							
								a24eadeb11 
								
							
								 
							
						 
						
							
							
								
								cleaned up responseType calls, addresses  #451  
							
							
							
						 
						
							2013-11-27 11:03:15 -05:00  
				
					
						
							
							
								 
						
							
							
								df511a81cc 
								
							
								 
							
						 
						
							
							
								
								override from  #465  no longer needed  
							
							
							
						 
						
							2013-11-27 10:53:16 -05:00  
				
					
						
							
							
								 
						
							
							
								d3dbb00e77 
								
							
								 
							
						 
						
							
							
								
								ensure clients and tokens don't get special system scopes, addresses  #320  
							
							
							
						 
						
							2013-11-27 10:35:56 -05:00  
				
					
						
							
							
								 
						
							
							
								ef01de168d 
								
							
								 
							
						 
						
							
							
								
								Moved special token scopes to scope service interface  
							
							
							
						 
						
							2013-11-27 10:21:52 -05:00  
				
					
						
							
							
								 
						
							
							
								4f986d6a38 
								
							
								 
							
						 
						
							
							
								
								clean up some auto generated functions  
							
							
							
						 
						
							2013-11-27 09:57:56 -05:00  
				
					
						
							
							
								 
						
							
							
								f56135810c 
								
							
								 
							
						 
						
							
							
								
								Fixed request object precedence order  
							
							
							
						 
						
							2013-11-27 09:52:26 -05:00  
				
					
						
							
							
								 
						
							
							
								447df56947 
								
							
								 
							
						 
						
							
							
								
								removed unused nonce exception  
							
							
							
						 
						
							2013-11-27 09:10:35 -05:00  
				
					
						
							
							
								 
						
							
							
								27f391ef01 
								
							
								 
							
						 
						
							
							
								
								Fixed compilation errors for SECOAUTH milestone updates  
							
							
							
						 
						
							2013-11-25 09:31:50 -05:00  
				
					
						
							
							
								 
						
							
							
								190caee9a1 
								
							
								 
							
						 
						
							
							
								
								refactored userinfo serializer  
							
							
							
						 
						
							2013-11-18 09:49:23 -05:00  
				
					
						
							
							
								 
						
							
							
								46be502ed1 
								
							
								 
							
						 
						
							
							
								
								Enforces minimum Java version 1.6 on the openid-connect-server project.  
							
							
							
						 
						
							2013-10-22 18:08:02 -07:00  
				
					
						
							
							
								 
						
							
							
								2a34994383 
								
							
								 
							
						 
						
							
							
								
								cleanup view  
							
							
							
						 
						
							2013-09-26 17:07:38 -04:00  
				
					
						
							
							
								 
						
							
							
								7a4366c083 
								
							
								 
							
						 
						
							
							
								
								collapsed two serialization functions into one  
							
							
							
						 
						
							2013-09-26 16:15:30 -04:00  
				
					
						
							
							
								 
						
							
							
								65a7e1d724 
								
							
								 
							
						 
						
							
							
								
								Added UserInfo.toJson method; added ScopeClaimTranslationService; rewrote UserInfoSerializer to use both  
							
							
							
						 
						
							2013-09-26 12:03:39 -04:00  
				
					
						
							
							
								 
						
							
							
								cb449c25b1 
								
							
								 
							
						 
						
							
							
								
								Made a UserInfoSerializer class, attempted to switch UserInfoInterceptor over to use it, but it requires a bad hack. I might be missing something.  
							
							
							
						 
						
							2013-09-26 12:03:39 -04:00  
				
					
						
							
							
								 
						
							
							
								73863302e9 
								
							
								 
							
						 
						
							
							
								
								added spring-tx dependency to server  
							
							
							
						 
						
							2013-09-24 14:08:53 -04:00  
				
					
						
							
							
								 
						
							
							
								8a5a16f374 
								
							
								 
							
						 
						
							
							
								
								refactored project into four modules:  
							
							... 
							
							
							
							Common
 Client
 Server Library
 Server Webapp
addresses #367  
							
						 
						
							2013-09-23 17:19:09 -04:00  
				
					
						
							
							
								 
						
							
							
								bf3e0033fe 
								
							
								 
							
						 
						
							
							
								
								initial refactor of userinfoview for new model components  
							
							
							
						 
						
							2013-09-19 12:36:22 -04:00  
				
					
						
							
							
								 
						
							
							
								9debf1486d 
								
							
								 
							
						 
						
							
							
								
								pass authorized and requested claims as strings to view  
							
							
							
						 
						
							2013-09-19 12:36:22 -04:00  
				
					
						
							
							
								 
						
							
							
								b396610f35 
								
							
								 
							
						 
						
							
							
								
								refactor processing of request object  
							
							
							
						 
						
							2013-09-19 12:36:22 -04:00  
				
					
						
							
							
								 
						
							
							
								47d304851d 
								
							
								 
							
						 
						
							
							
								
								Created token service for OIDC special tokens; removed creation of id tokens and registration_access_tokens to the new service.  
							
							
							
						 
						
							2013-09-17 16:56:46 -04:00  
				
					
						
							
							
								 
						
							
							
								66e837f650 
								
							
								 
							
						 
						
							
							
								
								Move extension parameters into OAuth2Request.extensions map; remove all calls to OAuth2Request.getRequestParameters.  
							
