Commit graph

814 commits

Author SHA1 Message Date
Stian Thorgersen
0f8c073354 Version bump 2014-11-04 09:01:06 +01:00
Stian Thorgersen
bb2de4dc59 KEYCLOAK-787 Clicking back to login after sending password reset email fails 2014-10-31 13:59:56 +01:00
Stian Thorgersen
9b0d5acb50 KEYCLOAK-704 KEYCLOAK-768 Improvements to access code generation 2014-10-31 12:45:03 +01:00
Stian Thorgersen
8adad9dddf KEYCLOAK-806
Increase defaults for 'SSO Session Idle Timeout'
2014-10-31 09:41:21 +01:00
Bill Burke
cf747dac22 remove info logging 2014-10-30 09:53:06 -04:00
Bill Burke
0183ac43bc aud should be client-id, issuer should be realm 2014-10-29 15:56:25 -04:00
Stian Thorgersen
6e4785e74c KEYCLOAK-777 No login event for social login 2014-10-28 19:56:41 +01:00
Bill Burke
12e2a4698d idp descriptor 2014-10-28 12:49:31 -04:00
Bill Burke
e3609cc85b app importer 2014-10-28 11:54:58 -04:00
Bill Burke
971f0f5c16 publish protocol support 2014-10-24 11:25:04 -04:00
Bill Burke
1be070e34d cleanup 2014-10-24 11:00:34 -04:00
Bill Burke
ce76270ad8 saml key refactor 2014-10-24 10:58:32 -04:00
mposolda
f3da9760a3 Send node registration at 1st request instead of deployment startup. Bugfixing 2014-10-21 23:15:21 +02:00
Bill Burke
668497df4d upload keys 2014-10-21 16:33:17 -04:00
mposolda
01c705b4d3 KEYCLOAK-759 Added adapter clustering to admin console 2014-10-21 12:32:53 +02:00
Stian Thorgersen
dd4b2f811b KEYCLOAK-710 Ignore missing roles in access-code 2014-10-21 11:15:35 +02:00
Stian Thorgersen
6b2a4229e3 KEYCLOAK-700 Check path is valid in account/login-redirect 2014-10-21 09:57:56 +02:00
Stian Thorgersen
63b41e2548 KEYCLOAK-703 Check valid origin is passed to login-status-iframe 2014-10-21 09:57:56 +02:00
Stian Thorgersen
ed895ce02d KEYCLOAK-699 Set maximum size of qr-code 2014-10-21 09:57:56 +02:00
mposolda
7d8f265789 KEYCLOAK-759 dynamic registration of managementUrls in cluster 2014-10-17 21:51:46 +02:00
Bill Burke
8fbc8fc736 Merge remote-tracking branch 'upstream/master' 2014-10-14 18:39:08 -04:00
Bill Burke
7760887ac1 app cert support, bug fixes 2014-10-14 18:38:48 -04:00
Stian Thorgersen
106a0cb48d KEYCLOAK-755 Support env variables in keycloak-server.json 2014-10-14 15:06:18 +02:00
Stian Thorgersen
1021e8af5c KEYCLOAK-753 Add 'username:' prefix to remember me cookie to prevent issue with old cookie 2014-10-14 13:44:03 +02:00
Stian Thorgersen
4d401224de KEYCLOAK-746 Allow linking to account from external provider 2014-10-13 10:48:45 +02:00
Bill Burke
4d007c776a generate/store realm certificate 2014-10-11 10:49:04 -04:00
Bill Burke
deffa9b4e1 oauth id in admin console 2014-10-10 16:55:57 -04:00
Bill Burke
0ace5cd746 merge conflicts 2014-10-09 18:26:14 -04:00
Bill Burke
94da99bf10 use app id in admin console urls 2014-10-09 18:22:02 -04:00
mposolda
9954d68a1f KEYCLOAK-748 cluster-aware logout for non-distributable apps 2014-10-09 21:33:07 +02:00
mposolda
ac8b43358d Reduce logging 2014-10-08 23:28:02 +02:00
mposolda
7e7406ddb7 KEYCLOAK-743 Stateless session mgmt. Drop statistics for adapters. 2014-10-08 22:18:10 +02:00
Bill Burke
a1d1877751 ClientModel attributes and protocol 2014-10-08 10:54:13 -04:00
