[midPoint-git] [Evolveum/midpoint] a4102c: improvements in oidc auth module (using claims fro...

Lukas Skublik noreply at github.com
Tue Apr 25 16:55:16 CEST 2023


  Branch: refs/heads/master
  Home:   https://github.com/Evolveum/midpoint
  Commit: a4102cdc076570feb00db25933d6b17e19a5505d
      https://github.com/Evolveum/midpoint/commit/a4102cdc076570feb00db25933d6b17e19a5505d
  Author: lskublik <lskublik at evolveum.com>
  Date:   2023-04-25 (Tue, 25 Apr 2023)

  Changed paths:
    M infra/schema/src/main/resources/xml/ns/public/common/common-security-3.xsd
    M model/authentication-impl/src/main/java/com/evolveum/midpoint/authentication/impl/factory/module/OidcResourceServerModuleFactory.java
    M model/authentication-impl/src/main/java/com/evolveum/midpoint/authentication/impl/filter/RemoteAuthenticationFilter.java
    M model/authentication-impl/src/main/java/com/evolveum/midpoint/authentication/impl/module/authentication/RemoteModuleAuthenticationImpl.java
    A model/authentication-impl/src/main/java/com/evolveum/midpoint/authentication/impl/module/configuration/JwtOidcResourceServerConfiguration.java
    M model/authentication-impl/src/main/java/com/evolveum/midpoint/authentication/impl/module/configuration/OidcClientModuleWebSecurityConfiguration.java
    R model/authentication-impl/src/main/java/com/evolveum/midpoint/authentication/impl/module/configuration/OidcResourceServerModuleWebSecurityConfiguration.java
    A model/authentication-impl/src/main/java/com/evolveum/midpoint/authentication/impl/module/configuration/OpaqueTokenOidcResourceServerConfiguration.java
    M model/authentication-impl/src/main/java/com/evolveum/midpoint/authentication/impl/module/configurer/OidcResourceServerModuleWebSecurityConfigurer.java
    M model/authentication-impl/src/main/java/com/evolveum/midpoint/authentication/impl/oidc/OidcAuthorizationRequestRedirectFilter.java
    M model/authentication-impl/src/main/java/com/evolveum/midpoint/authentication/impl/oidc/OidcLoginAuthenticationFilter.java
    A model/authentication-impl/src/main/java/com/evolveum/midpoint/authentication/impl/oidc/OidcUserTokenService.java
    A model/authentication-impl/src/main/java/com/evolveum/midpoint/authentication/impl/oidc/OpaqueTokenUserDetailsIntrospector.java
    M model/authentication-impl/src/main/java/com/evolveum/midpoint/authentication/impl/provider/OidcClientProvider.java
    M model/authentication-impl/src/main/java/com/evolveum/midpoint/authentication/impl/provider/OidcResourceServerProvider.java
    M model/authentication-impl/src/main/java/com/evolveum/midpoint/authentication/impl/saml/MidpointSaml2WebSsoAuthenticationFilter.java
    M model/authentication-impl/src/main/java/com/evolveum/midpoint/authentication/impl/saml/MidpointSaml2WebSsoAuthenticationRequestFilter.java
    R model/authentication-impl/src/main/java/com/evolveum/midpoint/authentication/impl/util/RequestState.java

  Log Message:
  -----------
  improvements in oidc auth module (using claims from id token for identifying of user, using opaqueToken for oidc resource server, remove check of sent request for remote auth module)


  Commit: 0306b8de7a20ffdfd13755221caf89825dc57d5b
      https://github.com/Evolveum/midpoint/commit/0306b8de7a20ffdfd13755221caf89825dc57d5b
  Author: lskublik <lskublik at evolveum.com>
  Date:   2023-04-25 (Tue, 25 Apr 2023)

