org.forgerock / org.forgerock.openig

08 Sep, 2014

2 commits

8ed103c2 OPENIG-228 CR-4486 Align OAuth2 client and resource server configuration ... Browse Dir »
```
git-svn-id: https://svn.forgerock.org/openig/trunk@562 dbb9e58e-28e6-4ce0-90e8-f11d9605b710
```
matthew
2014-09-08 16:38:51 +0000
dbcad2ba Remove unused exception declaration. ... Browse Dir »
```
git-svn-id: https://svn.forgerock.org/openig/trunk@561 dbb9e58e-28e6-4ce0-90e8-f11d9605b710
```
matthew
2014-09-08 15:01:30 +0000

05 Sep, 2014

4 commits

c0131ed2 Transform an array of references into objects from the heap ... Browse Dir »

This change eases references resolution when they are provided as a JSON
String array (like ["RefOne", "RefTwo"]).

git-svn-id: https://svn.forgerock.org/openig/trunk@559 dbb9e58e-28e6-4ce0-90e8-f11d9605b710

2014-09-05 10:27:38 +0000

8dec1539 Expose new security heap objects (KeyStore, KeyManager and TrustManager) ... Browse Dir »

KeyStore and related security objects are being more and more central
to OpenIG:
 * Used by HttpClient
 * Needed for encryption / decryption

This patch is a first step to provide a way to configure theses as
usual heap objects (through JSON).

KeyStore heap object is an abstraction around the keystore file (either JKS,
PKCS12 or other depending on the platform capabilities).
Specifying a password or not depends on he usage:
 * If KeyStore will be used to read private credentials (through a
   KeyManager for example), a password is required
 * If not (for a TrustManager), no password is required

KeyManager and TrustManager are using a KeyStore heap object and
are used within SSL mechanism (SSLContext) to provide a view on the KeyStore:
 * KeyManager when private credentials access is required.
 * TrustManager when only public information access is required

Issues: OPENIG-295
Reviews: CR-4441

git-svn-id: https://svn.forgerock.org/openig/trunk@557 dbb9e58e-28e6-4ce0-90e8-f11d9605b710

2014-09-05 10:27:24 +0000

8cb26e78 Provide the ability to evaluate JsonValue containing expressions 'in place'. ... Browse Dir »

The previously introduced evaluate() method was a step in the right
direction, allowing resolution of static (no references to ${exchange})
string JsonValue, returning a simple resolved String.
While it works great, it's a shame that we don't benefit anymore of the
JsonValue API, in particular the conversion methods (asURL(), ...).

This fix uses a JsonTransformer to actually resolve any String wrapped
JsonValue and creates a deep copy of the given JsonValue.

git-svn-id: https://svn.forgerock.org/openig/trunk@556 dbb9e58e-28e6-4ce0-90e8-f11d9605b710

2014-09-05 10:27:10 +0000

7a460545 Introduce HeapletFactory service support ... Browse Dir »

When a new heap object instance has to be created, we first have to
find a Heaplet instance that will create the required object from the
given JSON configuration.
Heaplet instances are linked to the single object they created: they
manage the heap object lifecycle with the start() and destroy() methods.
The old behaviour was using Heaplet instances directly loaded and
instantiated, meaning that a single Heaplet instance could be used to
create multiple heap objects, somehow mixing states, which was very
wrong.

Now, HeapletFactory (instead of direct Heaplet) are found using the
ServiceLoader discovery mechanism. They are responsible to create new
Heaplet instances, meaning that we cannot anymore share a Heaplet
instance for 2 or more heap objects.

Heaplet class does not extends Indexed<Class> anymore (was only used
because of the way Heaplets was looking for Heaplet instances).
NestedHeaplet is now deprecated since its only duty was to implement the
Indexed interface. All references to NestedHeaplet were replaced to
GenericHeaplet (its parent class) in our code base to avoid ugly
compiler warnings.

As per OPENIG-302 comments, the HeapletFactory will be a short-lived
concept since this additional layer introduction was the straw that broke
the camel's back :)

Issues: OPENIG-302
Reviews: CR-4457

git-svn-id: https://svn.forgerock.org/openig/trunk@555 dbb9e58e-28e6-4ce0-90e8-f11d9605b710

2014-09-05 10:27:00 +0000

26 Aug, 2014

1 commit

b8691995 CR-4273 OPENIG-144 Classes duplicated in OpenIG and commons. ... Browse Dir »
```
- Added unit tests.



git-svn-id: https://svn.forgerock.org/openig/trunk@536 dbb9e58e-28e6-4ce0-90e8-f11d9605b710
```
violette
2014-08-26 14:21:32 +0000