							
							
						 
						
							2013-09-17 10:54:19 -04:00  
				
					
						
							
							
								 
						
							
							
								e1ed53a229 
								
							
								 
							
						 
						
							
							
								
								added missing parts to discovery  
							
							
							
						 
						
							2013-09-16 17:27:04 -04:00  
				
					
						
							
							
								 
						
							
							
								6605877a1b 
								
							
								 
							
						 
						
							
							
								
								added encryption/decryption to cached JWK-URI service  
							
							
							
						 
						
							2013-09-16 17:27:04 -04:00  
				
					
						
							
							
								 
						
							
							
								9f13dc8f77 
								
							
								 
							
						 
						
							
							
								
								wrap errors in saving the client in an HTTP 400 (instead of HTTP 500) error  
							
							
							
						 
						
							2013-09-13 14:22:42 -04:00  
				
					
						
							
							
								 
						
							
							
								9b72c6b1f3 
								
							
								 
							
						 
						
							
							
								
								check sector identifier URI's contents and match against redirect URIs, addresses  #504  
							
							
							
						 
						
							2013-09-13 14:22:24 -04:00  
				
					
						
							
							
								 
						
							
							
								1aa5fe25c6 
								
							
								 
							
						 
						
							
							
								
								re-decrypt request object at userinfo endpoint (this shouldn't need to happen)  
							
							
							
						 
						
							2013-09-12 17:05:34 -04:00  
				
					
						
							
							
								 
						
							
							
								09cd752c86 
								
							
								 
							
						 
						
							
							
								
								added basic support for encrypted request objects, addresses  #475  
							
							
							
						 
						
							2013-09-12 17:05:12 -04:00  
				
					
						
							
							
								 
						
							
							
								a52f86db49 
								
							
								 
							
						 
						
							
							
								
								removed NYI tags from request object algorithm fields  
							
							
							
						 
						
							2013-09-12 16:46:22 -04:00  
				
					
						
							
							
								 
						
							
							
								d09b3b50d6 
								
							
								 
							
						 
						
							
							
								
								call encode() instead of new() on Base64URL utility  
							
							
							
						 
						
							2013-09-12 15:19:14 -04:00  
				
					
						
							
							
								 
						
							
							
								35bd9c8eda 
								
							
								 
							
						 
						
							
							
								
								throw appropriate errors from request factory  
							
							
							
						 
						
							2013-09-12 14:48:54 -04:00  
				
					
						
							
							
								 
						
							
							
								e67a41c556 
								
							
								 
							
						 
						
							
							
								
								added transient passthroughs to JOSE algorithms for client  
							
							
							
						 
						
							2013-09-12 14:08:37 -04:00  
				
					
						
							
							
								 
						
							
							
								c9aa42dbef 
								
							
								 
							
						 
						
							
							
								
								better processing for signed request objects  
							
							
							
						 
						
							2013-09-12 13:56:10 -04:00  
				
					
						
							
							
								 
						
							
							
								f9ca15139d 
								
							
								 
							
						 
						
							
							
								
								added phone-number verified, addresses  #505  
							
							... 
							
							
							
							affects #455  
							
						 
						
							2013-09-12 10:19:14 -04:00  
				
					
						
							
							
								 
						
							
							
								6cbed133b2 
								
							
								 
							
						 
						
							
							
								
								let user know that the client is using a pairwise identifier on approval  
							
							
							
						 
						
							2013-09-11 17:39:55 -04:00  
				
					
						
							
							
								 
						
							
							
								a9f639a718 
								
							
								 
							
						 
						
							
							
								
								moved subject type and sector identifier controls to the 'access' tab  
							
							
							
						 
						
							2013-09-11 17:14:35 -04:00  
				
					
						
							
							
								 
						
							
							
								6b66139ead 
								
							
								 
							
						 
						
							
							
								
								added unit test for uuid service  
							
							
							
						 
						
							2013-09-11 15:28:00 -04:00  
				
					
						
							
							
								 
						
							
							
								0281cf02fe 
								
							
								 
							
						 
						
							
							
								
								calculate pairwise based on redirect uri rather than client id  
							
							
							
						 
						
							2013-09-11 14:37:17 -04:00  
				
					
						
							
							
								 
						
							
							
								f6a8ac4529 
								
							
								 
							
						 
						
							
							
								
								added unit test for default userinfo service (with pairwise checks)  
							
							
							
						 
						
							2013-09-11 11:59:40 -04:00  
				
					
						
							
							
								 
						
							
							
								77c0473438 
								
							
								 
							
						 
						
							
							
								
								fixed comparison order to be null safe  
							
							... 
							
							
							
							cleaned up type check 
							
						 
						
							2013-09-11 11:59:34 -04:00  
				
					
						
							
							
								 
						
							
							
								dbdc2e777d 
								
							
								 
							
						 
						
							
							
								
								added pairwise identifier service and repository  
							
							
							
						 
						
							2013-09-10 17:15:58 -04:00  
				
					
						
							
							
								 
						
							
							
								bdf62eaa36 
								
							
								 
							
						 
						
							
							
								
								need to check the sector identifier at some point  
							
							
							
						 
						
							2013-09-10 16:35:51 -04:00  
				
					
						
							
							
								 
						
							
							
								914f2e4d93 
								
							
								 
							
						 
						
							
							
								
								added new call to get the UserInfo in context with the requesting client to allow for pairwise identifiers.  
							
							... 
							
							
							
							temporary implementation of pairwise identifiers in place 
							
						 
						
							2013-09-10 16:01:17 -04:00  
				
					
						
							
							
								 
						
							
							
								149fb1bac1 
								
							
								 
							
						 
						
							
							
								
								services shouldn't be transactional  
							
							
							
						 
						
							2013-09-10 15:26:09 -04:00  
				
					
						
							
							
								 
						
							
							
								29d1c7d54a 
								
							
								 
							
						 
						
							
							
								
								userinfo endpoint now uses OAuth2Authentication exclusively  
							
							... 
							
