Martin Bartos
2e59d5c232
KEYCLOAK-14679 Unable to log in with WebAuthn on unsupported browsers
2020-10-29 14:03:17 +01:00
Johannes Knutsen
23c575c236
KEYCLOAK-15399: Wrong token type in token response. bearer vs Bearer
2020-10-28 10:38:22 -03:00
Martin Bartos
a8df7d88a1
[KEYCLOAK-14139] Upgrade login screen to PF4
2020-10-27 20:24:07 +01:00
nxadm
580f2b4977
KEYCLOAK-16040 Typo in comment: Authoirzation => Authorization
2020-10-22 16:26:24 +02:00
stianst
74b5143c5e
KEYCLOAK-15498 Disable gzip encoding when themes are not cached
2020-10-22 09:07:37 +02:00
Daniel Fesenmeyer
de8d2eafa3
KEYCLOAK-14781 Extend Admin REST API with search by federated identity
...
- Add parameters idpAlias and idpUserId to the resource /{realm}/users and allow it to be combined with the other search parameters like username, email and so on
- Add attribute "federatedIdentities" to UserEntity to allow joining on this field
- extend integration test "UserTest"
2020-10-22 08:51:26 +02:00
Sven-Torben Janus
850d3e7fef
KEYCLOAK-15511 OTP registration during login with LDAP read-only
...
When LDAP user federation is configured in read-only mode, it is not
possible to set required actions for users from LDAP.
Keycloak credential model allows for registering OTP devices when LDAP
ist configured with "Import Users" flag enabled. Registering OTP devices
needs to be done via the account management console and works as
expecetd. However, it fails, if a user has to register aN OTP device
during login (i.e. within the authentication flow), because the OTP Form
Authenticator tries to enforce OTP registration via setting the
corresponding required action for the user. That fails, because the user
is read-only.
To work around this, the required action is set on the authentication
session instead.
2020-10-21 17:00:11 +02:00
mposolda
7891daef73
KEYCLOAK-15998 Keycloak OIDC adapter broken when Keycloak server is on http
2020-10-21 08:36:08 +02:00
mhajas
4556e858ad
KEYCLOAK-15522 Use AbstractStorageManager in UserStorageManager
2020-10-15 20:41:13 +02:00
Martin Kanis
086f7b4696
KEYCLOAK-15450 Complement methods for accessing realms with Stream variants
2020-10-14 08:16:49 +02:00
testn
269a72d672
KEYCLOAK-15184: Use static inner class where possible
2020-10-09 23:37:08 +02:00
Trey Dockendorf
6e713b5044
KEYCLOAK-15545 Fix null pointer exception when updating flow via API
2020-10-09 23:33:51 +02:00
Luca Leonardo Scorcia
f274ec447b
KEYCLOAK-15697 Make the Service Provider Entity ID user configurable
2020-10-09 22:04:02 +02:00
Dustin Frank
59ef7d258f
Fix typo in FileTruststoreProviderFactory.java
2020-10-09 22:01:52 +02:00
mposolda
ff05072c16
KEYCLOAK-15770 Skip creating session for docker protocol authentication
2020-10-09 07:53:26 +02:00
mposolda
d269af1b70
KEYCLOAK-15830 Remove authentication session after failed directGrant authentication
2020-10-07 18:13:21 +02:00
vmuzikar
bb7ce62cd5
KEYCLOAK-15332 Missing CORS headers in some endpoints in Account REST API
2020-10-07 09:07:55 -03:00
dashaylan
0d6da99844
Add UserInfo check fix and associated tests.
2020-10-06 08:44:02 +02:00
Markus Till
f0ea7a04bd
remove unused getApplications method from user account
2020-10-05 17:02:22 -03:00
Markus Till
43206d3158
minor restructering of the userprofile impl -> add AbstractUserProfile introduced to make getId override explicit
2020-10-05 09:59:44 -03:00
Markus Till
c71ce8cd2e
refactoring add UserProfileAttributes
2020-10-05 09:59:44 -03:00
Markus Till
695db3e8ef
remove unused isCreated Flag in user profile context
2020-10-05 09:59:44 -03:00
Markus Till
7da619385c
refactore userupdate helper api
2020-10-05 09:59:44 -03:00
Markus Till
802a670cc5
have a factory like approach for profile contexts
2020-10-05 09:59:44 -03:00
Markus Till
21cfa54d4d
remove StoredUserProfile interface
2020-10-05 09:59:44 -03:00
Markus Till
72f73f153a
UserProfile M1
2020-10-05 09:59:44 -03:00
Pedro Igor
0d99e01b98
[KEYCLOAK-15807] - Wrong parsing of Cookie header
2020-10-02 08:19:24 -03:00
Michito Okai
eac3341241
KEYCLOAK-15779 Authorization Server Metadata for the URL of the
...
authorization server's JWK Set [JWK] document
2020-10-02 11:18:31 +02:00
Thomas Darimont
12576e339d
KEYCLOAK-15146 Add support for searching users by emailVerified status
...