25 Aug, 2014

1 commit

17a36355 CR-4353 Fix for OPENIG-283: Update documentation to show how to pass parameters to Groovy scripts ... Browse Dir »
```
git-svn-id: https://svn.forgerock.org/openig/trunk@529 dbb9e58e-28e6-4ce0-90e8-f11d9605b710
```
mark
2014-08-25 15:51:16 +0000

21 Aug, 2014

1 commit

0ee0973a CR-4269 OPENIG-240 Allow to pass parameters to Groovy scripts ... Browse Dir »
```
git-svn-id: https://svn.forgerock.org/openig/trunk@514 dbb9e58e-28e6-4ce0-90e8-f11d9605b710
```
violette
2014-08-21 09:18:16 +0000

08 Aug, 2014

2 commits

cf9c1355 CR-4220 Fix for OPENIG-271: Unused import in Scripting Dispatch example ... Browse Dir »
```
git-svn-id: https://svn.forgerock.org/openig/trunk@507 dbb9e58e-28e6-4ce0-90e8-f11d9605b710
```
mark
2014-08-08 14:03:29 +0000
fdc97d87 Additional fix for OPENIG-163 based on results of manual testing by Christophe ... Browse Dir »
```
git-svn-id: https://svn.forgerock.org/openig/trunk@502 dbb9e58e-28e6-4ce0-90e8-f11d9605b710
```
mark
2014-08-08 05:06:14 +0000

04 Aug, 2014

1 commit

965f8fe1 OPENIG-246 OpenIG in reverse proxy configuration fails half the time with http code 501 ... Browse Dir »

* Request.getEntity() never returns null, so it can't be used to determine if the request had a content or not
* Added an isEmpty() method for this purpose
* Updated HttpClient to use Entity.isEmpty()

git-svn-id: https://svn.forgerock.org/openig/trunk@461 dbb9e58e-28e6-4ce0-90e8-f11d9605b710

2014-08-04 12:58:35 +0000

03 Aug, 2014

7 commits

04a6a75e OPENIG-52 RedirectFilter allow Expressions in baseURI ... Browse Dir »

* Non-expression values are still supported (fixed/static expression like "http://www.example.com")
*Expressions are evaluated at runtime against the executed Exchange ("http://${exchange.host}:8080" will be resolved against the Exchange)
* If evaluated expression returns null (evaluation error, or null result of a successful evaluation), a HandlerException is thrown
* Added test case

git-svn-id: https://svn.forgerock.org/openig/trunk@457 dbb9e58e-28e6-4ce0-90e8-f11d9605b710

2014-08-03 14:53:31 +0000

c640a609 OPENIG-245 Support Request restore in StaticRequestFilter ... Browse Dir »

* By default, the new Request is kept in the Exchange
* If enabled, the original Request is restored in the Exchange

git-svn-id: https://svn.forgerock.org/openig/trunk@454 dbb9e58e-28e6-4ce0-90e8-f11d9605b710

2014-08-03 13:15:53 +0000

9108ab92 Added MutableUri test cases for reserved URI characters ... Browse Dir »
```
They are currently not working, so I disabled them for now

git-svn-id: https://svn.forgerock.org/openig/trunk@453 dbb9e58e-28e6-4ce0-90e8-f11d9605b710
```
guillaume.sauthier
2014-08-03 12:43:23 +0000
e4019052 Added RedirectFilter test case with Location containing encoded URL reserved characters ... Browse Dir »
```
git-svn-id: https://svn.forgerock.org/openig/trunk@452 dbb9e58e-28e6-4ce0-90e8-f11d9605b710
```
guillaume.sauthier
2014-08-03 12:43:09 +0000
fd6ca7b4 Fix minor compiler warnings. ... Browse Dir »
```
git-svn-id: https://svn.forgerock.org/openig/trunk@446 dbb9e58e-28e6-4ce0-90e8-f11d9605b710
```
matthew
2014-08-03 01:01:59 +0000

c9d5329e OPENIG-243 (CR-4178) Introduce a MutableUri construct to ease URI modifications ... Browse Dir »

* Request.uri is now a MutableUri
* Removed UriResolver since it was useless with both this new feature and the BeanResolver

git-svn-id: https://svn.forgerock.org/openig/trunk@444 dbb9e58e-28e6-4ce0-90e8-f11d9605b710

2014-08-03 00:31:45 +0000

2e89d62e Partial fix for OPENIG-235: Add better encapsulation of exchange object model in… ... Browse Dir »

… order to add addition "enhanced" getters and setters for fields

Provide better APIs for interacting with Message entities. Previously we were stuck with the esoteric BranchingInputStream which makes entities very hard (impossible?) to use in expressions and Groovy.

