Commit graph

2518 commits

Author SHA1 Message Date
Bill Burke
7f08717dfb Merge pull request #3105 from patriot1burke/master
component model
2016-08-02 09:28:55 -04:00
Bill Burke
e3aec098a2 Merge pull request #3064 from cainj13/oneSamlAttributeStatement
SamlProtocol should only drop attributes into a single attributeStatement
2016-08-02 07:14:08 -04:00
Bill Burke
17e75950fe more fixes 2016-08-02 06:56:22 -04:00
Bill Burke
1c75b03e59 props 2016-08-02 06:50:13 -04:00
Bill Burke
1d695237b7 fix 2016-08-02 05:49:50 +02:00
Bill Burke
09693eb108 component model 2016-08-02 05:48:57 +02:00
Pedro Igor
ae1a7542d8 [KEYCLOAK-3385] - Improvements to evaluation tool UI and result 2016-08-01 18:01:24 -03:00
Bill Burke
a8a77add39 fix 2016-08-01 12:07:02 -04:00
Bill Burke
5facec73e4 Merge remote-tracking branch 'upstream/master' 2016-08-01 11:19:09 -04:00
Bill Burke
91a267a0d8 component model 2016-08-01 11:18:58 -04:00
Marek Posolda
0d99b797b6 Merge pull request #3068 from mstruk/KEYCLOAK-2981-m
KEYCLOAK-2981 Upload-certificate admin endpoint does not nullify private keys
2016-08-01 11:20:55 +02:00
Marek Posolda
159b752fb0 Merge pull request #3085 from pedroigor/master
[KEYCLOAK-3376] - Show authorization data when evaluating authorization requests
2016-08-01 09:09:55 +02:00
Dmitry Telegin
fea277a7f5 KEYCLOAK-3369: Fire RealmPostCreateEvent 2016-08-01 01:00:50 +03:00
Pedro Igor
bd5b434894 [KEYCLOAK-3376] - Show authorization data when evaluating authorization requests 2016-07-29 22:09:17 -03:00
Pedro Igor
3c8ed8e3d8 [KEYCLOAK-3372] - Code cleanup 2016-07-29 05:18:38 -03:00
Pedro Igor
8cfa50f134 [KEYCLOAK-3338] More testing and improvements when importing role policies 2016-07-28 12:31:46 -03:00
Bill Burke
5d9fe09599 Merge pull request #3070 from mstruk/KEYCLOAK-2571
KEYCLOAK-2571 RESET_PASSWORD_ERROR and UPDATE_PASSWORD_ERROR events not fired
2016-07-28 07:23:32 -04:00
Bill Burke
2219cd363e Merge pull request #3079 from patriot1burke/master
KEYCLOAK-3268
2016-07-28 07:22:45 -04:00
Pedro Igor
7e1b97888a [KEYCLOAK-3338] - Adding client roles to role policy and UX improvements 2016-07-27 15:15:14 -03:00
Bill Burke
46b4bb0909 KEYCLOAK-3268 2016-07-27 09:28:48 -04:00
Marko Strukelj
59e0570cdf KEYCLOAK-2571 RESET_PASSWORD_ERROR and UPDATE_PASSWORD_ERROR events not fired 2016-07-26 21:32:57 +02:00
Marko Strukelj
94f583e935 KEYCLOAK-2981 Upload-certificate admin endpoint does not nullify private keys 2016-07-25 11:13:21 +02:00
Bill Burke
3973aed57d Merge pull request #2989 from thomasdarimont/issue/KEYCLOAK-3234-allow-restricting-mapper-for-userinfo
KEYCLOAK-3234 Allow restricting claim mapper for userinfo endpoint
2016-07-22 17:54:00 -04:00
Josh Cain
535a0763fc put imports back, new IDE snuck a * in there. 2016-07-22 14:57:07 -05:00
Josh Cain
283581f920 SamlProtocol should only drop attributes into a single attributeStatement element 2016-07-22 14:49:48 -05:00
mposolda
01830fd7f3 KEYCLOAK-3319 More OIDC tests. Minor refactoring 2016-07-22 18:16:58 +02:00
mposolda
9169bcd88d KEYCLOAK-3354 request and request_uri not supported 2016-07-22 13:44:45 +02:00
mposolda
56e011dce4 KEYCLOAK-3318 Adapter support for prompt and max_age. Refactoring to not hardcode OIDC specifics to CookieAuthenticator 2016-07-21 18:19:53 +02:00
Pedro Igor
484d5d6e08 [KEYCLOAK-3313] - UI improvements and messages 2016-07-20 22:11:24 -03:00
mposolda
f4ddfe4a52 KEYCLOAK-3318 Support for prompt=login. More tests for prompt parameter 2016-07-20 21:27:38 +02:00
Bill Burke
6f92bac782 Merge pull request #3000 from tonswieb/master
KEYCLOAK-3265 Support writing a NameIDType AttributeValue
2016-07-20 11:23:18 -04:00
Stian Thorgersen
1b517a461e Merge pull request #3041 from stianst/KEYCLOAK-3302
KEYCLOAK-3302 Allow logout with expired refresh token
2016-07-19 08:03:52 +02:00
Marek Posolda
a6bdf81e6d Merge pull request #3040 from mposolda/master
KEYCLOAK-3220 Added test for missing response_type
2016-07-15 22:19:52 +02:00
Stian Thorgersen
e708c53730 KEYCLOAK-3302 Allow logout with expired refresh token 2016-07-15 12:56:31 +02:00
Stian Thorgersen
1ce17c459d Merge pull request #3039 from stianst/KEYCLOAK-3192
KEYCLOAK-3192 Ignore disabled required action
2016-07-15 10:38:49 +02:00
mposolda
fda0a79e27 KEYCLOAK-3237 Add scopes_supported to OIDC WellKnown endpoint 2016-07-15 09:47:09 +02:00
Stian Thorgersen
970c89dd6a KEYCLOAK-3192 Ignore disabled required action 2016-07-15 09:01:44 +02:00
mposolda
13a21e5fda KEYCLOAK-3220 Improve error handling on adapters 2016-07-14 23:56:46 +02:00
mposolda
dcc4ea3aea KEYCLOAK-3237 Change OIDC adapters to use scope=openid as required per specs 2016-07-14 23:56:46 +02:00
Pedro Igor
aacf2e9390 [KEYCLOAK-3137] - Review i18n for AuthZ Services 2016-07-14 13:54:37 -03:00
mposolda
ee3ac3fdaf KEYCLOAK-3223 Basic support for acr claim 2016-07-14 12:36:12 +02:00
Stian Thorgersen
4f1d83b9dc Merge pull request #3030 from stianst/KEYCLOAK-2824-2
KEYCLOAK-2824 Password Policy SPI
2016-07-14 10:12:25 +02:00
Stian Thorgersen
ea44b5888b KEYCLOAK-2824 Password Policy SPI 2016-07-14 07:20:30 +02:00
mposolda
abde62f369 KEYCLOAK-3220 redirect to client with error if possible 2016-07-13 20:57:43 +02:00
mposolda
38f89b93ff KEYCLOAK-3281 OIDC 'state' parameter is url-encoded twice when responseMode=form_post 2016-07-13 18:07:57 +02:00
mposolda
d5199501c7 KEYCLOAK-3219 Added claims info to OIDCWellKnownProvider. More tests 2016-07-13 10:17:45 +02:00
Stian Thorgersen
5b0980172d KEYCLOAK-3267 Fix identity broker login with brute force enabled 2016-07-12 15:21:00 +02:00
Stian Thorgersen
f97d0846ed Merge pull request #3010 from wadahiro/KEYCLOAK-3278
KEYCLOAK-3278 Add support for any encoding property file in theme
2016-07-12 10:34:34 +02:00
Stian Thorgersen
19e5ddeba5 Merge pull request #3015 from martin-kanis/master
KEYCLOAK-3096 Remove leading/trailing spaces from username/email
2016-07-12 10:03:55 +02:00
mposolda
039bb103c2 KEYCLOAK-3295 Kerberos authenticator changed during userFederationProvider update just if it was DISABLED 2016-07-11 15:52:49 +02:00
Martin Kanis
c67d834d39 KEYCLOAK-3096 Remove leading/trailing spaces from login 2016-07-09 18:35:51 +02:00
mposolda
629390dd4a KEYCLOAK-2986 Require either expiration or issuedAt for client authentication with signed JWT 2016-07-08 16:16:38 +02:00
mposolda
3bfd999590 KEYCLOAK-3222 extend WellKnown to return supported types of client authentications. More tests 2016-07-08 15:39:13 +02:00
Pedro Igor
80a67149af Merge pull request #3002 from pedroigor/KEYCLOAK-3249
[KEYCLOAK-3249] - AuthorizationContext.hasScopePermission() gives NPE
2016-07-08 09:16:51 -03:00
mposolda
c10a005997 KEYCLOAK-3290 UserInfoEndpoint error responses don't have correct statuses 2016-07-08 12:15:07 +02:00
mposolda
4dd28c0adf KEYCLOAK-3221 Tokens should be invalidated if an attempt to reuse code is made 2016-07-08 11:04:08 +02:00
Bill Burke
bdc57d57c1 Merge pull request #3008 from patriot1burke/master
new User Fed SPI initial iteration
2016-07-07 14:56:38 -04:00
Hiroyuki Wada
930b0d9ad7 KEYCLOAK-3278 Add support for any encoding property file in theme 2016-07-08 02:58:48 +09:00
mposolda
a7c9e71490 KEYCLOAK-3218 Support for max_age OIDC authRequest parameter and support for auth_time in IDToken 2016-07-07 17:04:32 +02:00
Bill Burke
0040d3fc3b Merge remote-tracking branch 'upstream/master' 2016-07-07 10:35:45 -04:00
Bill Burke
7e5a5f79cf fixes for new user fed spi 2016-07-07 10:35:35 -04:00
Marek Posolda
7a161cc8bb Merge pull request #3005 from mposolda/KEYCLOAK-3217
KEYCLOAK-3217 UserInfo endpoint wasn't accessible by POST request sec…
2016-07-07 13:49:43 +02:00
Marek Posolda
c5e8a010dc Merge pull request #3004 from mposolda/KEYCLOAK-3147
KEYCLOAK-3147 Don't allow authRequest without redirect_uri parameter
2016-07-07 13:49:34 +02:00
mposolda
56e09bf189 KEYCLOAK-3147 Don't allow authRequest without redirect_uri parameter 2016-07-07 12:46:36 +02:00
mposolda
7aafbcd5d9 KEYCLOAK-3217 UserInfo endpoint wasn't accessible by POST request secured with Bearer header 2016-07-07 12:28:25 +02:00
Pedro Igor
5ef65e837c [KEYCLOAK-3249] - AuthorizationContext.hasScopePermission() gives NPE 2016-07-06 09:39:56 -03:00
Stan Silvert
a231c1b31b RHSSO-296: Required Action "Configure Totp" should be "Configure OTP" 2016-07-05 15:07:52 -04:00
Ton Swieb
fed7339558 KEYCLOAK-3265 Support writing a NameIDType AttributeValue 2016-07-05 14:54:38 +02:00
Stian Thorgersen
7cfee80e58 KEYCLOAK-3189 KEYCLOAK-3190 Add kid and typ to JWT header 2016-07-05 08:26:26 +02:00
Stian Thorgersen
435cdb6180 Merge pull request #2994 from wadahiro/KEYCLOAK-3259
KEYCLOAK-3259 Specify UTF-8 encoding for freemarker template files
2016-07-04 19:25:03 +02:00
Hiroyuki Wada
00cb0a798a KEYCLOAK-3259 Specify UTF-8 encoding for freemarker template files 2016-07-04 19:46:00 +09:00
Stan Silvert
d90a708ceb RHSSO-274: "Undefined" as auth flow execution 2016-07-01 10:25:14 -04:00
Stian Thorgersen
fa312fb3db Merge pull request #2979 from cainj13/localeNpeFix
make locale retrieval null-safe
2016-07-01 12:33:36 +02:00
Thomas Darimont
ce7e7ef1d7 KEYCLOAK-3234 Allow restricting claim mapper for userinfo endpoint
Client mappers can now be configured to be limited to the
userinfo endpoint. This allows to keep access-tokens lean
while providing extended user information on demand via the
userinfo endpoint.
2016-07-01 11:35:19 +02:00
Bill Burke
3f1eecc4be Merge remote-tracking branch 'upstream/master' 2016-06-30 16:47:55 -04:00
Bill Burke
3ba3be877e fixes 2016-06-30 16:47:49 -04:00
Pedro Igor
01f3dddd91 Adding a column to list policies associated with a permission. 2016-06-30 10:26:05 -03:00
Pedro Igor
afa9471c7c [KEYCLOAK-3128] - Admin Client Authorization Endpoints 2016-06-30 10:26:05 -03:00
Bill Burke
a9f6948d74 Merge remote-tracking branch 'upstream/master' 2016-06-29 15:37:32 -04:00
Bill Burke
f51098c50b user fed refactor 2016-06-29 15:37:22 -04:00
Pedro Igor
8b0bf503c3 [KEYCLOAK-3172] - Migrating older versions with authorization services. 2016-06-29 12:07:49 -03:00
Josh Cain
ec402f759b make locale retrieval null-safe 2016-06-28 13:25:48 -05:00
Stian Thorgersen
2e2f34d94e Merge pull request #2957 from pedroigor/authz-changes
Changes to authz examples and some minor improvements
2016-06-23 07:49:47 +02:00
Pedro Igor
074a312fe5 Renaming authorization attributes. 2016-06-22 17:20:50 -03:00
Pedro Igor
f48288865b [KEYCLOAK-3156] - Missing CORS when responding with denies 2016-06-22 14:39:07 -03:00
Pedro Igor
905421a292 [KEYCLOAK-3152] - Keycloak Authorization JS Adapter 2016-06-22 14:28:02 -03:00
mposolda
f7a2ad021e KEYCLOAK-3141 Fix DB2 and some other DB issues 2016-06-22 17:06:55 +02:00
mposolda
5c731b4d14 KEYCLOAK-3149 DB update triggered before DBLock is retrieved 2016-06-21 17:14:25 +02:00
Pedro Igor
8402cedd82 Merge pull request #2946 from pedroigor/KEYCLOAK-3130
[KEYCLOAK-3130] - Permission checks to authorization admin endpoints
2016-06-21 10:50:29 -03:00
Erik Mulder
f4ead484de KEYCLOAK-2474 Possibility to add custom SPI and extend the data model 2016-06-20 10:56:33 +02:00
Pedro Igor
dd279dd0fd [KEYCLOAK-3130] - Permission checks to authorization admin endpoints 2016-06-17 15:27:42 -03:00
Stian Thorgersen
3c0f7e2ee2 Merge pull request #2617 from pedroigor/KEYCLOAK-2753
[KEYCLOAK-2753] - Fine-grained Authorization Services
2016-06-17 13:40:15 +02:00
Pedro Igor
086c29112a [KEYCLOAK-2753] - Fine-grained Authorization Services 2016-06-17 02:07:34 -03:00
Stian Thorgersen
e538394e60 KEYCLOAK-3091 Change brute force to use userId 2016-06-13 15:30:13 +02:00
mposolda
1510ac5eb4 KEYCLOAK-3105 Can't access single realm with the admin user from master realm 2016-06-13 12:09:11 +02:00
Stian Thorgersen
1c694b4795 Merge pull request #2921 from thomasdarimont/issue/KEYCLOAK-3054-fix-npe-on-unknown-protocol-adjustment
KEYCLOAK-3054: Use string format for log message
2016-06-08 07:08:05 +02:00
Stian Thorgersen
819c42dad2 Merge pull request #2918 from chameleon82/issue/KEYCLOAK-3089-email-subject-internationalization
KEYCLOAK-3089 Change email subject encoding to utf-8/base64
2016-06-08 07:07:37 +02:00
Некрасов Александр Сергеевич
7bdccc21b2 KEYCLOAK-3089 Change email subject encoding to utf-8 2016-06-08 09:10:39 +06:00
Thomas Darimont
a9f461bfd1 KEYCLOAK-3054: Use string format for log message
Need to use log.debugf(..) to correctly resolve the %s placeholder.
2016-06-07 21:56:04 +02:00
Thomas Darimont
67a63a806e KEYCLOAK-3054: Fix potential NPE in RealmsResource
Prior to PR .well-known Endpoint threw NPE with if unknown
Protocol was provided.
2016-06-07 08:29:23 +02:00
Некрасов Александр Сергеевич
5474496867 KEYCLOAK-3089 Change email subject encoding to utf-8/base64 2016-06-07 09:11:46 +06:00
Bill Burke
4c9a0b45d4 Merge pull request #2229 from thomasdarimont/issue/KEYCLOAK-2489-script-based-authenticator-definitions
KEYCLOAK-2489 - Add support for Script-based AuthenticationExecution definitions.
2016-06-05 11:12:05 -04:00
Bill Burke
b3f3449e39 Merge pull request #2810 from thomasdarimont/issue/KEYCLOAK-2974-handle-ModelException-in-UsersResource
KEYCLOAK-2974: Handle ModelException in UsersResource
2016-06-05 11:06:32 -04:00
Thomas Darimont
a2d1c8313d KEYCLOAK-3081: Add client mapper to map user roles to token
Introduced two new client protocol mappers to propagate assigned user client / realm roles to a JWT ID/Access Token.
Each protocol mapper supports to use a prefix string that is prepended to each role name.

 The client role protocol mapper can specify from which client the roles should be considered.
 Composite Roles are resolved recursively.

Background:
Some OpenID Connect integrations like mod_auth_openidc don't support analyzing deeply nested or encoded structures.
In those scenarios it is helpful to be able to define custom client protocol mappers that allow to propagate a users's roles as a flat structure
(e.g. comma separated list) as a top-level  (ID/Access) Token attribute that can easily be matched with a regex.

