Michal Hajas
8e376aef51
KEYCLOAK-15847 Add MapUserProvider
2020-12-10 08:57:53 +01:00
Hynek Mlnarik
8c0c542f09
KEYCLOAK-16489 Add ability to run model tests with LDAP
2020-12-07 20:54:06 +01:00
Stefan Guilhen
edef93cd49
[KEYCLOAK-16232] Streamify the UserCredentialStore and UserCredentialManager interfaces
2020-12-07 19:48:35 +01:00
Stefan Guilhen
73d0bb34c4
[KEYCLOAK-16232] Replace usages of deprecated collection-based methods with the respective stream variants
2020-12-07 19:48:35 +01:00
Hynek Mlnarik
363df6cab4
KEYCLOAK-16405 Tests for storage logical layer
2020-11-25 12:16:48 +01:00
Stefan Guilhen
84df008bc2
[KEYCLOAK-16341] Make the new stream-based methods in server-spi user interfaces default instead of the collection-based versions.
...
- this ensures that providing implementation for the collection-based methods is enough, which preserves
backwards compatibility with older custom implementations.
- alternative interfaces now allow new implementations to focus on the stream variants of the query methods.
2020-11-18 21:07:51 +01:00
Pedro Igor
56574afbeb
[KEYCLOAK-11330] - Fixing client and realm tests
2020-11-13 13:53:31 +01:00
Pedro Igor
7ad1c350a3
[KEYCLOAK-16245] - Update Quarkus 1.10.0.CR1
2020-11-12 13:21:08 -03:00
Martin Kanis
d9029b06b9
KEYCLOAK-15889 Streamification of ProtocolMappers
2020-11-10 16:40:34 +01:00
Stefan Guilhen
aa46735173
[KEYCLOAK-15200] Complement methods for accessing users with Stream variants
2020-11-10 15:13:11 +01:00
Takashi Norimatsu
a63814da67
KEYCLOAK-14201 Client Policy - Executor : Enforce Proof Key for Code Exchange (PKCE)
2020-11-09 08:18:05 +01:00
Takashi Norimatsu
6dc136dfc0
KEYCLOAK-14199 Client Policy - Executor : Enforce more secure client authentication method when client registration
2020-11-05 20:42:49 +01:00
vramik
785f2e78bc
KEYCLOAK-14977 create MapRoleProvider
2020-10-30 08:15:22 +01:00
mhajas
4556e858ad
KEYCLOAK-15522 Use AbstractStorageManager in UserStorageManager
2020-10-15 20:41:13 +02:00
Martin Kanis
086f7b4696
KEYCLOAK-15450 Complement methods for accessing realms with Stream variants
2020-10-14 08:16:49 +02:00
testn
269a72d672
KEYCLOAK-15184: Use static inner class where possible
2020-10-09 23:37:08 +02:00
mposolda
ff05072c16
KEYCLOAK-15770 Skip creating session for docker protocol authentication
2020-10-09 07:53:26 +02:00
Takashi Norimatsu
6596811d5d
KEYCLOAK-14204 FAPI-RW Client Policy - Executor : Enforce Request Object satisfying high security level
2020-09-25 08:31:14 +02:00
vmuzikar
bca73fd04a
KEYCLOAK-15158 Javascript adapter init() is throwing a promise error after upgrade to 11
2020-09-22 10:56:46 -03:00
testn
2cd03569d6
KEYCLOAK-15238: Fix potential resource leak from not closing Stream/Reader
2020-09-21 13:05:03 +02:00
Martin Kanis
5d5e56dde3
KEYCLOAK-15199 Complement methods for accessing roles with Stream variants
2020-09-16 16:29:51 +02:00
vmuzikar
a9a719b88c
KEYCLOAK-15270 Account REST API doesn't verify audience
2020-09-14 08:43:09 -03:00
Takashi Norimatsu
af2f18449b
KEYCLOAK-14195 FAPI-RW Client Policy - Condition : Client - Client Role
2020-09-10 18:34:19 +02:00
Martin Kanis
4e9bdd44f3
KEYCLOAK-14901 Replace deprecated ClientProvider related methods across Keycloak
2020-09-07 13:11:55 +02:00
Takashi Norimatsu
1d8230d438
KEYCLOAK-14190 Client Policy - Condition : The way of creating/updating a client
2020-09-04 09:54:55 +02:00
Hynek Mlnarik
583fa07bc4
KEYCLOAK-11029 Support modification of broker username / ID for identity provider linking
2020-09-01 20:40:38 +02:00
mhajas
bdccfef513
KEYCLOAK-14973 Create GroupStorageManager
2020-09-01 10:21:39 +02:00
Martin Kanis
d59a74c364
KEYCLOAK-15102 Complement methods for accessing groups with Stream variants
2020-08-28 20:56:10 +02:00
vramik
6b00633c47
KEYCLOAK-14812 Create RoleStorageManager
2020-07-31 15:11:25 -03:00
rmartinc
32bf50e037
KEYCLOAK-14336: LDAP group membership is not visible under "Users in Role" tab for users imported from LDAP
2020-07-30 16:19:22 +02:00
Dillon Sellars
25bb2e3ba2
KEYCLOAK-14529 Signed and Encrypted ID Token Support : RSA-OAEP-256 Key Management Algorithm
2020-07-30 15:20:51 +02:00
vramik
7f979ffbcf
KEYCLOAK-14889 Create test for clientStorageProviderTimeout
2020-07-30 08:42:51 -03:00
Martin Kanis
feef5b4db2
KEYCLOAK-14220 Complement methods for accessing clients with Stream variants
2020-07-27 10:38:39 +02:00
Hynek Mlnarik
c566b46e8f
KEYCLOAK-14549 Make ClientProvider independent of RealmProvider
...