Bill Burke
5f1e6f3a23 merge 2014-10-07 18:17:44 -04:00
Bill Burke
6d5ab0f66b saml backchannel logout 2014-10-07 18:06:02 -04:00
Bill Burke
e01424b815 Merge pull request #741 from patriot1burke/master
saml basic
2014-10-04 22:15:56 -04:00
Bill Burke
e3a3933390 saml basic 2014-10-04 21:27:48 -04:00
Stian Thorgersen
0d5be568f8 KEYCLOAK-722 Refreshing token throws RuntimeException if realm keys have changed 2014-10-03 13:23:21 +02:00
Stian Thorgersen
d6f030a05a KEYCLOAK-662 NPE when using direct grant API with email as username 2014-10-03 12:10:52 +02:00
mposolda
e6121f301f KEYCLOAK-732 AuthenticationManager.logout should logout just current userSession 2014-10-02 22:52:44 +02:00
mposolda
72b5632cfe KEYCLOAK-731 Support for replacing configuration of Java adapters with system properties 2014-10-02 19:15:37 +02:00
mposolda
95521e8a95 KEYCLOAK-709 ResourceAdminManager.logoutApplication shouldn't immediatelly fail with RuntimeException 2014-10-01 23:20:49 +02:00
Bill Burke
6cf62a2768 move pre-auth 2014-10-01 14:57:52 -04:00
Bill Burke
cbc383d494 finish protocol refactoring 2014-10-01 14:19:59 -04:00
Bill Burke
546d45b009 protocol abstraction 2014-10-01 10:38:42 -04:00
Bill Burke
4b399fe05a login protocol abstraction 2014-10-01 10:01:42 -04:00
Bill Burke
e32f73880f Merge remote-tracking branch 'upstream/master' 2014-09-30 15:58:39 -04:00
Bill Burke
63b65c933b token service refactoring 2014-09-30 15:58:20 -04:00
Stian Thorgersen
1d4e842cc0 Fixes to Mongo user session provider 2014-09-30 14:24:49 +02:00
Stian Thorgersen
99c73a9cc7 Clustering support 2014-09-30 09:40:20 +02:00
Bill Burke
fc867e59ea action url refactor 2014-09-29 16:57:58 -04:00
Bill Burke
75a3093dda login refactor phase 2, still more to do 2014-09-29 16:15:33 -04:00
Bill Burke
67f10bee24 Merge remote-tracking branch 'upstream/master' 2014-09-29 09:56:37 -04:00
Bill Burke
524b423733 ClientSession everywhere refactor phase1 2014-09-26 17:44:33 -04:00
Stian Thorgersen
f2e97ff9d6 Add test to add/remove attributes to user through admin endpoints 2014-09-25 19:35:57 +02:00
Bill Burke
66d58476d0 refactor security page flow 2014-09-23 11:05:10 -04:00
Bill Burke
bf42227224 remove junk 2014-09-22 16:35:22 -04:00
Bill Burke
99a6713e6f clientsession notes 2014-09-22 16:34:42 -04:00
Bill Burke
0b8b31a3ea KEYCLOAK-705 2014-09-19 10:00:47 -04:00
Stian Thorgersen
dcb5717154 KEYCLOAK-696 Display Keycloak version in admin console 2014-09-18 13:24:03 +02:00
mposolda
89471b7db1 KEYCLOAK-695 Let KEYCLOAK_REMEMBER_ME cookie to be valid for 1 year 2014-09-18 11:03:44 +02:00
mposolda
1049bca433 Prefill login form just if rememberMe enabled for the realm 2014-09-17 08:54:29 +02:00
mposolda
5352872b4b Use KEYCLOAK_REMEMBER_ME as hint to prefill login form. Change lifespan of KEYCLOAK_IDENTITY to maxSsoSessionLifespan 2014-09-16 22:09:27 +02:00
mposolda
1be2bff95f Typo 2014-09-12 16:57:02 +02:00
Stian Thorgersen
811cfd52c9 KEYCLOAK-657 Set cache-control for keycloak.js and login-iframe 2014-09-12 13:46:56 +02:00
Stian Thorgersen
7c15a70f53 Fixes to KEYCLOAK-682 2014-09-12 12:26:52 +02:00
Stian Thorgersen