In order to differentiate between client specific roles and realm roles it is possible to configure
both separately to be able to use the same role names with different contexts rendered as separate token attributes.
2016-06-03 15:52:58 +02:00
Stian Thorgersen
8fab2f0718 KEYCLOAK-3066
Uploaded Realm Certificate is not validated
2016-06-01 15:12:21 +02:00
Stian Thorgersen
2343e517c9 Merge pull request #2891 from pedroigor/KEYCLOAK-2894
[KEYCLOAK-2894] - Fixing saml signature validation
2016-05-26 16:57:13 +02:00
Pedro Igor
60f954a497 [KEYCLOAK-2894] - Fixing saml signature validation 2016-05-26 10:48:30 -03:00
mposolda
882dbc3f25 KEYCLOAK-3006 Fix admin event inconsistencies related to roles (points 1,3,4,15,16 from JIRA) 2016-05-25 23:18:01 +02:00
mposolda
022be3aee5 KEYCLOAK-3006 Fix admin event inconsistencies (points 2,5-14 from JIRA) 2016-05-25 23:17:47 +02:00
Thomas Darimont
5f73c338d8 KEYCLOAK-2947: Include group representation for GroupMembership changes in AdminEvents
We now include the full group representation in AdminEvents
for Group Membership changes.
This enables EventListener to propagate potential role / attribute
chnages based on the removal / addition of the group.
2016-05-25 23:17:35 +02:00
mposolda
f58936025f KEYCLOAK-3003 Support for admin events in AuthenticationManagementResource 2016-05-25 23:17:24 +02:00
Stian Thorgersen
fa3a2aafec KEYCLOAK-3034 NullPointerException when log in via Twitter 2016-05-25 08:10:55 +02:00
Stian Thorgersen
477c0872b0 KEYCLOAK-3020
Increase default password hashing intervals to 20K
2016-05-23 11:20:31 +02:00
Stian Thorgersen
d43b230b93 KEYCLOAK-2880 Refactor PermissionTest to not require Java8 2016-05-09 07:25:03 +02:00
mposolda
bea2678e85 KEYCLOAK-2862 AuthenticationManagementResource tests 2016-05-06 20:19:58 +02:00
Thomas Darimont
146a26e714 KEYCLOAK-2974: Handle ModelException in UsersResource
We now handle ModelExceptions thrown while creating and updating
a new User by rolling back the transaction and presenting
an error message with a HTTP 409 (conflict) code.
Previously only ModelDuplicateExceptions were handled and
ModelExceptions, e.g. due to a failed database operation
lead to a HTTP 500 server error.
2016-05-06 20:17:22 +02:00
Stian Thorgersen
0ca117b8e9 KEYCLOAK-2865 Extend coverage of client admin endpoints 2016-05-06 08:08:52 +02:00
Stian Thorgersen
1cc4cc30a6 KEYCLOAK-2549 Re-create master admin client if master realm is overwritten on import 2016-05-05 07:19:32 +02:00
Stian Thorgersen
2355db57da KEYCLOAK-2880 Permissions tests for admin endpoints 2016-05-04 08:25:05 +02:00
Thomas Darimont
c8d47926b8 KEYCLOAK-2489 - Add support for Script-based AuthenticationExecution definitions.
This is a POC for script based authenticator support.
Introduced a ScriptBasedAuthenticator that is bootstraped via a
ScriptBasedAuthenticatorFactory can be execute a configured script
against a provided execution context.
Added an alias property to the AuthFlowExecutionRepresentation in order
to be able to differentiate multiple instances of an Authenticator
within the same AuthFlow.

For convenience editing the AngularJS bindings for the ACE editor were
added for fancy script editing - this needs to be cut down a bit wrt to
themes and supported scripts - e.g. we probably don't expect users to write
authenticator scripts in Cobol...
Removed currently not needed ACE sytax highlighting and themes.

Scripting is now available to all keycloak components that have access to the KeycloakSession.
Introduced new Scripting SPI for configurable scripting providers.
2016-04-27 14:37:13 +02:00
Thomas Darimont
27ef919d07 KEYCLOAK-2924: Fire AdminEvents on user group membership changes.
We now fire AdminEvents if a user joins or leaves a group.
This information can be used to deduce potential role changes
in custom event listeners.
2016-04-27 11:17:23 +02:00
mposolda
c7335fa242 KEYCLOAK-2903 Fix WelcomeResource to not allow requests forwarded from proxy/loadbalancer 2016-04-26 12:03:43 +02:00
Marek Posolda
5f16f0ede8 Merge pull request #2732 from mposolda/master
KEYCLOAK-2900
2016-04-25 15:00:09 +02:00
mposolda
fa8b272e76 KEYCLOAK-2900 2016-04-25 13:20:29 +02:00
Bruno Oliveira
1cc4ca2e71 RHSSO-130: AccessTokenTest migration 2016-04-22 16:30:57 -03:00
mposolda
e0aedfb93d KEYCLOAK-2878 UserFederation mapper testing 2016-04-22 14:03:42 +02:00
mposolda
f6a718f10a KEYCLOAK-2878 Testing of UserFederation admin REST endpoints 2016-04-21 23:11:14 +02:00
Stian Thorgersen
756cc0dca0 KEYCLOAK-2866 KEYCLOAK-2874 Test role mapping resource 2016-04-21 14:21:27 +02:00
Stian Thorgersen
4f5b71d81a KEYCLOAK-2872 Test RoleByIdResource 2016-04-21 07:09:25 +02:00
Stian Thorgersen
b6257e66b3 Merge pull request #2679 from pedroigor/KEYCLOAK-2835
[KEYCLOAK-2835] - Adding SOAP binding to the list of supported SingleSignOnService.
2016-04-20 20:13:49 +02:00
mposolda
a341889d2c KEYCLOAK-2842 Not possible to add new execution under registration flow 2016-04-20 18:39:11 +02:00
Pedro Igor
81e4f4b351 [KEYCLOAK-2835] - Adding SOAP binding to the list of supported SingleSignOnService. 2016-04-20 08:48:59 -03:00
mposolda
afc8179cf8 KEYCLOAK-2846 export/import of clientTemplate scopes 2016-04-20 13:30:01 +02:00
mposolda
919a3791ea KEYCLOAK-2844 Unexpected error when trying to remove clientTemplate in use 2016-04-20 13:25:13 +02:00
Stian Thorgersen
04d76b0052 KEYCLOAK-2491 Fix permissions in admin console to match permissions in admin endpoints 2016-04-20 09:57:57 +02:00
Stian Thorgersen
f71273a1f9 KEYCLOAK-2832
Authentication failure logs at ERROR level
2016-04-20 07:32:07 +02:00
Stian Thorgersen
5606160e70 KEYCLOAK-2828 Refactor contribution and add tests 2016-04-19 13:09:00 +02:00
Thomas Raehalme
cd1094c3ad KEYCLOAK-2828: LoginStatusIframeEndpoint now sets the P3P header.
IE requires a P3P header to be present in <iframe /> response. Otherwise
cookies are forbidden. The value of the header does not seem to matter.
2016-04-19 10:24:28 +02:00
Bill Burke
600f429abb KEYCLOAK-2740 2016-04-15 16:49:06 -04:00
Stian Thorgersen
6a428c8ee7 KEYCLOAK-2810 Added robots.txt and robots meta header 2016-04-13 11:22:57 +02:00
Bill Burke
515ed226be Merge remote-tracking branch 'upstream/master' 2016-04-12 15:19:58 -04:00
Bill Burke
cca91dd175 public/private 2016-04-12 15:19:46 -04:00
Stian Thorgersen
1c2eafeb80 KEYCLOAK-2807 Fix server info providers page 2016-04-12 15:38:52 +02:00
Stian Thorgersen
538e49117f KEYCLOAK-2799 Show error for identity brokering login if user is disabled 2016-04-12 13:14:42 +02:00
Stian Thorgersen
fcf7b28b8f Merge pull request #2583 from stianst/KEYCLOAK-2803
KEYCLOAK-2803 Fix failure to add execution to client flow
2016-04-12 13:05:05 +02:00
Stian Thorgersen
350a9cd997 KEYCLOAK-2803 Fix failure to add execution to client flow 2016-04-12 08:04:15 +02:00
Stian Thorgersen
bd2238dbb8 KEYCLOAK-2770 Close mail transport after sending message 2016-04-12 07:06:52 +02:00
mposolda
e4f75409c9 KEYCLOAK-2802 NPE during identity broker cancelled from account mgmt 2016-04-11 23:31:24 +02:00
mposolda
98ad9b7e7c KEYCLOAK-2801 Redirected to login theme error page after failed social linking from account management 2016-04-11 23:30:18 +02:00
mposolda
3e9ba71baa KEYCLOAK-2769 Better error handling of expired code in IdentityBrokerService 2016-04-11 18:20:26 +02:00
mposolda
ee9c87877f KEYCLOAK-2769 Fix NPE during 'Identity Broker cancelled' and instead show keycloak 'we are sorry' page 2016-04-08 19:07:06 +02:00
mposolda
90fc721315 KEYCLOAK-2614 Refactor database lock to use 'SELECT FOR UPDATE' pessimistic locking 2016-04-08 12:20:54 +02:00
Stian Thorgersen
8ea057a122 KEYCLOAK-2683 Remove QRCodeResource and embed QR code in image 2016-04-08 09:00:57 +02:00
Stian Thorgersen
c1a8e692d0 Merge pull request #2538 from stianst/KEYCLOAK-2751
KEYCLOAK-2751
2016-04-07 16:27:11 +02:00
Stian Thorgersen
b6d861fea6 KEYCLOAK-2751
Separate HTTP status codes for REST API errors
2016-04-07 15:39:12 +02:00
Guus der Kinderen
be578684b9
KEYCLOAK-2767: Should return a primitive if possible.
A JSON primitive is valid JSON. There is no need to construct a JSON object
just for the sake of being JSON complient. This keeps things nice and simple.
2016-04-07 13:19:29 +02:00
Stian Thorgersen
2694e003c4 KEYCLOAK-2759 Fix error message when renaming realm to name that exists 2016-04-07 06:00:31 +02:00
Stian Thorgersen
8de8446cb5 Merge pull request #2520 from stianst/KEYCLOAK-2756
KEYCLOAK-2756
2016-04-06 19:25:53 +02:00
Stian Thorgersen
6ccf3549ad KEYCLOAK-2756
Renaming a realm breaks down the Clients
2016-04-06 15:18:49 +02:00
mposolda
72371e5d76 KEYCLOAK-1982 Some builtin objects might be missing when import JSON exported from old versions 2016-04-06 11:43:58 +02:00
Stian Thorgersen
0c829cd605 KEYCLOAK-2262 Refactor realm resource provider, remove admin resource provider and added example 2016-04-06 10:24:30 +02:00
Pedro Igor
e876a3c988 [KEYCLOAK-2262] - New SPIs to extend both Realm and Admin RESTful APIs 2016-04-06 09:43:24 +02:00
Stian Thorgersen
a4335c3eb8 Merge pull request #2502 from velias/KEYCLOAK-2670-master
KEYCLOAK-2670 for master - client app is able to push additional HTTP GET
2016-04-05 11:20:06 +02:00
Stian Thorgersen
3e9ae7aa82 Merge pull request #2498 from stianst/KEYCLOAK-2722
KEYCLOAK-2722 Check user session in token introspection endpoint
2016-04-05 11:18:32 +02:00
Vlastimil Elias
21a2a47172 KEYCLOAK-2670 - client app is able to push additional HTTP GET
parameters in initial OpenID auth request for use in Auth flows
2016-04-05 10:41:28 +02:00
Stian Thorgersen
55c5e9a381 KEYCLOAK-2722 Check user session in token introspection endpoint 2016-04-05 09:31:39 +02:00
Stian Thorgersen
48551d362a KEYCLOAK-2704
User count missing in REST admin endpoint
2016-04-05 07:48:20 +02:00
Stian Thorgersen
ff73e1a36a KEYCLOAK-2651
No CSRF protection or general security headers on welcome page
2016-04-04 09:07:21 +02:00
mposolda
a4d9aaf916 KEYCLOAK-2613 Add version to RealmRepresentation in JSON exports 2016-04-01 16:04:58 +02:00
mposolda
f83b67cdf5 KEYCLOAK-2413 Very slow export/import of realms with large users count 2016-04-01 16:04:48 +02:00
Bill Burke
d1552cd6e8 resolve conflict 2016-03-30 18:23:40 -04:00
Bill Burke
545fb8b849 KEYCLOAK-2716 2016-03-30 18:15:11 -04:00
Bill Burke
e4fcaad243 Merge pull request #2450 from patriot1burke/master
KEYCLOAK-2691
2016-03-30 15:46:34 -04:00
Bill Burke
020d090aee Merge pull request #2430 from mstruk/assert-events
KEYCLOAK-2589 KEYCLOAK-2607 KEYCLOAK-2597 Port AssertEvents to integration-arquillian
2016-03-30 15:16:25 -04:00
Bill Burke
2cc3588be5 Merge remote-tracking branch 'upstream/master' 2016-03-30 15:07:35 -04:00
Bill Burke
12bf4b498e KEYCLOAK-2691 2016-03-30 15:07:24 -04:00
Stan Silvert
0f52768064 KEYCLOAK-2619: Partial Import doesn't support groups 2016-03-28 14:26:34 -04:00
Bill Burke
1dd4bdf0b7 KEYCLOAK-2718 2016-03-28 11:13:02 -04:00
Bill Burke
b253fe9532 Merge remote-tracking branch 'upstream/master' 2016-03-24 15:57:01 -04:00
Bill Burke
e2436c4722 KEYCLOAK-2624 2016-03-24 15:56:40 -04:00
Marko Strukelj
76a4db5d54 KEYCLOAK-2597 Invalid children group location header response 2016-03-24 17:13:00 +01:00
mposolda
c9545e16f7 KEYCLOAK-2713 Fix error at startup 2016-03-24 15:30:53 +01:00
Bill Burke
6030a65d1b KEYCLOAK-2543 2016-03-24 08:49:08 -04:00
mposolda
16ec76e864 KEYCLOAK-2712 Default required actions not added when user created through admin console 2016-03-24 11:11:35 +01:00
mposolda
7ffd6dc7a7 KEYCLOAK-2696 Unexpected error when trying to delete role mappings from read-only LDAP role mapper 2016-03-22 13:03:49 +01:00
Stian Thorgersen
2c9172f707 Merge pull request #2399 from stianst/KEYCLOAK-2469
Keycloak 2469
2016-03-22 08:09:59 +01:00
mposolda
4193856fbb KEYCLOAK-2687 ZIPException during import big number of users 2016-03-22 07:04:54 +01:00
Stian Thorgersen
ce717fa20e KEYCLOAK-2469 Minor changes 2016-03-21 15:45:53 +01:00
Stian Thorgersen
204d226267 Merge branch 'issue/KEYCLOAK-2469' of https://github.com/thomasdarimont/keycloak into thomasdarimont-issue/KEYCLOAK-2469 2016-03-21 15:30:48 +01:00
Thomas Darimont
3e6b6507f4 KEYCLOAK-2664 - QRCodeResource should prohibit caching of the generated image
Added cache-control headers to avoid caching for generated
QRCode images.

Adjusted CacheControlUtil#noCache() to avoid caching more aggressively.
2016-03-18 12:18:07 +01:00
mposolda
85ccd64e01 KEYCLOAK-2643 Added write-only property to LDAP full-name attribute mapper 2016-03-11 22:32:55 +01:00
mposolda
73c3534e7a KEYCLOAK-2629 LDAP Federation provider - input fields validation 2016-03-11 22:32:45 +01:00
Stian Thorgersen
7342261dbe KEYCLOAK-2593 Character set missing from responses and no content sniffing defense in place 2016-03-11 15:31:15 +01:00
Stian Thorgersen
b3bb68aed7 Merge pull request #2364 from stianst/KEYCLOAK-2637
KEYCLOAK-2637
2016-03-11 13:00:54 +01:00
Stian Thorgersen
bdfc9b8efc KEYCLOAK-2637
ModelExceptionMapper uses AdminMessagesProvider which loads messages outside of themes
2016-03-11 12:08:28 +01:00
mposolda
25f965aa2e KEYCLOAK-2628 protected method to IdpCreateUserIfUniqueAuthenticator after user is registered 2016-03-11 10:05:41 +01:00
Thomas Darimont
41358eea4d KEYCLOAK-2469 - Introduced new redirect endpoint for clients.
Previously one had to configure hardcoded urls to link from one client
application to others since keycloak didn't provide a way to get the
actual client URL by providing clientId and realm information.

We now support a new endpoint with the path {realm}/clients/{client_id}/redirect
that responds to GET requests with a 307 (temporary redirect) with the
configured client URL. This allows to refer to any client just by the
realmName and clientId and let Keycloak redirect to the actual client
application.