  Changed paths:
    M gui/admin-gui/src/main/java/com/evolveum/midpoint/gui/impl/component/menu/LeftMenuPanel.java
    M gui/admin-gui/src/main/java/com/evolveum/midpoint/gui/impl/component/search/SearchableItemsDefinitions.java
    M gui/admin-gui/src/main/java/com/evolveum/midpoint/gui/impl/factory/panel/SearchFilterTypeForQueryModel.java
    M gui/admin-gui/src/main/java/com/evolveum/midpoint/gui/impl/page/admin/cases/component/ChildCasesPanel.java
    M gui/admin-gui/src/main/java/com/evolveum/midpoint/gui/impl/page/login/PageRegistrationFinish.java
    M gui/admin-gui/src/main/java/com/evolveum/midpoint/web/component/search/filter/ValueSearchFilterItem.java
    M gui/admin-gui/src/main/java/com/evolveum/midpoint/web/page/self/PagePostAuthentication.java
    M gui/admin-gui/src/main/java/com/evolveum/midpoint/web/session/SessionStorage.java
    A infra/schema/src/main/java/com/evolveum/midpoint/schema/DefinitionUpdateOption.java
    M infra/schema/src/main/java/com/evolveum/midpoint/schema/GetOperationOptions.java
    M infra/schema/src/main/java/com/evolveum/midpoint/schema/GetOperationOptionsBuilder.java
    M infra/schema/src/main/java/com/evolveum/midpoint/schema/GetOperationOptionsBuilderImpl.java
    A infra/schema/src/main/java/com/evolveum/midpoint/schema/ParsedGetOperationOptions.java
    M infra/schema/src/main/java/com/evolveum/midpoint/schema/SelectorOptions.java
    A infra/schema/src/main/java/com/evolveum/midpoint/schema/error/ConfigErrorReporter.java
    M infra/schema/src/main/java/com/evolveum/midpoint/schema/processor/AttributeDefinitionStore.java
    M infra/schema/src/main/java/com/evolveum/midpoint/schema/processor/ResourceAttributeContainer.java
    M infra/schema/src/main/java/com/evolveum/midpoint/schema/processor/ResourceAttributeContainerImpl.java
    M infra/schema/src/main/java/com/evolveum/midpoint/schema/processor/ResourceObjectTypeIdentification.java
    M infra/schema/src/main/java/com/evolveum/midpoint/schema/util/ItemRefinedDefinitionTypeUtil.java
    M infra/schema/src/main/java/com/evolveum/midpoint/schema/util/ObjectTemplateTypeUtil.java
    M infra/schema/src/main/resources/xml/ns/public/common/common-case-management-3.xsd
    A infra/schema/src/test/java/com/evolveum/midpoint/schema/TestConfigErrorReporter.java
    A infra/schema/src/test/resources/config-error-reporter/object-template-1.xml
    A infra/schema/src/test/resources/config-error-reporter/resource-1.xml
    M infra/schema/testng-unit.xml
    M model/model-common/src/main/java/com/evolveum/midpoint/model/common/mapping/MappingImpl.java
    M model/model-common/src/main/java/com/evolveum/midpoint/model/common/mapping/metadata/ItemValueMetadataProcessingSpec.java
    M model/model-common/src/main/java/com/evolveum/midpoint/model/common/mapping/metadata/ValueMetadataComputation.java
    M model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/controller/ModelController.java
    M model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/controller/ModelInteractionServiceImpl.java
    M model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/controller/ResolveOptionExecutor.java
    M model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/controller/SchemaTransformer.java
    M model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/lens/LensOwnerResolver.java
    R model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/lens/identities/IdentityItemConfiguration.java
    M model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/lens/identities/IdentityItemConfigurationImpl.java
    M model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/lens/indexing/IndexingItemConfigurationImpl.java
    M model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/schema/transform/TransformableItemDefinition.java
