Shibboleth Developer's Meeting, 2021-05-07

Brent

Daniel

Henri

• JOIDC-44 - Getting issue details... STATUS
  • Deep dive into the attribute registry & transcoders
• JCOMOIDC-19 - Getting issue details... STATUS
  • In practise the Nimbus release-cycle means that if we need a bug-fix, it's always a minor update for us 
• JOIDC-42 - Getting issue details... STATUS
  • About half is done with the latest Nimbus dependencies, I don't foresee issues

Ian

John

• cpp-linbuild
  
  • Can generate manifests of RPM/SRPM products
  • Working on signaling first-level dependencies from Makefile to build script
  • Planning to use local repos to resolve second+ level dependencies
  • Overarching goal is to shift from per-component/per-platform build script to generic build script
  • Updated Amazon Linux 2 Docker image to latest (20210326)

Marvin

Phil

• Minor plugin changes.
  • Jar sealing
  • DuoOIDC plugin updates to support the latest Duo WebSDKv4
  • Removed retrofit and okhttp from the IdP (java-parent) and added them to the DuoOIDC plugin package. Looking at releasing this as 1.1.0, but only after the next version of the IdP is released.
    • Any security issues for v 1.0.0 can go into a 1.0.x release. 
• Some plugin download location and version testing
• Started looking at PrivacyIdea
  • Pretty cool, most auth token mechanisms sit behind a three 'mode' API facade (as Scott previously mentioned). 
  • Have it set up and enrolling various security keys. Interested in the webauthn function - but there are plenty of auth token options.
    • Even with the facade, there are still some differences (client-side) for some of the methods.

Rod

Lots of minor changes for the next minor/major release.  Two open questions

• IDP-1811 - Getting issue details... STATUS
  • Do we have the right to change the default behavior of the Attribute Resolver wrt Display Information(especially given that no-one will notice)?
  • This would allow us to actively deprecate & log as deprecated a lot of old methods which are there solely to support IdPAttributes carrying DIsplay Information.
• IDP-1813 - Getting issue details... STATUS
  • There is an impedance mismatch between the CLIs (which use System.out.println) and much of the installers (which need to have the ability to log verbosely).
  • How to square the circle?

Scott

• Atlassian Adventures – worst Disney ride ever
  
  • Jira hung during last update attempt
  • We do have an offer from Internet2 to migrate to a Data Center instance with SSO support
  • Made some progress spelunking the database and managing to rename accounts via SQL – my thought was to do this for all accounts with email addresses to rename them to the email address before a conversion to Cloud, but we'd have to orphan or dummy-associate all other issues and comments
  • Going to start with some trial Confluence migrations since the account issue is less acute
• SSPCPP-926 - Getting issue details... STATUS
  • Successful experiment to replace XML serialization of IPC with  a text-based record-oriented syntax
  • Working all week on understanding the character encoding implications of using Java on the other end, extremely convoluted
  • Next steps:
    • Implement some form of this in Java
    • Built a prototype socket server on top of a Spring ApplicationContext
    • Start sketching out the service APIs needed for some of the functionality, particularly configuration file processing
• Board requests for a skills matrix and an updated roadmap

Tom

• GEN-286 - Getting issue details... STATUS  Status update, Scott ?
• IDP-1632 - Getting issue details... STATUS  Tests pass
• Are we ok with the Sauce Labs Terms of Service ?
  https://saucelabs.com/terms-of-service
  We have Open Sauce, which is free for open-source projects and allows us to test browsers.

Other