Pavel Drozd
12bdf48ecc
Merge pull request #4707 from abstractj/KEYCLOAK-5858
...
[KEYCLOAK-5858] Failing TokensTest in Console UI Tests
2017-11-22 13:22:28 +01:00
mposolda
bd1072d2eb
KEYCLOAK-5747 Ensure refreshToken doesn't need to send request to the other DC. Other fixes and polishing
2017-11-22 11:55:12 +01:00
Bill Burke
75d517a1e8
cleanup test
2017-11-21 21:49:51 -05:00
Bill Burke
8993ca08ad
KEYCLOAK-4715
2017-11-21 17:46:48 -05:00
vramik
afd906b9a9
KEYCLOAK-5705 add missing dependency to module.xml for mssql in eap module
2017-11-21 21:51:19 +01:00
vramik
c083c1c4cf
KEYCLOAK-5873 set DB_CLOSE_ON_EXIT to false when crossdc tests are run on in memory H2
2017-11-21 21:46:59 +01:00
Bill Burke
c16c02b0cf
Merge pull request #4727 from vmuzikar/fix-social
...
KEYCLOAK-5879 Fix SocialLoginTest with -Pauth-server-wildfly
2017-11-21 12:34:28 -05:00
vmuzikar
7fd237b40b
KEYCLOAK-5879 Fix SocialLoginTest with -Pauth-server-wildfly
2017-11-21 11:12:21 +01:00
Thomas Skjølberg
5f20df00d0
[KEYCLOAK-4979] Move picketlink schema, fix resolver and some related tests
2017-11-21 09:28:15 +01:00
Bill Burke
186b10ab53
Merge pull request #4726 from patriot1burke/master
...
KEYCLOAK-5878
2017-11-20 17:39:58 -05:00
Bill Burke
06762ba13d
KEYCLOAK-5878
2017-11-20 17:03:28 -05:00
Bill Burke
08ca03051c
Merge pull request #4549 from pkadej/KEYCLOAK-5662
...
KEYCLOAK-5662
2017-11-20 14:37:07 -05:00
vramik
37b625fd99
KEYCLOAK-5872 add preview assumption to InvalidationCrossDCTest.authzResourceInvalidationTest
2017-11-20 11:30:44 +01:00
Marek Posolda
8e53ccf5ab
Merge pull request #4706 from stianst/KEYCLOAK-5383
...
KEYCLOAK-5383 Fix creating password in LDAP through admin create user…
2017-11-20 09:17:45 +01:00
Tomas Kyjovsky
805e9288fa
KEYCLOAK-5588 Cross-dc: docker setup
2017-11-16 21:25:58 +01:00
Bruno Oliveira
641069d4fd
[KEYCLOAK-5866] MigrationTest fails for extracting realm keys
2017-11-16 19:44:09 +01:00
Pavel Drozd
a06fd31412
Merge pull request #4688 from vramik/KEYCLOAK-5678
...
KEYCLOAK-5678 configs for rh-sso and keycloak are different, skip tes…
2017-11-16 08:38:12 +01:00
Bruno Oliveira
07aa718cb9
[KEYCLOAK-5379] MigrationTest fails for migration to 3.3.0
2017-11-16 07:22:57 +01:00
Pedro Igor
f96c3312e2
[KEYCLOAK-5841] - Test
2017-11-16 07:03:08 +01:00
Bruno Oliveira
d1579f62a3
[KEYCLOAK-5858] Failing TokensTest in Console UI Tests
2017-11-16 00:24:12 -02:00
Stian Thorgersen
86fb18395e
KEYCLOAK-5383 Fix creating password in LDAP through admin create user endpoint
2017-11-15 21:20:00 +01:00
mposolda
bd25040e22
KEYCLOAK-5827 Retrieve member attribute from LDAP on group/role queries just when necessary
2017-11-15 15:29:19 +01:00
mposolda
c4a1764801
KEYCLOAK-5836 More logging around LDAP performance. Added LdapManyObjectsInitializerCommand to easily add many users and groups to the LDAP
2017-11-15 15:29:19 +01:00
Hynek Mlnařík
393fae74b3
Merge pull request #4693 from hmlnarik/KEYCLOAK-5349-JS-client-breaks-login-session
...
