Maxime Besson
|
0ddabc96f6
|
Use azp instead of aud (#2607)
|
2022-07-11 09:18:01 +02:00 |
|
alc
|
8ae0ebb9db
|
#2607 Adding the possibility to bypass logout confirm when initiated by RP
|
2022-07-08 16:44:27 +02:00 |
|
Yadd
|
46d43e69d9
|
Use Perltidy 20220217 (Closes: #2765)
|
2022-06-23 12:12:25 +02:00 |
|
Maxime Besson
|
87a91f222f
|
Remove dead code in Issuer::OIDC
|
2022-06-19 15:24:59 +02:00 |
|
Maxime Besson
|
3ef3aac9c7
|
Refactor newAccessToken
|
2022-06-19 15:24:59 +02:00 |
|
Maxime Besson
|
a868f2696f
|
Add refresh token hooks (#2768)
|
2022-06-19 12:02:31 +02:00 |
|
Maxime Besson
|
826308fbbf
|
Fix check after saveConf (#2742)
|
2022-04-26 19:09:18 +02:00 |
|
Yadd
|
b88a72c267
|
tidy
|
2022-02-16 17:43:29 +01:00 |
|
Yadd
|
c3724a618f
|
Fix versions
|
2022-02-01 17:09:31 +01:00 |
|
Maxime Besson
|
8cc84d9461
|
Missing openid scope should be an explicit error
|
2022-01-21 15:23:20 +01:00 |
|
Maxime Besson
|
fe4172a50a
|
Change invalid_scope http code to 400 (#2622)
|
2021-10-27 00:17:28 +02:00 |
|
Maxime Besson
|
b21500122d
|
Fix #2622
|
2021-10-26 16:53:24 +02:00 |
|
Maxime Besson
|
5ea7a0916d
|
Add _oidc_grant_type variable (#2602)
|
2021-09-01 17:32:15 +02:00 |
|
Yadd
|
83b45db614
|
Fix versions
|
2021-06-28 15:36:29 +02:00 |
|
Clément OUDOT
|
262210398d
|
Remove OIDC check session iframe from metadata (#2554)
|
2021-06-25 12:49:51 +02:00 |
|
Maxime Besson
|
8db02a693f
|
Only release IDtoken when scope contains openid (#2550)
|
2021-06-21 09:38:03 +02:00 |
|
Maxime Besson
|
beaacca9a0
|
Refactor _handleRefreshTokenGrant to use _generateIDToken (#2550)
|
2021-06-21 09:38:03 +02:00 |
|
Maxime Besson
|
c931b30263
|
Refactor _generateIDToken (#2550)
|
2021-06-21 09:38:03 +02:00 |
|
Maxime Besson
|
e98aafd6f7
|
add oidcGenerateCode hook (#2532)
|
2021-05-31 11:16:28 +02:00 |
|
Maxime Besson
|
8695a633a7
|
Force type of JSON fields in token response (#2511)
|
2021-04-20 11:31:32 +02:00 |
|
Maxime Besson
|
c1e059eeb3
|
Use authChoiceAuthBasic to select Choice (#2502)
|
2021-04-07 16:40:32 +02:00 |
|
Maxime Besson
|
20e1f9ded0
|
Hash JWT to catch tampering (#2419)
This mechanism's only purpose is to make the introsection endpoint fail
to verify the token when the JWT itself has been tampered with.
