2022-05-06
Shibboleth Developer's Meeting, 2022-05-06
Call Administrivia
09:00 Central US / 10:00Â Eastern US /Â 15:00Â UK / 17:00 FI
Calls are normally the 1st and 3rd Fridays of each month. Next call would be Friday 2022-05-20. Any reason to deviate from this?
60 to 90 minute call window.
Call Details
This week's call will use the Zoom system at GU, see ZoomGU for access info.
AGENDA
Refactoring/renaming components for V5 (Slack thread)
Long discussion about how to reorg things, no decisions other than to revisit once we have a working Spring 6 build of everything.
Scott will take an AI to write up a summary inventory of components in the various places right now
Attendees:
Brent
Â
Daniel
Â
Henri
Â
Ian
IDP-1892: Investigate forking Spring Web Flow for IdP 5Closed
in service to JPAR-186: Create Java 17 + Spring Framework 6 + Jakarta EE 9 platformClosed
Notes on Hibernate
John
Â
Marvin
Â
Phil
Success! JPAR-207: Revert maven-javadoc-plugin to official Apache versionOpen
They fixed it. We either move to 3.3.2 or 3.4.0. The latter breaks backward compatibility with reporting-api < 3.1.0 - not sure we care, so should use 3.4.0.
JCOMOIDC-41: Move OIDC Signature Validation resolvers and parameter classes to commonsClosed Pushed the changes I was working on to the oidc-common dev branch to support JWT signature validation using the new trust engine.
Works for resolving and validating the RSA signature on the id_token that comes back from the OIDC certification simple client test.
Added several misc. classes. Added an OP metadata credential resolver to extract ‘trusted’ keys from the jwks_uri.
Will need a resolver to acquire the client_secret for MAC validation - which I almost already have in the RP for resolving the client_authentication.
Maybe a resolver for PKIX style validation of the public key used using the x5c headers.
Â
Rod
Closed multiple outstanding Jira cases
OSJ-342: Investigate Strategies to end of life our use of Hibernate in V5Closed
Plan is to release a Plugin/Module ASAP, deprecate JPA version immediately and remove Hibernate in V5
Need to loop back around on missing keys ( JPAR-200: Update to jcommander 1.82Open, JPAR-201: Update to rhino 1.7.14Closed
Â
Scott
Testbed / Jetty 10
JOIDC-7: Support JWT access tokens for code or implicit grantsResolved
Bum-rushed adding JWT support to the remaining grants (not sure about refresh but I think that’s handled) in parallel with the design we just shipped.
IDP-1945: Excessive spring and hibernate loggingClosed
Logback defaults to debug, so relocating classpath:/logback.xml did a bad thing
Started work on next-stage of POC for SP service in Java
Making slow progress standing something up that parallels the IdP (sp.home, properties, etc.)
Experimenting with Spring context design for this, wondering about implications of a ReloadableService containing other ReloadableServices and what happens to the refresh threads if the parent service reloads.
Once there’s a viable Spring container, will add the Spring integration gateway in and start working on message endpoint registration API for components to call
Tom
Testbed with Jetty 10
Would like integration tests to work with the
10
branch, rather than creating a test-specific branch, as I thought10
is the example for deployersDo we just need to change the
jetty.sslContext.keyStorePath
in the10-testbed-eclipse
branch instead of10
for the testbed ?Would like to default the testbed / integ tests/ doc to Jetty 10
JPAR-197: Remove our repositories from POMsOpen Schedule for V5 ?
Other
Â