Shibboleth Developer's Meeting, 2022-12-02

Call Administrivia

09:00 Central US / 10:00 Eastern US / 15:00 UK / 17:00 FI

Calls are normally the 1st and 3rd Fridays of each month. Next call would be Friday 2022-12-15. Any reason to deviate from this?

60 to 90 minute call window.

This week's call will use the Zoom system at GU, see ZoomGU for access info.

JSSH-16: Update to Apache HttpClient 5.xClosed
- Still making good progress, working on OpenSAML and higher layers now. Mostly mechanical.

OP-snapshot now depends on oidc-commons 2.2-snapshot
- Refactoring OP to exploit the new features from commons
  - JCOMOIDC-38: Move various support classes from the OP pluginOpen
  - JCOMOIDC-41: Move OIDC Signature Validation resolvers and parameter classes to commonsClosed
    - Started with relying-party/postconfig.xml, now proceeding flow by flow
For the next joint release of commons, OP and RP:
- JCOMOIDC-48: Move OIDC.SSO profile bean to commonsClosed

Released RP v0.0.2. Now includes a JSON Web Keys document location: JOIDCRP-21: PublishKeySet Security Configuration and FlowReopened
Some oidc-comms work:
- JCOMOIDC-53: Add access token at_hash validatorClosed
- Still need to move in OIDC.SSO and now OIDC.KeySet beans and figure out how well that all works.
TechEx is next week. Thanks to Scott for helping me with that.

JSSH-5: ServiceableComponent should implement AutoCloseClosed
- Unclear to me how much this is likely to affect deployers, I suspect minimally
- I made a null → nonnull API change around the getServiceableComponent method
  - Should this raise a checked exception instead of the original unchecked ServiceException?
IDP-2042: Finalize deprecation of HttpServletXXX proxiesClosed
Continued work on null cleanup

FYI Added Pipeline (Jenkinsfile) support to Jenkins as a PoC (as mentioned on Slack)