Commit graph

1431 commits

Author SHA1 Message Date
Stian Thorgersen
d2cae0f8c3 KEYCLOAK-905
Realm key rotation for OIDC
2016-10-13 11:19:52 +02:00
Bill Burke
4af0976194 remove UserCredValueModel and hold hash providers 2016-10-04 12:34:15 -04:00
Marek Posolda
c32cf51808 Merge pull request #3254 from didiez/master
KEYCLOAK-3608 Update existing user single attribute removes all other attributes from user
2016-10-04 08:43:22 +02:00
Bill Burke
d4c3fae546 merge conflicts 2016-09-30 19:19:12 -04:00
Bill Burke
6a4e413bf4 final mongo fixes 2016-09-30 19:08:34 -04:00
Bill Burke
110f6ad549 mongo fed 2016-09-30 16:48:59 -04:00
mposolda
f9a0abcfc4 KEYCLOAK-3493 KEYCLOAK-3532 Added KeyStorageProvider. Support key rotation for OIDC clients and identity providers with JWKS url. 2016-09-30 21:28:23 +02:00
Bill Burke
8967ca4066 refactor mongo entities, optimize imports 2016-09-28 15:25:39 -04:00
Stian Thorgersen
a58c985934 Merge pull request #3268 from stianst/REVIEW
KEYCLOAK-2438
2016-09-28 13:27:26 +02:00
Bill Burke
d65cc830eb mongo fixes 2016-09-27 17:07:16 -04:00
Bruno Oliveira
98d2fe15e8 [KEYCLOAK-2438] - Add display name to social login buttons
[KEYCLOAK-3291] - Names of social identity providers are wrongly capitalized (eg GitHub vs Github)
2016-09-26 13:36:28 -03:00
Bill Burke
ecc104719d bump pom version 2016-09-26 11:01:18 -04:00
Bill Burke
27e86e36c4 Merge remote-tracking branch 'upstream/master' 2016-09-23 16:50:16 -04:00
Bill Burke
ff1326fe35 authenticator example updated 2016-09-23 16:50:08 -04:00
Bill Burke
8e65356891 creds 2016-09-22 19:57:39 -04:00
Bill Burke
7209a95dce credential refactoring 2016-09-22 08:34:45 -04:00
didiez
98bf095471 Keep setSingleAttribute from deleting all other attributes of the user being updated. 2016-09-22 10:42:24 +02:00
Peter Nalyvayko
0348e427de KEYCLOAK-3505: cosmetic coding style changes 2016-09-15 15:42:09 -04:00
Peter Nalyvayko
b97908fb02 KEYCLOAK-3505: updated the oidc user attribute mapper used to map oidc broker claims to map the claims from userinfo claim set 2016-09-15 11:11:58 -04:00
Stian Thorgersen
e8f99a2109 Merge pull request #3221 from patriot1burke/master
KEYCLOAK-3423
2016-09-09 07:45:53 +02:00
Bill Burke
84f5c0926b KEYCLOAK-3423 2016-09-08 16:47:06 -04:00
Stian Thorgersen
f726caea9b Merge pull request #3205 from stianst/KEYCLOAK-3342
KEYCLOAK-3342 Add Identity Provider authenticator
2016-09-08 08:40:32 +02:00
Stian Thorgersen
7c292b1213 KEYCLOAK-3342 Add Identity Provider authenticator 2016-09-08 07:20:35 +02:00
mposolda
5a015a6518 KEYCLOAK-3494 Input elements backed by user attributes fail to update in themes 2016-09-07 20:08:09 +02:00
mposolda
03c05bd72b KEYCLOAK-2957 IdpEmailVerificationAuthenticator should setEmailVerified to true after successfuly link user by email verification 2016-09-05 18:04:24 +02:00
Stian Thorgersen
