Stan Silvert
05005a1791
KEYCLOAK-8522: Migrate IdpHint tests. Remove unneeded tests.
2019-02-25 09:40:39 -03:00
Hynek Mlnarik
37ef47d6ab
KEYCLOAK-9509 Upgrade to Wildfly 15
...
KEYCLOAK-9584 Update Wildfly Arquillian version
KEYCLOAK-9581: Fix CookiePathTests
KEYCLOAK-9607 CLI sripts and configuration files update
KEYCLOAK-9580 Fix component registration error
KEYCLOAK-9590 Update JDG to newest version
* Infinispan is using whatever version is set in root pom.xml.
KEYCLOAK-9509 Fix Undertow tests
Co-Authored-By: vramik <vramik@redhat.com>
Co-Authored-By: sebastienblanc <scm.blanc@gmail.com>
2019-02-25 08:56:46 +01:00
Pedro Igor
99f8e5f808
[KEYCLOAK-9489] - Fixing fine-grained permission functionality
2019-02-22 09:22:14 -03:00
Pedro Igor
9314f13255
[KEYCLOAK-9093] - False-Positive UMA Policy Evaluation
2019-02-21 21:47:58 -03:00
Pedro Igor
4d5dff1d64
[KEYCLOAK-9474] - Public endpoints are returning 403 with body when enforcement mode is disabled
2019-02-21 16:27:07 -03:00
stianst
e06c705ca8
Set version 5.0.0
2019-02-21 09:35:14 +01:00
mposolda
e4d4159743
KEYCLOAK-9586 Fix cluster tests. Fix cross-dc tests on embedded undertow
2019-02-20 19:11:38 +01:00
Pedro Igor
34d8974e7f
[KEYCLOAK-9489] - User not able to log in to admin console when using query-* roles
2019-02-20 18:09:36 +01:00
vmuzikar
7afd068c27
KEYCLOAK-9423 Fix Stack Overflow Social Login test
2019-02-20 16:45:11 +01:00
Stan Silvert
9e16c772bd
KEYCLOAK-9387: Add hor scroll & tooltips to role selectors
2019-02-19 21:03:52 +01:00
Hynek Mlnarik
c34c0a3860
KEYCLOAK-9112 KEYCLOAK-9108 Ignore expected exceptions
2019-02-13 15:49:49 +01:00
Hynek Mlnarik
a74d6ab932
KEYCLOAK-9107 Fix NPE
2019-02-13 15:49:49 +01:00
Hynek Mlnarik
37e6b6ffc6
KEYCLOAK-9113 Add support for inspecting log messages for uncaught errors
2019-02-13 15:49:49 +01:00
vmuzikar
16827ef64b
KEYCLOAK-9531 Fix broken Arquillian tests in the "other" module
2019-02-12 15:09:31 +01:00
Hynek Mlnarik
59430e7cd6
KEYCLOAK-9456 Docker support for testing with MSSQL, Oracle 11g
2019-02-08 19:31:45 +01:00
vmuzikar
191cbca7ad
UI and Node.js adapter tests fixes
2019-02-08 08:57:48 -02:00
Sebastian Laskawiec
ee41a0450f
KEYCLOAK-8349 KEYCLOAK-8659 Use TLS for all tests in the suite
2019-02-08 08:57:48 -02:00
Pedro Igor
885eec5ef2
[KEYCLOAK-8348] - Containerize database tests
2019-01-30 16:29:03 -02:00
Pedro Igor
e01c9ddd60
[KEYCLOAK-8849] - Fixing request entitlements call
2019-01-16 12:25:18 -02:00
Pedro Igor
31e8e73e48
[KEYCLOAK-8849] - Using custom polling http client
2019-01-16 12:25:18 -02:00
vmuzikar
1199376e37
KEYCLOAK-9273 Log test browser version
2019-01-15 13:00:38 +01:00
vramik
c4a46a5591
KEYCLOAK-7677 KEYCLOAK-7723 fix version collision of httpclient
...
Co-authored-by: Pedro Igor <psilva@redhat.com>
2019-01-10 17:45:41 -02:00
stianst
7c9f15778a
Set version to 4.8.3.Final
2019-01-09 20:39:30 +01:00
vramik
0602a88fcc
KEYCLOAK-9262 Skip SAMLFilterServletAdapterTest for jdk7
2019-01-09 16:36:19 +01:00
Pedro Igor
382f6b0c2c
[KEYCLOAK-9185] - Update LinkedIn broker to LinkedIn API v2
2019-01-09 15:29:40 +01:00
mposolda
692127519b
KEYCLOAK-8724 Stabilize BruteForceCrossDCTest.testBruteForceConcurrentUpdate
2019-01-09 12:20:33 +01:00
vramik
b2a7d42310
KEYCLOAK-9193 CorsExampleAdapterTest fails on Windows
2019-01-04 09:20:28 +01:00
stianst
7c4890152c
Set version to 4.8.2
2019-01-03 14:43:22 +01:00
stianst
07ccbdc3db
KEYCLOAK-9182
2019-01-03 14:28:35 +01:00
Sebastian Laskawiec
602b7207ab
KEYCLOAK-9008 CookieStoreRootContextTest stabilization
2018-12-19 10:11:44 +01:00
mposolda
061693a8c9
KEYCLOAK-9089 IllegalArgumentException when trying to use ES256 as OIDC access token signature
2018-12-14 21:01:03 +01:00
mhajas
26c8af5369
KEYCLOAK-8533 Add tests for native promises
2018-12-13 13:57:58 +01:00
mposolda
1237986fd0
KEYCLOAK-8838 Incorrect resource_access in accessToken when clientId contains dots
2018-12-13 10:31:27 +01:00
rmartinc
3c44e6c377
KEYCLOAK-9068: IDP-initiated-flow is not working with REDIRECT binding
2018-12-13 06:28:38 -02:00
mhajas
81d4908c1d
KEYCLOAK-9058 Fix issue with cyclic object on firefox
2018-12-13 08:33:14 +01:00
mposolda
c51c492996
KEYCLOAK-9050 Change LoginProtocol.authenticated to read most of the values from authenticationSession
2018-12-12 13:30:03 +01:00
Stan Silvert
3ed77825a2
KEYCLOAK-8495: Account REST Svc doesn't require acct roles
2018-12-12 12:07:29 +01:00
mposolda
a7f57c7e23
KEYCLOAK-9021
2018-12-12 07:09:14 +01:00
Hynek Mlnarik
dad12635f6
KEYCLOAK-9014 Fix displayed applications
2018-12-10 09:59:46 +01:00
Pedro Igor
8204509b0c
[KEYCLOAK-8980] - ElytronAccount not serializable
2018-12-10 08:55:00 +01:00
mposolda
88141320ac
KEYCLOAK-9002 StackOverflowError when reading LDAP-backed users via REST API
2018-12-07 12:25:05 +01:00
vramik
6616e4a011
KEYCLOAK-8660 fix package name of Album class
2018-12-06 19:13:38 +01:00
Pedro Igor
0c39eda8d2
[KECLOAK-8237] - Openshift Client Storage
2018-12-06 10:57:53 -02:00
Martin Bartos RH
99a5656f0f
[KEYCLOAK-8389] Migrate ModelClass: UserSessionInitializerTest
2018-12-06 12:43:11 +01:00
vmuzikar
3e48fa1dbc
KEYCLOAK-9023 Add support for Java 11 to the testsuite
2018-12-06 11:47:00 +01:00
Pedro Igor
e798c3bca2
[KEYCLOAK-8901] - Identity Provider : UserInfo response as JWT Token not supported
2018-12-05 09:28:12 -02:00
Hynek Mlnarik
00e0ba8633
KEYCLOAK-8940 Stabilize SessionsPreloadCrossDCTest.loginFailuresPreloadTest
2018-12-04 14:27:57 +01:00
Pavel Drozd
bba081d3a8
KEYCLOAK-8982 - Fix Servlet Filter tests for WLS & WAS
2018-12-04 13:58:25 +01:00
stianst
b674c0d4d9
Prepare for 4.8.0.Final
2018-12-04 13:54:25 +01:00
vramik
4b50fdb404
KEYCLOAK-8955 adapter installation fails on windows - edit logging
2018-12-04 13:50:55 +01:00
Pedro Igor
ed0b5d4df1
[KEYCLOAK-8857] - Provide utility to create AuthzClient from InputStream
2018-12-03 11:14:43 -02:00
vramik
1b8dc04459
KEYCLOAK-8817 skip EntitlementAPITest.testOfflineRequestingPartyToken for auth-server-undertow
2018-11-29 13:38:26 +01:00
Pedro Igor
4355c89b9d
[KEYCLOAK-7365] - No need to check roles when refreshing tokens
2018-11-29 08:51:25 -02:00
rmartinc
1b37394276
KEYCLOAK-7242: LDAPS not working with truststore SPI and connection timeout
2018-11-29 11:21:46 +01:00
Hynek Mlnarik
ded82fff3d
KEYCLOAK-8941 Fix order of stopping test servers
2018-11-29 11:16:34 +01:00
Sebastian Laskawiec
4fbbaf18aa
KEYCLOAK-8830 Stabilize ExportImportTest
2018-11-29 10:33:00 +01:00
Tomasz Prętki
2b9b1ba45f
[KEYCLOAK-8823] - PathMatcher doesn't prefer overloaded templated resources
2018-11-28 11:39:11 -02:00
vmuzikar
7d75377813
KEYCLOAK-8944 Fix ProfileAssume for backward adapter compat. testing
2018-11-27 13:58:41 +01:00
Stefan Guilhen
311e848460
KEYCLOAK-8504 Ensure the authenticationFlowBindingOverrides client configuration references a valid authentication flow id when a realm is imported
2018-11-23 22:09:14 +01:00
Pedro Igor
91637120ee
[KEYCLOAK-5052] - LDAP group names containing / in the name violates SIBILING_NAME constraint in db
2018-11-23 08:48:08 -02:00
Hynek Mlnarik
d90a5d1367
KEYCLOAK-8594 Fix missing option to Base64 encoder
2018-11-22 21:48:00 +01:00
Hynek Mlnarik
d395043fc7
KEYCLOAK-8707 Fix client template to scope migration
2018-11-22 15:07:47 +01:00
mposolda
6e93ca36af
KEYCLOAK-8519 OIDCScopeTest.testClientDisplayedOnConsentScreenWithEmptyConsentText failing on Oracle
2018-11-22 09:30:01 +01:00
vramik
2d727fc54c
KEYCLOAK-8909 fix KcOidcBrokerLogoutTest for product
2018-11-22 09:28:37 +01:00
mposolda
6db1f60e27
KEYCLOAK-7774 KEYCLOAK-8438 Errors when SSO authenticating to same client multiple times concurrently in more browser tabs
2018-11-21 21:51:32 +01:00
Stefan Guilhen
8af1ca8fc3
KEYCLOAK-8414 use the clientId when the ClientScopeModel is an instance of ClientModel
2018-11-20 15:08:10 +01:00
vramik
55f90ff09f
KEYCLOAK-8837 Adapt TS to be able to test migration from 7.2.5.GA (instead from 7.2.0.GA)
2018-11-19 18:06:33 +01:00
Stian Thorgersen
f3bf1456ab
KEYCLOAK-8781 Mark OpenShift integration as preview. Fix issue in Profile where preview features was not enabled in preview mode. ( #5738 )
2018-11-19 17:32:21 +01:00
Hynek Mlnarik
548950ed8e
KEYCLOAK-8756 Consider also required actions of AuthenticationSession
2018-11-19 16:04:43 +01:00
Marek Posolda
f67d6f9660
KEYCLOAK-8482 Access token should never contain azp as an audience ( #5719 )
2018-11-19 14:38:41 +01:00
Stian Thorgersen
3756cf629b
KEYCLOAK-7081 Fixes for manual/qr mode switches on login config otp page ( #5717 )
2018-11-19 14:32:28 +01:00
Takashi Norimatsu
0793234c19
KEYCLOAK-8460 Request Object Signature Verification Other Than RS256 ( #5603 )
...
* KEYCLOAK-8460 Request Object Signature Verification Other Than RS256
also support client signed signature verification by refactored token
verification mechanism
* KEYCLOAK-8460 Request Object Signature Verification Other Than RS256
incorporate feedbacks and refactor client public key loading mechanism
* KEYCLOAK-8460 Request Object Signature Verification Other Than RS256
unsigned request object not allowed
* KEYCLOAK-8460 Request Object Signature Verification Other Than RS256
revert to re-support "none"
2018-11-19 14:28:32 +01:00
Hynek Mlnarik
461dae20de
KEYCLOAK-8731 Ensure password history is kept in line with password policy
2018-11-19 12:48:51 +01:00
mposolda
0533782d90
KEYCLOAK-7275 KEYCLOAK-5479 Faster offline sessions preloading at startup. Track lastSessionRefresh timestamps more properly by support bulk update to DB
2018-11-16 14:23:28 +01:00
Leon Graser
85f11873c3
KEYCLOAK-8613 Group Membership Pagination
2018-11-15 17:54:07 +01:00
Thomas Darimont
cf57a1bc4b
KEYCLOAK-1267 Add dedicated SSO timeouts for Remember-Me
...