5d141d4d8a KEYCLOAK-682 Only send logout admin action to clients associated with user session 2014-09-12 11:47:11 +02:00
Stian Thorgersen
423dc1b8a7 Change version schema to match JBoss 2014-09-12 09:35:08 +02:00
mposolda
6f173d4554 KEYCLOAK-678 Preserve form values in account mgmt after error 2014-09-11 20:54:48 +02:00
mposolda
649a40f58c KEYCLOAK-676 Validate email address format during registration or account mgmt 2014-09-11 20:05:00 +02:00
Stian Thorgersen
b23463a1d2 KEYCLOAK-653 Add theme support to welcome-pages 2014-09-11 15:58:29 +02:00
Stian Thorgersen
280cbf2174 KEYCLOAK-680 Add/remove social-links through admin api 2014-09-11 12:09:55 +02:00
Stian Thorgersen
5dea07793b Version bump 2014-09-11 09:27:58 +02:00
mposolda
aa7bbeb11b Support for cors in PublicRealmResource 2014-09-10 13:05:53 +02:00
mposolda
52920119bd Ensure that ServerInfo request is authorized and add CORS support to it 2014-09-10 10:42:05 +02:00
Stian Thorgersen
557de7690e Fix CRSF protection on Chrome, and add check if 'Referer' header 2014-09-10 10:32:56 +02:00
Bill Burke
3f539c6d5c version bump 2014-09-09 13:34:56 -04:00
Bill Burke
e3e32982a0 change CSRF to random value 2014-09-09 13:27:34 -04:00
Bill Burke
ac29db51e5 nolog CORS exception 2014-09-09 12:51:55 -04:00
Bill Burke
d0a3a04d34 CSRF 2014-09-09 12:06:48 -04:00
Stian Thorgersen
3530fa6259 KEYCLOAK-666 Update session last refreshed on every token refresh 2014-09-09 11:01:24 +02:00
Stian Thorgersen
8c8c44e50f KEYCLOAK-658 Fix searching for users 2014-09-02 10:01:44 +02:00
Stian Thorgersen
05a1fc1ded Version bump 2014-09-01 10:17:00 +02:00
Stian Thorgersen
31b0f5543f Fixes 2014-08-29 17:11:18 +02:00
Stian Thorgersen
39c0be5d99 KEYCLOAK-652
Social user can't set password
2014-08-29 16:51:10 +02:00
Stian Thorgersen
b9d0f64f74 Added password token to use inplace of plain-text password for totp 2014-08-28 13:51:55 +02:00
Stian Thorgersen
55d614fce8 Reduce log in UserFederationResource 2014-08-28 11:26:55 +02:00
Stian Thorgersen
3bfe3d256e Rename audit to events 2014-08-28 10:56:37 +02:00
mposolda
fb18004c1d KEYCLOAK-643 Handle flows with adding user with existing username or email in federation providers 2014-08-27 12:19:23 +02:00
Stian Thorgersen
55bd889a0f KEYCLOAK-531 Reduce info level logging 2014-08-27 11:17:24 +02:00
mposolda
b3b480c25f Display proper error message if LDAP-linked user couldn't be deleted due to read-only mode 2014-08-26 19:10:48 +02:00
mposolda
fd9d2ba4d5 Handle exceptions and UI errors when user is read only. Some sync issues 2014-08-26 12:54:05 +02:00
mposolda
6c7d0f27a7 More tooltips for LDAP and generic federation. Minor fixes 2014-08-25 16:28:52 +02:00
Bill Burke
e99afec7ec import console from export 2014-08-21 17:17:09 -04:00
Bill Burke
7c8edb5d11 bump pom 2014-08-21 10:46:49 -04:00
Bill Burke
e5d5276135 race 2014-08-20 14:50:28 -04:00
Bill Burke
5dd84f1d9a fix AccountService referrer problems 2014-08-20 14:20:59 -04:00
Bill Burke
47f361a4ab nocache for fed provider list 2014-08-20 11:29:45 -04:00
Bill Burke
6e7924da76 demo fixes 2014-08-20 11:08:40 -04:00
Bill Burke
c38abb2cfe ? 2014-08-18 18:52:51 -04:00
Bill Burke
faf18dfdfd fix cookie parsing problem 2014-08-18 18:36:36 -04:00
