libre.sh/keycloak-scim
2
0
Fork 0
Code Issues 14 Pull requests Releases Packages Activity Actions 6
7650 commits 4 branches 5 tags 480 MiB
Commit graph

1800 commits

Author SHA1 Message Date
Pedro Igor
8b0bf503c3 [KEYCLOAK-3172] - Migrating older versions with authorization services. 2016-06-29 12:07:49 -03:00
Josh Cain
ec402f759b make locale retrieval null-safe 2016-06-28 13:25:48 -05:00
Stian Thorgersen
2e2f34d94e Merge pull request #2957 from pedroigor/authz-changes 
Changes to authz examples and some minor improvements
 2016-06-23 07:49:47 +02:00
Pedro Igor
074a312fe5 Renaming authorization attributes. 2016-06-22 17:20:50 -03:00
Pedro Igor
f48288865b [KEYCLOAK-3156] - Missing CORS when responding with denies 2016-06-22 14:39:07 -03:00
Pedro Igor
905421a292 [KEYCLOAK-3152] - Keycloak Authorization JS Adapter 2016-06-22 14:28:02 -03:00
mposolda
f7a2ad021e KEYCLOAK-3141 Fix DB2 and some other DB issues 2016-06-22 17:06:55 +02:00
mposolda
5c731b4d14 KEYCLOAK-3149 DB update triggered before DBLock is retrieved 2016-06-21 17:14:25 +02:00
Pedro Igor
8402cedd82 Merge pull request #2946 from pedroigor/KEYCLOAK-3130 
[KEYCLOAK-3130] - Permission checks to authorization admin endpoints
 2016-06-21 10:50:29 -03:00
Erik Mulder
f4ead484de KEYCLOAK-2474 Possibility to add custom SPI and extend the data model 2016-06-20 10:56:33 +02:00
Pedro Igor
dd279dd0fd [KEYCLOAK-3130] - Permission checks to authorization admin endpoints 2016-06-17 15:27:42 -03:00
Stian Thorgersen
3c0f7e2ee2 Merge pull request #2617 from pedroigor/KEYCLOAK-2753 
[KEYCLOAK-2753] - Fine-grained Authorization Services
 2016-06-17 13:40:15 +02:00
Pedro Igor
086c29112a [KEYCLOAK-2753] - Fine-grained Authorization Services 2016-06-17 02:07:34 -03:00
Stian Thorgersen
e538394e60 KEYCLOAK-3091 Change brute force to use userId 2016-06-13 15:30:13 +02:00
mposolda
1510ac5eb4 KEYCLOAK-3105 Can't access single realm with the admin user from master realm 2016-06-13 12:09:11 +02:00
Stian Thorgersen
1c694b4795 Merge pull request #2921 from thomasdarimont/issue/KEYCLOAK-3054-fix-npe-on-unknown-protocol-adjustment 
KEYCLOAK-3054: Use string format for log message
 2016-06-08 07:08:05 +02:00
Stian Thorgersen
819c42dad2 Merge pull request #2918 from chameleon82/issue/KEYCLOAK-3089-email-subject-internationalization 
KEYCLOAK-3089 Change email subject encoding to utf-8/base64
 2016-06-08 07:07:37 +02:00
Некрасов Александр Сергеевич
7bdccc21b2 KEYCLOAK-3089 Change email subject encoding to utf-8 2016-06-08 09:10:39 +06:00
Thomas Darimont
a9f461bfd1 KEYCLOAK-3054: Use string format for log message 
Need to use log.debugf(..) to correctly resolve the %s placeholder.
 2016-06-07 21:56:04 +02:00
Thomas Darimont
67a63a806e KEYCLOAK-3054: Fix potential NPE in RealmsResource 
Prior to PR .well-known Endpoint threw NPE with if unknown
Protocol was provided.
 2016-06-07 08:29:23 +02:00
Некрасов Александр Сергеевич
5474496867 KEYCLOAK-3089 Change email subject encoding to utf-8/base64 2016-06-07 09:11:46 +06:00
Bill Burke
4c9a0b45d4 Merge pull request #2229 from thomasdarimont/issue/KEYCLOAK-2489-script-based-authenticator-definitions 
KEYCLOAK-2489 - Add support for Script-based AuthenticationExecution definitions.
 2016-06-05 11:12:05 -04:00
Bill Burke
b3f3449e39 Merge pull request #2810 from thomasdarimont/issue/KEYCLOAK-2974-handle-ModelException-in-UsersResource 
KEYCLOAK-2974: Handle ModelException in UsersResource
 2016-06-05 11:06:32 -04:00
Thomas Darimont
a2d1c8313d KEYCLOAK-3081: Add client mapper to map user roles to token 
Introduced two new client protocol mappers to propagate assigned user client / realm roles to a JWT ID/Access Token.
Each protocol mapper supports to use a prefix string that is prepended to each role name.

 The client role protocol mapper can specify from which client the roles should be considered.
 Composite Roles are resolved recursively.

Background:
Some OpenID Connect integrations like mod_auth_openidc don't support analyzing deeply nested or encoded structures.
In those scenarios it is helpful to be able to define custom client protocol mappers that allow to propagate a users's roles as a flat structure
(e.g. comma separated list) as a top-level  (ID/Access) Token attribute that can easily be matched with a regex.

In order to differentiate between client specific roles and realm roles it is possible to configure
both separately to be able to use the same role names with different contexts rendered as separate token attributes.
