Commit graph

131 commits

Author SHA1 Message Date
keycloak-bot
17e9832dc6 Set version to 8.0.0-SNAPSHOT 2019-07-19 19:05:03 +02:00
kuan
1c5f7c1420 Update KeycloakTokenParsed definition.
To match KeycloakInstance's realm access and resources access.
2019-07-17 15:29:34 -04:00
Pedro Igor
803e44dcb1 [KEYCLOAK-10422] - Code challenge only sent when options object argument is passed to login method 2019-05-29 15:09:01 -03:00
Thomas Darimont
2825619243 KEYCLOAK-1033 Add PKCE support for JS Adapter
This adds support for the "S256" code_challenge_method to the JS Adapter.
Note that the method "plain" was deliberately left out as is not recommended
to be used in new applications.

Note that this PR includes two libraries:
- [base64-js]{@link https://github.com/beatgammit/base64-js}
- [js-sha256]{@link https://github.com/emn178/js-sha256}

`base64-js` is needed for cross-browser support for decoding the
Uint8ArrayBuffer returned by `crypto.getRandomValues` to a PKCE
compatible base64 string.

`js-sha256` library is required because the `crypto.subtle.digest`
support is not available for all browsers.

The PKCE codeVerifier is stored in the callbackStore of the JS Adapter.

Note: This PR is based on #5255 which got messed up during a rebase.
2019-05-29 15:40:16 +02:00
Alan Balbo
0a67e0a89e KEYCLOAK-10097 Fix register method in javascript adatper for cordova 2019-05-24 08:49:10 -04:00
Sergio Livi
80932c07a2 KEYCLOAK-10071 check isNaN for minValidity 2019-05-20 09:18:40 -04:00
Jonas Kello
96f13e15ca Add CompatPromise conditional type 2019-05-15 07:42:06 -04:00
keycloak-bot
49d4e935cb Set version to 7.0.0-SNAPSHOT 2019-04-17 09:48:07 +01:00
Anders Rønning
3f7d32d1ae KEYCLOAK-10026: Add missing TypeScript definition for init options 2019-04-15 07:46:05 -04:00
keycloak-bot
e843d84f6e Set version to 6.0.0-SNAPSHOT 2019-03-06 15:54:08 +01:00
stianst
e06c705ca8 Set version 5.0.0 2019-02-21 09:35:14 +01:00
stianst
7c9f15778a Set version to 4.8.3.Final 2019-01-09 20:39:30 +01:00
stianst
7c4890152c Set version to 4.8.2 2019-01-03 14:43:22 +01:00
Charles Jourdan
68873c29b7 Fix on type for KeycloakInstance.realmAccess and KeycloakInstance.ressourceAccess 2018-12-13 19:03:47 +01:00
stianst
b674c0d4d9 Prepare for 4.8.0.Final 2018-12-04 13:54:25 +01:00
stianst
ecd476fb10 Prepare for 4.7.0.Final 2018-11-14 20:10:59 +01:00
stianst
1ee6fd7130 KEYCLOAK-8619 Fix check-sso when there is no cookie 2018-11-09 10:36:31 -02:00
BaHwan Han
91c4bfa81c The Keycloak JS adapter should not mutate browser history state 2018-10-29 20:08:32 +01:00
Tobias Gippert
c71f6e2188 The Keycloak JS adapter should not create a new browser history entry,
when it is redirecting the user, unless the user is in the admin console.
2018-10-12 09:42:26 +02:00
stianst
aaa33ad883 KEYCLOAK-8509 Improvements to session iframe 2018-10-10 21:01:05 +02:00
stianst
9be8bef575 KEYCLOAK-7920 Changes to native promises in JS adapter. Native promises have to be explicitly enabled and when they are old success/error functions are no longer supported. Internally we don't use native promises. 2018-10-10 21:00:19 +02:00
stianst
c3fc9e9815 Set version to 4.6.0.Final-SNAPSHOT 2018-09-26 20:58:41 +02:00
stianst
1fb4ca4525 Set version to 4.5.0.Final 2018-09-06 20:08:02 +02:00
Jani
42553cdc44 [KEYCLOAK-7695] Restore token_type and expires_in for implicit flow
As KEYCLOAK-6585 concerns only hybrid flow, this commit restores the behavior for implicit flow.