Bill Burke
2dc32fb8c9 fix menu error 2014-08-18 18:06:23 -04:00
Bill Burke
c86a6ba3f3 fix admin reset email 2014-08-15 11:46:38 -04:00
Bill Burke
5dca2a3588 expanded token service coverage 2014-08-14 21:01:05 -04:00
Bill Burke
cfee00d4c5 fix relative uri problem 2014-08-14 11:01:04 -04:00
Bill Burke
29691a3167 Merge pull request #626 from patriot1burke/master
more tooltips, change password
2014-08-13 12:17:48 -04:00
Bill Burke
edf73af508 change password 2014-08-13 10:35:49 -04:00
mposolda
4bac0474c6 Sync UI for generic providers 2014-08-12 18:12:28 +02:00
mposolda
f0b66a2241 Admin console UI for sync of users from LDAP. Sync fixes 2014-08-12 18:12:27 +02:00
Bill Burke
abb1647672 Merge pull request #619 from patriot1burke/master
fix logout
2014-08-12 10:06:44 -04:00
Bill Burke
114c1b95fa fix logout 2014-08-12 10:06:19 -04:00
Stian Thorgersen
f95418dfc9 KEYCLOAK-592 Display login form with error message if trying to login with social provider where email already exists 2014-08-12 12:06:13 +01:00
Bill Burke
7c97e02715 X-Frame-Options, Content-Security-Policy 2014-08-11 17:45:01 -04:00
Stian Thorgersen
3f83538fc1 Merge pull request #612 from stianst/master
KEYCLOAK-616 Not require registration to add a new social user
2014-08-11 15:35:54 +01:00
Stian Thorgersen
3040f4e89f KEYCLOAK-616 Not require registration to add a new social user 2014-08-11 15:34:57 +01:00
mposolda
8ba7559cac Fix transaction handling in KeycloakModelUtils.runJobInTransaction. Start sync tasks for configured federation providers at startup 2014-08-11 13:51:44 +02:00
mposolda
d699404ce7 Support for periodic users sync 2014-08-10 23:23:50 +02:00
mposolda
5cb6c4e77c Improve TimerSPI to support cancelling of previously scheduled tasks 2014-08-10 23:17:39 +02:00
Bill Burke
48f7efc97f @NoCache where appropriate 2014-08-10 12:28:43 -04:00
Bill Burke
9aa6b4cbfa optimize imports 2014-08-10 12:17:45 -04:00
Bill Burke
dc4e8603d7 change logout behavior 2014-08-08 18:33:37 -04:00
Bill Burke
32a19563a5 KEYCLOAK-547 2014-08-06 19:15:52 -04:00
Bill Burke
aff32f69bb version 2014-08-06 15:44:50 -04:00
Bill Burke
e04af84ac0 bump version 2014-08-06 09:00:23 -04:00
Bill Burke
905061e2b7 bump version 2014-08-05 20:52:50 -04:00
Bill Burke
5b5fea347a improved oauth login/grant 2014-08-05 19:36:19 -04:00
Bill Burke
19e1ddff1d logging 2014-08-05 16:04:13 -04:00
Bill Burke
ea0ceeb65d Merge pull request #589 from patriot1burke/master
app full scope
2014-08-04 16:26:51 -04:00
Bill Burke
a497c69758 relative logout 2014-08-04 16:17:35 -04:00
Bill Burke
731d75c756 app full scope by default 2014-08-04 16:04:10 -04:00
mposolda
5edb84ccfb Ensure that displayName is persisted. Add 'user' to ActiveDirectory classes 2014-08-04 16:42:48 +02:00
Bill Burke
60a564dcfd fix fed example 2014-08-03 10:53:37 -04:00
Bill Burke
101a72cd65 remove AuthenticationProvider/Link 2014-08-01 18:03:48 -04:00
Bill Burke
d1c5c55a61 switch to a get 2014-08-01 13:28:17 -04:00
Bill Burke
bdc31d9459 Merge remote-tracking branch 'upstream/master' 2014-08-01 13:18:46 -04:00
Bill Burke
f08c42a37e token validation 2014-08-01 13:18:32 -04:00
Stian Thorgersen
