Xavier Guimard
|
8f78863dcf
|
Change OIDC(JSON|JWKS) key storage
Due to old manager behavior, they were stored as key->partner->key. Now
it's simply key->partner
|
2015-12-20 07:04:38 +00:00 |
|
Xavier Guimard
|
355b298a3a
|
Better regexp
|
2015-12-19 06:56:59 +00:00 |
|
Clément Oudot
|
c257baddd9
|
Fix session management (bug introduced in r4024)
|
2015-12-18 18:01:15 +00:00 |
|
Clément Oudot
|
4a1f957fdd
|
Set trunk version to 1.9.0
|
2015-12-18 09:31:36 +00:00 |
|
Xavier Guimard
|
2df6075dfa
|
Persistent sessions explorer in progress
|
2015-12-18 06:17:30 +00:00 |
|
Xavier Guimard
|
6daa0bc77b
|
Strange bug
It happends when serveur is restarted and the first call to portal uses
"?logout=1" with a valid session
|
2015-12-16 20:44:27 +00:00 |
|
Xavier Guimard
|
3372341fec
|
Start authChoice management
|
2015-12-12 13:18:48 +00:00 |
|
Xavier Guimard
|
5a3fc1bfed
|
Adapt "multi" system to the new manager
IMPORTANT: auth and userDB stacks are now in distinct keys
|
2015-12-10 20:05:29 +00:00 |
|
Clément Oudot
|
8c109061a9
|
Return error if no OpenID Provider configured (#183)
|
2015-10-22 13:40:11 +00:00 |
|
Clément Oudot
|
a6821a7fca
|
Fix trailing slash in post logout URL (#183)
|
2015-10-22 09:24:18 +00:00 |
|
Clément Oudot
|
df59540d22
|
make tidy
|
2015-10-22 08:40:12 +00:00 |
|
David COUTADEUR
|
7fd8390c85
|
correcting typo for #822 feature (checking pwdLastSet in AD is not sufficient)
|
2015-10-08 12:49:32 +00:00 |
|
Clément Oudot
|
d1540c280f
|
Move AD specific code in AuthAD and check userAccountControl before displaying expiration warning (#822)
|
2015-10-06 09:39:23 +00:00 |
|
Clément Oudot
|
ad0c56cb84
|
Manage password expiration for AD authentication backend (#822)
|
2015-10-05 14:07:24 +00:00 |
|
Clément Oudot
|
b05fab6eac
|
Dump variables stored in session in debug mode (#792)
|
2015-09-25 15:29:57 +00:00 |
|
Clément Oudot
|
b8d8b01ea4
|
Create hGroups to store groups as an HashRef:
* Allows to store multivaluated attributes of groups (#792)
* Remove duplicate groups when using recursive groups (#823)
|
2015-09-25 09:43:04 +00:00 |
|
Clément Oudot
|
f8d9274a2c
|
Store multi full module name in another session variable (#715)
|
2015-09-24 06:58:21 +00:00 |
|
Clément Oudot
|
62a8fb17ac
|
Fix SOAP data formatting (#850)
|
2015-09-23 09:02:47 +00:00 |
|
Clément Oudot
|
99953c14eb
|
Add _lastSeen to default exported attributes with SOAP (#845)
|
2015-09-23 08:31:46 +00:00 |
|
Xavier Guimard
|
9298c07510
|
Typo
|
2015-09-22 05:38:23 +00:00 |
|
Clément Oudot
|
fa95ab2ee7
|
Possibility to define extra claims (#184)
|
2015-06-19 09:06:13 +00:00 |
|
Clément Oudot
|
c5a6d3f31c
|
Force Base64 URL for JWT signature (#184)
|
2015-06-18 12:47:35 +00:00 |
|
Xavier Guimard
|
87fd52a0ab
|
Update copyrights
