Commit graph

138 commits

Author SHA1 Message Date
Sebastian Kanzow
a412bb7b99 [KEYCLOAK-18417] Skip SAML 2.0 AttributeValue with user-defined xsi types 2021-07-30 08:48:25 +02:00
Luca Leonardo Scorcia
6bd7420907 KEYCLOAK-17290 SAML Client - Generate AttributeConsumingService SP metadata section 2021-07-22 21:53:16 +02:00
Martin Bartoš
23e3bc5f8f KEYCLOAK-18466 Configure HTTP client timeouts for adapters 2021-07-22 10:54:59 +02:00
Luca Leonardo Scorcia
ae98d8ea28 KEYCLOAK-18315 SAML Client - Add parameter to request specific AttributeConsumingServiceIndex 2021-06-29 16:22:38 +02:00
AlistairDoswald
8b3e77bf81 KEYCLOAK-9992 Support for ARTIFACT binding in server to client communication
Co-authored-by: AlistairDoswald <alistair.doswald@elca.ch>
Co-authored-by: harture <harture414@gmail.com>
Co-authored-by: Michal Hajas <mhajas@redhat.com>
2021-04-16 12:15:59 +02:00
Luca Leonardo Scorcia
dc359e56d4 KEYCLOAK-17329 Allow emitting custom elements in SAML metadata extensions 2021-03-05 20:55:14 +01:00
Hynek Mlnarik
5c2122d36f KEYCLOAK-16444 Initialize JAXP components consistently 2020-11-25 14:20:19 +01:00
Luca Leonardo Scorcia
e8cf1dd92f KEYCLOAK-16325 Forgot the NameQualifier property in SAML2NameIDBuilder 2020-11-16 13:11:40 +01:00
Luca Leonardo Scorcia
637773e265 KEYCLOAK-16325 Introduce SAML2NameIDBuilder for easier creation of NameIDType elements 2020-11-16 10:19:30 +01:00
Roland Werner
d544b132f9 KEYCLOAK-15806:
Extension to SignatureAlgorithm to support more Algorithms (RSA_SHA256_MGF1, RSA_SHA512_MGF1).
    Also included in clients.js and realms.js so it can be chosen as signature algorithm when connecting as SAML client and when brokering through SAML.
2020-10-15 20:55:27 +02:00
testn
269a72d672 KEYCLOAK-15184: Use static inner class where possible 2020-10-09 23:37:08 +02:00
mhajas
e4078933f8 KEYCLOAK-14828 Disable DTD for SAML XML parser
(cherry picked from commit 37de7de78b2ae0eebee97fe917642bb849325f86)
2020-09-24 13:35:21 +02:00
Luca Leonardo Scorcia
3973d47bd4 KEYCLOAK-15465 SAML Identity Broker - SP metadata writer always emits AttributeConsumingService isDefault attribute
The isDefault attribute is defined as optional, yet if it set to null Keycloak incorrectly emits the value isDefault="null".
2020-09-16 16:44:19 +02:00
Luca Leonardo Scorcia
10077b1efe KEYCLOAK-15485 Add option to enable SAML SP metadata signature 2020-09-16 16:40:45 +02:00
Konstantinos Georgilakis
f4f58ab707 KEYCLOAK-15540 correct SAMLAttributeConsumingServiceParser 2020-09-14 16:01:46 +02:00
Dmitry Telegin
b62d68a591 KEYCLOAK-14952 - Unit test failure in keycloak-saml-core on Java 11 2020-09-14 11:17:57 +02:00
Luca Leonardo Scorcia
67b2d5ffdd KEYCLOAK-14961 SAML Client: Add ability to request specific AuthnContexts to remote IdPs 2020-09-03 21:25:36 +02:00
Konstantinos Georgilakis
1fa93db1b4 KEYCLOAK-14304 Enhance SAML Identity Provider Metadata processing 2020-09-02 20:43:09 +02:00
Luca Leonardo Scorcia
da6530471b KEYCLOAK-14742 SAML2NameIDPolicyBuilder: add AllowCreate and SPNameQualifier properties 2020-07-25 10:16:57 +02:00
Lorent Lempereur
e82fe7d9e3
KEYCLOAK-13950 SAML2 Identity Provider - Send Subject in SAML requests 2020-07-24 21:41:57 +02:00
Luca Leonardo Scorcia
46bf139cb4 KEYCLOAK-14741 Minor SAML specs compliance improvements 2020-07-20 21:08:12 +02:00
mwalliczek
dc73397176 KEYCLOAK-14698 Support complex SAML Attribute Values (e.g. XUA++) 2020-07-15 12:41:11 +02:00
Luca Leonardo Scorcia
d6934c64fd Refactor SAML metadata generation to use the SAMLMetadataWriter class 2020-07-09 09:39:35 +02:00
Luca Leonardo Scorcia
b4127bb7d7 KEYCLOAK-13713 Define a write method for XMLGregorianCalendar attributes 2020-07-03 10:04:51 +02:00
Hiroyuki Wada
f73b51818b KEYCLOAK-14113 Support for exchanging to SAML 2.0 token 2020-06-19 22:08:42 +02:00
Hynek Mlnarik
7deb89caab KEYCLOAK-10729 Do not serialize SAML signature 2020-05-25 15:38:17 +02:00
Hynek Mlnarik
32f13016fa KEYCLOAK-12874 Align Destination field existence check with spec 2020-05-04 09:19:44 +02:00
Dmitry Telegin
b6c5acef25 KEYCLOAK-7969 - SAML users should not be identified by SAML:NameID 2020-02-06 08:53:31 +01:00
rmartinc
d39dfd8688 KEYCLOAK-12654: Data to sign is incorrect in redirect binding when URI has parameters 2020-02-05 11:30:28 +01:00
Thomas Darimont
fc397e8cd7 KEYCLOAK-12732 Improve SAMLAttribute parsing of unknown attributes
We now store all unknown attributes present on a SAMLAttribute element
in the "otherAttributes" map associated with the element.

