Clément Oudot
|
0b3f9a78ff
|
Parse UserInfo response as JWT (#183)
|
2015-04-18 08:36:42 +00:00 |
|
Clément Oudot
|
1c0df34268
|
Replace version 2.00 by 2.0.0
|
2015-04-15 14:18:38 +00:00 |
|
Clément Oudot
|
9520bef489
|
Manager UserInfo signature (JWT response) (#184)
|
2015-04-14 18:42:02 +00:00 |
|
Clément Oudot
|
572636ead1
|
Use Base64 URL to decode JWT (#184)
|
2015-04-11 11:15:01 +00:00 |
|
Clément Oudot
|
a63918d28f
|
Return session state for session management (#184)
|
2015-04-07 09:04:17 +00:00 |
|
Clément Oudot
|
ac5f76f898
|
Option to deactivate nonce (#183)
|
2015-04-03 13:45:38 +00:00 |
|
Clément Oudot
|
a17159f105
|
Don't send max_age if value is 0 (#183)
|
2015-04-03 13:23:52 +00:00 |
|
Clément Oudot
|
3ad495f824
|
Call endsession point in authLogout (#183)
|
2015-04-03 13:00:30 +00:00 |
|
Clément Oudot
|
328a280601
|
Work on implementation of OIDC logout (#184)
|
2015-04-03 09:05:36 +00:00 |
|
Clément Oudot
|
841f057c25
|
Work on implementation of OIDC logout (#184)
|
2015-04-02 16:54:00 +00:00 |
|
Clément Oudot
|
85650ae3be
|
Start implementation of OIDC logout (#184)
|
2015-04-02 07:02:21 +00:00 |
|
Clément Oudot
|
72aecd6cf1
|
Configuration of Authentication Class Ref (#184)
|
2015-04-01 15:45:08 +00:00 |
|
Clément Oudot
|
b9494d1b0a
|
Check iat (#183)
|
2015-04-01 15:10:08 +00:00 |
|
Clément Oudot
|
0fa5cf2614
|
Use max_age, ui_locales and acr_values (#183)
|
2015-04-01 14:51:49 +00:00 |
|
Clément Oudot
|
01aec28467
|
Use prompt (#183)
|
2015-04-01 13:00:31 +00:00 |
|
Clément Oudot
|
865551989b
|
Use display (#183)
|
2015-04-01 12:53:18 +00:00 |
|
Clément Oudot
|
9936ade26b
|
Use nonce (#183)
|
2015-03-31 16:07:50 +00:00 |
|
Clément Oudot
|
2e0f1b7088
|
Start of registration endpoint implementation (#184)
|
2015-03-30 15:57:23 +00:00 |
|
Clément Oudot
|
b14ec43a88
|
Check redirect_uri (#184)
|
2015-03-30 12:58:56 +00:00 |
|
Clément Oudot
|
da31a15cb9
|
Add support for RS256/RS384/RS512 to sign ID Tokens (#184)
|
2015-03-27 15:13:00 +00:00 |
|
Clément Oudot
|
895d7f3ef1
|
Display pretty JSON (#184)
|
2015-03-27 14:33:13 +00:00 |
|
Clément Oudot
|
d22853d775
|
Support for JWKS URI and signing public key (#184)
|
2015-03-27 14:21:43 +00:00 |
|
Clément Oudot
|
f8e37c0c8b
|
Use SAML message creation time to set netBefore and notOnOrAfter (#799)
|
2015-03-27 08:29:12 +00:00 |
|
Clément Oudot
|
6c5487ab0e
|
Check prompt parameter when displaying consent (#184)
|
2015-03-27 08:25:36 +00:00 |
|
Clément Oudot
|
9f06668eef
|
Check id_token_hint request parameter for authenticated user (#184)
|
2015-03-25 16:13:09 +00:00 |
|
Clément Oudot
|
46e3b460c1
|
Check max_age request parameter for authenticated user (#184)
|
2015-03-25 16:11:45 +00:00 |
|
Clément Oudot
