Takashi Norimatsu
502627f590
KEYCLOAK-5811 Client Authentication by JWS Client Assertion in client secret
2018-01-26 10:59:40 +01:00
Douglas Palmer
42759be6ff
[KEYCLOAK-6143] Remove Hmac prefix from algorithms in the OTP manual config pages
2018-01-25 07:10:30 +01:00
Douglas Palmer
0f1644e612
[KEYCLOAK-6142] Updated OTP manual config pages to reflect HOTP
2018-01-25 07:09:24 +01:00
Thorsten Boock
64b75d2806
Fix Authenticator Page HTML
...
Closes `<thead>` and disables escaping for the `totpStep1` message as it includes HTML links.
2018-01-24 13:44:57 -05:00
mposolda
6369c26671
KEYCLOAK-6286 Adding 'Exclude Session State From Authentication Response' switch to fix backwards compatibility with Keycloak 2.X adapters
2018-01-24 11:35:13 +01:00
stianst
f762173eb0
KEYCLOAK-3370 Add option to override theme in client template and client
2018-01-18 09:14:13 +01:00
pedroigor
79349e6307
[KEYCLOAK-6159] - Resource Permission UI not enabling save button when no policies are set
2018-01-09 16:28:53 -02:00
pedroigor
56750cba83
[KEYCLOAK-6113] - Remove red asterisk sign next to 'Apply Policy' while creating a new permission
2018-01-02 12:40:10 -02:00
stianst
6e3303145f
KEYCLOAK-6079
2018-01-02 15:15:44 +01:00
stianst
0bedbb4dd3
Bump version to 4.0.0.CR1-SNAPSHOT
2017-12-21 15:06:00 +01:00
stianst
e3995c0154
KEYCLOAK-6079
2017-12-21 12:18:12 +01:00
Pedro Igor
7e072abf74
Merge pull request #4873 from pedroigor/master
...
[KEYCLOAK-5806] - Returning from child policy not restoring state
2017-12-20 08:53:50 -02:00
stianst
7d2d7e41d9
KEYCLOAK-6065 Prevent password managers from saving credentials in admin console
2017-12-20 06:46:54 +01:00
pedroigor
3846cfdb4f
[KEYCLOAK-5806] - Changing apply policy component and more tests
2017-12-19 17:28:46 -02:00
stianst
902b799bdf
KEYCLOAK-6064 Fix identity providers page when realm has no configured providers
2017-12-19 17:56:48 +01:00
stianst
465675ac28
KEYCLOAK-5019 Fixes for password managers
2017-12-19 16:13:16 +01:00
pedroigor
2ace312501
[KEYCLOAK-5806] - More UI tests for parent/child policy flow
2017-12-19 12:13:04 -02:00
pedroigor
c00d89aec3
[KEYCLOAK-5806] - Returning from child policy not restoring state
2017-12-19 10:00:14 -02:00
stianst
71e6f52f7d
KEYCLOAK-6022
2017-12-18 11:48:39 +01:00
stianst
b303acaaba
KEYCLOAK-2120 Added manual setup page for OTP
2017-12-18 11:20:20 +01:00
pedroigor
5d7ba39e0c
[KEYCLOAK-5806] - Create policy component to permission pages
2017-12-15 23:41:52 -02:00
pedroigor
e2118856ca
[KEYCLOAK-5806] - Adding table of selected policies
2017-12-15 22:04:37 -02:00
pedroigor
eba47b3c89
[KEYCLOAK-5806] - Create policy button to Aggregated Policies
2017-12-15 22:04:37 -02:00
Pedro Igor
a66fe003d3
Merge pull request #4863 from pedroigor/KEYCLOAK-5877
...
[KEYCLOAK-5877] - Allow save permissions without policies
2017-12-15 15:45:38 -02:00
Stan Silvert
a719b73808
KEYCLOAK-5935: No success msg on client role add/remove
2017-12-15 10:54:43 -05:00
pedroigor
94928323ee
[KEYCLOAK-5877] - Allow saving permissions without policies
2017-12-15 12:55:07 -02:00
stianst
a8943fb323
KEYCLOAK-6043 Use same urls for get and posts in account
2017-12-15 08:31:04 +01:00
Stan Silvert
2b11938084
KEYCLOAK-5932: Remove social idp from dropdown if already defined
2017-12-14 20:18:56 -05:00
Stan Silvert
97e3b26a5c
KEYCLOAK-5934: Event filters allowing free values in select2 inputs
2017-12-14 16:38:02 -05:00
Stan Silvert
068785f227
KEYCLOAK-6042: Remove keycloak-preview from product build.
