Skip to content
[Jenkins]Jenkins
log in
Success

Changes

Summary

  1. [GovWayCore, ProtocolloModIPA] (commit: a6c3772) (details)
  2. [Documentazione] (commit: 2913dec) (details)
Commit a6c3772e724c4f8333ea1c06cab78d0d81e6b17b by Andrea Poli
[GovWayCore, ProtocolloModIPA]
La validazione dei token 'ModI' non supportava token contenenti claim 'aud' definiti come stringhe di array.
È stato aggiunto il supporto in modo da rispettare entrambe le modalità (array of case-sensitive strings or single case-sensitive string) indicate nel RFC 'https://datatracker.ietf.org/doc/html/rfc7519.html#section-4.1.3'.
Nell'intervento è stato rivista anche la verifica dei certificati di una fruizione o erogazione, in modo che i keystore/truststore utilizzati per i token di una risposta vengono validati solamente se l'API prevede un token di sicurezza nella risposta.
 (commit: a6c3772)
The file was addedprotocolli/modipa/testsuite/src/test/rest/sicurezza-messaggio/check-tracce/check-traccia-no-audience.feature
The file was addedprotocolli/modipa/testsuite/src/test/rest/sicurezza-messaggio/check-tracce/check-traccia-kid-no-audience.feature
The file was modified protocolli/modipa/testsuite/src/test/rest/sicurezza-messaggio/check-tracce/check-traccia.feature (diff)
The file was modified protocolli/modipa/testsuite/src/test/rest/sicurezza-messaggio/idar03.feature (diff)
The file was modified protocolli/trasparente/testsuite/karate/src/org/openspcoop2/core/protocolli/trasparente/testsuite/token/validazione/AllTest.java (diff)
The file was modified core/src/org/openspcoop2/protocol/registry/RegistroServiziReader.java (diff)
The file was modified protocolli/modipa/src/org/openspcoop2/protocol/modipa/builder/ModIImbustamentoRest.java (diff)
The file was modified protocolli/modipa/testsuite/src/configurazioni-govway/modipaTestBundle.zip (diff)
The file was modified core/src/org/openspcoop2/core/constants/CostantiDB.java (diff)
The file was modified protocolli/modipa/src/modipa.properties (diff)
The file was modified protocolli/trasparente/testsuite/karate/src/configurazioni-govway/trasparenteTestBundle.zip (diff)
The file was addedcore/src/org/openspcoop2/protocol/utils/ModISecurityUtils.java
The file was modified protocolli/modipa/src/org/openspcoop2/protocol/modipa/constants/ModICostanti.java (diff)
The file was modified protocolli/trasparente/testsuite/karate/src/org/openspcoop2/core/protocolli/trasparente/testsuite/token/validazione/ValidazioneJWTTest.java (diff)
The file was modified ChangeLog (diff)
The file was modified resources/doc/src/manuali/console/profiloModIPA/messaggio/avanzata/claims.rst (diff)
The file was modified protocolli/trasparente/testsuite/karate/src/org/openspcoop2/core/protocolli/trasparente/testsuite/token/validazione/Utilities.java (diff)
The file was modified protocolli/trasparente/testsuite/karate/src/org/openspcoop2/core/protocolli/trasparente/testsuite/token/validazione/UserInfoTest.java (diff)
The file was modified protocolli/modipa/testsuite/src/org/openspcoop2/core/protocolli/modipa/testsuite/rest/sicurezza_messaggio/proxy.feature (diff)
The file was modified protocolli/modipa/testsuite/src/org/openspcoop2/core/protocolli/modipa/testsuite/rest/sicurezza_messaggio/mock.feature (diff)
The file was modified protocolli/modipa/src/org/openspcoop2/protocol/modipa/properties/ModIDynamicConfigurationAccordiParteComuneSicurezzaMessaggioUtilities.java (diff)
The file was modified protocolli/modipa/testsuite/src/test/rest/sicurezza-messaggio/audit.feature (diff)
The file was modified protocolli/trasparente/testsuite/karate/src/org/openspcoop2/core/protocolli/trasparente/testsuite/token/validazione/IntrospectionTest.java (diff)
The file was modified protocolli/modipa/src/org/openspcoop2/protocol/modipa/utils/ModIUtilities.java (diff)
The file was modified protocolli/modipa/src/org/openspcoop2/protocol/modipa/properties/ModIDynamicConfigurationAccordiParteSpecificaUtilities.java (diff)
The file was modified protocolli/modipa/src/org/openspcoop2/protocol/modipa/config/ModIProperties.java (diff)
The file was modified protocolli/modipa/src/org/openspcoop2/protocol/modipa/validator/ModIValidazioneSemantica.java (diff)
The file was modified protocolli/modipa/src/org/openspcoop2/protocol/modipa/properties/ModIDynamicConfiguration.java (diff)
Commit 2913decc24cd1334b9c55ffdbce77828e2fb36fd by Andrea Poli
[Documentazione]
Iniziata predisposizione rilascio della versione 3.3.14
 (commit: 2913dec)
The file was modified distrib/distrib.sh (diff)
The file was modified ant/setup/antinstall-config.xml (diff)
The file was modified resources/doc/src/manuali/vulnerability-management/securityAdvisory/2023/CVE-2023-4759.rst (diff)
The file was modified pom.xml (diff)
The file was modified ant/commons/sql-build.xml (diff)
The file was modified tools/rs/config/server/src/schemi/govway_rs-api_config.yaml (diff)
The file was modified tools/rs/monitor/server/src/schemi/govway_rs-api_monitor.yaml (diff)
The file was modified resources/doc/src/manuali/vulnerability-management/securityAdvisory/2023/CVE-2023-34042.rst (diff)
The file was modified resources/doc/src/manuali/vulnerability-management/securityAdvisory/2023/CVE-2023-40167.rst (diff)
The file was modified resources/doc/src/manuali/vulnerability-management/securityAdvisory/2023/CVE-2023-44483.rst (diff)
The file was modified resources/doc/src/manuali/conf.py (diff)
The file was modified resources/doc/src/manuali/vulnerability-management/securityAdvisory/2023/CVE-2023-45860.rst (diff)
The file was modified resources/doc/src/manuali/vulnerability-management/securityAdvisory/2024/CVE-2023-51074.rst (diff)
The file was modified core/deploy/preloading/apiMonitor.zip (diff)
The file was modified tools/utils/src/org/openspcoop2/utils/Costanti.java (diff)
The file was modified resources/doc/src/releaseNotes/conf.py (diff)
The file was modified resources/doc/src/manuali/vulnerability-management/securityAdvisory/2023/CVE-2023-4586.rst (diff)
The file was modified tools/rs/config/server/src/schemi/merge/govway_rs-api_config.yaml (diff)
The file was modified resources/doc/src/manuali/vulnerability-management/securityAdvisory/2023/CVE-2023-5072.rst (diff)
The file was modified core/deploy/preloading/apiConfig.zip (diff)
The file was modified tools/rs/monitor/server/src/schemi/merge/govway_rs-api_monitor.yaml (diff)