Commit graph

12854 commits

Author SHA1 Message Date
Sven-Torben Janus
850d3e7fef KEYCLOAK-15511 OTP registration during login with LDAP read-only
When LDAP user federation is configured in read-only mode, it is not
possible to set required actions for users from LDAP.
Keycloak credential model allows for registering OTP devices when LDAP
ist configured with "Import Users" flag enabled. Registering OTP devices
needs to be done via the account management console and works as
expecetd. However, it fails, if a user has to register aN OTP device
during login (i.e. within the authentication flow), because the OTP Form
Authenticator tries to enforce OTP registration via setting the
corresponding required action for the user. That fails, because the user
is read-only.
To work around this, the required action is set on the authentication
session instead.
2020-10-21 17:00:11 +02:00
Pedro Igor
a965025be8 [KEYCLOAK-11331] - MySQL support 2020-10-21 16:55:25 +02:00
Pedro Igor
ee82391bd2 Fixing passing system properties and adding http.host option 2020-10-21 08:53:31 +02:00
mposolda
7891daef73 KEYCLOAK-15998 Keycloak OIDC adapter broken when Keycloak server is on http 2020-10-21 08:36:08 +02:00
Denis Richtárik
c8d0f2c59c
KEYCLOAK-15892 Can not install 7.4.3.CR1 Fuse adapter 2020-10-20 10:47:56 +02:00
Pedro Igor
4b75c83112 Default key store file for enabling HTTPS 2020-10-19 14:45:21 +02:00
Roland Werner
d544b132f9 KEYCLOAK-15806:
Extension to SignatureAlgorithm to support more Algorithms (RSA_SHA256_MGF1, RSA_SHA512_MGF1).
    Also included in clients.js and realms.js so it can be chosen as signature algorithm when connecting as SAML client and when brokering through SAML.
2020-10-15 20:55:27 +02:00
mhajas
4556e858ad KEYCLOAK-15522 Use AbstractStorageManager in UserStorageManager 2020-10-15 20:41:13 +02:00
Jonathan Buzzetti
a2efb84e00
KEYCLOAK-15978 Update spanish email verification message
For it to be similar to its english counterpart
2020-10-15 16:46:24 +02:00
Sven-Torben Janus
eb002c7ecd KEYCLOAK-3365 Extend test case 2020-10-15 08:43:31 +02:00
Sven-Torben Janus
5918094840 KEYCLOAK-3365 Add test case 2020-10-15 08:43:31 +02:00
Sven-Torben Janus
79f0703d62 KEYCLOAK-3365 Configure required actions for LDAP in READ_ONLY mode 2020-10-15 08:43:31 +02:00
Pedro Igor
be19c6b806 Updating to Quarkus 1.9.0.Final 2020-10-15 08:41:21 +02:00
mposolda
2ab355f7a2 KEYCLOAK-15924 Use 'cluster' instead of 'clustered' option. Execute StartupTest on GH actions. 2020-10-15 08:38:08 +02:00
mhajas
d266165f63 KEYCLOAK-14871 Whitelist RefreshableKeycloakSecurityContext for KeycloakPrincipal serialization 2020-10-14 16:00:39 +02:00
Martin Kanis
086f7b4696 KEYCLOAK-15450 Complement methods for accessing realms with Stream variants 2020-10-14 08:16:49 +02:00
Luca Leonardo Scorcia
0621e4ceb9 KEYCLOAK-15697 Fix config entry tooltip 2020-10-14 07:39:49 +02:00
Hynek Mlnarik
ec39569970 KEYCLOAK-15928 Fix EAP 6 configuration directory 2020-10-13 17:12:29 +02:00
Hynek Mlnarik
4541a1b250 KEYCLOAK-15907 Fix new host in SAML adapter cannot restore session 2020-10-12 13:23:03 +02:00
Elisabeth Schulz
73564c5815 KEYCLOAK-13983 Include algorithm parameters
Lazy initialization of additional parameters
2020-10-12 10:12:01 +02:00
Elisabeth Schulz
4c4750f1d9 KEYCLOAK-13983 Include algorithm parameters
Restore accidental change
2020-10-12 10:12:01 +02:00
Elisabeth Schulz
9143bc748f KEYCLOAK-13983 Include algorithm parameters
Include suggestions made by @mposolda to enable more generic
usage
2020-10-12 10:12:01 +02:00
Elisabeth Schulz
396fec19a8 KEYCLOAK-13983 Include algorithm parameters
Adds the capacity to add both public and secret algorithm
specific data to a PasswordCredentialModel. The default
way to create the models in maintained to minimize the change
impact for the default hash infrastructure.