Previously remember-me sessions where tied to the SSO max session
timeout which could lead to unexpected early session timeouts.
We now allow SSO timeouts to be configured separately for sessions
with enabled remember-me. This enables users to opt-in for longer
session timeouts.
SSO session timeouts for remember-me can now be configured in the
tokens tab in the realm admin console. This new configuration is
optional and will tipically host values larger than the regular
max SSO timeouts. If no value is specified for remember-me timeouts
then the regular max SSO timeouts will be used.
Work based on PR https://github.com/keycloak/keycloak/pull/3161 by
Thomas Darimont <thomas.darimont@gmail.com>
2018-11-15 06:11:22 +01:00
vmuzikar
8c650f9f6a
KEYCLOAK-8793 Fix backward compatibility testing for adapters
2018-11-14 22:35:47 +01:00
vmuzikar
6cee8b126b
KEYCLOAK-8792 Stabilize and fix Admin Console UI tests for RH-SSO
2018-11-14 22:32:11 +01:00
stianst
ecd476fb10
Prepare for 4.7.0.Final
2018-11-14 20:10:59 +01:00
Hynek Mlnarik
c3778e66db
KEYCLOAK-8260 Improve SAML conditions handling
2018-11-14 20:09:22 +01:00
Martin Kanis
6a23eb19f5
KEYCLOAK-8166
2018-11-14 20:09:22 +01:00
Martin Kanis
72b23c1357
KEYCLOAK-8160
2018-11-14 20:09:22 +01:00
Martin Kanis
0cb6053699
KEYCLOAK-8125
2018-11-14 20:09:22 +01:00
vramik
6564cebc0f
KEYCLOAK-7707
2018-11-14 20:09:22 +01:00
Bruno Oliveira da Silva
a957e118e6
Redirect URLs are not normalized
2018-11-14 20:09:22 +01:00
mposolda
0897d969b1
KEYCLOAK-7340
2018-11-14 20:09:22 +01:00
mposolda
1b5a83c4f1
KEYCLOAK-6980 Check if client_assertion was already used during signed JWT client authentication
2018-11-14 20:09:22 +01:00
Martin Bartos RH
f090b39e85
[KEYCLOAK-8411] Migrate ModelClass: ClientModelTest
2018-11-14 19:15:45 +01:00
mhajas
602a6e201d
KEYCLOAK-8660 Workaround photoz tests on EAP6
2018-11-13 15:57:46 +01:00
Hynek Mlnarik
7703d81389
KEYCLOAK-7421 Support SAML cluster logout for Elytron SAML adapter
2018-11-09 21:06:50 +01:00
Pedro Igor
cd96d6cc35
[KEYCLOAK-8694] - Mark Drools policy as tech preview
2018-11-09 11:08:49 -02:00
mhajas
6d04247947
KEYCLOAK-8047 Make Photoz tests great: run them on undertow + make them
...
stable
2018-11-09 12:45:38 +01:00
vramik
560d76b7ee
KEYCLOAK-6748 undertow saml adapter tests
2018-11-06 21:17:07 +01:00
Pedro Igor
bce2aee144
[KEYCLOAK-8646] - Error deleting policies when admin events are enabled
2018-11-06 11:27:32 -02:00
rmartinc
cbe59f03b7
KEYCLOAK-8708: Provide aggregation of group attributes for mappers
2018-11-06 13:42:38 +01:00
Torbjørn Skyberg Knutsen
36b0d8b80e
KEYCLOAK-7166 Added the possibility of not logging out of remote idp on browser logout, by passing a query param containing the id of the identity provider
2018-11-06 13:39:19 +01:00
scranen
5880efe775
KEYCLOAK-4342 Make naming consistent
2018-11-06 10:28:06 -02:00
scranen
0c6b20e862
[KEYCLOAK-4342] Make adapter state cookie path configurable
2018-11-06 10:28:06 -02:00
Pedro Igor
327991bd73
[KEYCLOAK-8716] - Issue with caching resolved roles in KeycloakSession
2018-11-06 10:27:04 -02:00
vramik
b2aa324ee4
KEYCLOAK-8631 skip AddUserTest on app-server-undertow
2018-10-31 18:08:42 +01:00
vramik
76e4253a21
KEYCLOAK-8670 remove support for migration.mode=import as there are separate tests
2018-10-31 18:07:20 +01:00
mposolda
ffcd8e09e7
KEYCLOAK-8175 Possibility of clientScope not being used if user doesn't have a role
2018-10-31 18:04:41 +01:00
mposolda
cfeb56e18a
KEYCLOAK-8641 Remove aud from the authorization tickets
2018-10-31 13:31:26 +01:00
mposolda
9652748ba9
KEYCLOAK-8484 Remove audience client scope template
2018-10-31 11:11:02 +01:00
Pedro Igor
f6943296c7
[KEYCLOAK-8489] - RPT request: Authorized Party's protocol mappers are being applied instead of the Audience's ones
2018-10-26 09:40:32 -03:00
vramik
4d2300f17e
KEYCLOAK-8664 KEYCLOAK-8665 KEYCLOAK-8666 fix assertions in testsuite
2018-10-25 21:42:01 +02:00
vramik
f449b8b454
KEYCLOAK-8637 Add support for OIDC multitenancy adapter test for jboss based containers
2018-10-25 20:45:45 +02:00
Graser Leon
9ef4c7fffd
KEYCLOAK-8377 Role Attributes
2018-10-24 22:04:28 +02:00
Pedro Igor
460cdf4508
[KEYCLOAK-8617] - Permission cache not handling decisions from negative policies correctly
2018-10-24 15:03:22 -03:00
mposolda
c36b577566
KEYCLOAK-8483 Remove application from the aud claim of accessToken and refreshToken
2018-10-23 13:52:09 +02:00
Pedro Igor
6f8f8e6a28
[KEYCLOAK-8449] - Option to automatically map HTTP verbs to scopes when configuring the policy enforcer
2018-10-23 08:40:54 -03:00
vramik
7a96911a83
KEYCLOAK-8300 KEYCLOAK-8301 Wildfly 14 upgrade
...
Co-authored-by: Marek Posolda <mposolda@redhat.com>
2018-10-17 20:01:07 +02:00
MICHEL Arnault (UA 2118)
ab8789739f
[KEYCLOAK-8580] Add Nginx certificate lookup provider
2018-10-16 07:53:18 +02:00
mposolda
60a8267576
KEYCLOAK-8530 KEYCLOAK-8531 Fix MigrationTest and migration from 2.5.5.Final and 3.4.3.Final
2018-10-15 16:38:24 +02:00
stianst
5f0424fb11
KEYCLOAK-8310 Change scheme option to alwaysHttps option
2018-10-15 14:00:00 +02:00
vmuzikar
393ff50b8d
KEYCLOAK-6757 Fix Microsoft Social Login test
2018-10-15 12:57:31 +02:00
Stefan Guilhen
68a54abb09
KEYCLOAK-6757 Update MicrosoftIdentityProvider to use the Microsoft Graph endpoints
2018-10-15 12:46:15 +02:00
Martin Bartos RH
102628dc59
[KEYCLOAK-4935] Migrate AddUserTest from old testsuite
2018-10-15 08:14:34 +02:00
stianst
11374a2707
KEYCLOAK-8556 Improvements to profile
2018-10-12 12:26:37 +02:00
mposolda
4483677cdd
KEYCLOAK-8529 Fix most of adapter tests on EAP6
2018-10-12 12:01:33 +02:00
mposolda
f254675a5e
KEYCLOAK-8568 DemoServletsAdapterTest.testVersion is unstable on travis
2018-10-12 09:27:37 +02:00
Leon Graser
066bef744f
KEYCLOAK-6658 Fine Grain Permissions via Java Client
...
Signed-off-by: Leon Graser <leon.graser@bosch-si.com>
2018-10-11 09:44:57 -03:00
Moritz Becker
fbe3445c48
fix KEYCLOAK-8513 remove data dependency between testUpdateProfile and testGetProfile in org.keycloak.testsuite.account.AccountRestServiceTest
2018-10-11 08:08:51 +02:00
mposolda
5b51c000af
KEYCLOAK-8481 Don't include empty resource_access in access token
2018-10-11 08:04:07 +02:00
rmartinc
0a6f43c1a1
KEYCLOAK-8490: Direct grants returns invalid credentials when user has pending actions
2018-10-10 20:18:20 +02:00
Pedro Igor
79ca722b49
[KEYCLOAK-7605] - Make sure Evaluation API is read-only
2018-10-09 08:09:29 -03:00
mposolda
3ca386f223
KEYCLOAK-8148 Duplication of listed roles assigned through groups in userinfo endpoint
2018-10-08 22:18:06 +02:00
Pedro Igor
8e57cee30f
[KEYCLOAK-8445] - Owner not granted with permissions when using only scope-based permissions
2018-10-08 09:57:21 -03:00
Hynek Mlnarik
531ee3a1be
KEYCLOAK-8494 Use c3p0 connection pool in testsuite
2018-10-08 14:24:56 +02:00
Mark True
28b6e4dd5b
cleaning up to do PR
2018-10-08 09:16:53 +02:00
Moritz Becker
f17b5f0f49
fix KEYCLOAK-7572 consistently perform duplicate user checks during account update only if email changes
...
Fix test
2018-10-05 09:35:05 +02:00
stianst
86a2f28561
KEYCLOAK-8310 Add support to set fixed scheme on fixed hostname provider
2018-10-05 09:34:17 +02:00
mposolda
0d9b1e73b8
KEYCLOAK-7855 Cannot reset Client Consent Screen Text
2018-10-04 21:00:48 +02:00
Hynek Mlnarik
211774ccbc
KEYCLOAK-7810 Fix NPE in Elytron SAML adapter
2018-10-04 14:38:45 +02:00
mposolda
2a4cee6044
KEYCLOAK-6884 KEYCLOAK-3454 KEYCLOAK-8298 Default 'roles' and 'web-origins' client scopes. Add roles and allowed-origins to the token through protocol mappers
2018-10-04 12:00:38 +02:00
Stan Silvert
dba513c921
KEYCLOAK-8419: Make most act mgt APIs only active in preview mode
2018-10-02 16:32:56 -04:00
Pedro Igor
b4b3527df7
[KEYCLOAK-7950] - Fixes user pagination when using filtering users members of groups
2018-10-02 15:44:23 -03:00
Martin Kanis
efe6a38648
KEYCLOAK-6718 Auth Flow does not Check Client Protocol
2018-09-26 21:00:02 +02:00
stianst
c3fc9e9815
Set version to 4.6.0.Final-SNAPSHOT
2018-09-26 20:58:41 +02:00
Pedro Igor
43f5983613
[KEYCLOAK-8289] - Remove authorization services from product preview profile
2018-09-26 18:27:27 +02:00
vramik
723ba42264
KEYCLOAK-8425 fix NPE during adapter cluster tests
2018-09-26 12:43:21 +02:00
Pedro Igor
df311b60b4
[KEYCLOAK-8168] - PEP is resolving claims twice under certain circumstances
2018-09-25 11:47:50 -03:00
Takashi Norimatsu
340c8e8426
KEYCLOAK-8327 Token Introspect Test for Refresh Token Mistake
2018-09-21 11:38:04 +02:00
mposolda
3777dc45d0
KEYCLOAK-3058 Support for validation of "aud" in adapters through verify-token-audience configuration switch
2018-09-21 11:17:05 +02:00
Douglas Palmer
b748e269ec
[KEYCLOAK-7435] Added code to delete a specific session and tests for session deletion
2018-09-20 15:57:58 +02:00
vmuzikar
4268dd1777
KEYCLOAK-7742,KEYCLOAK-6332 Switch Admin Console UI tests to GeckoDriver
2018-09-20 10:32:59 +02:00
vramik
24b7d080af
KEYCLOAK-8268 unify fuse70 and fuse71 modules into fuse7x module
2018-09-20 10:27:17 +02:00
Pedro Igor
6b0bc0b3be
[KEYCLOAK-8308] - Deprecate token_introspection_endpoint claim from OIDC discovery document
2018-09-19 09:46:50 -03:00
Hynek Mlnarik
2bf6d75e57
KEYCLOAK-8010 Improve handling of Conditions SAML tag
2018-09-19 14:00:28 +02:00
Pedro Igor
044d153c37
[KEYCLOAK-8273] - Failed to evaluate permissions when in permissive mode and using UMA tickets
2018-09-18 18:59:15 -03:00
Pedro Igor
609c521c17
[KEYCLOAK-8281] - Deletion of client with token exchange policy leads to breaking errors
2018-09-18 18:58:45 -03:00
Pedro Igor
aaf78297c9
[KEYCLOAK-7987] - Can't set authorization enabled when using kcreg
2018-09-18 10:00:16 -03:00
Pedro Igor
64f8fe4987
[KEYCLOAK-8070] - wrong expose headers when enable cors and policyenforcer
2018-09-17 17:02:15 -03:00
mposolda
99a16dcc1f
KEYCLOAK-6638 Support for adding audiences to tokens
2018-09-13 21:40:16 +02:00
wyvie
01051016f5
[KEYCLOAK-8185] add clear method to exportimport resource
2018-09-13 11:54:28 +02:00
slominskir
c4a651bcac
KEYCLOAK-7270 - Support for automatically linking brokered identities
2018-09-12 18:50:35 +02:00
vmuzikar
62c1ffcb52
KEYCLOAK-8189 Fix broken Google Social Login test
2018-09-12 16:40:28 +02:00
stianst
26f257a6ac
KEYCLOAK-8264 Update OpenShift Token Review endpoint to support additional algorithms and to update session last refresh on token introspection
2018-09-11 19:57:38 +02:00
stianst
12f3d2115d
KEYCLOAK-8263 Add option to client to override access token timeout
2018-09-11 12:40:51 +02:00
stianst
24e60747b6
KEYCLOAK-7560 Refactor token signature SPI PR
...
