libre.sh/keycloak-scim
3
0
Fork 0
Code Issues 15 Pull requests Releases 1 Packages Activity Actions
7269 commits 4 branches 9 tags 483 MiB
Commit graph

162 commits

Author SHA1 Message Date
mposolda
2cba13db9c KEYCLOAK-3424 Possibility to import JWK key through admin console 2016-08-12 15:51:14 +02:00
mposolda
3eb9134e02 KEYCLOAK-3424 Support for save JWKS in OIDC ClientRegistration endpoint 2016-08-12 15:51:14 +02:00
mposolda
a8fb988e31 KEYCLOAK-3406 OIDC dynamic client registrations specs fixes 2016-08-11 15:54:51 +02:00
Marko Strukelj
59e0570cdf KEYCLOAK-2571 RESET_PASSWORD_ERROR and UPDATE_PASSWORD_ERROR events not fired 2016-07-26 21:32:57 +02:00
mposolda
56e011dce4 KEYCLOAK-3318 Adapter support for prompt and max_age. Refactoring to not hardcode OIDC specifics to CookieAuthenticator 2016-07-21 18:19:53 +02:00
mposolda
f4ddfe4a52 KEYCLOAK-3318 Support for prompt=login. More tests for prompt parameter 2016-07-20 21:27:38 +02:00
mposolda
ee3ac3fdaf KEYCLOAK-3223 Basic support for acr claim 2016-07-14 12:36:12 +02:00
Stian Thorgersen
ea44b5888b KEYCLOAK-2824 Password Policy SPI 2016-07-14 07:20:30 +02:00
Martin Kanis
c67d834d39 KEYCLOAK-3096 Remove leading/trailing spaces from login 2016-07-09 18:35:51 +02:00
mposolda
629390dd4a KEYCLOAK-2986 Require either expiration or issuedAt for client authentication with signed JWT 2016-07-08 16:16:38 +02:00
mposolda
3bfd999590 KEYCLOAK-3222 extend WellKnown to return supported types of client authentications. More tests 2016-07-08 15:39:13 +02:00
mposolda
a7c9e71490 KEYCLOAK-3218 Support for max_age OIDC authRequest parameter and support for auth_time in IDToken 2016-07-07 17:04:32 +02:00
Stan Silvert
a231c1b31b RHSSO-296: Required Action "Configure Totp" should be "Configure OTP" 2016-07-05 15:07:52 -04:00
Stian Thorgersen
e538394e60 KEYCLOAK-3091 Change brute force to use userId 2016-06-13 15:30:13 +02:00
Thomas Darimont
c8d47926b8 KEYCLOAK-2489 - Add support for Script-based AuthenticationExecution definitions. 
This is a POC for script based authenticator support.
Introduced a ScriptBasedAuthenticator that is bootstraped via a
ScriptBasedAuthenticatorFactory can be execute a configured script
against a provided execution context.
Added an alias property to the AuthFlowExecutionRepresentation in order
to be able to differentiate multiple instances of an Authenticator
within the same AuthFlow.

For convenience editing the AngularJS bindings for the ACE editor were
added for fancy script editing - this needs to be cut down a bit wrt to
themes and supported scripts - e.g. we probably don't expect users to write
authenticator scripts in Cobol...
Removed currently not needed ACE sytax highlighting and themes.