* methods for getting the entity's content as JSON or as a plain String
* methods for setting the entity's content to JSON or String data
* simplification (I hope) of the branch life-cycle management
* make Message closeable, delegating close to the entity and onto the branching input stream, allowing us to avoid alot of null-checking boilerplace.


git-svn-id: https://svn.forgerock.org/openig/trunk@443 dbb9e58e-28e6-4ce0-90e8-f11d9605b710

2014-08-03 00:14:40 +0000

31 Jul, 2014

2 commits

5be5eb82 Partial fix for OPENIG-235: Add better encapsulation of exchange object model in… ... Browse Dir »

… order to add addition "enhanced" getters and setters for fields

More mechanical changes:
* add encapsulation for cookies
* required equals/hashCode implementations for unit tests.


git-svn-id: https://svn.forgerock.org/openig/trunk@433 dbb9e58e-28e6-4ce0-90e8-f11d9605b710

2014-07-31 21:19:58 +0000

b44ad43f Partial fix for OPENIG-235: Add better encapsulation of exchange object model in… ... Browse Dir »

… order to add addition "enhanced" getters and setters for fields

* perform mechanical changes to encapsulate fields for Message, Request, and Response
* added Javadoc for getters and setters
* Message no longer extends FieldMap since the expression library leverages the BeanResolver.

Remaining non-mechanical changes (e.g. adding enhanced getters/setters) will be performed as separate changes.


git-svn-id: https://svn.forgerock.org/openig/trunk@430 dbb9e58e-28e6-4ce0-90e8-f11d9605b710

2014-07-31 17:02:16 +0000

30 Jul, 2014

4 commits

5e953753 Fix OPENIG-195: Implement OAuth 2.0 Client support ... Browse Dir »

Main entry point is OAuth2ClientFilter

Supports:

* OAuth 2.0 "authorization code" grant type
* automatic token refresh
* proactive and reactive authorization for SSO
* user initiated login / logout
* OpenID Connect Relying Party
* OpenID Connect discovery via "well-known configuration"
* multiple providers and optional "Nascar" page
* session based persistence
* CSRF prevention via 160 bit state nonces
* manually tested against OpenAM 11 and Google.

TODO:

* more unit testing
* cookie based session management via encrypted JWT tokens
* attribute mappings per provider? (TBD)
* consider replacing default login/logout URLs with handlers?


git-svn-id: https://svn.forgerock.org/openig/trunk@424 dbb9e58e-28e6-4ce0-90e8-f11d9605b710

2014-07-30 16:27:39 +0000

31bccdd7 CR-4013 Fix for OPENIG-199: Groovy SQL example should use the container data source ... Browse Dir »
```
git-svn-id: https://svn.forgerock.org/openig/trunk@420 dbb9e58e-28e6-4ce0-90e8-f11d9605b710
```
mark
2014-07-30 10:36:59 +0000

de42df24 OPENIG-213 (CR-4119) Provides non-Exchange related information in the Expression context ... Browse Dir »

* Added Base64 encode/decode functions
* Added read() function to read from a file
* Added readProperties() function to read from a properties file and return a Properties (usable as a Map)

git-svn-id: https://svn.forgerock.org/openig/trunk@417 dbb9e58e-28e6-4ce0-90e8-f11d9605b710

2014-07-30 08:47:38 +0000

3212027f OPENIG-213 (CR-4119) Provides non-Exchange related information in the Expression context ... Browse Dir »

* Added read-only support for 'system' -> system properties
* Added read-only support for 'env' -> environment variables

git-svn-id: https://svn.forgerock.org/openig/trunk@416 dbb9e58e-28e6-4ce0-90e8-f11d9605b710

2014-07-30 08:47:27 +0000

29 Jul, 2014

4 commits

ff166d3e Fixed checkstyle ... Browse Dir »
```
git-svn-id: https://svn.forgerock.org/openig/trunk@410 dbb9e58e-28e6-4ce0-90e8-f11d9605b710
```
guillaume.sauthier
2014-07-29 10:19:38 +0000

f035c050 * Provides UNLIMITED Duration ... Browse Dir »

* Uses Duration.duration(String) instead of constructor

git-svn-id: https://svn.forgerock.org/openig/trunk@409 dbb9e58e-28e6-4ce0-90e8-f11d9605b710

2014-07-29 10:17:14 +0000

a36e2f57 Make sure that zero is accepted as a valid duration ... Browse Dir »
```
git-svn-id: https://svn.forgerock.org/openig/trunk@407 dbb9e58e-28e6-4ce0-90e8-f11d9605b710
```
guillaume.sauthier
2014-07-29 10:16:52 +0000
b775d67c Added conversion methods to Duration ... Browse Dir »
```
git-svn-id: https://svn.forgerock.org/openig/trunk@405 dbb9e58e-28e6-4ce0-90e8-f11d9605b710
```
guillaume.sauthier
2014-07-29 10:16:39 +0000