|
e1794d1be7
|
Check prompt request parameter for authenticated user (#184)
|
2015-03-25 14:55:46 +00:00 |
|
Clément Oudot
|
80480e302c
|
Prompt parameter is a space delimited value (#184)
|
2015-03-25 13:48:36 +00:00 |
|
Clément Oudot
|
1937448419
|
Check hidden fields in issuerForUnAuthUser (#184)
|
2015-03-25 11:53:03 +00:00 |
|
Clément Oudot
|
158c097e66
|
Manage login_hint request parameter (#184)
|
2015-03-25 11:40:58 +00:00 |
|
Clément Oudot
|
70bcd003f6
|
Manage ui_locales request parameter (#184)
|
2015-03-25 11:15:31 +00:00 |
|
Clément Oudot
|
c6589a7f7b
|
Check display and prompt request parameters for unauthenticated user (#184)
|
2015-03-25 10:54:00 +00:00 |
|
Clément Oudot
|
c07f698bdb
|
Manage consent refuse and server_error errors (#184)
|
2015-03-25 09:11:46 +00:00 |
|
Clément Oudot
|
8e06ec1bd1
|
Get all OIDC parameters on authorization endpoint and check required ones (#184)
|
2015-03-24 17:01:15 +00:00 |
|
Clément Oudot
|
699303cf47
|
Use redirection for errors on authorization endpoint (#184)
|
2015-03-24 16:40:00 +00:00 |
|
Clément Oudot
|
45ed174666
|
Generate at_hash at token endpoint (#184)
|
2015-03-23 17:04:00 +00:00 |
|
Clément Oudot
|
2ff0b7277a
|
Add hybrid flow support (#184)
|
2015-03-23 11:54:22 +00:00 |
|
Clément Oudot
|
539f241725
|
Generate at_hash in ID Token for implicit flow (#184)
|
2015-03-19 17:04:13 +00:00 |
|
Clément Oudot
|
c3cb985323
|
Manage access token hash in RP (#183)
|
2015-03-19 15:28:58 +00:00 |
|
Clément Oudot
|
4e7f4eb85e
|
Use nonce in Authentication Code Flow (#184)
|
2015-03-17 12:56:11 +00:00 |
|
Clément Oudot
|
89e3678bdf
|
Manage OIDC Implicit Flow (#184)
|
2015-03-17 11:01:11 +00:00 |
|
Clément Oudot
|
33bc52b619
|
Skeleton to manage different OIDC response types (#184)
|
2015-03-16 17:00:56 +00:00 |
|
Clément Oudot
|
71bc645d51
|
Authentication Context in ID Token (#184)
|
2015-03-13 12:54:04 +00:00 |
|
Clément Oudot
|
23b2c6f996
|
Configure Access Token expiration (#184)
|
2015-03-13 11:09:39 +00:00 |
|
Clément Oudot
|
74958870bb
|
Auth time and expiration in ID Token (#184)
|
2015-03-13 10:54:36 +00:00 |
|
Clément Oudot
|
6d6d7e6424
|
Fix typo on Relying Party (#184)
|
2015-03-11 16:24:10 +00:00 |
|
Clément Oudot
|
167fdb66c4
|
Possibility to configure attribute used to fill OIDC User ID (#184)
|
2015-03-11 16:16:37 +00:00 |
|
Clément Oudot
|
55fe1a5ec8
|
Refactor code that build authz response (#184)
|
2015-03-11 15:47:24 +00:00 |
|
Clément Oudot
|
ca146c7525
|
Remove unused imports (#184)
|
2015-03-11 15:07:00 +00:00 |
|
Clément Oudot
|
f3dcec7ad7
|
Display user friendly messages for scope consent (#184)
|
2015-03-11 14:34:31 +00:00 |
|
Clément Oudot
|
495da0dde5
|
Check accepted scope in consent step (#184)