Add documentation for new redirect endpoint.
2016-03-10 23:45:22 +01:00
Stian Thorgersen
dc1d0e7f44 KEYCLOAK-2596 Fix import with dir and ignore existing 2016-03-08 08:55:10 +01:00
mposolda
ebb61c104b KEYCLOAK-2529 More proper handling of DB errors during migration 2016-03-07 15:19:12 +01:00
mposolda
8da768a514 KEYCLOAK-2529 Concurrent startup by more cluster nodes at the same time. Added DBLockProvider 2016-03-07 10:34:30 +01:00
Stian Thorgersen
56c3d53a24 Merge pull request #2324 from ssilvert/client-tests
KEYCLOAK-2535: ClientResource endpoint tests
2016-03-07 06:13:55 +01:00
Stian Thorgersen
4f047565fb Merge pull request #2326 from stianst/KEYCLOAK-2592
Keycloak 2592
2016-03-07 06:12:17 +01:00
Stan Silvert
f65a053182 Make imports in ServerInfoAdminResource explicitly point to the new
packages.
2016-03-04 11:17:12 -05:00
Bill Burke
4be6dc2f0c cleanup cache 2016-03-04 10:30:48 -05:00
Stian Thorgersen
57b6ddbace KEYCLOAK-2592 Set secure on OAuth_Token_Request_State cookie 2016-03-04 14:22:48 +01:00
Stian Thorgersen
bf38ec040f KEYCLOAK-2592 Set http-only on OAuth_Token_Request_State cookie 2016-03-04 13:43:00 +01:00
Stan Silvert
2c79456e72 KEYCLOAK-2535: ClientResource endpoint tests 2016-03-04 07:41:24 -05:00
Bruno Oliveira
8d6f71e7d1 KEYCLOAK-2585: Changes on Brute force messages 2016-03-03 10:11:03 -03:00
Marek Posolda
002074bb30 Merge pull request #2320 from mposolda/master
KEYCLOAK-2523 Fix concurrency tests with all databases by track trans…
2016-03-03 12:34:29 +01:00
Stian Thorgersen
375d4e9e83 Merge pull request #2321 from stianst/KEYCLOAK-2547
KEYCLOAK-2547 NPE in TokenEndpoint and InfinispanUserSessionProvider
2016-03-03 12:06:40 +01:00
mposolda
a258dd51ee KEYCLOAK-2523 Fix concurrency tests with all databases by track transaction startup revision 2016-03-03 11:21:26 +01:00
Stian Thorgersen
b4239c40c1 KEYCLOAK-2547 NPE in TokenEndpoint and InfinispanUserSessionProvider 2016-03-03 10:45:05 +01:00
Stian Thorgersen
b6118a6705 Merge pull request #2319 from stianst/KEYCLOAK-2580
KEYCLOAK-2580 Failed to create execution flow
2016-03-03 10:33:42 +01:00
Stian Thorgersen
2d42ad9993 KEYCLOAK-2580 Failed to create execution flow 2016-03-03 09:18:48 +01:00
Stian Thorgersen
2edb7f6831 KEYCLOAK-2577 Rollback session in KeycloakSessionServletFilter if not committed by KeycloakTransactionCommitter 2016-03-03 08:59:19 +01:00
Stian Thorgersen
13b6c6f507 KEYCLOAK-2576 KEYCLOAK-2576
Changing locale on login screen doesn't affect current user
2016-03-03 07:06:10 +01:00
mposolda
0768bcc452 KEYCLOAK-2542 User can't set password for account created over social login if UserFedarationProvider used 2016-03-01 10:13:21 +01:00
mposolda
e2558ca827 KEYCLOAK-1928 Fix Saml with IBM JDK 2016-02-29 17:32:33 +01:00
Stian Thorgersen
ccfae82b77 KEYCLOAK-1040
Allow import of realm keys (like we do for SAML)
2016-02-29 09:35:08 +01:00
mposolda
e7a5b88b2d KEYCLOAK-2561 Fix issues with blank password 2016-02-26 18:14:37 +01:00
Stian Thorgersen
ca81f3f18d Merge pull request #2275 from stianst/KEYCLOAK-2511
KEYCLOAK-2511 Rename session-state in access token response to sessio…
2016-02-25 12:03:37 +01:00
Stian Thorgersen
6df72d67c5 Merge pull request #2274 from stianst/KEYCLOAK-2500
KEYCLOAK-2500 Add cors headers to .well-known endpoints
2016-02-25 12:03:25 +01:00
Stian Thorgersen
3ca39801dc KEYCLOAK-2511 Rename session-state in access token response to session_state 2016-02-25 10:14:12 +01:00
Stian Thorgersen
da8f2dc2ce KEYCLOAK-2500 Add cors headers to .well-known endpoints 2016-02-25 10:05:46 +01:00
Stian Thorgersen
2fce06ffca KEYCLOAK-2522 master realm admin can't use client registration api 2016-02-25 09:54:34 +01:00
mposolda
daca6d7062 KEYCLOAK-2505 Keystore configuration is not honored for LDAP over SSL connections 2016-02-19 18:02:39 +01:00
mposolda
a441be57ed KEYCLOAK-2508 Possible NullPointerException during bigger load when removing UserSession 2016-02-19 11:49:30 +01:00
Bill Burke
fd49213cb9 KEYCLOAK-2477 2016-02-17 17:02:14 -05:00
Bill Burke
20348e5d0b remove RealmModel.getClientNameMap() 2016-02-17 16:05:25 -05:00
mposolda
e237bcd383 KEYCLOAK-2412 wildfly configs and polishing 2016-02-17 13:10:51 +01:00
mposolda
1328531f31 KEYCLOAK-2412 Added ClusterProvider. Avoid concurrent federation sync execution by more cluster nodes at the same time.
Clustering - more progress
2016-02-17 11:02:42 +01:00
Stian Thorgersen
7f60e4f986 Merge pull request #2231 from stianst/master
KEYCLOAK-2493
2016-02-17 07:41:44 +00:00
Stian Thorgersen
5df540df8c Merge pull request #2223 from ssilvert/partial-import-tests
KEYCLOAK-2481: Create admin client endpoint for partial import + tests
2016-02-17 07:39:03 +00:00
Stian Thorgersen
5bc3ee0e8c KEYCLOAK-2493
Set default theme based on product name
2016-02-16 18:05:06 +01:00
Bill Burke
24da8288eb Merge remote-tracking branch 'upstream/master' 2016-02-12 11:38:36 -05:00
Bill Burke
4ff1848681 javadoc 2016-02-12 11:38:12 -05:00
mposolda
969b8c153f KEYCLOAK-1989 Refreshing offline tokens didn't work correctly in cluster with revokeRefreshToken enabled 2016-02-12 12:54:47 +01:00
Stan Silvert
dd9cf3be39 KEYCLOAK-2481: Create admin client endpoint for partial endpoint + tests 2016-02-11 15:26:52 -05:00
mposolda
6c39810ba7 KEYCLOAK-2436 Better defaults 2016-02-11 15:50:11 +01:00
Bill Burke
c2fa0e5c6d Merge pull request #2214 from mposolda/master
KEYCLOAK-2463 Fix performance issue with just 2 default connections p…
2016-02-11 09:41:48 -05:00
Bill Burke
67ce3fdbd2 Merge pull request #2215 from patriot1burke/master
concurrency, some JPA cleanup too
2016-02-11 09:41:37 -05:00
Marko Strukelj
dadb470609 KEYCLOAK-1967 Add support for authentication flows into admin-rest-client 2016-02-11 12:18:01 +01:00
Bill Burke
fd212a2a2a Merge remote-tracking branch 'upstream/master' 2016-02-10 14:09:43 -05:00
mposolda
aac274bbb3 KEYCLOAK-2463 Fix performance issue with just 2 default connections per route in Apache HTTP client 2016-02-10 18:07:11 +01:00
Stian Thorgersen
066d6bb230 Merge pull request #2211 from stianst/KEYCLOAK-2475
KEYCLOAK-2475
2016-02-10 14:52:22 +01:00
Stian Thorgersen
72ded04517 Merge pull request #2210 from stianst/KEYCLOAK-2466
KEYCLOAK-2466 Redirection back to account/password is broken
2016-02-10 14:44:54 +01:00
Stian Thorgersen
77912b2117 KEYCLOAK-2475
Move client registration endpoints
2016-02-10 14:23:04 +01:00
Stian Thorgersen
555236c3f0 KEYCLOAK-2466 Redirection back to account/password is broken 2016-02-10 14:02:33 +01:00
Stian Thorgersen
4670d93f76 KEYCLOAK-2472
Remove deprecated endpoints
2016-02-10 13:32:53 +01:00
Bill Burke
45e5cfac99 concurrency 2 2016-02-09 21:10:30 -05:00
Bill Burke
00236c13ff Merge pull request #2180 from cainj13/persistentWildcard
add support for wildcard persistent nameId attribute to SAML protocol
2016-02-09 09:43:30 -05:00
Stian Thorgersen
635ccae144 KEYCLOAK-2429
Disabled Google Identity Provider still kicks in when 'Authenticate by default' is enabled
2016-02-08 19:51:21 +01:00
Stan Silvert
e89f511465 KEYCLOAK-1976: Add support for events into admin-rest-client. Also,
arquillian tests for events.
2016-02-05 18:45:25 -05:00
Bill Burke
726f746b85 KEYCLOAK-2367 2016-02-05 11:22:09 -06:00
Bill Burke
e26ac0983a KEYCLOAK-2367 2016-02-04 16:50:02 -05:00
Josh Cain
d5d954e80a add support for wildcard persistent nameId attribute to SAML protocol 2016-02-04 11:06:14 -06:00
Stian Thorgersen
2974034974 KEYCLOAK-2435
Feedback on login screen not showing correctly
2016-02-03 13:41:31 +01:00
mposolda
bae3ce4aab Fix failing test with DB2 2016-02-03 12:29:37 +01:00
Stian Thorgersen
c7a8742a36 KEYCLOAK-1524
Source code headers
2016-02-03 11:20:22 +01:00
mposolda
db76655717 KEYCLOAK-2431 Ensure users removed through UserManager to properly invoke callbacks. Make UserSessionPersister implementations more resistent when user was not properly removed 2016-02-03 10:16:39 +01:00
Stian Thorgersen
26897ea46d KEYCLOAK-2299
createdDate of credential is not exported
2016-02-03 09:49:10 +01:00
Bill Burke
c65160db1f Merge remote-tracking branch 'upstream/master' 2016-02-01 16:35:12 -05:00
Bill Burke
37cf335247 KEYCLOAK-2408 KEYCLOAK-2330 2016-02-01 16:35:00 -05:00
Marek Posolda
8ad8a3fbac Merge pull request #2148 from mposolda/master
KEYCLOAK-2235 Fix possible transaction leak at startup with add-user
2016-02-01 22:23:43 +01:00
Bill Burke
bd104e2138 Merge pull request #2137 from abstractj/KEYCLOAK-2411
Realm import will raise NPE when clientID is missing
2016-02-01 16:03:17 -05:00
mposolda
6b2fb9a2bb KEYCLOAK-2235 Fix possible transaction leak at startup with add-user 2016-02-01 21:47:46 +01:00
mposolda
732256eceb KEYCLOAK-2235 Fix transaction leaks 2016-02-01 18:21:27 +01:00
Bill Burke
db78ea76b8 Merge pull request #2142 from patriot1burke/master
saml subsystem model changes
2016-01-30 08:40:10 -05:00
Bill Burke
6c020661e8 saml subsystem model changes 2016-01-30 07:13:13 -05:00
mposolda
9332655110 KEYCLOAK-2292 Broker login: remove identity provider prefix from autogenerated username 2016-01-29 18:43:12 +01:00
Bill Burke
39f12549a3 Merge pull request #2122 from abstractj/KEYCLOAK-2151
Brute force detector active for non-existing accounts
2016-01-29 09:32:28 -05:00
Bruno Oliveira
5eb8d3be5a Realm import will raise NPE when clientID is missing 2016-01-29 10:05:42 -02:00
Bill Burke
9027f9b4d3 fix2 2016-01-27 23:06:20 -05:00
Bill Burke
8a3148017d fix 2016-01-27 23:04:12 -05:00
Bill Burke
25347cd45e browser back button 2016-01-27 22:14:28 -05:00
Bruno Oliveira
385717c0fb Brute force detector active for non-existing accounts 2016-01-27 19:09:44 -02:00
Bill Burke
81569ce5d2 Merge pull request #2119 from patriot1burke/master
KEYCLOAK-2349
2016-01-26 16:22:02 -05:00
Bill Burke
66e1ee79d0 KEYCLOAK-2349 2016-01-26 15:45:40 -05:00
Bill Burke
9fa35eda69 Merge pull request #2118 from patriot1burke/master
KEYCLOAK-2387
2016-01-26 14:20:27 -05:00
Bill Burke
449bc5c4dc KEYCLOAK-2387 2016-01-26 14:19:53 -05:00
mposolda
3731964a2a KEYCLOAK-2351 Support for response_type=token to be OAuth2 compliant 2016-01-26 17:09:42 +01:00
mposolda
90842cf7ef Minor change in message 2016-01-26 16:24:08 +01:00
Stian Thorgersen
9143d4b5cb Merge pull request #2111 from mstruk/KEYCLOAK-2362
KEYCLOAK-2362 NPE if SSL certificate is not trusted by Java's default keystore
2016-01-26 16:17:29 +01:00
Stian Thorgersen
301b61c4f9 Merge pull request #2113 from stianst/KEYCLOAK-2327
KEYCLOAK-2327 Make sure transaction is only committed or rolledback before response is returned
2016-01-26 16:06:15 +01:00
Stian Thorgersen
e3daf6fcf8 KEYCLOAK-2327 Make sure transaction is only committed for success 2016-01-26 14:47:59 +01:00
Stian Thorgersen
39b3c648a2 Merge pull request #2109 from stianst/KEYCLOAK-2218
KEYCLOAK-2218 Allow updating user without including username
2016-01-26 13:56:01 +01:00
Marko Strukelj
4f890e8f2e KEYCLOAK-2362 NPE if SSL certificate is not trusted by Java's default keystore 2016-01-26 13:53:16 +01:00
Stian Thorgersen
f9fd398f5b KEYCLOAK-2218 Allow updating user without including username 2016-01-26 13:01:49 +01:00
Stian Thorgersen
4a698bc22a KEYCLOAK-2388
Localisation should fallback to english rather than display raw keys
2016-01-26 11:47:30 +01:00
Stian Thorgersen
c55b91ed32 Merge pull request #2102 from stianst/KEYCLOAK-2237
KEYCLOAK-2237
2016-01-26 11:08:14 +01:00
Stian Thorgersen
54abfa4859 KEYCLOAK-2237
Offer the possibility to add own locale to login/registration dialogs
2016-01-26 10:16:05 +01:00
Stian Thorgersen
ee847c1f20 KEYCLOAK-2390
Relative redirect uri is broken
2016-01-26 09:01:14 +01:00
Bill Burke
1b0aa8e55b saml logging 2016-01-25 17:38:29 -05:00
Bill Burke
8b7bc5b153 redirect after post in flow 2016-01-22 18:39:55 -05:00
Vlastimil Elias
4e23311318 KEYCLOAK-2348 - Social login provider for Microsoft account - KC master
branch
2016-01-22 11:03:08 +01:00
Stan Silvert
c6dd0d52b9 KEYCLOAK-1280: i18n logging for org.keycloak.services.scheduled 2016-01-21 11:55:36 -05:00
Stan Silvert
446cd3701f KEYCLOAK-1280: i18n logging for org.keycloak.services.resources 2016-01-21 11:55:35 -05:00
Stan Silvert
e73a88443c KEYCLOAK-1280: i18n logging for org.keycloak.services.resources 2016-01-21 11:55:33 -05:00
Stan Silvert
857201ab55 KEYCLOAK-1280: i18n logging for org.keycloak.services.messages 2016-01-21 11:55:31 -05:00
Stan Silvert
779a5c2f3c KEYCLOAK-1280: i18n logging for org.keycloak.services.managers 2016-01-21 11:55:30 -05:00
Stan Silvert
c81b37cc4d KEYCLOAK-1280: i18n logging for
org.keycloak.services.clientregistration.oidc
2016-01-21 11:55:28 -05:00
Stan Silvert
27ad9dcdd1 KEYCLOAK-1280: i18n logging for org.keycloak.services 2016-01-21 11:55:26 -05:00
Stan Silvert
1f04676f08 KEYCLOAK-1280: i18n logging for org.keycloak.provider 2016-01-21 11:55:25 -05:00
Stan Silvert
0de4170865 KEYCLOAK-1280: i18n logging for org.keycloak.protocol.oidc.utils 2016-01-21 11:55:23 -05:00
Stan Silvert
9c33738941 KEYCLOAK-1280: i18n logging for org.keycloak.protocol.oidc.mappers 2016-01-21 11:55:21 -05:00
Stan Silvert
adfc192877 KEYCLOAK-1280: i18n logging for org.keycloak.protocol.oidc.endpoints 2016-01-21 11:55:20 -05:00
Stan Silvert
550e23c8f6 KEYCLOAK-1280: i18n logging for org.keycloak.protocol.oidc 2016-01-21 11:55:18 -05:00
Stan Silvert
9dccd45543 KEYCLOAK-1280: i18n logging for org.keycloak.protocol 2016-01-21 11:55:17 -05:00
Stan Silvert
d2ad1808a5 KEYCLOAK-1280: i18n logging for org.keycloak.partialimport 2016-01-21 11:55:15 -05:00
Stan Silvert
273c662b29 KEYCLOAK-1280: i18n logging for org.keycloak.exportimport 2016-01-21 11:55:14 -05:00
Stan Silvert
24602257e1 KEYCLOAK-1280: i18n logging for org.keycloak.email 2016-01-21 11:55:12 -05:00
Stan Silvert
b544adf170 KEYCLOAK-1280: i18n logging for
org.keycloak.authentication.requiredactions
2016-01-21 11:55:10 -05:00
Stan Silvert
2cecce37a7 KEYCLOAK-1280: i18n logging for org.keycloak.authentication.forms 2016-01-21 11:55:09 -05:00
Stan Silvert
7bc74aac73 KEYCLOAK-1280: i18n logging for
org.keycloak.authentication.authenticators.resetcred
2016-01-21 11:55:07 -05:00
Stan Silvert
dfb92db2b7 KEYCLOAK-1280: i18n logging for
org.keycloak.authentication.authenticators.directgrant
2016-01-21 11:55:05 -05:00
Stan Silvert
36e711fb88 KEYCLOAK-1280: i18n logging for
org.keycloak.authentication.authenticators.client
2016-01-21 11:55:04 -05:00
Stan Silvert
0ef8c18b93 KEYCLOAK-1280: i18n logging for
org.keycloak.services.authentication.authenticators.browser
2016-01-21 11:55:02 -05:00
Stan Silvert
b1baea7023 KEYCLOAK-1280: i18n logging for
org.keycloak.authentication.authenticators.broker
2016-01-21 11:55:00 -05:00
Stan Silvert
3b4cb94ff1 KEYCLOAK-1280: i18n logging for org.keycloak.authentication 2016-01-21 11:54:59 -05:00
Stan Silvert
7514104974 KEYCLOAK-1280: I18N for logging 2016-01-21 11:54:57 -05:00
Bill Burke
efd8317259 final re-org work 2016-01-20 17:26:26 -05:00
Bill Burke
d9487a8745 social broker reorg 2016-01-20 16:46:38 -05:00
Bill Burke
01f3c6ceb7 reorg event log/email 2016-01-20 15:38:09 -05:00
Stian Thorgersen
3dc090b893 KEYCLOAK-2185 Add support to disable realm and user cache, and added support to clear caches from admin console 2016-01-20 14:09:03 +01:00
Stian Thorgersen
733ca53983 KEYCLOAK-2346 Add identity provider and external username to event when login via broker 2016-01-20 10:23:46 +01:00
Bill Burke
4ed1eb66ee truststore httpclient 2016-01-19 17:29:16 -05:00
Bill Burke
46634b386e reorg freemarker 2016-01-19 11:33:59 -05:00
Stian Thorgersen
bc845bed0e KEYCLOAK-2286 Remove deprecated OpenID Connect endpoints 2016-01-18 20:31:23 +01:00
Bill Burke
b0054b7682 email, login, account 2016-01-16 09:38:24 -05:00
Bill Burke
b403c9b934 broker and social 2016-01-16 09:15:17 -05:00
Bill Burke
76e3a72f4c fixes 2016-01-15 20:18:36 -05:00
Bill Burke
d1a43d6318 fixes 2016-01-15 20:08:17 -05:00
Bill Burke
007e9530ec brute force refactr, mv protocol 2016-01-15 19:25:28 -05:00
Bill Burke
5017d71383 exportimport and timer and events 2016-01-15 19:07:17 -05:00
Bill Burke
b93d55cb63 remove model-api, add server-spi 2016-01-15 18:44:17 -05:00
Stian Thorgersen
b21bf21043 Merge pull request #2028 from stianst/JACKSON2
KEYCLOAK-1809
2016-01-15 16:29:01 +01:00
Stian Thorgersen
33565ff8d9 Added jax-rs response filter to commit transaction 2016-01-15 15:50:38 +01:00
Bill Burke
5a74c72452 Merge remote-tracking branch 'upstream/master' 2016-01-14 18:33:22 -05:00
Bill Burke
67ef3e7a45 client installation formats 2016-01-14 16:50:17 -05:00
Stian Thorgersen
435980d776 KEYCLOAK-1809
Upgrade jackson to version 2.x
2016-01-14 16:34:30 +01:00
Bill Burke
0bad78c53b Merge pull request #2025 from thomasdarimont/issue/KEYCLOAK-2311-white-list-role-for-conditional-otp
KEYCLOAK-2311 - Allow to specify role to skip conditional OTP authentication.
2016-01-14 09:05:58 -05:00
Stian Thorgersen
eb10d6bfd6 Merge pull request #2024 from stianst/FIX-CLIENT-INSTALLATION-TEST
Fix client installation test
2016-01-14 12:33:26 +01:00
Thomas Darimont
d6b10aa911 KEYCLOAK-2311 - Polishing.
Aligned constant names, but keep constant values to stay compatible with previous version.
2016-01-14 12:05:19 +01:00
Stian Thorgersen
a6da6e48f9 Fix client installation test 2016-01-14 11:54:39 +01:00
Thomas Darimont
92c2ec366d KEYCLOAK-2311 - Allow to specify role to skip conditional OTP authentication.
We now allow specify a role to skip OTP.
Previously it was  not possible to specify that OTP authentication should be skipped via a role but the
ConditionalOtpAuthenticator allowed to specify to show/skip OTP via a user attribute or HTTP request header pattern.
Having the "skip role" aligns the role based configuration options with the user attribute and HTTP request header configuration.
2016-01-14 11:47:30 +01:00
Bill Burke
f9c458aa0e Merge remote-tracking branch 'upstream/master' 2016-01-13 16:18:42 -05:00
Bill Burke
9dc21224bd clean up most redirects 2016-01-13 16:18:24 -05:00
Stian Thorgersen
30c3a5ed70 Merge pull request #2020 from stianst/master
Mark all SPIs as internal
2016-01-13 19:24:43 +01:00
Bill Burke
b3967263d1 Merge remote-tracking branch 'upstream/master' 2016-01-13 10:16:06 -05:00
Bill Burke
b9c9b58727 refactor 2016-01-13 10:15:54 -05:00
Stian Thorgersen
f8841d2365 Mark all SPIs as internal 2016-01-13 15:49:53 +01:00
mposolda
4642876323 KEYCLOAK-2270 Use sub instead of iss for clientId in JWTClientAuthenticator 2016-01-13 10:12:20 +01:00
Stian Thorgersen
2f88868e20 Merge pull request #2014 from ssilvert/KEYCLOAK-2294-pi-testrealm
KEYCLOAK-2294 Partial import can fail with 'Removing a detached insta…
2016-01-13 08:37:49 +01:00
Stan Silvert
b0de77013c KEYCLOAK-2294 Partial import can fail with 'Removing a detached instance' 2016-01-12 15:46:48 -05:00
Stian Thorgersen
ee3a880a55 Merge pull request #1999 from pedroigor/KEYCLOAK-2266
[KEYCLOAK-2266] - OAuth2 Token Introspection.
2016-01-12 15:37:41 +01:00
Pedro Igor
c9f9ee9799 [KEYCLOAK-2266] - OAuth2 Token Introspection. 2016-01-12 11:16:42 -02:00
Bill Burke
43dc250bf2 Merge pull request #2006 from thomasdarimont/issue/KEYCLOAK-2040-Conditional-OTP-Authentication
KEYCLOAK-2040 - Add support for Conditional OTP auth.
2016-01-11 14:56:48 -05:00
mposolda
e761d6ce10 Fix DB tests. Cleanup after AddUserTest 2016-01-11 18:00:56 +01:00
Thomas Darimont
46991764d4 KEYCLOAK-2040 - Add support for Conditional OTP auth.
Previously it was not possible to conditionally show a OTP authentication
form. This PR adds support to conditionally require OTP authentication
based on a custom user attribute, a role, a request header pattern
(with black- and whitelisting) as well as a configurable default in
case no condition matches.
2016-01-11 17:39:42 +01:00
mposolda
c3f69fdc54 Fix MySQL - fixing transactions during bootstrap 2016-01-11 15:31:45 +01:00
Stian Thorgersen
e2b889d727 KEYCLOAK-2284
Setup of background tasks doesn't close KeycloakSession
2016-01-11 11:41:36 +01:00
Stian Thorgersen
a6c852603e Merge pull request #2000 from mstruk/truststore
KEYCLOAK-1717 Truststore SPI and file provider
2016-01-11 09:24:53 +01:00
Stian Thorgersen
f1602b3b8d Merge pull request #1998 from ssilvert/partial-import
KEYCLOAK-1979: Partial import
2016-01-11 09:22:09 +01:00
Stian Thorgersen
7c8bc5814e Merge pull request #1990 from raehalme/KEYCLOAK-2257
KEYCLOAK-2257: Store user attribute when accepting terms and conditions
2016-01-11 09:03:58 +01:00
Marko Strukelj
80e2b8eb39 KEYCLOAK-1717 Truststore SPI and file provider 2016-01-10 12:39:30 +01:00
Stan Silvert
fbff61bfba For overwrite, do all deletes, then all adds.
Minor UI enhancements.
Fix 2 JPA bugs.
General cleanup.
Documentation.
2016-01-08 13:45:22 -05:00
Bill Burke
dc337d684a improve client creation when template 2016-01-08 11:40:46 -05:00
Stian Thorgersen
ddd99c2411 KEYCLOAK-2259
Redirect URIs and token domains are matched case-sensitively
2016-01-08 15:38:00 +01:00
Thomas Raehalme
c4544e8caf Like other timestamps attribute value is now seconds since 1970. 2016-01-08 14:21:43 +02:00
Thomas Raehalme
bca3893070 Required action TermsAndConditions now stores user attribute indicating acceptance of terms and conditions. 2016-01-08 13:14:04 +02:00
Bill Burke
2892b093ab Merge remote-tracking branch 'upstream/master' 2016-01-07 17:25:58 -05:00
Bill Burke
78fe064cf0 2213 2016-01-07 17:25:47 -05:00
Stian Thorgersen
77962ec896 Merge pull request #1984 from mstruk/providers-init
Prevent ProviderFactories being loaded twice
2016-01-07 11:57:12 +01:00
Bill Burke
71b6ed80ae Merge remote-tracking branch 'upstream/master' 2016-01-06 16:51:24 -05:00
Bill Burke
4a4bbf26f4 installation provider 2016-01-06 16:51:02 -05:00
Bill Burke
64de96d34b installation provider 2016-01-06 16:49:58 -05:00
Stian Thorgersen
a5c159eeff KEYCLOAK-2247
Upgrade to WildFly 10.0.0.CR5
2016-01-06 16:15:00 +01:00
Marko Strukelj
aca00dd42c Prevent ProviderFactories being loaded twice 2016-01-05 23:07:13 +01:00
Stan Silvert
979205c827 Cleanup 2016-01-05 15:33:45 -05:00
Stan Silvert
55e36acfc0 For overwrite, delete then create.
Do all prepares to check for errors, then call doImport on each type.
Combine Realm Role and Client Role processing (RolesPartialImport).
2016-01-05 15:33:45 -05:00
Stan Silvert
2d878805c1 Fix resource path for partial import events. 2016-01-05 15:33:43 -05:00
Stan Silvert
dd038ddbd5 Add id to partial import results. 2016-01-05 15:33:43 -05:00
Stan Silvert
f6a02bd408 Clean commit for partial import with single page for all imports. 2016-01-05 15:33:42 -05:00
Bill Burke
39d5a07218 KEYCLOAK-2221 2016-01-05 10:59:13 -05:00
Bill Burke
63975886cb Merge pull request #1974 from patriot1burke/master
set frameork for template config
2016-01-05 10:03:48 -05:00
Bill Burke
c3f2ae1cd1 Merge pull request #1973 from thomasdarimont/issue/KEYCLOAK-2253
KEYCLOAK-2253 - Add support for ConfiguredProvider based UserFederationProviderFactory.
2016-01-05 10:03:40 -05:00
Bill Burke
977f4051b3 Merge remote-tracking branch 'upstream/master' 2016-01-04 17:23:15 -05:00
Bill Burke
3bacbdf6ff set framework for template config 2016-01-04 17:13:15 -05:00
Thomas Darimont
3ec516d14c KEYCLOAK-2253 - Add support for ConfiguredProvider based UserFederationProviderFactory.
UserFederationProvidersResource is now aware of ConfiguredProvider and allows sophisticated
configuration of configuration properties via ProviderConfigProperty definitions.
See DummyUserFederationProviderFactory. getConfigProperties() for example.

