DMC/oauth2-authorization-server
0
0
Fork 0
Code Issues 6 Pull Requests Actions Packages Projects Releases Wiki Activity
70 Commits 4 Branches 2 Tags
read-signing-key-from-file
Commit Graph

70 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Andreas Svanberg
955b83fa64 Only populate id token email claims if email scope is authorized 2025-03-21 15:15:07 +01:00
Andreas Svanberg
105c75589f Populate all profile claims that are available 2025-03-21 15:15:05 +01:00
Andreas Svanberg
2eebb42168 Only populate id token profile claims if profile scope is authorized 2025-03-21 15:15:04 +01:00
Andreas Svanberg
bb888757e5 Allow falling through to regular authorization flow 
Move the custom authorization filter before the regular authorization filter.
Add a Shibboleth authentication filter before both instead of relying on a redirect flow to authenticate.
 2025-03-21 15:15:02 +01:00
Andreas Svanberg
c88fc24503 Factor out authorization code flow test infrastructure 2025-03-21 15:15:01 +01:00
Andreas Svanberg
2d16035228 Id token tests 2025-03-21 15:14:59 +01:00
Andreas Svanberg
91239cbd6e Developer custom authorization 2025-03-21 15:14:58 +01:00
Andreas Svanberg
05e65526ce Support normal authorization flow for non-developers in staging environment 2025-03-21 15:14:56 +01:00
Andreas Svanberg
74eadefe3c Refactor out duplicated code 2025-03-21 15:14:55 +01:00
Andreas Svanberg
eb87378376 Test authorization flow using metadata information (RFC 8414) 
Endpoint information is gathered from the metadata and token is verified using the provided JWK set.
 2025-03-21 15:14:53 +01:00
Andreas Svanberg
27abcb2b25 Move OAuth 2 endpoints to be compatible with current authorization server 2025-03-21 15:14:52 +01:00
Andreas Svanberg
62ad894876 Test for the entire authorization code flow 2025-03-21 15:14:51 +01:00
Andreas Svanberg
fff5812913 Turn on OIDC with data from Shibboleth 2025-03-21 15:14:49 +01:00
Andreas Svanberg
4867bd24da Upgrade to Spring Boot 3.4 2025-03-21 15:14:48 +01:00
Andreas Svanberg
1fb5e99453 Use Spring Boot built-in Docker compose support 2025-03-21 15:14:47 +01:00
Andreas Svanberg
2132ca21f3 Rename to authentication details 
Better reflects what it is, details from the authentication and not some local user details.
 2025-03-21 15:14:45 +01:00
Andreas Svanberg
525d33ed01 Protected admin section 2025-03-21 15:14:43 +01:00
Andreas Svanberg
3b52882037 Remove UserDetailsService @Bean, there are no local users only pre-authenticated 2025-03-21 15:14:41 +01:00
Andreas Svanberg
7e9c058303 Always include a local profile that can be used to make specific configuration. 
For example during development can be used to turn on logging, in CI to attach test properties, or during deployment to attach production configuration.

The file is .gitignore'd so the file is never accidentally commited.
 2025-03-21 15:14:37 +01:00
Andreas Svanberg
7fbbb076a8 Early milestone 
Working OAuth 2.0 server with authentication via Shibboleth. Has a "dev" profile to simulate Shibboleth while developing.
 2025-03-21 15:14:33 +01:00