Commit graph

9479 commits

Author SHA1 Message Date
mposolda
38f89b93ff KEYCLOAK-3281 OIDC 'state' parameter is url-encoded twice when responseMode=form_post 2016-07-13 18:07:57 +02:00
Marek Posolda
912bc8464e Merge pull request #3028 from mposolda/KEYCLOAK-3219
KEYCLOAK-3219 Added claims info to OIDCWellKnownProvider. More tests
2016-07-13 12:28:29 +02:00
mposolda
d5199501c7 KEYCLOAK-3219 Added claims info to OIDCWellKnownProvider. More tests 2016-07-13 10:17:45 +02:00
Stian Thorgersen
f9235cb07d Merge pull request #3020 from realityforge/FilterSessionStore_getDateHeader
KEYCLOAK-3308: Return -1 from getDateHeader() when request is restored.
2016-07-13 08:38:53 +02:00
Stian Thorgersen
d7649c2547 Merge pull request #3024 from stianst/KEYCLOAK-3267
KEYCLOAK-3267 Fix identity broker login with brute force enabled
2016-07-13 07:37:52 +02:00
Thomas Darimont
be5468a7cf KEYCLOAK-3300 Add support for jetty in spring-boot-adapter
This adds support for using Jetty together with the Keycloak
spring-boot-adapter. Sadly the KeycloakSpringBootProperties.SecurityCollection
definition is mostly inspired by Tomcats SecurityConstraint/SecurityCollection
which doesn't provide a good fit for jettys structures.
In cases where jetty only allows one setting, we use the first value.

