SuccessChanges

Summary

  1. Revert "Temporary disable tests" (details)
  2. fix: update passport social script to handle provider config state problem #1448 (details)
  3. (4.2.2) Refresh token removing doesn't look up in persistence. (details)
  4. fix: update jwt date check function in passport scripts #1482 (details)
  5. Merge www pass from master (details)
  6. (4.2.2) 1. session_id should not be included into response if it's not explicitly allowed. (details)
  7. (4.2.2) Corrected validation by sid at /end_session endpoint. (details)
  8. (4.2.2) Set session reference into identity object independently from invalidateSessionCookiesAfterAuthorizationFlow flag. (details)
  9. (4.2.2) Added cache support for discovery page (`.well-known/openid-configuration`). (details)
  10. (4.2.2) Return sid from authorization endpoint. (details)
  11. Update dependencies (details)
  12. Corrected authorization code clean up at token endpoint. (details)
  13. Corrected bug for refreshing token based on requested offline_access scope (details)
  14. Fixed NPE (details)
  15. (4.2.2) JWKS : Added key selection strategy. Supported strategies are : OLDER, NEWER, FIRST. (details)
  16. Avoid NPE due to clientRegDefaultToCodeFlowWithRefresh conf property (details)
  17. Fixed client and tests related to switching /end_session to sid. (details)
  18. (4.2.2) Added client's custom attributes to response if present in dynamicRegistrationCustomAttributes configuration property. (details)
  19. (4.2.2) Print only sessionId at INFO log level. (details)
  20. Fix ACR change when used alias (details)
  21. Fix ACR change when used alias (details)
  22. (4.2.2) Added nested JWT support into JWE (details)
  23. (4.2.2) Corrected CrossEncryptionTest (details)
  24. (4.2.2) Return sub value for ROPC based on `openidSubAttribute`. (details)
  25. (4.2.2) Added a new claim to the id_token: `"grant": <value>". (details)
  26. (4.2.2) Added required method to UnmodifiableAuthorizationGrant (details)
  27. (4.2.2) More logs in trace - added keySelectionStrategy (details)
  28. Adjust endpoint response according to compatibility flag #1499 (details)
  29. Allow bean to parse both string/list scopes formats #1499 (details)
  30. (4.2.2) Client's Pre-authorization flag takes higher priority. If it's true then we will ignore spec's "consent MUST" for offline access. (details)
  31. Fix javadoc param (details)
  32. casa's DUO plugin related files (details)
  33. Casa's DUO plugin (details)
  34. BioID interception script and CASA integration (details)
  35. Avoid NPE when there is no grant #1499 (details)
  36. bioid image (details)
  37. (4.2.2) BUG : PostAuthentication script calls re-authentication instead of re-authorization. (details)
  38. (4.2.2) Fixed bug - 500 server error when we request for an authorization token concurrenly (details)
  39. (4.2.2) Checked also grant scopes for offline_access scope. (details)
  40. Added more trace logs during key selection. (details)
  41. (4.2.2) id_token is missed during 2 concurrent calls for ROPC (details)
  42. #1506 - Modify the `claims-gathering` script so that it first tries to read claims from PCT before directing to the page to enter claims. (details)
  43. Don't stop on unsuccessfull BC installation (details)
  44. (4.2.2) NPE during backchannel logout if grant object was not identified (details)
  45. BioID script (details)
  46. Fix PasswordValidator faces validator dependend beans injection after (details)
  47. Fix PasswordValidator faces validator dependend beans injection after (details)
  48. (4.2.2) Introduced revoke interception script (details)
  49. (4.2.2) `sector_identifier` has to be based on host only. Also optimize redirect_uri's validation based on `sector_identifier_uri` (details)
  50. #1056 Modify the `claims-gathering` script so that it first tries to read claims from PCT before directing to the page to enter claims. (details)
  51. Fix compilation after BC upgrade (details)
  52. Version 4.2.2.Final (details)
  53. Temporary disable client side tests (details)
  54. Revert "Temporary disable client side tests" (details)
  55. Check if signatire verification method returns true (details)
Commit 2338c7c0cf08b871ede8ddb2c25ae46ce741e75a by yzabrovarniy
Revert "Temporary disable tests"