4f51b7b34c KEYCLOAK-3462 Fix exception not displayed in init from KeycloakServer 2016-08-29 09:21:22 +02:00
Stian Thorgersen
c522a20ab9 KEYCLOAK-3447 Manual upgrade of database schema 2016-08-22 10:22:08 +02:00
mposolda
d52e043322 Set version to 2.2.0-SNAPSHOT 2016-08-10 08:57:18 +02:00
Bill Burke
83306963e8 jta transaction abstraction 2016-08-08 12:32:36 -04:00
Bill Burke
f14f303dfe Merge remote-tracking branch 'upstream/master' 2016-08-07 11:50:44 -04:00
Bill Burke
33d7d89ad9 provider hot deployment 2016-08-07 11:41:52 -04:00
mposolda
e0a59baaf2 KEYCLOAK-3321 OIDC requests without 'nonce' claim should be rejected unless using the code flow. Started responseType tests 2016-08-05 15:05:26 +02:00
Bill Burke
70722d0d3d user storage provider jpa example 2016-08-03 19:16:11 -04:00
Bill Burke
17e75950fe more fixes 2016-08-02 06:56:22 -04:00
Bill Burke
1c75b03e59 props 2016-08-02 06:50:13 -04:00
mposolda
b3a55df1e7 Fixing mongo 2016-08-02 10:58:44 +02:00
Bill Burke
09693eb108 component model 2016-08-02 05:48:57 +02:00
Bill Burke
5facec73e4 Merge remote-tracking branch 'upstream/master' 2016-08-01 11:19:09 -04:00
Bill Burke
91a267a0d8 component model 2016-08-01 11:18:58 -04:00
Bill Burke
2219cd363e Merge pull request #3079 from patriot1burke/master
KEYCLOAK-3268
2016-07-28 07:22:45 -04:00
Pedro Igor
7e1b97888a [KEYCLOAK-3338] - Adding client roles to role policy and UX improvements 2016-07-27 15:15:14 -03:00
Bill Burke
bd499e1c55 fix pom 2016-07-27 10:37:16 -04:00
Bill Burke
46b4bb0909 KEYCLOAK-3268 2016-07-27 09:28:48 -04:00
Bill Burke
69f051fb0a test user fed registration spi 2016-07-23 08:55:06 -04:00
Bill Burke
b6811b96b9 fix test 2016-07-22 14:42:17 -04:00
Bill Burke
00d439b6f0 log level oops 2016-07-22 12:09:22 -04:00
Bill Burke
72d134748c user fed spi querying tests 2016-07-22 11:42:07 -04:00
Bill Burke
0315bd0b87 Merge remote-tracking branch 'upstream/master' 2016-07-20 17:26:15 -04:00
Bill Burke
2a05f00d0c user fed tests 2016-07-20 17:26:00 -04:00
mposolda
f4ddfe4a52 KEYCLOAK-3318 Support for prompt=login. More tests for prompt parameter 2016-07-20 21:27:38 +02:00
Bill Burke
8b535c5da6 log level 2016-07-20 11:16:20 -04:00
Bill Burke
e719722e32 Merge remote-tracking branch 'upstream/master' 2016-07-20 11:01:01 -04:00
Bill Burke
c709598fdd user fed spi simple test 2016-07-20 10:59:45 -04:00
Marek Posolda
e03bf6eef6 Merge pull request #2990 from trex667/feat/keycloak-1733
[KEYCLOAK-1733]: introduce token as query paramter
2016-07-20 10:46:11 +02:00
mposolda
dcc4ea3aea KEYCLOAK-3237 Change OIDC adapters to use scope=openid as required per specs 2016-07-14 23:56:46 +02:00
Stian Thorgersen
ea44b5888b KEYCLOAK-2824 Password Policy SPI 2016-07-14 07:20:30 +02:00
mposolda
6e94931023 KEYCLOAK-3296 same user logging twice at the same time causes lock issue - HQL deletion patch 2016-07-11 19:40:24 +02:00
