...
Add items for discussion here
Attendees:
Brent
Daniel
Merging ldaptive v2 into IDP v5
waiting until v5 main branch work settles down
Henri
The current non-resolved issues for OP 3.2:
Regarding refresh tokens:
Jira Legacy server System JIRA serverId f52c7d31-6eab-3f0e-93c3-231b5754d506 key JOIDC-90 Jira Legacy server System JIRA serverId f52c7d31-6eab-3f0e-93c3-231b5754d506 key JOIDC-92 Almost there, some final polishings / documentation to do
Jira Legacy server System JIRA serverId f52c7d31-6eab-3f0e-93c3-231b5754d506 key JOIDC-6 Helper-function for scripts and example via attribute resolver service now exists
Jira Legacy server System JIRA serverId f52c7d31-6eab-3f0e-93c3-231b5754d506 key JOIDC-112 Technically not complicated, will probably use
PROTOCOL_MESSAGE.OAUTH2
Jira Legacy server System JIRA serverId f52c7d31-6eab-3f0e-93c3-231b5754d506 key JOIDC-7 No known issues, I’ve run some tests for both OAUTH2.Token and OAUTH2.TokenAudience profiles
The plan is to release OP 3.2 and common 2.1 during the last week of June.
Ian
John
Rocky Linux 9 forecast: “ready for general release in the June - July 2022 timeframe”
Vanishingly little progress on cpp-linbuild for Fargate since last time due to competing demands on my time
Marvin
Phil
RP updated to support Brent’s JOSE Header JWK resolverJira Legacy server System JIRA serverId f52c7d31-6eab-3f0e-93c3-231b5754d506 key JCOMOIDC-41
Added JWT decryption and signature validation support to UserInfo JWT (which could just be a plain JSON object)Jira Legacy server System JIRA serverId f52c7d31-6eab-3f0e-93c3-231b5754d506 key JCOMOIDC-45 Test certain modes against the OIDC certification OP
Improved the response_mode and response_type lookup from RP config
Added scopes to RP config, default obviously openid.
Added OIDC ACR proxy pass-through function from upstream SAML request (similar to SAML proxy)
Flow XML cleanups
More tests
Rod
Jira Legacy server System JIRA serverId f52c7d31-6eab-3f0e-93c3-231b5754d506 key JSPT-98 Jira Legacy server System JIRA serverId f52c7d31-6eab-3f0e-93c3-231b5754d506 key OSJ-342 Windows Server recommendations.
Scott
Working on IdP refactor
Cloned IdP into java-shib-metadata
shib-metadata-api/impl
Unfortunately depends on some shib-attribute modules due to EntityAttributes node processor, including an impl module
shib-metadata-spring (maybe it’s time to split these into -api/-impl?)
This is at least all building and passing tests
Cloned IdP into java-shib-attribute
shib-attribute-api/impl
Probably need to deprecate and move in various Attribute-related predicates and such out of other packages
shib-attribute-resolver-api/impl/spring
Some connectors and definitions will probably stay in the IdP somewhere (e.g. anything to do with Subject)
shib-attribute-filter-api/impl/spring
Filter impl relies on shib-metadata-api due to Scope extension
Considered Spring classes open to package rename/reorg, but not the rest for now
Fair bit of work left to get this building
...