Co-Authored-By: vramik <vramik@redhat.com>
2020-07-22 00:08:15 +02:00
Takashi Norimatsu
e0fbfa722e
KEYCLOAK-14189 Client Policy : Basics
2020-07-21 07:50:08 +02:00
Jan Lieskovsky
969b09f530
[KEYCLOAK-13692] Upgrade to Wildfly "20.0.1.Final" and Infinispan "10.1.8.Final"
...
Co-authored-by: Jan Lieskovsky <jlieskov@redhat.com>
Co-authored-by: Marek Posolda <mposolda@redhat.com>
2020-07-20 22:15:08 +02:00
mhajas
93149d6b47
KEYCLOAK-14234 Adjust Adapter testsuite to work with app/auth.server.host including TLS configured
2020-07-20 11:22:16 +02:00
vmuzikar
7087c081f0
KEYCLOAK-14023 Instagram User Endpoint change
...
Co-authored-by: Jean-Baptiste PIN <jibet.pin@gmail.com>
2020-07-10 17:36:51 -03:00
Pedro Igor
1db1deb066
[KEYCLOAK-13141] - Supporting re-augmentation
2020-07-10 11:04:46 -03:00
vmuzikar
001fe9eb11
KEYCLOAK-13206 Session Status iframe cannot access cookies when 3rd party cookies are blocked
...
Co-authored-by: mhajas <mhajas@redhat.com>
2020-06-30 17:11:20 -03:00
Martin Idel
05b6ef8327
KEYCLOAK-14536 Migrate UserModel fields to attributes
...
- In order to make lastName/firstName/email/username field
configurable in profile
we need to store it as an attribute
- Keep database as is for now (no impact on performance, schema)
- Keep field names and getters and setters (no impact on FTL files)
Fix tests with logic changes
- PolicyEvaluationTest: We need to take new user attributes into account
- UserTest: We need to take into account new user attributes
Potential impact on users:
- When subclassing UserModel, consistency issues may occur since one can
now set e.g. username via setSingleAttribute also
- When using PolicyEvaluations, the number of attributes has changed
2020-06-25 14:50:57 +02:00
Pedro Igor
e16f30d31f
[KEYCLOAK-2343] - Allow exact user search by user attributes
...
Co-authored-by: Hynek Mlnařík <hmlnarik@users.noreply.github.com>
2020-06-10 12:02:50 -03:00
Pedro Igor
6ccde288a3
[KEYCLOAK-11330] - SSL Support
2020-06-09 08:43:52 +02:00
Torsten Juergeleit
6005503a3d
Namespace support to group-ldap-mapper
...
Previously, Keycloak did only support syncing groups from LDAP federation provider as top-level KC groups.
This approach has some limitations:
- If using multiple group mappers then there’s no way to isolate the KC groups synched by each group mapper.
- If the option "Drop non-existing groups during sync” is activated then all KC groups (including the manually created ones) are deleted.
- There’s no way to inherit roles from a parent KC group.
This patch introduces support to specify a prefix for the resulting group path, which effectively serves as a namespace for a group.
A path prefix can be specified via the newly introduced `Groups Path` config option on the mapper. This groups path defaults to `/` for top-level groups.
This also enables to have multiple `group-ldap-mapper`'s which can manage groups within their own namespace.
An `group-ldap-mapper` with a `Group Path` configured as `/Applications/App1` will only manage groups under that path. Other groups, either manually created or managed by other `group-ldap-mapper` are not affected.
2020-05-26 17:37:29 +02:00
stianst
5b017e930d
KEYCLOAK-13128 Security Headers SPI and response filter
2020-04-28 15:28:24 +02:00
mposolda
821405e175
KEYCLOAK-10852 Inconsistency when using 'forgot password' after changing email directly in LDAP
2020-04-16 12:28:41 +02:00
mposolda
6f62c0ed98
KEYCLOAK-13442 Backwards compatibility in users searching. searchForUser(String, RealmModel, int, int) is no longer called when searching users from the admin console
2020-03-27 13:29:55 +01:00
mposolda
72e4690248
KEYCLOAK-13174 Not possible to delegate creating or deleting OTP credential to userStorage
2020-03-11 12:51:56 +01:00
mposolda
803f398dba
KEYCLOAK-12876 KEYCLOAK-13148 KEYCLOAK-13149 KEYCLOAK-13151 Re-introduce some changes to preserve UserStorage SPI backwards compatibility. Added test for backwards compatibility of user storage
2020-03-11 12:51:56 +01:00
Sebastian Schuster
99aba33980
KEYCLOAK-13163 Fixed searching for user with fine-grained permissions
2020-03-09 09:56:13 -03:00