This commit partially reverts #5041 (061049e41a6b0e6fb45c75f05748023ad7ab7d92).
2018-08-29 13:00:57 +02:00
Dan Hooper
0a8fca7ec4 Created common interface for parsed tokens in typescript declaration file 2018-08-23 16:14:17 -04:00
mposolda
959cd035ba Set version to 4.3.0.Final-SNAPSHOT 2018-08-01 22:40:05 +02:00
Gregor Tudan
3417b569c0 KEYCLOAK-2606: add support for native browsers on cordova
KEYCLOAK-2606 Added cordova native

KEYCLOAK-2606 Some more fixes and tweaks

Fix redirect in example realm

feature(cordova-native): fix universalLinks and kc options

Added 'cordova-native' to typings

Added an option to define a "default" redirectUri in keycloak.js

Added 'login' and 'logout' event to universalLinks configuration in config.xml

Improved 'cordova-native' example to always use a redirectUri and
update state after successfull logout

Setting the 'authenticated' flag for the keycloak instance to 'false'
after a logout redirect

KEYCLOAK-2606: Simplify example for cordova-native

I wanted to make it explicit which options are actually needed, so I didn't want to reuse the keycloak conf

KEYCLOAK-2606: simplify example

The update state after logout shouldn't be necessary as it is set in `keycloak.onAuthLogout = updateState;`
Not sure why it is called after the login promise...

Fixes
2018-07-18 10:51:59 +02:00
mposolda
d0a824dde4 Updating version to 4.2.0.Final-SNAPSHOT 2018-07-05 07:42:48 -04:00
stianst
e1a0e581b9 Update to 4.1.0.Final-SNAPSHOT 2018-06-14 14:22:28 +02:00
Lorent Lempereur
f55c93a1e4 Javascript Adapter - Add 'cordovaOptions' to the Typescript definition of KeycloakLoginOptions (#5250) 2018-06-11 08:21:04 +02:00
Marek Posolda
49407c2e4f
KEYCLOAK-6630 Client scopes initial support (#5076)
* KEYCLOAK-6630 KEYCLOAK-349 Client Scopes

Co-authored-by: vramik <vramik@redhat.com>

* KEYCLOAK-6630 Change some clientTemplate occurences to clientScope
2018-06-08 15:38:38 +02:00
Stian Thorgersen
dbf5c395b0
Bump version to 4.0.0.Final (#5224) 2018-05-24 19:02:30 +02:00
Pedro Igor
dac5d313b3
Merge pull request #5166 from pedroigor/KEYCLOAK-7021
[KEYCLOAK-7021] - keycloak-authz.js and keycloak-authz.d.ts do not work with TypeScript
2018-05-17 17:42:51 -03:00
Lorent Lempereur
27d8afe4a7 Javascript Adapter - Reject 'login' promise when users close their cordova in-app-browser on purpose (#5000) 2018-05-09 15:49:38 -07:00
Lorent Lempereur
f6125a2542 [KEYCLOAK-6655] Javascript Adapter - Allow users to provide cordova-specific options to login and register (#4998)
* Javascript Adapter - Allow users to pass cordova-specific options (in-app-browser) to the login and register functions

* Javascript Adapter - Allow users to pass cordova-specific options (in-app-browser) to the login and register functions

* [KEYCLOAK-6655] On Android 8, explicit hidden=no fails on in-app-browser load.
2018-05-07 00:26:46 +02:00
Stian Thorgersen
90e5c7f3eb
Bump version to 4.0.0.Beta3-SNAPSHOT (#5185) 2018-05-02 14:32:20 +02:00
Stan Silvert
35154db50f
KEYCLOAK-7123: l10n dropdowns (#5170)
* KEYCLOAK-7196: Add kc_locale to keycloak.js

* KEYCLOAK-7123: Localization dropdowns

* Update keycloak-service to latest keycloak.js
2018-04-25 15:04:12 -04:00
Stan Silvert
b6a0303a4c
KEYCLOAK-7196: Add kc_locale to keycloak.js (#5165)
* KEYCLOAK-7196: Add kc_locale to keycloak.js