Also incorporates:
KEYCLOAK-6770 ES256/384/512 providers
KEYCLOAK-4622 Use HS256 for refresh tokens
KEYCLOAK-4623 Use HS256 for client reg tokens
2018-09-11 08:14:10 +02:00
Takashi Norimatsu
5b6036525c
KEYCLOAK-7560 Refactor Token Sign and Verify by Token Signature SPI
2018-09-11 08:14:10 +02:00
vramik
bd4098191b
KEYCLOAK-7604-rename-ids-saml-clients
2018-09-10 21:17:00 +02:00
Pedro Igor
0561d73ae2
[KEYCLOAK-6285] - HTTP Challenge Authentication Flow
2018-09-10 19:02:49 +02:00
stianst
bf758809ba
KEYCLOAK-6229 OpenShift Token Review interface
2018-09-07 08:21:28 +02:00
stianst
1fb4ca4525
Set version to 4.5.0.Final
2018-09-06 20:08:02 +02:00
vmuzikar
bd8510f4da
KEYCLOAK-7925 Initial tests for the new Account Console
2018-09-06 09:59:28 +02:00
Hynek Mlnarik
812e76c39b
KEYCLOAK-8163 Improve SAML validations
2018-09-05 15:47:03 +02:00
vramik
8761819b24
KEYCLOAK-8176 fix export issue for required action
2018-09-05 08:40:31 +02:00
Pedro Igor
47066e1b89
[KEYCLOAK-8012] - Fix offline session support in authorization services
2018-09-04 15:07:49 -03:00
Pedro Igor
6a0a1031a1
[KEYCLOAK-7754] - Fixing compat issues with UMA spec in RPT Introspection Provider
2018-09-04 11:41:09 -03:00
Pedro Igor
33efcc6b93
[KEYCLOAK-8142] - Fixing regression when setting path enforcement mode to disabled
2018-09-04 10:32:06 -03:00
Hynek Mlnarik
9f839f001f
KEYCLOAK-8218 Do not clear SAML REDIRECT query parameters
2018-09-04 11:16:06 +02:00
Hynek Mlnarik
5fe1905e4b
KEYCLOAK-6803 Prevent duplicating required actions in JPA user storage
2018-09-03 19:42:18 +02:00
mposolda
f0ba8f6591
KEYCLOAK-8139 Added wildfly-deprecated module for adapters testing. Remove wildfly9 and wildfly10
2018-09-03 08:56:09 +02:00
Johannes Knutsen
c0b5c12dee
KEYCLOAK-8147: Add support for Content-Security-Policy-Report-Only response headers
2018-08-31 10:38:56 +02:00
vramik
214a8e1fed
KEYCLOAK-8176 fix requiredActionsPriority test
2018-08-31 10:25:28 +02:00
vramik
f89637bd8f
KEYCLOAK-8178 fix AdminEventTest
2018-08-30 15:16:33 +02:00
Hynek Mlnarik
bee3894cdf
KEYCLOAK-8150 Improve loading user list
2018-08-30 13:03:49 +02:00
vramik
df76afb513
KEYCLOAK-8167 fix ExportImportTest on undertow
2018-08-29 15:18:24 +02:00
vramik
c266e90a77
KEYCLOAK-6746 ability to skip adapter test
2018-08-29 14:40:44 +02:00
mposolda
b70468341e
KEYCLOAK-7470 Ability to order client scopes
2018-08-29 14:37:27 +02:00
mhajas
21b71e83dd
KEYCLOAK-7161 Stabilize authz tests as they are running on undertow -> in Travis
2018-08-29 13:13:06 +02:00
mhajas
ccba07a5c0
KEYCLOAK-7213 Make example tests running on app-server-undertow
2018-08-29 13:13:06 +02:00
Pavel Drozd
d37eb5d10b
KEYCLOAK-8138 Fixed tests for product profile
2018-08-29 10:31:10 +02:00
mposolda
31270e2f52
KEYCLOAK-7437 Support for prompt=consent
2018-08-29 08:35:29 +02:00
Johannes Knutsen
56c97407d4
KEYCLOAK-8152: Allow passing the current locale to OAuth2 identity providers
2018-08-28 15:52:23 +02:00
mposolda
e4d05a7852
KEYCLOAK-8127 Added support for app-server-eap71. Make sure ConsoleProtectionTest is executed just for app-server-eap71
2018-08-27 12:52:53 +02:00
mposolda
6fc99cd749
KEYCLOAK-7594 Upgrade to Wildfly 13. Cross-DC: Upgrade to infinispan server 9.2.4 and JDG 7.2
...
Co-authored-by: Douglas Palmer <dpalmer@redhat.com>
Co-authored-by: stianst <stianst@gmail.com>
Co-authored-by: Hynek Mlnarik <hmlnarik@redhat.com>
2018-08-27 12:52:53 +02:00
vramik
01b0b6b345
KEYCLOAK-7975 fix updating execution with Oracle DB
2018-08-24 15:04:48 +02:00
vramik
9e072cb174
KEYCLOAK-8119 Migration tests doesn't reflect if authorization features is enabled or not
2018-08-24 14:38:36 +02:00
Pedro Igor
3c2339ba33
[KEYCLOAK-4902] - Only set effect if result exists and removing ignore from tests
2018-08-24 09:34:39 -03:00
mhajas
694966b613
KEYCLOAK-8120 Fix NullPointerException in ClaimInformationPointProviderTest
2018-08-24 09:00:35 +02:00
Martin Kanis
248654a75e
KEYCLOAK-6706 E-mail verification won't let user back into the app
2018-08-21 16:30:15 +02:00
Gregor Tudan
b606a25684
KEYCLOAK-7991: add pagination params to the RoleResource
2018-08-21 08:19:33 +02:00
rmartinc
1b88eaf817
KEYCLOAK-8080 Audit the realm event configuration change
2018-08-20 21:01:38 +02:00
Corentin Dupont
b80701589c
[KEYCLOAK-7804] - Option to return resource body
2018-08-20 13:07:29 -03:00
Martin Kanis
d04791243c
KEYCLOAK-7970-KEYCLOAK-7222 Add clientId to action tokens
2018-08-20 15:25:24 +02:00
Wolfgang Zenker
c5f861a522
Make cli usable on FreeBSD
2018-08-20 09:08:02 +02:00
Pedro Igor
625f613128
[KEYCLOAK-4902] - Using streams to process requested permissions and limit support for scope responses
2018-08-17 11:00:53 -03:00
stianst
e406e8f1f0
KEYCLOAK-8069 Simplify config for fixed hostname provider
2018-08-17 14:47:14 +02:00
Hynek Mlnarik
645a72482b
KEYCLOAK-8048 Fix testsuite compilation issue
2018-08-14 13:56:45 +02:00
Hiroyuki Wada
730377a843
KEYCLOAK-7528 Set Cache-Control and Pragma header in token endpoint
2018-08-14 11:41:12 +02:00
Stefan Guilhen
f36e45cb10
[KEYCLOAK-4902] - Using streams to process scopes and cache improvements
2018-08-14 06:29:10 -03:00
Steffen Kreutz
ed72097862
KEYCLOAK-5289 Add support for Google's hd parameter
2018-08-14 11:08:57 +02:00
Stefan Guilhen
0b95cdacb8
[KEYCLOAK-7885] Add user policy support to the policy API
2018-08-13 22:09:17 -03:00
vmuzikar
79774d2f07
KEYCLOAK-8035 Fix failing GitLab Social Login test
2018-08-13 08:46:06 -04:00
Sebastian Laskawiec
3449401ae2
KEYCLOAK-7635: Subject DN validation for x509ClientAuthenticator
2018-08-13 09:36:02 +02:00
sebastienblanc
02b2a8aab0
KEYCLOAK-7635 : Authenticate clients with x509 certificate
2018-08-13 09:36:02 +02:00
mposolda
575851d45c
KEYCLOAK-6038 Kerberos cross-realm trust test
2018-08-10 13:31:36 +02:00
Stefan Guilhen
060b3b8d0f
[KEYCLOAK-4902] - Using streams when fetching resources
2018-08-09 16:28:31 -03:00
Pedro Igor
905fd3ae00
[KEYCLOAK-8003] - Migration to 4.2.1 extracting RESOURCE_URIs fails with fine-grained admin permissions
2018-08-08 11:00:25 +02:00
Hynek Mlnarik
fb58214fcc
KEYCLOAK-7994 Move examples to test-apps
2018-08-08 08:55:38 +02:00
Pedro Igor
80e5227bcd
[KEYCLOAK-4902] - Refactoring and improvements to processing of authz requests
2018-08-07 10:53:40 -03:00
vmuzikar
65f51b7b83
KEYCLOAK-6736 Base UI tests for mobile and desktop browsers
2018-08-07 13:53:31 +02:00
mposolda
27719565ae
KEYCLOAK-4298 Migrate LDAP tests to the new testsuite
2018-08-06 12:08:19 +02:00
wyvie
b5d56e2f3b
[KEYCLOAK-7838] made tests ordered so they don't fail because of order
2018-08-03 20:52:54 +02:00
Hynek Mlnarik
f6a4ba98de
KEYCLOAK-7986 Fix realm definition
2018-08-02 15:32:42 +02:00
mposolda
959cd035ba
Set version to 4.3.0.Final-SNAPSHOT
2018-08-01 22:40:05 +02:00
ssilvert@win.redhat.com
e7e15652cf
KEYCLOAK-7479: Sanitize
2018-08-01 14:22:39 -04:00
mposolda
29da7d3d90
KEYCLOAK-7562 Fix ClientInitiatedAccountLinkTest#testErrorConditions
2018-08-01 13:33:23 +02:00
stianst
f99299ee39
KEYCLOAK-7967 Introduce Hostname SPI
2018-08-01 11:57:45 +02:00
Takashi Norimatsu
665bcaebbb
KEYCLOAK-7959 OAuth 2.0 Certificate Bound Access Tokens in Rev Proxy
2018-07-31 21:53:46 +02:00
Hiroyuki Wada
398f7d950f
KEYCLOAK-7910 Store credentials when updating user via Admin REST API
2018-07-31 15:36:21 +02:00
mhajas
9b0930a289
KEYCLOAK-7792 Add tests for fragment in redirect URL
2018-07-31 10:24:58 +02:00
Takashi Mogi
959e7b1b01
KEYCLOAK-7201 OIDC Identity Brokering with Client parameter forward
...
Forward "custom" (non-standard) query parameters to external IDP
2018-07-31 10:18:29 +02:00
ssilvert@win.redhat.com
40cc826586
Fix test side effect.
2018-07-30 13:15:02 -04:00
ssilvert@win.redhat.com
6c593bab5a
Check credential confirmation on server side.
2018-07-30 13:15:02 -04:00
vramik
ecd3fcc0af
KEYCLOAK-7924 Speed-up crossdc tests
...
Co-Authored-By: Hynek Mlnarik <hmlnarik@redhat.com>
2018-07-27 20:53:58 +02:00
vramik
38017d3cec
KEYCLOAK-4407 Ability to restart arquillian containers from test
...
Co-Authored-By: Hynek Mlnarik <hmlnarik@redhat.com>
KEYCLOAK-4407 Fix connection error if underlying container restarts (63b9da857a8174a0b5e65e70c47ef2e2842f4d4e)
2018-07-27 20:53:58 +02:00
Hynek Mlnarik
f43519a16e
KEYCLOAK-6708 Fix NPE when email not set for email NameIDFormat
2018-07-27 11:10:35 +02:00
fisache
771d7f1724
[KEYCLOAK-7872] Fix. Remove Identity Provider Mapper when remove identity provider
2018-07-26 08:45:26 +02:00
ssilvert@win.redhat.com
0844aa8d68
KEYCLOAK-7857: Fix notifications
2018-07-25 08:59:25 -04:00
vramik
9c1a411c6e
KEYCLOAK-7310 Add migration test from 3.4.x to 4.x
2018-07-25 13:48:02 +02:00
vramik
524ab44160
KEYCLOAK-6866 Error 404 after changing locale while authenticating using X.509
2018-07-24 17:24:32 +02:00
mhajas
a6e4f4f9aa
KEYCLOAK-7922 Use Time.currentTimeMillis() instead of System.currentTimeMillis() in PathCache
2018-07-24 08:52:48 -03:00
Daniil Filippov
af72c1374a
KEYCLOAK-7823 Fix HTTP status returned during SPNEGO auth
2018-07-24 10:38:42 +02:00
Hiroyuki Wada
7c0ca9aad2
KEYCLOAK-6313 Add required action's priority for customizing the execution order
2018-07-23 22:21:04 +02:00
Hynek Mlnarik
b43392bac8
KEYCLOAK-6577 KEYCLOAK-5609 Support dot in claim names by escaping with backslash
2018-07-23 14:46:25 +02:00
Peter Zaoral
c4b375c1fc
KEYCLOAK-7802 Fix broken HoKTest
...
