From f3352eb87760d4cc453c72b28e53eb314c3cbff7 Mon Sep 17 00:00:00 2001
From: Samay Bhojwani <samaybhojwani@nebraska.edu>
Date: Tue, 18 Mar 2025 16:25:59 -0500
Subject: [PATCH 1/7] "changed scopes"
---
oidc/com-accountlifecyclecloud-nebraska.xml | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/oidc/com-accountlifecyclecloud-nebraska.xml b/oidc/com-accountlifecyclecloud-nebraska.xml
index 882db3f..c795cb7 100644
--- a/oidc/com-accountlifecyclecloud-nebraska.xml
+++ b/oidc/com-accountlifecyclecloud-nebraska.xml
@@ -8,7 +8,7 @@
grant_types="authorization_code"
response_types="code+id_token"
token_endpoint_auth_method="client_secret_post"
- scopes="email+openid+profile" />
+ scopes="email openid profile" />
</md:Extensions>
<md:KeyDescriptor>
<ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
--
GitLab
From b01df45c5a1b9f9d9dfabe5bc126a26fde8d4083 Mon Sep 17 00:00:00 2001
From: Samay Bhojwani <samaybhojwani@nebraska.edu>
Date: Tue, 25 Mar 2025 15:09:37 -0500
Subject: [PATCH 2/7] removed + in scopes
---
oidc/edu-nebraska-its-cssm.xml | 2 +-
oidc/edu-unl-pacs.xml | 2 +-
oidc/edu-unl-unl-inowweb-tst.xml | 2 +-
oidc/edu-unl-unpd0016.xml | 2 +-
oidc/edu-unl-unpd002.xml | 2 +-
oidc/edu-unl-unpd0026.xml | 2 +-
oidc/edu.unl.lstit-door.xml | 2 +-
7 files changed, 7 insertions(+), 7 deletions(-)
diff --git a/oidc/edu-nebraska-its-cssm.xml b/oidc/edu-nebraska-its-cssm.xml
index 06dd0ee..09de52d 100644
--- a/oidc/edu-nebraska-its-cssm.xml
+++ b/oidc/edu-nebraska-its-cssm.xml
@@ -8,7 +8,7 @@
grant_types="authorization_code"
response_types="code+id_token"
token_endpoint_auth_method="client_secret_basic"
- scopes="openid+email" />
+ scopes="openid email" />
</md:Extensions>
<md:KeyDescriptor>
<ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
diff --git a/oidc/edu-unl-pacs.xml b/oidc/edu-unl-pacs.xml
index d919b54..d9b3794 100644
--- a/oidc/edu-unl-pacs.xml
+++ b/oidc/edu-unl-pacs.xml
@@ -8,7 +8,7 @@
grant_types="authorization_code"
response_types="code+id_token"
token_endpoint_auth_method="client_secret_basic"
- scopes="email+openid" />
+ scopes="email openid" />
</md:Extensions>
<md:KeyDescriptor>
<ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
diff --git a/oidc/edu-unl-unl-inowweb-tst.xml b/oidc/edu-unl-unl-inowweb-tst.xml
index cfb7290..e4512af 100644
--- a/oidc/edu-unl-unl-inowweb-tst.xml
+++ b/oidc/edu-unl-unl-inowweb-tst.xml
@@ -8,7 +8,7 @@
grant_types="authorization_code"
response_types="code"
token_endpoint_auth_method="client_secret_post"
- scopes="openid+email" />
+ scopes="openid email" />
</md:Extensions>
<md:KeyDescriptor>
<ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
diff --git a/oidc/edu-unl-unpd0016.xml b/oidc/edu-unl-unpd0016.xml
index 9484bcf..e606d41 100644
--- a/oidc/edu-unl-unpd0016.xml
+++ b/oidc/edu-unl-unpd0016.xml
@@ -8,7 +8,7 @@
grant_types="authorization_code"
response_types="code+id_token"
token_endpoint_auth_method="client_secret_post"
- scopes="email+openid" />
