Saman-jafari
31db84e924
fix: issuedFor added to token to get client id into the token also redirect uri added to token and then passed to info template for "back to application" functionality
...
test also added to check the availability of issueFor(azp) and redirect uri in Action
Fixes #14860
Fixes #15136
2023-06-07 12:19:46 -03:00
Zvi Grinberg
ace83231ee
Update RegexPolicyTest.java
...
Add forgotten imports
2023-06-07 10:18:10 -03:00
Zvi Grinberg
b29ce53f6e
Fix bug in regex policy evaluation that it ignored flatted user claims that are mapped by protocol mappers to complex JSON structure in access token( in the access token JWT it's key and value is a JSON by itself)
...
fixes : #20436
Signed-off-by: Zvi Grinberg <zgrinber@redhat.com>
2023-06-07 10:18:10 -03:00
Alice Wood
7e56938b74
Extend group search attribute functionality to account for use case where only the leaf group is required
2023-06-07 08:52:23 -03:00
rmartinc
9bc30f4705
EventBuilder fixes to copy the store and session context
...
Closes https://github.com/keycloak/keycloak/issues/20757
Closes https://github.com/keycloak/keycloak/issues/20105
2023-06-07 08:34:27 -03:00
Jon Koops
9a8d1ca1f3
Stop waiting page load when calling assertCurrent()
( #20786 )
2023-06-07 13:13:46 +02:00
Pedro Hos
9ebd94a3a8
Userinfo endpoint doesn't accept charset #20671
...
Closes 20671
2023-06-07 08:08:05 +02:00
Artur Baltabayev
041441f48f
Improved Reset OTP authenticator ( #20572 )
...
* ResetOTP authenticator can now be configured, so that one or all existing OTP configurations are deleted upon reset.
Closes #8753
---------
Co-authored-by: bal1imb <Artur.Baltabayev@bosch.com>
2023-06-06 08:30:44 -03:00
rmartinc
81aa588ddc
Fix and correlate session timeout calculations in legacy and new map implementations
...
Closes https://github.com/keycloak/keycloak/issues/14854
Closes https://github.com/keycloak/keycloak/issues/11990
2023-06-05 18:46:23 +02:00
Jon Koops
8eee3f434b
Fix test for brute force detection of recovery codes ( #20784 )
2023-06-05 11:55:30 -04:00
rmartinc
d80094793b
Manage elytron configuration if configured for JDK-17
...
Closes https://github.com/keycloak/keycloak/issues/20385
2023-06-05 13:50:28 +02:00
Jon Koops
7ce96bb6d5
Remove workaround for legacy consoles from waitForPageToLoad
( #20754 )
2023-06-05 07:48:08 -04:00
Aboullos
612fe33ade
Remove AccountUpdateProfilePage from the testsuite ( #19362 )
...
closes #15202
2023-06-02 11:46:49 +02:00
Pedro Igor
f69ff5d270
Execution config not duplicated when duplicating flows
...
Closes #12012
2023-06-01 16:12:06 +02:00
mposolda
bf9c5821cb
Fix for certificate revalidation
...
closes https://security.snyk.io/vuln/SNYK-JAVA-ORGKEYCLOAK-5291542
2023-05-31 15:42:37 +02:00
Alexander Schwartz
512e30b210
Add escaping for fields with wildcard search
...
Closes #20510
2023-05-31 14:38:04 +02:00
Takashi Norimatsu
a29c30ccd5
FAPI 2.0 security profile - not allow an authorization request whose parameters were not included in PAR request
...
closes #20623
2023-05-31 14:02:44 +02:00
vramik
a175efcb72
Split UserQueryProvider
into UserQueryMethods
and UserCountMethods
and make LdapStorageProvider
implement only UserQueryMethods
...
Co-authored-by: mhajas <mhajas@redhat.com>
Closed #20156
2023-05-31 11:47:54 +02:00
Jay Linski
403632438a
Improve a11y by providing the current language ( #20213 )
2023-05-30 13:46:14 -04:00
Takashi Norimatsu
6b42c2b4d0
FAPI 2.0 security profile - Reject Implicit Grant executor does not return an appropriate error
...
Closes #20622
2023-05-30 18:24:50 +02:00
stianst
0832992e59
Removing OpenShift integration and moving to separate extension
...
closes #20496
Co-authored-by: mposolda <mposolda@gmail.com>
2023-05-30 17:39:32 +02:00
Pedro Igor
17c3804402
Tests for user property mapper
...
Closes #20534
2023-05-29 14:21:03 +02:00
Yoshiyuki Tabata
bd37875a66
allow specifying format of "permission" parameter in the UMA grant token
...
endpoint (#15947 )
2023-05-29 08:56:39 -03:00
Jon Koops
98e5e9799b
Improve third-party storage access detection and cookie fallback
2023-05-25 22:16:59 -03:00
Douglas Palmer
1b8901f5a2
Changing the email address has no impact at username regardless "Email as username" toggle
...
closes #20459
2023-05-25 07:54:03 -03:00
Hynek Mlnarik
fc0e47caa4
Fix KcCustomOidcBrokerTest
...
Fixes : #20541
2023-05-25 10:20:36 +02:00
Peter Zaoral
72b238fb48
Keystore vault ( #19644 )
...