    M model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/schema/transform/TransformableObjectDefinition.java
    A model/model-impl/src/test/java/com/evolveum/midpoint/model/impl/AbstractEmptyInternalModelTest.java
    A model/model-impl/src/test/java/com/evolveum/midpoint/model/impl/perf/TestPerformance.java
    A model/model-impl/src/test/resources/common/system-configuration-empty.xml
    A model/model-impl/src/test/resources/perf/archetype-person.xml
    A model/model-impl/src/test/resources/perf/object-template-person.xml
    A model/model-impl/src/test/resources/perf/role-can-read-all.xml
    A model/model-impl/src/test/resources/perf/role-can-read-almost-all.xml
    A model/model-impl/src/test/resources/perf/role-can-read-few.xml
    A model/model-impl/src/test/resources/perf/user-can-read-all.xml
    A model/model-impl/src/test/resources/perf/user-can-read-almost-all.xml
    A model/model-impl/src/test/resources/perf/user-can-read-few.xml
    A model/model-impl/src/test/resources/schema/big-user-extension.xsd
    R model/model-impl/src/test/resources/service/model/modify/modify-user-correct.xml
    M model/model-intest/src/test/java/com/evolveum/midpoint/model/intest/gensync/TestEditSchema.java
    M model/model-intest/src/test/java/com/evolveum/midpoint/model/intest/security/TestSecurityBasic.java
    M model/model-test/src/main/java/com/evolveum/midpoint/model/test/AbstractModelIntegrationTest.java
    M model/report-impl/src/main/java/com/evolveum/midpoint/report/impl/ReportFunctions.java
    M provisioning/provisioning-impl/src/main/java/com/evolveum/midpoint/provisioning/impl/ProvisioningContext.java
    M provisioning/provisioning-impl/src/main/java/com/evolveum/midpoint/provisioning/impl/ProvisioningContextFactory.java
    M provisioning/provisioning-impl/src/main/java/com/evolveum/midpoint/provisioning/impl/shadows/ShadowedObjectConstruction.java
    M provisioning/provisioning-impl/src/test/java/com/evolveum/midpoint/provisioning/impl/opendj/TestOpenDj.java
    M provisioning/provisioning-impl/src/test/resources/opendj/resource-opendj.xml
    M repo/repo-common/src/main/java/com/evolveum/midpoint/repo/common/expression/TransformationValueMetadataComputer.java
    A repo/repo-test-util/src/main/java/com/evolveum/midpoint/test/ExtensionValueGenerator.java
    A repo/repo-test-util/src/main/java/com/evolveum/midpoint/test/asserter/AssignmentGenerator.java
    M repo/repo-test-util/src/main/java/com/evolveum/midpoint/test/asserter/ShadowAssociationAsserter.java
    A repo/repo-test-util/src/main/java/com/evolveum/midpoint/test/asserter/ShadowAssociationValueAsserter.java
    M repo/security-api/src/main/java/com/evolveum/midpoint/security/api/OwnerResolver.java
    M repo/security-enforcer-api/src/main/java/com/evolveum/midpoint/security/enforcer/api/SecurityEnforcer.java
    M repo/security-enforcer-impl/src/main/java/com/evolveum/midpoint/security/enforcer/impl/ObjectSecurityConstraintsImpl.java
    M repo/security-enforcer-impl/src/main/java/com/evolveum/midpoint/security/enforcer/impl/PhasedConstraints.java
    M repo/task-quartz-impl/src/main/java/com/evolveum/midpoint/task/quartzimpl/cluster/ClusterExecutionHelperImpl.java
    M testing/story/src/test/java/com/evolveum/midpoint/testing/story/TestOperationPerf.java
    M testing/story/src/test/resources/operation-perf/object-template-user.xml
    A testing/story/src/test/resources/operation-perf/system-configuration.xml
    M testing/story/src/test/resources/operation-perf/user-alice.xml
    M testing/story/src/test/resources/operation-perf/user-bob.xml
    M testing/story/src/test/resources/schema/big-user-extension.xsd

  Log Message:
  -----------
  Merge remote-tracking branch 'refs/remotes/origin/master'


Compare: https://github.com/Evolveum/midpoint/compare/66005c00636f...0306b8de7a20


More information about the midPoint-svn mailing list