28 Jul, 2014

3 commits

c9fc5db9 Minor unit test fixes: ... Browse Dir »

* suppress warnings about missing Javadoc
* suppress warnings about unused methods: they are actually accessed via reflection.


git-svn-id: https://svn.forgerock.org/openig/trunk@402 dbb9e58e-28e6-4ce0-90e8-f11d9605b710

2014-07-28 20:42:26 +0000

3f83ea99 Minor fix for HeapUtil: change behavior of getObject() to better support cases w… ... Browse Dir »

…here a heaplet's configuration parameter is optional. Allow name parameter to be null. If a name is provided then its associated object must exist in the heap.

git-svn-id: https://svn.forgerock.org/openig/trunk@401 dbb9e58e-28e6-4ce0-90e8-f11d9605b710

2014-07-28 20:34:30 +0000

5f672a27 Fix minor compiler warning in IDE. ... Browse Dir »
```
git-svn-id: https://svn.forgerock.org/openig/trunk@400 dbb9e58e-28e6-4ce0-90e8-f11d9605b710
```
matthew
2014-07-28 20:24:43 +0000

25 Jul, 2014

2 commits

9b50a161 Fix OPENIG-211: StaticResponseHandler should support entities which are expressions. ... Browse Dir »
```
* as per issue description
* included updates to the reference guide.


git-svn-id: https://svn.forgerock.org/openig/trunk@389 dbb9e58e-28e6-4ce0-90e8-f11d9605b710
```
matthew
2014-07-25 13:07:50 +0000

feb51642 CR-4086 OPENIG-95 && OPENIG-135(II)- Remove or hide Servlet/Filter integration s… ... Browse Dir »

…ince it complicates the configuration model
- Deleted now unused files from openig-core.
- Removed javax.servlet dependency from openig-core.



git-svn-id: https://svn.forgerock.org/openig/trunk@387 dbb9e58e-28e6-4ce0-90e8-f11d9605b710

2014-07-25 12:10:27 +0000

24 Jul, 2014

2 commits

de1dd426 Fix checkstyle failure: remove unused import. ... Browse Dir »
```
git-svn-id: https://svn.forgerock.org/openig/trunk@384 dbb9e58e-28e6-4ce0-90e8-f11d9605b710
```
matthew
2014-07-24 23:19:41 +0000
277d3ebc Introduced a Duration class to ease timeout/delay configuration using natural language ... Browse Dir »
```
git-svn-id: https://svn.forgerock.org/openig/trunk@381 dbb9e58e-28e6-4ce0-90e8-f11d9605b710
```
guillaume.sauthier
2014-07-24 09:17:26 +0000

21 Jul, 2014

3 commits

9aa3c6ce OPENIG-203 (CR-4054) Provides HttpClient as a Heaplet ... Browse Dir »

* Factored out HttpClient configuration from ClientHandler into an HttpClient specific Heaplet
* GatewayServlet registers a default HttpClient instance in the heap at startup
** This object (named 'HttpClient') can be overridden in your config.json if needed
* ClientHandler changed to use the system provided HttpClient (by default)
** Configuration has drastically changed (you now only specify optionally which HttpClient to use)
* Script configuration has been updated like ClientHandler

git-svn-id: https://svn.forgerock.org/openig/trunk@379 dbb9e58e-28e6-4ce0-90e8-f11d9605b710

2014-07-21 12:53:06 +0000

5edf16e2 Fix OPENIG-204 - Default "fall through" handler for routing ... Browse Dir »
```
* add unit test for defaultHandler.

git-svn-id: https://svn.forgerock.org/openig/trunk@378 dbb9e58e-28e6-4ce0-90e8-f11d9605b710
```
matthew
2014-07-21 12:25:06 +0000
08fb9a75 Fix OPENIG-202: Provide a default configuration and welcome page ... Browse Dir »
```
* unit test for WelcomeHandler.




git-svn-id: https://svn.forgerock.org/openig/trunk@377 dbb9e58e-28e6-4ce0-90e8-f11d9605b710
```
matthew
2014-07-21 12:24:14 +0000

18 Jul, 2014

1 commit

61f1f9f6 Minor fix: OpenIG's TimeService has been relocated to forgerock-util. ... Browse Dir »
```
git-svn-id: https://svn.forgerock.org/openig/trunk@372 dbb9e58e-28e6-4ce0-90e8-f11d9605b710
```
matthew
2014-07-18 19:11:41 +0000