* KeystoreVault SPI
* added KeystoreVault - a Vault SPI implementation (#19281 )
Closes #17252
Signed-off-by: Peter Zaoral <pzaoral@redhat.com>
2023-05-24 16:20:30 +00:00
Jon Koops
90d2a01619
Replace ChromeJavascriptBrowser
annotation with JavascriptBrowser
( #20535 )
2023-05-24 11:23:15 +00:00
Hynek Mlnarik
4950f7bebe
Target correct user resource
2023-05-23 20:53:30 +02:00
Hynek Mlnarik
b9983cc5f6
Fix BrokerTest
2023-05-23 20:53:30 +02:00
Hynek Mlnarik
ac59c551c3
Fix transaction boundaries in tests
2023-05-23 20:53:30 +02:00
Hynek Mlnarik
38442ee0a6
Fix event tests
2023-05-23 20:53:30 +02:00
Hynek Mlnarik
3e58d3da8d
Proper cleanup
2023-05-23 20:53:30 +02:00
vramik
bdbbd2959d
User search with LDAP federation not consistent
...
Closes #10195
2023-05-23 11:48:33 +02:00
wojnarfilip
34b9eed8f0
Removes AccountFederatedIdentityPage from testsuite
...
Closes #15199
2023-05-22 11:07:48 -03:00
i7a7467
e41e1a971a
SLO and ACS Binding are linked with AuthnRequest Binding in SAML Identity Broker Metadata
...
Closes #11079
2023-05-22 10:05:17 +02:00
vramik
fd6a6ec3ad
Make LDAP searchForUsersStream
consistent with other storages
...
Co-authored-by: mhajas <mhajas@redhat.com>
Closes #17294
2023-05-19 08:40:41 +02:00
Artur Baltabayev
33215ab6f4
Added User-Session Note Idp mapper. ( #19062 )
...
Closes #17659
Co-authored-by: bal1imb <Artur.Baltabayev@bosch.com>
Co-authored-by: Daniel Fesenmeyer <daniel.fesenmeyer@bosch.io>
Co-authored-by: Sebastian Schuster <sebastian.schuster@bosch.io>
2023-05-18 13:47:10 +02:00
Lukas Hanusovsky
eb77dcf014
Removing PHOTOZ client and related tests testing UI. Closes #19668
2023-05-18 13:09:51 +02:00
Lukas Hanusovsky
d9b95e0240
Testsuite with Undertow and OpenJDK17 - Nashorn library support.
...
GH Actions failures - refactoring.
2023-05-18 13:09:51 +02:00
Lukas Hanusovsky
406aa21b0b
UserStorageTest - old account console dependencies removed. Closes #19668
2023-05-18 13:09:51 +02:00
Lukas Hanusovsky
b8b9adbea2
CookieTest - old account console dependencies removed. Closes #19668
2023-05-18 13:09:51 +02:00
Lukas Hanusovsky
29deaca3f5
DemoServletsAdapterTest - old account console dependencies removed. Closes #19668
2023-05-18 13:09:51 +02:00
Lukas Hanusovsky
47fd10469f
Old account console dependencies removed - refactoring. Closes #19668
2023-05-18 13:09:51 +02:00
Lukas Hanusovsky
130807fa7b
AbstractCustomAccountManagementTest - old account console dependencies removed. Closes #19668
2023-05-18 13:09:51 +02:00
Lukas Hanusovsky
2ad8f7dd62
Old account console dependencies removed. Closes #19668
...
* LoginTest
* SessionServletAdapterTest
* ClientRedirectTest
* TrustStoreEmailTest
* BrowserFlowTest
* SocialLoginTest
* JavascriptAdapterTest
2023-05-18 13:09:51 +02:00
Lukas Hanusovsky
c685366169
CookiesPathTest - old account console dependencies removed. Closes #19668
2023-05-18 13:09:51 +02:00
Lukas Hanusovsky
5e323ae173
Old account console dependencies removed. Closes #19668
...
* ConsentsTest
* UserTest
* SessionTest
* LoginEventsTest
* AbstractKeycloakTest
2023-05-18 13:09:51 +02:00
danielFesenmeyer
d543ba5b56
Consistent message resolving regarding language fallbacks for all themes
...
- the prio of messages is now as follows for all themes (RL = realm localization, T = Theme i18n files): RL <variant> > T <variant> > RL <region> > T <region> > RL <language> > T <language> > RL en > T en
- centralize the message resolving logic in helper methods in LocaleUtil and use it for all themes, add unit tests in LocaleUtilTest
- add basic integration tests to check whether realm localization can be used in all supported contexts:
- Account UI V2: org.keycloak.testsuite.ui.account2.InternationalizationTest
- Login theme: LoginPageTest
- Email theme: EmailTest
- deprecate the param useRealmDefaultLocaleFallback=true of endpoint /admin/realms/{realm}/localization/{locale}, because it does not resolve fallbacks as expected and is no longer used in admin-ui v2
- fix locale selection in DefaultLocaleSelectorProvider that a supported region (like "de-CH") will no longer selected instead of a supported language (like "de"), when just the language is requested, add corresponding unit tests
- improvements regarding message resolving in Admin UI V2:
- add cypress test i18n_test.spec.ts, which checks the fallback implementation
- log a warning instead of an error, when messages for some languages/namespaces cannot be loaded (the page will probably work with fallbacks in that case)
Closes #15845
2023-05-17 15:00:32 +02:00
Dominik Schlosser
8c58f39a49
Updates Datastore provider to contain full data model
...
Closes #15490
2023-05-16 15:05:10 +02:00