Enrico Vianello

IAM should highlight how long a client has not been used

5

This introduces the need of track a "last-used" information for a client (last token issued, last userinfo/introspection call, etc.).

Tokens page error due to the presence of orphan records on database

3

The current RemoveOrphans logic doesn't fix an error see on iam.cloud.infn.it: ``` {"error":"Account for [email protected] not found"} ```  There's some other unexpected orphan.

From IAM escape data: ``` mysql> select count(*) from authorization_code where expiration < NOW(); +----------+ | count(*) | +----------+ | 2336 | +----------+ 1 row in set (0,01 sec) ```...

Administrators can disable a client

1

Replaces #715

Fix authorization on SCIM me endpoint

1

Fixes #748

Ensure subject DN is stored into db with the expected format (RFC2253)

1

https://datatracker.ietf.org/doc/html/rfc2253 The target of this PR is ensuring that each time a x509 certificate is added (via SCIM PATCH) or linked (during login phase) its subject and issuer are stored...

Here is the AUDIT event creation: https://github.com/indigo-iam/iam/blob/master/iam-login-service/src/main/java/it/infn/mw/iam/api/client/management/service/DefaultClientManagementService.java#L145 We could send also an email to the list of client's contacts when a client is disabled or restored by a VO admin.