Previously  UserFederationProvidersResource did only support simple key-value pairs for expressing
configurable options.

Tested this by launching a standalone KeycloakServer and creating a new Dummy UserFederationProvider.
The default values, labels and help messages are correctly displayed and the values are stored correctly.
2016-01-04 22:23:14 +01:00
Dane Barentine
d8d0298498 KEYCLOAK-2255 Location header should return IdP alias instead of provider ID. 2016-01-04 11:30:57 -08:00
Stian Thorgersen
eece3689f2 KEYCLOAK-2228
Deleting of realm when using JPA requires server restart
2016-01-04 13:04:33 +01:00
Stian Thorgersen
a9b5d07263 Merge pull request #1964 from stianst/master
KEYCLOAK-2242
2015-12-23 14:39:41 +01:00
Stian Thorgersen
eddf3eef17 KEYCLOAK-2242
Remove built-in admin account
2015-12-23 13:46:11 +01:00
Marek Posolda
6752a4f9b0 Merge pull request #1963 from mposolda/master
KEYCLOAK-1899 Added HardcodedLDAPRoleMapper
2015-12-22 20:43:09 +01:00
mposolda
41d22986d5 KEYCLOAK-1899 Added HardcodedLDAPRoleMapper 2015-12-22 16:22:02 +01:00
Pedro Igor
9172b5472e [KEYCLOAK-2202] - Removing LoginProtocol in order to reuse SAML settings. 2015-12-22 12:53:39 -02:00
mposolda
1747e0981f KEYCLOAK-2154 Added Group mapper for LDAP. LDAP mappers improvements and fixes 2015-12-22 08:54:09 +01:00
Bill Burke
ea6374163d Merge pull request #1957 from stianst/master
KEYCLOAK-2043
2015-12-21 16:56:01 -05:00
Bill Burke
b90409c5e4 refactor client create 2015-12-21 16:36:13 -05:00
Stian Thorgersen
9a921f66ff KEYCLOAK-2043
.well-known/openid-configuration doesn't set cache-control header
2015-12-21 15:35:23 +01:00
Stian Thorgersen
606e6fa479 KEYCLOAK-1934
Add display-name and display-name-html to realm
2015-12-21 12:15:13 +01:00
Bill Burke
5caf3e0a2d Merge remote-tracking branch 'upstream/master' 2015-12-18 17:15:40 -05:00
Bill Burke
d939b6a431 template scope 2015-12-18 17:15:27 -05:00
Pedro Igor
1b614a379b [KEYCLOAK-2202] - Initial support for SAML ECP Profile. 2015-12-16 18:46:52 -02:00
Bill Burke
0527d441e3 better logging 2015-12-16 12:23:41 -05:00
mposolda
0d52e4e6c5 Added sync support to UserFederationMapper 2015-12-16 13:52:11 +01:00
Bill Burke
ee79f5e69d remove default client mappers when templated 2015-12-15 17:37:53 -05:00
Bill Burke
96e1813b34 client templates backend 2015-12-11 10:31:42 -05:00
mposolda
081db0d353 KEYCLOAK-2124 Post-Broker login flow support 2015-12-09 16:36:26 +01:00
Stian Thorgersen
321cac2ab8 KEYCLOAK-1900 Refactoring 2015-12-08 14:06:40 +01:00
tsudot
162dd4051d KEYCLOAK-1900 Add password hash SPI and provider
- Default encoder set to Pbkdf2PasswordEncoder
2015-12-08 13:25:59 +01:00
Stian Thorgersen
8d23422605 KEYCLOAK-2176 Add default roles and actions to users created with add-user script 2015-12-03 11:45:56 +01:00
Stian Thorgersen
34c3ffaae1 Ported AdminApiTest to use admin client 2015-12-03 08:24:23 +01:00
mposolda
2a03d23098 Fix typos 2015-12-02 08:51:20 +01:00
mposolda
ad34d63cb3 KEYCLOAK-2172 Make Identity broker User Attribute mappers compatible with First Broker Login flow 2015-12-01 15:48:25 +01:00
mposolda
635310123e KEYCLOAK-2167 EmailAsUsername not reflected during registration through broker 2015-11-30 22:46:34 +01:00
mposolda
0f3d2bbfb4 KEYCLOAK-2149 DB fixes. firstBrokerLogin migration 2015-11-30 18:57:31 +01:00
mposolda
5b61a10b55 KEYCLOAK-2061 Direct Access Grants disabled by default 2015-11-30 15:56:21 +01:00
mposolda
ec327c99f4 KEYCLOAK-2152 KEYCLOAK-2061 Client switches changes. Support for response_types and grant_types in OIDC Client registration 2015-11-30 15:31:38 +01:00
Stian Thorgersen
2a6851b01f Merge pull request #1900 from stianst/KEYCLOAK-2063
KEYCLOAK-2063 Fix verify email link from admin endpoint
2015-11-30 13:17:17 +01:00
Stian Thorgersen
61c2ec04a4 Merge pull request #1898 from velias/KEYCLOAK-2164
KEYCLOAK-2164 - removed Cancel button from 'Change password' screen in Account app
2015-11-30 12:45:39 +01:00
Stian Thorgersen
233b1e2553 KEYCLOAK-2063 Fix verify email link from admin endpoint 2015-11-30 12:10:45 +01:00
Vlastimil Elias
b22c28b20e KEYCLOAK-2164 - removed Cancel button from 'Change password' screen in
Account app
2015-11-30 11:05:22 +01:00
Marko Strukelj
fd5cb84dd1 KEYCLOAK-2039 NPE on startup if keycloak-server.json can't be found
- fix NPE and throw RuntimeException if config file not found
2015-11-30 10:26:39 +01:00
Gregor Tudan
46f947113c KEYCLOAK-2163: require user admin role for clearing bruteforce detection status 2015-11-30 08:56:26 +01:00
mposolda
57b60797ce KEYCLOAK-1129 Implicit flow: more work 2015-11-28 00:15:41 +01:00
mposolda
ef80b64d1c KEYCLOAK-1129 Implicit flow and Hybrid flow support 2015-11-27 22:28:38 +01:00
mposolda
8d2e4c0316 KEYCLOAK-2061 Add switches to enable/disable grant types for clients 2015-11-27 22:28:38 +01:00
Stian Thorgersen
c83e3bd2d1 KEYCLOAK-2106 HTTP 500 for unparsable refresh tokens 2015-11-27 08:59:23 +01:00
Stian Thorgersen
5ea880cfff Merge pull request #1880 from stianst/KEYCLOAK-2129-USRCACHE
KEYCLOAK-2139
2015-11-26 21:14:08 +01:00
Stian Thorgersen
7c4c77d70e KEYCLOAK-2147 2015-11-26 20:24:33 +01:00
Stian Thorgersen
632216d53f KEYCLOAK-2144 Set locale cookie to http-only 2015-11-26 20:06:05 +01:00
Bruno Oliveira
a99df49bc9 KEYCLOAK-2136: Unexpected error when trying to create mapper with already existing name 2015-11-26 13:55:10 -02:00
Stian Thorgersen
426a2b46fc Merge pull request #1877 from stianst/KEYCLOAK-2129
KEYCLOAK-2129
2015-11-26 15:33:39 +01:00
Stian Thorgersen
4a020d545b Merge pull request #1876 from stianst/KEYCLOAK-2082
KEYCLOAK-2082
2015-11-26 12:43:05 +01:00
Stian Thorgersen
ee363a4c56 KEYCLOAK-2129 2015-11-26 12:41:55 +01:00
Stian Thorgersen
bf4d5f4df9 KEYCLOAK-2082
Cross site scripting issues
2015-11-26 10:12:43 +01:00
Stian Thorgersen
e764461b1a Merge pull request #1874 from stianst/KEYCLOAK-2134-IFRAME
KEYCLOAK-2134 login-status-iframe.html without any parameter throws 5…
2015-11-26 08:19:28 +01:00
Stian Thorgersen
335f852600 Merge pull request #1869 from stianst/EMAIL
Email fixes
2015-11-25 20:05:45 +01:00
Stian Thorgersen
c26aeb654b KEYCLOAK-2134 login-status-iframe.html without any parameter throws 500 with NullpointerException 2015-11-25 19:58:46 +01:00
Stian Thorgersen
1eacdc6904 KEYCLOAK-2043 Set cache-control header in well-known endpoints 2015-11-25 18:58:44 +01:00
Stian Thorgersen
be040eaa18 KEYCLOAK-2133 KEYCLOAK-1782 2015-11-25 18:58:05 +01:00
Vlastimil Elias
0bdb05e152 KEYCLOAK-2075 - support for IsPassive mode in SAML IdP endpoint 2015-11-25 08:29:46 +01:00
Stian Thorgersen
cfc28b861b KEYCLOAK-1758 add-user script 2015-11-24 21:54:58 +01:00
Marek Posolda
d6089597ff Merge pull request #1847 from gerbermichi/password
remove empty password check
2015-11-24 17:23:51 +01:00
Stian Thorgersen
4f2b97de7f KEYCLOAK-1937
OpenID Connect Dynamic Client Registration

