Bill Burke
4a4158a4e4
test saml attributes
2015-03-06 18:29:36 -05:00
mposolda
db07d79009
KEYCLOAK-1066 Kerberos credential delegation support
2015-03-06 12:59:29 +01:00
Stian Thorgersen
1f5fedb0b0
Module provider loader
2015-03-06 05:30:17 +01:00
Bill Burke
db2c01caa9
more mappers
2015-03-05 19:55:53 -05:00
Bill Burke
98831ec05a
fix other claims in IDToken
2015-03-04 20:27:06 -05:00
Bill Burke
453ef808cc
ID token mapping
2015-03-04 18:39:10 -05:00
Bill Burke
94980fff29
merge conflicts
2015-03-04 17:27:44 -05:00
Bill Burke
33520e9fec
reg/account custom attributes
2015-03-04 17:25:50 -05:00
Stian Thorgersen
6c7f35c509
KEYCLOAK-1014 Don't redirect to app after reset password or verify email if new browser session
2015-03-04 13:39:11 +01:00
Stian Thorgersen
f907a749aa
KEYCLOAK-1015 Allow configuring login timeout separate to login actions
2015-03-04 08:45:01 +01:00
Bill Burke
396e0c6171
refactor mappers
2015-03-03 20:38:28 -05:00
Bill Burke
608185f06a
boolean mapper property types
2015-03-03 12:00:40 -05:00
Bill Burke
753feae49e
fixes
2015-03-02 21:39:43 -05:00
mposolda
58a7e549b2
Fix mongo to pass with testsuite
2015-03-02 12:07:31 +01:00
Bill Burke
4361ce1d42
mapper refactoring
2015-02-28 19:48:50 -05:00
Bill Burke
2da925505e
saml attribute mappers
2015-02-28 11:17:06 -05:00
Bill Burke
07b038e126
add mapper category and help text
2015-02-27 18:21:42 -05:00
Bill Burke
8533d49dfb
Merge remote-tracking branch 'upstream/master'
2015-02-27 17:28:09 -05:00
Bill Burke
1c6e90c4ef
protocol mapper ui
2015-02-27 17:21:02 -05:00
pedroigor
b45d6b896a
[KEYCLOAK-883] - Configuration option to disable token retrieval from applications.
2015-02-27 02:13:27 -03:00
pedroigor
17653e7e74
[KEYCLOAK-883] - Reverting change that redirects to error page when federating identities..
2015-02-26 15:27:32 -03:00
pedroigor
8f263a43e3
[KEYCLOAK-883] - Examples config and logging changes.
2015-02-26 12:34:33 -03:00
pedroigor
6e38964838
[KEYCLOAK-883] - Minor changes to the configuration of identity providers for clients.
2015-02-25 21:00:49 -03:00
Bill Burke
430daf4c39
Merge remote-tracking branch 'upstream/master'
2015-02-25 11:35:04 -05:00
Bill Burke
9f759ed77c
rest interface for claim mapping
2015-02-25 11:34:51 -05:00
Stian Thorgersen
195a5dffdc
Merge pull request #995 from stianst/master
...
KEYCLOAK-1017 Add server version to cached resources to prevent problems...
2015-02-25 16:15:11 +01:00
pedroigor
128cd98ce2
[KEYCLOAK-1036] - Revert.
2015-02-25 11:21:56 -03:00
Stian Thorgersen
5a10bbc8ca
KEYCLOAK-1017 Add server version to cached resources to prevent problems with browser cache
2015-02-25 15:03:01 +01:00
Stian Thorgersen
b6a512b494
KEYCLOAK-934 Extract dependencies into modules
2015-02-25 12:05:48 +01:00
Bill Burke
c20ad93807
claim mappings next phase
2015-02-24 19:37:07 -05:00
Bill Burke
100dbd5fd7
ProviderFactory.postInit()
2015-02-23 12:11:48 -05:00
Bill Burke
d06b7a47ac
Merge remote-tracking branch 'upstream/master'
2015-02-23 11:39:39 -05:00
Bill Burke
1dde3e1459
provider events
2015-02-23 11:39:24 -05:00
mposolda
9f8b59dfb6
Kerberos/LDAP fixes
2015-02-23 14:07:55 +01:00
mposolda
9dd5ecd464
Kerberos automated test
2015-02-23 13:13:34 +01:00
Bill Burke
69582ee3be
more claims work
2015-02-21 10:26:55 -05:00
Bill Burke
42ffe21f91
Merge remote-tracking branch 'upstream/master'
2015-02-20 09:23:18 -05:00
Bill Burke
20f12ea960
changes
2015-02-20 09:22:49 -05:00
mposolda
d8024b0c6c
Kerberos refactored to be federation provider. Support for Kerberos and LDAP. Username/password authentication support with kerberos credentials.
