David Perrenoud
36da2d20e9
KEYCLOAK-17039 Local file in a webview fails when requesting with "Origin: null" since 11.0.2
2021-11-11 10:55:33 +01:00
rmartinc
a4c4c00d00
[KEYCLOAK-14309] Duplicate sub claim at JSON level
2021-11-08 11:54:39 +01:00
Alec Henninger
cec6a8a884
KEYCLOAK-19700: Attempt to reuse denied device authorization code results in server error
2021-11-08 11:37:51 +01:00
Takashi Norimatsu
d0493b4306
KEYCLOAK-19723 Existing ECDSA key provider's key pair is not regenerated when its curve is changed on Admin Console
2021-11-05 10:05:40 +01:00
mposolda
5740e158e3
KEYCLOAK-18744 OpenBanking Brasil fix for X509 client authentication. More flexibility in Subject DN comparison.
2021-11-05 09:10:50 +01:00
Pedro Igor
3c00dba8ad
[KEYCLOAK-19767] - Fixing testsuite to point to right persisted config
2021-11-04 15:06:49 -03:00
Dominik Guhr
579c5462b2
KEYCLOAK-19308 Grouping for help commands and refactoring of Propertymapper usage to provida a fluid API
2021-11-04 08:59:56 -03:00
Luca Leonardo Scorcia
e99b363ba0
KEYCLOAK-18879 Generate RequestedAttribute SP metadata for SAML Attribute Role Mappers
2021-11-04 11:15:32 +01:00
Bruno Oliveira da Silva
16db810b03
[KEYCLOAK-19754] - Update documentation files to remove problematic language in the main repository
2021-11-04 10:08:56 +01:00
Pedro Igor
eaa96f6147
[KEYCLOAK-18255] - Vault Support in Dist.X
2021-11-03 09:23:33 -03:00
Leonardo Brancalhão
a2a788ec39
KEYCLOAK-18401 Oracle test fixes
2021-11-02 11:55:38 +01:00
Joerg Matysiak
afc5cb4d14
KEYCLOAK-19617 Simplify creation of custom user profiles
...
* DeclarativeUserProfileProvider passes its ID to DeclarativeUserProfileModel, so this also works for derived classes.
* Moved creation of declarative user profile model to a protected factory method to allow subclasses to provide their own implementation.
* Added integration tests for custom user profile
* configured declarative-user-profile as default user profile provider in test servers
* Restore previously configured default provider after test with special provider settings
* Some refactoring in SpiProviderSwitchingUtils
2021-10-28 08:26:11 -03:00
Martin Kanis
af97849feb
KEYCLOAK-19030 Implement HotRodConnectionProvider
2021-10-27 14:07:19 +02:00
Konstantinos Georgilakis
a5c8c45551
KEYCLOAK-19388 correct AttributeConsumingService bug in SAML SP metadata
2021-10-21 20:24:46 +02:00
Takashi Norimatsu
263161ff66
KEYCLOAK-19540 FAPI 2.0 Baseline : Reject Resource Owner Password Credentials Grant
2021-10-21 09:13:12 +02:00
Thomas Darimont
9857a04895
KEYCLOAK-16107 Enable ScriptBasedOIDCProtocolMapper to return JSON objects directly
...
We now allow to return JSON objects directly from a ScriptBasedOIDCProtocolMapper, by
adding support to turn objects that implement the java.util.Map into JsonNodes.
Previously returning JSON objects directly caused an exception during runtime.
2021-10-19 11:21:26 -03:00
Dominik Guhr
7b135c4dfc
KEYCLOAK-19461 Unignore OpenShiftTokenReviewEndpointTest
2021-10-18 08:56:43 -03:00
Dominik Guhr
c45a6fde12
KEYCLOAK-19547 Switch arquillian quarkus container to use autobuild to prevent timeo… ( #8576 )
...
* KEYCLOAK-19547 Switch arquillian quarkus container to use autobuild to prevent timeouts when reaugmentation is longer than 10s
Co-authored-by: Dominik Guhr <dguhr@redhat.com>
2021-10-18 08:53:12 -03:00
Douglas Palmer
73f0474008
[KEYCLOAK-19422] ClassLoaderTheme and ClasspathThemeResourceProviderFactory allows reading any file available as a resource to the classloader
2021-10-18 10:23:06 +02:00
mposolda
7010017e0e
KEYCLOAK-19555 Improvements in ConsentRequiredExecutor of client policies
2021-10-16 14:11:18 +02:00
Thomas Darimont
b1bcd5d66e
KEYCLOAK-12754 Honor nested composite roles when creating roles via REST API ( #7097 )
...