This reverts commit a74cca4c
The file was modifiedClient/src/test/resources/testng.xml (diff)
Commit 64b17e9eb98739f063219e9c326bc1e14a104821 by kdhttps
fix: update passport social script to handle provider config state problem #1448
The file was modifiedServer/integrations/passport/PassportExternalAuthenticator.py (diff)
Commit 3d26dd631027085e7f99721f1449bcc8b3426061 by yzabrovarniy
(4.2.2) Refresh token removing doesn't look up in persistence.

https://github.com/GluuFederation/oxAuth/issues/1480
The file was modifiedServer/src/main/java/org/gluu/oxauth/model/common/AuthorizationGrantList.java (diff)
The file was modifiedServer/src/main/java/org/gluu/oxauth/service/GrantService.java (diff)
Commit 8f5e447ad09c9c55fd3aa845d9e1e83502a76648 by kdhttps
fix: update jwt date check function in passport scripts #1482
The file was modifiedServer/integrations/passport/PassportExternalAuthenticator.py (diff)
The file was modifiedServer/integrations/saml-passport/SamlPassportAuthenticator.py (diff)
Commit 4dceed2e41eb89c0584f9eda3ff85cf0671539f7 by Yuriy.Movchan
Merge www pass from master
The file was addedServer/integrations/wwpass/README.md
The file was addedServer/integrations/wwpass/ticket.json
The file was addedServer/integrations/wwpass/pages/auth/wwpass/checkemail.xhtml
The file was addedServer/integrations/wwpass/pages/auth/wwpass/wwpass.xhtml
The file was addedServer/integrations/wwpass/wwpass.ca.crt
The file was addedServer/integrations/wwpass/INSTALLATION.md
The file was addedServer/integrations/wwpass/pages/auth/wwpass/wwpassbind.xhtml
The file was addedServer/integrations/wwpass/static/js/wwpass-frontend.js
The file was addedServer/integrations/wwpass/wwpass.py
The file was addedServer/integrations/wwpass/wwpassauth.py
Commit a1c4a3147d43e1861df99ee5410f6e0ea1e43e2a by yzabrovarniy
(4.2.2) 1. session_id should not be included into response if it's not explicitly allowed.
2. ``/end_session` should validate by sid value

https://github.com/GluuFederation/oxAuth/issues/1485
The file was modifiedServer/src/main/java/org/gluu/oxauth/service/AuthenticationService.java (diff)
The file was modifiedServer/src/main/java/org/gluu/oxauth/session/ws/rs/EndSessionRestWebService.java (diff)
The file was modifiedServer/src/main/java/org/gluu/oxauth/session/ws/rs/EndSessionRestWebServiceImpl.java (diff)
The file was modifiedServer/src/main/java/org/gluu/oxauth/service/SessionIdService.java (diff)
Commit b21a2f2d65aaf83295b07a2a7cd2d04f3e3e9452 by yzabrovarniy
(4.2.2) Corrected validation by sid at /end_session endpoint.

https://github.com/GluuFederation/oxAuth/issues/1485
The file was modifiedModel/src/main/java/org/gluu/oxauth/model/authorize/AuthorizeRequestParam.java (diff)
The file was modifiedServer/src/main/java/org/gluu/oxauth/service/RequestParameterService.java (diff)
The file was modifiedModel/src/main/java/org/gluu/oxauth/model/authorize/AuthorizeResponseParam.java (diff)
The file was modifiedServer/src/main/java/org/gluu/oxauth/service/AuthenticationService.java (diff)
The file was modifiedServer/src/main/java/org/gluu/oxauth/session/ws/rs/EndSessionRestWebServiceImpl.java (diff)
Commit 97c81eee173cec7d808a89acc9e00469c24273e0 by yzabrovarniy
(4.2.2) Set session reference into identity object independently from invalidateSessionCookiesAfterAuthorizationFlow flag.

https://github.com/GluuFederation/oxAuth/issues/1486
The file was modifiedServer/src/main/java/org/gluu/oxauth/service/AuthorizeService.java (diff)
Commit 66e0195a018269bc41f6fe7e7a7f566ebf760402 by yzabrovarniy
(4.2.2) Added cache support for discovery page (`.well-known/openid-configuration`).