 2016-06-03 15:52:58 +02:00
Stian Thorgersen
8fab2f0718 KEYCLOAK-3066 
Uploaded Realm Certificate is not validated
 2016-06-01 15:12:21 +02:00
Stian Thorgersen
2343e517c9 Merge pull request #2891 from pedroigor/KEYCLOAK-2894 
[KEYCLOAK-2894] - Fixing saml signature validation
 2016-05-26 16:57:13 +02:00
Pedro Igor
60f954a497 [KEYCLOAK-2894] - Fixing saml signature validation 2016-05-26 10:48:30 -03:00
mposolda
882dbc3f25 KEYCLOAK-3006 Fix admin event inconsistencies related to roles (points 1,3,4,15,16 from JIRA) 2016-05-25 23:18:01 +02:00
mposolda
022be3aee5 KEYCLOAK-3006 Fix admin event inconsistencies (points 2,5-14 from JIRA) 2016-05-25 23:17:47 +02:00
Thomas Darimont
5f73c338d8 KEYCLOAK-2947: Include group representation for GroupMembership changes in AdminEvents 
We now include the full group representation in AdminEvents
for Group Membership changes.
This enables EventListener to propagate potential role / attribute
chnages based on the removal / addition of the group.
 2016-05-25 23:17:35 +02:00
mposolda
f58936025f KEYCLOAK-3003 Support for admin events in AuthenticationManagementResource 2016-05-25 23:17:24 +02:00
Stian Thorgersen
fa3a2aafec KEYCLOAK-3034 NullPointerException when log in via Twitter 2016-05-25 08:10:55 +02:00
Stian Thorgersen
477c0872b0 KEYCLOAK-3020 
Increase default password hashing intervals to 20K
 2016-05-23 11:20:31 +02:00
Stian Thorgersen
d43b230b93 KEYCLOAK-2880 Refactor PermissionTest to not require Java8 2016-05-09 07:25:03 +02:00
mposolda
bea2678e85 KEYCLOAK-2862 AuthenticationManagementResource tests 2016-05-06 20:19:58 +02:00
Thomas Darimont
146a26e714 KEYCLOAK-2974: Handle ModelException in UsersResource 
We now handle ModelExceptions thrown while creating and updating
a new User by rolling back the transaction and presenting
an error message with a HTTP 409 (conflict) code.
Previously only ModelDuplicateExceptions were handled and
ModelExceptions, e.g. due to a failed database operation
lead to a HTTP 500 server error.
 2016-05-06 20:17:22 +02:00
Stian Thorgersen
0ca117b8e9 KEYCLOAK-2865 Extend coverage of client admin endpoints 2016-05-06 08:08:52 +02:00
Stian Thorgersen
1cc4cc30a6 KEYCLOAK-2549 Re-create master admin client if master realm is overwritten on import 2016-05-05 07:19:32 +02:00
Stian Thorgersen
2355db57da KEYCLOAK-2880 Permissions tests for admin endpoints 2016-05-04 08:25:05 +02:00
Thomas Darimont
c8d47926b8 KEYCLOAK-2489 - Add support for Script-based AuthenticationExecution definitions. 
This is a POC for script based authenticator support.
Introduced a ScriptBasedAuthenticator that is bootstraped via a
ScriptBasedAuthenticatorFactory can be execute a configured script
against a provided execution context.
Added an alias property to the AuthFlowExecutionRepresentation in order
to be able to differentiate multiple instances of an Authenticator
within the same AuthFlow.

For convenience editing the AngularJS bindings for the ACE editor were
added for fancy script editing - this needs to be cut down a bit wrt to
themes and supported scripts - e.g. we probably don't expect users to write
authenticator scripts in Cobol...
Removed currently not needed ACE sytax highlighting and themes.

Scripting is now available to all keycloak components that have access to the KeycloakSession.
Introduced new Scripting SPI for configurable scripting providers.
 2016-04-27 14:37:13 +02:00
Thomas Darimont
27ef919d07 KEYCLOAK-2924: Fire AdminEvents on user group membership changes. 
We now fire AdminEvents if a user joins or leaves a group.
This information can be used to deduce potential role changes
in custom event listeners.
 2016-04-27 11:17:23 +02:00
mposolda
c7335fa242 KEYCLOAK-2903 Fix WelcomeResource to not allow requests forwarded from proxy/loadbalancer 2016-04-26 12:03:43 +02:00
Marek Posolda
5f16f0ede8 Merge pull request #2732 from mposolda/master 
KEYCLOAK-2900
 2016-04-25 15:00:09 +02:00
mposolda
fa8b272e76 KEYCLOAK-2900 2016-04-25 13:20:29 +02:00
Bruno Oliveira
1cc4ca2e71 RHSSO-130: AccessTokenTest migration 2016-04-22 16:30:57 -03:00
mposolda
e0aedfb93d KEYCLOAK-2878 UserFederation mapper testing 2016-04-22 14:03:42 +02:00
mposolda
f6a718f10a KEYCLOAK-2878 Testing of UserFederation admin REST endpoints 2016-04-21 23:11:14 +02:00
Stian Thorgersen
756cc0dca0 KEYCLOAK-2866 KEYCLOAK-2874 Test role mapping resource 2016-04-21 14:21:27 +02:00
Stian Thorgersen
4f5b71d81a KEYCLOAK-2872 Test RoleByIdResource 2016-04-21 07:09:25 +02:00
Stian Thorgersen
b6257e66b3 Merge pull request #2679 from pedroigor/KEYCLOAK-2835 
[KEYCLOAK-2835] - Adding SOAP binding to the list of supported SingleSignOnService.