KEYCLOAK-5349 User session count in IdP-initiated flow tests
2017-11-15 12:35:19 +01:00
Hynek Mlnarik
a2f6c16764
KEYCLOAK-5349 User session count in IdP-initiated flow tests
2017-11-15 11:41:45 +01:00
Pedro Igor
63a01b1e1f
Merge pull request #4689 from pedroigor/KEYCLOAK-5844
...
[KEYCLOAK-5844] - Refreshing PAT instead of obtaining a new one every time
2017-11-14 18:25:24 -02:00
mposolda
0c414eee80
KEYCLOAK-5848 Possibility to configure different attribute for GET_GROUPS_FROM_USER_MEMBEROF_STRATEGY
2017-11-14 15:05:26 +01:00
Pedro Igor
fdb618219f
[KEYCLOAK-5844] - Refreshing PAT instead of obtaining a new one every time
2017-11-14 11:24:45 -02:00
Stian Thorgersen
89f4b87038
KEYCLOAK-5567 Set correct status code on login error pages
2017-11-14 12:33:29 +01:00
vramik
ea869a3008
KEYCLOAK-5678 configs for rh-sso and keycloak are different, skip test interfaces for now
2017-11-14 11:27:03 +01:00
Bruno Oliveira
03d0488335
[KEYCLOAK-2052] Allows independently set timeouts for e-mail verification link and rest e.g. forgot password link
...
Co-authored-by: Hynek Mlnarik <hmlnarik@redhat.com>
2017-11-13 19:57:04 -02:00
Stian Thorgersen
925d5e1dea
KEYCLOAK-3173 enable logout offline refresh token using OIDC logout endpoint
2017-11-13 18:23:39 +01:00
Stian Thorgersen
d30bf938ee
KEYCLOAK-5821 Fix basic auth tests with embedded Undertow
2017-11-13 16:34:25 +01:00
Pavel Drozd
0f4b8be2b0
Merge pull request #4643 from vramik/KEYCLOAK-5678
...
KEYCLOAK-5678 Extend server-config-migration tests to test also exten…
2017-11-13 12:02:46 +01:00
Pavel Drozd
af97a84108
Merge pull request #4635 from vmuzikar/fix-x509
...
KEYCLOAK-5720 Fix X.509 tests
2017-11-13 11:56:16 +01:00
Przemysław Kadej
e28f402b6b
KEYCLOAK-5662 - CachePolicy.MAX_LIFESPAN - Cached LDAP users aren't being refreshed at all
2017-11-13 11:36:31 +01:00
Stian Thorgersen
4295f4ec31
KEYCLOAK-1886 Added cors headers to errors in token endpoint
2017-11-10 12:01:21 +01:00
mposolda
b033ce0669
KEYCLOAK-5371 SessionExpirationCrossDCTest - improve stability. Remove checks for counts of sent messages
2017-11-09 22:18:47 +01:00
mposolda
a98f085be6
KEYCLOAK-5618 Fix SessionsPreloadCrossDCTest. Update HOW-TO-RUN docs. Ensure it's executed in travis.
2017-11-09 17:39:04 +01:00
Stian Thorgersen
128ff12f8f
Bump versions
2017-11-09 15:37:21 +01:00
Marko Strukelj
dae0fafc8a
KEYCLOAK-5040 ProfileAssume needs to use server info endpoint
2017-11-09 14:19:06 +01:00
Bruno Oliveira
26e253f4a5
[KEYCLOAK-5284]
2017-11-09 13:45:06 +01:00
Marko Strukelj
2854a2006e
KEYCLOAK-5810 ClientTokenExchangeTest failures with -Pproduct profile
2017-11-09 13:44:10 +01:00
vmuzikar
3bf1904269
KEYCLOAK-5786 Fix testsuite not working with auth-server-eap profile
2017-11-09 08:10:58 +01:00
vmuzikar
2c2a332f80
KEYCLOAK-5332 Fix GitLab social test
2017-11-09 07:19:01 +01:00
vmuzikar
b21d5bbf04
KEYCLOAK-5805 Fix tests in the 'other' module
2017-11-09 07:01:27 +01:00
vramik
819181007c
KEYCLOAK-5678 Extend server-config-migration tests to test also extensions and management
2017-11-07 12:46:13 +01:00
mposolda
62a1c187a2
KEYCLOAK-5716 KEYCLOAK-5738 Avoid infinispan deadlock. Ensure code-to-token works correctly in cross-dc
2017-11-07 09:01:59 +01:00
Hynek Mlnarik
fe2f65daac
KEYCLOAK-5581 Fix SAML identity broker context serialization
2017-11-03 21:09:18 +01:00
vmuzikar
ef8adc15f4
KEYCLOAK-5720 Fix X.509 tests
2017-11-03 17:09:46 +01:00
Pedro Igor
3716fa44ac
[KEYCLOAK-5728] - Permission Claims support
2017-10-27 12:40:30 -02:00
Pedro Igor
081ad09ed8
Merge pull request #4619 from pedroigor/KEYCLOAK-4901
...
