DMC/oauth2-authorization-server
0
0
Fork 0
Code Issues 5 Pull Requests Actions Packages Projects Releases Wiki Activity
70 Commits 2 Branches 2 Tags
read-signing-key-from-file
Commit Graph

70 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
ansv7779 955b83fa64 Only populate id token email claims if email scope is authorized 2025-03-21 15:15:07 +01:00
ansv7779 105c75589f Populate all profile claims that are available 2025-03-21 15:15:05 +01:00
ansv7779 2eebb42168 Only populate id token profile claims if profile scope is authorized 2025-03-21 15:15:04 +01:00
ansv7779 bb888757e5 Allow falling through to regular authorization flow 
Move the custom authorization filter before the regular authorization filter.
Add a Shibboleth authentication filter before both instead of relying on a redirect flow to authenticate.
 2025-03-21 15:15:02 +01:00
ansv7779 c88fc24503 Factor out authorization code flow test infrastructure 2025-03-21 15:15:01 +01:00
ansv7779 2d16035228 Id token tests 2025-03-21 15:14:59 +01:00
ansv7779 91239cbd6e Developer custom authorization 2025-03-21 15:14:58 +01:00
ansv7779 05e65526ce Support normal authorization flow for non-developers in staging environment 2025-03-21 15:14:56 +01:00
ansv7779 74eadefe3c Refactor out duplicated code 2025-03-21 15:14:55 +01:00
ansv7779 eb87378376 Test authorization flow using metadata information (RFC 8414) 
Endpoint information is gathered from the metadata and token is verified using the provided JWK set.
 2025-03-21 15:14:53 +01:00
ansv7779 27abcb2b25 Move OAuth 2 endpoints to be compatible with current authorization server 2025-03-21 15:14:52 +01:00
ansv7779 62ad894876 Test for the entire authorization code flow 2025-03-21 15:14:51 +01:00
ansv7779 fff5812913 Turn on OIDC with data from Shibboleth 2025-03-21 15:14:49 +01:00
ansv7779 4867bd24da Upgrade to Spring Boot 3.4 2025-03-21 15:14:48 +01:00
ansv7779 1fb5e99453 Use Spring Boot built-in Docker compose support 2025-03-21 15:14:47 +01:00
ansv7779 2132ca21f3 Rename to authentication details 
Better reflects what it is, details from the authentication and not some local user details.
 2025-03-21 15:14:45 +01:00
ansv7779 525d33ed01 Protected admin section 2025-03-21 15:14:43 +01:00
ansv7779 3b52882037 Remove UserDetailsService @Bean, there are no local users only pre-authenticated 2025-03-21 15:14:41 +01:00
ansv7779 7e9c058303 Always include a local profile that can be used to make specific configuration. 
For example during development can be used to turn on logging, in CI to attach test properties, or during deployment to attach production configuration.

The file is .gitignore'd so the file is never accidentally commited.
 2025-03-21 15:14:37 +01:00
ansv7779 7fbbb076a8 Early milestone 
Working OAuth 2.0 server with authentication via Shibboleth. Has a "dev" profile to simulate Shibboleth while developing.
 2025-03-21 15:14:33 +01:00