Previously only the x500:encoding attribute was handled while parsing
attribute elements.
2020-01-31 10:15:11 +01:00
Andrei Arlou
b6a3fba6e3 KEYCLOAK-12568 Remove unused method from org.keycloak.saml.processing.core.saml.v2.factories.JBossSAMLAuthnResponseFactory 2020-01-14 13:21:29 +01:00
vramik
3b1bdb216a KEYCLOAK-11486 Add support for system property or env variable in AllowedClockSkew in keycloak-saml subsystem 2020-01-14 13:17:13 +01:00
mhajas
a79d6289de KEYCLOAK-11416 Fix nil AttributeValue handling 2020-01-10 12:47:09 +01:00
mhajas
28b01bc34d KEYCLOAK-12609 Fix integer overflow for SAML XMLTimeUtil add method parameters 2020-01-06 13:53:16 +01:00
Andrei Arlou
23b794aa51 KEYCLOAK-12313 Remove unused method from org.keycloak.saml.common.util.DocumentUtil 2019-12-20 15:03:42 +01:00
Andrei Arlou
6ee6001f39 KEYCLOAK-12203 Remove unused constants from module "saml-core" 2019-11-29 22:47:24 +01:00
Andrei Arlou
5f50c2951a KEYCLOAK-12202 Remove unnecessary modificators for enums and interfaces in module "saml-core" 2019-11-26 08:46:22 +01:00
Andrei Arlou
ca46c7f718 KEYCLOAK-12201 Use diamond operator for collections in module "saml-core" 2019-11-26 08:13:35 +01:00
Douglas Palmer
a32c8c5190 [KEYCLOAK-11185] Fixed build with JDK 11 2019-11-04 10:56:07 -03:00
Gideon Caranzo
e07fd9ffa3 KEYCLOAK-9936 Added optional hooks for preprocessing SAML authentication
Co-Authored-By: Hynek Mlnarik <hmlnarik@redhat.com>
2019-10-29 13:06:59 +01:00
mhajas
57a8fcb669 KEYCLOAK-10776 Add session expiration to Keycloak saml login response 2019-07-24 13:35:07 +02:00
mhajas
bf33cb0cf9 KEYCLOAK-9102 Add tests for Saml RelayState 2019-07-24 12:28:00 +02:00
Steeve Beroard
fc9a0e1766 [KEYCLOAK-8104] Keycloak SAML Adapter does not support clockSkew configuration
Co-Authored-By: vramik <vramik@redhat.com>
2019-07-15 13:08:52 +02:00
Hynek Mlnarik
ca4e14fbfa KEYCLOAK-7852 Use original NameId value in logout requests 2019-07-04 19:30:21 +02:00
vramik
f7c8896181 KEYCLOAK-10401 Fix log debug message in ConditionsValidator 2019-05-30 10:11:01 +02:00
vramik
d64f716a20 KEYCLOAK-2709 SAML Identity Provider POST Binding request page shown to user is comletely blank with nonsense title 2019-05-20 09:51:04 +02:00
Michael Parker
7bd1f32eb1 KEYCLOAK-9077 Adds support for SAML SessionNotOnOrAfter attribute in response xml serialization 2019-03-05 09:05:41 +01:00
Hynek Mlnarik
d90a5d1367 KEYCLOAK-8594 Fix missing option to Base64 encoder 2018-11-22 21:48:00 +01:00
vramik
7a96911a83 KEYCLOAK-8300 KEYCLOAK-8301 Wildfly 14 upgrade
Co-authored-by: Marek Posolda <mposolda@redhat.com>
2018-10-17 20:01:07 +02:00
Hynek Mlnarik
17a1a33987 KEYCLOAK-7740 Support parsing of xs:date type 2018-10-02 19:54:40 +02:00