We only initialize KeycloakJettyServerCustomizer if jetty is used, same
applies for tomcat.
Revised configuration and extracted serverCustomizer code into
dedicated classes.
Prepared infrastructure for Undertow support.
2016-07-12 23:19:30 +02:00
Pedro Igor
eba56e4784 Merge pull request #3027 from pedroigor/KEYCLOAK-3305
[KEYCLOAK-3305] - Cache is not properly handling failures when importing configuration
2016-07-12 17:57:47 -03:00
Marek Posolda
26efb2cbee Merge pull request #3026 from mposolda/master
KEYCLOAK-3306 Added reproducer test for OutdatedTopologyException
2016-07-12 21:47:01 +02:00
Pedro Igor
02896768f5 [KEYCLOAK-3305] - Cache is not properly handling failures when importing configuration 2016-07-12 13:57:49 -03:00
Stan Silvert
1d4e76117c KEYCLOAK-3273: Prefer module name for secure-deployment name. 2016-07-12 12:42:24 -04:00
mposolda
a912ba3148 KEYCLOAK-3306 Added reproducer test for OutdatedTopologyException 2016-07-12 18:12:20 +02:00
Stian Thorgersen
5b0980172d KEYCLOAK-3267 Fix identity broker login with brute force enabled 2016-07-12 15:21:00 +02:00
Stian Thorgersen
ff8dce77f3 Merge pull request #3021 from stianst/master
KEYCLOAK-3143 Wrong field name in login theme message properties
2016-07-12 13:57:40 +02:00
Vaclav Muzikar
7dbdb023a0 KEYCLOAK-3212 Improve Console UI tests stability in FF, Chrome and IE 2016-07-12 11:39:27 +02:00
Stian Thorgersen
2fa200889a KEYCLOAK-3143 Wrong field name in login theme message properties 2016-07-12 10:49:13 +02:00
Stian Thorgersen
f97d0846ed Merge pull request #3010 from wadahiro/KEYCLOAK-3278
KEYCLOAK-3278 Add support for any encoding property file in theme
2016-07-12 10:34:34 +02:00
Stian Thorgersen
19e5ddeba5 Merge pull request #3015 from martin-kanis/master
KEYCLOAK-3096 Remove leading/trailing spaces from username/email
2016-07-12 10:03:55 +02:00
Stian Thorgersen
df090fa5e1 Merge pull request #3012 from wadahiro/KEYCLOAK-3289
KEYCLOAK-3289 Fixed 'User Enabled' toggled incorrectly
2016-07-12 10:01:23 +02:00
Peter Donald
c283f9803c Return -1 from getDateHeader() when request is restored.
Other certain container will attempt to access date (such as when
checking If-Modified-Since header)  and fail when accessing restored
request. The javax.servlet.http.HttpServletRequest#getDateHeader()
javadocs indicate that -1 should be returned when date is not available
2016-07-12 16:28:45 +10:00
Stian Thorgersen
3a370e2726 Merge pull request #3006 from vmuzikar/KEYCLOAK-3280-master
KEYCLOAK-3280 Alerts in Admin Console are sometimes shown only for a split second
2016-07-12 07:30:37 +02:00
Stan Silvert
73cbf857c1 KEYCLOAK-3273: Prefer module name for secure-deployment in Keycloak
adapter subsystem
2016-07-11 20:58:31 -04:00
Marek Posolda
64ad222a28 Merge pull request #3017 from mposolda/rhit
KEYCLOAK-3296 same user logging twice at the same time causes lock is…
2016-07-11 21:42:31 +02:00
mposolda
6e94931023 KEYCLOAK-3296 same user logging twice at the same time causes lock issue - HQL deletion patch 2016-07-11 19:40:24 +02:00
Marek Posolda
ba3b6fd564 Merge pull request #3016 from mposolda/master
KEYCLOAK-3295 Kerberos authenticator changed during userFederationPro…
2016-07-11 17:15:48 +02:00
mposolda
039bb103c2 KEYCLOAK-3295 Kerberos authenticator changed during userFederationProvider update just if it was DISABLED 2016-07-11 15:52:49 +02:00
Stian Thorgersen
e946c1c512 Merge pull request #3011 from stianst/KEYCLOAK-3202
Add versions for Jetty 9.3 adapter dists
2016-07-11 08:02:35 +02:00
Martin Kanis
c67d834d39 KEYCLOAK-3096 Remove leading/trailing spaces from login 2016-07-09 18:35:51 +02:00
Marek Posolda
8bdfd57e9b Merge pull request #3014 from mposolda/KEYCLOAK-3222
OIDC client auth fixes & tests
2016-07-08 18:16:43 +02:00
mposolda
629390dd4a KEYCLOAK-2986 Require either expiration or issuedAt for client authentication with signed JWT 2016-07-08 16:16:38 +02:00
mposolda
3bfd999590 KEYCLOAK-3222 extend WellKnown to return supported types of client authentications. More tests 2016-07-08 15:39:13 +02:00
Pedro Igor
80a67149af Merge pull request #3002 from pedroigor/KEYCLOAK-3249
[KEYCLOAK-3249] - AuthorizationContext.hasScopePermission() gives NPE
2016-07-08 09:16:51 -03:00
Marek Posolda
7962f68991 Merge pull request #3013 from mposolda/KEYCLOAK-3221
OIDC fixes
2016-07-08 14:08:06 +02:00
mposolda
c10a005997 KEYCLOAK-3290 UserInfoEndpoint error responses don't have correct statuses 2016-07-08 12:15:07 +02:00
mposolda
4dd28c0adf KEYCLOAK-3221 Tokens should be invalidated if an attempt to reuse code is made 2016-07-08 11:04:08 +02:00
Stian Thorgersen
4bdd67da79 Add versions for Jetty 9.3 adapter dists 2016-07-08 08:21:03 +02:00
Hiroyuki Wada
8e24c73ac8 KEYCLOAK-3289 Fixed 'User Enabled' toggled incorrectly when 'Federation Link' label is clicked 2016-07-08 15:09:58 +09:00
Bill Burke
bd2887aa77 Merge pull request #2982 from ahus1/jetty_9_3
KEYCLOAK-2684: jetty 9.3 implementation (oidc/saml)
2016-07-07 14:59:29 -04:00
Bill Burke
bdc57d57c1 Merge pull request #3008 from patriot1burke/master
new User Fed SPI initial iteration
2016-07-07 14:56:38 -04:00
Marek Posolda
38cc183be5 Merge pull request #3009 from mposolda/master
KEYCLOAK-3218 Support for max_age OIDC authRequest parameter and supp…
2016-07-07 20:01:50 +02:00
Hiroyuki Wada
930b0d9ad7 KEYCLOAK-3278 Add support for any encoding property file in theme 2016-07-08 02:58:48 +09:00
Bill Burke
bf2ca4008e log level info 2016-07-07 12:06:57 -04:00
mposolda
a7c9e71490 KEYCLOAK-3218 Support for max_age OIDC authRequest parameter and support for auth_time in IDToken 2016-07-07 17:04:32 +02:00
Bill Burke
0040d3fc3b Merge remote-tracking branch 'upstream/master' 2016-07-07 10:35:45 -04:00
Bill Burke
7e5a5f79cf fixes for new user fed spi 2016-07-07 10:35:35 -04:00
Marek Posolda
7a161cc8bb Merge pull request #3005 from mposolda/KEYCLOAK-3217
KEYCLOAK-3217 UserInfo endpoint wasn't accessible by POST request sec…
2016-07-07 13:49:43 +02:00
Marek Posolda
c5e8a010dc Merge pull request #3004 from mposolda/KEYCLOAK-3147
KEYCLOAK-3147 Don't allow authRequest without redirect_uri parameter
2016-07-07 13:49:34 +02:00
Vaclav Muzikar
5638e9e1c5 KEYCLOAK-3280 Alerts in Admin Console are sometimes shown only for a split second 2016-07-07 13:44:28 +02:00
mposolda
56e09bf189 KEYCLOAK-3147 Don't allow authRequest without redirect_uri parameter 2016-07-07 12:46:36 +02:00
mposolda
7aafbcd5d9 KEYCLOAK-3217 UserInfo endpoint wasn't accessible by POST request secured with Bearer header 2016-07-07 12:28:25 +02:00
Stian Thorgersen
78fbf45b80 Merge pull request #2991 from ssilvert/RHSSO-296
KEYCLOAK-3244: Required Action "Configure Totp" should be "Configure OTP"
2016-07-07 11:43:50 +02:00