Signed-off-by: Peter Zaoral <pzaoral@redhat.com>
2018-07-23 12:30:54 +02:00
Pedro Igor
acc5f5c6d1
[KEYCLOAK-7864] - Authorization claim not set in refresh token when issuing a new refresh token
2018-07-19 09:56:59 -03:00
Pedro Igor
8b6979ac18
[KEYCLOAK-7849] - Improvements to RPT upgrade
2018-07-18 16:40:55 -03:00
Martin Kanis
34407957b9
KEYCLOAK-6314 Internal server error after T&C rejection
2018-07-18 15:05:22 +02:00
vramik
54fcbf12b0
KEYCLOAK-7666 - adapter tests - eap6-fuse6 provider
2018-07-18 13:46:56 +02:00
vramik
8e20986335
KEYCLOAK-7876 Improve stability of fuse7 hawtio test
2018-07-18 10:51:32 +02:00
wyvie
8e221ea597
[KEYCLOAK-7835] BrokerLinkAndTokenExchangeTest turned off
...
Until TOKEN_ECHANGE is enabled (means currently turned off
for prod profile)
2018-07-16 10:27:56 +02:00
mhajas
432ea277a7
KEYCLOAK-7816 Assume preview profile in authz tests
2018-07-13 12:53:46 -03:00
Pedro Igor
90bfa2bff5
[KEYCLOAK-7781] - More validations to authorization requests
2018-07-13 09:18:05 -03:00
stianst
f022bc1269
[KEYCLOAK-5629] Add credential endpoints to account service
2018-07-12 13:00:25 -04:00
mhajas
5aebc74f8c
KEYCLOAK-7269 Setting more uris for Authorization Resource
2018-07-11 17:48:34 -03:00
vmuzikar
0432a566dd
KEYCLOAK-7805 Fix PayPal and Bitbucket Social Login tests
2018-07-11 10:19:24 +02:00
rmartinc
4a82979792
KEYCLOAK-1925: SAML adapter multitenant support
2018-07-10 13:21:11 +02:00
Sebastian Laskawiec
3918dbed59
KEYCLOAK-2886 Turn off clustered tests from IDE
2018-07-10 12:37:21 +02:00
mposolda
d0a824dde4
Updating version to 4.2.0.Final-SNAPSHOT
2018-07-05 07:42:48 -04:00
vmuzikar
64b391cc1b
KEYCLOAK-7761 Fix Instagram Social Login test
2018-07-04 09:00:54 +02:00
ssilvert@win.redhat.com
d55ccf5312
KEYCLOAK-7015: Not allowing two users to have empty string emails addrs.
2018-07-03 11:04:36 -04:00
Pedro Igor
871be4ad87
[KEYCLOAK-7764] - Error when processing resource-less permissions
2018-07-03 10:35:11 -03:00
Pedro Igor
6f3c59e086
[KEYCLOAK-7062] - Groups claim should be optional
2018-07-03 10:03:20 -03:00
vramik
742a280f5d
KEYCLOAK-5556 support for POST for AuthorizationEndpoint
2018-07-03 10:38:10 +02:00
vmuzikar
d99dca2db3
KEYCLOAK-7743 Fix broken X.509 tests
2018-07-02 12:42:50 +02:00
vmuzikar
3355399b4e
KEYCLOAK-7741 Fix broken test modules
2018-06-29 10:17:06 -03:00
Pedro Igor
dcadc61220
[KEYCLOAK-7670] - PEP not returning correct status code when authorization header is not set
2018-06-29 09:39:55 -03:00
stianst
3c5027de3c
KEYCLOAK-7701 Refactor key providers to support additional algorithms
2018-06-29 14:14:25 +02:00
vramik
c97e7e720e
KEYCLOAK-7550 - adapter tests - Fuse7.1 provider
2018-06-28 16:24:02 +02:00
Pedro Igor
f10c47955f
[KEYCLOAK-7427] - Fix to support writing to response when doing programmatic logouts
2018-06-28 11:08:28 -03:00
vramik
591093f867
KEYCLOAK-7730 - revert OSGiApplicationArchiveProcessor moved into fuse app servers
2018-06-28 10:22:25 -03:00
vramik
9039b44f4d
KEYCLOAK-7718 DemoFilterServletAdapterTest test not configured correctly
2018-06-28 09:33:52 -03:00
stianst
5f0c86a49f
KEYCLOAK-6663 Add test to check custom uri scheme in redirect URI
2018-06-28 11:14:05 +02:00
vramik
8ac7bda52c
KEYCLOAK-7589 - adapter tests - Fuse7.0 provider
2018-06-28 08:45:02 +02:00
stianst
0d9ccba566
Some work on deprecated testsuite migration
2018-06-27 08:16:14 +02:00
vramik
39cbf4e9ab
KEYCLOAK-7588 - adapter tests - Fuse6.3 provider
2018-06-26 16:47:01 +02:00
Takashi Norimatsu
2fb022e501
KEYCLOAK-7688 Offline Session Max for Offline Token
2018-06-26 08:25:06 +02:00
vramik
b478472b35
KEYCLOAK-7478 Add key query param to change locale url
2018-06-26 08:19:25 +02:00
vramik
8fdadcc596
KEYCLOAK-7475 adapter tests - add Wildfly10 and Wildfly9 providers
2018-06-25 14:31:11 +02:00
vramik
d9f79fae79
KEYCLOAK-7510 Add Support for server specific ArchiveProcessor
2018-06-22 11:38:57 +02:00
Hynek Mlnarik
530a710dce
KEYCLOAK-7412 Tests for Fuse 7.0
2018-06-22 08:59:44 +02:00
Hynek Mlnarik
6b968796ce
KEYCLOAK-7667 Fix namespace handling when decrypting assertion
2018-06-21 13:09:18 +02:00
Hiroyuki Wada
c2012a595b
KEYCLOAK-7650 Don't display disabled identity providers
2018-06-19 08:55:24 -04:00
vramik
2fcfa5cf71
KEYCLOAK-7094 Support redirect to external logout page for saml filter adapter
2018-06-19 13:23:18 +02:00
stianst
e1a0e581b9
Update to 4.1.0.Final-SNAPSHOT
2018-06-14 14:22:28 +02:00
vramik
ccb09fbf45
KEYCLOAK-7616 fix NPE for UserStorageConsentTest
2018-06-13 15:53:41 +02:00
vramik
5f1f3dff5e
KEYCLOAK-7094 Support redirect to external logout page for elytron adapter
2018-06-13 12:50:38 +02:00
Pedro Igor
dd93de75d9
[KEYCLOAK-7579] - Fixing test to use client scopes instead of old scope param required ( #5259 )
2018-06-12 15:44:03 -03:00
vramik
f19a324030
KEYCLOAK-7587 Some system properties are not included
2018-06-12 11:42:10 +02:00
vramik
9cf965a157
Ignore non-related failing ClientInitiatedAccountLinkTest#testErrorConditions
2018-06-11 13:46:59 +02:00
vramik
9e42be09d7
KEYCLOAK-7517 - adapter tests - EAP6 provider
2018-06-11 13:46:59 +02:00
vramik
a5c0cbc3b4
KEYCLOAK-7473 app-server-eap provider
2018-06-11 13:46:59 +02:00
vramik
bb5dc4c473
KEYCLOAK-6745 Adapter tests - remove abstract adapter test classes
2018-06-11 13:46:59 +02:00
vramik
132386f64d
KEYCLOAK-6541 app server wildfly provider
2018-06-11 13:46:59 +02:00
vramik
b0c89d739b
KEYCLOAK-6541 app server undertow support
2018-06-11 13:46:59 +02:00
vramik
6a07a7ed2c
KEYCLOAK-6541 base changes
2018-06-11 13:46:59 +02:00
Marek Posolda
49407c2e4f
KEYCLOAK-6630 Client scopes initial support ( #5076 )
...
* KEYCLOAK-6630 KEYCLOAK-349 Client Scopes
Co-authored-by: vramik <vramik@redhat.com>
* KEYCLOAK-6630 Change some clientTemplate occurences to clientScope
2018-06-08 15:38:38 +02:00
Pedro Igor
aa128d6c07
Merge pull request #5240 from pedroigor/KEYCLOAK-7353
...
[KEYCLOAK-7353] Support Policy Management in Protection API
2018-06-07 11:05:49 -03:00
Ola Bergefall
c8c76cc03f
KEYCLOAK-7316: Default back to false if isPassive is missing in request.
2018-06-07 08:50:32 +02:00
Federico M. Facca
5a9bfea419
[KEYCLOAK-7353] Support Policy Management in Protection API
...
See https://issues.jboss.org/browse/KEYCLOAK-7353
2018-06-06 19:36:42 -03:00
vramik
dffe70e40a
KEYCLOAK-7518 DeploymentArchiveProcessor assumes that every archive contains jboss-deployment-structure.xml file
2018-06-06 21:15:39 +02:00
Hynek Mlnarik
7ff18ca14b
KEYCLOAK-7331 Fix NPE when SAML Issuer not set in AuthnRequest
2018-06-06 16:21:18 +02:00
Hynek Mlnarik
5a241392cf
KEYCLOAK-7094 Support redirect to external logout page
2018-06-05 14:51:18 +02:00
Takashi Norimatsu
c586c63533
KEYCLOAK-6771 Holder of Key mechanism
...
OAuth 2.0 Mutual TLS Client Authentication and Certificate Bound Access
Tokens
2018-06-05 08:18:29 +02:00
Pedro Igor
f8919f8baa
Merge pull request #5211 from pedroigor/KEYCLOAK-7367
...
[KEYCLOAK-7367] - User-Managed Policy Provider
2018-06-04 09:35:13 -03:00
Pavel Drozd
6c3e6bc90c
KEYCLOAK-7476 - sshLoginTest - changed command result
2018-06-01 10:35:38 +02:00
Jared Blashka
65c39763eb
KEYCLOAK-7356 Code to Token flow fails if initial redirect_uri contains a session_state parameter
2018-05-31 08:53:11 +02:00
Martin Kanis
f429469fc8
KEYCLOAK-5270 Realm cookie path for IE<=11 users ( #5106 )
2018-05-31 08:44:34 +02:00
Takashi Norimatsu
eb97151476
KEYCLOAK-7451 OAuth Authorization Server Metadata for Proof Key for Code Exchange
2018-05-28 22:15:43 +02:00
Pedro Igor
2b6597e9f1
[KEYCLOAK-7367] - User-Managed Policy Provider
2018-05-25 16:18:15 -03:00
Stian Thorgersen
dbf5c395b0
Bump version to 4.0.0.Final ( #5224 )
2018-05-24 19:02:30 +02:00
Pedro Igor
08c22416a2
Merge pull request #5208 from ASzc/KEYCLOAK-7362
...
KEYCLOAK-7362 Disable mvn-golang-wrapper in the product build
2018-05-18 13:51:17 -03:00
Pedro Igor
21d139c6c2
Merge pull request #5173 from pedroigor/KEYCLOAK-7148
...
[KEYCLOAK-7148] - Associate sub resources to a parent resource
2018-05-17 16:51:55 -03:00
vramik
39b6bf62ba
KEYCLOAK-6991 fixed ExportImportTest not to affect other tests (PermissionsTest, RealmTest) on auth-server-undertow
2018-05-17 11:07:29 +02:00
Alex Szczuczko
6a19a8fb7e
KEYCLOAK-7362 Disable mvn-golang-wrapper in the product build
...
com.igormaznitsa:mvn-golang-wrapper is a new plugin used by the testsuite. It
depends on arbitrary internet resources, including github and
storage.googleapis.com. This isn't permissible in a product build, and so PNC
blocks it.
As a short-term solution, I've added a product profile the sets the skip
parameter to true for this plugin. Other approaches, like changing the phase of
the get goals, didn't work.
2018-05-16 16:53:39 -06:00
Bill Burke
e5a6dbd77a
Merge pull request #5192 from ttaylor249/master
...
Force the mvn-golang plugin to use the maven proxy
2018-05-16 09:47:01 -04:00
Pedro Igor
1634bef28a
Merge pull request #5194 from pedroigor/KEYCLOAK-7322
...
[KEYCLOAK-7322] - NPE when removing group from representation
2018-05-15 06:05:54 -03:00
pedroigor
88f21eae87
[KEYCLOAK-7322] - NPW when removing group from representation
2018-05-08 14:03:33 -03:00
Bill Burke
1258923a0d
Merge pull request #5188 from patriot1burke/keycloak-7304
...
KEYCLOAK-7304
2018-05-08 07:31:05 -04:00
mhajas
3ced81a2c2
KEYCLOAK-7315 Fix issues in JavascriptAdapter tests ( #5193 )
...
more in issue KEYCLOAK-7315
2018-05-07 14:47:56 -04:00
Tim Taylor
49a03a86fb
Force the mvn-golang plugin to use the maven proxy
2018-05-04 15:31:49 -04:00
Pedro Igor
e84acd9898
Merge pull request #5177 from pedroigor/KEYCLOAK-7206
...