Bill Burke
bf2ca4008e log level info 2016-07-07 12:06:57 -04:00
Bill Burke
7e5a5f79cf fixes for new user fed spi 2016-07-07 10:35:35 -04:00
awpwb
159b371973 [KEYCLOAK-1733]: introduce token as query paramter
add functional tests for access token as query paramter
2016-07-06 14:12:23 +02:00
Bill Burke
a19469aba5 Merge remote-tracking branch 'upstream/master' 2016-06-30 17:18:17 -04:00
Bill Burke
b224917fc5 bump version 2016-06-30 17:17:53 -04:00
Bill Burke
3f1eecc4be Merge remote-tracking branch 'upstream/master' 2016-06-30 16:47:55 -04:00
Pedro Igor
afa9471c7c [KEYCLOAK-3128] - Admin Client Authorization Endpoints 2016-06-30 10:26:05 -03:00
Bill Burke
a9f6948d74 Merge remote-tracking branch 'upstream/master' 2016-06-29 15:37:32 -04:00
Bill Burke
f51098c50b user fed refactor 2016-06-29 15:37:22 -04:00
Stian Thorgersen
a6af72cbbc Removed perf package from testsuite/integration 2016-06-24 10:59:05 +02:00
Stan Silvert
38722e8273 KEYCLOAK-3031 Migrate exportimport package to arquillian testsuite 2016-06-23 11:09:55 -04:00
Stian Thorgersen
ce17999d26 Merge pull request #2962 from stianst/master
Add retry to testPostEncryptedLoginLogout
2016-06-23 15:48:43 +02:00
Stian Thorgersen
d869ab2823 Add retry to testPostEncryptedLoginLogout 2016-06-23 15:48:18 +02:00
mposolda
9b9a656192 Fix Oracle DB 2016-06-23 13:23:44 +02:00
Stian Thorgersen
2e2f34d94e Merge pull request #2957 from pedroigor/authz-changes
Changes to authz examples and some minor improvements
2016-06-23 07:49:47 +02:00
Pedro Igor
074a312fe5 Renaming authorization attributes. 2016-06-22 17:20:50 -03:00
mposolda
f7a2ad021e KEYCLOAK-3141 Fix DB2 and some other DB issues 2016-06-22 17:06:55 +02:00
mposolda
5c731b4d14 KEYCLOAK-3149 DB update triggered before DBLock is retrieved 2016-06-21 17:14:25 +02:00
Marek Posolda
190a1beefa Merge pull request #2951 from mposolda/KEYCLOAK-2474
KEYCLOAK-2474 Possibility to add custom SPI and extend the data model
2016-06-21 15:31:12 +02:00
mposolda
c4513fdad9 KEYCLOAK-2474 Polishing. Support for separate changelock table per changelog. Support for authenticated endpoint in domain-extension example 2016-06-21 12:06:22 +02:00
Pedro Igor
5f91f4e466 [KEYCLOAK-3062] - Async configuration to KeycloakServer 2016-06-20 11:55:17 -03:00
Stian Thorgersen
3c0f7e2ee2 Merge pull request #2617 from pedroigor/KEYCLOAK-2753
[KEYCLOAK-2753] - Fine-grained Authorization Services
2016-06-17 13:40:15 +02:00
Pedro Igor
086c29112a [KEYCLOAK-2753] - Fine-grained Authorization Services 2016-06-17 02:07:34 -03:00
Stian Thorgersen
e538394e60 KEYCLOAK-3091 Change brute force to use userId 2016-06-13 15:30:13 +02:00
Bill Burke
4c9a0b45d4 Merge pull request #2229 from thomasdarimont/issue/KEYCLOAK-2489-script-based-authenticator-definitions
KEYCLOAK-2489 - Add support for Script-based AuthenticationExecution definitions.