|
2015-06-18 11:00:24 +00:00 |
|
Clément Oudot
|
13dc6d5755
|
Fix 'exp' field in ID Token (#184)
|
2015-06-18 10:20:15 +00:00 |
|
Clément Oudot
|
96207ab19d
|
Support URL for application logo (#183)
|
2015-06-16 15:43:07 +00:00 |
|
Clément Oudot
|
15cfb0ed43
|
Support URL for application logo (#184)
|
2015-06-16 15:34:11 +00:00 |
|
Clément Oudot
|
2c4413bf01
|
Fix AuthOpenIDConnect unit test (#183)
|
2015-06-16 06:56:14 +00:00 |
|
Clément Oudot
|
614bb23834
|
Update logo (#820)
|
2015-06-15 12:45:23 +00:00 |
|
Clément Oudot
|
0b955a40d1
|
Update favicon.ico with a multi-layer icon (#820)
|
2015-06-15 12:32:38 +00:00 |
|
Clément Oudot
|
ef43679ce1
|
Manage session not found in portal (#825)
|
2015-06-12 10:56:38 +00:00 |
|
Clément Oudot
|
12890c4512
|
Fix oidcStorageOptions initialization (#184)
|
2015-06-12 07:51:37 +00:00 |
|
Clément Oudot
|
7b996f1cb1
|
Update favicon
|
2015-06-11 14:03:54 +00:00 |
|
Clément Oudot
|
e3af829e5a
|
Remove portalAutocomplete configuration (#824)
|
2015-06-11 12:59:20 +00:00 |
|
Clément Oudot
|
b81aea14b4
|
Define an ID for public key (#184)
|
2015-06-05 12:55:06 +00:00 |
|
Clément Oudot
|
f4119999d0
|
Call check session iframe in oauth test page (#184)
|
2015-06-01 18:27:05 +00:00 |
|
Clément Oudot
|
fe77ab4dbb
|
CHeck session iframe with CORS for session management (#184)
|
2015-06-01 18:22:36 +00:00 |
|
Clément Oudot
|
05ecd34598
|
Parameter to define allowed flows (#184)
|
2015-05-29 16:49:32 +00:00 |
|
Clément Oudot
|
121e578b7e
|
Parameter to allow dynamic client registration (#184)
|
2015-05-29 10:07:54 +00:00 |
|
Clément Oudot
|
b66a90e197
|
Register dynamic client in configuration (#184)
|
2015-05-29 08:50:51 +00:00 |
|
Clément Oudot
|
ab0b6e7190
|
Display correct skin in register page (#818)
|
2015-05-11 14:06:20 +00:00 |
|
Clément Oudot
|
f82a7319be
|
Display correct skin in mail reset page (#818)
|
2015-05-11 13:50:55 +00:00 |
|
Clément Oudot
|
fe2ad66a29
|
Add attributes in CAS serviceValidate response (#773)
|
2015-05-09 17:49:56 +00:00 |
|
Clément Oudot
|
ef1da93be9
|
Test script for SOAP error method (#817)
|
2015-05-08 20:22:58 +00:00 |
|
Clément Oudot
|
27b469d28d
|
Fix WSDL for error (#817)
|
2015-05-05 12:36:50 +00:00 |
|
Clément Oudot
|
b71e06b246
|
Fix WSDL for getAttributes (#816)
|
2015-05-05 12:11:00 +00:00 |
|
Clément Oudot
|
1caa11c724
|
Update OIDC test page (#184)
|
2015-04-30 06:14:41 +00:00 |
|
Clément Oudot
|
ad2c67c2ba
|
Support Request URI (#184)
|
2015-04-30 06:09:51 +00:00 |
|
Clément Oudot
|
159f71fd25
|
Verify Request JWT signature (#184)
|
2015-04-25 15:19:12 +00:00 |
|
Clément Oudot
|
94f1065e5d
|
Accept 'request' parameter in authorization requests (#184)
|
2015-04-22 17:16:32 +00:00 |
|
Clément Oudot
|
0b3f9a78ff
|