 2016-04-20 20:13:49 +02:00
mposolda
a341889d2c KEYCLOAK-2842 Not possible to add new execution under registration flow 2016-04-20 18:39:11 +02:00
Pedro Igor
81e4f4b351 [KEYCLOAK-2835] - Adding SOAP binding to the list of supported SingleSignOnService. 2016-04-20 08:48:59 -03:00
mposolda
afc8179cf8 KEYCLOAK-2846 export/import of clientTemplate scopes 2016-04-20 13:30:01 +02:00
mposolda
919a3791ea KEYCLOAK-2844 Unexpected error when trying to remove clientTemplate in use 2016-04-20 13:25:13 +02:00
Stian Thorgersen
04d76b0052 KEYCLOAK-2491 Fix permissions in admin console to match permissions in admin endpoints 2016-04-20 09:57:57 +02:00
Stian Thorgersen
f71273a1f9 KEYCLOAK-2832 
Authentication failure logs at ERROR level
 2016-04-20 07:32:07 +02:00
Stian Thorgersen
5606160e70 KEYCLOAK-2828 Refactor contribution and add tests 2016-04-19 13:09:00 +02:00
Thomas Raehalme
cd1094c3ad KEYCLOAK-2828: LoginStatusIframeEndpoint now sets the P3P header. 
IE requires a P3P header to be present in <iframe /> response. Otherwise
cookies are forbidden. The value of the header does not seem to matter.
 2016-04-19 10:24:28 +02:00
Bill Burke
600f429abb KEYCLOAK-2740 2016-04-15 16:49:06 -04:00
Stian Thorgersen
6a428c8ee7 KEYCLOAK-2810 Added robots.txt and robots meta header 2016-04-13 11:22:57 +02:00
Bill Burke
515ed226be Merge remote-tracking branch 'upstream/master' 2016-04-12 15:19:58 -04:00
Bill Burke
cca91dd175 public/private 2016-04-12 15:19:46 -04:00
Stian Thorgersen
1c2eafeb80 KEYCLOAK-2807 Fix server info providers page 2016-04-12 15:38:52 +02:00
Stian Thorgersen
538e49117f KEYCLOAK-2799 Show error for identity brokering login if user is disabled 2016-04-12 13:14:42 +02:00
Stian Thorgersen
fcf7b28b8f Merge pull request #2583 from stianst/KEYCLOAK-2803 
KEYCLOAK-2803 Fix failure to add execution to client flow
 2016-04-12 13:05:05 +02:00
Stian Thorgersen
350a9cd997 KEYCLOAK-2803 Fix failure to add execution to client flow 2016-04-12 08:04:15 +02:00
Stian Thorgersen
bd2238dbb8 KEYCLOAK-2770 Close mail transport after sending message 2016-04-12 07:06:52 +02:00
mposolda
e4f75409c9 KEYCLOAK-2802 NPE during identity broker cancelled from account mgmt 2016-04-11 23:31:24 +02:00
mposolda
98ad9b7e7c KEYCLOAK-2801 Redirected to login theme error page after failed social linking from account management 2016-04-11 23:30:18 +02:00
mposolda
3e9ba71baa KEYCLOAK-2769 Better error handling of expired code in IdentityBrokerService 2016-04-11 18:20:26 +02:00
mposolda
ee9c87877f KEYCLOAK-2769 Fix NPE during 'Identity Broker cancelled' and instead show keycloak 'we are sorry' page 2016-04-08 19:07:06 +02:00
mposolda
90fc721315 KEYCLOAK-2614 Refactor database lock to use 'SELECT FOR UPDATE' pessimistic locking 2016-04-08 12:20:54 +02:00
Stian Thorgersen
8ea057a122 KEYCLOAK-2683 Remove QRCodeResource and embed QR code in image 2016-04-08 09:00:57 +02:00
Stian Thorgersen
c1a8e692d0 Merge pull request #2538 from stianst/KEYCLOAK-2751 
KEYCLOAK-2751
 2016-04-07 16:27:11 +02:00
Stian Thorgersen
b6d861fea6 KEYCLOAK-2751 
Separate HTTP status codes for REST API errors
 2016-04-07 15:39:12 +02:00
Guus der Kinderen
be578684b9
KEYCLOAK-2767: Should return a primitive if possible. 
A JSON primitive is valid JSON. There is no need to construct a JSON object
just for the sake of being JSON complient. This keeps things nice and simple.