[KEYCLOAK-7206] - Search by user id on admin console
2018-05-04 09:11:49 -03:00
Bill Burke
fdc6fc59b8
KEYCLOAK-7304
2018-05-03 12:14:30 -04:00
pedroigor
7ebcc69cb9
[KEYCLOAK-7148] - Associate sub resources to a parent resource
2018-05-02 13:04:11 -03:00
Stian Thorgersen
90e5c7f3eb
Bump version to 4.0.0.Beta3-SNAPSHOT ( #5185 )
2018-05-02 14:32:20 +02:00
Martin Kanis
9505925363
Revert "KEYCLOAK-5270 Realm cookie path for IE<=11 users ( #5106 )" ( #5183 )
...
This reverts commit a67da7bc59
.
2018-05-02 09:31:42 +02:00
mhajas
6e123bcea2
KEYCLOAK-6847 Fix OIDC adapter tests
2018-05-02 09:28:26 +02:00
pedroigor
ddceaaf3d5
[KEYCLOAK-7206] - Search by user id on admin console
2018-04-30 11:44:33 -03:00
vmuzikar
5ec50461ee
KEYCLOAK-7101 Fix DockerClientTest
2018-04-27 15:02:10 +02:00
Pedro Igor
e960642399
Merge pull request #5144 from pedroigor/KEYCLOAK-4903
...
[KEYCLOAK-4903] - Pushed Claims
2018-04-26 15:59:13 -03:00
pedroigor
035ebc881a
[KEYCLOAK-4903] - Claim Information point Provider SPI and configuration
2018-04-25 10:16:41 -03:00
vramik
8b5fd2b4ac
KEYCLOAK-7091 fuse7 testsuite
2018-04-25 14:35:56 +02:00
pedroigor
e813fcd9c8
[KEYCLOAK-4903] - Pushing claims when obtaining a permission ticket
2018-04-24 19:47:28 -03:00
mposolda
634e7170e3
KEYCLOAK-7158 RestartLoginCookie throws error when KC_RESTART cookie created by Keycloak 1.9
2018-04-23 21:56:13 +02:00
Stan Silvert
b6a0303a4c
KEYCLOAK-7196: Add kc_locale to keycloak.js ( #5165 )
...
* KEYCLOAK-7196: Add kc_locale to keycloak.js
* Update keycloak.d.ts
2018-04-23 11:45:32 -04:00
pedroigor
c3d297dd05
[KEYCLOAK-7162] - Expose WWW-Authenticate Header when using CORS
2018-04-23 08:46:54 +02:00
mhajas
a1e7351072
KEYCLOAK-6815 Use htmlunit as default browser for adapter tests
2018-04-19 15:01:14 +02:00
Martin Kanis
7efa45126c
KEYCLOAK-6991 NPE when importing realm from file
2018-04-19 14:26:50 +02:00
wyvie
4ddff9ee16
[KEYCLOAK-7017] fixed ActionTokenCrossDCTest failures
...
Test was failing because of change of login page design. Element which
contained title headers was moved from header title to another element.
Was not fixed upon initial commit (ca15db) because test's only turned on
by profile.
2018-04-17 16:14:10 +02:00
Vlastimil Eliáš
c1311e4619
KEYCLOAK-6849 - LinkedIn social login provider updated to new LinkedIn OAuth2 endpoint ( #5125 )
...
* KEYCLOAK-6849 - LinkedIn social login provider updated to new LinkedIn
OAuth2 endpoint
* KEYCLOAK-6849 - LinkedIn social login provider test updated
* KEYCLOAK-6849 - LinkedIn social login provider test updated to
conditionally handle consent page when shown only
* Simplify the LinkedIn app authorization
This reverts commit c12359e7a13d9ff231fe2e25cddba66ad679a9cd.
2018-04-13 08:09:27 +02:00
vramik
9a94004fc9
KEYCLOAK-7137 Polish testsuite a bit
2018-04-12 16:46:59 +02:00
mhajas
b78f0aa9db
KEYCLOAK-6806 Wait for query error to appear in query response mode test ( #5130 )
2018-04-10 09:58:23 +02:00
Hugo Guerrero
fac3118b0a
KEYCLOAK-6448 - implement instagram social broker ( #4963 )
...
* KEYCLOAK-6448 - implement instagram social broker
* Instagram SocialLogin Tests
2018-04-09 17:30:27 +02:00
Martin Kanis
a67da7bc59
KEYCLOAK-5270 Realm cookie path for IE<=11 users ( #5106 )
2018-04-06 09:26:29 +02:00
wyvie
943bd9e48e
[KEYCLOAK-6808] fix for the WildflyConsoleProtectionTest
...
Access Control is not an 'a' tag, but rather 'span'
Also two tests do not behave correctly with a same
Before annotated initialization, so reduce number
of tests to one, which calls the other one
2018-04-06 07:28:29 +02:00
Pedro Igor
e1f5245145
Merge pull request #5120 from pedroigor/KEYCLOAK-7029
...
[KEYCLOAK-7029] - Configuration of cache policies for cached resources/path
2018-04-05 09:33:23 -03:00
wyvie
b3513e3203
[KEYCLOAK-6872] fixed account link test
2018-04-05 10:53:00 +02:00
Bill Burke
ffd9d957f4
Merge pull request #5123 from patriot1burke/kcadm-token
...
KEYCLOAK-7044 KEYCLOAK-7046
2018-04-04 17:22:17 -04:00
Stefan Guilhen
87abe5e648
[KEYCLOAK-6853] Make TimePolicyProvider use the kc.date.time_date contextual attribute when evaluating policies
2018-04-04 14:37:03 -03:00
mhajas
b3b81d6a76
KEYCLOAK-6806 timeSkew tolerance in tests ( #5110 )
2018-04-04 11:19:18 +02:00
Bill Burke
8a5428808e
KEYCLOAK-7044 KEYCLOAK-7046
2018-04-03 21:29:31 -04:00
pedroigor
a939c45d58
[KEYCLOAK-7029] - Configuration of cache policies for cached resources/path
2018-04-03 16:44:27 -03:00
Bill Burke
0b2fe75828
Merge pull request #5115 from patriot1burke/kcinit-browser
...
KEYCLOAK-7004 KEYCLOAK-7003 KEYCLOAK-6999 KEYCLOAK-7033
2018-04-03 10:31:30 -04:00
pedroigor
5c52da80c6
[KEYCLOAK-7028] - Propagating AuthorizationContext when enforcement-mode is disable for a path
2018-04-02 11:10:43 -03:00
Bill Burke
04a72b9608
bump kcinit version tag
2018-03-31 22:34:37 -04:00
Bill Burke
4078e84fb6
server driven success page
2018-03-31 10:16:44 -04:00
Bill Burke
06f32a47ec
fake browser tests
2018-03-30 08:24:30 -04:00
Bill Burke
f4a5e49b63
initial
2018-03-29 17:14:36 -04:00
Pedro Igor
5cae1bb134
Merge pull request #5093 from pedroigor/KEYCLOAK-4102
...
[KEYCLOAK-4102] - Support lazy load paths
2018-03-29 09:16:34 -03:00
Bill Burke
8d3dc790df
Merge pull request #5087 from patriot1burke/kcinit
...
KEYCLOAK-6813
2018-03-28 17:35:33 -04:00
Bill Burke
f5bacb79c1
review changes
2018-03-28 16:45:52 -04:00
pedroigor
4a425c2674
[KEYCLOAK-4102] - Support lazy loading of paths via policy enforcer config
2018-03-28 09:23:59 -03:00
Bill Burke
c38b6d585e
KEYCLOAK-528 ( #5103 )
2018-03-28 11:15:37 +02:00
Bill Burke
ad5f3fefc5
Merge remote-tracking branch 'upstream/master' into kcinit
2018-03-27 16:38:35 -04:00
Pedro Igor
ffeb0420bf
Merge pull request #5079 from pedroigor/KEYCLOAK-6529
...
[KEYCLOAK-6529] - Resource Attributes
2018-03-27 09:30:38 -03:00
mhajas
a63bb44ba2
KEYCLOAK-3164 Migrate SAML ECP tests to integration-arquillian
2018-03-27 12:07:07 +02:00
stianst
07fea02146
Bump versions to 4.0.0.Beta2-SNAPSHOT
2018-03-26 18:17:38 +02:00
Pavel Drozd
92aba77cc1
Merge pull request #5094 from vmuzikar/fix-stackoverflow
...
KEYCLOAK-6510 Fix StackOverflow social login test
2018-03-26 08:22:32 +02:00
Bill Burke
67229912e6
use kcinit branch
2018-03-21 13:38:40 -04:00
Bill Burke
39f93dfa33
fix providers test
2018-03-21 10:01:40 -04:00
June Zhang
ca15db81bb
KEYCLOAK-6262 Incorporate new visual design from PatternFly ( #4983 )
...
* KEYCLOAK-6262 Incorporate new visual design from PatternFly
Update the username or email
Fix narrow/wide in template.ftl
minor style update
Add the Realm HTML name and image
Config OTP and Update Password
Not display the locale selector if there is less than 1 locale.
Fix margins/paddings on config otp screens
Fix title
Upgraded to PatternFly 3.41.6
Added RCUE and updated RH-SSO login theme
Refine the RCUE padding issue
Fix tests
Fix Keycloak background
Fix
* fix the overflowing issue
* Fix Console UI Tests to reflect the new login page
* Fix the different style of the IdP buttons
Fix the IE placeholder issue - add label
* Removed placeholder on login and reset pass. Fixed Keycloak background on wide screens.
* fixed the stackoverflow issues
fixed the width in the tablets
2018-03-21 10:47:33 +01:00
Bill Burke
f000cedcbb
Merge remote-tracking branch 'upstream/master' into kcinit
2018-03-20 16:49:43 -04:00
Bill Burke
681e3d751e
golang integration
2018-03-20 16:42:35 -04:00
Bill Burke
8926837a3e
tests
2018-03-19 16:47:13 -04:00
Stefan Guilhen
35b9fe043c
[KEYCLOAK-6543] Remove the authz examples from the Keycloak codebase.
2018-03-19 17:00:02 -03:00
Áron Bustya
82ba2b1b0d
remove changes from standard OIDC client registration, move constants
2018-03-19 19:31:22 +01:00
Áron Bustya
57f57f5c75
set request object mandatory for client, restrict delivery mode
...
handle new attribute in client representation
add to UI
2018-03-19 19:31:22 +01:00
pedroigor
08896ee9c9
[KEYCLOAK-6529] - Resource Attributes
2018-03-19 13:21:39 -03:00
Pedro Igor
917ba90f2c
Merge pull request #5077 from pedroigor/KEYCLOAK-6628
...
[KEYCLOAK-6628] - Expose methods to query roles, groups, and attributes of users in Evaluation API
2018-03-19 08:54:12 -03:00
Bill Burke
4bba11cd94
kcinit
2018-03-16 12:11:57 -04:00
mhajas
3826f6fae2
KEYCLOAK-3161 KEYCLOAK-3165 Migrate SAML tests from old testsuite to integration-arquillian
2018-03-15 18:15:44 +01:00
pedroigor
711bf244ed
[KEYCLOAK-6628] - Expose methods to query roles, groups, and attributes of users in Evaluation API
2018-03-15 14:02:15 -03:00
Douglas Palmer
fed1b62c5d
[KEYCLOAK-6301] Remove service account when it is disabled from the client
2018-03-14 15:09:42 +01:00
Takashi Norimatsu
e72756d01a
KEYCLOAK-6700 Financial API Read and Write API Security Profile : state hash value (s_hash) to protect state parameter
2018-03-13 16:40:34 +01:00
Pedro Igor
871ecf83fb
Merge pull request #5071 from vramik/KEYCLOAK-6644-stabilize-PhotozExampleAdapterTest
...
KEYCLOAK-6644 PhotozExampleAdapterTest is not stable
2018-03-13 09:03:57 -03:00
vmuzikar
daaa35bc37
KEYCLOAK-6831 Fix Microsoft Social Login test
2018-03-13 10:19:27 +01:00
vramik
9d10ccef70
KEYCLOAK-6644 PhotozExampleAdapterTest is not stable
2018-03-13 09:53:17 +01:00
Pedro Igor
2aa71d1737
Merge pull request #5051 from pedroigor/KEYCLOAK-6787
...
[KEYCLOAK-6787] - Wrong validation of resources with same name and different owners
2018-03-12 11:41:49 -03:00
Pedro Igor
b9b1102b74
Merge pull request #5004 from pedroigor/KEYCLOAK-6623
...
[KEYCLOAK-6623] - Policy enforcer gets confused with similar paths ending with wildcards
2018-03-12 09:59:05 -03:00
Pedro Igor
f824582aac
Merge pull request #5009 from pedroigor/KEYCLOAK-6116
...
