cxf-fediz.git
5 years ago[maven-release-plugin] prepare release fediz-1.4.0 fediz-1.4.0
Colm O hEigeartaigh [Tue, 25 Apr 2017 11:32:39 +0000 (12:32 +0100)] 
[maven-release-plugin] prepare release fediz-1.4.0

5 years agoMoving webapps before custom
Colm O hEigeartaigh [Tue, 25 Apr 2017 11:18:53 +0000 (12:18 +0100)] 
Moving webapps before custom

5 years agoUpdating release notes for 1.4.0
Colm O hEigeartaigh [Tue, 25 Apr 2017 09:40:45 +0000 (10:40 +0100)] 
Updating release notes for 1.4.0

5 years agoRemoving FileInputStream
Colm O hEigeartaigh [Mon, 24 Apr 2017 11:23:23 +0000 (12:23 +0100)] 
Removing FileInputStream

5 years agoAdding release notes for 1.3.2 + 1.2.4
Colm O hEigeartaigh [Fri, 21 Apr 2017 10:00:00 +0000 (11:00 +0100)] 
Adding release notes for 1.3.2 + 1.2.4

5 years agoDistinguishing between unauthorized and forbidden statuses
Sergey Beryozkin [Wed, 19 Apr 2017 12:32:23 +0000 (13:32 +0100)] 
Distinguishing between unauthorized and forbidden statuses

5 years agoEnforcing the user working with the clientregservice is authenticated and is optional...
Sergey Beryozkin [Wed, 19 Apr 2017 12:28:48 +0000 (13:28 +0100)] 
Enforcing the user working with the clientregservice is authenticated and is optionally in a specific role

5 years agoInjecting MessageContext instead following feedback from Sergey
Colm O hEigeartaigh [Wed, 19 Apr 2017 10:46:02 +0000 (11:46 +0100)] 
Injecting MessageContext instead following feedback from Sergey

5 years agoAdding CSRF support to the OIDC client reg webapp
Colm O hEigeartaigh [Tue, 18 Apr 2017 16:22:27 +0000 (17:22 +0100)] 
Adding CSRF support to the OIDC client reg webapp

5 years agoAdding test to verify that a user can't see the clients registered by another user
Colm O hEigeartaigh [Tue, 18 Apr 2017 12:08:18 +0000 (13:08 +0100)] 
Adding test to verify that a user can't see the clients registered by another user

5 years agoAdding spring3 plugin + tests back in
Colm O hEigeartaigh [Thu, 13 Apr 2017 15:49:06 +0000 (16:49 +0100)] 
Adding spring3 plugin + tests back in

5 years agoFixing tests
Colm O hEigeartaigh [Thu, 13 Apr 2017 12:43:07 +0000 (13:43 +0100)] 
Fixing tests

5 years agoFEDIZ-200 - Make one of logoutEndpoint or logoutEndpointConstraint mandatory in the IDP
Colm O hEigeartaigh [Thu, 13 Apr 2017 12:01:12 +0000 (13:01 +0100)] 
FEDIZ-200 - Make one of logoutEndpoint or logoutEndpointConstraint mandatory in the IDP

5 years agoAdding logout tests
Colm O hEigeartaigh [Wed, 12 Apr 2017 16:42:24 +0000 (17:42 +0100)] 
Adding logout tests

5 years agoInitialize BeanCreationException with causing exception, else the real cause is easy...
Andreas Vallen [Fri, 15 May 2015 10:38:34 +0000 (12:38 +0200)] 
Initialize BeanCreationException with causing exception, else the real cause is easy to miss. This closes #7.

not passing the root cause here will cause this exception to be displayed many many times _without_
the real root case, instead suggesting that a malformed resource URL might be the culprit when instead
it is e.g. a non-validating fediz_config.xml XML file.
(cherry picked from commit 41a3674)

Signed-off-by: Colm O hEigeartaigh <coheigea@apache.org>
5 years agoThis closes #18
Colm O hEigeartaigh [Wed, 12 Apr 2017 11:14:43 +0000 (12:14 +0100)] 
This closes #18

5 years agoOIDC Logout URI should accept multiple Urls
gonzalad [Wed, 12 Apr 2017 08:15:40 +0000 (10:15 +0200)] 
OIDC Logout URI should accept multiple Urls

Logout URI should accept multiple URLs separated
with a space.