https://github.com/GluuFederation/oxAuth/issues/1487
The file was modifiedModel/src/main/java/org/gluu/oxauth/model/configuration/AppConfiguration.java (diff)
The file was modifiedServer/src/main/java/org/gluu/oxauth/servlet/OpenIdConfiguration.java (diff)
The file was addedServer/src/main/java/org/gluu/oxauth/service/LocalResponseCache.java
Commit 4b881a369bd21af5316f273cdf7e17d3cd291cc2 by yzabrovarniy
(4.2.2) Return sid from authorization endpoint.

https://github.com/GluuFederation/oxAuth/issues/1485
The file was modifiedServer/src/main/java/org/gluu/oxauth/authorize/ws/rs/AuthorizeRestWebServiceImpl.java (diff)
The file was modifiedClient/src/main/java/org/gluu/oxauth/client/EndSessionClient.java (diff)
The file was modifiedClient/src/main/java/org/gluu/oxauth/client/EndSessionRequest.java (diff)
The file was modifiedModel/src/main/java/org/gluu/oxauth/model/session/EndSessionRequestParam.java (diff)
The file was modifiedpom.xml (diff)
Commit abbeadd6a8697a40440cc67d73fa315584082881 by yzabrovarniy
Corrected authorization code clean up at token endpoint.
The file was modifiedServer/src/main/java/org/gluu/oxauth/service/GrantService.java (diff)
The file was modifiedServer/src/main/java/org/gluu/oxauth/token/ws/rs/TokenRestWebServiceImpl.java (diff)
Commit 0d61cc62cc780efb4025bda170bf5c3ab12fb13b by yzabrovarniy
Corrected bug for refreshing token based on requested offline_access scope

https://github.com/GluuFederation/oxAuth/issues/1492
The file was modifiedServer/src/main/java/org/gluu/oxauth/token/ws/rs/TokenRestWebServiceImpl.java (diff)
Commit a5feb0c330004d9f94f88d3f03219a74aa52cf14 by yzabrovarniy
Fixed NPE

https://github.com/GluuFederation/oxAuth/issues/1492
The file was modifiedServer/src/main/java/org/gluu/oxauth/token/ws/rs/TokenRestWebServiceImpl.java (diff)
Commit 71c7aa9505f9c2892f42b710e462c8258b6446cb by yzabrovarniy
(4.2.2) JWKS : Added key selection strategy. Supported strategies are : OLDER, NEWER, FIRST.

https://github.com/GluuFederation/oxAuth/issues/1494
The file was modifiedModel/src/main/java/org/gluu/oxauth/model/crypto/OxAuthCryptoProvider.java (diff)
The file was modifiedModel/src/main/java/org/gluu/oxauth/model/crypto/CryptoProviderFactory.java (diff)
The file was modifiedModel/src/main/java/org/gluu/oxauth/model/configuration/AppConfiguration.java (diff)
The file was addedModel/src/main/java/org/gluu/oxauth/model/jwk/KeySelectionStrategy.java
Commit d5747a2b0ae5ddd5e5ed226850349e3c4dadda6d by yzabrovarniy
Avoid NPE due to clientRegDefaultToCodeFlowWithRefresh conf property
The file was modifiedModel/src/main/java/org/gluu/oxauth/model/configuration/AppConfiguration.java (diff)
Commit 9f28fa116ffd30c40f3b79e1ca1b886674173f9e by yzabrovarniy
Fixed client and tests related to switching /end_session to sid.