Parse UserInfo response as JWT (#183)
|
2015-04-18 08:36:42 +00:00 |
|
Clément Oudot
|
1c0df34268
|
Replace version 2.00 by 2.0.0
|
2015-04-15 14:18:38 +00:00 |
|
Clément Oudot
|
9520bef489
|
Manager UserInfo signature (JWT response) (#184)
|
2015-04-14 18:42:02 +00:00 |
|
Clément Oudot
|
572636ead1
|
Use Base64 URL to decode JWT (#184)
|
2015-04-11 11:15:01 +00:00 |
|
Clément Oudot
|
a63918d28f
|
Return session state for session management (#184)
|
2015-04-07 09:04:17 +00:00 |
|
Clément Oudot
|
ac5f76f898
|
Option to deactivate nonce (#183)
|
2015-04-03 13:45:38 +00:00 |
|
Clément Oudot
|
a17159f105
|
Don't send max_age if value is 0 (#183)
|
2015-04-03 13:23:52 +00:00 |
|
Clément Oudot
|
3ad495f824
|
Call endsession point in authLogout (#183)
|
2015-04-03 13:00:30 +00:00 |
|
Clément Oudot
|
328a280601
|
Work on implementation of OIDC logout (#184)
|
2015-04-03 09:05:36 +00:00 |
|
Clément Oudot
|
841f057c25
|
Work on implementation of OIDC logout (#184)
|
2015-04-02 16:54:00 +00:00 |
|
Clément Oudot
|
85650ae3be
|
Start implementation of OIDC logout (#184)
|
2015-04-02 07:02:21 +00:00 |
|
Clément Oudot
|
3f741d53c3
|
Declaration of Authentication Class Ref in openid-configuration (#184)
|
2015-04-02 06:41:15 +00:00 |
|
Clément Oudot
|
72aecd6cf1
|
Configuration of Authentication Class Ref (#184)
|
2015-04-01 15:45:08 +00:00 |
|
Clément Oudot
|
b9494d1b0a
|
Check iat (#183)
|
2015-04-01 15:10:08 +00:00 |
|
Clément Oudot
|
0fa5cf2614
|
Use max_age, ui_locales and acr_values (#183)
|
2015-04-01 14:51:49 +00:00 |
|
Clément Oudot
|
01aec28467
|
Use prompt (#183)
|
2015-04-01 13:00:31 +00:00 |
|
Clément Oudot
|
865551989b
|
Use display (#183)
|
2015-04-01 12:53:18 +00:00 |
|
Clément Oudot
|
9936ade26b
|
Use nonce (#183)
|
2015-03-31 16:07:50 +00:00 |
|
Clément Oudot
|
2e0f1b7088
|
Start of registration endpoint implementation (#184)
|
2015-03-30 15:57:23 +00:00 |
|
Clément Oudot
|
b14ec43a88
|
Check redirect_uri (#184)
|
2015-03-30 12:58:56 +00:00 |
|
Clément Oudot
|
da31a15cb9
|
Add support for RS256/RS384/RS512 to sign ID Tokens (#184)
|
2015-03-27 15:13:00 +00:00 |
|
Clément Oudot
|
895d7f3ef1
|
Display pretty JSON (#184)
|
2015-03-27 14:33:13 +00:00 |
|
Clément Oudot
|
d22853d775
|
Support for JWKS URI and signing public key (#184)
|
2015-03-27 14:21:43 +00:00 |
|
Clément Oudot
|
f8e37c0c8b
|
Use SAML message creation time to set netBefore and notOnOrAfter (#799)
|
2015-03-27 08:29:12 +00:00 |
|
Clément Oudot
|
6c5487ab0e
|
Check prompt parameter when displaying consent (#184)
|
2015-03-27 08:25:36 +00:00 |
|
Clément Oudot
|
9f06668eef
|
Check id_token_hint request parameter for authenticated user (#184)
|
2015-03-25 16:13:09 +00:00 |
|
Clément Oudot
|
46e3b460c1
|
Check max_age request parameter for authenticated user (#184)
