swedenconnect / opensaml-addons Goto Github PK
View Code? Open in Web Editor NEWExtensions to OpenSAML
Extensions to OpenSAML
Response ID and InResponseTo should be set.
In some cases we need to put together the redirect URL ourselves.
Implement MetadataProvider and MetadataResolver supporting MDQ.
We need to be able to configure the AbstractMetadataContainer
classes concerning how metadata is signed.
We don't want that.
Currently it is only possible to verify signatures using the default system security configuration. We need to make this configurable.
We have a number of abstract classes and templates for AuthnRequestGenerator and its input. Let's make that more simple.
Upgrade to OpenSAML 5.1.2
If an object is found the time check is fawlty.
For logging and health checks we may want to access each individual provider in a CompositeMetadataProvider
instance. Therefore we should add the getProviders()
method.
In the ResponseValidator
we need to use a more forgiving comparison when checking the Destination
attribute against the URL on which the response was received. Especially in test environments there may be a problem when comparing URLs.
We need to add support for the Holder-of-key profile.
The ResponseProcessingInput
interface defines the method getAuthnRequest()
. This will only work if the AuthnRequest is saved in a session. If it is written to a database or cache, we can't find it unless we get the ID.
Solution: Declare getAuthnRequest(final String id)
instead.
Currently, when a template object is supplied it is cloned. This leads to that the builder can not be used to modify an existing object. Introduce a possibility to not clone the template ...
Bug!
Be more forgiving
In cases where we want to use a CompositeMetadataProvider
as a metadata aggregator from several sources there should be a way to preserve the validUntil
and cacheDuration
from the underlying providers.
So, set the validUntil
and cacheDuration
to the shortest value from all underlying providers.
In OpenSAML 5 there is a change in XMLObjectSupport.cloneXMLObject
where null
isn't accepted. We must guard against that.
Add utility to aid serializing of OpenSAML objects
The checkReplay(SAMLObject)
in both MessageReplayChecker
implementations does not handle authentication requests.
We need to add a getResponse
method to ResponseProcessingResult
. It is needed in some cases (logging, etc).
After copying some code from OpenSAML's HTTPPostEncoder
implementation I see that we use HTMLEncoder.encodeForHTMLAttribute
to encode the RelayState. This may be correct for the OpenSAML implementation since it supplies data to Velocity, but for us it is wrong. In fact, it is better not to encode the parameters at all.
We should include access to the Response
object from ResponseStatusErrorException
.
OpenSAML 5 is here and we will introduce this dependency.
ResponseStatusErrorException should include issuer of response.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.