DMC/oauth2-authorization-server
0
0
Fork 0
Code Issues 4 Pull Requests Actions Packages Projects Releases Wiki Activity
72 Commits 2 Branches 0 Tags
Commit Graph

72 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Andreas Svanberg
a7e51c303c
dev profile gives admin access 2025-03-21 15:15:10 +01:00
Andreas Svanberg
ef99fbcc02
Add email claims to id token if email scope is authorized 2025-03-21 15:15:08 +01:00
Andreas Svanberg
955b83fa64
Only populate id token email claims if email scope is authorized 2025-03-21 15:15:07 +01:00
Andreas Svanberg
105c75589f
Populate all profile claims that are available 2025-03-21 15:15:05 +01:00
Andreas Svanberg
2eebb42168
Only populate id token profile claims if profile scope is authorized 2025-03-21 15:15:04 +01:00
Andreas Svanberg
bb888757e5
Allow falling through to regular authorization flow 
Move the custom authorization filter before the regular authorization filter.
Add a Shibboleth authentication filter before both instead of relying on a redirect flow to authenticate.
 2025-03-21 15:15:02 +01:00
Andreas Svanberg
c88fc24503
Factor out authorization code flow test infrastructure 2025-03-21 15:15:01 +01:00
Andreas Svanberg
2d16035228
Id token tests 2025-03-21 15:14:59 +01:00
Andreas Svanberg
91239cbd6e
Developer custom authorization 2025-03-21 15:14:58 +01:00
Andreas Svanberg
05e65526ce
Support normal authorization flow for non-developers in staging environment 2025-03-21 15:14:56 +01:00
Andreas Svanberg
74eadefe3c
Refactor out duplicated code 2025-03-21 15:14:55 +01:00
Andreas Svanberg
eb87378376
Test authorization flow using metadata information (RFC 8414) 
Endpoint information is gathered from the metadata and token is verified using the provided JWK set.
 2025-03-21 15:14:53 +01:00
Andreas Svanberg
27abcb2b25
Move OAuth 2 endpoints to be compatible with current authorization server 2025-03-21 15:14:52 +01:00
Andreas Svanberg
62ad894876
Test for the entire authorization code flow 2025-03-21 15:14:51 +01:00
Andreas Svanberg
fff5812913
Turn on OIDC with data from Shibboleth 2025-03-21 15:14:49 +01:00
Andreas Svanberg
4867bd24da
Upgrade to Spring Boot 3.4 2025-03-21 15:14:48 +01:00
Andreas Svanberg
1fb5e99453
Use Spring Boot built-in Docker compose support 2025-03-21 15:14:47 +01:00
Andreas Svanberg
2132ca21f3
Rename to authentication details 
Better reflects what it is, details from the authentication and not some local user details.
 2025-03-21 15:14:45 +01:00
Andreas Svanberg
525d33ed01
Protected admin section 2025-03-21 15:14:43 +01:00
Andreas Svanberg
3b52882037
Remove UserDetailsService @Bean, there are no local users only pre-authenticated 2025-03-21 15:14:41 +01:00
Andreas Svanberg
7e9c058303
Always include a local profile that can be used to make specific configuration. 
For example during development can be used to turn on logging, in CI to attach test properties, or during deployment to attach production configuration.

The file is .gitignore'd so the file is never accidentally commited.
 2025-03-21 15:14:37 +01:00
Andreas Svanberg
7fbbb076a8
Early milestone 
Working OAuth 2.0 server with authentication via Shibboleth. Has a "dev" profile to simulate Shibboleth while developing.
 2025-03-21 15:14:33 +01:00