Commit Graph

350 Commits

Author SHA1 Message Date
Yadd
83b45db614 Fix versions 2021-06-28 15:36:29 +02:00
Clément OUDOT
262210398d Remove OIDC check session iframe from metadata (#2554) 2021-06-25 12:49:51 +02:00
Yadd
3732cdcc19 Better URL parsing (#2477) 2021-06-24 14:33:27 +02:00
Maxime Besson
8db02a693f Only release IDtoken when scope contains openid (#2550) 2021-06-21 09:38:03 +02:00
Maxime Besson
beaacca9a0 Refactor _handleRefreshTokenGrant to use _generateIDToken (#2550) 2021-06-21 09:38:03 +02:00
Maxime Besson
c931b30263 Refactor _generateIDToken (#2550) 2021-06-21 09:38:03 +02:00
Maxime Besson
6f5cd3b645 Fix some undef warnings 2021-06-15 12:40:15 +02:00
Maxime Besson
75b81fcb5a Fix NameID value when unspecified is requested by SP (#2518) 2021-06-15 11:27:37 +02:00
Christophe Maudoux
86f46ebc5b Fix some warnings (#2538) 2021-06-08 23:03:54 +02:00
Maxime Besson
cf3809a0de Add CAS hooks (#2533) 2021-06-01 11:27:45 +02:00
Maxime Besson
e98aafd6f7 add oidcGenerateCode hook (#2532) 2021-05-31 11:16:28 +02:00
Maxime Besson
8695a633a7 Force type of JSON fields in token response (#2511) 2021-04-20 11:31:32 +02:00
Maxime Besson
c1e059eeb3 Use authChoiceAuthBasic to select Choice (#2502) 2021-04-07 16:40:32 +02:00
Maxime Besson
20e1f9ded0 Hash JWT to catch tampering (#2419)
This mechanism's only purpose is to make the introsection endpoint fail
to verify the token when the JWT itself has been tampered with.
2021-03-30 16:32:14 +02:00
Maxime Besson
02b680df30 fix #2489 2021-03-19 16:45:37 +01:00
Maxime Besson
ca6c98c26c Allow selection of saml ACS during idp initiated (#2488) 2021-03-17 14:24:47 +01:00
Maxime Besson
44abc1e889 Add hook for client credentials (#2484) 2021-03-10 15:47:19 +01:00
Maxime Besson
0f626ad94c Add expiration time to Client Credential sessions (#2481) 2021-03-03 15:43:18 +01:00
Maxime Besson
e10d1e291c Return granted scopes if different from requested scopes (#2424) 2021-03-03 11:03:19 +01:00
Maxime Besson
6b9670c29d Use computed scopes to fill claims in ID token (#2424) 2021-03-03 11:03:19 +01:00
Maxime Besson
534745e5a2 Use computer scopes in Implicit/Hybrid responses (#2424) 2021-03-03 11:03:18 +01:00
Maxime Besson
4841c7755e Fix OAuth2 error code when supplying invalid code 2021-02-24 17:48:12 +01:00
Maxime Besson
5a8c20584b Fix OIDC message when calling technical endpoints with cookies (#2475) 2021-02-24 17:48:12 +01:00
Maxime Besson
cceb6f767e Use a dedicated function for OIDC error reporting (#2465) 2021-02-18 22:06:39 +01:00
Maxime Besson
7db988b5a1 Improve some SAML error messages (#2349) 2021-02-08 11:50:24 +01:00
Maxime Besson
09dda56cb8 Refactor: rename method in issuer 2021-02-01 18:20:32 +01:00
Maxime Besson
435ba82144 Refactor: rename and move getJWTJSONData 2021-02-01 18:20:32 +01:00
Maxime Besson
aa877cf0a3 Let newAccessToken emit JWT (#2419) 2021-02-01 18:15:55 +01:00
Maxime Besson
dc0bacd6f0 Accept Access Tokens in JWT format (#2419) 2021-02-01 18:15:55 +01:00
Maxime Besson
dbddddfba1 Refactor newAccessToken (#2419) 2021-02-01 18:15:55 +01:00
Maxime Besson
5303b4fc3e Fix error format when sending an expired refresh token 2021-02-01 18:15:55 +01:00
Maxime Besson
4c1f49a90f Use dynamic scope in issuer (#2424) 2021-02-01 16:25:35 +01:00
Christophe Maudoux
24cec1e08f Fix warning 2021-01-23 23:27:46 +01:00
Maxime Besson
25fb8ca0f0 Implement client credentials grant (#1987) 2021-01-19 17:06:21 +01:00
Maxime Besson
5e439b2f24 Advertise client credentials grant (#1987) 2021-01-19 16:47:21 +01:00
Maxime Besson
dd5e9ec156 Tidy 2021-01-19 16:44:06 +01:00
Christophe Maudoux
a93a85435d Improve debug msg 2021-01-07 10:04:15 +01:00
Maxime Besson
e78f8a2270 Refactor CAS code (#2321) 2021-01-05 17:34:57 +01:00
Maxime Besson
49905d4759 Remove debug log 2020-12-30 16:34:40 +01:00
Maxime Besson
4eeef91588 Add SAML ACS to environment (#2427) 2020-12-29 14:17:06 +01:00
Maxime Besson
daef0cf776 add oidcGenerateUserInfoResponse hook (#2359) 2020-11-27 14:00:58 +01:00
Maxime Besson
faadb3f059 add oidcGotRequest hook (#2359) 2020-11-27 14:00:58 +01:00
Maxime Besson
c19be1d501 Tidy SAML issuer (#2359) 2020-11-27 14:00:58 +01:00
Maxime Besson
a706f8a470 add samlBuildLogoutResponse hook (#2359) 2020-11-27 14:00:58 +01:00
Maxime Besson
ddc43f7c9c add samlGotLogoutRequest hook (#2359) 2020-11-27 14:00:58 +01:00
Maxime Besson
2dba11e6b3 Add samlBuildAuthnResponse hook (#2359) 2020-11-27 14:00:58 +01:00
Maxime Besson
de1d6e205b Add samlGotAuthnRequest hook (#2359) 2020-11-27 14:00:58 +01:00
Christophe Maudoux
c742d8320e Set user and oldpassword fields into reset password form & Improve unit tests (#2377) 2020-11-09 13:27:16 +01:00
Christophe Maudoux
e704fe24ea Fix warning if no path given & code refactoring 2020-10-26 19:21:54 +01:00
Maxime Besson
277e0872fa Fix missing session timeouts (#2262) 2020-09-09 12:04:17 +02:00