jonthomas

OPENAM-1462 CR-8292 port OATH TOTP resynch to standard OATH module
OPENAM-6892 CR-8207 Create a Shared Secret Provider plugin for OATH module
OPENAM-6372 CR-8303 Correctly decoded goto parameters during login
Second(ish) round - updated TOTPAlogrithm to use byte array as the value is present anyway.

Second(ish) round - updated TOTPAlogrithm to use byte array as the value is present anyway.

Actually this may be number of hex digits specified (minSecretKeyLength) multiplied by 2 to get bytes and verify against array - will double check to see any traps.

Actually this may be number of hex digits specified (minSecretKeyLength) multiplied by 2 to get bytes and verify against array - will double check to see any traps.

Ok so pressing complete for now.

Ok so pressing complete for now.

Removed this - and using standard DataTypeConvertor

Removed this - and using standard DataTypeConvertor

maybe there is a better word that transformation ?

maybe there is a better word that transformation ?

Not sure about this conversion back - as I can't see any other way to do it without passing minlength to extension.

Not sure about this conversion back - as I can't see any other way to do it without passing minlength to extension.

Ah - possibly switch this to warning level.

Ah - possibly switch this to warning level.

Will fall over to default when invoked - have added that to logs as it would seem easier to notice then.

Will fall over to default when invoked - have added that to logs as it would seem easier to notice then.

done

done

yup.

yup.

I'm open to suggestions.

I'm open to suggestions.

Probably - the other annotation I left out was the @since - I can place both in if needed.

Probably - the other annotation I left out was the @since - I can place both in if needed.

AMSUST-126 Add plugin to get OATH shared secret.
AMSUST-126 Add plugin to get OATH shared secret.
For got to update text - this will be the Shared Secret Implementation class or whatever name is decided - will remove decrypt references.

For got to update text - this will be the Shared Secret Implementation class or whatever name is decided - will remove decrypt references.

Looks fine - i know there's a warning message - not sure if it is worth a documentation note as well.

Looks fine - i know there's a warning message - not sure if it is worth a documentation note as well.

OPENAM-6741 CR-8123 added LinkedHashSet to deserialization whitelist
  • More
  • CR-8123
  • summarized and closed
The fix would seem to do the job in this case - would agree that theIllegalMonitorStateException would seem to be handled in various ways. Wonder if the shutdownCalled lock in ShutdownManager or so...

The fix would seem to do the job in this case - would agree that theIllegalMonitorStateException would seem to be handled in various ways.
Wonder if the shutdownCalled lock in ShutdownManager or some other shutdown flag can be checked also as DJLDAPv3PersistentSearch currently only relies on the stopPSearch() method to prevent this call.

Fair point - not seen where it would be used and if we are going for limiting list to most probable values will omit from DAS for now.

Fair point - not seen where it would be used and if we are going for limiting list to most probable values will omit from DAS for now.

Suppose we should javadoc if using this flag

Suppose we should javadoc if using this flag

Just a quick sanity check. Looks like it is only use of of a Set in the HomeViewBean classes. This may be > 12.0.1 specific , I'll double check against trunk as this the RestSTSHomeViewBean seems t...

Just a quick sanity check. Looks like it is only use of of a Set in the HomeViewBean classes.
This may be > 12.0.1 specific , I'll double check against trunk as this the RestSTSHomeViewBean seems to have evolved - but I think adding util.LinkedHashSet to defaults still makes sense

OPENAM-6741 Missing STS configuration in Console
OPENAM-6741 Missing STS configuration in Console
I can't really see the logic of this bit of code. The 2 calling methods for getCache seem to do the same as this method if answer is null - namely checkAndUpdatePermission- or create the sms entry ...

I can't really see the logic of this bit of code. The 2 calling methods for getCache seem to do the same as this method if answer is null - namely checkAndUpdatePermission- or create the sms entry again in the cache and set the newEntry flag to true.

Wondering if you could make the additional error params configurable so it does not require extra code change if you want to add more. Looking at original customer error - this seemed to be need t...

Wondering if you could make the additional error params configurable so it does not require extra code change if you want to add more.

Looking at original customer error - this seemed to be need to identify a remote IDP and display error page/failure page accordingly.
For that would you not need some handling in the the SAML2ServiceProviderAdapter methods - even setting a request attribute with an IDP id - seems to catch some use cases where there is an error.

  • More
  • CR-7690
  • summarized and closed
Fixes have gone in - should have close review.

Fixes have gone in - should have close review.