|
2021-03-30 16:32:14 +02:00 |
|
Maxime Besson
|
02b680df30
|
fix #2489
|
2021-03-19 16:45:37 +01:00 |
|
Maxime Besson
|
44abc1e889
|
Add hook for client credentials (#2484)
|
2021-03-10 15:47:19 +01:00 |
|
Maxime Besson
|
0f626ad94c
|
Add expiration time to Client Credential sessions (#2481)
|
2021-03-03 15:43:18 +01:00 |
|
Maxime Besson
|
e10d1e291c
|
Return granted scopes if different from requested scopes (#2424)
|
2021-03-03 11:03:19 +01:00 |
|
Maxime Besson
|
6b9670c29d
|
Use computed scopes to fill claims in ID token (#2424)
|
2021-03-03 11:03:19 +01:00 |
|
Maxime Besson
|
534745e5a2
|
Use computer scopes in Implicit/Hybrid responses (#2424)
|
2021-03-03 11:03:18 +01:00 |
|
Maxime Besson
|
4841c7755e
|
Fix OAuth2 error code when supplying invalid code
|
2021-02-24 17:48:12 +01:00 |
|
Maxime Besson
|
5a8c20584b
|
Fix OIDC message when calling technical endpoints with cookies (#2475)
|
2021-02-24 17:48:12 +01:00 |
|
Maxime Besson
|
cceb6f767e
|
Use a dedicated function for OIDC error reporting (#2465)
|
2021-02-18 22:06:39 +01:00 |
|
Maxime Besson
|
09dda56cb8
|
Refactor: rename method in issuer
|
2021-02-01 18:20:32 +01:00 |
|
Maxime Besson
|
435ba82144
|
Refactor: rename and move getJWTJSONData
|
2021-02-01 18:20:32 +01:00 |
|
Maxime Besson
|
aa877cf0a3
|
Let newAccessToken emit JWT (#2419)
|
2021-02-01 18:15:55 +01:00 |
|
Maxime Besson
|
dc0bacd6f0
|
Accept Access Tokens in JWT format (#2419)
|
2021-02-01 18:15:55 +01:00 |
|
Maxime Besson
|
dbddddfba1
|
Refactor newAccessToken (#2419)
|
2021-02-01 18:15:55 +01:00 |
|
Maxime Besson
|
5303b4fc3e
|
Fix error format when sending an expired refresh token
|
2021-02-01 18:15:55 +01:00 |
|
Maxime Besson
|
4c1f49a90f
|
Use dynamic scope in issuer (#2424)
|
2021-02-01 16:25:35 +01:00 |
|
Christophe Maudoux
|
24cec1e08f
|
Fix warning
|
2021-01-23 23:27:46 +01:00 |
|
Maxime Besson
|
25fb8ca0f0
|
Implement client credentials grant (#1987)
|
2021-01-19 17:06:21 +01:00 |
|
Maxime Besson
|
5e439b2f24
|
Advertise client credentials grant (#1987)
|
2021-01-19 16:47:21 +01:00 |
|
Maxime Besson
|
dd5e9ec156
|
Tidy
|
2021-01-19 16:44:06 +01:00 |
|
Maxime Besson
|
daef0cf776
|
add oidcGenerateUserInfoResponse hook (#2359)
|
2020-11-27 14:00:58 +01:00 |
|
Maxime Besson
|
faadb3f059
|
add oidcGotRequest hook (#2359)
|
2020-11-27 14:00:58 +01:00 |
|
Christophe Maudoux
|
c742d8320e
|
Set user and oldpassword fields into reset password form & Improve unit tests (#2377)
|
2020-11-09 13:27:16 +01:00 |
|
Christophe Maudoux
|
e704fe24ea
|
Fix warning if no path given & code refactoring
|
2020-10-26 19:21:54 +01:00 |
|
Maxime Besson
|
7a36489b73
|
oidc issuer: check auth level and reauth if insufficient (#2124)
|
2020-09-04 17:15:34 +02:00 |
|
Maxime Besson
|
8bfa5179cc
|
Issuers: Store required auth level in pdata (#2124)
|
2020-09-04 17:14:04 +02:00 |
|
Maxime Besson
|
52c6edb453
|
Lookup oidcRPMetaDataOptionsUserIDAttr in per-RP macros (#2280)
|
2020-08-17 22:06:09 +02:00 |
|
Clément OUDOT
|
2da914cc90
|
Publish support for refresh_token grant_type (#2242)
|
2020-06-18 09:43:56 +02:00 |
|