2017-12-14 14:09:04 +01:00
Bill Burke
ea3417253f
KEYCLOAK-5923
2017-12-12 16:07:09 -05:00
Bruno Oliveira
0a9055e112
[KEYCLOAK-5175] Importing certificate to saml client takes too long
2017-12-12 14:45:24 +01:00
Stan Silvert
a60fdcedcd
KEYCLOAK-5929: Submit buttons in wrong position
2017-12-11 08:27:39 -05:00
stianst
dac6c6bd7e
KEYCLOAK-6000 Fix output in execute actions email
2017-12-11 14:24:37 +01:00
Bill Burke
5d5a200413
Merge pull request #4818 from patriot1burke/master
...
KEYCLOAK-5926
2017-12-08 09:59:32 -05:00
Bill Burke
0dee393071
KEYCLOAK-5926
2017-12-07 19:49:10 -05:00
Bruno Oliveira
3f3d50b9ad
KEYCLOAK-5467 X.509 Auth - missing internationalization support
...
This adds the missing i18n support for login buttons
2017-12-07 08:52:16 -02:00
Stan Silvert
b8da95e901
KEYCLOAK-5930: Submit button on cred screen should start as disabled
2017-12-06 15:35:00 -05:00
stianst
ecfabe4ebe
KEYCLOAK-5913 Move Chinese translations into resources-community
2017-12-06 13:58:52 +01:00
Stan Silvert
30ad2899b8
KEYCLOAK-5933: Configure TOTP to Configure OTP
2017-12-05 17:24:54 -05:00
Stan Silvert
19cfbbf7ff
KEYCLOAK-5972: i18n broken on keycloak-preview acct mgt
2017-12-04 13:44:16 -05:00
stianst
37de8e9f69
Bump version to 3.4.2.Final-SNAPSHOT
2017-12-01 09:34:48 +01:00
Stan Silvert
4d4ee33d1d
KEYCLOAK-5937: Not possible to select role w/ hardocded LDAP role mapper
2017-11-30 15:29:36 -05:00
stianst
4daf6aaec5
KEYCLOAK-5940
2017-11-30 13:43:15 +01:00
Bruno Oliveira
6a528a3ee6
[KEYCLOAK-2645] Reset password page says 'You need to change your password to activate your account.'
2017-11-30 10:37:21 +01:00
stianst
2be78a0239
KEYCLOAK-5924 Add error handler for uncaught errors
2017-11-30 10:33:13 +01:00
Stan Silvert
fc8a8b1dd8
KEYCLOAK-5905: 'Disable Credentials' not displayed after reset password.
2017-11-28 16:40:41 -05:00
Bill Burke
c36b3cd296
KEYCLOAK-5904
2017-11-28 09:10:43 -05:00
stianst
24b7e318ca
KEYCLOAK-5913 Fix all locales showing in RH-SSO
2017-11-28 07:54:26 +01:00
Stan Silvert
27268044ae
KEYCLOAK-5906: Active page not highlighted in nav sidebar
2017-11-27 12:43:43 -05:00
Bruno Oliveira
9d35891e7d
[KEYCLOAK-5467] X.509 Auth - missing internationalization support
2017-11-27 13:44:38 +01:00
Stian Thorgersen
feaf834184
KEYCLOAK-5863 Fix error when updating mapper twice in a row
2017-11-17 12:20:43 +01:00
Shon T. Urbas
f186ea12c6
Removal of duplicate cuff.
2017-11-16 07:18:49 +01:00
Stan Silvert
dc05134e41
KEYCLOAK-5850: Del realm role broken on permissions & Users tabs.
2017-11-16 07:05:08 +01:00
Stan Silvert
f923211e9f
KEYCLOAK-5849: Multiple errors in acct page displays '<br/>'
2017-11-15 19:59:54 +01:00
Bill Burke
a70461b726
Merge pull request #4695 from patriot1burke/master
...
KEYCLOAK-5459 KEYCLOAK-5855
2017-11-14 22:02:13 -05:00
Bill Burke
6b8ead6c4b
KEYCLOAK-5459
2017-11-14 19:37:07 -05:00
Stan Silvert
8b023f57f9
KEYCLOAK-5474: Unexp behavior with "login w/ email" and "Dup emails" ( #4683 )
...
settings.
2017-11-14 16:12:56 -05:00
Hynek Mlnařík
1412fed265
Merge pull request #4676 from abstractj/KEYCLOAK-2052
...
[KEYCLOAK-2052] Allows independently set timeouts for e-mail verification link and rest e.g. forgot password link
2017-11-14 09:19:57 +01:00
Stian Thorgersen
de72542151
KEYCLOAK-5795 Strip ids of client export from admin console
2017-11-14 08:49:58 +01:00
Bruno Oliveira
03d0488335
[KEYCLOAK-2052] Allows independently set timeouts for e-mail verification link and rest e.g. forgot password link
...
