Commit graph

514 commits

Author SHA1 Message Date
Hynek Mlnarik
211774ccbc KEYCLOAK-7810 Fix NPE in Elytron SAML adapter 2018-10-04 14:38:45 +02:00
Pedro Igor
2da758ac86 [KEYCLOAK-6928] - Selecting first bearer if multiple values exists in authorization header 2018-10-01 09:36:10 -03:00
stianst
c3fc9e9815 Set version to 4.6.0.Final-SNAPSHOT 2018-09-26 20:58:41 +02:00
Pedro Igor
081e9883e6 [KEYCLOAK-7659] - k_version not supporting cors 2018-09-25 11:50:17 -03:00
Pedro Igor
df311b60b4 [KEYCLOAK-8168] - PEP is resolving claims twice under certain circumstances 2018-09-25 11:47:50 -03:00
mposolda
3777dc45d0 KEYCLOAK-3058 Support for validation of "aud" in adapters through verify-token-audience configuration switch 2018-09-21 11:17:05 +02:00
Pedro Igor
adf0a19f9d [KEYCLOAK-8133] - Can't Sucessfully inject a custom KeycloakSpringBootConfigResolver in the Keycloak Spring Boot Security Adapter 2018-09-20 11:11:12 -03:00
Hynek Mlnarik
2bf6d75e57 KEYCLOAK-8010 Improve handling of Conditions SAML tag 2018-09-19 14:00:28 +02:00
Hynek Mlnarik
0b893d5634 KEYCLOAK-8187 Fix Undertow imports for Fuse
Co-Authored-By: wyvie <irum@redhat.com>
2018-09-18 16:54:03 +02:00
Pedro Igor
64f8fe4987 [KEYCLOAK-8070] - wrong expose headers when enable cors and policyenforcer 2018-09-17 17:02:15 -03:00
stianst
1fb4ca4525 Set version to 4.5.0.Final 2018-09-06 20:08:02 +02:00
Hynek Mlnarik
812e76c39b KEYCLOAK-8163 Improve SAML validations 2018-09-05 15:47:03 +02:00
Pedro Igor
33efcc6b93 [KEYCLOAK-8142] - Fixing regression when setting path enforcement mode to disabled 2018-09-04 10:32:06 -03:00
Dmitry Telegin
bc8763ccf3 KEYCLOAK-7858 - OIDC servlet filter adapter OSGi support 2018-09-04 11:29:45 +02:00
Jani
42553cdc44 [KEYCLOAK-7695] Restore token_type and expires_in for implicit flow
As KEYCLOAK-6585 concerns only hybrid flow, this commit restores the behavior for implicit flow.

This commit partially reverts #5041 (061049e41a6b0e6fb45c75f05748023ad7ab7d92).
2018-08-29 13:00:57 +02:00
mposolda
6fc99cd749 KEYCLOAK-7594 Upgrade to Wildfly 13. Cross-DC: Upgrade to infinispan server 9.2.4 and JDG 7.2
Co-authored-by: Douglas Palmer <dpalmer@redhat.com>
Co-authored-by: stianst <stianst@gmail.com>
Co-authored-by: Hynek Mlnarik <hmlnarik@redhat.com>
2018-08-27 12:52:53 +02:00
Dan Hooper
0a8fca7ec4 Created common interface for parsed tokens in typescript declaration file 2018-08-23 16:14:17 -04:00
Frank Schmager
3e2e0ac91c Renamed factory and java doc 2018-08-22 16:39:55 +02:00
Frank Schmager
dda365e002 initial exposing of BasicAuthRequestAuthenticator to make extensible 2018-08-22 16:39:55 +02:00
Grzegorz Grzybek
fdc9882709 [KEYCLOAK-8101] Return just cached deployment to prevent NPE 2018-08-21 09:56:58 +02:00
Alex Szczuczko
a35ed671e6 KEYCLOAK-7480 Make fuse7 tomcat8 adapter community-only 2018-08-20 09:06:45 +02:00
Alex Szczuczko
f0a2f7a675 KEYCLOAK-7480 Make fuse7 adapter's jetty94 conditional on the community profile
In commit d70859ef keycloak-pax-web-jetty94 was added.

org.keycloak:keycloak-jetty94-adapter:jar is a dependency of this module, and
isn't produced outside of the community profile. So, the jetty94 module here
must be consistent with that.
2018-08-20 09:06:45 +02:00
Erin Recachinas
fa8cb004a1 KEYCLOAK-6086 Casting Jetty WebAppContext in Spring Adapter checks validity and unwraps 2018-08-13 11:16:19 +02:00
Hynek Mlnarik
a8a9631d4f KEYCLOAK-6832 Unify Destination attribute handling 2018-08-09 10:30:30 +02:00
Pedro Igor
80e5227bcd [KEYCLOAK-4902] - Refactoring and improvements to processing of authz requests 2018-08-07 10:53:40 -03:00
mposolda
959cd035ba Set version to 4.3.0.Final-SNAPSHOT 2018-08-01 22:40:05 +02:00
Tair Sabirgaliev
d88568266f KEYCLOAK-7821 Enable tomcat-specific features: * (all roles), ** (authenticated user) in authRoles constraint 2018-07-27 14:24:49 +02:00
mhajas
a6e4f4f9aa KEYCLOAK-7922 Use Time.currentTimeMillis() instead of System.currentTimeMillis() in PathCache 2018-07-24 08:52:48 -03:00
Hynek Mlnarik
c8bc0d6d7b KEYCLOAK-7400 Remove dead code
This commit can only be merged once the Camel 2.21.2 would be
released, otherwise the code won't compile due to missing dependencies.

