Back to SNAPSHOT dev cycle

OpenConext · Oct 18, 2024 · 49450c7 · 49450c7
1 parent 5b2c649
commit 49450c7
Show file tree

Hide file tree

Showing 4 changed files with 26 additions and 3 deletions.
diff --git a/.gitignore b/.gitignore
@@ -10,3 +10,4 @@ results.log
 notes.txt
 Stateless.txt
 dependency.tree
+OPEN_ID_VC.md
diff --git a/OPEN_ID_VC.md b/OPEN_ID_VC.md
@@ -0,0 +1,22 @@
+Dynamic Client Registration
+What are the requirements for open client registration?
+
+Credential Type Design
+Verifiable credential claimset for a SURFconext user with a credentialSubject
+
+
+Credential Metadata
+/.well-known/openid-credential-issuer
+
+Credential Request endpoint
+Separate Resource Server?
+Wallet Initiated Flow
+https://curity.io/resources/learn/verifiable-credentials-issuance/
+
+Issuer Initiated Flow
+
+
+
+OAuth 2.0 Assisted Token
+https://www.ietf.org/archive/id/draft-ideskog-assisted-token-05.html
+
diff --git a/pom.xml b/pom.xml
@@ -21,7 +21,7 @@
 
     <groupId>org.openconext</groupId>
     <artifactId>oidcng</artifactId>
-    <version>6.1.15</version>
+    <version>6.1.16-SNAPSHOT</version>
     <name>oidcng</name>
 
     <dependencyManagement>

diff --git a/src/main/java/oidc/endpoints/AuthorizationEndpoint.java b/src/main/java/oidc/endpoints/AuthorizationEndpoint.java
@@ -154,7 +154,7 @@ private ModelAndView doAuthorization(MultiValueMap<String, String> parameters,
 
         if (scope != null) {
             List<String> scopeList = scope.toStringList();
-            boolean apiScopeRequested = !(scopeList.size() == 0 || (scopeList.size() == 1 && scopeList.contains("openid")));
+            boolean apiScopeRequested = !(scopeList.isEmpty() || (scopeList.size() == 1 && scopeList.contains("openid")));
             Set<String> filteredScopes = scopeList.stream()
                     .filter(s -> !s.equalsIgnoreCase("openid"))
                     .map(String::toLowerCase)
@@ -169,7 +169,7 @@ private ModelAndView doAuthorization(MultiValueMap<String, String> parameters,
              *   Manage attribute "oidc:consentRequired" is true for the RP or the RP has explicitly asked for consent
              *   There is at least one ResourceServer that has the requested scope(s) configured in manage
              */
-            if (consentRequired && apiScopeRequested && (consentFromPrompt || client.isConsentRequired()) && resourceServers.size() > 0) {
+            if (consentRequired && apiScopeRequested && (consentFromPrompt || client.isConsentRequired()) && !resourceServers.isEmpty()) {
                 LOG.info("Asking for consent for User " + user + " and scopes " + scopes);
                 return doConsent(parameters, client, filteredScopes, resourceServers, state);
             }