+ scopes="email openid" />
</md:Extensions>
<md:KeyDescriptor>
<ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
diff --git a/oidc/edu-unl-unpd002.xml b/oidc/edu-unl-unpd002.xml
index c630c2c..1628af7 100644
--- a/oidc/edu-unl-unpd002.xml
+++ b/oidc/edu-unl-unpd002.xml
@@ -8,7 +8,7 @@
grant_types="authorization_code"
response_types="code+id_token"
token_endpoint_auth_method="client_secret_post"
- scopes="email+openid" />
+ scopes="email openid" />
</md:Extensions>
<md:KeyDescriptor>
<ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
diff --git a/oidc/edu-unl-unpd0026.xml b/oidc/edu-unl-unpd0026.xml
index fbd7005..cb01dce 100644
--- a/oidc/edu-unl-unpd0026.xml
+++ b/oidc/edu-unl-unpd0026.xml
@@ -8,7 +8,7 @@
grant_types="authorization_code+refresh_token"
response_types="code+id_token"
token_endpoint_auth_method="client_secret_basic"
- scopes="openid+profile+email+offline_access" />
+ scopes="openid profile email offline_access" />
</md:Extensions>
<md:KeyDescriptor>
<ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
diff --git a/oidc/edu.unl.lstit-door.xml b/oidc/edu.unl.lstit-door.xml
index b3d82bd..d2f6cc6 100644
--- a/oidc/edu.unl.lstit-door.xml
+++ b/oidc/edu.unl.lstit-door.xml
@@ -8,7 +8,7 @@
grant_types="authorization_code"
response_types="code+id_token"
token_endpoint_auth_method="client_secret_post"
- scopes="email+openid" />
+ scopes="email openid" />
</md:Extensions>
<md:KeyDescriptor>
<ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
--
GitLab
From c9e04c2b187c8d0d3723ae1ac7be2a093f0c6da4 Mon Sep 17 00:00:00 2001
From: Samay Bhojwani <samaybhojwani@nebraska.edu>
Date: Thu, 27 Mar 2025 16:03:48 -0500
Subject: [PATCH 3/7] removed + from response types
---
oidc/com-accountlifecyclecloud-nebraska.xml | 2 +-
oidc/edu-nebraska-its-cssm.xml | 2 +-
oidc/edu-unl-ncard.xml | 2 +-
oidc/edu-unl-pacs.xml | 2 +-
oidc/edu-unl-unpd0016.xml | 2 +-
oidc/edu-unl-unpd002.xml | 2 +-
oidc/edu-unl-unpd0026.xml | 2 +-
oidc/edu.unl.lstit-door.xml | 2 +-
8 files changed, 8 insertions(+), 8 deletions(-)
diff --git a/oidc/com-accountlifecyclecloud-nebraska.xml b/oidc/com-accountlifecyclecloud-nebraska.xml
index c795cb7..0385226 100644
--- a/oidc/com-accountlifecyclecloud-nebraska.xml
+++ b/oidc/com-accountlifecyclecloud-nebraska.xml
@@ -6,7 +6,7 @@
<md:Extensions>
<oidcmd:OAuthRPExtensions
grant_types="authorization_code"
- response_types="code+id_token"
+ response_types="code id_token"
token_endpoint_auth_method="client_secret_post"
scopes="email openid profile" />
</md:Extensions>
diff --git a/oidc/edu-nebraska-its-cssm.xml b/oidc/edu-nebraska-its-cssm.xml
index 09de52d..e8b715a 100644
--- a/oidc/edu-nebraska-its-cssm.xml
+++ b/oidc/edu-nebraska-its-cssm.xml
@@ -6,7 +6,7 @@
<md:Extensions>
<oidcmd:OAuthRPExtensions
grant_types="authorization_code"
- response_types="code+id_token"
+ response_types="code id_token"
token_endpoint_auth_method="client_secret_basic"
scopes="openid email" />
</md:Extensions>