|
2015-03-25 16:11:45 +00:00 |
|
Clément Oudot
|
e1794d1be7
|
Check prompt request parameter for authenticated user (#184)
|
2015-03-25 14:55:46 +00:00 |
|
Clément Oudot
|
80480e302c
|
Prompt parameter is a space delimited value (#184)
|
2015-03-25 13:48:36 +00:00 |
|
Clément Oudot
|
1937448419
|
Check hidden fields in issuerForUnAuthUser (#184)
|
2015-03-25 11:53:03 +00:00 |
|
Clément Oudot
|
158c097e66
|
Manage login_hint request parameter (#184)
|
2015-03-25 11:40:58 +00:00 |
|
Clément Oudot
|
70bcd003f6
|
Manage ui_locales request parameter (#184)
|
2015-03-25 11:15:31 +00:00 |
|
Clément Oudot
|
c6589a7f7b
|
Check display and prompt request parameters for unauthenticated user (#184)
|
2015-03-25 10:54:00 +00:00 |
|
Clément Oudot
|
c07f698bdb
|
Manage consent refuse and server_error errors (#184)
|
2015-03-25 09:11:46 +00:00 |
|
Clément Oudot
|
8e06ec1bd1
|
Get all OIDC parameters on authorization endpoint and check required ones (#184)
|
2015-03-24 17:01:15 +00:00 |
|
Clément Oudot
|
699303cf47
|
Use redirection for errors on authorization endpoint (#184)
|
2015-03-24 16:40:00 +00:00 |
|
Clément Oudot
|
62086b1570
|
Set subject_types_supported in configuration endpoint (#184)
|
2015-03-24 15:09:48 +00:00 |
|
Clément Oudot
|
4c4ad88293
|
Declare all configuration items listed in openidconnect-discovery.pdf (#184)
|
2015-03-24 15:05:38 +00:00 |
|
Clément Oudot
|
cf4dfef9fb
|
Configuration endpoint (#184)
|
2015-03-23 17:12:06 +00:00 |
|
Clément Oudot
|
45ed174666
|
Generate at_hash at token endpoint (#184)
|
2015-03-23 17:04:00 +00:00 |
|
Clément Oudot
|
2ff0b7277a
|
Add hybrid flow support (#184)
|
2015-03-23 11:54:22 +00:00 |
|
Clément Oudot
|
539f241725
|
Generate at_hash in ID Token for implicit flow (#184)
|
2015-03-19 17:04:13 +00:00 |
|
Clément Oudot
|
c3cb985323
|
Manage access token hash in RP (#183)
|
2015-03-19 15:28:58 +00:00 |
|
Clément Oudot
|
4e7f4eb85e
|
Use nonce in Authentication Code Flow (#184)
|
2015-03-17 12:56:11 +00:00 |
|
Clément Oudot
|
89e3678bdf
|
Manage OIDC Implicit Flow (#184)
|
2015-03-17 11:01:11 +00:00 |
|
Clément Oudot
|
33bc52b619
|
Skeleton to manage different OIDC response types (#184)
|
2015-03-16 17:00:56 +00:00 |
|
Clément Oudot
|
71bc645d51
|
Authentication Context in ID Token (#184)
|
2015-03-13 12:54:04 +00:00 |
|
Clément Oudot
|
23b2c6f996
|
Configure Access Token expiration (#184)
|
2015-03-13 11:09:39 +00:00 |
|
Clément Oudot
|
74958870bb
|
Auth time and expiration in ID Token (#184)
|
2015-03-13 10:54:36 +00:00 |
|
Clément Oudot
|
6d6d7e6424
|
Fix typo on Relying Party (#184)
|
2015-03-11 16:24:10 +00:00 |
|
Clément Oudot
|
167fdb66c4
|
Possibility to configure attribute used to fill OIDC User ID (#184)
|
2015-03-11 16:16:37 +00:00 |
|