Commit graph

528 commits

Author SHA1 Message Date
scranen
0c6b20e862 [KEYCLOAK-4342] Make adapter state cookie path configurable 2018-11-06 10:28:06 -02:00
Pedro Igor
234b7a06a1 [KEYCLOAK-7798] - Spring security adapter does not renew expired tokens 2018-11-06 10:26:40 -02:00
BaHwan Han
91c4bfa81c The Keycloak JS adapter should not mutate browser history state 2018-10-29 20:08:32 +01:00
mposolda
c36b577566 KEYCLOAK-8483 Remove application from the aud claim of accessToken and refreshToken 2018-10-23 13:52:09 +02:00
Pedro Igor
6f8f8e6a28 [KEYCLOAK-8449] - Option to automatically map HTTP verbs to scopes when configuring the policy enforcer 2018-10-23 08:40:54 -03:00
vramik
7a96911a83 KEYCLOAK-8300 KEYCLOAK-8301 Wildfly 14 upgrade
Co-authored-by: Marek Posolda <mposolda@redhat.com>
2018-10-17 20:01:07 +02:00
vramik
623d985e7f KEYCLOAK-8454 KeycloakHttpServerAuthenticationMechanism uses wrong status code when logout page not set 2018-10-17 19:03:24 +02:00
mposolda
4483677cdd KEYCLOAK-8529 Fix most of adapter tests on EAP6 2018-10-12 12:01:33 +02:00
Tobias Gippert
c71f6e2188 The Keycloak JS adapter should not create a new browser history entry,
when it is redirecting the user, unless the user is in the admin console.
2018-10-12 09:42:26 +02:00
stianst
aaa33ad883 KEYCLOAK-8509 Improvements to session iframe 2018-10-10 21:01:05 +02:00
stianst
9be8bef575 KEYCLOAK-7920 Changes to native promises in JS adapter. Native promises have to be explicitly enabled and when they are old success/error functions are no longer supported. Internally we don't use native promises. 2018-10-10 21:00:19 +02:00
Frank Schmager
6b59c2f44c try to register node during authentication attempt in filter
* PreAuthActionsFilter registers deployment during authentication attempt to enable, well,
  node registration if filter is used by itself (if no securityConstraints when using spring boot and spring security)
* deregistering node during clean shutdown
* added unit test
2018-10-09 10:30:37 -03:00
sebastienblanc
fd0ab4a626 removing spring factories from core module 2018-10-09 14:17:33 +02:00
Pedro Igor
6fd4a02f95 [KEYCLOAK-8444] - Error when producing KeycloakSpringBootConfigResolver from spring security configuration 2018-10-08 09:29:59 -03:00
Hynek Mlnarik
211774ccbc KEYCLOAK-7810 Fix NPE in Elytron SAML adapter 2018-10-04 14:38:45 +02:00
Pedro Igor
2da758ac86 [KEYCLOAK-6928] - Selecting first bearer if multiple values exists in authorization header 2018-10-01 09:36:10 -03:00
stianst
c3fc9e9815 Set version to 4.6.0.Final-SNAPSHOT 2018-09-26 20:58:41 +02:00
Pedro Igor
081e9883e6 [KEYCLOAK-7659] - k_version not supporting cors 2018-09-25 11:50:17 -03:00
Pedro Igor
df311b60b4 [KEYCLOAK-8168] - PEP is resolving claims twice under certain circumstances 2018-09-25 11:47:50 -03:00
mposolda
3777dc45d0 KEYCLOAK-3058 Support for validation of "aud" in adapters through verify-token-audience configuration switch 2018-09-21 11:17:05 +02:00
Pedro Igor
adf0a19f9d [KEYCLOAK-8133] - Can't Sucessfully inject a custom KeycloakSpringBootConfigResolver in the Keycloak Spring Boot Security Adapter 2018-09-20 11:11:12 -03:00
Hynek Mlnarik
2bf6d75e57 KEYCLOAK-8010 Improve handling of Conditions SAML tag 2018-09-19 14:00:28 +02:00
Hynek Mlnarik
0b893d5634 KEYCLOAK-8187 Fix Undertow imports for Fuse
Co-Authored-By: wyvie <irum@redhat.com>
2018-09-18 16:54:03 +02:00
Pedro Igor
64f8fe4987 [KEYCLOAK-8070] - wrong expose headers when enable cors and policyenforcer 2018-09-17 17:02:15 -03:00
stianst
1fb4ca4525 Set version to 4.5.0.Final 2018-09-06 20:08:02 +02:00
Hynek Mlnarik
812e76c39b KEYCLOAK-8163 Improve SAML validations 2018-09-05 15:47:03 +02:00
Pedro Igor
33efcc6b93 [KEYCLOAK-8142] - Fixing regression when setting path enforcement mode to disabled 2018-09-04 10:32:06 -03:00
Dmitry Telegin
bc8763ccf3 KEYCLOAK-7858 - OIDC servlet filter adapter OSGi support 2018-09-04 11:29:45 +02:00
Jani
42553cdc44 [KEYCLOAK-7695] Restore token_type and expires_in for implicit flow
As KEYCLOAK-6585 concerns only hybrid flow, this commit restores the behavior for implicit flow.