 2016-04-07 13:19:29 +02:00
Stian Thorgersen
2694e003c4 KEYCLOAK-2759 Fix error message when renaming realm to name that exists 2016-04-07 06:00:31 +02:00
Stian Thorgersen
8de8446cb5 Merge pull request #2520 from stianst/KEYCLOAK-2756 
KEYCLOAK-2756
 2016-04-06 19:25:53 +02:00
Stian Thorgersen
6ccf3549ad KEYCLOAK-2756 
Renaming a realm breaks down the Clients
 2016-04-06 15:18:49 +02:00
mposolda
72371e5d76 KEYCLOAK-1982 Some builtin objects might be missing when import JSON exported from old versions 2016-04-06 11:43:58 +02:00
Stian Thorgersen
0c829cd605 KEYCLOAK-2262 Refactor realm resource provider, remove admin resource provider and added example 2016-04-06 10:24:30 +02:00
Pedro Igor
e876a3c988 [KEYCLOAK-2262] - New SPIs to extend both Realm and Admin RESTful APIs 2016-04-06 09:43:24 +02:00
Stian Thorgersen
a4335c3eb8 Merge pull request #2502 from velias/KEYCLOAK-2670-master 
KEYCLOAK-2670 for master - client app is able to push additional HTTP GET
 2016-04-05 11:20:06 +02:00
Stian Thorgersen
3e9ae7aa82 Merge pull request #2498 from stianst/KEYCLOAK-2722 
KEYCLOAK-2722 Check user session in token introspection endpoint
 2016-04-05 11:18:32 +02:00
Vlastimil Elias
21a2a47172 KEYCLOAK-2670 - client app is able to push additional HTTP GET 
parameters in initial OpenID auth request for use in Auth flows
 2016-04-05 10:41:28 +02:00
Stian Thorgersen
55c5e9a381 KEYCLOAK-2722 Check user session in token introspection endpoint 2016-04-05 09:31:39 +02:00
Stian Thorgersen
48551d362a KEYCLOAK-2704 
User count missing in REST admin endpoint
 2016-04-05 07:48:20 +02:00
Stian Thorgersen
ff73e1a36a KEYCLOAK-2651 
No CSRF protection or general security headers on welcome page
 2016-04-04 09:07:21 +02:00
mposolda
a4d9aaf916 KEYCLOAK-2613 Add version to RealmRepresentation in JSON exports 2016-04-01 16:04:58 +02:00
mposolda
f83b67cdf5 KEYCLOAK-2413 Very slow export/import of realms with large users count 2016-04-01 16:04:48 +02:00
Bill Burke
d1552cd6e8 resolve conflict 2016-03-30 18:23:40 -04:00
Bill Burke
545fb8b849 KEYCLOAK-2716 2016-03-30 18:15:11 -04:00
Bill Burke
e4fcaad243 Merge pull request #2450 from patriot1burke/master 
KEYCLOAK-2691
 2016-03-30 15:46:34 -04:00
Bill Burke
020d090aee Merge pull request #2430 from mstruk/assert-events 
KEYCLOAK-2589 KEYCLOAK-2607 KEYCLOAK-2597 Port AssertEvents to integration-arquillian
 2016-03-30 15:16:25 -04:00
Bill Burke
2cc3588be5 Merge remote-tracking branch 'upstream/master' 2016-03-30 15:07:35 -04:00
Bill Burke
12bf4b498e KEYCLOAK-2691 2016-03-30 15:07:24 -04:00
Stan Silvert
0f52768064 KEYCLOAK-2619: Partial Import doesn't support groups 2016-03-28 14:26:34 -04:00
Bill Burke
1dd4bdf0b7 KEYCLOAK-2718 2016-03-28 11:13:02 -04:00
Bill Burke
b253fe9532 Merge remote-tracking branch 'upstream/master' 2016-03-24 15:57:01 -04:00
Bill Burke
e2436c4722 KEYCLOAK-2624 2016-03-24 15:56:40 -04:00
Marko Strukelj
76a4db5d54 KEYCLOAK-2597 Invalid children group location header response 2016-03-24 17:13:00 +01:00
mposolda
c9545e16f7 KEYCLOAK-2713 Fix error at startup 2016-03-24 15:30:53 +01:00
Bill Burke
6030a65d1b KEYCLOAK-2543 2016-03-24 08:49:08 -04:00
mposolda
16ec76e864 KEYCLOAK-2712 Default required actions not added when user created through admin console 2016-03-24 11:11:35 +01:00
mposolda
7ffd6dc7a7 KEYCLOAK-2696 Unexpected error when trying to delete role mappings from read-only LDAP role mapper 2016-03-22 13:03:49 +01:00
Stian Thorgersen
2c9172f707 Merge pull request #2399 from stianst/KEYCLOAK-2469 
Keycloak 2469
 2016-03-22 08:09:59 +01:00
mposolda
4193856fbb KEYCLOAK-2687 ZIPException during import big number of users 2016-03-22 07:04:54 +01:00
Stian Thorgersen
ce717fa20e KEYCLOAK-2469 Minor changes 2016-03-21 15:45:53 +01:00
Stian Thorgersen
204d226267 Merge branch 'issue/KEYCLOAK-2469' of https://github.com/thomasdarimont/keycloak into thomasdarimont-issue/KEYCLOAK-2469 2016-03-21 15:30:48 +01:00
Thomas Darimont
3e6b6507f4 KEYCLOAK-2664 - QRCodeResource should prohibit caching of the generated image 
Added cache-control headers to avoid caching for generated
QRCode images.

Adjusted CacheControlUtil#noCache() to avoid caching more aggressively.
 2016-03-18 12:18:07 +01:00
mposolda
85ccd64e01 KEYCLOAK-2643 Added write-only property to LDAP full-name attribute mapper 2016-03-11 22:32:55 +01:00
mposolda
73c3534e7a KEYCLOAK-2629 LDAP Federation provider - input fields validation 2016-03-11 22:32:45 +01:00
Stian Thorgersen
7342261dbe KEYCLOAK-2593 Character set missing from responses and no content sniffing defense in place 2016-03-11 15:31:15 +01:00
Stian Thorgersen
b3bb68aed7 Merge pull request #2364 from stianst/KEYCLOAK-2637 
KEYCLOAK-2637
 2016-03-11 13:00:54 +01:00
Stian Thorgersen
bdfc9b8efc KEYCLOAK-2637 
ModelExceptionMapper uses AdminMessagesProvider which loads messages outside of themes
 2016-03-11 12:08:28 +01:00
mposolda
25f965aa2e KEYCLOAK-2628 protected method to IdpCreateUserIfUniqueAuthenticator after user is registered 2016-03-11 10:05:41 +01:00
Thomas Darimont
41358eea4d KEYCLOAK-2469 - Introduced new redirect endpoint for clients. 