							
							
							(which is all it was really doing before) 
							
						 
						
							2013-09-10 14:16:34 -04:00  
				
					
						
							
							
								 
						
							
							
								ac42c00062 
								
							
								 
							
						 
						
							
							
								
								id token now uses userinfo's sub  
							
							
							
						 
						
							2013-09-10 13:50:49 -04:00  
				
					
						
							
							
								 
						
							
							
								f139541485 
								
							
								 
							
						 
						
							
							
								
								added randomized subs to demo users  
							
							
							
						 
						
							2013-09-10 13:48:37 -04:00  
				
					
						
							
							
								 
						
							
							
								b9da10d176 
								
							
								 
							
						 
						
							
							
								
								look up by username instead of subject  
							
							
							
						 
						
							2013-09-10 11:39:00 -04:00  
				
					
						
							
							
								 
						
							
							
								9ea82aacf0 
								
							
								 
							
						 
						
							
							
								
								clean up unused getter/setter  
							
							
							
						 
						
							2013-09-10 11:38:42 -04:00  
				
					
						
							
							
								 
						
							
							
								9720b60f05 
								
							
								 
							
						 
						
							
							
								
								allow loading of structured scopes from scopes.sql file (and temp tables)  
							
							
							
						 
						
							2013-09-06 16:07:25 -04:00  
				
					
						
							
							
								 
						
							
							
								5e676e0e59 
								
							
								 
							
						 
						
							
							
								
								fixed scope UI  
							
							
							
						 
						
							2013-09-06 16:07:25 -04:00  
				
					
						
							
							
								 
						
							
							
								2b663bb23c 
								
							
								 
							
						 
						
							
							
								
								UI for scope editing  
							
							
							
						 
						
							2013-09-06 16:07:25 -04:00  
				
					
						
							
							
								 
						
							
							
								469e722f72 
								
							
								 
							
						 
						
							
							
								
								defer to system scope matcher in approval handler  
							
							
							
						 
						
							2013-09-06 16:07:25 -04:00  
				
					
						
							
							
								 
						
							
							
								99ad9b883e 
								
							
								 
							
						 
						
							
							
								
								added validator that knows how to deal with structured scopes  
							
							
							
						 
						
							2013-09-06 16:07:25 -04:00  
				
					
						
							
							
								 
						
							
							
								59187d47e4 
								
							
								 
							
						 
						
							
							
								
								use new unified parsing for approval page  
							
							
							
						 
						
							2013-09-06 16:07:25 -04:00  
				
					
						
							
							
								 
						
							
							
								85533d50cf 
								
							
								 
							
						 
						
							
							
								
								scope comparison for TofuUserApprovalHandler  
							
							
							
						 
						
							2013-09-06 16:07:25 -04:00  
				
					
						
							
							
								 
						
							
							
								1c4c53f252 
								
							
								 
							
						 
						
							
							
								
								scope comparison for introspection endpoint  
							
							
							
						 
						
							2013-09-06 16:07:24 -04:00  
				
					
						
							
							
								 
						
							
							
								6152a943d8 
								
							
								 
							
						 
						
							
							
								
								serialize structured scopes properly (with tests)  
							
							
							
						 
						
							2013-09-06 16:07:24 -04:00  
				
					
						
							
							
								 
						
							
							
								72f0ab631d 
								
							
								 
							
						 
						
							
							
								
								added transient structured value to system scope, added scope matcher function to scope service  
							
							
							
						 
						
							2013-09-06 16:07:24 -04:00  
				
					
						
							
							
								 
						
							
							
								3fc34f15c8 
								
							
								 
							
						 
						
							
							
								
								added structured scope update to mysql (affects  #455 )  
							
							
							
						 
						
							2013-09-06 16:07:24 -04:00  
				
					
						
							
							
								 
						
							
							
								b416888b07 
								
							
								 
							
						 
						
							
							
								
								Structured Scopes from BB+  
							
							
							
						 
						
							2013-09-06 16:07:24 -04:00  
				
					
						
							
							
								 
						
							
							
								127507246e 
								
							
								 
							
						 
						
							
							
								
								if the client doesn't ask for any system scopes, but asks for some non-system scopes, they'll now get the defaults instead of none  
							
							... 
							
							
							
							addresses #498  
							
						 
						
							2013-09-06 13:30:22 -04:00  
				
					
						
							
							
								 
						
							
							
								64bbb73d1b 
								
							
								 
							
						 
						
							
							
								
								cleaned up CORS filter implementation  
							
							
							
						 
						
							2013-09-03 16:01:19 -04:00  
				
					
						
							
							
								 
						
							
							
								6ff4ae1458 
								
							
								 
							
						 
						
							
							
								
								added CORS filter  
							
							
							
						 
						
							2013-09-03 15:17:18 -04:00  
				
					
						
							
							
								 
						
							
							
								81cb60ad7b 
								
							
								 
							
						 
						
							
							
								
								made introspection and revocation work with basic auth (and possible OAuth tokens, but that needs more work)  
							
							
							
						 
						
							2013-09-03 15:17:16 -04:00  
				
					
						
							
							
								 
						
							
							
								bdbff8d45c 
								
							
								 
							
						 
						
							
							
								
								tell spring to not stuff model into the redirects, partially addresses  #492  
							
							
							
						 
						
							2013-08-30 16:38:07 -04:00  
				
					
						
							
							
								 
						
							
							
								84f097edf4 
								
							
								 
							
						 
						
							
							
								
								removed outdated client credentials filter, addresses  #491  
							
							
							
						 
						
							2013-08-30 11:48:52 -04:00  
				
					
						
							
							
								 
						
							
							
								d7be122a21 
								
							
								 
							
						 
						
							
							
								
								added basic user profile view implementation  
							
							
							
						 
						
							2013-08-29 17:33:42 -04:00  
				
					
						
							
							
								 
						
							
							
								55ea880396 
								
							
								 
							
						 
						
							
							
								
								hide admin panels from non-admin users, addresses  #472  
							
							
							
						 
						
							2013-08-29 17:15:13 -04:00  
				
					
						
							
							
								 
						
							
							
								235029ba0e 
								
							
								 
							
						 
						
							
							
								
								inject user's authorities into javascript context  
							
							
							
						 
						
							2013-08-29 16:58:36 -04:00  
				
					
						
							
							
								 
						
							
							
								eab4563551 
								
							
								 
							
						 
						
							
							
								
								inject user's email address into contacts on dynamic registration  
							
							
							
						 
						
							2013-08-29 16:58:24 -04:00  
				
					
						
							
							
								 
						
							
							
								be6179d1ac 
								
							
								 
							
						 
						
							
							
								
								inject the current user into the javascript context  
							
							
							
						 
						
							2013-08-29 16:44:01 -04:00  
				
					
						
							
							
								 
						
							
							