https://github.com/GluuFederation/oxAuth/issues/1485
The file was modifiedClient/src/main/java/org/gluu/oxauth/client/EndSessionClient.java (diff)
The file was modifiedClient/src/test/java/org/gluu/oxauth/ws/rs/GrantTypesRestrictionHttpTest.java (diff)
The file was modifiedServer/src/test/java/org/gluu/oxauth/ws/rs/EndSessionRestWebServiceEmbeddedTest.java (diff)
The file was modifiedServer/src/test/java/org/gluu/oxauth/ws/rs/EndSessionBackchannelRestServerTest.java (diff)
The file was modifiedClient/src/test/java/org/gluu/oxauth/BaseTest.java (diff)
The file was modifiedClient/src/test/java/org/gluu/oxauth/ws/rs/EndSessionRestWebServiceHttpTest.java (diff)
The file was modifiedServer/src/main/java/org/gluu/oxauth/authorize/ws/rs/LogoutAction.java (diff)
The file was modifiedClient/src/main/java/org/gluu/oxauth/client/AuthorizationResponse.java (diff)
The file was modifiedClient/src/main/java/org/gluu/oxauth/client/EndSessionRequest.java (diff)
Commit 8715052026d45cdf190a77f7c07bd5044e2f5e8d by yzabrovarniy
(4.2.2) Added client's custom attributes to response if present in dynamicRegistrationCustomAttributes configuration property.

https://github.com/GluuFederation/oxAuth/issues/1488
The file was modifiedServer/src/main/java/org/gluu/oxauth/register/ws/rs/RegisterRestWebServiceImpl.java (diff)
Commit bf97fbc2e9352a304a841a32c302b37f7af554ff by yzabrovarniy
(4.2.2) Print only sessionId at INFO log level.
The file was modifiedServer/src/main/java/org/gluu/oxauth/service/AuthenticationService.java (diff)
Commit 98895a1b3a15735a5774aa64344efd7a9e94b355 by Yuriy.Movchan
Fix ACR change when used alias
The file was modifiedServer/src/main/java/org/gluu/oxauth/service/SessionIdService.java (diff)
Commit 29be420b716d6fcb0789660f17c693a239d1a792 by Yuriy.Movchan
Fix ACR change when used alias
The file was modifiedServer/src/main/java/org/gluu/oxauth/service/SessionIdService.java (diff)
Commit d36dae7804af984cd750511ccbac21029a842b5d by yzabrovarniy
(4.2.2) Added nested JWT support into JWE

https://github.com/GluuFederation/oxAuth/issues/949
The file was modifiedServer/src/main/java/org/gluu/oxauth/model/token/JwrService.java (diff)
The file was modifiedServer/src/test/java/org/gluu/oxauth/comp/CrossEncryptionTest.java (diff)
The file was modifiedModel/src/main/java/org/gluu/oxauth/model/jwe/JweDecrypterImpl.java (diff)
The file was modifiedModel/src/main/java/org/gluu/oxauth/model/configuration/AppConfiguration.java (diff)
Commit a1a289f7d6a3799c2191a3d3a5f956daf76ea140 by yzabrovarniy
(4.2.2) Corrected CrossEncryptionTest

https://github.com/GluuFederation/oxAuth/issues/949
The file was modifiedServer/src/main/java/org/gluu/oxauth/model/token/JwtSigner.java (diff)
The file was modifiedServer/src/test/java/org/gluu/oxauth/comp/CrossEncryptionTest.java (diff)
Commit 75a510878824445261b3fd4c3db1aafc37a880eb by yzabrovarniy
(4.2.2) Return sub value for ROPC based on `openidSubAttribute`.

https://github.com/GluuFederation/oxAuth/issues/1491
The file was modifiedServer/src/main/java/org/gluu/oxauth/service/SectorIdentifierService.java (diff)
Commit 8a657dc6aaef35483bce4ebb488dd1153af04a30 by yzabrovarniy
(4.2.2) Added a new claim to the id_token: `"grant": <value>".

