Versions Compared

Old Version 8

changes.mady.by.user Philip Smart

Saved on

compared with

New Version Current

changes.mady.by.user Scott Cantor

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  1. Plan to submit grant proposal to GEANT for OpenID Fed work

  2. Release schedule

    1. Will do a 3.0.1 of OIDC commons to fix javadoc and allow a Duo release when it’s ready

    2. The plugins will get done when they’re done

    3. 5.1 would be nice to get out by end of Feb but no particular urgency

  3. Board updates

Attendees:

Brent

  • Jira Legacy
    serverSystem JIRA
    serverIdf52c7d31-6eab-3f0e-93c3-231b5754d506
    keyOSJ-391

    • I obviouslyoverlooked obviously overlooked issues with the custom schemas in the IdP. I’ll take a look at those and see if there is a viable solution, such as merging the <TrustEngine> etc type of stuff with an injected HttpClientSecurityParameters, using some order of precedence.

  • Jira Legacy
    serverSystem JIRA
    serverIdf52c7d31-6eab-3f0e-93c3-231b5754d506
    keyOSJ-392

    • Will investigate doing something rational on the interface collections. I think having them throw on mutation attempts would be consistent with the other setter methods.

...

  • Jira Legacy
    serverSystem JIRA
    serverIdf52c7d31-6eab-3f0e-93c3-231b5754d506
    keyJCOMOIDC-95

    • Realized that those could not be customized with the JSON security configuration

    • Should we inherit clockSkew setting from security configuration?

  • Jira Legacy
    serverSystem JIRA
    serverIdf52c7d31-6eab-3f0e-93c3-231b5754d506
    keyJOIDC-191

    • xml-safe flag enabled by default → _ -prefixes in identifiers

  • Jira Legacy
    serverSystem JIRA
    serverIdf52c7d31-6eab-3f0e-93c3-231b5754d506
    keyJOIDC-186

    • JWT-format committed and tested

  • Jira Legacy
    serverSystem JIRA
    serverIdf52c7d31-6eab-3f0e-93c3-231b5754d506
    keyJCOMOIDC-96

    • TODO: wiring and tests for OP

  • Work on the GEANT proposal

Ian

John

  • Amazon Linux (2, 2023) and RHEL (7, 8, 9) image bumps

  • Starting to get oriented to the IdP with an eye toward SP testing

Marvin

Phil

  • plexus-io-3.4.2 released with a key from a known individual.

    • Although no new release of maven-javadoc-plugin that uses that yet. And overriding versions non-trivial.

      • (As Ian noted) Should be easier to override a plugin dep version than exclude transitive dependencies.

  • Jira Legacy
    serverSystem JIRA
    serverIdf52c7d31-6eab-3f0e-93c3-231b5754d506
    keyJDUO-82
    - Some amendments to that.

  • Strategy to release commons 3.0.1. Happy to do this if the email makes sense. Release stuff already on the agenda.

  • Jira Legacy
    serverSystem JIRA
    serverIdf52c7d31-6eab-3f0e-93c3-231b5754d506
    keyJOIDCRP-53

    • My fault, but I should have put those two user-controlled files into oidc-config.

    • Need to think about versions, compatibility, updates etc.

  • Jira Legacy
    serverSystem JIRA
    serverIdf52c7d31-6eab-3f0e-93c3-231b5754d506
    keyJWEBAUTHN-1

    • 2FA flow working. Off logic that needs review

    • Usernameless flow working.

    • Passwordless flow in progress

      • Working on username input

    • Then, integration into Storage API.

...