[KEYCLOAK-6116] - Get email attribute from 'subject alternative name' using X509 certificate
2018-03-12 09:58:02 -03:00
pedroigor
199f289ee3
[KEYCLOAK-6623] - Adding test
2018-03-09 16:39:33 -03:00
Hynek Mlnarik
190771ddf1
KEYCLOAK-6783 Add authentication into cross-dc testing
2018-03-09 15:08:55 +01:00
pedroigor
62b70b561e
[KEYCLOAK-6116] - Removing references to phantomjs.cli.args
2018-03-09 10:56:35 -03:00
pedroigor
1f13427dee
[KEYCLOAK-6116] - Enabling tests for both jboss servers
2018-03-09 10:56:35 -03:00
pedroigor
6aee573e2e
[KEYCLOAK-6116] - Tests for X509 Subject Alternative Name Extension
2018-03-09 10:56:35 -03:00
vmuzikar
d66c33a8b9
KEYCLOAK-6793 Support custom Chrome binary in Arquillian testsuite
2018-03-07 10:38:12 +01:00
wyvie
c27ffbda8b
[KEYCLOAK-6643] server version now retreived from server info web page
2018-03-06 10:49:09 +01:00
vmuzikar
502fc62967
KEYCLOAK-6797 Fix Social Login test
2018-03-06 10:19:10 +01:00
Bill Burke
4b6b45cf43
KEYCLOAK-6026
2018-03-05 11:57:05 -05:00
Pedro Igor
1b06194455
Merge pull request #5050 from TeliaSoneraNorge/KEYCLOAK-6659
...
Add pairwise sub support to authorization services
2018-03-02 14:44:28 -03:00
Martin Hardselius
8549bd70b7
Add pairwise sub support to authorization services
...
Identity token verification will now fetch the user from the session
state instead of relying on the sub provided in the token. Also done in
KeycloakIdentity.
Resolves: KEYCLOAK-6659
2018-03-02 13:08:27 +01:00
vramik
569f26776e
KEYCLOAK-5060 KEYCLOAK-3157 migrated Adapter package from old testsuite
2018-03-02 10:56:26 +01:00
pedroigor
1e1de85685
[KEYCLOAK-6787] - Wrong validation of resources with same name and different owners
2018-03-01 16:50:05 -03:00
pedroigor
b0200d462d
[KEYCLOAK-6621] - Removing unnecessary code to process scopes from typed resources
2018-02-28 16:33:45 -03:00
vmuzikar
028e78f46b
KEYCLOAK-6772 Fix SessionsPreloadCrossDCTest
2018-02-28 20:14:50 +01:00
Hynek Mlnarik
9ca7b22cec
KEYCLOAK-6777 Fix AccountPageTest
2018-02-28 16:28:48 +01:00
Hynek Mlnarik
1b45ab2601
KEYCLOAK-6773 XML vulnerability test
2018-02-28 15:05:07 +01:00
Pedro Igor
91bdc4bde2
[KEYCLOAK-3169] - UMA 2.0 ( #4368 )
...
* [KEYCLOAK-3169] - UMA 2.0 Support
* [KEYCLOAK-3169] - Changes to account service and more tests
* [KEYCLOAK-3169] - Code cleanup and tests
* [KEYCLOAK-3169] - Changes to account service and tests
* [KEYCLOAK-3169] - Changes to account service and tests
* [KEYCLOAK-3169] - More tests
* [KEYCLOAK-3169] - Changes to adapter configuration
* [KEYCLOAK-3169] - Reviewing UMA specs and more tests
* [KEYCLOAK-3169] - Reviewing UMA specs and more tests
* [KEYCLOAK-3169] - Changes to UMA Grant Type and refactoring
* [KEYCLOAK-3169] - Refresh tokens for RPT responses and tests
* [KEYCLOAK-3169] - Changes to account my resources and policy enforcers
* [KEYCLOAK-3169] - Realm settings flag to enable/disable user-managed access in account mgmt console
* [KEYCLOAK-3169] - More changes to my resource pages in account mgmt console
* [KEYCLOAK-3169] - Need to enable user-managed on realm to run tests
* [KEYCLOAK-3169] - Removing more UMA 1.0 related code
* [KEYCLOAK-3169] - Only submit requests if ticket exists
* [KEYCLOAK-3169] - Returning UMA 401 response when not authenticated
* [KEYCLOAK-3169] - Removing unused code
* [KEYCLOAK-3169] - Removing unused code
* [KEYCLOAK-3169] - 403 response in case ticket is not created
* [KEYCLOAK-3169] - Fixing AbstractPhotozExampleAdapterTest#testClientRoleRepresentingUserConsent
* [KEYCLOAK-3169] - 403 status code only returned for non-bearer clients
2018-02-28 08:53:10 +01:00
mhajas
e52380915b
KEYCLOAK-4817 Fix instability
2018-02-27 14:35:52 +01:00
vmuzikar
08bf19d4aa
KEYCLOAK-6694 Revamp OpenShift Social Login test
2018-02-27 12:28:42 +01:00
Hynek Mlnarik
1f20c03afa
KEYCLOAK-6470 Refactor SAML adapter parsers
2018-02-27 09:37:29 +01:00
vmuzikar
d70e4740fc
KEYCLOAK-6693 Support external truststore in testsuite
2018-02-27 07:45:21 +01:00
Bill Burke
aa089980ce
Merge pull request #4942 from mstruk/KEYCLOAK-5807
...
KEYCLOAK-5807 Intermittent failures in UserStorageTest
2018-02-26 12:14:38 -05:00
mhajas
fe1c447d9a
KEYCLOAK-6546 Run filter test on WebLogic and WebSphere
2018-02-26 15:47:13 +01:00
Hynek Mlnarik
bde9210fa3
KEYCLOAK-6692 Fix LogoutTest on Oracle
2018-02-26 15:45:55 +01:00
mhajas
e2ad59a74d
KEYCLOAK-4816 KEYCLOAK-4817 Move javascript tests to base testsuite and ( #4964 )
...
* KEYCLOAK-4816 KEYCLOAK-4817 Move javascript tests to base testsuite and
use JavascriptExecutor
* Use PhantomJS 2.1.1 instead of 1.9.8 in Travis CI
2018-02-26 10:49:05 +01:00
Hynek Mlnarik
e7cdb8ad54
KEYCLOAK-6473 KEYCLOAK-6472 SAML parser refactor + protocol parsers
2018-02-23 08:16:14 +01:00
pedroigor
8112c5d3f2
[KEYCLOAK-6492] - Migrate authorization package from old testsuite
2018-02-22 09:05:40 +01:00
Erlend Hamnaberg
208ecbc3f7
KEYCLOAK-6676: Fix NPE if the redirect_uri parameter is missing
2018-02-21 19:44:22 +01:00
pedroigor
61d5425fdf
[KEYCLOAK-6321] - Tests
2018-02-21 19:41:44 +01:00
Bruno Oliveira
f351db608e
[KEYCLOAK-6334] Minor typo: "read only" should be "read-only"
2018-02-20 20:18:16 +01:00
mposolda
fc463ae50b
KEYCLOAK-6617 Offline token logout did not invalidate user session
2018-02-19 08:49:05 +01:00
cgol
86a8addf49
KEYCLOAK-6615 Remove offline session from database on offline token logout
...
remove offline token from database on offline session logout
2018-02-19 08:49:05 +01:00
stianst
9b63cd35f0
KEYCLOAK-6431
2018-02-13 19:38:46 +01:00
Bill Burke
5d5373454c
Merge pull request #4991 from patriot1burke/challenge-support
...
KEYCLOAK-6355
2018-02-13 09:38:45 -05:00
Bill Burke
d6788a0839
finish
2018-02-10 13:38:39 -05:00
mhajas
2b65adc15f
KEYCLOAK-6309 Fix tests
...
Add trustore to war even if ssl is not enabled because HttpClient is configured with truststore
2018-02-09 10:24:58 +01:00
Bruno Oliveira
b91998a0d8
[KEYCLOAK-6111] 'Override User-Initiated Action Lifespan' admin GUI can break realm configuration
2018-02-09 06:36:23 -02:00
stianst
505cf5b251
KEYCLOAK-6519 Theme resource provider
2018-02-09 08:28:59 +01:00
Hynek Mlnarik
c07b60d527
KEYCLOAK-6474 Fix NPE on SAML logout
2018-02-07 08:05:36 +01:00
Douglas Palmer
fc52ff65bd
[KEYCLOAK-6518] Added explicit guava dependency instead of relying on transitive dependency.
2018-02-06 10:52:48 +01:00
Hynek Mlnarik
b3766576d7
KEYCLOAK-6146 Simplify test via RealmCreator
2018-02-06 09:28:07 +01:00
vmuzikar
c8c86d2bad
KEYCLOAK-6510 Fix StackOverflow social login test
2018-02-05 17:16:33 +01:00
Marko Strukelj
62a9d4ea91
KEYCLOAK-5807 Under daily eviction policy user entries not returned from cache when they should
2018-02-02 19:27:23 +01:00
vmuzikar
340afb2a50
KEYCLOAK-6450 Stabilize WelcomePageTest
2018-02-02 13:08:52 +01:00
vmuzikar
46ebff2163
KEYCLOAK-6331 Fix and stabilize Console UI tests
2018-02-02 11:58:47 +01:00
Pavel Drozd
9382439a05
Merge pull request #4944 from mhajas/KEYCLOAK-4751
...
KEYCLOAK-4751 Fix tests on EAP6 and add test for EAP7
2018-02-02 11:13:07 +01:00
vramik
019c3c9ef9
KEYCLOAK-6146 realm import fails when password policy is specified
2018-02-02 08:30:06 +01:00
Thomas Darimont
77334af34e
KEYCLOAK-6222 Check syntax for errors on ScriptBasedOIDCProtocolMapper validation
...
We now explicitly check for syntax errors
during validation of ScriptBasedOIDCProtocolMappers.
2018-02-02 08:28:27 +01:00
Bill Burke
8f09efab9d
Merge pull request #4949 from patriot1burke/client-storage-spi
...
KEYCLOAK-6228
2018-02-01 08:59:02 -05:00
mhajas
c34db4cf01
KEYCLOAK-6309 Configure HTTPClient in keycloak-saml.xml
2018-02-01 09:59:08 +01:00
Bill Burke
126dd70efc
client stat improvement
2018-01-31 13:05:13 -05:00
Vlastimil Elias
a5f675d693
KEYCLOAK-4937 - convert time units in emails into human-friendly format
2018-01-30 06:38:57 +01:00
Bill Burke
4a044fe867
add ofline token test
2018-01-29 17:08:13 -05:00
Bill Burke
0fc7fa557d
fix caching
2018-01-29 16:26:51 -05:00
Bill Burke
79f9de9de4
Merge remote-tracking branch 'upstream/master' into client-storage-spi
2018-01-29 12:28:26 -05:00
Bill Burke
4bf23cc83a
caching
2018-01-29 12:28:17 -05:00
mhajas
2a2f255640
KEYCLOAK-4793 Fix authorization services maven scanner properties in base testsuite for product
2018-01-29 09:18:20 +01:00
Bill Burke
1d8e38f0c6
admin console
2018-01-27 13:05:02 -05:00
Bill Burke
dd4c0d448c
Merge remote-tracking branch 'upstream/master' into client-storage-spi
2018-01-27 09:47:41 -05:00
Bill Burke
6b84b9b4b6
done 1st iteration
2018-01-27 09:47:16 -05:00
mhajas
8ac7d1deca
KEYCLOAK-4751 Fix tests on EAP6 and add test for EAP7
2018-01-26 11:25:33 +01:00
Takashi Norimatsu
502627f590
KEYCLOAK-5811 Client Authentication by JWS Client Assertion in client secret
2018-01-26 10:59:40 +01:00
vmuzikar
806b554fb2
Social login test for GitHub with private email
2018-01-25 20:56:24 +01:00
vramik
b0fbe5c8ba
KEYCLOAK-6300 List of group members is not sorted alphabetically
2018-01-25 20:21:03 +01:00
Bill Burke
7c66f76858
Merge pull request #4932 from patriot1burke/per-client-flow
...
KEYCLOAK-6335
2018-01-25 09:55:11 -05:00
Douglas Palmer
42759be6ff
[KEYCLOAK-6143] Remove Hmac prefix from algorithms in the OTP manual config pages
2018-01-25 07:10:30 +01:00
Douglas Palmer
0f1644e612
[KEYCLOAK-6142] Updated OTP manual config pages to reflect HOTP
2018-01-25 07:09:24 +01:00
Bill Burke
4bfb62d7f4
marek suggested fixes
2018-01-24 09:32:38 -05:00
mposolda
6369c26671
KEYCLOAK-6286 Adding 'Exclude Session State From Authentication Response' switch to fix backwards compatibility with Keycloak 2.X adapters
2018-01-24 11:35:13 +01:00
Thomas Recloux
71e0b00600
KEYCLOAK-5857 Supports PBKDF2 hashes with different key size
...
The original use case is to support imported credentials with a different key size without
implementing a totally new PasswordHashProvider
2018-01-24 09:02:37 +01:00
Bill Burke
be65c14a6a
fix provider test
2018-01-23 13:03:45 -05:00
Bill Burke
7b2e72d395
Merge remote-tracking branch 'upstream/master' into per-client-flow
2018-01-23 12:10:11 -05:00
Bill Burke
a9297df89c
KEYCLOAK-6335
2018-01-23 12:09:49 -05:00
Hynek Mlnarik
4ba72e2d2d
KEYCLOAK-5976 Fix client setting in brokered IdP-initiated scenario
2018-01-23 09:34:11 +01:00
stianst
f762173eb0
KEYCLOAK-3370 Add option to override theme in client template and client
2018-01-18 09:14:13 +01:00
Thomas Darimont
bae4d4c673
KEYCLOAK-5791 Allow multi-valued ScriptBasedOIDCProtocolMapper
...