6cbeeb1b1a KEYCLOAK-591 Require SSL for all external requests by default 2014-08-01 13:52:04 +01:00
Bill Burke
705da88daa fix cache setup 2014-07-31 14:05:23 -04:00
Bill Burke
94c06f3f5d fed ui 2014-07-31 13:13:48 -04:00
Bill Burke
b72a7db6fe federation display name 2014-07-31 10:51:04 -04:00
Bill Burke
d0dc75c06f federation ui 2014-07-30 22:52:39 -04:00
Stian Thorgersen
fa01d53f9e KEYCLOAK-545 Stop NPE if no client_secret is specified or bearer-only application is used for grants/access 2014-07-30 16:41:07 +01:00
Stian Thorgersen
50bc53d673 KEYCLOAK-562 Cache theme instances 2014-07-30 16:06:08 +01:00
Stian Thorgersen
fcc4781e3a Updated admin endpoints and console to use oauth client name/clientId to retrieve a oauth client 2014-07-30 14:10:25 +01:00
Stian Thorgersen
614c718304 KEYCLOAK-581 Add login_hint query param to login 2014-07-30 13:43:46 +01:00
Stian Thorgersen
02a59812e6 Added ClientSessionModel to UserSessionProvider 2014-07-29 16:10:41 +01:00
Stian Thorgersen
7f4849e165 Merge pull request #560 from stianst/demo-non-localhost
KEYCLOAK-579 Use relative urls in examples
2014-07-28 10:48:30 +01:00
Stian Thorgersen
628c7dd92a KEYCLOAK-579 Use relative urls in examples 2014-07-28 10:41:21 +01:00
Bill Burke
3bb0842eae federation iteration 2 2014-07-25 21:05:45 -04:00
Stian Thorgersen
614bee3061 KEYCLOAK-570 Add use-resource-role-mappings to WildFly installation 2014-07-25 11:53:10 +01:00
Bill Burke
1b14444eba rename FederationProvider to UserFederationProvider 2014-07-24 11:11:21 -04:00
Stian Thorgersen
511cc483cb Moved audit/tests and model/tests to testsuite 2014-07-24 13:49:15 +01:00
Bill Burke
43d08f2d05 federation iteration 1 complete 2014-07-23 17:05:49 -04:00
Bill Burke
171e9b1ce9 Merge remote-tracking branch 'upstream/master' 2014-07-23 15:10:48 -04:00
Bill Burke
eec582e704 merge 2014-07-23 15:10:36 -04:00
Stian Thorgersen
d6f5bf6cde Moved rememberMe, usernameUsed fields from AccessCode to UserSessions. Change AccessCode to have a single action instead of a list of required actions, also used action for codes that needs user to grant permissions first. Finally removed expiration time on access code and use timestamp directly 2014-07-23 15:58:09 +01:00
Bill Burke
f1d72d0b6d fed 2 2014-07-23 10:42:18 -04:00
Bill Burke
148d494905 federation iteration 2014-07-23 10:21:25 -04:00
Stian Thorgersen
b196d0dded Remove access token from access code, and create token when code is exchanged for token 2014-07-22 09:37:21 +01:00
Bill Burke
f275ecf6d5 cache settings 2014-07-18 11:30:10 -04:00
mposolda
3dff4afe83 Export/import improvements and fixes 2014-07-17 21:31:33 +02:00
Stian Thorgersen
c21be01e97 Merge pull request #529 from stianst/master
KEYCLOAK-435 Added pagination support for users
2014-07-16 18:04:36 +01:00
Stian Thorgersen
72d240a57e KEYCLOAK-435 Added pagination support for users 2014-07-16 17:54:11 +01:00
Bill Burke
8fbfba907b Merge remote-tracking branch 'upstream/master' 2014-07-16 12:05:31 -04:00
Bill Burke
f342a8c7a3 move credential validation to UserProvider 2014-07-16 12:05:15 -04:00
Stian Thorgersen
e0ec121012 KEYCLOAK-559 If session iframe is enabled, check this before doing a login if onload is check-sso 2014-07-16 10:47:42 +01:00