KEYCLOAK-1938
Register clients from SAML Entity Descriptors
2015-11-24 15:39:36 +01:00
Michael Gerber
142ef50728 remove empty password check in direct grant flow 2015-11-24 11:11:16 +00:00
Stian Thorgersen
f6743eff69 KEYCLOAK-2119
OTP Policy form validates both TOTP and HOTP at the same time
2015-11-23 12:02:39 +01:00
Michael Gerber
eda018ba0a remove empty password check 2015-11-20 18:42:56 +01:00
Stian Thorgersen
aedd23a43d Merge pull request #1843 from stianst/client-reg
KEYCLOAK-1749 Add documentation and fixed clean-up of expired initial…
2015-11-19 19:58:42 +01:00
Stian Thorgersen
7e8c80c0df KEYCLOAK-1749 Add documentation and fixed clean-up of expired initial access tokens 2015-11-19 16:11:41 +01:00
Bill Burke
98958a2bc4 default groups 2015-11-18 19:40:30 -05:00
Bill Burke
6989589e72 Merge remote-tracking branch 'upstream/master' 2015-11-18 15:24:45 -05:00
Bill Burke
41331111da resolve conflicts 2015-11-18 09:39:19 -05:00
Bill Burke
bff334d365 group token/assertion and tests 2015-11-18 09:36:47 -05:00
Stian Thorgersen
e8cb3a416d KEYCLOAK-2085 Added initial access token support to admin console 2015-11-18 10:33:27 +01:00
Stian Thorgersen
764c20d748 KEYCLOAK-2085 Initial access tokens for client registration 2015-11-18 10:33:24 +01:00
Stian Thorgersen
67fca8f1f3 Merge pull request #1831 from abstractj/KEYCLOAK-2100
KEYCLOAK-2100: 500 Internal Server Error with Update the events provider via Admin REST API
2015-11-17 20:35:48 +01:00
Bruno Oliveira
22c5c803ca KEYCLOAK-2100: 500 Internal Server Error with Update the events provider via Admin REST API 2015-11-17 14:04:24 -02:00
Stian Thorgersen
f6d716a386 Merge pull request #1829 from stianst/client-reg
KEYCLOAK-1749 Rotate registration access token, add registration acce…
2015-11-17 13:29:53 +01:00
Stian Thorgersen
62c5bc0e91 KEYCLOAK-1749 Rotate registration access token, add registration access token to admin console 2015-11-17 09:44:50 +01:00
Stian Thorgersen
96fe4269ec Merge pull request #1828 from abstractj/KEYCLOAK-2065
KEYCLOAK-2065: Update the client via Admin REST API causes 500 Internal Server Error
2015-11-17 08:31:54 +01:00
Bruno Oliveira
409356f734 KEYCLOAK-2065: Update the client via Admin REST API causes 500 Internal Server Error 2015-11-16 16:32:52 -02:00
Stian Thorgersen
bad0a95123 KEYCLOAK-1749 Client registration service
Changed endpoints of client registration to just clients

Started installation

Added adapter config retrival to client reg
2015-11-16 13:24:56 +01:00
mposolda
4288260aa6 KEYCLOAK-1822 Don't redirect to login theme when error during link identity in account mgmt. 2015-11-13 18:51:09 +01:00
Bill Burke
fa7a7d35a9 Merge remote-tracking branch 'upstream/master' 2015-11-13 09:30:37 -05:00
Bill Burke
fe5809db4d token group roles 2015-11-13 09:30:25 -05:00
Bill Burke
1510d9672a Merge pull request #1803 from gerbermichi/user
KEYCLOAK-2024 - username guessing
2015-11-13 08:53:05 -05:00
Bill Burke
9b93468131 Merge pull request #1818 from patriot1burke/master
group membership ui
2015-11-13 08:49:23 -05:00
mposolda
f2e4e67ba0 KEYCLOAK-1750 First broker login - events 2015-11-13 09:32:46 +01:00
Bill Burke
d7ea66ad44 group membership ui 2015-11-12 13:16:30 -05:00
Bill Burke
0d20e3c7ff Merge remote-tracking branch 'upstream/master' 2015-11-12 11:31:55 -05:00
Bill Burke
21119604c6 user group membership 2015-11-12 11:31:44 -05:00
Stian Thorgersen
99cddcef6c Merge pull request #1805 from velias/KEYCLOAK-2033
KEYCLOAK-2033 - Allow custom SPI Providers to show additional info on
2015-11-12 09:21:38 +01:00
Bill Burke
33ac048c8c resolve conflicts 2015-11-11 18:06:39 -05:00
Bill Burke
e25157655b group ui 2015-11-11 18:03:53 -05:00
Bill Burke
b8391e0935 Merge pull request #1778 from girirajsharma/keycloak-1994
[KEYCLOAK-1994] It's not possible to create flow with same name as deleted nested flow
2015-11-10 10:58:57 -05:00
Vlastimil Elias
b39146f6f5 KEYCLOAK-2033 - Allow custom SPI Providers to show additional info on
Server Info page
2015-11-10 12:55:36 +01:00
mposolda
4ca442d1b2 KEYCLOAK-1750 Option updateProfileOnFirstLogin moved from IdentityProvider to IdpReviewProfile authenticator 2015-11-10 11:06:23 +01:00
mposolda
99e75c69a0 KEYCLOAK-1750 First broker login - support for change password after first social login 2015-11-10 10:25:31 +01:00
Michael Gerber
1437f7da35 KEYCLOAK-2024 - username guessing 2015-11-10 09:04:10 +01:00
mposolda
adbf2b22ad KEYCLOAK-1750 Improve first time login with social. Added 'first broker login' flow 2015-11-09 10:34:55 +01:00
girirajsharma
4075d65241 [KEYCLOAK-1993] It's possible to create new authentication flow with empty name within another flow 2015-11-05 21:59:04 +05:30
Bill Burke
151c56a304 conflicts 2015-11-02 11:21:10 -05:00
girirajsharma
70cbeaf336 [KEYCLOAK-1994] It's not possible to create flow with same name as deleted nested flow 2015-10-24 22:57:40 +05:30
mposolda
74924f2f8c KEYCLOAK-2011 2015-10-23 22:48:06 +02:00
mposolda
c498b06f68 KEYCLOAK-2007 Migration upgrade for 1.6.1 2015-10-23 22:47:53 +02:00
Bill Burke
0d05d38eb6 Merge remote-tracking branch 'upstream/master' 2015-10-19 10:21:03 -04:00
Bill Burke
186de7235c Merge remote-tracking branch 'upstream/master' 2015-10-16 11:03:42 -04:00
Bill Burke
9433ef284a set browser flow switch 2015-10-16 11:03:30 -04:00
mposolda
4587fd23b6 KEYCLOAK-1929 Change package names. Fix Fuse demo 2015-10-16 16:30:42 +02:00
Stian Thorgersen
82a7173dba Merge pull request #1747 from stianst/kc-1975
KEYCLOAK-1975
2015-10-16 14:03:47 +02:00
Stian Thorgersen
d2afb4892a KEYCLOAK-1975
Increase/decrease flow priority doesn't work
2015-10-16 12:52:07 +02:00
Stian Thorgersen
2910db5595 KEYCLOAK-1973 Clear user from authentication context is password is not valid 2015-10-16 11:24:45 +02:00
Bill Burke
19ad846306 Merge pull request #1741 from patriot1burke/master
KEYCLOAK-1960
2015-10-15 19:33:55 -04:00
Bill Burke
235ffb2ff6 KEYCLOAK-1960 2015-10-15 18:56:56 -04:00
Bill Burke
181fdeb0d0 KEYCLOAK-1960 2015-10-15 18:54:57 -04:00
Bill Burke
8674578d0d Merge pull request #1730 from patriot1burke/master
KEYCLOAK-1908
2015-10-15 18:32:57 -04:00
Bill Burke
99028e9cab Merge remote-tracking branch 'upstream/master' 2015-10-15 16:30:35 -04:00
Bill Burke
20f18eec15 support browser refresh 2015-10-15 16:30:21 -04:00
mposolda
67435791ed KEYCLOAK-1961 revokeRefreshToken support for offline tokens and other fixes 2015-10-15 22:30:17 +02:00
mposolda
b4520baee5 KEYCLOAK-1959 Role offline_access was effective only when explicitly added to user 2015-10-15 22:30:17 +02:00
mposolda
802a39b1ce KEYCLOAK-904 Offline session idle timeout + admin console 2015-10-15 22:30:17 +02:00
Stian Thorgersen
e582de2837 KEYCLOAK-1961
Same token can be used multiple times to obtain access token
2015-10-15 09:11:18 +02:00
Thomas Darimont
870702fd81 KEYCLOAK-1918 - Add description field to client definition.
Introduced description field with support for i18n for more descriptive client information.
Applications can use the description to display a "slightly" longer gist of
what the client / application is about, especially useful for tooltips.