* Update keycloak.d.ts
2018-04-23 11:45:32 -04:00
pedroigor
824b900a43 [KEYCLOAK-7021] - keycloak-authz.js and keycloak-authz.d.ts do not work with TypeScript 2018-04-23 08:48:42 -03:00
Wojciech Trocki
c3c1a0fb4e Allow to use custom adapter (#5067)
* Allow to use custom adapter

* fix: improve TypeScript documentation
2018-04-20 09:18:46 +02:00
Stian Thorgersen
5514812a4d
KEYCLOAK-7048 Clear token if refresh fails (#5124) 2018-04-04 20:12:25 +02:00
stianst
07fea02146 Bump versions to 4.0.0.Beta2-SNAPSHOT 2018-03-26 18:17:38 +02:00
Pedro Igor
91bdc4bde2 [KEYCLOAK-3169] - UMA 2.0 (#4368)
* [KEYCLOAK-3169] - UMA 2.0 Support

* [KEYCLOAK-3169] - Changes to account service and more tests

* [KEYCLOAK-3169] - Code cleanup and tests

* [KEYCLOAK-3169] - Changes to account service and tests

* [KEYCLOAK-3169] - Changes to account service and tests

* [KEYCLOAK-3169] - More tests

* [KEYCLOAK-3169] - Changes to adapter configuration

* [KEYCLOAK-3169] - Reviewing UMA specs and more tests

* [KEYCLOAK-3169] - Reviewing UMA specs and more tests

* [KEYCLOAK-3169] - Changes to UMA Grant Type and refactoring

* [KEYCLOAK-3169] - Refresh tokens for RPT responses and tests

* [KEYCLOAK-3169] - Changes to account my resources and policy enforcers

* [KEYCLOAK-3169] - Realm settings flag to enable/disable user-managed access in account mgmt console

* [KEYCLOAK-3169] - More changes to my resource pages in account mgmt console

* [KEYCLOAK-3169] - Need to enable user-managed on realm to run tests

* [KEYCLOAK-3169] - Removing more UMA 1.0 related code

* [KEYCLOAK-3169] - Only submit requests if ticket exists

* [KEYCLOAK-3169] - Returning UMA 401 response when not authenticated

* [KEYCLOAK-3169] - Removing unused code

* [KEYCLOAK-3169] - Removing unused code

* [KEYCLOAK-3169] - 403 response in case ticket is not created

* [KEYCLOAK-3169] - Fixing AbstractPhotozExampleAdapterTest#testClientRoleRepresentingUserConsent

* [KEYCLOAK-3169] - 403 status code only returned for non-bearer clients
2018-02-28 08:53:10 +01:00
wyvie
f8022a5c2f [KEYCLOAK-6585] hybrid flow: removed token_type and expires_in paramters from oidc auth response 2018-02-27 15:31:12 +01:00
wyvie
52acd959e0 [KEYCLOAK-6584] removed not-before-policy parameter from authorization response 2018-02-26 17:41:18 +01:00
stianst
eb326cd1bb KEYCLOAK-6534 Check for string in receiveMessage in session iframe 2018-02-22 07:02:16 +01:00
stianst
9b63cd35f0 KEYCLOAK-6431 2018-02-13 19:38:46 +01:00
David Festal
f44cda2621 Make the keycloak.js capable of working with alternate OIDC providers (#4978)
* Make the `keycloak.js` capable of working with alternate OIDC providers

(provided that they create access_tokens as JWT tokens with `exp` and
`iat` claims).

Also add a `useNonce` option, to allow disabling the `nonce` check
since, in the OIDC specification, `nonce` is optional.

Signed-off-by: David Festal <dfestal@redhat.com>

* Update the `keycloak.ts` with the `useNonce` additional init option. 

Signed-off-by: David Festal <dfestal@redhat.com>

* Fix 2 errors in the case `checkSessionIframe` is used

Signed-off-by: David Festal <dfestal@redhat.com>
2018-02-12 11:00:02 +01:00
o.pakers
8495a7c05a [master]: fix type for checkLoginIframeInterval 2018-02-02 08:37:07 +01:00
Ray DeCampo
a21a94078b KEYCLOAK-5578: Keycloak JS adapter returns native Promise instances when available.
Promise instances are adorned with success() and error() functions to retain backwards compatibility.
2018-01-25 20:42:31 +01:00