Bill Burke
a5593469ae rename ModelProvider->RealmProvider 2014-07-15 15:44:50 -04:00
Bill Burke
484a4c1454 user provider refactor complete 2014-07-15 15:25:06 -04:00
Bill Burke
ff86bdc35f userprovider split 2014-07-15 12:11:12 -04:00
mposolda
c14840a4c0 More cleanup after rebase 2014-07-15 14:44:38 +02:00
mposolda
24a492ffe0 Export/import refactoring to use same representation as admin endpoints 2014-07-15 05:35:24 +02:00
Bill Burke
d2c27daa16 changes 2014-07-14 11:31:25 -04:00
Stian Thorgersen
3f68180ee7 KEYCLOAK-512 Pagination support for sessions 2014-07-14 11:49:59 +01:00
Stian Thorgersen
d625fb014c Added JPA connection provider and added basic support for multiple transactions to KeycloakSession 2014-07-14 10:10:03 +01:00
Bill Burke
626cecba95 enlist 2014-07-11 19:43:37 -04:00
Bill Burke
5f5316fbdc session transaction 2014-07-11 19:29:11 -04:00
Stian Thorgersen
86671a2354 Started UserSessionProvider 2014-07-10 16:48:25 +01:00
Stian Thorgersen
7491b1c369 KEYCLOAK-553 Added minified keycloak.js 2014-07-09 12:23:29 +01:00
Stian Thorgersen
ad6d52cb0f Removed model methods from KeycloakSession 2014-07-08 15:27:42 +01:00
Stian Thorgersen
8dc293f629 Removed removeAllData from model 2014-07-08 15:27:42 +01:00
Stian Thorgersen
621cae61b6 Added hybrid model provider with jpa stores 2014-07-08 12:04:09 +01:00
mposolda
ffc30b4c03 Changes in representations - adding role mappings under user representation 2014-07-07 22:48:53 +02:00
Stian Thorgersen
38857cf2e6 Remove notBefore from users 2014-07-07 16:23:53 +01:00
Stian Thorgersen
099743d448 Rename loginName to username 2014-07-07 15:56:21 +01:00
Stian Thorgersen
270d6108ca KEYCLOAK-501 Check if old session for browser exists and delete before creating a new 2014-06-27 12:55:33 +01:00
Stian Thorgersen
26eac398e0 KEYCLOAK-541 Create session after resetting password through email 2014-06-27 12:20:32 +01:00
Stian Thorgersen
34a1923d18 Refactor to prepar for splitting model 2014-06-27 09:39:06 +01:00
mposolda
b1cfab34fd Support for test of LDAP connection and authentication 2014-06-24 10:03:14 +02:00
mposolda
aea4fd8e30 Upgrade to picketlink 2.6.0.CR5. Support for sync whole UserModel into AuthenticationProvider 2014-06-23 15:29:00 +02:00
Stian Thorgersen
d73d2e0788 Started test tools module 2014-06-23 11:37:03 +01:00
Bill Burke
d21a19925b stateless access codes 2014-06-20 10:37:27 -04:00
Stian Thorgersen
df2305eb02 Bumped version to 1.0-beta-4-SNAPSHOT 2014-06-19 10:19:10 +01:00
mposolda
5d8c803da6 Remove duplicite dependency declarations to remove maven warnings 2014-06-18 10:31:56 +02:00
Stian Thorgersen
469d044254 KEYCLOAK-532 2014-06-17 14:07:07 +01:00
Bill Burke
1eafb01c8d keycloak-521 2014-06-16 11:59:27 -04:00
Bill Burke
cbea141a54 cache impl 2014-06-13 17:17:45 -04:00
Bill Burke
2ae2067841 refactor for caching again 2014-06-12 11:11:14 -04:00
Bill Burke
0dd06e3343 model refactor for caching 2014-06-10 18:50:08 -04:00
Bill Burke
2f3c8bf079 cache refactor 2014-06-06 15:12:58 -04:00
Stian Thorgersen
5f6687ec62 KEYCLOAK-244 Social should be stateless 2014-06-05 10:09:17 +01:00