The description is currently limited to 255 characters.
2015-10-15 07:33:38 +02:00
Bill Burke
5563118d79 KEYCLOAK-1908 2015-10-14 11:49:36 -04:00
Bill Burke
aadd63e2b0 Merge remote-tracking branch 'upstream/master' 2015-10-14 10:51:14 -04:00
Bill Burke
59d548228a KEYCLOAK-1839 2015-10-14 10:50:53 -04:00
Marek Posolda
68c3f2f65b Merge pull request #1726 from mposolda/master
KEYCLOAK-904 Offline tokens storage changes. Added UserSessionPersisterProvider . offline sessions preloaded to cache at startup
2015-10-14 14:24:54 +02:00
Stian Thorgersen
3381ed50d1 KEYCLOAK-1930 2015-10-14 12:36:25 +02:00
mposolda
f92fe6bea9 KEYCLOAK-904 Offline tokens storage changes. Added UserSessionPersisterProvider . offline sessions preloaded to cache at startup 2015-10-14 11:07:44 +02:00
Stian Thorgersen
8c72ef2980 KEYCLOAK-1877
Empty bubble in admin event types select box
2015-10-14 07:22:56 +02:00
Stian Thorgersen
8121a9391f Merge pull request #1721 from stianst/master
KEYCLOAK-1883
2015-10-14 06:49:23 +02:00
Stian Thorgersen
65b05fd4e4 Merge pull request #1722 from ssilvert/catch-missing-bundle-keys
Catch missing bundle keys
2015-10-14 06:38:40 +02:00
Stan Silvert
940c9f8bf1 KEYCLOAK-1933 Validate resource bundles for admin console 2015-10-13 18:25:14 -04:00
Stian Thorgersen
c85e0248dd KEYCLOAK-1883
Improve setting of users locale
2015-10-13 19:47:10 +02:00
Stian Thorgersen
bdba5ff8b1 KEYCLOAK-1947 Add tests without client secret 2015-10-13 09:02:09 +02:00
Stian Thorgersen
ef56dca050 KEYCLOAK-1823
Annoying behaviour of validations in user registration form
2015-10-13 08:14:39 +02:00
Stian Thorgersen
85a886da18 KEYCLOAK-1823
Annoying behaviour of validations in user registration form
2015-10-13 07:30:31 +02:00
Stian Thorgersen
10b4bd24a4 Merge pull request #1706 from girirajsharma/Patch-Keycloak-1931
[KEYCLOAK-1931] UI doesn't reflect when flow is deleted.
2015-10-12 13:48:45 +02:00
Stian Thorgersen
788501f13d Merge pull request #1704 from AOEpeople/KEYCLOAK-1910
KEYCLOAK-1910, added same fix for registrations endpoint
2015-10-12 13:36:02 +02:00
Stian Thorgersen
2faf0eccdb Refactored client registration service 2015-10-12 08:31:39 +02:00
girirajsharma
115663a32d [KEYCLOAK-1932] Unable to create flow named exactly the same as removed NON-top level flow 2015-10-11 12:42:07 +05:30
Sebastian Rose
b277afa6d9 KEYCLOAK-1910, added same fix for registrations endpoint 2015-10-10 10:40:16 +02:00
Stian Thorgersen
8829fe8658 KEYCLOAK-1739 User registration form is not able to process diacritics 2015-10-09 09:52:25 +02:00
Stian Thorgersen
9ccb0b1f65 Merge pull request #1692 from stianst/fix-json-includes-null
KEYCLOAK-1896 Search for users returns null values
2015-10-09 09:50:30 +02:00
Stian Thorgersen
7bb70f2d00 Merge pull request #1681 from mstruk/i18n
KEYCLOAK-1152 Internationalization support for admin console
2015-10-09 09:50:20 +02:00
Stan Silvert
14079b950a KEYCLOAK-1933: Validate resource bundles for admin console 2015-10-08 15:23:27 -04:00
Sebastian Rose
173c112f8e KEYCLOAK-1927 2015-10-08 20:34:08 +02:00
Stian Thorgersen
67d8ca0207 KEYCLOAK-1896 Search for users returns null values 2015-10-08 20:15:53 +02:00
Marko Strukelj
e690f4e645 KEYCLOAK-1152 Internationalization support for admin console
- Added custom mapper fields localization
2015-10-08 17:11:06 +02:00
Stian Thorgersen
366a1629e5 KEYCLOAK-1749 Client registration service and client java api 2015-10-08 11:55:42 +02:00
Stian Thorgersen
894af03323 Merge pull request #1680 from ssilvert/i18n-in-java
KEYCLOAK-1152 i18n for text hard-coded in java source
2015-10-08 06:47:10 +02:00
Stan Silvert
c9437595b7 KEYCLOAK-1152 i18n for text hard-coded in java source
(ProtocolMapperUtils)
2015-10-07 11:34:34 -04:00
Stian Thorgersen
64ecc3b153 Merge pull request #1672 from ssilvert/KEYCLOAK-1882-add-locale-mapper-on-new-realm
KEYCLOAK-1882 Also add locale mapper when new realm is created.
2015-10-06 14:58:27 +02:00
Stian Thorgersen
cc41a1fd78 Merge pull request #1656 from gerbermichi/import2
swap import and migrate order (KEYCLOAK-1884)
2015-10-06 12:05:59 +02:00
Stan Silvert
28fad68486 KEYCLOAK-1882 Also add locale mapper when new realm is created. 2015-10-02 15:01:39 -04:00
Stian Thorgersen
53b86cbace Merge pull request #1671 from stianst/master
KEYCLOAK-1882 Add locale mapper to admin console clients during migra…
2015-10-02 15:09:43 +02:00
Stian Thorgersen
a53aebcddf KEYCLOAK-1882 Add locale mapper to admin console clients during migration 2015-10-02 13:43:41 +02:00
mposolda
7816f053a6 KEYCLOAK-1856 KEYCLOAK-1860 Fix onoffswitchvalue directive 2015-10-02 11:09:54 +02:00
Bill Burke
75343986b0 keycloak-common 2015-10-01 14:27:51 -04:00
mposolda
4f6d3c8dca KEYCLOAK-1815 Reduce info logging 2015-09-30 16:35:56 +02:00
Michael Gerber
acefd3cacd swap import and migrate order 2015-09-30 13:31:22 +02:00
mposolda
6fbb8ccf71 KEYCLOAK-904 Offline tokens - model changes, admin console, export/import, docs 2015-09-30 10:51:36 +02:00
Stian Thorgersen
4bd1d899db Merge pull request #1618 from ssilvert/i18n
KEYCLOAK-1152: i18n using angular-translate
2015-09-29 14:57:24 +02:00
Stian Thorgersen
55deedd3b8 KEYCLOAK-1868 Import clients through admin console
KEYCLOAK-1869 Add root url to clients that should be used to resolve relative urls
2015-09-29 12:16:05 +02:00
girirajsharma
c22b0f4da8 [KEYCLOAK-1880] Admin API Doesn't Detect Null Client 2015-09-27 14:57:16 +05:30
Stan Silvert
302d0b58cc Get locale from token via builtin mapper. 2015-09-26 20:11:06 -04:00
mposolda
046edbbd54 KEYCLOAK-904 Consents support. Added scopeParamRequired flag to RoleModel 2015-09-23 12:52:47 +02:00
Stian Thorgersen
7ac1d1f14c KEYCLOAK-1866
Allow changing name and view details of imported realm
2015-09-23 11:08:53 +02:00
dcampagna
43541d3028 Show error when username already exists (KEYCLOAK-1857) 2015-09-23 07:43:38 +02:00
dcampagna
fde4bc99aa Allow username change at first login (KEYCLOAK-1849) 2015-09-23 07:43:38 +02:00
mposolda
7ec3f86efb KEYCLOAK-904 Offline tokens 2015-09-21 10:28:30 +02:00
mposolda
c11539cccb docs and javadoc fixes 2015-09-21 10:13:41 +02:00
Stian Thorgersen
28f4409768 Merge pull request #1623 from mstruk/asciidoc
KEYCLOAK-1241 Can't build release with Java 8
2015-09-18 13:03:02 +02:00
Bill Burke
9dc54815eb Merge pull request #1616 from dbarentine/master
Bug fixes
2015-09-17 14:01:13 -04:00
Marko Strukelj
71e2be5d3d KEYCLOAK-1241 Can't build release with Java 8
- Fix Null title in some build environments
2015-09-17 14:10:15 +02:00
Stian Thorgersen
4878073867 Merge pull request #1587 from mstruk/asciidoc
KEYCLOAK-1241 Can't build release with Java 8
2015-09-17 09:06:22 +02:00
Stian Thorgersen
2eaa03539c KEYCLOAK-1854
NPE in SystemInfoRepresentation if user.country or user.language not set
2015-09-17 07:38:37 +02:00
Marko Strukelj
3bbe82057c KEYCLOAK-1241 Can't build release with Java 8
- Improve javadoc comments for new REST API documentation generation
2015-09-15 21:22:43 +02:00
Marko Strukelj
0c49fce78f KEYCLOAK-1241 Can't build release with Java 8 2015-09-15 21:22:43 +02:00
Dane Barentine
6291e90f9c KEYCLOAK-1844 Login endpoint needs to handle POST as well for SAML clients using HTTP-POST binding 2015-09-14 14:57:38 -07:00
Stan Silvert
75bd8d4627 Load admin messages through Themes. 2015-09-08 15:22:50 -04:00
Stan Silvert
e118a06a09 Bundles now read from base theme instead of from classpath. Bundle names
no longer hard-coded.
2015-09-08 12:57:20 -04:00
Stan Silvert
4898d74c6d KEYCLOAK-1152 Initial commit for i18n support 2015-09-08 12:57:19 -04:00
mposolda
050c65a520 KEYCLOAK-1811 Pluggable client authentication config through adapter subsystem 2015-09-07 23:30:08 +02:00
mposolda
81f4c50574 KEYCLOAK-1799 Download adapter JSON config with proper adapter 2015-09-04 22:23:01 +02:00
mposolda
35e63a9398 KEYCLOAK-1801 Additional fix and cleanup 2015-09-04 15:19:43 +02:00
mposolda
6318964374 KEYCLOAK-1802 2015-09-04 12:21:45 +02:00
mposolda
bc189554aa KEYCLOAK-1795 Add just one clientAuthenticatorType per client 2015-09-04 00:09:54 +02:00
Bill Burke
a1cfc0a0ff KEYCLOAK-1792 2015-09-02 17:17:57 -04:00
Bill Burke
7d4b93e01e client session required actions 2015-09-02 16:30:16 -04:00
mposolda
5b9d1286cc KEYCLOAK-1789 KEYCLOAK-1759 Export/import fixes 2015-09-02 12:03:16 +02:00
mposolda
be8394158f KEYCLOAK-1780 documentation + Generic client authentication screen 2015-09-01 13:17:14 +02:00
Bill Burke
eec3a3d5c3 more mappers 2015-08-31 16:23:17 -04:00
Bill Burke
03006522e2 docs 2015-08-31 10:54:57 -04:00
Bill Burke
43fd24f02b Merge remote-tracking branch 'upstream/master' 2015-08-31 10:13:55 -04:00
Bill Burke
22ebb81650 refactor recover password 2015-08-31 10:13:42 -04:00
William DeCoste
ad497a66cd KEYCLOAK-1783 2015-08-29 08:57:04 -07:00
Vlastimil Elias
244d879d00 KEYCLOAK-1741 - Login form keeps "Username or email" field value after
reshown due validation error
2015-08-26 15:39:41 +02:00
Bill Burke
434197c10d Merge remote-tracking branch 'upstream/master' 2015-08-21 18:30:52 -04:00
Bill Burke
d4af694c6f refactor profile and totp update 2015-08-21 18:30:39 -04:00
Bill Burke
f245b67036 totp refactor 2015-08-21 17:53:26 -04:00
Bill Burke
945673c7da Merge pull request #1558 from patriot1burke/master
refactor update password
2015-08-21 17:27:42 -04:00
Bill Burke
165fba6b9c refactor update password 2015-08-21 15:17:01 -04:00
mposolda
b0e2624343 KEYCLOAK-1295 Fixes and javadoc 2015-08-21 19:00:31 +02:00
mposolda
d8d6348f67 KEYCLOAK-1295 Adapter support. Fixes 2015-08-21 08:26:12 +02:00
Bill Burke
d9cb1fc4a9 Merge remote-tracking branch 'upstream/master' 2015-08-20 17:43:54 -04:00
Bill Burke
1654be0a85 change reset password 2015-08-20 17:43:37 -04:00
Stian Thorgersen
5ca3a48094 KEYCLOAK-1723 Allow aud to be single field or array 2015-08-20 15:55:52 +02:00
mposolda
7028496601 KEYCLOAK-1295 pluggable client authentication. Support authenticate clients with signed JWT 2015-08-17 23:21:23 +02:00
Bill Burke
f87ba8a3a9 oops, .info messages 2015-08-16 17:28:07 -04:00
Bill Burke
51e927adf7 Merge remote-tracking branch 'upstream/master' 2015-08-16 16:41:08 -04:00
Bill Burke
bf4b681506 tests 2015-08-16 16:40:39 -04:00
Bill Burke
c7b5975ac1 reset password refactor 2015-08-16 15:20:16 -04:00
Bill Burke
c0f3d851db reset password refactor/flow 2015-08-16 12:23:15 -04:00
Bill Burke
98b6344f03 Merge pull request #1539 from patriot1burke/master
fix holes
2015-08-15 11:37:20 -04:00
Bill Burke
e4b6e4c167 Merge pull request #1523 from velias/KEYCLOAK-1731
KEYCLOAK-1731 - patched user attribute handling for update profile action
2015-08-15 11:30:22 -04:00
Bill Burke
374a2ad957 fix holes 2015-08-15 10:39:33 -04:00
Bill Burke
6d7be80930 refactor auth-spi, auth demo, and docs 2015-08-14 14:38:59 -04:00
Bill Burke
1f13f6372a register required action 2015-08-14 12:03:37 -04:00
Bill Burke
d11a83d6e2 stuff 2015-08-13 15:32:58 -04:00
Bill Burke
8a23463328 auth spi refactor and doco 2015-08-13 11:28:11 -04:00
Bill Burke
bcc2c893ef refactor requiredactions, start doco 2015-08-11 13:04:40 -04:00
Bill Burke
5469db311d document auth spi 2015-08-09 15:06:24 -04:00
Bill Burke
33e402e7be binding custom flows 2015-08-07 19:00:07 -04:00
Bill Burke
1ad7d4f1d8 Merge remote-tracking branch 'upstream/master' 2015-08-06 16:55:16 -04:00
mposolda
8232773d97 Log more details about possible error in UserInfoEndpoint 2015-08-06 17:28:35 +02:00
Bill Burke
53b752ccfe Merge remote-tracking branch 'upstream/master' 2015-08-05 20:40:02 -04:00
Bill Burke
07efba364e hotp 2015-08-05 20:39:47 -04:00
Vlastimil Elias
2e52d8ea7a KEYCLOAK-1731 - patched user attribute handling for
login-update-profile.ftl form. Relevant tests added. Tests for user
attributes handling from register.ftl also added.
2015-08-05 17:07:21 +02:00
mposolda
e27a754f5f KEYCLOAK-1595 Don't send 401 from AuthorizeClientUtil if public client sent client_id parameter together with Authorization: Negotiate 2015-08-04 15:22:03 +02:00
Bill Burke
930fc66ebf flow editing 2015-08-03 18:58:14 -04:00
Bill Burke
04d3d26cb1 refactor execution model 2015-08-03 09:52:56 -04:00
Bill Burke
de940ccff9 auth flow editing 2015-08-02 19:03:33 -04:00
Stian Thorgersen
8d90ad816a KEYCLOAK-1710 UserInfoEndpoint throws NPE if user session is not found 2015-07-27 15:43:52 +02:00
Stian Thorgersen
6a2b369014 KEYCLOAK-1707 Can't export SAML keys 2015-07-27 13:00:22 +02:00
Stian Thorgersen
a8775f757f KEYCLOAK-1694 Null Client Exception on OAuth Grant Page 2015-07-27 09:59:50 +02:00
Bill Burke
f76b90fab9 timeout message 2015-07-25 12:43:46 -04:00
Bill Burke
ccd8beae92 Merge remote-tracking branch 'upstream/master' 2015-07-25 12:16:05 -04:00
Bill Burke
33f01009d2 login timeouts, verify email 2015-07-25 12:13:41 -04:00
Stian Thorgersen
86de481ba1 Merge pull request #1499 from stianst/master
KEYCLOAK-1542
2015-07-24 17:30:29 +02:00
Stian Thorgersen
5d075a97dd Fixes to server-info 2015-07-24 16:45:58 +02:00
Stian Thorgersen
d1964c20ab Refactored server-info and updated admin console 2015-07-24 14:47:37 +02:00
mposolda
d068cddbaf Fix MSAD and OpenLDAP 2015-07-23 18:03:12 +02:00
Vlastimil Elias
ee57c79784 KEYCLOAK-1542 - rewrote showing info from providers to be generic 2015-07-23 16:40:57 +02:00
Vlastimil Elias
7e41b8df27 KEYCLOAK-1542 - code formatting cleanup 2015-07-23 16:40:56 +02:00
Vlastimil Elias
79c1d7bafa KEYCLOAK-1542 - code cleanup ahead of PR 2015-07-23 16:40:55 +02:00
Vlastimil Elias
652b2fee86 KEYCLOAK-1542 - Server Info page extended by info about DB and MongoDB.
Functional test for /serverinfo REST endpoint added.
2015-07-23 16:40:54 +02:00
Vlastimil Elias
dfb871c26a KEYCLOAK-1542 - added system and memory info into "System Info" page 2015-07-23 16:40:53 +02:00
mposolda
c99785f266 KEYCLOAK-401 Service account refactoring and fixes 2015-07-23 11:29:52 +02:00
Bill Burke
7dc05a45ac conflict 2015-07-22 14:20:52 -04:00
Bill Burke
48a76c2d0d test brute force 2015-07-22 12:30:52 -04:00
Bill Burke
d9b0415047 brute force fixes, code cleanup, tests 2015-07-22 09:40:11 -04:00
mposolda
d8c1081578 KEYCLOAK-401 KEYCLOAK-941 Service accounts initial impl. Client credentials grant support 2015-07-22 10:55:50 +02:00
Bill Burke
576db8e0e1 Merge remote-tracking branch 'upstream/master' 2015-07-21 20:56:22 -04:00
Bill Burke
fe9dc4a28d non-browser flow 2015-07-21 20:56:05 -04:00
Stian Thorgersen
2dd2173553 Merge pull request #1473 from mstruk/KEYCLOAK-1560
KEYCLOAK-1560 IDENTITY_PROVIDER_LOGIN event is send twice
2015-07-21 10:28:32 +02:00
Marko Strukelj
fcd5400cda KEYCLOAK-1560 IDENTITY_PROVIDER_LOGIN event is send twice 2015-07-21 09:49:37 +02:00
Bill Burke
548c0db0ae Merge remote-tracking branch 'upstream/master' 2015-07-20 12:21:57 -04:00
Bill Burke
3ecd1307b0 clean up client sessions 2015-07-20 12:21:48 -04:00
Stian Thorgersen
f884aed25e KEYCLOAK-1576 2015-07-20 13:35:56 +02:00
Stian Thorgersen
66a2b916f2 Fix CRLF with LF 2015-07-20 07:48:02 +02:00
Bill Burke
2e848da1a8 resolve conflicts 2015-07-17 09:45:53 -04:00
Stian Thorgersen
1642ac2394 KEYCLOAK-1385 Introduce end-of-line normalization 2015-07-17 13:46:51 +02:00
Stian Thorgersen
0bec2bcd1e KEYCLOAK-1504 2015-07-17 10:21:15 +02:00
Bill Burke
e51d2137cf migrate RequiredCredentials 2015-07-16 22:03:12 -04:00
Bill Burke
e825be1c79 nonce in tokens 2015-07-16 10:17:44 -04:00
Bill Burke
57cfbb3770 SAML IDP Initiated login 2015-07-15 20:08:55 -04:00
Gregor Tudan
c8c0d0e804 KEYCLOAK-1564: Add CORS-Headers to token requests by password credentials 2015-07-14 08:22:08 +02:00
Bill Burke
8dcc909b6e Merge remote-tracking branch 'upstream/master' 2015-07-12 10:12:31 -04:00
Bill Burke
fafaf2c490 test impersonate 2015-07-12 10:12:19 -04:00
mposolda
dc366c53a7 KEYCLOAK-1175 Import at startup can fail if master realm not present 2015-07-11 18:56:52 +02:00
mposolda
fe1ede26be KEYCLOAK-1558 Can't import the file exported in 1.2.0.Beta1 through admin console 2015-07-11 18:56:52 +02:00
Bill Burke
1017a0af1d Merge remote-tracking branch 'upstream/master' 2015-07-11 11:09:48 -04:00
Bill Burke
ff25484a34 viewUser fixes 2015-07-11 11:01:26 -04:00
Bill Burke
919a3f1b91 fixes 2015-07-11 10:30:23 -04:00
Bill Burke
608701aea7 impersonation redo in admin console 2015-07-11 10:10:05 -04:00
mposolda
142d44a01f KEYCLOAK-1233 Admin console support for add/remove federated identity 2015-07-11 14:08:49 +02:00
Bill Burke
6e55604dc3 impersonation 2015-07-10 20:38:43 -04:00
Bill Burke
4a962aa75a Merge remote-tracking branch 'upstream/master' 2015-07-08 19:18:23 -04:00
Bill Burke
e786158071 role selector 2015-07-08 19:18:11 -04:00
mposolda
bde65a6c57 KEYCLOAK-1533 Handle importing LDAP user with duplicate email during authentication 2015-07-08 20:41:32 +02:00
mposolda
94c0a436b5 KEYCLOAK-1534 handle account management update email or username to the already existing value 2015-07-08 15:27:05 +02:00
Bill Burke
d49c7d47a2 Merge remote-tracking branch 'upstream/master' 2015-07-06 17:44:52 -04:00
Bill Burke
8f18e9bbbc auth config ui 2015-07-06 17:44:39 -04:00
mposolda
71ea61e7a6 KEYCLOAK-1532 LDAP sync fixes and other bugfixing 2015-07-04 22:25:47 +02:00
Bill Burke
917151123f display flows 2015-07-02 11:25:51 -04:00
Bill Burke
212f5b4082 Merge pull request #1410 from dbarentine/master
Spec compliance, bug fixes
2015-07-01 15:27:47 -04:00
Bill Burke
39f2a4ab71 repatcha 2015-07-01 15:10:04 -04:00
Bill Burke
39aa09ca36 form action refactor 2015-07-01 14:07:02 -04:00
Bill Burke
a1c612f833 remove old code 2015-06-30 12:47:34 -04:00
Bill Burke
bc39bb32d4 Merge remote-tracking branch 'upstream/master' 2015-06-30 12:46:29 -04:00
Bill Burke
884308ecb5 reg flow 2015-06-30 12:46:10 -04:00
Bill Burke
afa65d9ead registration flow 2015-06-29 22:12:06 -04:00
mposolda
605c88a029 KEYCLOAK-1487 Multivalued support for UserAttribute protocol mapper. End-to-end LDAP example test including application 2015-06-29 21:45:47 +02:00
mposolda
09994d1730 KEYCLOAK-1487 Support for multiple values of one UserModel attribute. LDAP multivalued attribute support 2015-06-29 14:56:40 +02:00
Bill Burke
064d677fdc form auth 2015-06-24 21:07:38 -04:00
Dane Barentine
8da532da93 [KEYCLOAK-1492] Fix mapClaim when nested attribute already exists 2015-06-22 11:00:40 -07:00
Bill Burke
000159226d refactor 2015-06-21 12:09:22 -04:00
Bill Burke
4ebdb8d24b refactor 2015-06-21 11:52:30 -04:00
Bill Burke
adff0d5da0 make authenticator config optional 2015-06-19 21:16:45 -04:00
Bill Burke
a26ade3988 refactor registration and console pages 2015-06-19 17:51:59 -04:00
Bill Burke
d7b818cba2 cleanup client sessions 2015-06-19 14:43:40 -04:00
Bill Burke
84faac0cd6 handle page refresh better 2015-06-18 20:01:12 -04:00
Bill Burke
1bce639d35 refactor flow first phase 2015-06-18 16:48:28 -04:00
Bill Burke
70fd7bea99 cleanup authenticators 2015-06-17 17:15:01 -04:00
Bill Burke
f5b4a0788e timeout message 2015-06-17 10:16:21 -04:00
Bill Burke
5615d8d870 required actions edit 2015-06-17 09:42:58 -04:00
Bill Burke
dddc5181e7 required actions storage/display 2015-06-16 22:48:39 -04:00
Bill Burke
3b78fa2d5d required actions model 2015-06-16 18:17:38 -04:00
Bill Burke
8f5b53e3ce clientsession timeout checks 2015-06-16 09:29:36 -04:00
Bill Burke
cd84e78b27 access code checks 2015-06-16 07:59:53 -04:00
Bill Burke
9638c0dd83 verify clientsession actions 2015-06-15 18:04:55 -04:00
Bill Burke
43bad9a608 merge 2015-06-15 09:02:15 -04:00
Bill Burke
c51cc4703b kerberos fixes 2015-06-14 20:58:02 -04:00
Stian Thorgersen
c89a412661 KEYCLOAK-1321
Error page is displayed if user rejects sign in with social provider
2015-06-12 13:32:30 +02:00
Stian Thorgersen
2d82d15e5b Merge pull request #1361 from ssilvert/KEYCLOAK-1083-unlock-user-account
KEYCLOAK-1083: Provide a way for admin to unlock user account
2015-06-12 07:44:07 +01:00
Bill Burke
392fa21f1e finish reg 2015-06-11 21:15:53 -04:00
Bill Burke
fa99b5415d flow alias lookup 2015-06-11 18:02:49 -04:00
Stan Silvert
d6e64a2c5e KEYCLOAK-1083: Provide a way for admin to unlock user account 2015-06-11 15:32:03 -04:00
Bill Burke
3f62cd9271 terms and conditions 2015-06-11 14:39:08 -04:00
Matthias Wessendorf
d3e178d459 Applying suggested import change from mstruk 💄 2015-06-11 08:52:53 +02:00
Bill Burke
3dd282e11b pluggable required actions backend 2015-06-10 11:38:01 -04:00
Bill Burke
95349e6e2e clientsession.action to String 2015-06-10 09:21:23 -04:00
mposolda
557edbec6d KEYCLOAK-1416 federation provider/mapper model fixes 2015-06-09 23:15:43 +02:00
mposolda
d3e9b29d78 KEYCLOAK-1088 Audit of user grants during login 2015-06-09 20:37:12 +02:00
mposolda
9a5ca4d367 Minor improve in error messages and tests 2015-06-09 17:43:20 +02:00
Stian Thorgersen
c61c05be51 Merge pull request #1335 from ssilvert/keycloak-config
KEYCLOAK-1404: Need recovery mechanism for master admin user
2015-06-09 07:02:47 +01:00
Stan Silvert
e977a363ef Require user to specify a temporary admin password to do admin recovery. 2015-06-08 13:04:52 -04:00
Bill Burke
dcc40b0a63 error handling 2015-06-05 15:51:43 -04:00
Bill Burke
dc0d9a8dce merge 2015-06-05 14:44:37 -04:00
Bill Burke
021b01f0bd passing tests 2015-06-05 13:49:24 -04:00
Stan Silvert
6812514683 KEYCLOAK-1404: Need recovery mechanism for master admin user 2015-06-04 15:29:44 -04:00
Bill Burke
9ab023cc6c more 2015-06-04 10:18:24 -04:00
Stian Thorgersen
f50570e350 KEYCLOAK-1325
Public/private SPI
2015-06-04 15:59:47 +02:00
Marek Posolda
826c60ae36 Merge pull request #1324 from velias/KEYCLOAK-1371
KEYCLOAK-1371 - Perform "Update Profile on First Login" only if some of mandatory user profile fields is missing from identity provider
2015-06-04 15:19:59 +02:00
Bill Burke
b54061fc3f more 2015-06-03 18:51:57 -04:00
Bill Burke
c12fe28b2d phased auth spi introduction 2015-06-03 10:55:03 -04:00
Stian Thorgersen
1dd0b563b6 KEYCLOAK-1386 Direct Grant API always on 2015-06-03 16:24:15 +02:00
Vlastimil Elias
dcc19a39d7 KEYCLOAK-1371 - Perform "Update Profile on First Login" only if some of
mandatory user profile fields is missing from identity provider
2015-06-03 15:24:25 +02:00
Stian Thorgersen
3d3871b0e6 Merge pull request #1291 from AOEpeople/KEYCLOAK-1305
KEYCLOAK-1305 Add possibility to change username
2015-06-03 10:51:34 +01:00
Stian Thorgersen
060a59f982 Merge pull request #1317 from velias/KEYCLOAK-1372
KEYCLOAK-1372 - do not perform email verification if email is provided by trusted Identity provider
2015-06-03 10:29:52 +01:00
Sebastian Rose
17affe576f KEYCLOAK-1350 client_session_state should be updated when refreshing a token 2015-06-02 15:01:47 +02:00
Vlastimil Elias
b86d091ad1 KEYCLOAK-1372 - do not perform email verification if email is provided
by trusted Identity provider
2015-06-02 14:59:29 +02:00
Niko Köbler
492e6cd856 KEYCLOAK-1305 Add possibility to change username 2015-06-02 14:08:19 +02:00
Stian Thorgersen
6baefa7490 Merge pull request #1307 from velias/KEYCLOAK-1361
KEYCLOAK-1361 - ability to add custom fields (user.attributes) on login-update-profile.ftl page
2015-06-02 08:40:54 +01:00
Stian Thorgersen
319b29aa7d Merge pull request #1300 from girirajsharma/master
[KEYCLOAK-1200] From and To filter fields in Event viewer in admin app
2015-06-02 08:32:02 +01:00
mposolda
f57ab78916 KEYCLOAK-886 LDAP: Fixes and improvements 2015-06-01 17:38:34 +02:00
Vlastimil Elias
ea98b26766 KEYCLOAK-1361 - ability to add custom fields (user.attributes) on
login-update-profile.ftl page
2015-06-01 15:44:36 +02:00
Stian Thorgersen
5f787028df KEYCLOAK-1327 Updated for users 2015-05-29 15:29:04 +01:00
girirajsharma
5bb71d396a [KEYCLOAK-1200] From and To filter fields in Event viewer in admin app 2015-05-29 19:13:56 +05:30
Stian Thorgersen
5a3a0ae437 KEYCLOAK-1325 Log warning if internal SPI is used 2015-05-29 13:58:40 +01:00
Stian Thorgersen
a953b52eac KEYCLOAK-1327 Updated for client stats 2015-05-29 13:15:35 +01:00
Stian Thorgersen
6f164f0ee9 KEYCLOAK-1327 Updated for clients 2015-05-29 13:15:34 +01:00
mposolda
bcd607a1ee KEYCLOAK-1360 ModelExceptionMapper logges the exception 2015-05-28 19:54:15 +02:00
Stian Thorgersen
f65b502a96 Merge pull request #1283 from girirajsharma/master
[KEYCLOAK-1200]- From and To filter fields in Event viewer in admin app
2015-05-28 15:03:22 +02:00
girirajsharma
efe8342965 [KEYCLOAK-1200]- From and To filter fields in Event viewer in admin app 2015-05-28 18:05:31 +05:30
mposolda
98dd87efbc Added ProviderConfigProperty.CLIENT_LIST and refactor role federation mapper to use it 2015-05-28 12:28:26 +02:00
mposolda
ce6576ce84 KEYCLOAK-1355 Make admin requests to have RealmModel and ClientModel available in KeycloakContext 2015-05-28 12:28:26 +02:00
behana
e8e22ee44c KEYCLOAK-1352 Add send-verify-email to admin-rest-api 2015-05-28 00:05:39 +02:00
Bill Burke
a2718a889d unfinished working auth spi 2015-05-27 14:28:47 -04:00
Bill Burke
143d176dcd Merge remote-tracking branch 'upstream/master' 2015-05-27 10:39:59 -04:00
Bill Burke
a1f7cfaf3a auth spi initialization 2015-05-27 10:39:46 -04:00
mposolda
dfe232cf80 KEYCLOAK-886 User Federation Mappers - admin console 2015-05-26 17:48:52 +02:00
Stian Thorgersen
ab934f3d35 Merge pull request #1273 from girirajsharma/master
[KEYCLOAK-1334] Forgot password page does not return validation error
2015-05-26 08:56:04 +02:00
Bill Burke
f5e301fe0d merge 2015-05-22 16:15:55 -04:00
Bill Burke
68976f5b0c auth spi datamodel 2015-05-22 16:03:26 -04:00
girirajsharma
8e7e208265 [KEYCLOAK-1334] Forgot password page does not return validation error
message when input field is empty
2015-05-23 01:18:23 +05:30
mposolda
61c35265a6 KEYCLOAK-826 Show count of created/updated users during federation sync 2015-05-22 21:06:38 +02:00
Stian Thorgersen
12c3aa83dd Updated admin events 2015-05-19 11:40:17 +02:00
Stian Thorgersen
c193ba0c81 Merge pull request #1261 from panga/master
KEYCLOAK-1306 - Better Admin API error handling (new)
2015-05-19 08:56:19 +02:00
Bill Burke
3851a2fe72 merge 2015-05-18 16:41:51 -04:00
Bill Burke
338300df32 1st phase auth/required action spi 2015-05-18 16:32:38 -04:00
Stian Thorgersen
0c7f63b2f3 Merge branch 'master' of https://github.com/girirajsharma/keycloak into girirajsharma-master
Conflicts:
	services/src/main/java/org/keycloak/services/resources/admin/RealmAdminResource.java
2015-05-18 06:56:12 +02:00
Leonardo Loch Zanivan
abcd830af1 Fix response code 2015-05-13 15:39:51 -03:00
Leonardo Loch Zanivan
f807c999b6 Initial messages SPI implementation for Admin REST Services. 2015-05-13 11:13:49 -03:00
girirajsharma
ccd5deb85f [KEYCLOAK 392] Audit admin events 2015-05-13 16:47:30 +05:30
Stian Thorgersen
698660c92a Added isPrivate to Spi 2015-05-12 08:25:24 +02:00
Stian Thorgersen
d00e0021b6 Merge branch 'master' of https://github.com/girirajsharma/keycloak into girirajsharma-master
Conflicts:
	connections/jpa-liquibase/src/main/resources/META-INF/jpa-changelog-master.xml
	services/src/main/java/org/keycloak/services/resources/admin/IdentityProvidersResource.java
2015-05-11 13:36:30 +02:00
Stian Thorgersen
ccbd4bace1 KEYCLOAK-1289 Support environment variables in keycloak.json 2015-05-11 10:17:25 +02:00
Bill Burke
e4204a56f5 username mapper 2015-05-08 20:41:31 -04:00
mposolda
91eb80beb0 Minor improvements 2015-05-07 20:07:30 +02:00
Bill Burke
69347aa7f6 Merge pull request #1220 from panga/master
KEYCLOAK-1269 and KEYCLOAK-1270
2015-05-05 14:31:48 -04:00
Bill Burke
082ebe8043 no backchannel if state 2015-05-05 13:58:07 -04:00
Leonardo Zanivan
a13a02c995 KEYCLOAK-1270 fix 2015-05-05 11:17:27 -03:00
mposolda
e03140a9f2 Fix redirect after unlink federated identity and logout from account management 2015-05-04 14:42:25 +02:00
girirajsharma
70f53c6c06 [KEYCLOAK-392] - Admin audit events 2015-05-03 01:46:52 +05:30
Bill Burke
311fca5a72 exception handling fix 2015-05-01 10:31:03 -04:00
Bill Burke
9372d23ad9 bump default keysize to 2048 2015-05-01 10:11:49 -04:00
Stian Thorgersen
3768c1f1ad KEYCLOAK-1243
Federated Identities table is empty for user synced from classpath properties provider
2015-04-30 14:31:20 +02:00
Bill Burke
35c33f132e demo fix and error message fix 2015-04-29 21:16:59 -04:00
Bill Burke
666827b7cb remove resteasy ClientRequest 2015-04-29 20:46:14 -04:00
Stian Thorgersen
ee358ccbc4 Removed PatternFly themes 2015-04-29 19:47:56 +02:00
Stian Thorgersen
0b821a71e3 KEYCLOAK-887 Updated admin console theme 2015-04-29 19:34:08 +02:00
mposolda
063cefa18c When revoke consent from admin console, logout clientSessions similarly like done in Account mgmt 2015-04-29 15:35:33 +02:00
Bill Burke
be656b2dba Merge remote-tracking branch 'upstream/master' 2015-04-28 18:52:42 -04:00
Bill Burke
bfcf595346 backchannel broker logout 2015-04-28 18:52:30 -04:00
mposolda
5e0f560fdc KEYCLOAK-1070 Migration for adding names to builtin clients 2015-04-28 09:35:57 +02:00
mposolda
1d4bf4ddaa UserSessionNote mapper have combobox for claim type in admin console 2015-04-28 07:56:45 +02:00
mposolda
316053018b KEYCLOAK-1070 Support for view and revoke consents in admin console 2015-04-28 07:56:45 +02:00
Bill Burke
4166393396 model migration 2015-04-27 16:12:43 -04:00
Bill Burke
44787d83d2 more broker mappers 2015-04-26 10:31:53 -04:00
Bill Burke
9151d2aebd Merge remote-tracking branch 'upstream/master' 2015-04-24 18:37:18 -04:00
Bill Burke
5e1ac684a5 broker logout fixes 2015-04-24 16:32:32 -04:00
mposolda
a338626d2b KEYCLOAK-1216 Click on 'Logout all sessions' in Account mgmt should propagate logout to the apps 2015-04-24 18:42:18 +02:00
Bill Burke
104a9f9842 Merge remote-tracking branch 'upstream/master' 2015-04-23 16:31:09 -04:00
Bill Burke
d49e0eda9e broker token role 2015-04-23 15:26:07 -04:00
mposolda
14b3d085a0 KEYCLOAK-1070 Rename 'Access' to 'Applications' 2015-04-23 18:21:21 +02:00
mposolda
c942a8ac4f KEYCLOAK-1070 ClientModel.setName/getName 2015-04-23 18:21:21 +02:00
mposolda
535023d800 KEYCLOAK-1070 add setProtocolMappers/getProtocolMappers to ClientSession 2015-04-23 18:20:34 +02:00
Bill Burke
a7d245b1fb finish 2015-04-23 11:40:29 -04:00
Bill Burke
1f4df58e6c broker token exchange refactor 2015-04-23 11:26:44 -04:00
mposolda
34e033e351 KEYCLOAK-1070 JSON representation and export/import for userConsent 2015-04-22 11:29:43 +02:00
mposolda
11035dbe1b KEYCLOAK-1070 Rename GrantedConsentModel to UserConsentModel. Mongo support for consents. Mongo fixes 2015-04-22 11:29:36 +02:00
Stian Thorgersen
b5f3efe272 KEYCLOAK-1218 Better security for ServerInfoAdminResource 2015-04-22 08:59:00 +02:00
Bill Burke
af736a29f1 Merge pull request #1144 from TFaga/master
[KEYCLOAK-1211] Fixed AD users authenticating without providing a password
2015-04-20 12:31:58 -04:00
Bill Burke
8eb2f35423 Merge remote-tracking branch 'upstream/master' 2015-04-17 16:41:16 -04:00
Bill Burke
a7c563b0eb oidc broker role mapper 2015-04-17 16:41:04 -04:00
mposolda
78830836b8 KEYCLOAK-1070 Persistent grants - step 1 2015-04-17 14:03:23 +02:00
girirajsharma
f959332117 [KEYCLOAK-402] - Force password changes at regular intervals 2015-04-16 23:41:45 +05:30
Stian Thorgersen
115e533a71 KEYCLOAK-1061 Add back to application link to error page
KEYCLOAK-1148 space in redirect uri gives error
2015-04-16 14:17:32 +02:00
Stian Thorgersen
5addabe893 KEYCLOAK-1212 CORS requests blocked on OPTIONS request 2015-04-16 11:27:30 +02:00
Stian Thorgersen
0027d22964 KEYCLOAK-1213 Installation file for bearer-only doesn't include auth-server-url 2015-04-16 09:19:55 +02:00
Bill Burke
edb9f0cecf merge conflicts 2015-04-15 11:18:47 -04:00
Bill Burke
0addc4cf58 broker mapper mgmt 2015-04-15 11:10:53 -04:00
Tilen Faganel
770d2d8a4c [KEYCLOAK-1211] Fixed Active Directory users authenticating without providing a password 2015-04-15 16:59:55 +02:00
Stian Thorgersen
f3e5541b7d KEYCLOAK-1109 Added KeycloakContext
KEYCLOAK-1042 Access to Cookies within Events
KEYCLOAK-1209 Enable jboss-logging event listener by default and allow configuring log level
2015-04-15 13:34:54 +02:00
girirajsharma
e3bb61248a [KEYCLOAK-405] - Feature that doesn't allow old password to be reused 2015-04-15 02:08:05 +05:30
Bill Burke
f61fb4ba18 fix conflicts 2015-04-13 09:59:59 -04:00
Bill Burke
d2a5403527 refactor for broker mappers 2015-04-13 09:45:23 -04:00
Stian Thorgersen
4fbbf39c51 KEYCLOAK-1187 Admin console and endpoints 2015-04-13 13:29:31 +02:00
Stian Thorgersen
9a047eda36 KEYCLOAK-1187 Updated representations 2015-04-13 10:13:32 +02:00
Stian Thorgersen
a18715a774 Deprecate OAuthClientRepresentation and ApplicationRepresentation and added ClientRepresentation 2015-04-10 13:33:29 +02:00
Stian Thorgersen
6fbc0975c0 KEYCLOAK-1187 First round: Combined ApplicationModel and OAuthClientModel into ClientModel. Removed OAuth Clients from Admin console and renamed Applications to Clients. 2015-04-09 12:27:30 +02:00
girirajsharma
ca13e3c4ba [KEYCLOAK-400]Provide a configuration for regex in the password policies 2015-04-02 23:37:25 +05:30
Bill Burke
10ced1e908 Merge remote-tracking branch 'upstream/master' 2015-04-01 10:33:25 -04:00
Bill Burke
1d56805faf unique username for brokered user 2015-04-01 10:32:47 -04:00
Stian Thorgersen
41828cd865 Prompt query param not added correctly after OIDC refactoring 2015-04-01 13:33:28 +02:00
mposolda
a5567ead7a KEYCLOAK-1169 Skip DB write at each broker login if 3rd party token is not required 2015-04-01 11:00:02 +02:00
Stian Thorgersen
a2c4a1f760 Merge branch 'KEYCLOAK-1113' of https://github.com/velias/keycloak into velias-KEYCLOAK-1113
Conflicts:
	services/src/main/java/org/keycloak/services/resources/LoginActionsService.java
2015-04-01 09:45:13 +02:00
Stian Thorgersen
f9d814598e KEYCLOAK-946 Only show endpoints relevant for admin rest api 2015-04-01 07:31:17 +02:00
Bill Burke
03bfca5e41 expire cookie on backchannel 2015-03-31 19:33:43 -04:00
Stian Thorgersen
fcc2e0a9f0 Removed admin audit events - need to rethink how to implement it 2015-03-31 14:37:54 +02:00
Stian Thorgersen
96dad77c66 KEYCLOAK-392 Admin events 2015-03-30 14:38:32 +02:00
girirajsharma
962b623b4a [KEYCLOAK-392] - Admin audit events 2015-03-30 14:06:01 +02:00
Vlastimil Elias
01094663bf KEYCLOAK-1113 - profile update now uses correct form validation also 2015-03-30 12:53:05 +02:00
Michael Gerber
7b820a4eed i18n for default claims
role description i18n