[KEYCLOAK-4901] - Reviewing methods on provider spi
2017-10-26 15:33:09 -03:00
Hynek Mlnařík
b0d88be420
Merge pull request #4572 from tkyjovsk/db-failover
...
KEYCLOAK-5691 Galera cluster, full testsuite
2017-10-26 20:22:47 +02:00
Pedro Igor
a70cab502c
[KEYCLOAK-4901] - Reviewing methods on provider spis
2017-10-26 13:39:57 -02:00
Pavel Drozd
12b2e72162
Merge pull request #4618 from vramik/KEYCLOAK-5244
...
KEYCLOAK-5244 fix blacklists.path in tests
2017-10-26 15:30:14 +02:00
Tomas Kyjovsky
a45a2acc4c
KEYCLOAK-5691 Galera cluster, full testsuite
2017-10-26 15:27:57 +02:00
Marek Posolda
aabd47ecdf
Merge pull request #4613 from tkyjovsk/KEYCLOAK-5751
...
KEYCLOAK-5751 Login/logout performance test scenario failing
2017-10-26 13:11:41 +02:00
Hynek Mlnařík
248da4687a
Merge pull request #4610 from hmlnarik/KEYCLOAK-5745-Extract-client-sessions-from-user-sessions
...
KEYCLOAK-5745 Separate user and client sessions in infinispan
2017-10-26 13:09:06 +02:00
vramik
2b44cb70af
KEYCLOAK-5244 fix blacklists.path in tests
2017-10-26 12:28:50 +02:00
Hynek Mlnarik
75c354fd94
KEYCLOAK-5745 Separate user and client sessions in infinispan
2017-10-26 10:39:41 +02:00
Tomas Kyjovsky
9bd5d31c1f
Added "& to &" rewrite for login form URI in the perf tests.
2017-10-25 22:28:46 +02:00
Bill Burke
903a4dd849
Merge pull request #4612 from patriot1burke/master
...
KEYCLOAK-5273
2017-10-25 13:54:32 -04:00
Bill Burke
de6eab6d5d
fix
2017-10-25 13:00:58 -04:00
Bill Burke
8c1a3253fb
KEYCLOAK-5273
2017-10-25 10:31:11 -04:00
Bruno Oliveira da Silva
375e01a074
KEYCLOAK-5278 ( #4606 )
2017-10-25 15:27:24 +02:00
Bill Burke
50ccb5e5f6
Merge pull request #4591 from abstractj/KEYCLOAK-5717
...
KEYCLOAK-5717
2017-10-24 17:38:28 -04:00
Pedro Igor
1840cc54e4
Merge pull request #4601 from pedroigor/KEYCLOAK-5726
...
[KEYCLOAK-5726] - Support define enforcement mode for scopes on the adapter config
2017-10-24 12:51:52 -02:00
Pedro Igor
80e9b08bb6
[KEYCLOAK-5726] - Tests for scopes-enforcement-mode ALL and ANY
2017-10-24 11:37:41 -02:00
Bruno Oliveira
4d762159ef
KEYCLOAK-5717
2017-10-24 10:55:02 -02:00
Hynek Mlnařík
8e0cc2a5ea
Merge pull request #4605 from mposolda/master
...