Co-authored-by: Hynek Mlnarik <hmlnarik@redhat.com>
2017-11-13 19:57:04 -02:00
Stian Thorgersen
128ff12f8f
Bump versions
2017-11-09 15:37:21 +01:00
Stan Silvert
8759b42e6b
KEYCLOAK-4461: Missing error msg when add idp mapper
2017-11-09 07:13:38 +01:00
liuzheng712
9243430b75
fix(Chinese language): add # encoding: utf-8
2017-11-09 07:10:59 +01:00
Stan Silvert
d3b270d025
KEYCLOAK-5475: UI glitches when alias blank in auth config ( #4645 )
2017-11-08 08:21:28 -05:00
Albert-Jan Verhees
b8f3c8a445
Fixed typo in Dutch translations
2017-11-08 12:59:55 +01:00
Stan Silvert
1db3134df8
KEYCLOAK-5506: Set empty fed config prop fails in admin console ( #4625 )
2017-11-06 12:44:13 -05:00
Stan Silvert
986540ab34
KEYCLOAK-4383: Dbl-click login button leads to "already logged in" page ( #4614 )
2017-10-27 10:29:37 -04:00
Marek Posolda
74f5c1c160
Merge pull request #4611 from mposolda/ldap-eviction-day
...
KEYCLOAK-5746 Bad label for evictionDay in admin console in EVICT_WEE…
2017-10-25 11:14:18 +02:00
mposolda
5f889dd3c6
KEYCLOAK-5746 Bad label for evictionDay in admin console in EVICT_WEEKLY cache policy
2017-10-25 09:08:33 +02:00
Bruno Oliveira
4d762159ef
KEYCLOAK-5717
2017-10-24 10:55:02 -02:00
Stan Silvert
330f2acc29
KEYCLOAK-5732: Freemarker pages using ?html ( #4607 )
2017-10-23 16:35:45 -04:00
Stan Silvert
574fd42534
KEYCLOAK-5681: Upgrade AngularJS for Admin Console ( #4571 )
2017-10-23 12:03:46 -04:00
Stan Silvert
9083e5fe5c
KEYCLOAK-5298: Enable autoescaping in Freemarker ( #4561 )
...
* KEYCLOAK-5298: Enable autoescaping in Freemarker
* Fix several of the failing tests.
* Fix broken tests in integration-deprecated
* Fix last failing test.
2017-10-23 12:03:00 -04:00
Stian Thorgersen
9b75b603e3
KEYCLOAK-5234 ( #4585 )
2017-10-23 16:13:22 +02:00
Bill Burke
8faa6f1f4d
KEYCLOAK-5701
2017-10-18 18:20:50 -04:00
Bill Burke
0fb99a0098
Merge pull request #4569 from patriot1burke/master
...
KEYCLOAK-4328
2017-10-18 10:49:52 -04:00
Bill Burke
649bca7618
KEYCLOAK-4328
2017-10-18 09:37:17 -04:00
Thomas Darimont
3103e0fd0a
KEYCLOAK-5244 Add BlacklistPasswordPolicyProvider ( #4370 )
...
* KEYCLOAK-5244 Add BlacklistPasswordPolicyProvider
This introduces a new PasswordPolicy which can refer to
a named predefined password-blacklist to avoid users
choosing too easy to guess passwords.
The BlacklistPasswordPolicyProvider supports built-in as
well as custom blacklists.
built-in blacklists use the form `default/filename`
and custom ones `custom/filename`, where filename
is the name of the found blacklist-filename.
I'd propose to use some of the freely available password blacklists
from the [SecLists](https://github.com/danielmiessler/SecLists/tree/master/Passwords ) project.
For testing purposes one can download the password blacklist
```
wget -O 10_million_password_list_top_1000000.txt https://github.com/danielmiessler/SecLists/blob/master/Passwords/10_million_password_list_top_1000000.txt?raw=true
```
to /data/keycloak/blacklists/
Custom password policies can be configured with the SPI
configuration mechanism via jboss-cli:
```
/subsystem=keycloak-server/spi=password-policy:add()
/subsystem=keycloak-server/spi=password-policy/provider=passwordBlacklist:add(enabled=true)
/subsystem=keycloak-server/spi=password-policy/provider=passwordBlacklist:write-attribute(name=properties.blacklistsFolderUri, value=file:///data/keycloak/blacklists/)
```
Password blacklist is stored in a TreeSet.
* KEYCLOAK-5244 Encode PasswordBlacklist as a BloomFilter
We now use a dynamically sized BloomFilter with a
false positive probability of 1% as a backing store
for PasswordBlacklists.
BloomFilter implementation is provided by google-guava
which is available in wildfly.
Password blacklist files are now resolved against
the ${jboss.server.data.dir}/password-blacklists.
