Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

This week's call will use the Zoom system at GU, see ZoomGU for access info.

AGENDA

  • Rod: IDP-2242 Can/Should we stop using “Unsupported” and rely instead on SECADV/OutOfDate/Current

  • 5.1 freeze schedule

    • Feature freeze on 2/26, code freeze 3/4 and release that week if possible

  • Santuario (C++) future

    • Will make a proposal for a cut down V3 either at Apache if accepted, or we close it down, and fork if not (at which point it’s optional for us to do if we want).

Attendees:

Brent

  • Jira Legacy
    serverSystem JIRA
    serverIdf52c7d31-6eab-3f0e-93c3-231b5754d506
    keyOSJ-391

    • Think this is done? Leave defaults as they are now?

  • Jira Legacy
    serverSystem JIRA
    serverIdf52c7d31-6eab-3f0e-93c3-231b5754d506
    keyOSJ-392

    • Think I have a workable solution for the role descriptor adapter issues (mutable collections, and setters which throw). Need to test, mindful of the freeze timing.

Daniel

Henri

  • Jira Legacy
    serverSystem JIRA
    serverIdf52c7d31-6eab-3f0e-93c3-231b5754d506
    keyJOIDC-186

    • The JWT refresh token seems to be working as expected in test deployments

  • Jira Legacy
    serverSystem JIRA
    serverIdf52c7d31-6eab-3f0e-93c3-231b5754d506
    keyJCOMOIDC-96
    and
    Jira Legacy
    serverSystem JIRA
    serverIdf52c7d31-6eab-3f0e-93c3-231b5754d506
    keyJOIDC-196

    • Working OK for both metadata policies (in registration) and unregistered client policies

    • Do we want to make a scriptable abstract bean for custom policy operator ?

  • Jira Legacy
    serverSystem JIRA
    serverIdf52c7d31-6eab-3f0e-93c3-231b5754d506
    keyJCOMOIDC-99

    • Found when integrating the custom operators (above) to the merging function

  • Automated logout testing scripts still need to be fine-tuned for minimal template changes

  • Polishing and minor changes before minor release - and NonNull-work..

Ian

John

Marvin

Phil

Rod

...

  • RP developments

    • Jira Legacy
      serverSystem JIRA
      serverIdf52c7d31-6eab-3f0e-93c3-231b5754d506
      keyJOIDCRP-54

      • Hook to add arbitrary claims into the signed Request Object.

    • Jira Legacy
      serverSystem JIRA
      serverIdf52c7d31-6eab-3f0e-93c3-231b5754d506
      keyJOIDCRP-51

      • Allowed the RP to send empty ACR and AMR claims to the translators. The translation function can be overridden with their own.

  • WebAuthn developments:

    • Jira Legacy
      serverSystem JIRA
      serverIdf52c7d31-6eab-3f0e-93c3-231b5754d506
      keyJWEBAUTHN-2
      Missing 1 key for cose-java. It looks like Emil has eliminated that dependency from the Yubico libraries, and will be releasing a patch release (2.5.1) very soon. When we grab that, we will not need the key.

    • Lots of cleanups.

    • A decent amount of work on the registration process.

      • Username and password authentication to first register a WebAuthn credential, but WebAuthn flow is required once you have one.

        • Requires username collection as a first step in the registration flow.

    • Adding attestation support even if not used initially.

Rod

  • EDS: We have had three patches submitted. New release?

    • Jira Legacy
      serverSystem JIRA
      serverIdf52c7d31-6eab-3f0e-93c3-231b5754d506
      keyEDS-94

    • Jira Legacy
      serverSystem JIRA
      serverIdf52c7d31-6eab-3f0e-93c3-231b5754d506
      key

    IDP-2240 Is this enough
    • EDS-95

    • Jira Legacy
      serverSystem JIRA
      serverIdf52c7d31-6eab-3f0e-93c3-231b5754d506
      keyEDS-93

  • Jira Legacy
    serverSystem JIRA
    serverIdf52c7d31-6eab-3f0e-93c3-231b5754d506
    keyIDP-2240
    New helper class with 6 methods - any more needed?

  • Jira Legacy
    serverSystem JIRA
    serverIdf52c7d31-6eab-3f0e-93c3-231b5754d506
    keyIDP-2242
    (agenda)

  • Jira Legacy
    serverSystem JIRA
    serverIdf52c7d31-6eab-3f0e-93c3-231b5754d506
    keyIDP-2236
    - I plan to use this to write the documentation

  • Other IdP Bugs

Scott

  • Grant proposal was submitted by Jisc.

  • Met with Duo regarding Passwordless, follow up planned prior to finalizing

  • Thymeleaf plugin - think this is in a satisfactory place for the release

  • Jira Legacy
    serverSystem JIRA
    serverIdf52c7d31-6eab-3f0e-93c3-231b5754d506
    keyIDP-2244

  • Jira Legacy
    serverSystem JIRA
    serverIdf52c7d31-6eab-3f0e-93c3-231b5754d506
    keyIDP-2233

    • Will consider whether there’s more worth doing but probably good enough for now.

  • Jira Legacy
    serverSystem JIRA
    serverIdf52c7d31-6eab-3f0e-93c3-231b5754d506
    keyIDP-2245

    • Noting this only because I did do the initializer refactor to use the new shared base class. I can’t see this causing problems but I’ll want to test that on my dev system before we freeze.

Tom

  • OIDC tests : looking for example / test flows (as discussed on Slack, thank you)

  • nit : maybe add link to source on wiki pages for IdP plugins

Other