|
2015-03-11 13:53:58 +00:00 |
|
Clément Oudot
|
2d015ebdcd
|
Possibility to change backend for OIDC sessions (#184)
|
2015-03-11 11:39:20 +00:00 |
|
Clément Oudot
|
6f128235af
|
Set version 2.00 in the trunk
|
2015-03-11 09:05:04 +00:00 |
|
Clément Oudot
|
7a7bb1fbda
|
make tidy on all files
|
2015-03-10 15:07:33 +00:00 |
|
Clément Oudot
|
a31663cf38
|
Delete captcha session only when authentication process is finished (#788)
|
2015-03-09 16:44:19 +00:00 |
|
Xavier Guimard
|
53e41d145c
|
Auth modules must be set
|
2015-03-09 15:55:46 +00:00 |
|
Clément Oudot
|
ef4af6b3f2
|
ID Token signature configuration (#184)
|
2015-02-19 18:04:29 +00:00 |
|
Clément Oudot
|
d1d97d16c3
|
Set _utime in OIDC sessions (#184)
|
2015-02-19 15:17:49 +00:00 |
|
Clément Oudot
|
68607ca947
|
Implement UserInfo endpoint (#184)
|
2015-02-04 13:25:13 +00:00 |
|
Clément Oudot
|
968f0e065a
|
Check authentication on token endpoint (#184)
|
2015-02-02 09:44:33 +00:00 |
|
Clément Oudot
|
9f69f03b09
|
Store scope in access token session (#184)
|
2015-01-31 15:17:56 +00:00 |
|
Clément Oudot
|
31e0a1cfb5
|
Obtain user consent for OpenID Connect requested scope (#184)
|
2015-01-31 14:34:52 +00:00 |
|
Clément Oudot
|
3c3cc39d0c
|
Check sub of UserInfo JSON (references #183)
|
2015-01-31 14:33:05 +00:00 |
|
Clément Oudot
|
e6ae3b9925
|
Restore hidden form values (#184)
|
2015-01-29 13:32:31 +00:00 |
|
Clément Oudot
|
0be124d3d7
|
Prevent reuse of authorization code (#184)
|
2015-01-28 16:53:06 +00:00 |
|
Clément Oudot
|
70281de82d
|
Add some debug logs (#184)
|
2015-01-28 13:41:10 +00:00 |
|
Clément Oudot
|
39b83ae46a
|
OpenIDConnect Service metadata parameters in Manager (#184)
|
2015-01-28 13:07:11 +00:00 |
|
Clément Oudot
|
2abb7fafde
|
Check that RP is registered (#184)
|
2015-01-23 13:06:54 +00:00 |
|
Clément Oudot
|
b82153ab17
|
Start implementation of OpenID Connect provider (#184)
|
2015-01-20 10:04:44 +00:00 |
|
David COUTADEUR
|
a82d36a794
|
Fix LEMONLDAP-784: https://jira.ow2.org/browse/LEMONLDAP-784
reset password in AD not working
|
2015-01-08 17:05:40 +00:00 |
|
Clément Oudot
|
7e74e27a3b
|
Autoselect OP if only one is configured (#183)
|
2014-12-15 14:58:42 +00:00 |
|
Clément Oudot
|
922b92bbbe
|
Configuration of OpenID Connect auth module and OP in Manager (#183)
|
2014-12-15 13:55:23 +00:00 |
|
Clément Oudot
|
18072723de
|
Compatibility with AuthChoice (#183)
|
2014-12-11 17:05:33 +00:00 |
|
Clément Oudot
|
8b7ad81ff5
|
Add first OpenID Connect RP parameters in Manager (#183)
|
2014-12-11 16:54:27 +00:00 |
|
Clément Oudot
|
0014e2cdaf
|
Invalidate CAS Service Ticket when it is used (#775)
|
2014-12-05 09:21:07 +00:00 |
|
Clément Oudot
|
8b1ea19725
|