diff --git a/oidc/edu-unl-ncard.xml b/oidc/edu-unl-ncard.xml
index 4e29f63..aedebcc 100644
--- a/oidc/edu-unl-ncard.xml
+++ b/oidc/edu-unl-ncard.xml
@@ -6,7 +6,7 @@
<md:Extensions>
<oidcmd:OAuthRPExtensions
grant_types="authorization_code"
- response_types="code+id_token"
+ response_types="code id_token"
token_endpoint_auth_method="client_secret_basic"
scopes="openid" />
</md:Extensions>
diff --git a/oidc/edu-unl-pacs.xml b/oidc/edu-unl-pacs.xml
index d9b3794..bd078b8 100644
--- a/oidc/edu-unl-pacs.xml
+++ b/oidc/edu-unl-pacs.xml
@@ -6,7 +6,7 @@
<md:Extensions>
<oidcmd:OAuthRPExtensions
grant_types="authorization_code"
- response_types="code+id_token"
+ response_types="code id_token"
token_endpoint_auth_method="client_secret_basic"
scopes="email openid" />
</md:Extensions>
diff --git a/oidc/edu-unl-unpd0016.xml b/oidc/edu-unl-unpd0016.xml
index e606d41..c63bcaf 100644
--- a/oidc/edu-unl-unpd0016.xml
+++ b/oidc/edu-unl-unpd0016.xml
@@ -6,7 +6,7 @@
<md:Extensions>
<oidcmd:OAuthRPExtensions
grant_types="authorization_code"
- response_types="code+id_token"
+ response_types="code id_token"
token_endpoint_auth_method="client_secret_post"
scopes="email openid" />
</md:Extensions>
diff --git a/oidc/edu-unl-unpd002.xml b/oidc/edu-unl-unpd002.xml
index 1628af7..952ea07 100644
--- a/oidc/edu-unl-unpd002.xml
+++ b/oidc/edu-unl-unpd002.xml
@@ -6,7 +6,7 @@
<md:Extensions>
<oidcmd:OAuthRPExtensions
grant_types="authorization_code"
- response_types="code+id_token"
+ response_types="code id_token"
token_endpoint_auth_method="client_secret_post"
scopes="email openid" />
</md:Extensions>
diff --git a/oidc/edu-unl-unpd0026.xml b/oidc/edu-unl-unpd0026.xml
index cb01dce..db46498 100644
--- a/oidc/edu-unl-unpd0026.xml
+++ b/oidc/edu-unl-unpd0026.xml
@@ -6,7 +6,7 @@
<md:Extensions>
<oidcmd:OAuthRPExtensions
grant_types="authorization_code+refresh_token"
- response_types="code+id_token"
+ response_types="code id_token"
token_endpoint_auth_method="client_secret_basic"
scopes="openid profile email offline_access" />
</md:Extensions>
diff --git a/oidc/edu.unl.lstit-door.xml b/oidc/edu.unl.lstit-door.xml
index d2f6cc6..de9edb8 100644
--- a/oidc/edu.unl.lstit-door.xml
+++ b/oidc/edu.unl.lstit-door.xml
@@ -6,7 +6,7 @@
<md:Extensions>
<oidcmd:OAuthRPExtensions
grant_types="authorization_code"
- response_types="code+id_token"
+ response_types="code id_token"
token_endpoint_auth_method="client_secret_post"
scopes="email openid" />
</md:Extensions>
--
GitLab
From 88cda30dbcf66c2ffd3851cd7d28148dc79a1a20 Mon Sep 17 00:00:00 2001
From: Ryan Rumbaugh <rrumbaugh@nebraska.edu>
Date: Sat, 29 Mar 2025 08:58:43 -0500
Subject: [PATCH 4/7] Update CSSM to use code and id_token for response type
---
oidc/edu-nebraska-its-cssm.xml | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/oidc/edu-nebraska-its-cssm.xml b/oidc/edu-nebraska-its-cssm.xml
index e8b715a..09de52d 100644
--- a/oidc/edu-nebraska-its-cssm.xml
+++ b/oidc/edu-nebraska-its-cssm.xml