This commit partially reverts #5041 (061049e41a6b0e6fb45c75f05748023ad7ab7d92).
2018-08-29 13:00:57 +02:00
mposolda
6fc99cd749 KEYCLOAK-7594 Upgrade to Wildfly 13. Cross-DC: Upgrade to infinispan server 9.2.4 and JDG 7.2
Co-authored-by: Douglas Palmer <dpalmer@redhat.com>
Co-authored-by: stianst <stianst@gmail.com>
Co-authored-by: Hynek Mlnarik <hmlnarik@redhat.com>
2018-08-27 12:52:53 +02:00
Dan Hooper
0a8fca7ec4 Created common interface for parsed tokens in typescript declaration file 2018-08-23 16:14:17 -04:00
Frank Schmager
3e2e0ac91c Renamed factory and java doc 2018-08-22 16:39:55 +02:00
Frank Schmager
dda365e002 initial exposing of BasicAuthRequestAuthenticator to make extensible 2018-08-22 16:39:55 +02:00
Grzegorz Grzybek
fdc9882709 [KEYCLOAK-8101] Return just cached deployment to prevent NPE 2018-08-21 09:56:58 +02:00
Alex Szczuczko
a35ed671e6 KEYCLOAK-7480 Make fuse7 tomcat8 adapter community-only 2018-08-20 09:06:45 +02:00
Alex Szczuczko
f0a2f7a675 KEYCLOAK-7480 Make fuse7 adapter's jetty94 conditional on the community profile
In commit d70859ef keycloak-pax-web-jetty94 was added.

org.keycloak:keycloak-jetty94-adapter:jar is a dependency of this module, and
isn't produced outside of the community profile. So, the jetty94 module here
must be consistent with that.
2018-08-20 09:06:45 +02:00
Erin Recachinas
fa8cb004a1 KEYCLOAK-6086 Casting Jetty WebAppContext in Spring Adapter checks validity and unwraps 2018-08-13 11:16:19 +02:00
Hynek Mlnarik
a8a9631d4f KEYCLOAK-6832 Unify Destination attribute handling 2018-08-09 10:30:30 +02:00
Pedro Igor
80e5227bcd [KEYCLOAK-4902] - Refactoring and improvements to processing of authz requests 2018-08-07 10:53:40 -03:00
mposolda
959cd035ba Set version to 4.3.0.Final-SNAPSHOT 2018-08-01 22:40:05 +02:00
Tair Sabirgaliev
d88568266f KEYCLOAK-7821 Enable tomcat-specific features: * (all roles), ** (authenticated user) in authRoles constraint 2018-07-27 14:24:49 +02:00
mhajas
a6e4f4f9aa KEYCLOAK-7922 Use Time.currentTimeMillis() instead of System.currentTimeMillis() in PathCache 2018-07-24 08:52:48 -03:00
Hynek Mlnarik
c8bc0d6d7b KEYCLOAK-7400 Remove dead code
This commit can only be merged once the Camel 2.21.2 would be
released, otherwise the code won't compile due to missing dependencies.

See https://issues.apache.org/jira/browse/CAMEL-12514 for details.
2018-07-23 14:46:00 +02:00
Pedro Igor
7c14a6a503 [KEYCLOAK-6547] - AuthenticatedActionsHandler should process responses after identity is established 2018-07-19 10:05:04 -03:00
Grzegorz Grzybek
2cb7ec9432 [KEYCLOAK-7703] HierarchicalPathBasedKeycloakConfigResolver for more fine/coarse grained Keycloak configuration in Karaf 2018-07-19 14:25:52 +02:00
Gregor Tudan
3417b569c0 KEYCLOAK-2606: add support for native browsers on cordova
KEYCLOAK-2606 Added cordova native

KEYCLOAK-2606 Some more fixes and tweaks

Fix redirect in example realm

feature(cordova-native): fix universalLinks and kc options

Added 'cordova-native' to typings

Added an option to define a "default" redirectUri in keycloak.js

Added 'login' and 'logout' event to universalLinks configuration in config.xml

Improved 'cordova-native' example to always use a redirectUri and
update state after successfull logout

Setting the 'authenticated' flag for the keycloak instance to 'false'
after a logout redirect

KEYCLOAK-2606: Simplify example for cordova-native

I wanted to make it explicit which options are actually needed, so I didn't want to reuse the keycloak conf

KEYCLOAK-2606: simplify example

The update state after logout shouldn't be necessary as it is set in `keycloak.onAuthLogout = updateState;`
Not sure why it is called after the login promise...

Fixes
2018-07-18 10:51:59 +02:00
Martin Kanis
b520dda3ef KEYCLOAK-4662 Keycloak adapter missing configuration attribute proxy-url 2018-07-13 14:30:40 +02:00
mhajas
5aebc74f8c KEYCLOAK-7269 Setting more uris for Authorization Resource 2018-07-11 17:48:34 -03:00
Pedro Igor
55550f2023 [KEYCLOAK-6547] - AuthenticatedActionsHandler should process responses after identity is established 2018-07-11 11:33:31 -03:00
rmartinc
4a82979792 KEYCLOAK-1925: SAML adapter multitenant support 2018-07-10 13:21:11 +02:00