Previously one had to configure hardcoded urls to link from one client
application to others since keycloak didn't provide a way to get the
actual client URL by providing clientId and realm information.

We now support a new endpoint with the path {realm}/clients/{client_id}/redirect
that responds to GET requests with a 307 (temporary redirect) with the
configured client URL. This allows to refer to any client just by the
realmName and clientId and let Keycloak redirect to the actual client
application.

Add documentation for new redirect endpoint.
 2016-03-10 23:45:22 +01:00
Stian Thorgersen
28fe13a800 Next is 2.0.0.CR1 2016-03-10 08:13:00 +01:00
Stian Thorgersen
d722e53108 Next is 1.9.2.Final 2016-03-10 07:28:27 +01:00
Stian Thorgersen
dc1d0e7f44 KEYCLOAK-2596 Fix import with dir and ignore existing 2016-03-08 08:55:10 +01:00
mposolda
ebb61c104b KEYCLOAK-2529 More proper handling of DB errors during migration 2016-03-07 15:19:12 +01:00
mposolda
8da768a514 KEYCLOAK-2529 Concurrent startup by more cluster nodes at the same time. Added DBLockProvider 2016-03-07 10:34:30 +01:00
Stian Thorgersen
56c3d53a24 Merge pull request #2324 from ssilvert/client-tests 
KEYCLOAK-2535: ClientResource endpoint tests
 2016-03-07 06:13:55 +01:00
Stian Thorgersen
4f047565fb Merge pull request #2326 from stianst/KEYCLOAK-2592 
Keycloak 2592
 2016-03-07 06:12:17 +01:00
Stan Silvert
f65a053182 Make imports in ServerInfoAdminResource explicitly point to the new 
packages.
 2016-03-04 11:17:12 -05:00
Bill Burke
4be6dc2f0c cleanup cache 2016-03-04 10:30:48 -05:00
Stian Thorgersen
57b6ddbace KEYCLOAK-2592 Set secure on OAuth_Token_Request_State cookie 2016-03-04 14:22:48 +01:00
Stian Thorgersen
bf38ec040f KEYCLOAK-2592 Set http-only on OAuth_Token_Request_State cookie 2016-03-04 13:43:00 +01:00
Stan Silvert
2c79456e72 KEYCLOAK-2535: ClientResource endpoint tests 2016-03-04 07:41:24 -05:00
Bruno Oliveira
8d6f71e7d1 KEYCLOAK-2585: Changes on Brute force messages 2016-03-03 10:11:03 -03:00
Marek Posolda
002074bb30 Merge pull request #2320 from mposolda/master 
KEYCLOAK-2523 Fix concurrency tests with all databases by track trans…
 2016-03-03 12:34:29 +01:00
Stian Thorgersen
375d4e9e83 Merge pull request #2321 from stianst/KEYCLOAK-2547 
KEYCLOAK-2547 NPE in TokenEndpoint and InfinispanUserSessionProvider
 2016-03-03 12:06:40 +01:00
mposolda
a258dd51ee KEYCLOAK-2523 Fix concurrency tests with all databases by track transaction startup revision 2016-03-03 11:21:26 +01:00
Stian Thorgersen
b4239c40c1 KEYCLOAK-2547 NPE in TokenEndpoint and InfinispanUserSessionProvider 2016-03-03 10:45:05 +01:00
Stian Thorgersen
b6118a6705 Merge pull request #2319 from stianst/KEYCLOAK-2580 
KEYCLOAK-2580 Failed to create execution flow
 2016-03-03 10:33:42 +01:00
Stian Thorgersen
2d42ad9993 KEYCLOAK-2580 Failed to create execution flow 2016-03-03 09:18:48 +01:00
Stian Thorgersen
2edb7f6831 KEYCLOAK-2577 Rollback session in KeycloakSessionServletFilter if not committed by KeycloakTransactionCommitter 2016-03-03 08:59:19 +01:00
Stian Thorgersen
13b6c6f507 KEYCLOAK-2576 KEYCLOAK-2576 
Changing locale on login screen doesn't affect current user
 2016-03-03 07:06:10 +01:00
mposolda
0768bcc452 KEYCLOAK-2542 User can't set password for account created over social login if UserFedarationProvider used 2016-03-01 10:13:21 +01:00
mposolda
e2558ca827 KEYCLOAK-1928 Fix Saml with IBM JDK 2016-02-29 17:32:33 +01:00
Stian Thorgersen
ccfae82b77 KEYCLOAK-1040 
Allow import of realm keys (like we do for SAML)
 2016-02-29 09:35:08 +01:00
mposolda
e7a5b88b2d KEYCLOAK-2561 Fix issues with blank password 2016-02-26 18:14:37 +01:00
Stian Thorgersen
ca81f3f18d Merge pull request #2275 from stianst/KEYCLOAK-2511 
KEYCLOAK-2511 Rename session-state in access token response to sessio…
 2016-02-25 12:03:37 +01:00
Stian Thorgersen
6df72d67c5 Merge pull request #2274 from stianst/KEYCLOAK-2500 
KEYCLOAK-2500 Add cors headers to .well-known endpoints
 2016-02-25 12:03:25 +01:00
Stian Thorgersen
3ca39801dc KEYCLOAK-2511 Rename session-state in access token response to session_state 2016-02-25 10:14:12 +01:00
Stian Thorgersen
da8f2dc2ce KEYCLOAK-2500 Add cors headers to .well-known endpoints 2016-02-25 10:05:46 +01:00
Stian Thorgersen
2fce06ffca KEYCLOAK-2522 master realm admin can't use client registration api 2016-02-25 09:54:34 +01:00
Stian Thorgersen
a1d9753ec2 Next is 1.9.1.Final-SNAPSHOT 2016-02-23 08:48:26 +01:00
Stian Thorgersen
4fd97091ff Version bump to 2.0.0.CR1-SNAPSHOT 2016-02-22 11:36:56 +01:00
mposolda
daca6d7062 KEYCLOAK-2505 Keystore configuration is not honored for LDAP over SSL connections 2016-02-19 18:02:39 +01:00
mposolda
a441be57ed KEYCLOAK-2508 Possible NullPointerException during bigger load when removing UserSession 2016-02-19 11:49:30 +01:00
Bill Burke
fd49213cb9 KEYCLOAK-2477 2016-02-17 17:02:14 -05:00
Bill Burke
20348e5d0b remove RealmModel.getClientNameMap() 2016-02-17 16:05:25 -05:00
mposolda
e237bcd383 KEYCLOAK-2412 wildfly configs and polishing 2016-02-17 13:10:51 +01:00
mposolda
1328531f31 KEYCLOAK-2412 Added ClusterProvider. Avoid concurrent federation sync execution by more cluster nodes at the same time. 