See https://issues.apache.org/jira/browse/CAMEL-12514 for details.
2018-07-23 14:46:00 +02:00
Pedro Igor
7c14a6a503 [KEYCLOAK-6547] - AuthenticatedActionsHandler should process responses after identity is established 2018-07-19 10:05:04 -03:00
Grzegorz Grzybek
2cb7ec9432 [KEYCLOAK-7703] HierarchicalPathBasedKeycloakConfigResolver for more fine/coarse grained Keycloak configuration in Karaf 2018-07-19 14:25:52 +02:00
Gregor Tudan
3417b569c0 KEYCLOAK-2606: add support for native browsers on cordova
KEYCLOAK-2606 Added cordova native

KEYCLOAK-2606 Some more fixes and tweaks

Fix redirect in example realm

feature(cordova-native): fix universalLinks and kc options

Added 'cordova-native' to typings

Added an option to define a "default" redirectUri in keycloak.js

Added 'login' and 'logout' event to universalLinks configuration in config.xml

Improved 'cordova-native' example to always use a redirectUri and
update state after successfull logout

Setting the 'authenticated' flag for the keycloak instance to 'false'
after a logout redirect

KEYCLOAK-2606: Simplify example for cordova-native

I wanted to make it explicit which options are actually needed, so I didn't want to reuse the keycloak conf

KEYCLOAK-2606: simplify example

The update state after logout shouldn't be necessary as it is set in `keycloak.onAuthLogout = updateState;`
Not sure why it is called after the login promise...

Fixes
2018-07-18 10:51:59 +02:00
Martin Kanis
b520dda3ef KEYCLOAK-4662 Keycloak adapter missing configuration attribute proxy-url 2018-07-13 14:30:40 +02:00
mhajas
5aebc74f8c KEYCLOAK-7269 Setting more uris for Authorization Resource 2018-07-11 17:48:34 -03:00
Pedro Igor
55550f2023 [KEYCLOAK-6547] - AuthenticatedActionsHandler should process responses after identity is established 2018-07-11 11:33:31 -03:00
rmartinc
4a82979792 KEYCLOAK-1925: SAML adapter multitenant support 2018-07-10 13:21:11 +02:00
mposolda
d0a824dde4 Updating version to 4.2.0.Final-SNAPSHOT 2018-07-05 07:42:48 -04:00
sebastienblanc
f5d00ddffb making Spring Boot 2 the default starter 2018-07-03 22:04:16 +02:00
Pedro Igor
dcadc61220 [KEYCLOAK-7670] - PEP not returning correct status code when authorization header is not set 2018-06-29 09:39:55 -03:00
Pedro Igor
f10c47955f [KEYCLOAK-7427] - Fix to support writing to response when doing programmatic logouts 2018-06-28 11:08:28 -03:00
Pedro Igor
23db2b852b [KEYCLOAK-7679] - Wildfly adapter must be disabled when using Elytron 2018-06-28 11:08:28 -03:00
Grzegorz Grzybek
3c9d3c2c04 [KEYCLOAK-7681] Review pax-web OSGi dependencies
Co-Authored-By: Hynek Mlnarik <hmlnarik@redhat.com>
2018-06-22 13:47:20 +02:00
Grzegorz Grzybek
f90e0fc14c [KEYCLOAK-7425] Correctly import packages of httpclient and http core, fix Karaf feature 2018-06-21 14:28:47 +02:00
Hynek Mlnarik
6b968796ce KEYCLOAK-7667 Fix namespace handling when decrypting assertion 2018-06-21 13:09:18 +02:00
vramik
2fcfa5cf71 KEYCLOAK-7094 Support redirect to external logout page for saml filter adapter 2018-06-19 13:23:18 +02:00
stianst
e1a0e581b9 Update to 4.1.0.Final-SNAPSHOT 2018-06-14 14:22:28 +02:00
Dennis Bayer
c43d8b3d85 Get role list to update directly from the security context rather than from previously created subject info.
Roles within groups must be unpacked added separately in order to contain all roles.
2018-06-13 21:03:30 -03:00
Dennis Bayer
6a2a121d4e Map group members of authenticated subject into subject info.
This commit contains a POC for the issue "Roles get lost after security context was propagated back to wildfly-swarm, if using jwt for authentication" (KEYCLOAK-7309).
2018-06-13 21:03:30 -03:00
Hynek Mlnarik
9dc5709ce7 KEYCLOAK-7593 Setters for httpContext 2018-06-13 16:32:39 +02:00
vramik
5f1f3dff5e KEYCLOAK-7094 Support redirect to external logout page for elytron adapter 2018-06-13 12:50:38 +02:00