Signed-off-by: Colm O hEigeartaigh <coheigea@apache.org>
5 years ago1.1.x-fixes is no longer maintained. This closes #3.
Colm O hEigeartaigh [Wed, 12 Apr 2017 11:13:10 +0000 (12:13 +0100)] 
1.1.x-fixes is no longer maintained. This closes #3.

5 years agoThis PR only applies to 1.1.x-fixes and not any later branch. This closes #1.
Colm O hEigeartaigh [Wed, 12 Apr 2017 11:10:24 +0000 (12:10 +0100)] 
This PR only applies to 1.1.x-fixes and not any later branch. This closes #1.

5 years agoCheckstyle fix
Colm O hEigeartaigh [Wed, 12 Apr 2017 10:09:49 +0000 (11:09 +0100)] 
Checkstyle fix

5 years agoCode cleanup
Colm O hEigeartaigh [Wed, 12 Apr 2017 10:07:44 +0000 (11:07 +0100)] 
Code cleanup

5 years agoAdding back isAnonymous which is required for form authentication
Colm O hEigeartaigh [Wed, 12 Apr 2017 09:50:49 +0000 (10:50 +0100)] 
Adding back isAnonymous which is required for form authentication

5 years agoFixing failing tests
Colm O hEigeartaigh [Tue, 11 Apr 2017 17:23:51 +0000 (18:23 +0100)] 
Fixing failing tests

5 years agoCheckstyle fix
Colm O hEigeartaigh [Tue, 11 Apr 2017 16:11:53 +0000 (17:11 +0100)] 
Checkstyle fix

5 years agoAllow to specify an additional TLD for the CommonsURLValidator in the IdP
Colm O hEigeartaigh [Tue, 11 Apr 2017 16:09:03 +0000 (17:09 +0100)] 
Allow to specify an additional TLD for the CommonsURLValidator in the IdP

5 years agoEnable secure cookies by default
Colm O hEigeartaigh [Tue, 11 Apr 2017 15:51:58 +0000 (16:51 +0100)] 
Enable secure cookies by default

5 years agoRemove isAnonymous apart from for the Metadata
Colm O hEigeartaigh [Tue, 11 Apr 2017 15:01:44 +0000 (16:01 +0100)] 
Remove isAnonymous apart from for the Metadata

5 years agoFEDIZ-199 - Update the Spring plugin to spring security 4
Colm O hEigeartaigh [Tue, 11 Apr 2017 14:26:00 +0000 (15:26 +0100)] 
FEDIZ-199 - Update the Spring plugin to spring security 4

5 years agoUpdating CXF
Colm O hEigeartaigh [Mon, 10 Apr 2017 17:08:37 +0000 (18:08 +0100)] 
Updating CXF

5 years agoAdding more REST tests
Colm O hEigeartaigh [Mon, 10 Apr 2017 15:18:01 +0000 (16:18 +0100)] 
Adding more REST tests

5 years agoNPE guard
Colm O hEigeartaigh [Mon, 10 Apr 2017 13:40:12 +0000 (14:40 +0100)] 
NPE guard

5 years agoThis closes #17
Colm O hEigeartaigh [Mon, 10 Apr 2017 08:12:03 +0000 (09:12 +0100)] 
This closes #17

5 years agoOIDC revoke token invalid post URL
gonzalad [Sun, 9 Apr 2017 20:25:54 +0000 (22:25 +0200)] 
OIDC revoke token invalid post URL

Revoke token form were posted to a fixed
context-path (fediz-oidc)

Signed-off-by: Colm O hEigeartaigh <coheigea@apache.org>
5 years agoReturn 500 from the IdP if the STS URL is configured incorrectly instead of the defau...
Colm O hEigeartaigh [Fri, 7 Apr 2017 17:23:51 +0000 (18:23 +0100)] 
Return 500 from the IdP if the STS URL is configured incorrectly instead of the default 401