Clustering - more progress
 2016-02-17 11:02:42 +01:00
Stian Thorgersen
7f60e4f986 Merge pull request #2231 from stianst/master 
KEYCLOAK-2493
 2016-02-17 07:41:44 +00:00
Stian Thorgersen
5df540df8c Merge pull request #2223 from ssilvert/partial-import-tests 
KEYCLOAK-2481: Create admin client endpoint for partial import + tests
 2016-02-17 07:39:03 +00:00
Stian Thorgersen
5bc3ee0e8c KEYCLOAK-2493 
Set default theme based on product name
 2016-02-16 18:05:06 +01:00
Bill Burke
24da8288eb Merge remote-tracking branch 'upstream/master' 2016-02-12 11:38:36 -05:00
Bill Burke
4ff1848681 javadoc 2016-02-12 11:38:12 -05:00
mposolda
969b8c153f KEYCLOAK-1989 Refreshing offline tokens didn't work correctly in cluster with revokeRefreshToken enabled 2016-02-12 12:54:47 +01:00
Stan Silvert
dd9cf3be39 KEYCLOAK-2481: Create admin client endpoint for partial endpoint + tests 2016-02-11 15:26:52 -05:00
mposolda
6c39810ba7 KEYCLOAK-2436 Better defaults 2016-02-11 15:50:11 +01:00
Bill Burke
c2fa0e5c6d Merge pull request #2214 from mposolda/master 
KEYCLOAK-2463 Fix performance issue with just 2 default connections p…
 2016-02-11 09:41:48 -05:00
Bill Burke
67ce3fdbd2 Merge pull request #2215 from patriot1burke/master 
concurrency, some JPA cleanup too
 2016-02-11 09:41:37 -05:00
Bill Burke
018c44ef2c conflicts 2016-02-11 08:43:29 -05:00
Marko Strukelj
dadb470609 KEYCLOAK-1967 Add support for authentication flows into admin-rest-client 2016-02-11 12:18:01 +01:00
Stian Thorgersen
4ea586ebe6 Revert back to servlet 3.0 2016-02-11 09:09:39 +01:00
Bill Burke
fd212a2a2a Merge remote-tracking branch 'upstream/master' 2016-02-10 14:09:43 -05:00
mposolda
aac274bbb3 KEYCLOAK-2463 Fix performance issue with just 2 default connections per route in Apache HTTP client 2016-02-10 18:07:11 +01:00
Stian Thorgersen
066d6bb230 Merge pull request #2211 from stianst/KEYCLOAK-2475 
KEYCLOAK-2475
 2016-02-10 14:52:22 +01:00
Stian Thorgersen
72ded04517 Merge pull request #2210 from stianst/KEYCLOAK-2466 
KEYCLOAK-2466 Redirection back to account/password is broken
 2016-02-10 14:44:54 +01:00
Stian Thorgersen
77912b2117 KEYCLOAK-2475 
Move client registration endpoints
 2016-02-10 14:23:04 +01:00
Stian Thorgersen
555236c3f0 KEYCLOAK-2466 Redirection back to account/password is broken 2016-02-10 14:02:33 +01:00
Stian Thorgersen
4670d93f76 KEYCLOAK-2472 
Remove deprecated endpoints
 2016-02-10 13:32:53 +01:00
Stian Thorgersen
bb77c717c9 KEYCLOAK-2303 
Update dependency versions to align with WildFly 10
 2016-02-10 09:07:06 +01:00
Bill Burke
45e5cfac99 concurrency 2 2016-02-09 21:10:30 -05:00
Bill Burke
00236c13ff Merge pull request #2180 from cainj13/persistentWildcard 
add support for wildcard persistent nameId attribute to SAML protocol
 2016-02-09 09:43:30 -05:00
Stian Thorgersen
635ccae144 KEYCLOAK-2429 
Disabled Google Identity Provider still kicks in when 'Authenticate by default' is enabled
 2016-02-08 19:51:21 +01:00
Stan Silvert
e89f511465 KEYCLOAK-1976: Add support for events into admin-rest-client. Also, 
arquillian tests for events.
