Public

Project privacy set to public. By default, its content is available to everyone (authenticated or not). Please note that more restrictive permissions might exist on some items.

stable

Clone or download

Read-only

Merge commit 'refs/changes/63/6363/2' of ssh://gerrit.tuleap.net:29418/tuleap into stable

Download Browse

* ssh://gerrit.tuleap.net:29418/tuleap: request #9408: Prevent mix-up attacks with OpenID Connect

+294 −47
Nicolas Terray (nterray) 2016-08-24 10:17
Nicolas Terray (nterray) 2016-08-24 10:17
f615fdc56fe172eb243bb01883731cef8368aa21
git #tuleap/stable/f615fdc56fe172eb243bb01883731cef8368aa21

Modified Files

Side by side diff
Inline diff
Name
M plugins/openidconnectclient/include/OpenIDConnectClient/Authentication/AuthorizationDispatcher.php +9 −2 Go to diff View file
M plugins/openidconnectclient/include/OpenIDConnectClient/Authentication/Flow.php +1 −1 Go to diff View file
M plugins/openidconnectclient/include/OpenIDConnectClient/Authentication/IDTokenVerifier.php +14 −2 Go to diff View file
M plugins/openidconnectclient/include/OpenIDConnectClient/Authentication/SessionState.php +18 −4 Go to diff View file
M plugins/openidconnectclient/include/OpenIDConnectClient/Authentication/State.php +27 −4 Go to diff View file
M plugins/openidconnectclient/include/OpenIDConnectClient/Authentication/StateFactory.php +18 −8 Go to diff View file
M plugins/openidconnectclient/include/OpenIDConnectClient/Authentication/StateManager.php +2 −1 Go to diff View file
M plugins/openidconnectclient/include/OpenIDConnectClient/Authentication/StateStorage.php +2 −1 Go to diff View file
A plugins/openidconnectclient/include/OpenIDConnectClient/Authentication/Uri/Generator.php +53 −0 Go to diff View file
M plugins/openidconnectclient/include/autoload.php +3 −2 Go to diff View file
M plugins/openidconnectclient/include/openidconnectclientPlugin.class.php +3 −1 Go to diff View file
M plugins/openidconnectclient/tests/Authentication/FlowTest.php +5 −2 Go to diff View file
M plugins/openidconnectclient/tests/Authentication/IDTokenVerifierTest.php +45 −13 Go to diff View file
M plugins/openidconnectclient/tests/Authentication/StateManagerTest.php +6 −4 Go to diff View file
M plugins/openidconnectclient/tests/Authentication/StateTest.php +3 −2 Go to diff View file
A plugins/openidconnectclient/tests/Authentication/Uri/GeneratorTest.php +85 −0 Go to diff View file