tests

typo

fix unit test
2015-03-29 11:34:53 +02:00
Bill Burke
878ce0761d broker fixes 2015-03-27 12:13:48 -04:00
Vlastimil Elias
8727aef647 KEYCLOAK-1113 - LoginFormProvider extended to allow per field errors,
freemarker implementation extended (backward compatible), used for
registration form
2015-03-27 15:41:42 +01:00
Stian Thorgersen
b727087f04 KEYCLOAK-1150
'iss' should be URL not just realm name
2015-03-26 13:50:36 +01:00
Bill Burke
d36ee0d0af Merge pull request #1088 from patriot1burke/master
oidc and saml broker backchannel logout
2015-03-26 08:43:21 -04:00
mposolda
477d8b35e3 KEYCLOAK-1116 KEYCLOAK-1117 JSON migration and removal of ClientModel.claimsMask 2015-03-26 11:49:22 +01:00
mposolda
2599e77491 Fix oracle 2015-03-26 08:10:26 +01:00
Bill Burke
f64d84b03a Merge remote-tracking branch 'upstream/master' 2015-03-25 19:02:23 -04:00
Bill Burke
e0c70e1c47 oidc broker backchannel logout 2015-03-25 19:02:07 -04:00
Bill Burke
13268c52c6 saml backchannel logout 2015-03-25 16:51:25 -04:00
Stian Thorgersen
14683882e8 KEYCLOAK-1138 Appliance distribution from master failes with ClassNotFoundException 2015-03-25 10:11:56 +01:00
Bill Burke
c3859fa34f oidc logout and console fixes 2015-03-23 21:30:56 -04:00
Bill Burke
410953fc5f broker oidc logout 2015-03-23 13:21:17 -04:00
Bill Burke
f546358d66 oidc logout profile 2015-03-22 12:45:36 -04:00
Bill Burke
97d5f4aafc broker refactor 2015-03-20 18:56:25 -04:00
Bill Burke
90c815055d broker logout 2015-03-20 12:13:33 -04:00
Stian Thorgersen
71c7d8e48b Merge pull request #1062 from velias/KEYCLOAK-1053
KEYCLOAK-1053 patch of email validation during social login without email
2015-03-20 05:37:16 +01:00
Michael Gerber
d8193f0f25 ui_locales as specified in:
http://openid.net/specs/openid-connect-core-1_0.html#rfc.section.3.1.2

replace ' through '' and introduce msg method for i18n in *.ftl files

replace ' through '' and introduce msg method for i18n in *.ftl files

css dorpdown

get current url with locale as query parameter

Introduce LocaleBean

add css dropdown to account page

css styling...