5 years agoNPE guard
Colm O hEigeartaigh [Fri, 7 Apr 2017 12:04:12 +0000 (13:04 +0100)] 
NPE guard

5 years agoOIDC logout should use post_logout_redirect_uris, patch from Adrian Gonzalez applied...
Sergey Beryozkin [Wed, 5 Apr 2017 11:59:46 +0000 (12:59 +0100)] 
OIDC logout should use post_logout_redirect_uris, patch from Adrian Gonzalez applied, This closes #16

5 years agoUpdating WSS4J
Colm O hEigeartaigh [Mon, 3 Apr 2017 13:11:15 +0000 (14:11 +0100)] 
Updating WSS4J

5 years agoFEDIZ-197: Use local Port to call STS.
gonzalad [Wed, 29 Mar 2017 11:39:03 +0000 (13:39 +0200)] 
FEDIZ-197: Use local Port to call STS.

This closes #15

STSAuthenticationProvider now handles
local port (:0) on wsdlLocation.
If such a port is used for wsdlLocation,
STSAuthenticationProvider will use the localServer port
to retrieve the wsdl.

Note: org.springframework.web.filter.RequestContextFilter needs
to be set for this to work.

Signed-off-by: Colm O hEigeartaigh <coheigea@apache.org>
5 years agoFEDIZ-197: wsdlLocation shouldn't be changed
gonzalad [Wed, 29 Mar 2017 07:15:10 +0000 (09:15 +0200)] 
FEDIZ-197: wsdlLocation shouldn't be changed

We should change wsdlLocation to use localPort
only if port 0 has been explicitly set.

Otherwise, we should use wsdlLocation as is.

Signed-off-by: Colm O hEigeartaigh <coheigea@apache.org>
5 years agoFEDIZ-196 - Add support for Apache Tomcat 8.5.x
Colm O hEigeartaigh [Mon, 27 Mar 2017 16:07:46 +0000 (17:07 +0100)] 
FEDIZ-196 - Add support for Apache Tomcat 8.5.x

5 years agoThis closes #14
Colm O hEigeartaigh [Fri, 24 Mar 2017 15:25:49 +0000 (15:25 +0000)] 
This closes #14

5 years agoFEDIZ-195: propagate URI fragment on auth
gonzalad [Thu, 23 Mar 2017 17:58:39 +0000 (18:58 +0100)] 
FEDIZ-195: propagate URI fragment on auth

Updated OIDC and IDP JSP pages to propagate
URI fragment on form POST.

Signed-off-by: Colm O hEigeartaigh <coheigea@apache.org>
5 years agoUpdating to WSS4J SNAPSHOT to keep things consistent with CXF SNAPSHOT
Colm O hEigeartaigh [Wed, 22 Mar 2017 11:33:10 +0000 (09:03 -0230)] 
Updating to WSS4J SNAPSHOT to keep things consistent with CXF SNAPSHOT

5 years ago[FEDIZ-174] Fixing NPE when restarting Fediz OIDC after using dynamic registration...
Sergey Beryozkin [Fri, 10 Mar 2017 13:22:42 +0000 (13:22 +0000)] 
[FEDIZ-174] Fixing NPE when restarting Fediz OIDC after using dynamic registration, patch from Adrian Gonzalez applied, This closes #13

5 years agoRemoving some HashMap parameters
Colm O hEigeartaigh [Thu, 9 Mar 2017 10:34:26 +0000 (10:34 +0000)] 
Removing some HashMap parameters

5 years agoFEDIZ-193 - Add a way to support additional top level domains when registering OIDC...
Colm O hEigeartaigh [Tue, 7 Mar 2017 17:17:32 +0000 (17:17 +0000)] 
FEDIZ-193 - Add a way to support additional top level domains when registering OIDC clients

5 years agoUpdating Commons Validator
Colm O hEigeartaigh [Mon, 6 Mar 2017 16:43:14 +0000 (16:43 +0000)] 
Updating Commons Validator