2016-06-05 11:12:05 -04:00
Stian Thorgersen
2343e517c9 Merge pull request #2891 from pedroigor/KEYCLOAK-2894
[KEYCLOAK-2894] - Fixing saml signature validation
2016-05-26 16:57:13 +02:00
Pedro Igor
60f954a497 [KEYCLOAK-2894] - Fixing saml signature validation 2016-05-26 10:48:30 -03:00
Stan Silvert
1042a22cf7 KEYCLOAK-2912 Migrate events package to new testsuite 2016-05-25 15:22:17 -04:00
Stian Thorgersen
d51a2cde2f Merge pull request #2859 from ssilvert/migrate-i18n
KEYCLOAK-2913 Migrate i18n package to new testsuite
2016-05-25 07:22:54 +02:00
Stian Thorgersen
477c0872b0 KEYCLOAK-3020
Increase default password hashing intervals to 20K
2016-05-23 11:20:31 +02:00
Stan Silvert
049b0dda23 KEYCLOAK-2913 Migrate i18n package to new testsuite 2016-05-20 08:04:07 -04:00
Stian Thorgersen
af7fd0ef61 Merge pull request #2855 from raehalme/KEYCLOAK-3016-master
KEYCLOAK-3016: BasicAuthRequestAuthenticator consumes HttpEntity on errors
2016-05-20 09:14:37 +02:00
Stian Thorgersen
7f3ccad4cc Merge pull request #2852 from abstractj/OAuthRedirectUriTest
OAuthRedirectUriTest migration
2016-05-20 09:13:01 +02:00
Stian Thorgersen
264c816f08 Merge pull request #2846 from ssilvert/migrate-composites
KEYCLOAK-2911 Migrate composites package to new testsuite.
2016-05-20 09:12:30 +02:00
Stian Thorgersen
fcfe8582de Merge pull request #2838 from abstractj/KEYCLOAK-2908
KEYCLOAK-2908 - Migration of oidc package
2016-05-20 08:56:43 +02:00
Thomas Raehalme
babe94c50d KEYCLOAK-3016: BasicAuthRequestAuthenticator now consumes HttpEntity also on errors. 2016-05-19 08:47:51 +03:00
Bruno Oliveira
e7c98bd31b OAuthRedirectUriTest migration 2016-05-18 18:24:10 -03:00
Stan Silvert
771b4c5b6e KEYCLOAK-2911 Migrate composites package to new testsuite. 2016-05-17 10:23:47 -04:00
Bruno Oliveira
c434dc8dcc
KEYCLOAK-2908 - Migration of oidc package 2016-05-14 00:50:23 -03:00
Stan Silvert
a46982f8ec KEYCLOAK-2909 Migrate account package to new testsuite 2016-05-12 15:52:45 -04:00
Bruno Oliveira
4664bb01d8
Migration of AuthorizationCodeTest 2016-05-11 06:21:12 -03:00
Bruno Oliveira
bb6a7e357f
OAuthGrantTest migration 2016-05-09 11:03:47 -03:00
Stian Thorgersen
dbd906b330 Merge pull request #2798 from abstractj/OAuthDance
Migration of OAuthDanceClientSessionExtensionTest
2016-05-06 07:06:22 +02:00
Stian Thorgersen
b7e70ea7e3 Merge pull request #2796 from abstractj/RefreshTokenTest
Refresh token test
2016-05-06 07:05:36 +02:00
Stian Thorgersen
1d87d1cce1 Merge pull request #2792 from ssilvert/migrate-forms
KEYCLOAK-2906 Migrate forms package to new testsuite
2016-05-06 07:00:10 +02:00
Bruno Oliveira
2a60f65229
Migration of OAuthDanceClientSessionExtensionTest 2016-05-05 15:29:51 -03:00
Bruno Oliveira
a5687e4660 Migration of RefreshTokenTest 2016-05-05 15:20:52 -03:00
Marek Posolda
49dc5363bb Merge pull request #2783 from mposolda/master
Easier MariaDB support in tests
2016-05-05 10:04:38 +02:00
Bruno Oliveira
9a3bea7062
RHSSO-121: Offline Tokens 2016-05-04 22:48:59 -03:00
Stan Silvert
c392f6659e KEYCLOAK-2906 Migrate forms package to new testsuite 2016-05-04 18:46:38 -04:00
mposolda
6a75aec6d8 Easier MariaDB support in tests 2016-05-04 23:08:30 +02:00
Stian Thorgersen
19c29387fa Moved ClientRedirectTest to new testsuite 2016-04-28 13:42:18 +02:00
Stan Silvert
29d6832882 KEYCLOAK-2905 Migrate actions package from old testsuite 2016-04-27 14:09:46 -04:00
Thomas Darimont
c8d47926b8 KEYCLOAK-2489 - Add support for Script-based AuthenticationExecution definitions.
