...
https://shibboleth.atlassian.net/browse/JPAR-178 updated this. Seems OK - at least for now.
Working on RP:
Profile configuration hookup (OIDC.SSO for now)
Message Encoders. Proposed to borrow the ideas used in the SpringAwareMessageEncoderFactory but for OAuth ResponseModes and RP authn request. In https://shibboleth.atlassian.net/browse/JCOMOIDC-27
Work on commons:
Henri has ideas on how to improve the metadata resolver work, so I will revisit some of that.
- move some of the OP profile configuration stuff into oidc-common. Some is needed by the RP. Added timescales to the agenda on what gets released when and how the changeover in the OP happens.Jira Legacy server System JIRA columns key,summary,type,created,updated,due,assignee,reporter,priority,status,resolution serverId f52c7d31-6eab-3f0e-93c3-231b5754d506 key JCOMOIDC-21
- need to check JWT validation API is suitable for upcoming use cases.Jira Legacy server System JIRA columns key,summary,type,created,updated,due,assignee,reporter,priority,status,resolution serverId f52c7d31-6eab-3f0e-93c3-231b5754d506 key JCOMOIDC-26
Other:
Maybe look to switch the default CSRF validation predicate to use a constant-time algorithm. Although is injectable and I am not sure adds much in our case.
Rod
...
Please configure your Maven user settings
~/.m2/settings.xmlaccording to Configuration on Setting Up, Configuring, and Using Maven
To prepare for :https://shibboleth.atlassian.net/browse/GEN-299
Scott : could use help with redirects
Ian : could you monitor the new Maven URLs URL
https://build.shibboleth.net/mavenplease ?
...