Public

Project privacy set to public. By default, its content is available to everyone (authenticated or not). Please note that more restrictive permissions might exist on some items.

stable

Clone or download

Read-only

Support the 'max_age' parameter in authorization request

Download Browse

Clients can now ask to refresh the authentication if they consider it too old [0]. To test, do an authorization request and set the max_age parameter to the maximum number of seconds allowed since the last time the user has actively authenticated. Part of story #14714: be an OpenID Connect provider [0] https://openid.net/specs/openid-connect-core-1_0.html#AuthRequest Change-Id: I0139c50e7ea1563e4ee4a5f6288f83a3d9abd32e

+112 −7
Thomas Gerbet (tgerbet) 2020-04-15 13:53
Thomas Gerbet (tgerbet) 2020-04-15 14:02
818c202dcc1aa65957269569604c9d8472f6344d
885817d8a6d786873f2660eab3e49bb98f4eca5e
git #tuleap/stable/818c202dcc1aa65957269569604c9d8472f6344d

Modified Files

Side by side diff
Inline diff
Name
M plugins/oauth2_server/include/AuthorizationServer/AuthorizationEndpointController.php +24 −2 Go to diff View file
M plugins/oauth2_server/include/OpenIDConnect/IDToken/OpenIDConnectIDTokenCreator.php +16 −3 Go to diff View file
M plugins/oauth2_server/include/oauth2_serverPlugin.php +2 −1 Go to diff View file
M plugins/oauth2_server/phpunit/AuthorizationServer/AuthorizationEndpointControllerTest.php +59 −0 Go to diff View file
M plugins/oauth2_server/phpunit/OpenIDConnect/IDToken/OpenIDConnectIDTokenCreatorTest.php +11 −1 Go to diff View file