Commit graph

13166 commits

Author SHA1 Message Date
Stan Silvert
ca49840266 KEYCLOAK-17610: WhoAMI doesn't support CORS 2021-03-31 18:51:39 +02:00
Jan Lieskovsky
07ea524433 [KEYCLOAK-17326] Fix:
$ git diff --name-only HEAD^
fatal: ambiguous argument 'HEAD^': unknown revision or path not in the working tree.
Use '--' to separate paths from revisions, like this:
'git <command> [<revision>...] -- [<file>...]'

GHA failure on 'Test Clustering on Wildfly' phase. See e.g. recent:
  https://github.com/keycloak/keycloak/pull/7705/checks?check_run_id=2023996258

Signed-off-by: Jan Lieskovsky <jlieskov@redhat.com>
2021-03-31 17:40:50 +02:00
Jan Lieskovsky
55cd56b636 [KEYCLOAK-17315] Enable run of clustering and Cross-DC tests on Wildfly
within GitHub actions also for changes upgrading Keycloak to next
Wildfly version

Also, update GIT_DIFF evaluation per Hynek's suggestion. Thanks, Hynek!

Signed-off-by: Jan Lieskovsky <jlieskov@redhat.com>
Co-authored-by: Hynek Mlnařík <hmlnarik@users.noreply.github.com>
2021-03-31 17:40:50 +02:00
vramik
185075d373 KEYCLOAK-14552 Realm Map Store 2021-03-31 15:49:03 +02:00
Konstantinos Georgilakis
ec5c256562 KEYCLOAK-5657 Support for transient NameIDPolicy and AllowCreate in SAML IdP 2021-03-31 14:45:39 +02:00
rmartinc
0a0caa07d6 KEYCLOAK-17215 Slowness issue while hitting /auth/admin/realms/$REALM/clients?viewableOnly=true after DELETE a role 2021-03-31 12:57:17 +02:00
vramik
c3b9c66941 KEYCLOAK-17460 invalidate client when assigning scope 2021-03-30 10:58:16 +02:00
sma1212
e10f3b3672
[KEYCLOAK-17484] OIDC Conformance - Authorization response with Hybrid flow does not contain token_type (#7872)
* [KEYCLOAK-17484] fix oidc conformance for hybrid-flow

* [KEYCLOAK-17484] add TokenType & ExpiresIn to OAuth2Constants

* [KEYCLOAK-17484] add request validation for oidc-flows automated tests
2021-03-30 08:59:30 +02:00
devopsix
590ee1b1a2
KEYCLOAK-15459 Fix serialization of locale in admin console's “whoami” (#7397)
call.
2021-03-29 18:37:26 -04:00
Bodo Graumann
0033b7daf7 [KEYCLOAK-17166] Use radio buttons for otp select 2021-03-29 15:46:34 +02:00
Alexandros Trifyllis
a60cb65252 KEYCLOAK-17444 Enlist the EventListenerTransaction with the Keycloak Transaction Manager 2021-03-26 12:47:15 +01:00
Thomas Darimont
7ec6a54e22 KEYCLOAK-17581 Prevent empty group names
Create / Update operations in `GroupResource ` and `GroupsResource#addTopLevelGroup`
did not validate the given group name. This allowed the creation of groups with empty names.

We now prevent the creation of groups with empty names.
2021-03-25 19:10:38 -03:00
Hynek Mlnarik
a36fafe04e KEYCLOAK-17409 Support for amphibian (both component and standalone) provider 2021-03-25 13:28:20 +01:00
Jan Lieskovsky
5fac80b05e [KEYCLOAK-17100] Testsuite Wildfly initialization error on Windows
[KEYCLOAK-17392] Java CLASSPATH is wrongly parsed on Windows

Signed-off-by: Jan Lieskovsky <jlieskov@redhat.com>
Co-Authored-By: Peter Zaoral <pzaoral@redhat.com>
2021-03-25 09:21:34 +01:00
Alfredo Boullosa
e126969f82 Add Retry 2021-03-24 15:15:02 +01:00
Pedro Igor
fca65ac644 Adding a test when custom policies are used 2021-03-24 08:24:43 -03:00
Xiangjiaox
ca81e6ae8c
KEYCLOAK-15015 Extend KeyWrapper to add whole certificate chain in x5c parameter (#7643)
* [KEYCLOAK-15015] - Publishing the x5c for JWK

Co-authored-by: Vetle Bergstad <vetle.bergstad@evry.com>
Co-authored-by: Pedro Igor <pigor.craveiro@gmail.com>
2021-03-23 08:37:50 -03:00
Hynek Mlnarik
17d41c472b KEYCLOAK-17412 Improve control of model tests 2021-03-22 21:56:59 +01:00
cgeorgilakis
18afdea392
KEYCLOAK-16048 SAML Client import - add md:RequestedAttribute as "User Attribute" ProtocolMapper 2021-03-22 21:55:32 +01:00
Phillip Schichtel
f754b34c0c KEYCLOAK-13633 Generalize GenericPrincipalFactory to PrincipleFactory
This allows to replace java.security.acl.Group usage only where necessary while keeping legacy adapter unchanged.

