Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 10 Current »

Shibboleth Developer's Meeting, 2022-09-16

Call Administrivia

09:00 Central US / 10:00 Eastern US / 15:00 UK / 17:00 FI

Calls are normally the 1st and 3rd Fridays of each month. Next call would be Friday 2022-10-07. Any reason to deviate from this?

60 to 90 minute call window.

Call Details

This week's call will use the Zoom system at GU, see ZoomGU for access info.

AGENDA

  • Are we ready to bump Jenkins agents to latest Maven 3.8.6 ? (Tom)

  • JPAR-197 - Getting issue details... STATUS (Tom)

  • (Phil & Henri) oidc-commons branch merging, testing, and eventual release

Attendees:

Brent

  • OSJ-360 - Getting issue details... STATUS

    • Done, after figuring out some pesky policy OID stuff.

  • Users list question about Veracode, EC named curves implies: Should we consider a security policy layer that blocks “weak” keys from being used (as opposed to weak signing/encryption/other algorithms)?

Daniel

Henri

  • JOIDC-127 - Getting issue details... STATUS

    • The sid claim is required for the logout feature

    • Fairly simple to implement, but API-module changes cannot be avoided

  • JOIDC-128 - Getting issue details... STATUS

    • Currently the authorize flow hardcoded to decode OIDC authentication requests

    • Prototyping with a decision-state before decoding request:

      • if the scope-parameter contains openid, it’s OIDC authentication request

      • OAuth authorization request otherwise

      • Refactor SWF actions / functions into using OIDC only when really OIDC-specific

Ian

  • Repository pruning continues.

  • Spring Framework 6.0.0-M6 (and 5.3.23) are out.

    • 6.0.0-RC1 due 2022-10-12.

    • 6.0.0-RC2 due 2022-10-20.

John

Marvin

Phil

Rod

  • Nothing to report

  • Apologies, I won’t be able to make the call

Scott

  • Refactoring…

    • Bean created that will rewrite class and parent declarations based on a map, and the bean is now installed on main branch for global and all service contexts. Should be able to add it to the flows too.

    • All of spring-extensions has been migrated to net.shibboleth.shared.spring.* package names with rules added to the rewrite map in global-system.xml. One stub left behind for web.xml compatibility.

    • Moved on to work on test refactoring. OpenSAML now has a -testing module for test APIs, and many of its impl modules now depend on it, but -api cannot to prevent loops. This necessitated breaking apart -core (which we should have done anyway) and also migrating a few other tests down into -impl modules.

      • Any tests of a package defined in -api but implemented in -impl tend to have “.tests” on the end of the package name to avoid package sealing violations.

      • Will be moving on to remaining layers to eliminate test-jar dependencies.

Tom

Other

  • No labels