Issues

Roles provided by the SubjectRoleEntityProvider can be used for for another application
AMDATUSEC-70
AuthorizationService is unpredictable when there are multiple EntityProviders for the same entity
AMDATUSEC-69
Create multiple cookies when the token size becomes larger then 4k
AMDATUSEC-68
Support for Same-site cookie attribute
AMDATUSEC-67
Support for federated logout via token_id_hint remenbering the id_token
AMDATUSEC-66
OpenIdConnectProviderConfig.m_extraAuthParams Map should be returned as a copy
AMDATUSEC-65
Token remains invalid after renewal causing lots of renewals
AMDATUSEC-64
Auto renewal of token does not work as expected
AMDATUSEC-63
Copy request headers to the subjectAttributes provided by the AuthorizationRequestInterceptor
AMDATUSEC-62
Allow for a refresh of the authentication token cookie and custom attributes of the token
AMDATUSEC-61
Support state and id_token_hint for openconnectid endsession endpoint
AMDATUSEC-60
AuthenticationResource: use 'X-Forwarded-For' when logging
AMDATUSEC-59
OpenIdConnectConfigTest fails on expected values from the google oauth wellknown endpoint
AMDATUSEC-58
Openid provider fails often with Steam
AMDATUSEC-57
Add a configurable logout redirect URL
AMDATUSEC-56
Sliding expiration on authenticated web session
AMDATUSEC-55
LocalIdProvider#getTokenAttributesFromRequest could return empty Optional when accountId is null
AMDATUSEC-54
Password change fails with default web resources from org.amdatu.security.account.admin.rest.resource
AMDATUSEC-53
IdProviders return wrong error when there is a replay attack or state timeout
AMDATUSEC-52
When refreshing an accesstoken, the (new) refresh token is not returned
AMDATUSEC-51
openidconnect provider does not return the accestokens' expiry time
AMDATUSEC-50
Support `client_secret_post` method in OIDC IdProvider
AMDATUSEC-49
TokenProvider sometimes throws NPE when handling an invalid JWT
AMDATUSEC-48
Support authorization requests for third-party providers
AMDATUSEC-47
Support JAX-RS 2.0 api
AMDATUSEC-46
1-25 of 70