Signed-off-by: Phillip Schichtel <phillip@schich.tel>
2021-03-22 15:40:51 +01:00
Pascal Keßler
52db22925c KEYCLOAK-13633 refactor(tomcat-adapter-spi): change to specific imports instead of star import 2021-03-22 15:40:51 +01:00
Pascal Keßler
b3ee471e11 KEYCLOAK-13633 refactor(tomcat-adapter-spi): remove usage of java.security.acl.Group to make jdk 15 possible
Signed-off-by: Phillip Schichtel <phillip@schich.tel>
2021-03-22 15:40:51 +01:00
Stan Silvert
717d9515fa
KEYCLOAK-16890: Stored XSS attack on new acct console (#7867) 2021-03-22 11:24:12 +01:00
Stan Silvert
3b80eee5bf KEYCLOAK-17033: Reflected XSS attack with referrer in new account
console
2021-03-22 11:22:23 +01:00
Katharina Marzok
6e3dbfcb3d
KEYCLOAK-16660 Fix typo in 'applicationName' 2021-03-22 11:18:10 +01:00
Clement Cureau
0b68f24a09
[KEYCLOAK-14046] Include groups in user creation via Admin Console (#7035)
* [KEYCLOAK-14046] Include groups in user creation via Admin Console

Since the POST /users API now supports providing groups membership, here is the UI
part!

- Added a field in the user creation UI to specify groups the newly created user
will be joining
- Added associated messages in english language

* Added UI integration tests

* Fixed UI tests

* Flatten nested groups in user creation groups searchbox

* Filtering out searched groups

* Removed unused injection

* Fixed UI tests

Co-authored-by: Clement Cureau <clement.cureau@cdiscount.com>
2021-03-19 13:55:45 +01:00
Pedro Igor
cbb118c013 [KEYCLOAK-17442] - Upgrade to Quarkus 1.12.2 2021-03-17 13:45:30 -03:00
Peter Skopek
cd44b99eb9 KEYCLOAK-16356 update JUnit to the latest version 2021-03-17 09:53:25 -03:00
mposolda
853a6d7327 KEYCLOAK-17000 Adding server tmp directory inside the auth-server home directory 2021-03-17 10:06:48 +01:00
Pascal Euhus
82fc401298 [KEYCLOAK-9841] use LDAPUser UUID as an identifier instead of username 2021-03-16 17:55:24 +01:00
Andrew Elwell
c76ca4ad13
Correct "doesn't exists" typos - fixes KEYCLOAK-14986 (#7316)
* Correct "doesn't exists" typos

* Revert changes to imported package

Co-authored-by: Stian Thorgersen <stianst@gmail.com>
2021-03-16 11:52:36 +01:00
Joaquim Fellmann
d2c98b20f3 KEYCLOAK-17404: LDAPS connection tests not working when protocol set in upper case 2021-03-16 10:10:59 +01:00
Yang Xie
db30b470c4 KEYCLOAK-17342 Make the default value of default signature algorithm show up in the admin console 2021-03-16 09:15:22 +01:00
Luca Leonardo Scorcia
11d8c165b2 KEYCLOAK-17192 Add jaxb module dependency required by JAXBUtil class 2021-03-15 17:41:24 +01:00
Michito Okai
298ab0bc3e KEYCLOAK-7675 Support for Device Authorization Grant 2021-03-15 10:09:20 -03:00
Łukasz Dywicki
f58bf0deeb Make sure additional params are passed between device request and user authnetication. 2021-03-15 10:09:20 -03:00
Łukasz Dywicki
319195236b Fix failing test, cause oauth device flow is encoded using realm attributes. 2021-03-15 10:09:20 -03:00
Hiroyuki Wada
5edf14944e KEYCLOAK-7675 SPI and default implementation for Device User Code.
Author:    Hiroyuki Wada <h2-wada@nri.co.jp>
Date:      Sun May 12 15:47:15 2019 +0900

Signed-off-by: Łukasz Dywicki <luke@code-house.org>
2021-03-15 10:09:20 -03:00
Hiroyuki Wada
9d57b88dba KEYCLOAK-7675 Prototype Implementation of Device Authorization Grant.
Author:    Hiroyuki Wada <h2-wada@nri.co.jp>
Date:      Thu May 2 00:22:24 2019 +0900

Signed-off-by: Łukasz Dywicki <luke@code-house.org>
2021-03-15 10:09:20 -03:00
Thomas Darimont
d2060913be KEYCLOAK-14412 Fixed compiler error in JavascriptAdapterTests 2021-03-11 13:03:08 -03:00
Thomas Darimont
b926cd20f1 KEYCLOAK-14412 Keycloak.js should honor scopes configured in initOptions and loginOptions 2021-03-11 13:03:08 -03:00
Hynek Mlnarik
4946484cb6 KEYCLOAK-17377 Fix invalidation cluster tests (do not hide failures) 2021-03-11 16:14:59 +01:00
Miquel Simon
1d54dd5e8b KEYCLOAK-16006. Fixed Spring Boot tests with new offset value. 2021-03-11 09:51:28 +01:00
Alfredo Boullosa
95d9cd2b38 KEYCLOAK-17376 - Fix DeviceActivityTest, SigningInTest and PermissionsTest 2021-03-10 09:00:30 +01:00
Lukas Hanusovsky
b3ea6f74be KEYCLOAK-16212 - Exclude Remote execution for the LDAPVaultCredentialsTest, fixed broken exclude Remote execution for the LDAPUserLoginTest. 2021-03-10 07:27:43 +01:00
Yang Xie
2605eddbe7 KEYCLOAK-17300 Add a method to check if the token revocation request has duplicate parameters 2021-03-09 18:27:38 +01:00
Alfredo Boullosa
3d76e2b775 KEYCLOAK-17378 - Fix DisableAuthorizationSettingsTest 2021-03-09 16:09:53 +01:00
Lukas Hanusovsky
ef57714eaa KEYCLOAK-17301 - fix -> added org.infinispan.commons module into jboss-deployment-structure.xml 2021-03-09 11:05:17 +01:00
vramik
6e501946b1 KEYCLOAK-17021 Client Scope map store 2021-03-08 21:59:28 +01:00
vramik
2c64a56072 KEYCLOAK-17325 Use KeycloakMarshallUtil for writing collection for LockEntryPredicate 2021-03-06 08:39:00 +01:00