Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 9 Next »

Shibboleth Developer's Meeting, 2022-09-02

Call Administrivia

09:00 Central US / 10:00 Eastern US / 15:00 UK / 17:00 FI

Calls are normally the 1st and 3rd Fridays of each month. Next call would be Friday 2022-09-16. Any reason to deviate from this?

90 to 120 minute call window.

Call Details

This week's call will use the Zoom system at GU, see ZoomGU for access info.

AGENDA

  • JPAR-212 - Getting issue details... STATUS

    • Obviously “document this insanity” is the real task, but should be update the links?

  • IDP-1935 - Getting issue details... STATUS

    • May want to visit this as part of the work reviewing the OIDC encryption code

Attendees:

Brent

Daniel

Henri

  • Absent today

  • (At least) one more patch release needed for OP 3.2

Ian

  • New repository trimming work:

    • Have this working for java-shib-attribute, probably

    • Empty commits and their tags are expunged as a side-effect

    • Size comes down from 80MB to 25MB, approx

    • Optional pre-renaming to help avoid the need for --follow

    • What to do about old tags and branches?

John

Marvin

Phil

  • JOIDCRP-19 - Getting issue details... STATUS - hadn’t added the audit extractors. Have now. But just thinking it through.

    • Copied some OP extractors to commons.

  • JOIDCRP-17 - Getting issue details... STATUS Completed some refactoring of the encryption resolvers.

    • Have not committed in-case Brent was in the middle of looking at its current state.

    • Mostly a refactor from subclasses to lookup strategies to determine algorithms to use and credential resolvers. The credential resolvers allow the reuse of the existing signature validation resolvers for looking up the client_secret from criterion, and the OP’s keys from its public keyset document.

    • Also removed the direct capability of resolver encryption keys from local config. The OIDC spec says the symmetric keys must be derived from client_secret, and the asymmetric keys must come from the OP’s keyset document - makes sense. That said, you could technically plug any cred resolver into it.

Rod

  • Apologies, but may not make today’s meeting.

  • Nothing to report.

Scott

  • GEN-315 - Getting issue details... STATUS

    • Mostly done at this point.

    • Be aware compiler error/warnings are now uncontrolled

  • Misc backlog

  • Started the java-shib-shared refactor with a goal of eliminating unusual dependency chains based on test jars

    • Criteria for new modules? E.g., OpenSAML uses a Velocity class but not Spring, so a velocity module without requiring optional dependencies has a single class in it.

Tom

  • working on Sauce Labs tests

    • seems to be a Selenium / Safari driver bug which prevents clicking on a radio button on iOS / iPadOS

  • new Jenkins agents : AmazonLinux2 and Rocky9

    • still working on WindowsServer2022

Other

  • No labels