								5c10eef8b7 
								
							
								 
							
						 
						
							
							
								
								added delete function  
							
							
							
						 
						
							2013-08-29 14:18:54 -04:00  
				
					
						
							
							
								 
						
							
							
								d92b7c4810 
								
							
								 
							
						 
						
							
							
								
								changed display of core client components, added warning  
							
							
							
						 
						
							2013-08-29 11:50:05 -04:00  
				
					
						
							
							
								 
						
							
							
								4009d9ea82 
								
							
								 
							
						 
						
							
							
								
								added create and update functions  
							
							
							
						 
						
							2013-08-29 11:11:37 -04:00  
				
					
						
							
							
								 
						
							
							
								8e6da2b936 
								
							
								 
							
						 
						
							
							
								
								json view and form elements  
							
							
							
						 
						
							2013-08-28 16:42:43 -04:00  
				
					
						
							
							
								 
						
							
							
								36151975c1 
								
							
								 
							
						 
						
							
							
								
								added client read and oauth token support for CRUD abilities  
							
							
							
						 
						
							2013-08-28 15:32:18 -04:00  
				
					
						
							
							
								 
						
							
							
								ead99474be 
								
							
								 
							
						 
						
							
							
								
								fixed panels for client form  
							
							
							
						 
						
							2013-08-28 14:38:03 -04:00  
				
					
						
							
							
								 
						
							
							
								fb66af2071 
								
							
								 
							
						 
						
							
							
								
								added form editor and control for newly-registered clients  
							
							
							
						 
						
							2013-08-28 14:20:20 -04:00  
				
					
						
							
							
								 
						
							
							
								51973ea595 
								
							
								 
							
						 
						
							
							
								
								added dev page for self-service client registration  
							
							
							
						 
						
							2013-08-28 14:17:30 -04:00  
				
					
						
							
							
								 
						
							
							
								2108311d65 
								
							
								 
							
						 
						
							
							
								
								Revert "refactored code to use the more generic JWT declaration."  
							
							... 
							
							
							
							This reverts commit e0b56bc72a 
							
						 
						
							2013-08-26 15:33:08 -04:00  
				
					
						
							
							
								 
						
							
							
								e0b56bc72a 
								
							
								 
							
						 
						
							
							
								
								refactored code to use the more generic JWT declaration.  
							
							
							
						 
						
							2013-08-26 11:32:46 -04:00  
				
					
						
							
							
								 
						
							
							
								ca777f7dc4 
								
							
								 
							
						 
						
							
							
								
								proper null check for client's preferred signature method  
							
							
							
						 
						
							2013-08-20 16:45:45 -04:00  
				
					
						
							
							
								 
						
							
							
								07bec462cc 
								
							
								 
							
						 
						
							
							
								
								added comment about why we can't use set intersection method.  
							
							
							
						 
						
							2013-08-20 14:09:14 -04:00  
				
					
						
							
							
								 
						
							
							
								b89436d7b9 
								
							
								 
							
						 
						
							
							
								
								UserInfoView returning intersection of claims request parameter and request object claims in effect now.  
							
							
							
						 
						
							2013-08-20 08:55:56 -04:00  
				
					
						
							
							
								 
						
							
							
								bd3d2a5cee 
								
							
								 
							
						 
						
							
							
								
								created crypto tab  
							
							
							
						 
						
							2013-08-19 17:35:05 -04:00  
				
					
						
							
							
								 
						
							
							
								3f66d16236 
								
							
								 
							
						 
						
							
							
								
								removed NYI tag from ID token signing alg  
							
							
							
						 
						
							2013-08-19 17:31:13 -04:00  
				
					
						
							
							
								 
						
							
							
								48a9202f79 
								
							
								 
							
						 
						
							
							
								
								fixed jquery.on regex to be less aggressive  
							
							
							
						 
						
							2013-08-19 17:20:29 -04:00  
				
					
						
							
							
								 
						
							
							
								941e9544e2 
								
							
								 
							
						 
						
							
							
								
								Compare client_ids instead of Client objects  
							
							
							
						 
						
							2013-08-19 16:55:56 -04:00  
				
					
						
							
							
								 
						
							
							
								3eae6f2789 
								
							
								 
							
						 
						
							
							
								
								Changed client algorithm check to look for null instead of JWSAlgorithm.NONE, which is a valid value.  
							
							
							
						 
						
							2013-08-19 16:55:29 -04:00  
				
					
						
							
							
								 
						
							
							
								0059c7b4cc 
								
							
								 
							
						 
						
							
							
								
								Use clients preferred algorithm, if any, to sign  
							
							
							
						 
						
							2013-08-19 16:33:18 -04:00  
				
					
						
							
							
								 
						
							
							
								2fb138aa19 
								
							
								 
							
						 
						
							
							
								
								fixed jquery.on syntax bug, addresses  #346  
							
							
							
						 
						
							2013-08-19 16:07:34 -04:00  
				
					
						
							
							
								 
						
							
							
								8edc8cc69a 
								
							
								 
							
						 
						
							
							
								
								Disable unsupported JOSE algorithms in UI, addresses  #476  
							
							
							
						 
						
							2013-08-19 15:52:00 -04:00  
				
					
						
							
							
								 
						
							
							
								8c91861188 
								
							
								 
							
						 
						
							
							
								
								load server configuration into JS app  
							
							
							
						 
						
							2013-08-19 15:52:00 -04:00  
				
					
						
							
							
								 
						
							
							
								e40b1cf850 
								
							
								 
							
						 
						
							
							
								
								animated loading bar for management console  
							
							
							
						 
						
							2013-08-19 15:52:00 -04:00  
				
					
						
							
							
								 
						
							
							
								a80c19384f 
								
							
								 
							
						 
						
							
							
								
								added 'use server default' to JOSE options, addresses  #462  
							
							
							
						 
						
							2013-08-19 15:52:00 -04:00  
				
					
						
							
							
								 
						
							
							
								b54f33d0db 
								
							
								 
							
						 
						
							
							
								
								fixed json elements of "claims" and "userinfo" being processed out of order.  
							
