...
Rod: IDP-2242 Can/Should we stop using “Unsupported” and rely instead on SECADV/OutOfDate/Current
5.1 freeze schedule
Feature freeze on 2/26, code freeze 3/4 and release that week if possible
Santuario (C++) future
Will make a proposal for a cut down V3 either at Apache if accepted, or we close it down, and fork if not (at which point it’s optional for us to do if we want).
Attendees:
Brent
Jira Legacy server System JIRA serverId f52c7d31-6eab-3f0e-93c3-231b5754d506 key OSJ-391 Think this is done? Leave defaults as they are now?
Jira Legacy server System JIRA serverId f52c7d31-6eab-3f0e-93c3-231b5754d506 key OSJ-392 Think I have a workable solution for the role descriptor adapter issues (mutable collections, and setters which throw). Need to test, mindful of the freeze timing.
...
Jira Legacy server System JIRA serverId f52c7d31-6eab-3f0e-93c3-231b5754d506 key JOIDC-186 Seems The JWT refresh token seems to be working as expected in test deployments
andJira Legacy server System JIRA serverId f52c7d31-6eab-3f0e-93c3-231b5754d506 key JCOMOIDC-96 Jira Legacy server System JIRA serverId f52c7d31-6eab-3f0e-93c3-231b5754d506 key JOIDC-196 Working OK for both metadata policies (in registration) and unregistered client policies
Do we want to make a scriptable abstract bean for custom policy operator ?
Jira Legacy server System JIRA serverId f52c7d31-6eab-3f0e-93c3-231b5754d506 key JCOMOIDC-99 Found when integrating the custom operators (above) to the merging function
Automated logout testing scripts still need to be fine-tuned for minimal template changes
Polishing and minor changes before minor release - and NonNull-work..
...
RP developments
Jira Legacy server System JIRA serverId f52c7d31-6eab-3f0e-93c3-231b5754d506 key JOIDCRP-54 Hook to add arbitrary claims into the signed Request Object.
Jira Legacy server System JIRA serverId f52c7d31-6eab-3f0e-93c3-231b5754d506 key JOIDCRP-51 Allowed the RP to send empty ACR and AMR claims to the translators. The translation function can be overridden with their own.
WebAuthn developments:
Missing 1 key for cose-java. It looks like Emil has eliminated that dependency from the Yubico libraries, and will be releasing a patch release (2.5.1) very soon. When we grab that, we will not need the key.Jira Legacy server System JIRA serverId f52c7d31-6eab-3f0e-93c3-231b5754d506 key JWEBAUTHN-2 Lots of cleanups.
A decent amount of work on the registration process.
Username and password authentication to first registration of register a WebAuthn credential, but WebAuthn flow is required once you have one.
Requires username collection as a first step in the registration flow.
Adding attestation support even if not used initially.
Rod
EDS: We have had three patches submitted. New release?
Jira Legacy server System JIRA serverId f52c7d31-6eab-3f0e-93c3-231b5754d506 key EDS-94 Jira Legacy server System JIRA serverId f52c7d31-6eab-3f0e-93c3-231b5754d506 key EDS-95 Jira Legacy server System JIRA serverId f52c7d31-6eab-3f0e-93c3-231b5754d506 key EDS-93
New helper class with 6 methods - any more needed?Jira Legacy server System JIRA serverId f52c7d31-6eab-3f0e-93c3-231b5754d506 key IDP-2240
(agenda)Jira Legacy server System JIRA serverId f52c7d31-6eab-3f0e-93c3-231b5754d506 key IDP-2242
- I plan to use this to write the documentationJira Legacy server System JIRA serverId f52c7d31-6eab-3f0e-93c3-231b5754d506 key IDP-2236 Other IdP Bugs
...