We now support multi-valued attribute values for the
`ScriptBasedOIDCProtocolMapper`.
Previously the `ScriptBasedOIDCProtocolMapper` only supported
single valued output. If a script returned a list of
output values then only the first value was emitted to the token.
By default multi-valued is set to `false` / `off`.
2018-01-11 08:52:24 +01:00
mhajas
a77be7eb7b
KEYCLOAK-5503 Remove redirecting to error page for AutodetectBearerOnly client
2018-01-09 16:34:18 +01:00
Hynek Mlnarik
b5fc6045fd
KEYCLOAK-6106 Put dotless ids first in identity broker state
2018-01-02 21:31:49 +01:00
stianst
d8c0cc447f
KEYCLOAK-6090 Add missing cors headers with invalid username/password and resource owner grant
2018-01-02 15:15:15 +01:00
stianst
0bedbb4dd3
Bump version to 4.0.0.CR1-SNAPSHOT
2017-12-21 15:06:00 +01:00
Marko Strukelj
23d0afbfd8
KEYCLOAK-6058 Partial import should ignore built-in clients
2017-12-21 13:52:58 +01:00
stianst
f0c5752ef9
KEYCLOAK-5443 Fix update user account when both email as username and edit username are enabled
2017-12-20 14:40:03 +01:00
Martin Kanis
351dbffaf2
KEYCLOAK-5172 Set oidc as default protocol to clients
2017-12-20 13:38:12 +01:00
Bruno Oliveira
811cd3a04a
KEYCLOAK-6011
2017-12-20 13:37:11 +01:00
stianst
e96c6a4bcb
KEYCLOAK-6068 Fix preflight request on admin endpoints
2017-12-20 10:19:34 +01:00
mposolda
5a66f577eb
KEYCLOAK-5982 Fix NPEs when client 'account' was renamed/removed
2017-12-18 21:47:17 +01:00
stianst
27b5e1aae2
KEYCLOAK-6050 Fix export doesn't export internal realm rep
2017-12-18 13:15:42 +01:00
stianst
b303acaaba
KEYCLOAK-2120 Added manual setup page for OTP
2017-12-18 11:20:20 +01:00
Bill Burke
b5ae7e836d
smaller times
2017-12-16 13:18:41 -05:00
Bill Burke
a27097e9ef
reset defaults
2017-12-16 11:28:15 -05:00
Bill Burke
003f27e9bd
fix more
2017-12-16 08:31:33 -05:00
Bill Burke
76cccc3f2b
fix more
2017-12-16 08:29:58 -05:00
Bill Burke
80be4c9dbc
fix more
2017-12-16 07:12:32 -05:00
Bill Burke
1eec2747ef
fix stupidity
2017-12-15 15:31:14 -05:00
Bill Burke
7cb39c2dfc
KEYCLOAK-5420
2017-12-15 12:16:24 -05:00
Pavel Drozd
1b14f9e73e
Merge pull request #4847 from vramik/KEYCLOAK-4793
...
KEYCLOAK-4793 moved profile a lever lower due to migration test
2017-12-15 14:52:04 +01:00
stianst
a8943fb323
KEYCLOAK-6043 Use same urls for get and posts in account
2017-12-15 08:31:04 +01:00
Bruno Oliveira
1a541889f4
[KEYCLOAK-6015] replyTo can be empty string in DB
2017-12-15 07:01:15 +01:00
stianst
b672229efc
KEYCLOAK-6032 Fix error page when internationalization is enabled
2017-12-15 06:32:00 +01:00
vramik
abea430802
KEYCLOAK-4793
2017-12-14 11:30:28 +01:00
Hynek Mlnarik
2a2e6c839b
KEYCLOAK-5635
2017-12-13 21:07:46 +01:00
stianst
f939818252
KEYCLOAK-5907 Use client manager to delete clients in client registration services
2017-12-12 14:25:05 +01:00
mposolda
b8416dfa3e
KEYCLOAK-5981 Test Impersonation works when authenticationSession exists
2017-12-12 09:43:34 +01:00
mposolda
63efee6e15
KEYCLOAK-5938 Authentication sessions: Support for logins of multiple tabs of same client
2017-12-12 08:01:02 +01:00
Pavel Drozd
047fdb55a2
Merge pull request #4803 from mhajas/KEYCLOAK-5896
...
KEYCLOAK-5896 Run localization test only in community
2017-12-12 00:09:02 +01:00
Pavel Drozd
be36f5358c
Merge pull request #4802 from mhajas/KEYCLOAK-5986
...
KEYCLOAK-5986 Fix token javacsript tests
2017-12-12 00:07:16 +01:00
stianst
dac6c6bd7e
KEYCLOAK-6000 Fix output in execute actions email
2017-12-11 14:24:37 +01:00
Bill Burke
c9b218db71
Merge pull request #4823 from patriot1burke/master
...
KEYCLOAK-5724
2017-12-08 20:03:05 -05:00
Bill Burke
7c031505e2
add test
2017-12-08 17:38:00 -05:00
Hynek Mlnarik
00fb36437d
KEYCLOAK-5861 Remove AUTH_SESSION_ID when END_AFTER_REQUIRED_ACTIONS set
2017-12-08 09:52:14 +01:00
Hynek Mlnarik
4a012b73ea
KEYCLOAK-4998 Fix NPE in AttributeToRoleMapper
2017-12-08 09:21:21 +01:00
Pavel Drozd
e567dcb888
Merge pull request #4809 from vramik/KEYCLOAK-4641
...
KEYCLOAK-4641 migrate remaining Adapter tests from old testsuite
2017-12-07 11:06:47 +01:00
stianst
c055ffb083
KEYCLOAK-4215 Consider session expiration when setting token timeouts
2017-12-07 10:45:02 +01:00
stianst
cccddebfd0
KEYCLOAK-5984 Fix error message in client initiated
2017-12-06 19:46:11 +01:00
vramik
5a8ff72cb6
KEYCLOAK-4641 migrate remaining Adapter tests from old testsuite
2017-12-06 15:12:37 +01:00
mposolda
8a0fa521c4
KEYCLOAK-5915 Support for sticky sessions managed by loadbalancer. Support for KeyAffinityService
2017-12-06 13:06:54 +01:00
mhajas
09348b2aff
KEYCLOAK-5896 Run localization test only in community
2017-12-06 10:09:46 +01:00
mhajas
896e216f99
KEYCLOAK-5986 Fix token javacsript tests
2017-12-06 10:08:32 +01:00
mposolda
6c34b4c418
KEYCLOAK-5914 Periodic clean of detached client sessions
2017-12-05 08:25:30 +01:00
stianst
c3d9f4704e
KEYCLOAK-5946 Make sure wildcard origin is never returned
2017-12-04 19:55:34 +01:00
stianst
4541acc628
KEYCLOAK-5176 Strip headers from PEM when uploading to client
2017-12-04 19:54:15 +01:00
mposolda
ff6fcd30d9
KEYCLOAK-4478 OIDC auth response lacks session_state in some cases
2017-12-04 16:13:22 +01:00
stianst
37de8e9f69
Bump version to 3.4.2.Final-SNAPSHOT
2017-12-01 09:34:48 +01:00
mposolda
7b03eed9c8
KEYCLOAK-5797 Refactoring authenticationSessions to support login in multiple browser tabs with different clients
2017-11-30 12:56:45 +01:00
Peter Nalyvayko
b8e5fd2b99
KC-4335: working on adding a reverse proxy support to allow X.509 client certificate authentication when running keycloak behind a reverse proxy
...
KC-4335: reverse proxy => a swtich to change a type of reverse proxy when running the X509 integration tests; changes to the names of the reverse proxy providers
KC-4335: updated the migration scripts to add x509 spi to standalone and domain configurations; removed the HAproxy and apache x509 spi configuration
2017-11-30 11:00:32 +01:00
pedroigor
674fb31a2c
[KEYCLOAK-5660] - Rest API User count returns wrong value
2017-11-30 10:45:54 +01:00
Bruno Oliveira
6a528a3ee6
[KEYCLOAK-2645] Reset password page says 'You need to change your password to activate your account.'
2017-11-30 10:37:21 +01:00
stianst
2be78a0239
KEYCLOAK-5924 Add error handler for uncaught errors
2017-11-30 10:33:13 +01:00
Pavel Drozd
4408cdb5c7
Merge pull request #4756 from tkyjovsk/KEYCLOAK-5922
...
KEYCLOAK-5922 Cluster tests don't work with non-undertow server
2017-11-30 09:24:39 +01:00
Bruno Oliveira
af66c5dbd2
[KEYCLOAK-5483] X.509 Auth - log in attempt is not sometimes logged in the Login Events
2017-11-29 20:08:22 +01:00
Tomas Kyjovsky
4240295af9
KEYCLOAK-5922 Cluster tests don't work with non-undertow server
2017-11-28 17:35:13 +01:00
Bill Burke
0a8995efc7
Merge pull request #4747 from mstruk/KEYCLOAK-5741
...
KEYCLOAK-5741 [Admin CLI] Fix instructions in build-in help
2017-11-28 08:57:29 -05:00
Bill Burke
c398f6619f
Merge pull request #4748 from mstruk/KEYCLOAK-5762
...
KEYCLOAK-5762 [Client Registration CLI] Fix instructions in built-in help
2017-11-28 08:57:15 -05:00
Stian Thorgersen
cf485c3fc9
KEYCLOAK-5308 Fix updating protocol mappers on Oracle
2017-11-27 19:46:12 +01:00
Stian Thorgersen
5666bfe88b
KEYCLOAK-4962 Fix updating mappers for identity providers on Oracle
2017-11-27 19:46:12 +01:00
Marko Strukelj
c35c6e6ab7
KEYCLOAK-5762 [Client Registration CLI] Fix instructions in built-in help
2017-11-27 17:00:48 +01:00
Marko Strukelj
0e2332196d
KEYCLOAK-5741 [Admin CLI] Fix instructions in build-in help
2017-11-27 16:12:00 +01:00
Pavel Drozd
a8bcdfb401
Merge pull request #4735 from vmuzikar/fix-ui
...
KEYCLOAK-5816, KEYCLOAK-5815 UI tests fixes
2017-11-27 15:12:35 +01:00
Bruno Oliveira
9d35891e7d
[KEYCLOAK-5467] X.509 Auth - missing internationalization support
2017-11-27 13:44:38 +01:00
Bruno Oliveira
00677a6b92
[KEYCLOAK-5898] X.509 Auth - add tests for CRL with direct grant
2017-11-27 13:43:37 +01:00
Bruno Oliveira
697caaa805
[KEYCLOAK-4683] Add key usage tests for X.509 Authentication
...
These tests cover the scenarios already available at our certificates:
* Key Usage with the flag critical
* Extended Key Usage without the flag critical
2017-11-27 13:42:57 +01:00
Marek Posolda
dd6502013e
Merge pull request #4734 from rmartinc/ui_locales
...
KEYCLOAK-5896: Parameter "ui_locales" not redirected to login page in java adapters
2017-11-24 10:59:26 +01:00
rmartinc
ecbf6e5386
KEYCLOAK-5896: adding a test for the ui_locales change.
2017-11-24 08:21:37 +01:00
pedroigor
2721e6a5e4
[KEYCLOAK-5770] - Logout event test
2017-11-23 21:08:07 +01:00
mposolda
6d91ab674b
KEYCLOAK-5895 CrossDC: NotSerializableException when opening sessions tab in admin console
2017-11-23 20:03:12 +01:00
vmuzikar
6f4ab8870e
KEYCLOAK-5816, KEYCLOAK-5815 UI tests fixes
2017-11-23 13:51:38 +01:00
Pavel Drozd
94ba85c210
Merge pull request #4720 from vramik/KEYCLOAK-5872
...
KEYCLOAK-5872 add preview assumption to InvalidationCrossDCTest.authz…
2017-11-23 07:42:31 +01:00
Bill Burke
2117db5e6d
Merge pull request #4730 from patriot1burke/master
...