This is a POC for script based authenticator support.
Introduced a ScriptBasedAuthenticator that is bootstraped via a
ScriptBasedAuthenticatorFactory can be execute a configured script
against a provided execution context.
Added an alias property to the AuthFlowExecutionRepresentation in order
to be able to differentiate multiple instances of an Authenticator
within the same AuthFlow.

For convenience editing the AngularJS bindings for the ACE editor were
added for fancy script editing - this needs to be cut down a bit wrt to
themes and supported scripts - e.g. we probably don't expect users to write
authenticator scripts in Cobol...
Removed currently not needed ACE sytax highlighting and themes.

Scripting is now available to all keycloak components that have access to the KeycloakSession.
Introduced new Scripting SPI for configurable scripting providers.
2016-04-27 14:37:13 +02:00
Bruno Oliveira
bbe7ff1dce RHSSO-106: Migration of ResourceOwnerPasswordCredentialsGrantTest 2016-04-25 10:15:27 -03:00
Stian Thorgersen
7dd2b3d7be Merge pull request #2730 from abstractj/RHSSO-130
RHSSO-130: AccessTokenTest migration
2016-04-25 13:43:03 +02:00
Stian Thorgersen
320a9da585 Merge pull request #2711 from ssilvert/migrate-LoginTest
Migrate LoginTest
2016-04-25 13:40:51 +02:00
Bruno Oliveira
1cc4ca2e71 RHSSO-130: AccessTokenTest migration 2016-04-22 16:30:57 -03:00
Bruno Oliveira
30f34173c5 RHSSO-108: Migration of ClientAuthSignedJWTTest 2016-04-22 08:29:28 -03:00
Stan Silvert
9335ab6b22 Migrate LoginTest 2016-04-21 09:37:54 -04:00
Bruno Oliveira
2f3b5e9b88 RHSSO-108: Client signed token authentication 2016-04-20 20:47:50 -03:00
Stian Thorgersen
b6ed681402 Merge pull request #2677 from stianst/KEYCLOAK-2850
KEYCLOAK-2850 Migrated ImpersonationTest and added builders
2016-04-20 14:48:05 +02:00
Stian Thorgersen
b8b40e75ef KEYCLOAK-2850 Migrated ImpersonationTest and added builders 2016-04-20 13:52:08 +02:00
mposolda
afc8179cf8 KEYCLOAK-2846 export/import of clientTemplate scopes 2016-04-20 13:30:01 +02:00
Stian Thorgersen
e490a6e3bd Merge pull request #2673 from stianst/master
KEYCLOAK-2850 Migrated ConcurrencyTest
2016-04-20 12:49:48 +02:00
Stian Thorgersen
eab548d7f0 Merge pull request #2671 from stianst/KEYCLOAK-2491
KEYCLOAK-2491 Fix permissions in admin console to match permissions i…
2016-04-20 12:49:28 +02:00
Stian Thorgersen
37256b6b8f KEYCLOAK-2850 Migrated ConcurrencyTest 2016-04-20 10:07:16 +02:00
Stian Thorgersen
04d76b0052 KEYCLOAK-2491 Fix permissions in admin console to match permissions in admin endpoints 2016-04-20 09:57:57 +02:00
mposolda
060527ac67 KEYCLOAK-2850 migrate RealmTest from old testsuite to new 2016-04-20 08:22:32 +02:00
Stian Thorgersen
d2e3389414 Removed duplicated ClientInitialAccessTest 2016-04-19 20:34:59 +02:00
Stian Thorgersen
de8ffae427 Migrate pages from old testsuite, make OAuthClient injectable 2016-04-19 20:16:55 +02:00
Stian Thorgersen
899c9f48e9 KEYCLOAK-2850 Migrate admin endpoint identity provider test 2016-04-19 14:27:16 +02:00
Stan Silvert
e25a0d3cf1 Create TestRealmKeycloakTest as common base class for tests that need
testrealm.json.  Rename admin packaget to endpoint.  Rename legacy package
to match old testsuite.
test suite.