Possibility to define a background image for portal skin (#770)
|
2014-12-02 14:51:23 +00:00 |
|
Clément Oudot
|
eea1fedd3c
|
Better look of OpenID Provider list (#183)
|
2014-12-01 17:07:55 +00:00 |
|
Clément Oudot
|
44c64ea606
|
Manage refresh of JWKS data (#183)
|
2014-12-01 10:27:47 +00:00 |
|
Clément Oudot
|
c5ad64e694
|
Try to fix build #491 (#183)
|
2014-11-24 08:39:16 +00:00 |
|
Clément Oudot
|
c09d2c4e00
|
Check ID Token validity (#183)
|
2014-11-22 08:53:17 +00:00 |
|
Clément Oudot
|
ee43c5010f
|
Check token response validity (references #183)
|
2014-11-22 08:46:41 +00:00 |
|
Clément Oudot
|
c0b7af29b8
|
Support client_secret_basic and client_secret_post for token endpoint authentication (references #183)
|
2014-11-21 17:15:47 +00:00 |
|
Clément Oudot
|
bc6920dd03
|
Check error in authn response (#183)
|
2014-11-21 10:32:35 +00:00 |
|
Clément Oudot
|
6ba3d9e44e
|
Manage exported vars per OP (#183)
|
2014-11-20 15:53:26 +00:00 |
|
Clément Oudot
|
687f0ed094
|
Change configuration format to allow to define several OP (#183)
|
2014-11-20 14:03:32 +00:00 |
|
Clément Oudot
|
74a7770fa4
|
Use extractJWT method (#183)
|
2014-11-20 09:11:55 +00:00 |
|
Clément Oudot
|
53aab6d3c0
|
Verify JWT signature for RS256/RS384/RS512 alg (#183)
|
2014-11-19 14:17:39 +00:00 |
|
Clément Oudot
|
ab1e318149
|
Add support for HS368 and HS512 JWT signature alg (#183)
Get OpenID configuration data from configuration URI (#183)
|
2014-11-19 11:09:37 +00:00 |
|
Clément Oudot
|
5a09c04445
|
Add some log to JWT signature verification (#183)
|
2014-11-18 14:32:15 +00:00 |
|
Clément Oudot
|
27225cfe86
|
Option to check JWT Signature (#183)
|
2014-11-18 14:24:03 +00:00 |
|
Clément Oudot
|
2a33f67155
|
Verify JWT signature for HS256 alg (#183)
|
2014-11-17 18:09:55 +00:00 |
|
Clément Oudot
|
3cde211810
|
Save/restore state in OpenID Connect RP (#183)
|
2014-11-17 13:55:26 +00:00 |
|
Clément Oudot
|
c64f69a852
|
Use eval to decode JSON content (#183)
|
2014-11-14 16:53:56 +00:00 |
|
Clément Oudot
|
914fe20eb5
|
Create OpenIDConnect library (#183)
|
2014-11-14 16:18:50 +00:00 |
|
Clément Oudot
|
2ff2d0e01a
|
First version of OpenIDConnect RP module (#183)
|
2014-11-14 14:29:55 +00:00 |
|
Clément Oudot
|
5bb0f01de4
|
Manage vhost aliases in portal menu (#755)
|
2014-11-03 17:07:47 +00:00 |
|
Clément Oudot
|
2af54acd97
|
Do not call data on undefined session object (#762)
|
2014-10-27 11:19:25 +00:00 |
|
Clément Oudot
|
2a343dff84
|
Fix TODO by using autoRedirect (#753)
|
2014-08-21 12:22:10 +00:00 |
|
Clément Oudot
|
7e517cbdd0
|
Do not hardcode OpenID server path (#753)
|
2014-08-21 12:19:12 +00:00 |
|
Clément Oudot
|
df926b3429
|
Fix OpenID Issuer with new Net::OpenID::Server version (#753)
|
2014-08-21 11:49:56 +00:00 |
|