KEYCLOAK-5710 Change cache-server to use backups based caches
2017-10-24 14:40:01 +02:00
Pedro Igor
bc12193c3c
[KEYCLOAK-5726] - Fixes the parameter value when making queries
2017-10-24 10:39:55 -02:00
Pedro Igor
711aa83d31
[KEYCLOAK-5726] - Fixing web origins on photoz quickstart
2017-10-24 10:39:55 -02:00
Pedro Igor
a6e1413d58
[KEYCLOAK-5726] - Support define enforcement mode for scopes on the adapter configuration
2017-10-24 10:39:54 -02:00
Pavel Drozd
a4ec32ba66
Merge pull request #4602 from vramik/KEYCLOAK-5244
...
KEYCLOAK-5244 fix PasswordPolicyTest.testBlacklistPasswordPolicyWithT…
2017-10-24 14:17:35 +02:00
mposolda
9a19e95b60
KEYCLOAK-5710 Change cache-server to use backups based caches
2017-10-24 11:52:08 +02:00
Pavel Drozd
4010e5e247
Merge pull request #4588 from tkyjovsk/KEYCLOAK-5711
...
KEYCLOAK-5711 Adapter test module for Wildfly has compilation error
2017-10-23 22:27:31 +02:00
Stan Silvert
9083e5fe5c
KEYCLOAK-5298: Enable autoescaping in Freemarker ( #4561 )
...
* KEYCLOAK-5298: Enable autoescaping in Freemarker
* Fix several of the failing tests.
* Fix broken tests in integration-deprecated
* Fix last failing test.
2017-10-23 12:03:00 -04:00
Pavel Drozd
1eb2d894e5
Merge pull request #4593 from vmuzikar/ssl-fix
...
KEYCLOAK-5719 fix auth server ssl with base testsuite
2017-10-23 16:39:22 +02:00
Stian Thorgersen
9b75b603e3
KEYCLOAK-5234 ( #4585 )
2017-10-23 16:13:22 +02:00
vramik
a3a1761eb7
KEYCLOAK-5244 fix PasswordPolicyTest.testBlacklistPasswordPolicyWithTestBlacklist on Wildfly
2017-10-23 12:11:36 +02:00
Pavel Drozd
aaf25ad4f0
Merge pull request #4592 from vramik/KEYCLOAK-5705
...
KEYCLOAK-5705 add missing dependency to module.xml for mssql
2017-10-23 09:56:01 +02:00
Bill Burke
73ba06b26b
Merge pull request #4590 from patriot1burke/master
...
KEYCLOAK-5698
2017-10-20 14:58:07 -04:00
Bill Burke
92245e3fc8
fixes
2017-10-20 09:55:37 -04:00
vmuzikar
1dd2a90e20
KEYCLOAK-5719 fix auth server ssl with base testsuite
2017-10-20 14:10:06 +02:00
vramik
25d785df02
KEYCLOAK-5705 add missing dependency to module.xml for mssql
2017-10-20 12:56:51 +02:00
Bill Burke
54ebc21880
KEYCLOAK-5698
2017-10-19 19:38:56 -04:00
Tomas Kyjovsky
bd706418c9
KEYCLOAK-5711 Adapter test module for Wildfly has compilation error
2017-10-19 19:41:31 +02:00
Hynek Mlnarik
3248557897
KEYCLOAK-5707 Have travis run cross-dc tests when appropriate
2017-10-19 13:29:26 +02:00
Stian Thorgersen
d9ffc4fa21
KEYCLOAK-5225 ( #4577 )
...
KEYCLOAK-5225 fix test
Fix
2017-10-19 08:23:16 +02:00
Stian Thorgersen
fea4c54adc
KEYCLOAK-5280 ( #4576 )
2017-10-19 08:02:23 +02:00
Wyvie
988d660083
[KEYCLOAK-3837] added session and account linking spring boot tests ( #4564 )
2017-10-19 06:29:59 +02:00
Pedro Igor
19f54111ec
Merge pull request #4573 from pedroigor/KEYCLOAK-4550
...
