Clone Tools
  • last updated 14 mins ago
Constraints
Constraints: committers
 
Constraints: files
Constraints: dates
cleanup after CXF upgrade

  1. … 4 more files in changeset.
Remove commons-lang3

  1. … 14 more files in changeset.
Porting CXF JWK changes

    • -0
    • +165
    ./FedizOidcKeysService.java
  1. … 5 more files in changeset.
Porting CXF JWK changes

    • -0
    • +165
    ./FedizOidcKeysService.java
  1. … 5 more files in changeset.
Porting Token Revocation changes to Fediz

  1. … 1 more file in changeset.
Porting Token Revocation changes to Fediz

  1. … 1 more file in changeset.
Picking up some changes from the recent CXF releases

    • -0
    • +95
    ./FedizAccessTokenService.java
    • -0
    • +95
    ./FedizTokenRevocationService.java
  1. … 3 more files in changeset.
Switch to using 32 bytes for CSRF

Update CXF to 3.3.3; update maven-jar-plugin

  1. … 2 more files in changeset.
Removing hard-coded password

  1. … 3 more files in changeset.
Removing hard-coded password

  1. … 3 more files in changeset.
Update maven-checkstyle-plugin and maven-pmd-plugin

  1. … 94 more files in changeset.
Switch to StringEscapeUtils from commons-text

    • -1
    • +1
    ./clients/ClientRegistrationService.java
    • -2
    • +1
    ./logout/LogoutRedirectConstraintHandler.java
  1. … 9 more files in changeset.
Upgrade CXF to 3.3.x

  1. … 8 more files in changeset.
Fixed some NPEs in the Fediz OIDC client registration console.

    • -0
    • +12
    ./clients/ClientRegistrationService.java
Fixed some NPEs in the Fediz OIDC client registration console.

    • -0
    • +12
    ./clients/ClientRegistrationService.java
Upgrading PMD + Errorprone

    • -1
    • +1
    ./clients/ClientRegistrationService.java
  1. … 4 more files in changeset.
FEDIZ-234 - Escape logging output in LoginHintHomeRealmDiscovery

    • -3
    • +4
    ./handler/hrd/LoginHintHomeRealmDiscovery.java
  1. … 2 more files in changeset.
FEDIZ-234 - Escape logging output in LoginHintHomeRealmDiscovery

    • -3
    • +4
    ./handler/hrd/LoginHintHomeRealmDiscovery.java
  1. … 2 more files in changeset.
More diamond operator cleanup

    • -2
    • +2
    ./clients/ClientRegistrationService.java
  1. … 2 more files in changeset.
Diamond operator cleanup

    • -1
    • +1
    ./clients/ClientRegistrationService.java
Removing some redundant type declarations

    • -4
    • +4
    ./clients/ClientRegistrationService.java
    • -1
    • +1
    ./logout/BackChannelLogoutHandler.java
  1. … 3 more files in changeset.
FEDIZ-228 - Add the "jti" claim in FedizSubjectCreator

FEDIZ-228 - Add the "jti" claim in FedizSubjectCreator

Use "L" when defining a long constant

Use "L" when defining a long constant

FEDIZ-212: fix logout when no httpSession present

* FEDIZ-212: fix logout when no httpSession present

Add allowAnonymousLogout attribute.

When this attribute is explicitly set to true, if a non-logged-in user

tries to logout, logout process continues without raising a OAuthServiceException.

Otherwise, it works as before : OIDC throws a OAuthServiceException if a non

logged-in user tries to logout.

FEDIZ-212: fix logout when no httpSession present

* FEDIZ-212: fix logout when no httpSession present

Add allowAnonymousLogout attribute.

When this attribute is explicitly set to true, if a non-logged-in user

tries to logout, logout process continues without raising a OAuthServiceException.

Otherwise, it works as before : OIDC throws a OAuthServiceException if a non

logged-in user tries to logout.

id_token exp should be computed at creation time

id_token expiry claim is now computed at id_token generation time.

It was previously computed from SAML token expiry.

Since SAML token is generated once per OIDC httpSession

and can be reused for generating multiple id_token, it introduced

some issues where the id_token is generated with an already expired claim.

We now compute the exp claim as :

* use timeToLive attribute of FedizSubjectCreator if it is strictly positive.

* use maxInactiveInterval from httpSession if it is strictly positive.

* otherwise use the default of 1 hour.

id_token exp should be computed at creation time

id_token expiry claim is now computed at id_token generation time.

It was previously computed from SAML token expiry.

Since SAML token is generated once per OIDC httpSession

and can be reused for generating multiple id_token, it introduced

some issues where the id_token is generated with an already expired claim.

We now compute the exp claim as :

* use timeToLive attribute of FedizSubjectCreator if it is strictly positive.

* use maxInactiveInterval from httpSession if it is strictly positive.

* otherwise use the default of 1 hour.