5 years agoAnother minor update to the Fediz provider
Sergey Beryozkin [Tue, 7 Mar 2017 17:17:35 +0000 (17:17 +0000)] 
Another minor update to the Fediz provider

5 years agoMinor update to the Fediz OIDC data provider
Sergey Beryozkin [Tue, 7 Mar 2017 17:05:47 +0000 (17:05 +0000)] 
Minor update to the Fediz OIDC data provider

5 years agoSimplifying the fediz oidc provider client cred code as it is done at the abstract...
Sergey Beryozkin [Tue, 7 Mar 2017 14:13:02 +0000 (14:13 +0000)] 
Simplifying the fediz oidc provider client cred code as it is done at the abstract level now

5 years agoUsing OAuthUtils to inject MessageContext
Sergey Beryozkin [Fri, 3 Mar 2017 11:19:15 +0000 (11:19 +0000)] 
Using OAuthUtils to inject MessageContext

5 years agoUpdating Fediz Master to CXF 3.1.11-SNAPSHOT
Sergey Beryozkin [Fri, 3 Mar 2017 11:09:10 +0000 (11:09 +0000)] 
Updating Fediz Master to CXF 3.1.11-SNAPSHOT

5 years agoAdding the missing resources
Sergey Beryozkin [Fri, 3 Mar 2017 10:27:13 +0000 (10:27 +0000)] 
Adding the missing resources

5 years agoIntroducing ProviderAuthenticationStrategy to make it easier to encapsulate alternati...
Sergey Beryozkin [Thu, 2 Mar 2017 22:03:34 +0000 (22:03 +0000)] 
Introducing ProviderAuthenticationStrategy to make it easier to encapsulate alternative approaches for authenticating at the provider level

5 years agoSome logging fixes
Colm O hEigeartaigh [Thu, 2 Mar 2017 11:18:02 +0000 (11:18 +0000)] 
Some logging fixes

5 years agoThis closes #12
Colm O hEigeartaigh [Tue, 28 Feb 2017 18:11:05 +0000 (18:11 +0000)] 
This closes #12

5 years agoFEDIZ-192 - customSTSParameter propagation
gonzalad [Tue, 28 Feb 2017 16:44:15 +0000 (17:44 +0100)] 
FEDIZ-192 - customSTSParameter propagation

Add feedback from review

Signed-off-by: Colm O hEigeartaigh <coheigea@apache.org>
5 years agoFEDIZ-192 - customSTSParameter propagation
gonzalad [Tue, 28 Feb 2017 12:20:16 +0000 (13:20 +0100)] 
FEDIZ-192 - customSTSParameter propagation

This fix enables propagating the customSTSParameter
SAML parameter to the Validator class.

The issue was caused by Spring Security which redirects
the user to a /login page (without the original parameters)

To handle this case, we :
 * get the custom parameter from HTTP parameters
   (as previously).
 * if not found we lookup in the Spring Security
   savedRequest (aka requestCache).

Signed-off-by: Colm O hEigeartaigh <coheigea@apache.org>
5 years agomaking sure the state param if available gets added to the logout URI
Sergey Beryozkin [Mon, 27 Feb 2017 21:26:06 +0000 (21:26 +0000)] 
making sure the state param if available gets added to the logout URI

5 years agoNaming OIDC Client logout property as required by the OIDC RP-initiated logout text
Sergey Beryozkin [Mon, 27 Feb 2017 16:06:28 +0000 (16:06 +0000)] 
Naming OIDC Client logout property as required by the OIDC RP-initiated logout text

5 years agoUsing a base URI to resolve IdToken issuer values which start from a forward slash
Sergey Beryozkin [Tue, 21 Feb 2017 15:18:48 +0000 (15:18 +0000)] 
Using a base URI to resolve IdToken issuer values which start from a forward slash

5 years agoAdd support for a config option to automatically redirect to the RP after logout
Colm O hEigeartaigh [Mon, 20 Feb 2017 17:11:27 +0000 (17:11 +0000)] 
Add support for a config option to automatically redirect to the RP after logout

5 years agoNPE fix
Colm O hEigeartaigh [Mon, 20 Feb 2017 17:11:12 +0000 (17:11 +0000)] 
NPE fix