							
							
						 
						
							2013-08-19 14:15:53 -04:00  
				
					
						
							
							
								 
						
							
							
								7b813c79ee 
								
							
								 
							
						 
						
							
							
								
								parsing "claims" parameter directly from userinfoendpoint requests.  
							
							
							
						 
						
							2013-08-19 13:32:34 -04:00  
				
					
						
							
							
								 
						
							
							
								1ffbb39a2b 
								
							
								 
							
						 
						
							
							
								
								refactored json parser to a private static field.  
							
							
							
						 
						
							2013-08-19 13:30:56 -04:00  
				
					
						
							
							
								 
						
							
							
								89056bd911 
								
							
								 
							
						 
						
							
							
								
								removed test-specific constructor and default constructor.  
							
							
							
						 
						
							2013-08-19 13:30:56 -04:00  
				
					
						
							
							
								 
						
							
							
								ba0c3c5d78 
								
							
								 
							
						 
						
							
							
								
								id tokens always expire, addresses  #416  
							
							
							
						 
						
							2013-08-19 12:42:37 -04:00  
				
					
						
							
							
								 
						
							
							
								7e51a361ba 
								
							
								 
							
						 
						
							
							
								
								changed to using relative em lengths instead of hard px length values for token timeout form elements.  
							
							
							
						 
						
							2013-08-15 16:19:47 -04:00  
				
					
						
							
							
								 
						
							
							
								c1ee5141a4 
								
							
								 
							
						 
						
							
							
								
								added back default timeouts and fixed refresh token check  
							
							
							
						 
						
							2013-08-15 15:50:36 -04:00  
				
					
						
							
							
								 
						
							
							
								00db39dab9 
								
							
								 
							
						 
						
							
							
								
								addresses issue  #471 . setting default timeout values in the backbone model to null.  
							
							
							
						 
						
							2013-08-15 15:29:16 -04:00  
				
					
						
							
							
								 
						
							
							
								1b674b6420 
								
							
								 
							
						 
						
							
							
								
								restored bootstrap to out-of-the-box formatting, addresses  #454  
							
							
							
						 
						
							2013-08-15 14:50:18 -04:00  
				
					
						
							
							
								 
						
							
							
								a6bb56ed9a 
								
							
								 
							
						 
						
							
							
								
								unit select box appropriately disabled after saving now.  
							
							
							
						 
						
							2013-08-15 14:03:25 -04:00  
				
					
						
							
							
								 
						
							
							
								86c6a0ea8b 
								
							
								 
							
						 
						
							
							
								
								clear token timeout form fields when disabled and also disable unit selector.  
							
							
							
						 
						
							2013-08-15 13:09:53 -04:00  
				
					
						
							
							
								 
						
							
							
								3f01ae1a71 
								
							
								 
							
						 
						
							
							
								
								renamed token expiration form field ids from -seconds to -time.  
							
							
							
						 
						
							2013-08-15 11:13:29 -04:00  
				
					
						
							
							
								 
						
							
							
								2242db5c11 
								
							
								 
							
						 
						
							
							
								
								shortened token timeout form fields.  
							
							
							
						 
						
							2013-08-15 11:13:29 -04:00  
				
					
						
							
							
								 
						
							
							
								6f8143937e 
								
							
								 
							
						 
						
							
							
								
								dropdown time unit chooser added for token expiration.  
							
							
							
						 
						
							2013-08-15 11:13:29 -04:00  
				
					
						
							
							
								 
						
							
							
								7ab53795b1 
								
							
								 
							
						 
						
							
							
								
								refactor js. getFormTokenValue() -> getFormTokenNumberValue().  
							
							
							
						 
						
							2013-08-15 11:13:29 -04:00  
				
					
						
							
							
								 
						
							
							
								7d51335055 
								
							
								 
							
						 
						
							
							
								
								added prompt=login support, addresses  #323  
							
							
							
						 
						
							2013-08-14 17:00:56 -04:00  
				
					
						
							
							
								 
						
							
							
								a0646452ab 
								
							
								 
							
						 
						
							
							
								
								test for max_age, force login if not fresh enough, addresses  #467  
							
							
							
						 
						
							2013-08-14 16:50:51 -04:00  
				
					
						
							
							
								 
						
							
							
								6c1e91b7e3 
								
							
								 
							
						 
						
							
							
								
								auth_time is now tracked, addresses  #288  
							
							
							
						 
						
							2013-08-14 15:39:41 -04:00  
				
					
						
							
							
								 
						
							
							
								e88c6c4943 
								
							
								 
							
						 
						
							
							
								
								Changed predicates methods to use Collections2.filter rather than Sets.filter  
							
							
							
						 
						
							2013-08-13 10:31:39 -04:00  
				
					
						
							
							
								 
						
							
							
								f1357cceb4 
								
							
								 
							
						 
						
							
							
								
								corrected output for badly-formatted timeout date.  
							
							
							
						 
						
							2013-08-12 16:20:42 -04:00  
				
					
						
							
							
								 
						
							
							
								025eb05d3a 
								
							
								 
							
						 
						
							
							
								
								added date format validity check for moment.js usage.  
							
							
							
						 
						
							2013-08-12 16:15:06 -04:00  
				
					
						
							
							
								 
						
							
							
								c1607b53e4 
								
							
								 
							
						 
						
							
							
								
								null-checking in date display for approved sites.  
							
							
							
						 
						
							2013-08-12 15:52:30 -04:00  
				
					
						
							
							
								 
						
							
							
								d67a492b6c 
								
							
								 
							
						 
						
							
							
								
								date display logic to use moment.js.  
							
							
							
						 
						
							2013-08-12 15:03:46 -04:00  
				
					
						
							
							
								 
						
							
							
								ba7e791985 
								
							
								 
							
						 
						
							
							
								
								initial moment time formatting commit.  
							
							
							
						 
						
							2013-08-12 12:15:47 -04:00  
				
					
						
							
							
								 
						
							
							
								a72ba6d98b 
								
							
								 
							
						 
						
							
							
								
								importing moment.js library.  
							