...
First step - KerberosFederationProvider
Finished KerberosFederationProvider. Added support for username/password authentication with kerberos credentials
Added Kerberos UI to LDAPFederationProvider
Fixes
2015-02-18 17:19:15 +01:00
mposolda
5da05aa62a
LDAP testing improvements. Support for embedded Kerberos server in testsuite
2015-02-16 11:50:28 +01:00
mposolda
3ef243dd42
Add authenticateByDefault flag to IdentityProviderModel
2015-02-13 10:08:51 +01:00
pedroigor
b0fb737de3
[KEYCLOAK-883] - Code cleanup and refactoring.
2015-02-13 01:27:11 -02:00
mposolda
534187f4d7
KEYCLOAK-1037 Bad error message on login form in case of expired code
2015-02-11 18:48:32 +01:00
mposolda
03d607b022
Fix showing federation links of users in admin console
2015-02-11 13:03:31 +01:00
mposolda
4b637036ac
Display error page if kerberos token is unavailable
2015-02-11 12:25:20 +01:00
Bill Burke
40f2fb91bc
Merge pull request #960 from girirajsharma/master
...
Updated BC provider versions and deprecated CertificateUtil methods.
2015-02-10 17:55:45 -05:00
mposolda
f582250b31
KEYCLOAK-1036 Don't allow registration through identity brokering in case that realm registration is disabled
2015-02-10 16:57:07 +01:00
girirajsharma
c3d7ef8066
Updated BC provider versions and deprecated CertificateUtil methods.
2015-02-10 18:44:54 +05:30
mposolda
90496f62ac
KEYCLOAK-1035 Brokered identity linked by account management may not be recognized during login
2015-02-10 13:54:45 +01:00
mposolda
d523d7f202
Ensure timestamp on clientSession is updated in AccountService when linking identity broker
2015-02-10 09:49:44 +01:00
pedroigor
ff1f10d7a7
[KEYCLOAK-883] - Refactoring to services endpoints and exposing them through admin client.
2015-02-09 21:30:21 -02:00
pedroigor
cb72fa4788
[KEYCLOAK-883] - Idp hint should be processed firts.
2015-02-08 22:01:30 -02:00
pedroigor
1e13254598
[KEYCLOAK-992] - Initial code for examples. Fixing cors when retreiving tokens.
2015-02-08 03:27:57 -02:00
pedroigor
4b1ba704ec
[KEYCLOAK-992] - Token retrieval from brokered idps.
2015-02-06 22:23:34 -02:00
mposolda
8b4e724aeb
KEYCLOAK-1025 Skip automatic logout from KC admin console for non-authorized users
2015-02-06 18:13:17 +01:00
pedroigor
99a457c5c1
[KEYCLOAK-996] - Allow application to select provider.
2015-01-30 14:02:53 -02:00
girirajsharma
2d6e1048ef
Fixed adding right CORS headers to actual and preflight CORS requests.
2015-01-30 13:57:27 +05:30
Pedro Igor
f013796324
Merge pull request #938 from pedroigor/KEYCLOAK-883
...
[KEYCLOAK-883] - Initial tests for SAML brokering.
2015-01-29 09:11:39 -02:00
pedroigor
1960c608cd
[KEYCLOAK-883] - Initial tests for SAML brokering.
2015-01-29 00:04:02 -02:00
Bill Burke
fd20a25100
Merge remote-tracking branch 'upstream/master'
2015-01-28 17:09:59 -05:00
Bill Burke
ea3bba98aa
saml frontchannel logout
2015-01-28 17:09:13 -05:00
Stian Thorgersen
6ecd9fbde7
Merge pull request #936 from stianst/master
...