https://github.com/GluuFederation/oxAuth/issues/1497
The file was modifiedServer/src/main/java/org/gluu/oxauth/model/common/CIBAGrant.java (diff)
The file was modifiedServer/src/main/java/org/gluu/oxauth/model/common/ClientCredentialsGrant.java (diff)
The file was modifiedServer/src/main/java/org/gluu/oxauth/model/common/ResourceOwnerPasswordCredentialsGrant.java (diff)
The file was modifiedServer/src/main/java/org/gluu/oxauth/model/common/ImplicitGrant.java (diff)
The file was modifiedModel/src/main/java/org/gluu/oxauth/model/common/GrantType.java (diff)
The file was modifiedServer/src/main/java/org/gluu/oxauth/model/common/SimpleAuthorizationGrant.java (diff)
The file was modifiedServer/src/main/java/org/gluu/oxauth/model/token/IdTokenFactory.java (diff)
The file was modifiedServer/src/main/java/org/gluu/oxauth/model/common/AuthorizationGrant.java (diff)
The file was modifiedServer/src/main/java/org/gluu/oxauth/model/common/DeviceCodeGrant.java (diff)
The file was modifiedServer/src/main/java/org/gluu/oxauth/model/common/AuthorizationCodeGrant.java (diff)
The file was modifiedServer/src/main/java/org/gluu/oxauth/model/common/IAuthorizationGrant.java (diff)
Commit 51ceda875d8f7d7dc6206401a68720ef4321eeb2 by yzabrovarniy
(4.2.2) Added required method to UnmodifiableAuthorizationGrant

https://github.com/GluuFederation/oxAuth/issues/1497
The file was modifiedServer/src/main/java/org/gluu/oxauth/model/common/UnmodifiableAuthorizationGrant.java (diff)
Commit 946ec286d7ad230dd0ecc42e5d2ca264294794ed by yzabrovarniy
(4.2.2) More logs in trace - added keySelectionStrategy

https://github.com/GluuFederation/oxAuth/issues/1494
The file was modifiedModel/src/main/java/org/gluu/oxauth/model/crypto/OxAuthCryptoProvider.java (diff)
Commit cf1bd09e76ada93246299454e67d9c0b576a7b82 by Jose Gonzalez
Adjust endpoint response according to compatibility flag #1499
The file was modifiedModel/src/main/java/org/gluu/oxauth/model/configuration/AppConfiguration.java (diff)
The file was modifiedServer/src/main/java/org/gluu/oxauth/introspection/ws/rs/IntrospectionWebService.java (diff)
Commit 4ee7cc12679fbc552d1d07d6e72d2f548905e2d6 by Jose Gonzalez
Allow bean to parse both string/list scopes formats #1499
The file was modifiedModel/src/main/java/org/gluu/oxauth/model/common/IntrospectionResponse.java (diff)
The file was addedModel/src/main/java/org/gluu/oxauth/model/common/converter/ListConverter.java
Commit 2fac4dac1013b41f478e1244c237ca3c5aa6d034 by yzabrovarniy
(4.2.2) Client's Pre-authorization flag takes higher priority. If it's true then we will ignore spec's "consent MUST" for offline access.

https://github.com/GluuFederation/oxAuth/issues/1496
The file was modifiedServer/src/main/java/org/gluu/oxauth/authorize/ws/rs/AuthorizeRestWebServiceImpl.java (diff)
The file was modifiedModel/src/main/java/org/gluu/oxauth/model/common/converter/ListConverter.java (diff)
Commit 41a339ce1e87822689bebd127823414477ca583f by Madhumita Subramaniam
casa's DUO plugin related files
The file was addedServer/src/main/webapp/casa/fullwidth-template.xhtml
The file was addedServer/src/main/webapp/casa/duologin.xhtml
The file was modifiedServer/src/main/webapp/casa/casa.xhtml (diff)
The file was modifiedServer/src/main/resources/oxauth.properties (diff)
Commit 45d678aff971f6560beaf88798b2a4751f2179fe by Madhumita Subramaniam
BioID interception script and CASA integration
The file was addedServer/src/main/webapp/auth/bioid/bioid.xhtml
The file was addedServer/src/main/webapp/auth/bioid/language/de.json
The file was addedServer/src/main/webapp/auth/bioid/images/logo.svg
The file was addedServer/src/main/webapp/auth/bioid/images/tooclose.png
The file was addedServer/src/main/webapp/casa/bioid-template.xhtml
The file was addedServer/src/main/webapp/auth/bioid/js/getUserMedia.min.js
The file was addedServer/src/main/webapp/casa/bioid.xhtml
The file was addedServer/src/main/webapp/auth/bioid/css/uui.css
The file was addedServer/src/main/webapp/auth/bioid/language/en.json
The file was addedServer/src/main/webapp/auth/bioid/images/back.svg
The file was addedServer/src/main/webapp/auth/bioid/js/getUserMedia.js
The file was addedServer/src/main/webapp/auth/bioid/js/three.min.js
The file was addedServer/src/main/webapp/auth/bioid/model/head.obj
The file was addedServer/src/main/webapp/auth/bioid/js/objLoader.min.js
The file was modifiedServer/src/main/resources/oxauth.properties (diff)
The file was addedServer/src/main/webapp/auth/bioid/images/toofaraway.png
The file was addedServer/src/main/webapp/auth/bioid/js/jquery-3.5.1.min.js
The file was addedServer/src/main/webapp/auth/bioid/js/objLoader.js
The file was addedServer/src/main/webapp/auth/bioid/js/bws.capture.js
The file was addedServer/src/main/webapp/auth/bioid/js/uui.js
The file was addedServer/src/main/webapp/auth/bioid/video/nodyourhead.mp4
The file was addedServer/src/main/webapp/auth/bioid/images/perfect.png
Commit ebd7f2b66ab70fb0e02bee6004ced8b9c7c820ab by Jose Gonzalez
Avoid NPE when there is no grant #1499
The file was modifiedServer/src/main/java/org/gluu/oxauth/introspection/ws/rs/IntrospectionWebService.java (diff)
The file was modifiedServer/src/main/webapp/casa/casa.xhtml (diff)
Commit 471d495ab5ab5c79d475f0bbbb3bbc9a5bf15812 by yzabrovarniy
(4.2.2) BUG : PostAuthentication script calls re-authentication instead of re-authorization.