 2016-02-05 18:45:25 -05:00
Bill Burke
726f746b85 KEYCLOAK-2367 2016-02-05 11:22:09 -06:00
Stian Thorgersen
192987bad5 Bump version to 1.9.0.Final-SNAPSHOT 2016-02-05 11:22:09 -06:00
Bill Burke
c63ef3c825 Merge remote-tracking branch 'upstream/master' 2016-02-04 16:50:16 -05:00
Bill Burke
e26ac0983a KEYCLOAK-2367 2016-02-04 16:50:02 -05:00
Josh Cain
d5d954e80a add support for wildcard persistent nameId attribute to SAML protocol 2016-02-04 11:06:14 -06:00
Stian Thorgersen
579ab56a5a Bump version to 1.9.0.Final-SNAPSHOT 2016-02-04 15:55:11 +01:00
Stian Thorgersen
2974034974 KEYCLOAK-2435 
Feedback on login screen not showing correctly
 2016-02-03 13:41:31 +01:00
mposolda
bae3ce4aab Fix failing test with DB2 2016-02-03 12:29:37 +01:00
Stian Thorgersen
c7a8742a36 KEYCLOAK-1524 
Source code headers
 2016-02-03 11:20:22 +01:00
mposolda
db76655717 KEYCLOAK-2431 Ensure users removed through UserManager to properly invoke callbacks. Make UserSessionPersister implementations more resistent when user was not properly removed 2016-02-03 10:16:39 +01:00
Stian Thorgersen
26897ea46d KEYCLOAK-2299 
createdDate of credential is not exported
 2016-02-03 09:49:10 +01:00
Bill Burke
c65160db1f Merge remote-tracking branch 'upstream/master' 2016-02-01 16:35:12 -05:00
Bill Burke
37cf335247 KEYCLOAK-2408 KEYCLOAK-2330 2016-02-01 16:35:00 -05:00
Marek Posolda
8ad8a3fbac Merge pull request #2148 from mposolda/master 
KEYCLOAK-2235 Fix possible transaction leak at startup with add-user
 2016-02-01 22:23:43 +01:00
Bill Burke
bd104e2138 Merge pull request #2137 from abstractj/KEYCLOAK-2411 
Realm import will raise NPE when clientID is missing
 2016-02-01 16:03:17 -05:00
mposolda
6b2fb9a2bb KEYCLOAK-2235 Fix possible transaction leak at startup with add-user 2016-02-01 21:47:46 +01:00
mposolda
732256eceb KEYCLOAK-2235 Fix transaction leaks 2016-02-01 18:21:27 +01:00
Bill Burke
db78ea76b8 Merge pull request #2142 from patriot1burke/master 
saml subsystem model changes
 2016-01-30 08:40:10 -05:00
Bill Burke
6c020661e8 saml subsystem model changes 2016-01-30 07:13:13 -05:00
mposolda
9332655110 KEYCLOAK-2292 Broker login: remove identity provider prefix from autogenerated username 2016-01-29 18:43:12 +01:00
Bill Burke
39f12549a3 Merge pull request #2122 from abstractj/KEYCLOAK-2151 
Brute force detector active for non-existing accounts
 2016-01-29 09:32:28 -05:00
Bruno Oliveira
5eb8d3be5a Realm import will raise NPE when clientID is missing 2016-01-29 10:05:42 -02:00
Bill Burke
9027f9b4d3 fix2 2016-01-27 23:06:20 -05:00
Bill Burke
8a3148017d fix 2016-01-27 23:04:12 -05:00
Bill Burke
25347cd45e browser back button 2016-01-27 22:14:28 -05:00
Bruno Oliveira
385717c0fb Brute force detector active for non-existing accounts 2016-01-27 19:09:44 -02:00
Bill Burke
81569ce5d2 Merge pull request #2119 from patriot1burke/master 
KEYCLOAK-2349
 2016-01-26 16:22:02 -05:00
Bill Burke
66e1ee79d0 KEYCLOAK-2349 2016-01-26 15:45:40 -05:00
Bill Burke
9fa35eda69 Merge pull request #2118 from patriot1burke/master 
KEYCLOAK-2387
 2016-01-26 14:20:27 -05:00
Bill Burke
449bc5c4dc KEYCLOAK-2387 2016-01-26 14:19:53 -05:00
mposolda
3731964a2a KEYCLOAK-2351 Support for response_type=token to be OAuth2 compliant 2016-01-26 17:09:42 +01:00
mposolda
90842cf7ef Minor change in message 2016-01-26 16:24:08 +01:00
Stian Thorgersen
9143d4b5cb Merge pull request #2111 from mstruk/KEYCLOAK-2362 
KEYCLOAK-2362 NPE if SSL certificate is not trusted by Java's default keystore
 2016-01-26 16:17:29 +01:00
Stian Thorgersen
301b61c4f9 Merge pull request #2113 from stianst/KEYCLOAK-2327 
KEYCLOAK-2327 Make sure transaction is only committed or rolledback before response is returned
 2016-01-26 16:06:15 +01:00
Stian Thorgersen
e3daf6fcf8 KEYCLOAK-2327 Make sure transaction is only committed for success 2016-01-26 14:47:59 +01:00
Stian Thorgersen
39b3c648a2 Merge pull request #2109 from stianst/KEYCLOAK-2218 
KEYCLOAK-2218 Allow updating user without including username
 2016-01-26 13:56:01 +01:00