Provider loaders
2015-01-28 11:51:05 +01:00
Stian Thorgersen
67ba1de56f
KEYCLOAK-999 Load providers from file-system
2015-01-28 09:15:07 +01:00
pedroigor
2065815627
[KEYCLOAK-883] - Model tests.
2015-01-27 23:53:56 -02:00
pedroigor
c2ba2a70ce
[KEYCLOAK-997] - Redirect directly to provider if password login is disabled and there's only one provider.
2015-01-23 18:20:19 -02:00
pedroigor
b9a7594113
[KEYCLOAK-883] - More SAML configuration. Using SAML builders to create AuthnRequest.
2015-01-21 23:40:20 -02:00
Stian Thorgersen
f31bece1b9
KEYCLOAK-980 Password reset is possible with expired link
2015-01-21 13:11:06 +01:00
Stian Thorgersen
e7a792f922
KEYCLOAK-983 Fix login after reset-password
2015-01-21 12:28:30 +01:00
Bill Burke
8b6a3ad8e4
Merge remote-tracking branch 'upstream/master'
2015-01-16 18:58:01 -05:00
Bill Burke
a0ba6d2c16
saml redirect logout 1st step
2015-01-16 18:57:33 -05:00
Bill Burke
ef2698936b
Merge pull request #919 from pedroigor/KEYCLOAK-884
...
[KEYCLOAK-884] - OpenID Connect UserInfo Endpoint.
2015-01-16 14:28:30 -05:00
pedroigor
4f432775ed
[KEYCLOAK-884] - OpenID Connect UserInfo Endpoint.
2015-01-16 15:45:27 -02:00
mposolda
e4a8ced8b0
KEYCLOAK-974 ServerVersionResource doesn't handle cors requests
2015-01-16 12:57:08 +01:00
Stian Thorgersen
8828d6e2f1
KEYCLOAK-965 NPE in TokenManager.verifyAccess if application is deleted
2015-01-16 11:25:05 +01:00
Stian Thorgersen
bf6c46da1c
KEYCLOAK-962 Changed access token request to use redirect_uri from initial request instead of the resolved redirect_uri
2015-01-16 11:01:03 +01:00
Stian Thorgersen
29b8c2c924
KEYCLOAK-949 Disabled user with wrong credentials receive wrong error message
2015-01-14 10:10:53 +01:00
Stian Thorgersen
abd5967be3
KEYCLOAK-957 Access Token Request does not verify redirect_uri
2015-01-14 09:59:21 +01:00
Michael Gerber
3be74cda30
check if email is null
2015-01-14 09:18:05 +01:00
pedroigor
fa2533ed11
[KEYCLOAK-883] - Initial changes.
2015-01-13 00:58:19 -02:00
Stian Thorgersen
959933a227
Version bump
2015-01-12 10:35:50 +01:00
mposolda
fff8ae9f8a
KEYCLOAK-942 Incorrect condition in ResourceAdminManager could cause global logout
2015-01-08 11:09:11 +01:00
pedroigor
c4892428ae
[KEYCLOAK-928] - Validate duplicated emails when updating profile.
2015-01-07 11:09:40 -02:00
Michael Gerber
181c1c8b5b
add error event if mail can not be send
2015-01-06 13:02:27 +01:00
Stian Thorgersen
45a1f4361e
Add test
2015-01-05 14:34:08 +01:00
Stian Thorgersen
39daeca09c
Merge branch 'reset-password' of https://github.com/gerbermichi/keycloak into gerbermichi-reset-password
2015-01-05 14:26:51 +01:00
gerbermichi
0c73e67372
a disabled user should not receive an email to reset the password
2015-01-05 14:07:03 +01:00
Stian Thorgersen
628437c146
KEYCLOAK-760 OAuth2 refresh token expiration date
2015-01-05 10:50:50 +01:00
Michael Gerber
019bb558d1
reset-password-email with redirect_uri and client_id
2015-01-02 14:10:44 +01:00
Michael Gerber
53e18b3ebe
fix reset-password-email
2015-01-02 12:52:21 +01:00
Stian Thorgersen
f97b71c207
KEYCLOAK-903
...