We now allow to search for users by their emailVerified status.
This enables users to easily find users and deal with incomplete user accounts.
2020-09-29 08:28:59 -03:00
Takashi Norimatsu
6596811d5d
KEYCLOAK-14204 FAPI-RW Client Policy - Executor : Enforce Request Object satisfying high security level
2020-09-25 08:31:14 +02:00
Pedro Igor
76dede0f1e
[KEYCLOAK-14221] - Allow to map subject to userinfo response
2020-09-23 14:33:14 +02:00
Frode Ingebrigtsen
0a0b7da53e
KEYCLOAK-15429 Add CORS origin on permission request with invalid access token
2020-09-22 08:56:21 -03:00
Denis
50210c4d9b
KEYCLOAK-14161 Regression on custom registration process
2020-09-21 20:23:39 +02:00
mhajas
12bc84322a
KEYCLOAK-14974 Map group storage provider
2020-09-21 15:56:32 +02:00
testn
2cd03569d6
KEYCLOAK-15238: Fix potential resource leak from not closing Stream/Reader
2020-09-21 13:05:03 +02:00
Takashi Norimatsu
bd3840c606
KEYCLOAK-15559 Client Policy - Executor : Missing Help Text of SecureResponseTypeExecutor
2020-09-21 12:40:25 +02:00
vmuzikar
790b549cf9
KEYCLOAK-15262 Logout all sessions after password change
2020-09-18 20:09:40 -03:00
mhajas
b75ad2fbd8
KEYCLOAK-15259 Avoid using "null" Origin header as a valid value
2020-09-17 23:21:49 -07:00
mhajas
f7e0af438d
KEYCLOAK-14232 Add Referrer-Policy: no-referrer to each response from Keycloak
...
(cherry picked from commit 0b49640231abc6e465542bd2608e1c908c079ced)
2020-09-17 23:21:49 -07:00
Luca Leonardo Scorcia
10077b1efe
KEYCLOAK-15485 Add option to enable SAML SP metadata signature
2020-09-16 16:40:45 +02:00
Mark Wolfe
3723d78e3c
KEYCLOAK-15460 Fix missing event types in SAML endpoint
...
A change was done in 32f13016fa
which isn't setting the type for events and causing an internal error.
2020-09-16 16:36:19 +02:00
Martin Kanis
5d5e56dde3
KEYCLOAK-15199 Complement methods for accessing roles with Stream variants
2020-09-16 16:29:51 +02:00
Benjamin Weimer
f874e9a43c
KEYCLOAK-9874 include realm and client roles in user info response
2020-09-16 10:01:02 +02:00
Takashi Norimatsu
b670734eec
KEYCLOAK-14205 FAPI-RW Client Policy - Executor : Enforce Response Type of OIDC Hybrid Flow
2020-09-14 20:58:25 +02:00
Hynek Mlnarik
a05066d567
KEYCLOAK-15477 Fix permission evaluation logic
2020-09-14 20:53:46 +02:00
mposolda
4123b7a91e
KEYCLOAK-11678 Remove dummy resource. Adding keycloak-services and liquibase to jandex indexing
2020-09-14 09:27:34 -03:00
vmuzikar
a9a719b88c
KEYCLOAK-15270 Account REST API doesn't verify audience
2020-09-14 08:43:09 -03:00
mhajas
3186f1b5a9
KEYCLOAK-15514 Update AbstractStorageManager to check capability interface types
2020-09-11 14:42:48 +02:00
Miquel Simon
2572b1464b
KEYCLOAK-15395. Removed totp/remove (DELETE) and credentials/password (GET, POST) endpoints.
2020-09-10 18:03:03 -03:00
Takashi Norimatsu
af2f18449b
KEYCLOAK-14195 FAPI-RW Client Policy - Condition : Client - Client Role
2020-09-10 18:34:19 +02:00