@@ -6,7 +6,7 @@
<md:Extensions>
<oidcmd:OAuthRPExtensions
grant_types="authorization_code"
- response_types="code id_token"
+ response_types="code+id_token"
token_endpoint_auth_method="client_secret_basic"
scopes="openid email" />
</md:Extensions>
--
GitLab
From 9d37812ddd504873e95c6b63caf470042db24b4c Mon Sep 17 00:00:00 2001
From: Ryan Rumbaugh <rrumbaugh@nebraska.edu>
Date: Sat, 29 Mar 2025 09:22:16 -0500
Subject: [PATCH 5/7] Update ALM to use code AND id_token
---
oidc/com-accountlifecyclecloud-nebraska.xml | 2 +-
oidc/edu-nebraska-its-cssm.xml | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/oidc/com-accountlifecyclecloud-nebraska.xml b/oidc/com-accountlifecyclecloud-nebraska.xml
index 0385226..c795cb7 100644
--- a/oidc/com-accountlifecyclecloud-nebraska.xml
+++ b/oidc/com-accountlifecyclecloud-nebraska.xml
@@ -6,7 +6,7 @@
<md:Extensions>
<oidcmd:OAuthRPExtensions
grant_types="authorization_code"
- response_types="code id_token"
+ response_types="code+id_token"
token_endpoint_auth_method="client_secret_post"
scopes="email openid profile" />
</md:Extensions>
diff --git a/oidc/edu-nebraska-its-cssm.xml b/oidc/edu-nebraska-its-cssm.xml
index 09de52d..5164001 100644
--- a/oidc/edu-nebraska-its-cssm.xml
+++ b/oidc/edu-nebraska-its-cssm.xml
@@ -6,7 +6,7 @@
<md:Extensions>
<oidcmd:OAuthRPExtensions
grant_types="authorization_code"
- response_types="code+id_token"
+ response_types="code"
token_endpoint_auth_method="client_secret_basic"
scopes="openid email" />
</md:Extensions>
--
GitLab
From 25b52b351189e74c6ce8932182b1c6e984882053 Mon Sep 17 00:00:00 2001
From: Samay Bhojwani <samaybhojwani@nebraska.edu>
Date: Wed, 2 Apr 2025 16:43:48 -0500
Subject: [PATCH 6/7] "added id_token to response_types value in cssm"
---
oidc/edu-nebraska-its-cssm.xml | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/oidc/edu-nebraska-its-cssm.xml b/oidc/edu-nebraska-its-cssm.xml
index 5164001..09de52d 100644
--- a/oidc/edu-nebraska-its-cssm.xml
+++ b/oidc/edu-nebraska-its-cssm.xml
@@ -6,7 +6,7 @@
<md:Extensions>
<oidcmd:OAuthRPExtensions
grant_types="authorization_code"
- response_types="code"
+ response_types="code+id_token"
token_endpoint_auth_method="client_secret_basic"
scopes="openid email" />
</md:Extensions>
--
GitLab
From c59a531416f10761d2ec262f93e097c9c68902ae Mon Sep 17 00:00:00 2001
From: Ryan Rumbaugh <rrumbaugh@nebraska.edu>
Date: Fri, 4 Apr 2025 15:05:53 -0500
Subject: [PATCH 7/7] Update response types for CSSM
---
oidc/edu-nebraska-its-cssm.xml | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/oidc/edu-nebraska-its-cssm.xml b/oidc/edu-nebraska-its-cssm.xml
index 5164001..09de52d 100644
--- a/oidc/edu-nebraska-its-cssm.xml
+++ b/oidc/edu-nebraska-its-cssm.xml
@@ -6,7 +6,7 @@
<md:Extensions>
<oidcmd:OAuthRPExtensions
grant_types="authorization_code"
- response_types="code"
+ response_types="code+id_token"
token_endpoint_auth_method="client_secret_basic"
scopes="openid email" />
</md:Extensions>
--
GitLab