No client session for direct grant
2014-12-30 13:28:08 +01:00
Stian Thorgersen
a367473386
KEYCLOAK-902 State should not be required
2014-12-30 10:38:08 +01:00
Stian Thorgersen
e174802b0d
KEYCLOAK-825
...
Log out user sessions on password reset
2014-12-17 14:54:33 +01:00
Stian Thorgersen
6cf42db584
KEYCLOAK-891 Create server info page on admin console
2014-12-17 13:21:31 +01:00
gerbermichi
2186fe32a9
Bugfix: Can not read keycloak-server.json if the path contains a space
...
https://issues.jboss.org/browse/KEYCLOAK-892
2014-12-17 12:32:06 +01:00
Bill Burke
6c04e26376
bump
2014-12-05 21:09:38 -05:00
Bill Burke
c0059a875b
bump version
2014-12-05 19:03:13 -05:00
apenders
f3adf02eea
Added CORS preflight support for realms/<realm>/tokens/refresh
2014-12-02 15:33:15 -07:00
Stian Thorgersen
a843e31c12
KEYCLOAK-862 Use HmacSHA256 for code signatures
2014-11-27 10:02:08 +01:00
Bill Burke
46983d68f3
move ServerCookie to core
2014-11-14 09:20:03 -05:00
mposolda
a94ab5883d
KEYCLOAK-835 Move AdapterConstants to different package
2014-11-10 22:16:20 +01:00
Marek Posolda
c0f377c8c7
Merge pull request #841 from jpkrohling/JPK-KEYCLOAK-821
...
KEYCLOAK-821 - Support for comma-separated list of file names to import.
2014-11-06 20:32:31 +01:00
Juraci Paixão Kröhling
cd0ad70952
KEYCLOAK-821 - Support for comma-separated list of file names to import.
2014-11-05 17:04:17 +01:00
Stian Thorgersen
e7625c2bb1
KEYCLOAK-820 Don't expose realm private key through admin endpoints
2014-11-05 15:34:56 +01:00
Bill Burke
9c175bfb5d
Merge remote-tracking branch 'upstream/master'
2014-11-04 15:55:47 -05:00
Bill Burke
ede59a4441
fix jax-doclets
2014-11-04 15:55:33 -05:00
Stian Thorgersen
7327423a03
Fix ResetPasswordTest
2014-11-04 13:05:50 +01:00
Stian Thorgersen
0f8c073354
Version bump
2014-11-04 09:01:06 +01:00
Stian Thorgersen
bb2de4dc59
KEYCLOAK-787 Clicking back to login after sending password reset email fails
2014-10-31 13:59:56 +01:00
Stian Thorgersen
9b0d5acb50
KEYCLOAK-704 KEYCLOAK-768 Improvements to access code generation
2014-10-31 12:45:03 +01:00
Stian Thorgersen
8adad9dddf
KEYCLOAK-806
...
