Shibboleth Developer's Meeting, 2021-10-01

Call Administrivia

09:00 Central US / 10:00 Eastern US / 15:00 UK / 17:00 FI

Calls are normally the 1st and 3rd Fridays of each month. Next call would be Friday 2021-10-15. Any reason to deviate from this?

60 to 90 minute call window.

Call Details

This week's call will use the Zoom system at GU, see ZoomGU for access info.

AGENDA

• What’s left to do before declaring (some distributions of) Java 17 supported?

• Server plan C (or D or….)

Add items for discussion here

Attendees:

Brent

• Java socket server: PoC project in Git at putmanb/spring-socket-server. See README.txt for details on running.

Daniel

Henri

• JOIDC-21: Use token authentication for OIDC dynamic client registrationClosed

  • While working on the server-side metadata policy, realized that Phil’s work on metadata resolution can be exploited

• JOIDC-57: OIDC endpoints stopped working with IPv6 after Jetty upgradeClosed

  • Nimbus fixed it for version 9.1.6 (see changelog) - we’ll take it (or the latest) into use in oidc-common 1.2.0

  • Verified that it’s working on a test deployment with IPv6

Ian

John

• Testing Fargate plugin for Jenkins.

• Investigating Kaniko for building container images in Fargate.

Marvin

Phil

• JCOMOIDC-23: Add OpenID Provider Configuration Document ResolverOpen

  • Pushed more changes inc. filtering metadata once fetched from a source and filtering the list of resolved metadata via a pluggable strategy.

  • Some code cleanup

  • Looking to merge into main branch for oidc-commons next week. Henri can try and use it to resolve Metadata policies - I am sure many things will need changing once tested in a wider sense.

  • Keep at it, a number of things to add back and test out.

Rod

• Notably |JPAR-182: Check our Distributions for consistencyClosed

  • All our distributions (except MDA whose packaging in in flux) have their dependency jars signature checked in the same project as the assembly.

Scott

Tied up with OSU mess, hopefully lightening up some in October.

Tom

• Nexus - still working on :

  • proxying (because of concern about the old version of Jetty it uses)

  • containerizing

  • deploying to Central (they closed the most recent issue due to lack of activity, ok with me)

  • considering downgrading to OSS from Pro to avoid annual license renewal (in 27 days)

• Tests - troubleshooting failures especially Sauce Labs browser tests

Other