							
							
						 
						
							2013-08-12 11:23:43 -04:00  
				
					
						
							
							
								 
						
							
							
								6687e3a831 
								
							
								 
							
						 
						
							
							
								
								override createOAuth2Request method for factory iss  #465 .  
							
							
							
						 
						
							2013-08-09 13:03:46 -04:00  
				
					
						
							
							
								 
						
							
							
								ef4482249c 
								
							
								 
							
						 
						
							
							
								
								Dyn-reg endpoint now creates the registration access token from scratch instead of calling token services; token services no longer needs to check for RAT scope to avoid expiring RATs  
							
							
							
						 
						
							2013-08-09 11:49:11 -04:00  
				
					
						
							
							
								 
						
							
							
								15e512cec3 
								
							
								 
							
						 
						
							
							
								
								renamed JWSUtils -> IdTokenHashUtils, renamed internal variables  
							
							
							
						 
						
							2013-08-08 14:34:19 -04:00  
				
					
						
							
							
								 
						
							
							
								0f16bacc63 
								
							
								 
							
						 
						
							
							
								
								TestJWSUtils done.  
							
							
							
						 
						
							2013-08-08 14:10:35 -04:00  
				
					
						
							
							
								 
						
							
							
								2ba8ad71f1 
								
							
								 
							
						 
						
							
							
								
								updated hash tests.  
							
							
							
						 
						
							2013-08-08 14:10:35 -04:00  
				
					
						
							
							
								 
						
							
							
								cdd3a6d478 
								
							
								 
							
						 
						
							
							
								
								changed at_hash/c_hash impl. HMAC-SHA --> regular SHA.  
							
							
							
						 
						
							2013-08-08 14:10:35 -04:00  
				
					
						
							
							
								 
						
							
							
								fd611ce353 
								
							
								 
							
						 
						
							
							
								
								Had an unsaved file hanging around - formatting JSPs  
							
							
							
						 
						
							2013-08-08 14:03:59 -04:00  
				
					
						
							
							
								 
						
							
							
								a91f160e34 
								
							
								 
							
						 
						
							
							
								
								Fixed formatting in tag files  
							
							
							
						 
						
							2013-08-08 14:00:01 -04:00  
				
					
						
							
							
								 
						
							
							
								5beac9d50d 
								
							
								 
							
						 
						
							
							
								
								Fixed formatting in JSPs  
							
							
							
						 
						
							2013-08-08 13:18:14 -04:00  
				
					
						
							
							
								 
						
							
							
								2d4d7f7be9 
								
							
								 
							
						 
						
							
							
								
								Had to hand-merge some things; git got confused  
							
							
							
						 
						
							2013-08-07 10:59:55 -04:00  
				
					
						
							
							
								 
						
							
							
								861beeba64 
								
							
								 
							
						 
						
							
							
								
								Added c_hash function, added stub of unit test for JWSUtils  
							
							
							
						 
						
							2013-08-07 10:43:26 -04:00  
				
					
						
							
							
								 
						
							
							
								37580cc21e 
								
							
								 
							
						 
						
							
							
								
								JWSUtils uses JWSAlgorithm to match bit length; ConnectTokenEnhancer calls the util method now  
							
							
							
						 
						
							2013-08-07 10:41:53 -04:00  
				
					
						
							
							
								 
						
							
							
								3a591dc1f4 
								
							
								 
							
						 
						
							
							
								
								Added JWSUtils class;  
							
							
							
						 
						
							2013-08-07 10:38:28 -04:00  
				
					
						
							
							
								 
						
							
							
								be97aedbc7 
								
							
								 
							
						 
						
							
							
								
								Used Predicates to filter expired tokens and approved sites;  
							
							
							
						 
						
							2013-08-06 16:42:49 -04:00  
				
					
						
							
							
								 
						
							
							
								b3bb43881d 
								
							
								 
							
						 
						
							
							
								
								Moved getExpired to service layers  
							
							
							
						 
						
							2013-08-06 16:33:27 -04:00  
				
					
						
							
							
								 
						
							
							
								eea37cf79c 
								
							
								 
							
						 
						
							
							
								
								Fixed token expiration bug by removing jsql queries. Instead expired tokens or approved sites are filtered at the repository level  
							
							
							
						 
						
							2013-08-06 11:28:13 -04:00  
				
					
						
							
							
								 
						
							
							
								ce4ab6a766 
								
							
								 
							
						 
						
							
							
								
								Updated spring version to 3.2.3; added a 10-minute initial delay to the scheduled tasks in task-config.xml  
							
							
							
						 
						
							2013-08-05 16:31:56 -04:00  
				
					
						
							
							
								 
						
							
							
								265214511c 
								
							
								 
							
						 
						
							
							
								
								Renamed oAuth2RequestFactory  
							
							
							
						 
						
							2013-08-05 14:04:48 -04:00  
				
					
						
							
							
								 
						
							
							
								a4c1a7a37d 
								
							
								 
							
						 
						
							
							
								
								Issue 449  
							
							
							
						 
						
							2013-08-02 11:20:47 -04:00  
				
					
						
							
							
								 
						
							
							
								9dda789488 
								
							
								 
							
						 
						
							
							
								
								Updated database tables  
							
							
							
						 
						
							2013-08-02 11:16:11 -04:00  
				
					
						
							
							
								 
						
							
							
								2f711c88a7 
								
							
								 
							
						 
						
							
							
								
								Removed nonce service  
							
							
							
						 
						
							2013-08-02 10:56:28 -04:00  
				
					
						
							
							
								 
						
							
							
								d4fbb4f599 
								
							
								 
							
						 
						
							
							
								
								Removed Event class  
							
							
							
						 
						
							2013-08-02 10:06:41 -04:00  
				
					
						
							
							
								 
						
							
							
								88863f4910 
								
							
								 
							
						 
						
							
							
								
								replaced mock TokenRequest and the storedAuth test field with concrete objects. test should pass now.  
							