https://github.com/GluuFederation/oxAuth/issues/1504
The file was modifiedServer/src/main/java/org/gluu/oxauth/service/external/context/ExternalPostAuthnContext.java (diff)
The file was modifiedServer/src/main/java/org/gluu/oxauth/authorize/ws/rs/AuthorizeAction.java (diff)
Commit feab2749dd7e7b20456e2d44fa024d5979c48510 by yzabrovarniy
(4.2.2) Fixed bug - 500 server error when we request for an authorization token concurrenly

https://github.com/GluuFederation/oxAuth/issues/1481
The file was modifiedServer/src/main/java/org/gluu/oxauth/model/common/AuthorizationGrant.java (diff)
Commit 3c1934d864cf9ec733086bad9711b29e69b8ba9c by yzabrovarniy
(4.2.2) Checked also grant scopes for offline_access scope.

https://github.com/GluuFederation/oxAuth/issues/1492
The file was modifiedServer/src/main/java/org/gluu/oxauth/token/ws/rs/TokenRestWebServiceImpl.java (diff)
Commit f1da00a2fd6d8eff0c45a28c478e5c6a19f2ea56 by yzabrovarniy
Added more trace logs during key selection.
The file was modifiedModel/src/main/java/org/gluu/oxauth/model/crypto/OxAuthCryptoProvider.java (diff)
Commit c93db5ca0c627dee02e33ac64db747c04dd79f6d by yzabrovarniy
(4.2.2) id_token is missed during 2 concurrent calls for ROPC

https://github.com/GluuFederation/oxAuth/issues/1493
The file was modifiedServer/src/main/java/org/gluu/oxauth/model/token/IdTokenFactory.java (diff)
Commit 0a5509c932188de225625856ec14b63c620baeb1 by Arnab Dutta
#1506 - Modify the `claims-gathering` script so that it first tries to read claims from PCT before directing to the page to enter claims.
The file was modifiedServer/uma/sample/UmaClaimsGathering.py (diff)
Commit 7f8fe527b15e3425a3a378f9455257bf2d978417 by Yuriy.Movchan
Don't stop on unsuccessfull BC installation
The file was modifiedServer/src/main/java/org/gluu/oxauth/service/AppInitializer.java (diff)
Commit 8910d5a29071d975d3837beec1897a607c35b96c by yzabrovarniy
(4.2.2) NPE during backchannel logout if grant object was not identified

