...
No updates worth mentioning
Marvin
Phil
Jira Legacy server System JIRA columns key,summary,type,created,updated,due,assignee,reporter,priority,status,resolution serverId f52c7d31-6eab-3f0e-93c3-231b5754d506 key JCOMOIDC-39 Jira Legacy server System JIRA columns key,summary,type,created,updated,due,assignee,reporter,priority,status,resolution serverId f52c7d31-6eab-3f0e-93c3-231b5754d506 key https://shibboleth.atlassian.net/browse/JCOMOIDC-39https://shibboleth.atlassian.net/browse/JCOMOIDC-37
Using dynamic client metadata to configure proxy RPs to OPs.
Various RP improvements. Authentication Response decoding and validation.
Moving onto token exchange for auth_code flow. Should support other flows up to this point.
Testing against the OIDC certification test suites (obviously we do not have full end-2-end yet, but still neat).
Maven wars.
Better than Star Wars, but not as good as Star Trek.
Rod
Odds and Sods
Scott
https://shibboleth.atlassian.net/browse/JOIDC-11
Token flow is working minus encryption support, both opaque and (I think compliant) JWT tokens
Client ID → c14n after login → sub claim in token automatically (client_id also there)
Scope and audience claims come from the attribute resolver - resolution context extended with a subcontext (hook added in 4.2) that contains the requested/validated scope and whatever resource values are requested by the client for ease of access during resolution
Any released attributes encoded to non-reserved claim names are added to JWT automatically (i.e., don’t release what you don’t want included)
Still a few weeks of work left to do
...