							
							
						 
						
							2013-07-30 11:42:11 -04:00  
				
					
						
							
							
								 
						
							
							
								1392faa83c 
								
							
								 
							
						 
						
							
							
								
								replaced mock client auth with concrete OAuth2Request object  
							
							
							
						 
						
							2013-07-30 11:42:11 -04:00  
				
					
						
							
							
								 
						
							
							
								ad2ace6d74 
								
							
								 
							
						 
						
							
							
								
								Do not expire registration tokens  
							
							
							
						 
						
							2013-07-30 11:33:15 -04:00  
				
					
						
							
							
								 
						
							
							
								beaeaa4ccc 
								
							
								 
							
						 
						
							
							
								
								I can spell "consortium", I promise  
							
							
							
						 
						
							2013-07-29 17:40:26 -04:00  
				
					
						
							
							
								 
						
							
							
								b2b6fd6448 
								
							
								 
							
						 
						
							
							
								
								further cleanup  
							
							
							
						 
						
							2013-07-29 17:00:35 -04:00  
				
					
						
							
							
								 
						
							
							
								856c0ea0b5 
								
							
								 
							
						 
						
							
							
								
								Merge commit '023dd440d4a0e6e59a14c88013837d79a77c74e0' into 1.1-merge  
							
							... 
							
							
							