Increase defaults for 'SSO Session Idle Timeout'
2014-10-31 09:41:21 +01:00
Bill Burke
cf747dac22
remove info logging
2014-10-30 09:53:06 -04:00
Bill Burke
0183ac43bc
aud should be client-id, issuer should be realm
2014-10-29 15:56:25 -04:00
Stian Thorgersen
6e4785e74c
KEYCLOAK-777 No login event for social login
2014-10-28 19:56:41 +01:00
Bill Burke
12e2a4698d
idp descriptor
2014-10-28 12:49:31 -04:00
Bill Burke
e3609cc85b
app importer
2014-10-28 11:54:58 -04:00
Bill Burke
971f0f5c16
publish protocol support
2014-10-24 11:25:04 -04:00
Bill Burke
1be070e34d
cleanup
2014-10-24 11:00:34 -04:00
Bill Burke
ce76270ad8
saml key refactor
2014-10-24 10:58:32 -04:00
mposolda
f3da9760a3
Send node registration at 1st request instead of deployment startup. Bugfixing
2014-10-21 23:15:21 +02:00
Bill Burke
668497df4d
upload keys
2014-10-21 16:33:17 -04:00
mposolda
01c705b4d3
KEYCLOAK-759 Added adapter clustering to admin console
2014-10-21 12:32:53 +02:00
Stian Thorgersen
dd4b2f811b
KEYCLOAK-710 Ignore missing roles in access-code
2014-10-21 11:15:35 +02:00
Stian Thorgersen
6b2a4229e3
KEYCLOAK-700 Check path is valid in account/login-redirect
2014-10-21 09:57:56 +02:00
Stian Thorgersen
63b41e2548
KEYCLOAK-703 Check valid origin is passed to login-status-iframe
2014-10-21 09:57:56 +02:00
Stian Thorgersen
ed895ce02d
KEYCLOAK-699 Set maximum size of qr-code
2014-10-21 09:57:56 +02:00
mposolda
7d8f265789
KEYCLOAK-759 dynamic registration of managementUrls in cluster
2014-10-17 21:51:46 +02:00
Bill Burke
8fbc8fc736
Merge remote-tracking branch 'upstream/master'
2014-10-14 18:39:08 -04:00
Bill Burke
7760887ac1
app cert support, bug fixes
2014-10-14 18:38:48 -04:00
Stian Thorgersen
106a0cb48d
KEYCLOAK-755 Support env variables in keycloak-server.json
2014-10-14 15:06:18 +02:00
Stian Thorgersen
1021e8af5c
KEYCLOAK-753 Add 'username:' prefix to remember me cookie to prevent issue with old cookie
2014-10-14 13:44:03 +02:00
Stian Thorgersen
4d401224de
KEYCLOAK-746 Allow linking to account from external provider
2014-10-13 10:48:45 +02:00
Bill Burke
4d007c776a
generate/store realm certificate
2014-10-11 10:49:04 -04:00
Bill Burke
deffa9b4e1
oauth id in admin console
2014-10-10 16:55:57 -04:00
Bill Burke
0ace5cd746
merge conflicts
2014-10-09 18:26:14 -04:00
Bill Burke
94da99bf10
use app id in admin console urls
2014-10-09 18:22:02 -04:00
mposolda
9954d68a1f
KEYCLOAK-748 cluster-aware logout for non-distributable apps
2014-10-09 21:33:07 +02:00
mposolda
ac8b43358d
Reduce logging
2014-10-08 23:28:02 +02:00
mposolda
7e7406ddb7
KEYCLOAK-743 Stateless session mgmt. Drop statistics for adapters.
2014-10-08 22:18:10 +02:00
Bill Burke
a1d1877751
ClientModel attributes and protocol
2014-10-08 10:54:13 -04:00
Bill Burke
5f1e6f3a23
merge
2014-10-07 18:17:44 -04:00
Bill Burke
6d5ab0f66b
saml backchannel logout
2014-10-07 18:06:02 -04:00
Bill Burke
e01424b815
Merge pull request #741 from patriot1burke/master
...
saml basic
2014-10-04 22:15:56 -04:00
Bill Burke
e3a3933390
saml basic
2014-10-04 21:27:48 -04:00
Stian Thorgersen
0d5be568f8
KEYCLOAK-722 Refreshing token throws RuntimeException if realm keys have changed
2014-10-03 13:23:21 +02:00
Stian Thorgersen
d6f030a05a
KEYCLOAK-662 NPE when using direct grant API with email as username
2014-10-03 12:10:52 +02:00
mposolda
e6121f301f
KEYCLOAK-732 AuthenticationManager.logout should logout just current userSession
2014-10-02 22:52:44 +02:00
mposolda
72b5632cfe
KEYCLOAK-731 Support for replacing configuration of Java adapters with system properties
2014-10-02 19:15:37 +02:00
mposolda
95521e8a95
KEYCLOAK-709 ResourceAdminManager.logoutApplication shouldn't immediatelly fail with RuntimeException
2014-10-01 23:20:49 +02:00
Bill Burke
6cf62a2768
move pre-auth
2014-10-01 14:57:52 -04:00
Bill Burke
cbc383d494
finish protocol refactoring
2014-10-01 14:19:59 -04:00