Scripting is now available to all keycloak components that have access to the KeycloakSession.
Introduced new Scripting SPI for configurable scripting providers.
 2016-04-27 14:37:13 +02:00
mposolda
25f965aa2e KEYCLOAK-2628 protected method to IdpCreateUserIfUniqueAuthenticator after user is registered 2016-03-11 10:05:41 +01:00
Bruno Oliveira
8d6f71e7d1 KEYCLOAK-2585: Changes on Brute force messages 2016-03-03 10:11:03 -03:00
Stian Thorgersen
2974034974 KEYCLOAK-2435 
Feedback on login screen not showing correctly
 2016-02-03 13:41:31 +01:00
Stian Thorgersen
c7a8742a36 KEYCLOAK-1524 
Source code headers
 2016-02-03 11:20:22 +01:00
Bill Burke
25347cd45e browser back button 2016-01-27 22:14:28 -05:00
mposolda
90842cf7ef Minor change in message 2016-01-26 16:24:08 +01:00
Bill Burke
8b7bc5b153 redirect after post in flow 2016-01-22 18:39:55 -05:00
Stan Silvert
b544adf170 KEYCLOAK-1280: i18n logging for 
org.keycloak.authentication.requiredactions
 2016-01-21 11:55:10 -05:00
Stan Silvert
2cecce37a7 KEYCLOAK-1280: i18n logging for org.keycloak.authentication.forms 2016-01-21 11:55:09 -05:00
Stan Silvert
7bc74aac73 KEYCLOAK-1280: i18n logging for 
org.keycloak.authentication.authenticators.resetcred
 2016-01-21 11:55:07 -05:00
Stan Silvert
dfb92db2b7 KEYCLOAK-1280: i18n logging for 
org.keycloak.authentication.authenticators.directgrant
 2016-01-21 11:55:05 -05:00
Stan Silvert
36e711fb88 KEYCLOAK-1280: i18n logging for 
org.keycloak.authentication.authenticators.client
 2016-01-21 11:55:04 -05:00
Stan Silvert
0ef8c18b93 KEYCLOAK-1280: i18n logging for 
org.keycloak.services.authentication.authenticators.browser
 2016-01-21 11:55:02 -05:00
Stan Silvert
b1baea7023 KEYCLOAK-1280: i18n logging for 
org.keycloak.authentication.authenticators.broker
 2016-01-21 11:55:00 -05:00
Stan Silvert
3b4cb94ff1 KEYCLOAK-1280: i18n logging for org.keycloak.authentication 2016-01-21 11:54:59 -05:00
Bill Burke
efd8317259 final re-org work 2016-01-20 17:26:26 -05:00
Bill Burke
b0054b7682 email, login, account 2016-01-16 09:38:24 -05:00
Bill Burke
76e3a72f4c fixes 2016-01-15 20:18:36 -05:00
Bill Burke
007e9530ec brute force refactr, mv protocol 2016-01-15 19:25:28 -05:00
Bill Burke
b93d55cb63 remove model-api, add server-spi 2016-01-15 18:44:17 -05:00
Stian Thorgersen
435980d776 KEYCLOAK-1809 
Upgrade jackson to version 2.x
 2016-01-14 16:34:30 +01:00
Thomas Darimont
d6b10aa911 KEYCLOAK-2311 - Polishing. 
Aligned constant names, but keep constant values to stay compatible with previous version.
 2016-01-14 12:05:19 +01:00
Thomas Darimont
92c2ec366d KEYCLOAK-2311 - Allow to specify role to skip conditional OTP authentication. 
We now allow specify a role to skip OTP.
Previously it was  not possible to specify that OTP authentication should be skipped via a role but the
ConditionalOtpAuthenticator allowed to specify to show/skip OTP via a user attribute or HTTP request header pattern.
Having the "skip role" aligns the role based configuration options with the user attribute and HTTP request header configuration.
 2016-01-14 11:47:30 +01:00
Bill Burke
f9c458aa0e Merge remote-tracking branch 'upstream/master' 2016-01-13 16:18:42 -05:00
Bill Burke
9dc21224bd clean up most redirects 2016-01-13 16:18:24 -05:00
Stian Thorgersen
30c3a5ed70 Merge pull request #2020 from stianst/master 
Mark all SPIs as internal
 2016-01-13 19:24:43 +01:00
Bill Burke
b3967263d1 Merge remote-tracking branch 'upstream/master' 2016-01-13 10:16:06 -05:00
Bill Burke
b9c9b58727 refactor 2016-01-13 10:15:54 -05:00
Stian Thorgersen
f8841d2365 Mark all SPIs as internal 2016-01-13 15:49:53 +01:00
mposolda
4642876323 KEYCLOAK-2270 Use sub instead of iss for clientId in JWTClientAuthenticator 2016-01-13 10:12:20 +01:00
Thomas Darimont
46991764d4 KEYCLOAK-2040 - Add support for Conditional OTP auth. 
Previously it was not possible to conditionally show a OTP authentication
form. This PR adds support to conditionally require OTP authentication
based on a custom user attribute, a role, a request header pattern
(with black- and whitelisting) as well as a configurable default in
case no condition matches.
 2016-01-11 17:39:42 +01:00
Thomas Raehalme
c4544e8caf Like other timestamps attribute value is now seconds since 1970. 2016-01-08 14:21:43 +02:00
Thomas Raehalme
bca3893070 Required action TermsAndConditions now stores user attribute indicating acceptance of terms and conditions. 2016-01-08 13:14:04 +02:00
Pedro Igor
9172b5472e [KEYCLOAK-2202] - Removing LoginProtocol in order to reuse SAML settings. 2015-12-22 12:53:39 -02:00
Bill Burke
0527d441e3 better logging 2015-12-16 12:23:41 -05:00