Publishes the PasswordCredentialModel constructor to
ease in building such extended credential models.
2020-10-12 10:12:01 +02:00
testn
269a72d672 KEYCLOAK-15184: Use static inner class where possible 2020-10-09 23:37:08 +02:00
Trey Dockendorf
6e713b5044 KEYCLOAK-15545 Fix null pointer exception when updating flow via API 2020-10-09 23:33:51 +02:00
Luca Leonardo Scorcia
f274ec447b KEYCLOAK-15697 Make the Service Provider Entity ID user configurable 2020-10-09 22:04:02 +02:00
Dustin Frank
59ef7d258f Fix typo in FileTruststoreProviderFactory.java 2020-10-09 22:01:52 +02:00
mposolda
4fd1950f5c KEYCLOAK-15910 Rename "cluster.enabled" to "clustered". Fix test and minor cleanup. Adding GH action for quarkus unit test 2020-10-09 15:27:47 -03:00
mposolda
ff05072c16 KEYCLOAK-15770 Skip creating session for docker protocol authentication 2020-10-09 07:53:26 +02:00
Pedro Igor
1a1c42c776 Improvements to error messages 2020-10-08 12:04:11 -03:00
mposolda
d269af1b70 KEYCLOAK-15830 Remove authentication session after failed directGrant authentication 2020-10-07 18:13:21 +02:00
Thomas Darimont
152588ecc4 KEYCLOAK-13915 Update Jetty 9.4.x dependency to latest version
Adapted Jetty94SessionManager to workaround Jetty 9.4 API changes.
The Method org.eclipse.jetty.server.session.SessionHandler#getHttpSession
was changed from public to protected which makes it no longer accessible.

As a workaround the method contents were inlined.
2020-10-07 11:40:18 -03:00
Pedro Igor
65c425e774 Update Quarkus 1.8.2.Final 2020-10-07 10:18:43 -03:00
vmuzikar
bb7ce62cd5 KEYCLOAK-15332 Missing CORS headers in some endpoints in Account REST API 2020-10-07 09:07:55 -03:00
mhajas
540516c6a9 KEYCLOAK-15734 Exclude tests with testingClient in remote environment 2020-10-06 20:26:24 +02:00
dashaylan
65ecfc960a Combine UserInfo KcOidcBrokerConfiguration with OidcUserInfoClaimToRoleMapperTest 2020-10-06 08:44:02 +02:00
dashaylan
787d44be78 Reduce code duplication and test count 2020-10-06 08:44:02 +02:00
dashaylan
0d6da99844 Add UserInfo check fix and associated tests. 2020-10-06 08:44:02 +02:00
Alex Szczuczko
b66dcc8b29 KEYCLOAK-15813 Replace dependencyExclusion with dependencyOverride in prod-arguments
This resolves a problem with the new version of PME, which fails the build when
these old properties are present.
2020-10-05 18:15:25 -03:00
Markus Till
f0ea7a04bd remove unused getApplications method from user account 2020-10-05 17:02:22 -03:00
Markus Till
43206d3158 minor restructering of the userprofile impl -> add AbstractUserProfile introduced to make getId override explicit 2020-10-05 09:59:44 -03:00
Markus Till
c71ce8cd2e refactoring add UserProfileAttributes 2020-10-05 09:59:44 -03:00
Markus Till
695db3e8ef remove unused isCreated Flag in user profile context 2020-10-05 09:59:44 -03:00
Markus Till
7da619385c refactore userupdate helper api 2020-10-05 09:59:44 -03:00
Markus Till
802a670cc5 have a factory like approach for profile contexts 2020-10-05 09:59:44 -03:00
Markus Till
21cfa54d4d remove StoredUserProfile interface 2020-10-05 09:59:44 -03:00
Markus Till
72f73f153a UserProfile M1 2020-10-05 09:59:44 -03:00
Pedro Igor
efa16b5ac4 [KEYCLOAK-14255] - More improvements to CLI 2020-10-02 11:50:23 -03:00
Pedro Igor
0d99e01b98 [KEYCLOAK-15807] - Wrong parsing of Cookie header 2020-10-02 08:19:24 -03:00
Achim Hügen
66dfa32cd5 KEYCLOAK-14302 Fix the setting of the lifespan for cache entries. This bug caused that jobs were no longer executed after temporary network partition in multinode setup, because the cluster based locks used for the coordination were never released. 2020-10-02 11:34:44 +02:00