Shibboleth Developer's Meeting, 2024-11-01
Call Administrivia
09:00 Central US / 10:00 Eastern US / 14:00 UK / 16:00 FI
Calls are normally the 1st and 3rd Fridays of each month. Next call would be Friday 2024-11-15. Any reason to deviate from this?
60 to 90 minute call window.
Call Details
This week's call will use the Zoom system at GU, see ZoomGU for access info.
AGENDA
RDW: - JMVN-68Getting issue details... STATUS
Mostly For locally signed artifacts no longer used (xercesImpl, xml-apis)
I am reluctant to remove anything from a Keystore just because it isn't being used right now
Ditto keystores themselves.
Attendees:
Brent
- JSATTR-6Getting issue details... STATUS
Still coming along. Progress slow over last couple of weeks due to local Project From Hell.
- JSMD-11Getting issue details... STATUS
Completed for HTTP metadata resolvers.
Daniel
Nothing to report.
Henri
- JOIDC-222Getting issue details... STATUS
DynamicMetadataCache (in oidc-common) based trust chain resolution
Signature validation via metadata filters (BiFunction -hook)
Finishing first prototype for automatic registration via PAR and authorize -endpoints
Ian
Nothing to report.
John
Marvin
Phil
- JWEBAUTHN-27Getting issue details... STATUS
Cleaning this up based on feedback.
Also cleaning up the registration and management UIs. Credentials can be labelled in the view. e.g.
Once merged into main, I will announce RC3.
After RC3 is announced, I will switch contexts to work on:
WebAuthn Docs
the CSRF changes in the IdP - IDP-2339Getting issue details... STATUS
Updates to the Native Duo SDK - JDUO-92Getting issue details... STATUS
RP Automated tests against the OIDC conformance suite. I had a call with Henri about this, so I see a route forward
Think about HTTP APIs to the WebAuthn registration repository
Rod
Bug squashing
Jetty re-org (and fallout). No new testing
Tracking the CPP code in the windows build
Scott
- IDP-2288Getting issue details... STATUS
Replaced post processors with “property-specifiied class” indirection in Spring parser, deployer-compatible with original design
Had to redesign the ByReference metadata filter handling to preserve proper filter order
SP 3.5 release, smooth apart from some older packaging mistakes
Design breakdown for SP agent work
Branched cpp-sp and started teardown of existing code base
Plan is to get as much torn out as possible before working back up to new or replacement code, but keep it building as much as possible.
Looking at unit testing to validate new development to defer the need to produce a working agent I can test against Java (same way I tested the Java without a working agent). Boost has a unit testing framework worth looking at.
Tom
Thanks Henri - OP Conformance Suite tests pass for IdP 5.1.3 and V5
still need to work on the logout conformance tests
probably should test previous, current, and next versions of the OP plugin with both IdP 5.1.3 and 5.2
Thanks Rod - Jetty Plugin tests a work in progress
Back to working on IDP-2323 - consent invalid data
as I have mentioned, throwing the JsonException is trivial
looking at how that would affect storage record pruning and what to do with that “feature”