Marko Strukelj
4f890e8f2e KEYCLOAK-2362 NPE if SSL certificate is not trusted by Java's default keystore 2016-01-26 13:53:16 +01:00
Stian Thorgersen
f9fd398f5b KEYCLOAK-2218 Allow updating user without including username 2016-01-26 13:01:49 +01:00
Stian Thorgersen
4a698bc22a KEYCLOAK-2388 
Localisation should fallback to english rather than display raw keys
 2016-01-26 11:47:30 +01:00
Stian Thorgersen
c55b91ed32 Merge pull request #2102 from stianst/KEYCLOAK-2237 
KEYCLOAK-2237
 2016-01-26 11:08:14 +01:00
Stian Thorgersen
54abfa4859 KEYCLOAK-2237 
Offer the possibility to add own locale to login/registration dialogs
 2016-01-26 10:16:05 +01:00
Stian Thorgersen
ee847c1f20 KEYCLOAK-2390 
Relative redirect uri is broken
 2016-01-26 09:01:14 +01:00
Bill Burke
1b0aa8e55b saml logging 2016-01-25 17:38:29 -05:00
Bill Burke
8b7bc5b153 redirect after post in flow 2016-01-22 18:39:55 -05:00
Vlastimil Elias
4e23311318 KEYCLOAK-2348 - Social login provider for Microsoft account - KC master 
branch
 2016-01-22 11:03:08 +01:00
Stan Silvert
c6dd0d52b9 KEYCLOAK-1280: i18n logging for org.keycloak.services.scheduled 2016-01-21 11:55:36 -05:00
Stan Silvert
446cd3701f KEYCLOAK-1280: i18n logging for org.keycloak.services.resources 2016-01-21 11:55:35 -05:00
Stan Silvert
e73a88443c KEYCLOAK-1280: i18n logging for org.keycloak.services.resources 2016-01-21 11:55:33 -05:00
Stan Silvert
857201ab55 KEYCLOAK-1280: i18n logging for org.keycloak.services.messages 2016-01-21 11:55:31 -05:00
Stan Silvert
779a5c2f3c KEYCLOAK-1280: i18n logging for org.keycloak.services.managers 2016-01-21 11:55:30 -05:00
Stan Silvert
c81b37cc4d KEYCLOAK-1280: i18n logging for 
org.keycloak.services.clientregistration.oidc
 2016-01-21 11:55:28 -05:00
Stan Silvert
27ad9dcdd1 KEYCLOAK-1280: i18n logging for org.keycloak.services 2016-01-21 11:55:26 -05:00
Stan Silvert
1f04676f08 KEYCLOAK-1280: i18n logging for org.keycloak.provider 2016-01-21 11:55:25 -05:00
Stan Silvert
0de4170865 KEYCLOAK-1280: i18n logging for org.keycloak.protocol.oidc.utils 2016-01-21 11:55:23 -05:00
Stan Silvert
9c33738941 KEYCLOAK-1280: i18n logging for org.keycloak.protocol.oidc.mappers 2016-01-21 11:55:21 -05:00
Stan Silvert
adfc192877 KEYCLOAK-1280: i18n logging for org.keycloak.protocol.oidc.endpoints 2016-01-21 11:55:20 -05:00
Stan Silvert
550e23c8f6 KEYCLOAK-1280: i18n logging for org.keycloak.protocol.oidc 2016-01-21 11:55:18 -05:00
Stan Silvert
9dccd45543 KEYCLOAK-1280: i18n logging for org.keycloak.protocol 2016-01-21 11:55:17 -05:00
Stan Silvert
d2ad1808a5 KEYCLOAK-1280: i18n logging for org.keycloak.partialimport 2016-01-21 11:55:15 -05:00
Stan Silvert
273c662b29 KEYCLOAK-1280: i18n logging for org.keycloak.exportimport 2016-01-21 11:55:14 -05:00
Stan Silvert
24602257e1 KEYCLOAK-1280: i18n logging for org.keycloak.email 2016-01-21 11:55:12 -05:00
Stan Silvert
b544adf170 KEYCLOAK-1280: i18n logging for 
org.keycloak.authentication.requiredactions
 2016-01-21 11:55:10 -05:00
Stan Silvert
2cecce37a7 KEYCLOAK-1280: i18n logging for org.keycloak.authentication.forms 2016-01-21 11:55:09 -05:00
Stan Silvert
7bc74aac73 KEYCLOAK-1280: i18n logging for 
org.keycloak.authentication.authenticators.resetcred
 2016-01-21 11:55:07 -05:00
Stan Silvert
dfb92db2b7 KEYCLOAK-1280: i18n logging for 
org.keycloak.authentication.authenticators.directgrant
 2016-01-21 11:55:05 -05:00
Stan Silvert
36e711fb88 KEYCLOAK-1280: i18n logging for 
org.keycloak.authentication.authenticators.client
 2016-01-21 11:55:04 -05:00
Stan Silvert
0ef8c18b93 KEYCLOAK-1280: i18n logging for 
org.keycloak.services.authentication.authenticators.browser
 2016-01-21 11:55:02 -05:00
Stan Silvert
b1baea7023 KEYCLOAK-1280: i18n logging for 
org.keycloak.authentication.authenticators.broker
 2016-01-21 11:55:00 -05:00
Stan Silvert
3b4cb94ff1 KEYCLOAK-1280: i18n logging for org.keycloak.authentication 2016-01-21 11:54:59 -05:00
Stan Silvert
7514104974 KEYCLOAK-1280: I18N for logging 2016-01-21 11:54:57 -05:00