-
Notifications
You must be signed in to change notification settings - Fork 5
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Support self-vetting using a self-asserted token #284
Merged
MKodde
merged 2 commits into
develop
from
feature/allow-self-vetting-with-sat-authoring-token
Feb 16, 2023
Merged
Support self-vetting using a self-asserted token #284
MKodde
merged 2 commits into
develop
from
feature/allow-self-vetting-with-sat-authoring-token
Feb 16, 2023
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
MKodde
added a commit
to OpenConext/Stepup-Middleware
that referenced
this pull request
Feb 16, 2023
When an Identity is in possession of a vetted self-asserted token. It should be allowed to self-vet successive tokens using that SAT. But only when all tokens are of the SAT type. Once an Identity is in possession of an idenity vetted token (vetted on-premise), all following self vetting tokens must be done with the identity vetted token. For details see: https://www.pivotaltracker.com/story/show/184292087 And: OpenConext/Stepup-SelfService#284
659400a
to
8ad6a03
Compare
For details read the story: https://www.pivotaltracker.com/story/show/184292087 For the MW accompanying this change see: OpenConext/Stepup-Middleware#401
8ad6a03
to
5d618fe
Compare
MKodde
added a commit
to OpenConext/Stepup-Middleware
that referenced
this pull request
Feb 16, 2023
When an Identity is in possession of a vetted self-asserted token. It should be allowed to self-vet successive tokens using that SAT. But only when all tokens are of the SAT type. Once an Identity is in possession of an idenity vetted token (vetted on-premise), all following self vetting tokens must be done with the identity vetted token. For details see: https://www.pivotaltracker.com/story/show/184292087 And: OpenConext/Stepup-SelfService#284
MKodde
added a commit
to OpenConext/Stepup-Middleware
that referenced
this pull request
Feb 16, 2023
When an Identity is in possession of a vetted self-asserted token. It should be allowed to self-vet successive tokens using that SAT. But only when all tokens are of the SAT type. Once an Identity is in possession of an idenity vetted token (vetted on-premise), all following self vetting tokens must be done with the identity vetted token. For details see: https://www.pivotaltracker.com/story/show/184292087 And: OpenConext/Stepup-SelfService#284
MKodde
added a commit
to OpenConext/Stepup-Middleware
that referenced
this pull request
Feb 20, 2023
When an Identity is in possession of a vetted self-asserted token. It should be allowed to self-vet successive tokens using that SAT. But only when all tokens are of the SAT type. Once an Identity is in possession of an idenity vetted token (vetted on-premise), all following self vetting tokens must be done with the identity vetted token. For details see: https://www.pivotaltracker.com/story/show/184292087 And: OpenConext/Stepup-SelfService#284
Shaky212
reviewed
Feb 20, 2023
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks good, just found a minor dev left-over!
@@ -52,6 +52,14 @@ class SelfVetMarshallerTest extends TestCase | |||
* @var InstitutionConfigurationOptionsService | |||
*/ | |||
private $institutionConfigService; | |||
/** |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Some left-over?
MKodde
added a commit
to OpenConext/Stepup-Middleware
that referenced
this pull request
Feb 20, 2023
When an Identity is in possession of a vetted self-asserted token. It should be allowed to self-vet successive tokens using that SAT. But only when all tokens are of the SAT type. Once an Identity is in possession of an idenity vetted token (vetted on-premise), all following self vetting tokens must be done with the identity vetted token. Also: - Security updates where installed - Composer and Symfony lockfiles where updated For details see: https://www.pivotaltracker.com/story/show/184292087 And: OpenConext/Stepup-SelfService#284
MKodde
added a commit
to OpenConext/Stepup-Middleware
that referenced
this pull request
Feb 20, 2023
When an Identity is in possession of a vetted self-asserted token. It should be allowed to self-vet successive tokens using that SAT. But only when all tokens are of the SAT type. Once an Identity is in possession of an idenity vetted token (vetted on-premise), all following self vetting tokens must be done with the identity vetted token. Also: - Security updates where installed - Composer and Symfony lockfiles where updated For details see: https://www.pivotaltracker.com/story/show/184292087 And: OpenConext/Stepup-SelfService#284
MKodde
added a commit
to OpenConext/Stepup-Middleware
that referenced
this pull request
Feb 20, 2023
When an Identity is in possession of a vetted self-asserted token. It should be allowed to self-vet successive tokens using that SAT. But only when all tokens are of the SAT type. Once an Identity is in possession of an idenity vetted token (vetted on-premise), all following self vetting tokens must be done with the identity vetted token. Also: - Security updates where installed - Composer and Symfony lockfiles where updated For details see: https://www.pivotaltracker.com/story/show/184292087 And: OpenConext/Stepup-SelfService#284
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
For details read the story: https://www.pivotaltracker.com/story/show/184292087
For the MW accompanying this change see: OpenConext/Stepup-Middleware#401