https://github.com/GluuFederation/oxAuth/issues/1505
The file was modifiedServer/src/main/java/org/gluu/oxauth/session/ws/rs/EndSessionRestWebServiceImpl.java (diff)
The file was addedServer/integrations/bioid/BioIDExternalAuthenticator.py
The file was addedServer/integrations/bioid/README.txt
Commit c7d26f59c7d5d7b9fe8f76fc44e7954abedf9a94 by Yuriy.Movchan
Fix PasswordValidator faces validator dependend beans injection after
JSF update to 2.3.x #1508
The file was modifiedServer/src/main/java/org/gluu/oxauth/util/PasswordValidator.java (diff)
Commit 8075bfcfc6a73e276255bf127803184130e17330 by Yuriy.Movchan
Fix PasswordValidator faces validator dependend beans injection after
JSF update to 2.3.x #1508
The file was modifiedServer/src/main/java/org/gluu/oxauth/util/PasswordValidator.java (diff)
Commit 16951931c3c9e51975ad5c4823e7ee36c4dbfef2 by yzabrovarniy
(4.2.2) Introduced revoke interception script

https://github.com/GluuFederation/oxAuth/issues/1502
The file was addedServer/src/main/java/org/gluu/oxauth/service/external/ExternalRevokeTokenService.java
The file was addedServer/src/main/java/org/gluu/oxauth/service/external/context/RevokeTokenContext.java
The file was modifiedServer/src/main/java/org/gluu/oxauth/revoke/RevokeRestWebServiceImpl.java (diff)
Commit 6752e328953e21f926f80ad810af70b06e87b6d4 by yzabrovarniy
(4.2.2) `sector_identifier` has to be based on host only. Also optimize redirect_uri's validation based on `sector_identifier_uri`

https://github.com/GluuFederation/oxAuth/issues/1503
The file was modifiedServer/src/main/java/org/gluu/oxauth/service/PairwiseIdentifierService.java (diff)
The file was modifiedServer/src/main/java/org/gluu/oxauth/service/RedirectionUriService.java (diff)
The file was modifiedServer/src/main/java/org/gluu/oxauth/service/LocalResponseCache.java (diff)
The file was modifiedModel/src/main/java/org/gluu/oxauth/model/configuration/AppConfiguration.java (diff)
The file was modifiedpersistence-model/src/main/java/org/oxauth/persistence/model/PairwiseIdentifier.java (diff)
Commit 26b6f251b9a80f9ea6b2cb1df23a90d9e74a4337 by Arnab Dutta
#1056 Modify the `claims-gathering` script so that it first tries to read claims from PCT before directing to the page to enter claims.
The file was modifiedServer/uma/sample/UmaClaimsGathering.py (diff)
The file was addedServer/src/main/webapp/uma2/sample/claims_resolved.xhtml
Commit a3626103eca6d24f306ec75e27f48093365d5832 by Yuriy.Movchan
Fix compilation after BC upgrade
The file was modifiedcommon/src/main/java/org/gluu/oxauth/cert/validation/CRLCertificateVerifier.java (diff)
The file was modifiedClient/pom.xml (diff)
The file was modifiedcommon/pom.xml (diff)
The file was modifiedRP-Demo/pom.xml (diff)
The file was modifiedServer/pom.xml (diff)
The file was modifiedoxAuthStatic/pom.xml (diff)
The file was modifiedpersistence-model/pom.xml (diff)
The file was modifiedRP/pom.xml (diff)
The file was modifiedpom.xml (diff)
The file was modifiedrp-spring-boot/pom.xml (diff)
The file was modifiedModel/pom.xml (diff)
Commit 1e3b7bb1cfc2180e58abd9551afb149c82d50d79 by Yuriy.Movchan
Temporary disable client side tests
The file was modifiedClient/src/test/resources/testng.xml (diff)
Commit 5879da433787cd3327bad30f643d9256624a51ce by Yuriy.Movchan
Revert "Temporary disable client side tests"

This reverts commit 1e3b7bb1cfc2180e58abd9551afb149c82d50d79.
The file was modifiedClient/src/test/resources/testng.xml (diff)
Commit c4b5838c98ae88324f56cc06e9b5a491d7872633 by Yuriy.Movchan
Check if signatire verification method returns true
The file was modifiedServer/src/main/java/org/gluu/oxauth/service/fido/u2f/RawAuthenticationService.java (diff)