5 years agoMinor tidy-up
Colm O hEigeartaigh [Thu, 16 Feb 2017 10:27:22 +0000 (10:27 +0000)] 
Minor tidy-up

5 years agoFEDIZ-191 - The HomeRealmReminder cookie is not deleted after logout in the IdP
Colm O hEigeartaigh [Wed, 15 Feb 2017 17:08:13 +0000 (17:08 +0000)] 
FEDIZ-191 - The HomeRealmReminder cookie is not deleted after logout in the IdP

5 years agoRemoving WEB-INF stuff from idp-core
Colm O hEigeartaigh [Wed, 15 Feb 2017 16:30:29 +0000 (16:30 +0000)] 
Removing WEB-INF stuff from idp-core

5 years agoAllow redirection to the IdP for Logout
Colm O hEigeartaigh [Wed, 15 Feb 2017 15:49:01 +0000 (15:49 +0000)] 
Allow redirection to the IdP for Logout

5 years agoFEDIZ-190 - Make the logoutRedirectToConstraint a CallbackType
Colm O hEigeartaigh [Mon, 13 Feb 2017 16:54:23 +0000 (16:54 +0000)] 
FEDIZ-190 - Make the logoutRedirectToConstraint a CallbackType

5 years agoUsing isEmpty instead of size()
Colm O hEigeartaigh [Mon, 13 Feb 2017 12:47:45 +0000 (12:47 +0000)] 
Using isEmpty instead of size()

5 years agoWhitespace cleanup
Colm O hEigeartaigh [Mon, 13 Feb 2017 11:21:02 +0000 (11:21 +0000)] 
Whitespace cleanup

5 years agoFixing last commit
Colm O hEigeartaigh [Fri, 10 Feb 2017 14:43:10 +0000 (14:43 +0000)] 
Fixing last commit

5 years agoRevert "Removing redundant type information"
Colm O hEigeartaigh [Fri, 10 Feb 2017 14:40:45 +0000 (14:40 +0000)] 
Revert "Removing redundant type information"

This reverts commit f0a8dd64230ffd212191d30c114503748b7bb43b.

5 years agoRemoving redundant type information
Colm O hEigeartaigh [Fri, 10 Feb 2017 14:30:01 +0000 (14:30 +0000)] 
Removing redundant type information

5 years agoFix to previous commit
Colm O hEigeartaigh [Fri, 10 Feb 2017 13:14:39 +0000 (13:14 +0000)] 
Fix to previous commit

5 years agoFEDIZ-189 - Add support for absolute URLs in the logoutRedirectTo parameter
Colm O hEigeartaigh [Fri, 10 Feb 2017 12:08:20 +0000 (12:08 +0000)] 
FEDIZ-189 - Add support for absolute URLs in the logoutRedirectTo parameter

5 years agoAdd SignOutQueryHandler
Colm O hEigeartaigh [Wed, 8 Feb 2017 16:42:57 +0000 (16:42 +0000)] 
Add SignOutQueryHandler

5 years agoNPE guard
Colm O hEigeartaigh [Wed, 8 Feb 2017 16:21:00 +0000 (16:21 +0000)] 
NPE guard

5 years agoAdd support to specify sign out query parameters
Colm O hEigeartaigh [Wed, 8 Feb 2017 15:59:11 +0000 (15:59 +0000)] 
Add support to specify sign out query parameters

5 years ago[FEDIZ-187] Fixing the finalize method qualifier to public
Sergey Beryozkin [Tue, 7 Feb 2017 20:01:26 +0000 (20:01 +0000)] 
[FEDIZ-187] Fixing the finalize method qualifier to public

5 years agoAdd configuration to fediz_config.xml
Colm O hEigeartaigh [Tue, 7 Feb 2017 14:53:45 +0000 (14:53 +0000)] 
Add configuration to fediz_config.xml

5 years agoGet initial redirect to the IdP working
Colm O hEigeartaigh [Tue, 7 Feb 2017 14:52:31 +0000 (14:52 +0000)] 
Get initial redirect to the IdP working