KEYCLOAK-4715
2017-11-22 12:45:23 -05:00
Bill Burke
116bfb05c2
fix
2017-11-22 11:55:10 -05:00
Bill Burke
aee6d16f58
fix more stupidity
2017-11-22 10:22:47 -05:00
Bill Burke
ae29e36e1f
fix my stupidity
2017-11-22 08:19:30 -05:00
mposolda
bd1072d2eb
KEYCLOAK-5747 Ensure refreshToken doesn't need to send request to the other DC. Other fixes and polishing
2017-11-22 11:55:12 +01:00
Bill Burke
75d517a1e8
cleanup test
2017-11-21 21:49:51 -05:00
Bill Burke
8993ca08ad
KEYCLOAK-4715
2017-11-21 17:46:48 -05:00
vmuzikar
7fd237b40b
KEYCLOAK-5879 Fix SocialLoginTest with -Pauth-server-wildfly
2017-11-21 11:12:21 +01:00
Bill Burke
06762ba13d
KEYCLOAK-5878
2017-11-20 17:03:28 -05:00
vramik
37b625fd99
KEYCLOAK-5872 add preview assumption to InvalidationCrossDCTest.authzResourceInvalidationTest
2017-11-20 11:30:44 +01:00
Bruno Oliveira
641069d4fd
[KEYCLOAK-5866] MigrationTest fails for extracting realm keys
2017-11-16 19:44:09 +01:00
Bruno Oliveira
07aa718cb9
[KEYCLOAK-5379] MigrationTest fails for migration to 3.3.0
2017-11-16 07:22:57 +01:00
Pedro Igor
f96c3312e2
[KEYCLOAK-5841] - Test
2017-11-16 07:03:08 +01:00
Hynek Mlnařík
393fae74b3
Merge pull request #4693 from hmlnarik/KEYCLOAK-5349-JS-client-breaks-login-session
...
KEYCLOAK-5349 User session count in IdP-initiated flow tests
2017-11-15 12:35:19 +01:00
Hynek Mlnarik
a2f6c16764
KEYCLOAK-5349 User session count in IdP-initiated flow tests
2017-11-15 11:41:45 +01:00
Pedro Igor
63a01b1e1f
Merge pull request #4689 from pedroigor/KEYCLOAK-5844
...
[KEYCLOAK-5844] - Refreshing PAT instead of obtaining a new one every time
2017-11-14 18:25:24 -02:00
Pedro Igor
fdb618219f
[KEYCLOAK-5844] - Refreshing PAT instead of obtaining a new one every time
2017-11-14 11:24:45 -02:00
Stian Thorgersen
89f4b87038
KEYCLOAK-5567 Set correct status code on login error pages
2017-11-14 12:33:29 +01:00
Bruno Oliveira
03d0488335
[KEYCLOAK-2052] Allows independently set timeouts for e-mail verification link and rest e.g. forgot password link
...
Co-authored-by: Hynek Mlnarik <hmlnarik@redhat.com>
2017-11-13 19:57:04 -02:00
Stian Thorgersen
925d5e1dea
KEYCLOAK-3173 enable logout offline refresh token using OIDC logout endpoint
2017-11-13 18:23:39 +01:00
Stian Thorgersen
d30bf938ee
KEYCLOAK-5821 Fix basic auth tests with embedded Undertow
2017-11-13 16:34:25 +01:00
Pavel Drozd
af97a84108
Merge pull request #4635 from vmuzikar/fix-x509
...
KEYCLOAK-5720 Fix X.509 tests
2017-11-13 11:56:16 +01:00
Stian Thorgersen
4295f4ec31
KEYCLOAK-1886 Added cors headers to errors in token endpoint
2017-11-10 12:01:21 +01:00
mposolda
b033ce0669
KEYCLOAK-5371 SessionExpirationCrossDCTest - improve stability. Remove checks for counts of sent messages
2017-11-09 22:18:47 +01:00
mposolda
a98f085be6
KEYCLOAK-5618 Fix SessionsPreloadCrossDCTest. Update HOW-TO-RUN docs. Ensure it's executed in travis.
2017-11-09 17:39:04 +01:00
Stian Thorgersen
128ff12f8f
Bump versions
2017-11-09 15:37:21 +01:00
Marko Strukelj
dae0fafc8a
KEYCLOAK-5040 ProfileAssume needs to use server info endpoint
2017-11-09 14:19:06 +01:00
Bruno Oliveira
26e253f4a5
[KEYCLOAK-5284]
2017-11-09 13:45:06 +01:00
Marko Strukelj
2854a2006e
KEYCLOAK-5810 ClientTokenExchangeTest failures with -Pproduct profile
2017-11-09 13:44:10 +01:00
vmuzikar
2c2a332f80
KEYCLOAK-5332 Fix GitLab social test
2017-11-09 07:19:01 +01:00
vmuzikar
b21d5bbf04
KEYCLOAK-5805 Fix tests in the 'other' module
2017-11-09 07:01:27 +01:00
mposolda
62a1c187a2
KEYCLOAK-5716 KEYCLOAK-5738 Avoid infinispan deadlock. Ensure code-to-token works correctly in cross-dc
2017-11-07 09:01:59 +01:00
Hynek Mlnarik
fe2f65daac
KEYCLOAK-5581 Fix SAML identity broker context serialization
2017-11-03 21:09:18 +01:00
vmuzikar
ef8adc15f4
KEYCLOAK-5720 Fix X.509 tests
2017-11-03 17:09:46 +01:00
Pedro Igor
3716fa44ac
[KEYCLOAK-5728] - Permission Claims support
2017-10-27 12:40:30 -02:00
Hynek Mlnařík
248da4687a
Merge pull request #4610 from hmlnarik/KEYCLOAK-5745-Extract-client-sessions-from-user-sessions
...
KEYCLOAK-5745 Separate user and client sessions in infinispan
2017-10-26 13:09:06 +02:00
Hynek Mlnarik
75c354fd94
KEYCLOAK-5745 Separate user and client sessions in infinispan
2017-10-26 10:39:41 +02:00
Bill Burke
903a4dd849
Merge pull request #4612 from patriot1burke/master
...
KEYCLOAK-5273
2017-10-25 13:54:32 -04:00
Bill Burke
de6eab6d5d
fix
2017-10-25 13:00:58 -04:00
Bill Burke
8c1a3253fb
KEYCLOAK-5273
2017-10-25 10:31:11 -04:00
Bruno Oliveira da Silva
375e01a074
KEYCLOAK-5278 ( #4606 )
2017-10-25 15:27:24 +02:00
Bill Burke
50ccb5e5f6
Merge pull request #4591 from abstractj/KEYCLOAK-5717
...
KEYCLOAK-5717
2017-10-24 17:38:28 -04:00
Pedro Igor
1840cc54e4
Merge pull request #4601 from pedroigor/KEYCLOAK-5726
...
[KEYCLOAK-5726] - Support define enforcement mode for scopes on the adapter config
2017-10-24 12:51:52 -02:00
Pedro Igor
80e9b08bb6
[KEYCLOAK-5726] - Tests for scopes-enforcement-mode ALL and ANY
2017-10-24 11:37:41 -02:00
Bruno Oliveira
4d762159ef
KEYCLOAK-5717
2017-10-24 10:55:02 -02:00
Hynek Mlnařík
8e0cc2a5ea
Merge pull request #4605 from mposolda/master
...
KEYCLOAK-5710 Change cache-server to use backups based caches
2017-10-24 14:40:01 +02:00
Pedro Igor
a6e1413d58
[KEYCLOAK-5726] - Support define enforcement mode for scopes on the adapter configuration
2017-10-24 10:39:54 -02:00
Pavel Drozd
a4ec32ba66
Merge pull request #4602 from vramik/KEYCLOAK-5244
...
KEYCLOAK-5244 fix PasswordPolicyTest.testBlacklistPasswordPolicyWithT…
2017-10-24 14:17:35 +02:00
mposolda
9a19e95b60
KEYCLOAK-5710 Change cache-server to use backups based caches
2017-10-24 11:52:08 +02:00
Stan Silvert
9083e5fe5c
KEYCLOAK-5298: Enable autoescaping in Freemarker ( #4561 )
...
* KEYCLOAK-5298: Enable autoescaping in Freemarker
* Fix several of the failing tests.
* Fix broken tests in integration-deprecated
* Fix last failing test.
2017-10-23 12:03:00 -04:00
Stian Thorgersen
9b75b603e3
KEYCLOAK-5234 ( #4585 )
2017-10-23 16:13:22 +02:00
vramik
a3a1761eb7
KEYCLOAK-5244 fix PasswordPolicyTest.testBlacklistPasswordPolicyWithTestBlacklist on Wildfly
2017-10-23 12:11:36 +02:00
Bill Burke
73ba06b26b
Merge pull request #4590 from patriot1burke/master
...
KEYCLOAK-5698
2017-10-20 14:58:07 -04:00
Bill Burke
92245e3fc8
fixes
2017-10-20 09:55:37 -04:00
Hynek Mlnarik
3248557897
KEYCLOAK-5707 Have travis run cross-dc tests when appropriate
2017-10-19 13:29:26 +02:00
Stian Thorgersen
d9ffc4fa21
KEYCLOAK-5225 ( #4577 )
...
KEYCLOAK-5225 fix test
Fix
2017-10-19 08:23:16 +02:00
Stian Thorgersen
fea4c54adc
KEYCLOAK-5280 ( #4576 )
2017-10-19 08:02:23 +02:00
Pedro Igor
cedc095a9c
[KEYCLOAK-4550] - Test invalid configuration for user policy
2017-10-18 18:42:55 -02:00
Thomas Darimont
3103e0fd0a
KEYCLOAK-5244 Add BlacklistPasswordPolicyProvider ( #4370 )
...
* KEYCLOAK-5244 Add BlacklistPasswordPolicyProvider
This introduces a new PasswordPolicy which can refer to
a named predefined password-blacklist to avoid users
choosing too easy to guess passwords.
The BlacklistPasswordPolicyProvider supports built-in as
well as custom blacklists.
built-in blacklists use the form `default/filename`
and custom ones `custom/filename`, where filename
is the name of the found blacklist-filename.
I'd propose to use some of the freely available password blacklists
from the [SecLists](https://github.com/danielmiessler/SecLists/tree/master/Passwords ) project.
For testing purposes one can download the password blacklist
```
wget -O 10_million_password_list_top_1000000.txt https://github.com/danielmiessler/SecLists/blob/master/Passwords/10_million_password_list_top_1000000.txt?raw=true
```
to /data/keycloak/blacklists/
Custom password policies can be configured with the SPI
configuration mechanism via jboss-cli:
```
/subsystem=keycloak-server/spi=password-policy:add()
/subsystem=keycloak-server/spi=password-policy/provider=passwordBlacklist:add(enabled=true)
/subsystem=keycloak-server/spi=password-policy/provider=passwordBlacklist:write-attribute(name=properties.blacklistsFolderUri, value=file:///data/keycloak/blacklists/)
```
Password blacklist is stored in a TreeSet.
* KEYCLOAK-5244 Encode PasswordBlacklist as a BloomFilter
We now use a dynamically sized BloomFilter with a
false positive probability of 1% as a backing store
for PasswordBlacklists.
BloomFilter implementation is provided by google-guava
which is available in wildfly.
Password blacklist files are now resolved against
the ${jboss.server.data.dir}/password-blacklists.
This can be overridden via system property, or SPI config.
See JavaDoc of BlacklistPasswordPolicyProviderFactory for details.
Revised implementation to be more extensible, e.g. it could be
possible to use other stores like databases etc.
Moved FileSystem specific methods to FileBasesPasswordBlacklistPolicy.
The PasswordBlacklistProvider uses the guava version 20.0
shipped with wildfly. Unfortunately the arquillian testsuite
transitively depends on guava 23.0 via the selenium-3.5.1
dependency. Hence we need to use version 23.0 for tests but 20.0
for the policy provider to avoid NoClassDefFoundErrors in the
server-dist.
Configure password blacklist folder for tests
* KEYCLOAK-5244 Configure jboss.server.data.dir for test servers
* KEYCLOAK-5244 Translate blacklisted message in base/login
2017-10-17 20:41:44 +02:00
Hynek Mlnařík
fe76b2428b
Merge pull request #4563 from hmlnarik/KEYCLOAK-5656-Transport-factory-should-not-limit-to-a-single-DC-3
...
KEYCLOAK-5656 Use standard infinispan remote-store
2017-10-17 09:39:01 +02:00
Pavel Drozd
9c16a58d52
Merge pull request #4554 from vramik/KEYCLOAK-5672
...
KEYCLOAK-5672 rewrite server-config-migration module to use offline mode
2017-10-17 07:42:29 +02:00
vramik
cb2bd0fe1a
KEYCLOAK-5672 rewrite server-config-migration module to use offline mode
2017-10-16 22:51:59 +02:00
Hynek Mlnarik
056ba75a72
KEYCLOAK-5656 Use standard infinispan remote-store
2017-10-16 21:49:42 +02:00
Bill Burke
31dccc9a5e
Merge pull request #4509 from TeliaSoneraNorge/KEYCLOAK-5032
...
KEYCLOAK-5032 Forward request parameters to another IdP
2017-10-13 18:47:05 -04:00
Bill Burke
c66ce3a209
Merge pull request #4559 from micedre/KEYCLOAK-4052bis
...
KEYCLOAK-4052 - add an option to validate Password Policy for ldap user storage
2017-10-13 18:44:57 -04:00
Bill Burke
46d3ed7832
Merge remote-tracking branch 'upstream/master'
2017-10-13 17:00:57 -04:00
Bill Burke
d9af93850c
KEYCLOAK-5683, KEYCLOAK-5684, KEYCLOAK-5682, KEYCLOAK-5612, KEYCLOAK-5611
2017-10-13 16:51:56 -04:00
Cédric Couralet
656fc5d7c0
KEYCLOAK-4052 - add an option to validate Password Policy for ldap user storage
2017-10-13 13:54:50 +02:00