css styling...
2015-03-19 21:28:55 +01:00
mposolda
a65bac7751 Mongo migration: admin roles, timeout, protocol mappers 2015-03-19 19:58:19 +01:00
mposolda
82e290e06c Minor model fix 2015-03-19 19:58:19 +01:00
Vlastimil Elias
c0cf537654 KEYCLOAK-1053 - social login do not fail when email validation is
enabled for realm but email is not provided by social login provider
(eg. Twitter)
2015-03-19 17:19:55 +01:00
Bill Burke
b26277a17c broker fixes 2015-03-18 21:58:04 -04:00
mposolda
24f18609dd Update federated links when identity provider alias is changed 2015-03-18 09:43:53 +01:00
mposolda
aeb27ff047 KEYCLOAK-1108 Remove option for enable/disable login per application 2015-03-18 09:43:53 +01:00
Bill Burke
ce2c4188fb saml broker import/export, and module fixes 2015-03-17 19:20:46 -04:00
Stian Thorgersen
13b22d6644 KEYCLOAK-1107 saml and oidc broker options don't sho 2015-03-17 12:10:53 +01:00
Stian Thorgersen
2d785b5d5e KEYCLOAK-1050 Added support for selecting multiple values 2015-03-17 07:52:55 +01:00
Bill Burke
4a8f34f27f Merge pull request #1052 from patriot1burke/master
set saml issuer
2015-03-16 16:18:36 -04:00
Bill Burke
de2aa8e676 javadoc fixes 2015-03-16 15:37:49 -04:00
mposolda
4da566ae4d KEYCLOAK-1094 Rename k_idp_hint to kc_idp_hint 2015-03-16 20:00:20 +01:00
Bill Burke
321041fccf Merge pull request #1050 from patriot1burke/master
saml broker SPSSO descriptor
2015-03-16 13:31:47 -04:00
Bill Burke
224066f0fd saml broker defaults and export page 2015-03-16 12:34:20 -04:00
mposolda
5fe0c38498 KEYCLOAK-1092 Fix test for crud of federated identity links 2015-03-16 16:49:01 +01:00
Bill Burke
ec1ba40f4a Merge remote-tracking branch 'upstream/master' 2015-03-16 09:22:55 -04:00
Stian Thorgersen
e2b02d414f Change adapters to use auth and token endpoints 2015-03-16 09:23:12 +01:00
Michael Gerber
144ee2c56d add localization support to realm
(cherry picked from commit b00764b)

add localization support to realm
(cherry picked from commit b00764b)

add localization support to realm
(cherry picked from commit b00764b)

admin gui for localization support
(cherry picked from commit c157cc3)

added locale support to ClassLoaderTheme and FolderTheme
(cherry picked from commit 764960a)

rename localizatin to internationalization
(cherry picked from commit 74a0658)

fallback if no message can be found
(cherry picked from commit 2d54e6f)

fallback if no message can be found
(cherry picked from commit 2d54e6f)

add HttpHeaders
(cherry picked from commit be921c8)

add HttpHeaders
(cherry picked from commit be921c8)

NPE fix
(cherry picked from commit 148158b)

improve locale helper
(cherry picked from commit 57a805a)

write cookie
fix npe
(cherry picked from commit 33398b3)

dropdown to choose language
(cherry picked from commit 9e2eb60)

added dropdown to choose locale to the account page.
fixed the path of the cookie.
(cherry picked from commit 871469a)

remove debug info
(cherry picked from commit c3ea6b1)

added dropdown to change locale for user.
(cherry picked from commit 1575bea)

add i18n for emails
(cherry picked from commit b6280e9)

i18n for emails
(cherry picked from commit 6118c51)

set default locale to english
(cherry picked from commit 386447b)

change locale type form String to Locale
(cherry picked from commit 8dcc595)

change file encoding
(cherry picked from commit 2cce96d)

added parameters to setSuccess, setWarning, setError
(cherry picked from commit 64ea438)

i18n for error messages
(cherry picked from commit e75d5ef)

i18n for error message in login
(cherry picked from commit 8b60c96)

add i18n for messages in account pages
(cherry picked from commit 9849d94)

fix unit test
(cherry picked from commit a70a1c7)

fix unit test
(cherry picked from commit 008744b)

locale localization :)
(cherry picked from commit f3a2144)

locale localization :)
(cherry picked from commit 21f6384)

messages refactoring
(cherry picked from commit 08f1ae7)

messages refactoring
(cherry picked from commit 3b4b53a)

messages refactoring
(cherry picked from commit 69146d4)

messages refactoring
(cherry picked from commit cd3db1d)

messages refactoring
(cherry picked from commit 715583f)

fix unit tests after message refactoring
(cherry picked from commit a82c9ff)

fix unit tests after message refactoring
(cherry picked from commit 5662d83)

fix unit tests after message refactoring
(cherry picked from commit 1188de6)

fix unit tests after message refactoring
(cherry picked from commit 90ded07)

German translations
(cherry picked from commit 9822b99)

removed newliines
(cherry picked from commit 34ca1d8)

removed java 8 dependency
(cherry picked from commit 3a23f4f)

typo
(cherry picked from commit a818122)

typo
(cherry picked from commit a818122)

forgotten properties

unit test fixes

unit test fixes

fixes after rebase

add localization support to realm
(cherry picked from commit b00764b)

add localization support to realm
(cherry picked from commit b00764b)

add localization support to realm
(cherry picked from commit b00764b)

admin gui for localization support
(cherry picked from commit c157cc3)

added locale support to ClassLoaderTheme and FolderTheme
(cherry picked from commit 764960a)

rename localizatin to internationalization
(cherry picked from commit 74a0658)

fallback if no message can be found
(cherry picked from commit 2d54e6f)

fallback if no message can be found
(cherry picked from commit 2d54e6f)

add HttpHeaders
(cherry picked from commit be921c8)

add HttpHeaders
(cherry picked from commit be921c8)

NPE fix
(cherry picked from commit 148158b)

improve locale helper
(cherry picked from commit 57a805a)

write cookie
fix npe
(cherry picked from commit 33398b3)

dropdown to choose language
(cherry picked from commit 9e2eb60)

added dropdown to choose locale to the account page.
fixed the path of the cookie.
(cherry picked from commit 871469a)

remove debug info
(cherry picked from commit c3ea6b1)

added dropdown to change locale for user.
(cherry picked from commit 1575bea)

add i18n for emails
(cherry picked from commit b6280e9)

i18n for emails
(cherry picked from commit 6118c51)

set default locale to english
(cherry picked from commit 386447b)

change locale type form String to Locale
(cherry picked from commit 8dcc595)

change file encoding
(cherry picked from commit 2cce96d)

added parameters to setSuccess, setWarning, setError
(cherry picked from commit 64ea438)

i18n for error messages
(cherry picked from commit e75d5ef)

i18n for error message in login
(cherry picked from commit 8b60c96)

add i18n for messages in account pages
(cherry picked from commit 9849d94)

fix unit test
(cherry picked from commit a70a1c7)

fix unit test
(cherry picked from commit 008744b)

locale localization :)
(cherry picked from commit f3a2144)

locale localization :)
(cherry picked from commit 21f6384)

messages refactoring
(cherry picked from commit 08f1ae7)

messages refactoring
(cherry picked from commit 3b4b53a)

messages refactoring
(cherry picked from commit 69146d4)

messages refactoring
(cherry picked from commit cd3db1d)

messages refactoring
(cherry picked from commit 715583f)

fix unit tests after message refactoring
(cherry picked from commit a82c9ff)

fix unit tests after message refactoring
(cherry picked from commit 5662d83)

fix unit tests after message refactoring
(cherry picked from commit 1188de6)

fix unit tests after message refactoring
(cherry picked from commit 90ded07)

German translations
(cherry picked from commit 9822b99)

removed newliines
(cherry picked from commit 34ca1d8)

removed java 8 dependency
(cherry picked from commit 3a23f4f)

typo
(cherry picked from commit a818122)

typo
(cherry picked from commit a818122)

forgotten properties

unit test fixes

unit test fixes

fixes after rebase

fixes after rebase

fixes after rebase

fixes after rebase
2015-03-14 14:08:06 +01:00
Bill Burke
60ecf99aa6 export saml broker SPSSO descriptor 2015-03-13 20:56:40 -04:00
Juraci Paixão Kröhling
a64ce244d5 KEYCLOAK-1101 - Added notUsername() to password policy. 2015-03-13 15:50:28 +01:00
Vlastimil Elias
43aa61ace3 KEYCLOAK-1074
- field label changes on login page
- added all relevant integration tests
2015-03-12 15:45:41 +01:00
Vlastimil Elias
dec8d33af1 code formatting improved to keep only real changes done for
KEYCLOAK-1074
2015-03-12 15:43:16 +01:00
Vlastimil Elias
c8c0449124 code formatting patched to be close to original and produce better difs 2015-03-12 15:39:31 +01:00
Vlastimil Elias
21b4f9a2f1 KEYCLOAK-1074 - Allow registration with email as username (without
username as separate field)
2015-03-12 15:31:19 +01:00
Stian Thorgersen
ffbb2df1f3 KEYCLOAK-571 OpenID Connect Discovery
KEYCLOAK-1091 JSON Web Key Set endpoint
KEYCLOAK-790 One OpenID Connect token endpoint URL
2015-03-12 11:45:13 +01:00
Bill Burke
6450c4c5f3 cleanup and docs for mappers 2015-03-11 12:05:27 -04:00
Bill Burke
451ce64907 role name mapper 2015-03-11 09:59:56 -04:00
Bill Burke
28a5e61dff role mappers and testing 2015-03-09 21:03:35 -04:00
Bill Burke
5cf64546c8 Merge remote-tracking branch 'upstream/master' 2015-03-09 09:05:53 -04:00
Bill Burke
cdf22669f4 test oidc mappers 2015-03-09 09:05:39 -04:00
Bill Burke
d4468913dd hardcoded saml mappers 2015-03-09 07:55:20 -04:00
Stian Thorgersen
452931bfb8 Simplified setting to/from dates 2015-03-09 11:47:08 +01:00
girirajsharma
d2188a3f55 Fixed Event Viewer pagination, date filter and added testcases. 2015-03-09 11:47:08 +01:00
girirajsharma
ce33ce2485 [KEYCLOAK-1050] - Improve filtering in Event viewer in admin app. 2015-03-09 11:47:08 +01:00
Bill Burke
5c6c30fef4 saml role list mapper 2015-03-07 19:47:34 -05:00
Bill Burke
1de285b724 mappers 2015-03-06 18:42:20 -05:00
Bill Burke
4a4158a4e4 test saml attributes 2015-03-06 18:29:36 -05:00
mposolda
db07d79009 KEYCLOAK-1066 Kerberos credential delegation support 2015-03-06 12:59:29 +01:00
Stian Thorgersen
1f5fedb0b0 Module provider loader 2015-03-06 05:30:17 +01:00
Bill Burke
db2c01caa9 more mappers 2015-03-05 19:55:53 -05:00
Bill Burke
98831ec05a fix other claims in IDToken 2015-03-04 20:27:06 -05:00
Bill Burke
453ef808cc ID token mapping 2015-03-04 18:39:10 -05:00
Bill Burke
94980fff29 merge conflicts 2015-03-04 17:27:44 -05:00
Bill Burke
33520e9fec reg/account custom attributes 2015-03-04 17:25:50 -05:00
Stian Thorgersen
6c7f35c509 KEYCLOAK-1014 Don't redirect to app after reset password or verify email if new browser session 2015-03-04 13:39:11 +01:00
Stian Thorgersen
f907a749aa KEYCLOAK-1015 Allow configuring login timeout separate to login actions 2015-03-04 08:45:01 +01:00
Bill Burke
396e0c6171 refactor mappers 2015-03-03 20:38:28 -05:00
Bill Burke
608185f06a boolean mapper property types 2015-03-03 12:00:40 -05:00
Bill Burke
753feae49e fixes 2015-03-02 21:39:43 -05:00
mposolda
58a7e549b2 Fix mongo to pass with testsuite 2015-03-02 12:07:31 +01:00
Bill Burke
4361ce1d42 mapper refactoring 2015-02-28 19:48:50 -05:00
Bill Burke
2da925505e saml attribute mappers 2015-02-28 11:17:06 -05:00
Bill Burke
07b038e126 add mapper category and help text 2015-02-27 18:21:42 -05:00
Bill Burke
8533d49dfb Merge remote-tracking branch 'upstream/master' 2015-02-27 17:28:09 -05:00
Bill Burke
1c6e90c4ef protocol mapper ui 2015-02-27 17:21:02 -05:00
pedroigor
b45d6b896a [KEYCLOAK-883] - Configuration option to disable token retrieval from applications. 2015-02-27 02:13:27 -03:00
pedroigor
17653e7e74 [KEYCLOAK-883] - Reverting change that redirects to error page when federating identities.. 2015-02-26 15:27:32 -03:00
pedroigor
8f263a43e3 [KEYCLOAK-883] - Examples config and logging changes. 2015-02-26 12:34:33 -03:00
pedroigor
6e38964838 [KEYCLOAK-883] - Minor changes to the configuration of identity providers for clients. 2015-02-25 21:00:49 -03:00
Bill Burke
430daf4c39 Merge remote-tracking branch 'upstream/master' 2015-02-25 11:35:04 -05:00
Bill Burke
9f759ed77c rest interface for claim mapping 2015-02-25 11:34:51 -05:00
Stian Thorgersen
195a5dffdc Merge pull request #995 from stianst/master
KEYCLOAK-1017 Add server version to cached resources to prevent problems...
2015-02-25 16:15:11 +01:00
pedroigor
128cd98ce2 [KEYCLOAK-1036] - Revert. 2015-02-25 11:21:56 -03:00
Stian Thorgersen
5a10bbc8ca KEYCLOAK-1017 Add server version to cached resources to prevent problems with browser cache 2015-02-25 15:03:01 +01:00
Stian Thorgersen
b6a512b494 KEYCLOAK-934 Extract dependencies into modules 2015-02-25 12:05:48 +01:00
Bill Burke
c20ad93807 claim mappings next phase 2015-02-24 19:37:07 -05:00
Bill Burke
100dbd5fd7 ProviderFactory.postInit() 2015-02-23 12:11:48 -05:00
Bill Burke
d06b7a47ac Merge remote-tracking branch 'upstream/master' 2015-02-23 11:39:39 -05:00
Bill Burke
1dde3e1459 provider events 2015-02-23 11:39:24 -05:00
mposolda
9f8b59dfb6 Kerberos/LDAP fixes 2015-02-23 14:07:55 +01:00
mposolda
9dd5ecd464 Kerberos automated test 2015-02-23 13:13:34 +01:00
Bill Burke
69582ee3be more claims work 2015-02-21 10:26:55 -05:00
Bill Burke
42ffe21f91 Merge remote-tracking branch 'upstream/master' 2015-02-20 09:23:18 -05:00
Bill Burke
20f12ea960 changes 2015-02-20 09:22:49 -05:00
mposolda
d8024b0c6c Kerberos refactored to be federation provider. Support for Kerberos and LDAP. Username/password authentication support with kerberos credentials.
First step - KerberosFederationProvider

Finished KerberosFederationProvider. Added support for username/password authentication with kerberos credentials

Added Kerberos UI to LDAPFederationProvider

Fixes
2015-02-18 17:19:15 +01:00
mposolda
5da05aa62a LDAP testing improvements. Support for embedded Kerberos server in testsuite 2015-02-16 11:50:28 +01:00
mposolda
3ef243dd42 Add authenticateByDefault flag to IdentityProviderModel 2015-02-13 10:08:51 +01:00
pedroigor
b0fb737de3 [KEYCLOAK-883] - Code cleanup and refactoring. 2015-02-13 01:27:11 -02:00
mposolda
534187f4d7 KEYCLOAK-1037 Bad error message on login form in case of expired code 2015-02-11 18:48:32 +01:00
mposolda
03d607b022 Fix showing federation links of users in admin console 2015-02-11 13:03:31 +01:00
mposolda
4b637036ac Display error page if kerberos token is unavailable 2015-02-11 12:25:20 +01:00
Bill Burke
40f2fb91bc Merge pull request #960 from girirajsharma/master
Updated BC provider versions and deprecated CertificateUtil methods.
2015-02-10 17:55:45 -05:00
mposolda
f582250b31 KEYCLOAK-1036 Don't allow registration through identity brokering in case that realm registration is disabled 2015-02-10 16:57:07 +01:00
girirajsharma
c3d7ef8066 Updated BC provider versions and deprecated CertificateUtil methods. 2015-02-10 18:44:54 +05:30
mposolda
90496f62ac KEYCLOAK-1035 Brokered identity linked by account management may not be recognized during login 2015-02-10 13:54:45 +01:00
mposolda
d523d7f202 Ensure timestamp on clientSession is updated in AccountService when linking identity broker 2015-02-10 09:49:44 +01:00
pedroigor
ff1f10d7a7 [KEYCLOAK-883] - Refactoring to services endpoints and exposing them through admin client. 2015-02-09 21:30:21 -02:00
pedroigor
cb72fa4788 [KEYCLOAK-883] - Idp hint should be processed firts. 2015-02-08 22:01:30 -02:00
pedroigor
1e13254598 [KEYCLOAK-992] - Initial code for examples. Fixing cors when retreiving tokens. 2015-02-08 03:27:57 -02:00
pedroigor
4b1ba704ec [KEYCLOAK-992] - Token retrieval from brokered idps. 2015-02-06 22:23:34 -02:00
mposolda
8b4e724aeb KEYCLOAK-1025 Skip automatic logout from KC admin console for non-authorized users 2015-02-06 18:13:17 +01:00
pedroigor
99a457c5c1 [KEYCLOAK-996] - Allow application to select provider. 2015-01-30 14:02:53 -02:00
girirajsharma
2d6e1048ef Fixed adding right CORS headers to actual and preflight CORS requests. 2015-01-30 13:57:27 +05:30
Pedro Igor
f013796324 Merge pull request #938 from pedroigor/KEYCLOAK-883
[KEYCLOAK-883] - Initial tests for SAML brokering.
2015-01-29 09:11:39 -02:00
pedroigor
1960c608cd [KEYCLOAK-883] - Initial tests for SAML brokering. 2015-01-29 00:04:02 -02:00
Bill Burke
fd20a25100 Merge remote-tracking branch 'upstream/master' 2015-01-28 17:09:59 -05:00
Bill Burke
ea3bba98aa saml frontchannel logout 2015-01-28 17:09:13 -05:00
Stian Thorgersen
6ecd9fbde7 Merge pull request #936 from stianst/master
Provider loaders
2015-01-28 11:51:05 +01:00
Stian Thorgersen
67ba1de56f KEYCLOAK-999 Load providers from file-system 2015-01-28 09:15:07 +01:00
pedroigor
2065815627 [KEYCLOAK-883] - Model tests. 2015-01-27 23:53:56 -02:00
pedroigor
c2ba2a70ce [KEYCLOAK-997] - Redirect directly to provider if password login is disabled and there's only one provider. 2015-01-23 18:20:19 -02:00
pedroigor
b9a7594113 [KEYCLOAK-883] - More SAML configuration. Using SAML builders to create AuthnRequest. 2015-01-21 23:40:20 -02:00
Stian Thorgersen
f31bece1b9 KEYCLOAK-980 Password reset is possible with expired link 2015-01-21 13:11:06 +01:00
Stian Thorgersen
e7a792f922 KEYCLOAK-983 Fix login after reset-password 2015-01-21 12:28:30 +01:00
Bill Burke
8b6a3ad8e4 Merge remote-tracking branch 'upstream/master' 2015-01-16 18:58:01 -05:00