5 years ago[FEDIZ-187] Using UriBuilder.path instead of .segment
Sergey Beryozkin [Mon, 6 Feb 2017 15:56:41 +0000 (15:56 +0000)] 
[FEDIZ-187] Using UriBuilder.path instead of .segment

5 years agoFixing tests
Colm O hEigeartaigh [Fri, 3 Feb 2017 12:16:43 +0000 (12:16 +0000)] 
Fixing tests

5 years agoFEDIZ-188 - Make "Reply" a CallbackType in the Fediz plugin configuration
Colm O hEigeartaigh [Fri, 3 Feb 2017 10:40:33 +0000 (10:40 +0000)] 
FEDIZ-188 - Make "Reply" a CallbackType in the Fediz plugin configuration

5 years ago[FEDIZ-187] Prototyping a logout service, avoiding some checkstyle issues in the...
Sergey Beryozkin [Thu, 2 Feb 2017 17:36:27 +0000 (17:36 +0000)] 
[FEDIZ-187] Prototyping a logout service, avoiding some checkstyle issues in the client reg service

5 years agoUpdating CXF
Colm O hEigeartaigh [Wed, 1 Feb 2017 10:15:28 +0000 (10:15 +0000)] 
Updating CXF

5 years agoFix web.xml
Colm O hEigeartaigh [Tue, 31 Jan 2017 15:09:01 +0000 (15:09 +0000)] 
Fix web.xml

5 years agoAdding RP custom parameter test
Colm O hEigeartaigh [Mon, 30 Jan 2017 15:01:20 +0000 (15:01 +0000)] 
Adding RP custom parameter test

5 years agoAdding support to pass the custom STS parameters through on the second call from...
Colm O hEigeartaigh [Fri, 27 Jan 2017 17:28:52 +0000 (17:28 +0000)] 
Adding support to pass the custom STS parameters through on the second call from the IdP

5 years agoTidying up default ClaimsHandler
Colm O hEigeartaigh [Fri, 27 Jan 2017 15:39:40 +0000 (15:39 +0000)] 
Tidying up default ClaimsHandler

5 years agoFixing more tests
Colm O hEigeartaigh [Fri, 27 Jan 2017 12:47:17 +0000 (12:47 +0000)] 
Fixing more tests

5 years agoFixing swagger resources
Colm O hEigeartaigh [Fri, 27 Jan 2017 12:20:13 +0000 (12:20 +0000)] 
Fixing swagger resources

5 years agoFixing failing test
Colm O hEigeartaigh [Fri, 27 Jan 2017 11:22:30 +0000 (11:22 +0000)] 
Fixing failing test

5 years agoFEDIZ-155 - Move .java components out of idp webapp and into a separate JAR
Colm O hEigeartaigh [Fri, 27 Jan 2017 10:50:48 +0000 (10:50 +0000)] 
FEDIZ-155 - Move .java components out of idp webapp and into a separate JAR

5 years agoEnabling the test
Colm O hEigeartaigh [Thu, 26 Jan 2017 12:06:32 +0000 (12:06 +0000)] 
Enabling the test

5 years agoFixing last commit
Colm O hEigeartaigh [Thu, 26 Jan 2017 12:04:23 +0000 (12:04 +0000)] 
Fixing last commit

5 years agoEnabled custom authentication test
Colm O hEigeartaigh [Thu, 26 Jan 2017 11:33:59 +0000 (11:33 +0000)] 
Enabled custom authentication test

5 years agoUpdating Tomcat
Colm O hEigeartaigh [Wed, 25 Jan 2017 15:13:20 +0000 (15:13 +0000)] 
Updating Tomcat

5 years agoAdding initial test for passing custom RST parameter between the IdP + STS
Colm O hEigeartaigh [Wed, 25 Jan 2017 15:12:58 +0000 (15:12 +0000)] 
Adding initial test for passing custom RST parameter between the IdP + STS

5 years agoUpdating to SNAPSHOT version of CXF
Colm O hEigeartaigh [Wed, 25 Jan 2017 11:17:55 +0000 (11:17 +0000)] 
Updating to SNAPSHOT version of CXF