This can be overridden via system property, or SPI config.
See JavaDoc of BlacklistPasswordPolicyProviderFactory for details.
Revised implementation to be more extensible, e.g. it could be
possible to use other stores like databases etc.
Moved FileSystem specific methods to FileBasesPasswordBlacklistPolicy.
The PasswordBlacklistProvider uses the guava version 20.0
shipped with wildfly. Unfortunately the arquillian testsuite
transitively depends on guava 23.0 via the selenium-3.5.1
dependency. Hence we need to use version 23.0 for tests but 20.0
for the policy provider to avoid NoClassDefFoundErrors in the
server-dist.
Configure password blacklist folder for tests
* KEYCLOAK-5244 Configure jboss.server.data.dir for test servers
* KEYCLOAK-5244 Translate blacklisted message in base/login
2017-10-17 20:41:44 +02:00
Cédric Couralet
656fc5d7c0
KEYCLOAK-4052 - add an option to validate Password Policy for ldap user storage
2017-10-13 13:54:50 +02:00
Gaetan Collaud
06ad4caa1b
KEYCLOAK-5505 put tabindex in login page
2017-10-10 16:56:03 +02:00
Stan Silvert
9131e7e73c
KEYCLOAK-4248: Remove revocation tab for SAML clients.
2017-10-04 14:03:39 -04:00
Herbert Mühlburger
f0f7321c38
Fix spelling error in admin message properties ( #4525 )
...
* fix spelling error in admin message properties
* fix typo in admin messages
2017-10-03 20:58:17 +02:00
Bill Burke
817d6cc8c7
minor ui fix
2017-10-02 11:02:19 -04:00
Gabriel Lavoie
134daeac7f
KEYCLOAK-3303: Allow reuse of refresh tokens.
...
- Configurable max reuse count.
2017-09-28 15:30:40 -04:00
Bill Burke
fd025ae76b
Merge pull request #4209 from guitaro/feature/group-search-and-pagination
...
[KEYCLOAK-2538] - groups pagination and group search
2017-09-23 20:52:19 -04:00
Bill Burke
3020a04a8b
Merge pull request #4490 from Fiercely/master
...
Keycloak 2035
2017-09-22 16:13:22 -04:00
Thomas Darimont
236b2b9273
KEYCLOAK-3599 Add Script based OIDC ProtocolMapper
2017-09-22 21:24:20 +02:00
howcroft
e78bf5f876
Keycloak 2035
...
This PR adds:
* an endpoint to Role that lists users with the Role
* a tab "Users in Role" in Admin console Role page
* it is applicable to Realm and Client Roles
* Extends UserQueryProvider with default methods (throwing Runtime Exception if not overriden)
* Testing in base testsuite and Console
2017-09-22 15:05:49 +01:00
Stan Silvert
7124d93a24
Merge pull request #4487 from ssilvert/kc1250-big-commit
...
KEYCLOAK-5502: Fix install of node and yarn for account2 profile.
2017-09-19 10:39:38 -04:00
Stan Silvert
9d66d55ac1
KEYCLOAK-5502: Fix install of node and yarn for account2 profile.
2017-09-19 09:53:22 -04:00
Stan Silvert
657c68475d
Merge pull request #4486 from ssilvert/kc1250-big-commit
...
KEYCLOAK-1250: Initial commit for new account mgt.
2017-09-18 16:51:18 -04:00
Stan Silvert
c8a4fc2c57
KEYCLOAK-1250: Initial commit for new account mgt.
2017-09-18 15:32:43 -04:00
Bill Burke
3e6adbc904
KEYCLOAK-5490 ( #4477 )
2017-09-15 11:36:48 +02:00
Stian Thorgersen
ee35673615
KEYCLOAK-1250 Profile and console loader for new account management console
2017-09-14 19:53:02 +02:00
Levente NAGY
d18aa44fb4
Merge branch 'feature/group-search-and-pagination' of https://github.com/guitaro/keycloak into feature/group-search-and-pagination
2017-09-13 16:48:24 +02:00
Levente NAGY
e907da77d7
KEYCLOAK 2538 - UI group pagination - Remove junit mocked TUs, add arquillian Tests, delete mockito from poms, fix groups sorting when get result from cache
2017-09-13 16:45:45 +02:00
Stan Silvert
56e0a52197
Merge pull request #4436 from tuxetuxe/master
...
Do not show empty page size selectors in events lists
2017-09-13 10:22:56 -04:00
Léventé NAGY
503ce3a47f
Merge branch 'master' into feature/group-search-and-pagination
2017-09-13 10:27:38 +02:00
Petter Lysne
7f8b5e032a
feat: added PayPal IDP ( #4449 )
2017-09-12 11:57:59 +02:00