2016-04-14 15:39:32 -04:00
Bill Burke
8f7f9e0b9c KEYCLOAK-2790 2016-04-12 18:25:23 -04:00
Bill Burke
515ed226be Merge remote-tracking branch 'upstream/master' 2016-04-12 15:19:58 -04:00
Bill Burke
cca91dd175 public/private 2016-04-12 15:19:46 -04:00
Stian Thorgersen
1c2eafeb80 KEYCLOAK-2807 Fix server info providers page 2016-04-12 15:38:52 +02:00
Stian Thorgersen
538e49117f KEYCLOAK-2799 Show error for identity brokering login if user is disabled 2016-04-12 13:14:42 +02:00
Stian Thorgersen
d748f7e459 Merge pull request #2573 from stianst/KEYCLOAK-2700
KEYCLOAK-2700 Import existing realm fails due to can't delete group
2016-04-12 07:20:01 +02:00
mposolda
e4f75409c9 KEYCLOAK-2802 NPE during identity broker cancelled from account mgmt 2016-04-11 23:31:24 +02:00
mposolda
98ad9b7e7c KEYCLOAK-2801 Redirected to login theme error page after failed social linking from account management 2016-04-11 23:30:18 +02:00
mposolda
3e9ba71baa KEYCLOAK-2769 Better error handling of expired code in IdentityBrokerService 2016-04-11 18:20:26 +02:00
Stian Thorgersen
e588860c21 KEYCLOAK-2700 Import existing realm fails due to can't delete group 2016-04-11 09:18:57 +02:00
Stian Thorgersen
19deb7c65e Merge pull request #2562 from guusdk/KEYCLOAK-2785
KEYCLOAK-2785: Admin client should be able to delete a user.
2016-04-11 07:14:06 +02:00
mposolda
ee9c87877f KEYCLOAK-2769 Fix NPE during 'Identity Broker cancelled' and instead show keycloak 'we are sorry' page 2016-04-08 19:07:06 +02:00
Guus der Kinderen
38670df49a
KEYCLOAK-2785: Admin client should be able to delete a user.
The delete user service should be exposed in the admin client.
2016-04-08 16:34:46 +02:00
mposolda
90fc721315 KEYCLOAK-2614 Refactor database lock to use 'SELECT FOR UPDATE' pessimistic locking 2016-04-08 12:20:54 +02:00
Guus der Kinderen
be578684b9
KEYCLOAK-2767: Should return a primitive if possible.
A JSON primitive is valid JSON. There is no need to construct a JSON object
just for the sake of being JSON complient. This keeps things nice and simple.
2016-04-07 13:19:29 +02:00
Stian Thorgersen
8de8446cb5 Merge pull request #2520 from stianst/KEYCLOAK-2756
KEYCLOAK-2756
2016-04-06 19:25:53 +02:00
Stian Thorgersen
6ccf3549ad KEYCLOAK-2756
Renaming a realm breaks down the Clients
2016-04-06 15:18:49 +02:00
mposolda
72371e5d76 KEYCLOAK-1982 Some builtin objects might be missing when import JSON exported from old versions 2016-04-06 11:43:58 +02:00
Stian Thorgersen
3e9ae7aa82 Merge pull request #2498 from stianst/KEYCLOAK-2722
KEYCLOAK-2722 Check user session in token introspection endpoint
2016-04-05 11:18:32 +02:00
Stian Thorgersen
55c5e9a381 KEYCLOAK-2722 Check user session in token introspection endpoint 2016-04-05 09:31:39 +02:00