Issue 705 suspend client #1611
Closed
Issue 705 suspend client #1611
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Fix getAdditionalInformation() method.
- The logic to create and query AuthenticationHolder entities have been moved to a service, and other services that depended on AuthenticationHolderRepository now depend on AuthenticationHolderEntityService - An additionalInfo map collection has been added to SavedUserAuthentication. This map can be used to store other information related to user authentication (like authn type, attributes etc.)
RandomValueStringGenerator default constructor creates a code of length six only. The RFC 6819 (OAuth 2.0 Threat Model and Security Considerations) suggests (5.1.4.2.2. Use High Entropy for Secrets) that secrets that aren't used by humans (e.g. client secrets or token handles) have a reasonable level of enthropy. They propose a token lengths of at least 128 bits. Since the RandomValueStringGenerator only uses case sensitive alpha numeric symbols, 22 symbols are needed to achieve an enthropy >=128 bits.
* mitre/master: (153 commits) removed old document PDFs from repo check for missing refresh token value on refresh, closes mitreid-connect#1242 removed unused field from UI config bean fixed client readme file Updated copyrights Corrected typo fixed unit test for new default redirect behavior set redirect URI matching to strict by default escaped output values on approval page, closes mitreid-connect#1111 added changelog file [maven-release-plugin] prepare for next development iteration [maven-release-plugin] prepare release mitreid-connect-1.3.1 downgrade mysql dependency to GA version Removed double 'sure' fixed discovery endpoint, closes mitreid-connect#1230 Completed end session endpoint end session endpoint skeleton of end session endpoint, maybe need a change to user info lookup Fix psql_database script, replace SERIAL with BIGSERIAL and fix ... [maven-release-plugin] prepare for next development iteration ...
Now for real...
As per https://tools.ietf.org/html/rfc7662#section-2.2 the `sub` key should identify the resource owner in oauth2 introspection responses. This change adds support for the `sub` key and will allow the introspection response of RFC-compliant servers to be parsed. Will still try `user_id` first as to not break backward compatibility.
Add an index for refresh_token.token_value
Upgrade to Java 11 and Spring 5
instead of AT value
Merge updates from source repo into our development branch
It follows RFC https://datatracker.ietf.org/doc/html/rfc9068 Bumped MitreID version 1.3.6.cnaf-20230914
Back to bouncycastle v1.58
Bump version to 1.3.6-cnaf-20231129
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
No description provided.