[KEYCLOAK-4550] - Test invalid configuration for user policy
2017-10-18 19:37:29 -02:00
Pedro Igor
cedc095a9c
[KEYCLOAK-4550] - Test invalid configuration for user policy
2017-10-18 18:42:55 -02:00
Hynek Mlnarik
6d18ba4b32
KEYCLOAK-5688 Add externalizers for session entities
...
and remove unused events
2017-10-18 16:04:57 +02:00
Thomas Darimont
3103e0fd0a
KEYCLOAK-5244 Add BlacklistPasswordPolicyProvider ( #4370 )
...
* KEYCLOAK-5244 Add BlacklistPasswordPolicyProvider
This introduces a new PasswordPolicy which can refer to
a named predefined password-blacklist to avoid users
choosing too easy to guess passwords.
The BlacklistPasswordPolicyProvider supports built-in as
well as custom blacklists.
built-in blacklists use the form `default/filename`
and custom ones `custom/filename`, where filename
is the name of the found blacklist-filename.
I'd propose to use some of the freely available password blacklists
from the [SecLists](https://github.com/danielmiessler/SecLists/tree/master/Passwords ) project.
For testing purposes one can download the password blacklist
```
wget -O 10_million_password_list_top_1000000.txt https://github.com/danielmiessler/SecLists/blob/master/Passwords/10_million_password_list_top_1000000.txt?raw=true
```
to /data/keycloak/blacklists/
Custom password policies can be configured with the SPI
configuration mechanism via jboss-cli:
```
/subsystem=keycloak-server/spi=password-policy:add()
/subsystem=keycloak-server/spi=password-policy/provider=passwordBlacklist:add(enabled=true)
/subsystem=keycloak-server/spi=password-policy/provider=passwordBlacklist:write-attribute(name=properties.blacklistsFolderUri, value=file:///data/keycloak/blacklists/)
```
Password blacklist is stored in a TreeSet.
* KEYCLOAK-5244 Encode PasswordBlacklist as a BloomFilter
We now use a dynamically sized BloomFilter with a
false positive probability of 1% as a backing store
for PasswordBlacklists.
BloomFilter implementation is provided by google-guava
which is available in wildfly.
Password blacklist files are now resolved against
the ${jboss.server.data.dir}/password-blacklists.
This can be overridden via system property, or SPI config.
See JavaDoc of BlacklistPasswordPolicyProviderFactory for details.
Revised implementation to be more extensible, e.g. it could be
possible to use other stores like databases etc.
Moved FileSystem specific methods to FileBasesPasswordBlacklistPolicy.
The PasswordBlacklistProvider uses the guava version 20.0
shipped with wildfly. Unfortunately the arquillian testsuite
transitively depends on guava 23.0 via the selenium-3.5.1
dependency. Hence we need to use version 23.0 for tests but 20.0
for the policy provider to avoid NoClassDefFoundErrors in the
server-dist.
Configure password blacklist folder for tests
* KEYCLOAK-5244 Configure jboss.server.data.dir for test servers
* KEYCLOAK-5244 Translate blacklisted message in base/login
2017-10-17 20:41:44 +02:00
Hynek Mlnařík
fe76b2428b
Merge pull request #4563 from hmlnarik/KEYCLOAK-5656-Transport-factory-should-not-limit-to-a-single-DC-3
...
KEYCLOAK-5656 Use standard infinispan remote-store
2017-10-17 09:39:01 +02:00
Pavel Drozd
83b4279ce1
Merge pull request #4555 from vramik/KEYCLOAK-5673
...
KEYCLOAK-5673 add support for testing config from prod 2.5.x
2017-10-17 07:43:40 +02:00
Pavel Drozd
9c16a58d52
Merge pull request #4554 from vramik/KEYCLOAK-5672
...
KEYCLOAK-5672 rewrite server-config-migration module to use offline mode
2017-10-17 07:42:29 +02:00
vramik
cb2bd0fe1a
KEYCLOAK-5672 rewrite server-config-migration module to use offline mode
2017-10-16 22:51:59 +02:00
Hynek Mlnarik
056ba75a72
KEYCLOAK-5656 Use standard infinispan remote-store
2017-10-16 21:49:42 +02:00