Federica Agostini
Federica Agostini
We have an issue when we register a new client with oidc-agent (using the device OIDC flow) in an IAM HA instance. In particular when we copy-and-paste the device code...
When a user asks for a target during `voms-proxy-init`, it appears in the VOMS proxy without any further check. For instance, [this test](https://github.com/italiangrid/voms-testsuite/blob/master/tests/clients/init/errors.robot#L169-L175) should be green. Add checks on the...
Right know, when a client requests a too long proxy it gets a warning like `The validity period of the issued attributes has been shortened to the maximum allowed by...
When a VOMS proxy is generated by another proxy, the VOMS roles should not be present among the attributes, if they are not present in the first proxy -- this...
When an admin adds a new System Scope, if it is unrestricted it should appear in the well-known endpoint. Right now just default scopes were published.
When the client performs concurrent refresh token flows and the previously issued access token is deleted (i.e. the box _Clear access tokens on refresh_ for that client is checked), IAM...
Right now, the IAM implementation interprets as - non-dynamically registered client, a client registered by IAM admins (for which there is a dedicated API) - a dynamically registered client, a...
CERN team needs the `jmx_prometheus_javaagent` jar to collect IAM metrics. Right now, they just create a new image from IAM such as ``` ARG IAM_BASE_IMAGE ARG IAM_BASE_TAG FROM $IAM_BASE_IMAGE:$IAM_BASE_TAG COPY...
When a request for a device code to the `/devicecode` endpoint does not specify the list of scopes, then the subsequent request to the `/token` endpoint returns 500 server error...
`oidc-agent` registers new clients trough an unauthenticated request to the IAM registration endpoint. Because of this, a user who approved that client thinks that the `oidc-agent` client should appear in...