							Conflicts:
	openid-connect-client/pom.xml
	openid-connect-client/src/main/java/org/mitre/oauth2/introspectingfilter/AuthorizationRequestImpl.java
	openid-connect-client/src/main/java/org/mitre/oauth2/introspectingfilter/IntrospectingTokenService.java
	openid-connect-client/src/main/java/org/mitre/oauth2/introspectingfilter/IntrospectionAuthorityGranter.java
	openid-connect-client/src/main/java/org/mitre/oauth2/introspectingfilter/IntrospectionUrlProvider.java
	openid-connect-client/src/main/java/org/mitre/openid/connect/client/OIDCAuthenticationFilter.java
	openid-connect-client/src/main/java/org/mitre/openid/connect/client/OIDCAuthenticationProvider.java
	openid-connect-client/src/main/java/org/mitre/openid/connect/client/keypublisher/ClientKeyPublisher.java
	openid-connect-client/src/main/java/org/mitre/openid/connect/client/keypublisher/ClientKeyPublisherMapping.java
	openid-connect-client/src/main/java/org/mitre/openid/connect/client/keypublisher/JwkViewResolver.java
	openid-connect-client/src/main/java/org/mitre/openid/connect/client/service/AuthRequestUrlBuilder.java
	openid-connect-client/src/main/java/org/mitre/openid/connect/client/service/ClientConfigurationService.java
	openid-connect-client/src/main/java/org/mitre/openid/connect/client/service/impl/StaticClientConfigurationService.java
	openid-connect-client/src/main/java/org/mitre/openid/connect/client/service/impl/StaticServerConfigurationService.java
	openid-connect-client/src/main/java/org/mitre/openid/connect/client/service/impl/StaticSingleIssuerService.java
	openid-connect-client/src/main/java/org/mitre/openid/connect/client/service/impl/ThirdPartyIssuerService.java
	openid-connect-client/src/test/java/org/mitre/openid/connect/client/AbstractOIDCAuthenticationFilterTest.java
	openid-connect-common/pom.xml
	openid-connect-common/src/main/java/org/mitre/jose/keystore/JWKSetKeyStore.java
	openid-connect-common/src/main/java/org/mitre/jwt/signer/service/JwtSigningAndValidationService.java
	openid-connect-common/src/main/java/org/mitre/jwt/signer/service/impl/DefaultJwtSigningAndValidationService.java
	openid-connect-common/src/main/java/org/mitre/jwt/signer/service/impl/JWKSetSigningAndValidationServiceCacheService.java
	openid-connect-common/src/main/java/org/mitre/oauth2/model/AuthorizationCodeEntity.java
	openid-connect-common/src/main/java/org/mitre/oauth2/model/ClientDetailsEntity.java
	openid-connect-common/src/main/java/org/mitre/oauth2/model/OAuth2AccessTokenEntity.java
	openid-connect-common/src/main/java/org/mitre/oauth2/model/OAuth2RefreshTokenEntity.java
	openid-connect-common/src/main/java/org/mitre/oauth2/model/SystemScope.java
	openid-connect-common/src/main/java/org/mitre/oauth2/repository/AuthorizationCodeRepository.java
	openid-connect-common/src/main/java/org/mitre/oauth2/repository/OAuth2TokenRepository.java
	openid-connect-common/src/main/java/org/mitre/oauth2/service/OAuth2TokenEntityService.java
	openid-connect-common/src/main/java/org/mitre/openid/connect/config/ConfigurationPropertiesBean.java
	openid-connect-common/src/main/java/org/mitre/openid/connect/config/ServerConfiguration.java
	openid-connect-common/src/main/java/org/mitre/openid/connect/model/ApprovedSite.java
	openid-connect-common/src/main/java/org/mitre/openid/connect/model/BlacklistedSite.java
	openid-connect-common/src/main/java/org/mitre/openid/connect/model/Event.java
	openid-connect-common/src/main/java/org/mitre/openid/connect/model/OIDCAuthenticationToken.java
	openid-connect-common/src/main/java/org/mitre/openid/connect/model/WhitelistedSite.java
	openid-connect-common/src/main/java/org/mitre/util/jpa/JpaUtil.java
	openid-connect-server/.gitignore
	openid-connect-server/pom.xml
	openid-connect-server/src/main/java/org/mitre/oauth2/repository/impl/JpaAuthorizationCodeRepository.java
	openid-connect-server/src/main/java/org/mitre/oauth2/service/impl/DefaultOAuth2AuthorizationCodeService.java
	openid-connect-server/src/main/java/org/mitre/oauth2/service/impl/DefaultOAuth2ClientDetailsEntityService.java
	openid-connect-server/src/main/java/org/mitre/oauth2/service/impl/DefaultOAuth2ProviderTokenService.java
	openid-connect-server/src/main/java/org/mitre/oauth2/service/impl/DefaultSystemScopeService.java
	openid-connect-server/src/main/java/org/mitre/oauth2/token/ChainedTokenGranter.java
	openid-connect-server/src/main/java/org/mitre/oauth2/token/JwtAssertionTokenGranter.java
	openid-connect-server/src/main/java/org/mitre/oauth2/view/TokenIntrospectionView.java
	openid-connect-server/src/main/java/org/mitre/oauth2/web/IntrospectionEndpoint.java
	openid-connect-server/src/main/java/org/mitre/oauth2/web/OAuthConfirmationController.java
	openid-connect-server/src/main/java/org/mitre/oauth2/web/RevocationEndpoint.java
	openid-connect-server/src/main/java/org/mitre/openid/connect/ConnectOAuth2RequestFactory.java
	openid-connect-server/src/main/java/org/mitre/openid/connect/assertion/JwtBearerAuthenticationProvider.java
	openid-connect-server/src/main/java/org/mitre/openid/connect/assertion/JwtBearerClientAssertionTokenEndpointFilter.java
	openid-connect-server/src/main/java/org/mitre/openid/connect/exception/InvalidJwtSignatureException.java
	openid-connect-server/src/main/java/org/mitre/openid/connect/exception/UnknownUserInfoSchemaException.java
	openid-connect-server/src/main/java/org/mitre/openid/connect/exception/UserNotFoundException.java
	openid-connect-server/src/main/java/org/mitre/openid/connect/repository/impl/JpaApprovedSiteRepository.java
	openid-connect-server/src/main/java/org/mitre/openid/connect/repository/impl/JpaUserInfoRepository.java
	openid-connect-server/src/main/java/org/mitre/openid/connect/service/impl/DefaultApprovedSiteService.java
	openid-connect-server/src/main/java/org/mitre/openid/connect/service/impl/DefaultNonceService.java
	openid-connect-server/src/main/java/org/mitre/openid/connect/service/impl/DefaultStatsService.java
	openid-connect-server/src/main/java/org/mitre/openid/connect/service/impl/DefaultUserInfoUserDetailsService.java
	openid-connect-server/src/main/java/org/mitre/openid/connect/service/impl/DefaultWhitelistedSiteService.java
	openid-connect-server/src/main/java/org/mitre/openid/connect/token/ConnectTokenEnhancer.java
	openid-connect-server/src/main/java/org/mitre/openid/connect/token/TofuUserApprovalHandler.java
	openid-connect-server/src/main/java/org/mitre/openid/connect/view/AbstractClientEntityView.java
	openid-connect-server/src/main/java/org/mitre/openid/connect/view/ClientInformationResponseView.java
	openid-connect-server/src/main/java/org/mitre/openid/connect/view/ExceptionAsJSONView.java
	openid-connect-server/src/main/java/org/mitre/openid/connect/view/JsonEntityView.java
	openid-connect-server/src/main/java/org/mitre/openid/connect/view/JsonErrorView.java
	openid-connect-server/src/main/java/org/mitre/openid/connect/view/POCOUserInfoView.java
	openid-connect-server/src/main/java/org/mitre/openid/connect/view/StatsSummary.java
	openid-connect-server/src/main/java/org/mitre/openid/connect/view/UserInfoView.java
	openid-connect-server/src/main/java/org/mitre/openid/connect/web/ApprovedSiteAPI.java
	openid-connect-server/src/main/java/org/mitre/openid/connect/web/BlacklistAPI.java
	openid-connect-server/src/main/java/org/mitre/openid/connect/web/ClientAPI.java
	openid-connect-server/src/main/java/org/mitre/openid/connect/web/ClientDynamicRegistrationEndpoint.java
	openid-connect-server/src/main/java/org/mitre/openid/connect/web/ManagerController.java
	openid-connect-server/src/main/java/org/mitre/openid/connect/web/RequestObjectAuthorizationEndpoint.java
	openid-connect-server/src/main/java/org/mitre/openid/connect/web/StatsAPI.java
	openid-connect-server/src/main/java/org/mitre/openid/connect/web/UserInfoEndpoint.java
	openid-connect-server/src/main/java/org/mitre/openid/connect/web/UserInfoInterceptor.java
	openid-connect-server/src/main/java/org/mitre/openid/connect/web/WhitelistAPI.java
	openid-connect-server/src/main/webapp/WEB-INF/tags/aboutContent.tag
	openid-connect-server/src/main/webapp/WEB-INF/tags/breadcrumbs.tag
	openid-connect-server/src/main/webapp/WEB-INF/tags/contactContent.tag
	openid-connect-server/src/main/webapp/WEB-INF/tags/copyright.tag
	openid-connect-server/src/main/webapp/WEB-INF/tags/header.tag
	openid-connect-server/src/main/webapp/WEB-INF/tags/landingPageAbout.tag
	openid-connect-server/src/main/webapp/WEB-INF/tags/landingPageContact.tag
	openid-connect-server/src/main/webapp/WEB-INF/tags/landingPageStats.tag
	openid-connect-server/src/main/webapp/WEB-INF/tags/landingPageWelcome.tag
	openid-connect-server/src/main/webapp/WEB-INF/tags/sidebar.tag
	openid-connect-server/src/main/webapp/WEB-INF/tags/statsContent.tag
	openid-connect-server/src/main/webapp/WEB-INF/tags/topbar.tag
	openid-connect-server/src/main/webapp/WEB-INF/views/about.jsp
	openid-connect-server/src/main/webapp/WEB-INF/views/approve.jsp
	openid-connect-server/src/main/webapp/WEB-INF/views/contact.jsp
	openid-connect-server/src/main/webapp/WEB-INF/views/exception/usernotfound.jsp
	openid-connect-server/src/main/webapp/WEB-INF/views/login.jsp
	openid-connect-server/src/main/webapp/WEB-INF/views/manage.jsp
	openid-connect-server/src/main/webapp/WEB-INF/views/stats.jsp
	pom.xml 
							
						 
						
							2013-07-29 16:21:20 -04:00