...
Rod: IDP-2242 Can/Should we stop using “Unsupported” and rely instead on SECADV/OutOfDate/Current
5.1 freeze schedule
Feature freeze on 2/26, code freeze 3/4 and release that week if possible
Santuario (C++) future
Will make a proposal for a cut down V3 either at Apache if accepted, or we close it down, and fork if not (at which point it’s optional for us to do if we want).
Attendees:
Brent
Jira Legacy server System JIRA serverId f52c7d31-6eab-3f0e-93c3-231b5754d506 key OSJ-391 Think this is done? Leave defaults as they are now?
Jira Legacy server System JIRA serverId f52c7d31-6eab-3f0e-93c3-231b5754d506 key OSJ-392 Think I have a workable solution for the role descriptor adapter issues (mutable collections, and setters which throw). Need to test, mindful of the freeze timing.
Daniel
Henri
Jira Legacy server System JIRA serverId f52c7d31-6eab-3f0e-93c3-231b5754d506 key JOIDC-186 The JWT refresh token seems to be working as expected in test deployments
andJira Legacy server System JIRA serverId f52c7d31-6eab-3f0e-93c3-231b5754d506 key JCOMOIDC-96 Jira Legacy server System JIRA serverId f52c7d31-6eab-3f0e-93c3-231b5754d506 key JOIDC-196 Working OK for both metadata policies (in registration) and unregistered client policies
Do we want to make a scriptable abstract bean for custom policy operator ?
Jira Legacy server System JIRA serverId f52c7d31-6eab-3f0e-93c3-231b5754d506 key JCOMOIDC-99 Found when integrating the custom operators (above) to the merging function
Automated logout testing scripts still need to be fine-tuned for minimal template changes
Polishing and minor changes before minor release - and NonNull-work..
Ian
John
Marvin
Phil
RP developments
Jira Legacy server System JIRA serverId f52c7d31-6eab-3f0e-93c3-231b5754d506 key JOIDCRP-54 Hook to add arbitrary claims into the signed Request Object.
Jira Legacy server System JIRA serverId f52c7d31-6eab-3f0e-93c3-231b5754d506 key JOIDCRP-51 Allowed the RP to send empty ACR and AMR claims to the translators. The translation function can be overridden with their own.
WebAuthn developments:
Missing 1 key for cose-java. It looks like Emil has eliminated that dependency from the Yubico libraries, and will be releasing a patch release (2.5.1) very soon. When we grab that, we will not need the key.Jira Legacy server System JIRA serverId f52c7d31-6eab-3f0e-93c3-231b5754d506 key JWEBAUTHN-2 Lots of cleanups.
A decent amount of work on the registration process.
Username and password authentication to first register a WebAuthn credential, but WebAuthn flow is required once you have one.
Requires username collection as a first step in the registration flow.
Adding attestation support even if not used initially.
Rod
EDS: We have had three patches submitted. New release?
Jira Legacy server System JIRA serverId f52c7d31-6eab-3f0e-93c3-231b5754d506 key EDS-94 Jira Legacy server System JIRA serverId f52c7d31-6eab-3f0e-93c3-231b5754d506 key EDS-95 Jira Legacy server System JIRA serverId f52c7d31-6eab-3f0e-93c3-231b5754d506 key EDS-93
New helper class with 6 methods - any more needed?Jira Legacy server System JIRA serverId f52c7d31-6eab-3f0e-93c3-231b5754d506 key IDP-2240
(agenda)Jira Legacy server System JIRA serverId f52c7d31-6eab-3f0e-93c3-231b5754d506 key IDP-2242
- I plan to use this to write the documentationJira Legacy server System JIRA serverId f52c7d31-6eab-3f0e-93c3-231b5754d506 key IDP-2236 Other IdP Bugs
...