* KEYCLOAK-12754 Honor nested composite roles when creating roles via REST API
- Validate composite roles when creating roles via REST API
2021-10-15 10:33:19 -03:00
Pedro Igor
982f0f93b4
[KEYCLOAK-19559] - Support for custom JPA model
2021-10-15 08:48:30 -03:00
mposolda
acd00a492b
KEYCLOAK-19556 Avoid auto-creating invalid redirect URL for FAPI clients
2021-10-15 11:17:59 +02:00
Pedro Igor
27e74c41ff
[KEYCLOAK-19459] - Enabling ClientSearchTest to Dist.X
2021-10-14 17:08:06 -03:00
Dominik
8f3940032e
KEYCLOAK-19461 Add dependency for openshift restclient to quarkus dist to make the OpenShiftClientStorageTest work.
2021-10-13 14:52:19 -03:00
Takashi Norimatsu
a4f83c569d
KEYCLOAK-19510 Nested JWT JOSE header needs to set JWT to cty field
2021-10-12 16:58:15 +02:00
Bart Monhemius
5b0986e490
[KEYCLOAK-18891] Add support for searching users by custom user attributes
...
Users can now be searched by custom attributes using 'q' in the query parameters. The implementation is roughly the same as search clients by custom attributes.
2021-10-12 13:08:47 +02:00
Dominik
ce0070508f
KEYCLOAK-19457 Unignore JsonFileImportTests now that KEYCLOAK-19521 is done
2021-10-11 16:41:07 -03:00
Dominik
00feef4dbe
KEYCLOAK-19496 Unignore ArtifactBindingCustomResolverTest and make SetDefaultProvider Annotation usable for Quarkus-based distribution
2021-10-08 15:50:59 -03:00
R Yamada
891c8e1a12
[KEYCLOAK-17653] - OIDC Frontchannel logout support
2021-10-07 15:27:19 -03:00
Dominik
97ee8832a3
KEYCLOAK-19079 Add special case for kubeadmin without uid and OCP4
2021-10-07 14:29:00 -03:00
Dominik
12d4837fa9
KEYCLOAK-19484_BasicSamlTest
2021-10-06 12:04:05 -03:00
Martin Kanis
30b3caee9f
KEYCLOAK-18445 Add support for cross-site model tests
2021-10-06 14:37:06 +02:00
Dominik
cd7a22c174
KEYCLOAK-19476: Unignore LoginTest.loginWithLongRedirectUri by adding property to authserver-quarkus
2021-10-06 08:03:34 -03:00
Tomas Kyjovsky
01a0e11c8f
KEYCLOAK-19392 pass infinispan javaVmArguments via JAVA_OPTS instead of CLI parameters
2021-10-05 09:06:50 +02:00
Dominik
021245a330
KEYCLOAK-19463 fix PasswordPolicyTest for Quarkus
2021-10-04 15:32:18 -03:00
Dominik
8cf35c9b7b
KEYCLOAK-13770 - Working DefaultThemeManagerTest
2021-10-01 11:25:17 -03:00
Michal Hajas
da0c945475
KEYCLOAK-18940 Add support for searching composite roles
2021-10-01 12:41:19 +02:00
Nathan Strobbe
64717f650b
KEYCLOAK-15167 Retrieve email from Twitter IdP
2021-10-01 09:45:20 +02:00
Pedro Igor
0210acadad
[KEYCLOAK-19424] - Rename the config command to build
2021-10-01 08:39:50 +02:00
Luca Leonardo Scorcia
43a3c676f7
KEYCLOAK-16456 X509 Auth: add option for OCSP fail-open behavior
2021-10-01 08:37:01 +02:00
Daniel Fesenmeyer
0a2f8f5b63
KEYCLOAK-17887 fix endpoint for creating or updating realm localization texts for a given locale (UnsupportedOperation was thrown because RealmAdapter tried to change unmodifiable map):
...
- fix RealmAdapter to create a new map instead of trying to change unmodifiable map
- only provide POST endpoints for creating or updating the texts (to have the endpoints consistent with other Admin API endpoints)
- add tests
2021-09-30 15:07:56 +02:00
stianst
f471a110cd
KEYCLOAK-19408 Better client secrets
2021-09-29 18:19:43 +02:00
Dominik
82964f7460
KEYCLOAK-13770 Working FixedHostnameTest for Quarkus
2021-09-28 11:48:50 -03:00
stianst
12c7bc7350
KEYCLOAK-19410 Compile issues in IntelliJ due to imports of sun packages
2021-09-28 14:59:33 +02:00
Dominik
20b91c7d4f
KEYCLOAK-13770 Fix Quarkus ScriptDeploymentTests, Hostnametests and tests relying on user attribute config
2021-09-27 15:19:45 -03:00
Václav Muzikář
69a146db7e
KEYCLOAK-18128 Keycloak cannot fetch group claims from openshift
2021-09-27 08:05:43 -03:00
Daniel Fesenmeyer
339224578e
KEYCLOAK-10603 adjust assignments to roles (user-role and group-role assignments, client-scope and client "scope mappings"): allow assignments of roles which are already indirectly assigned (e.g. by composite role)
...
- extend RoleMapperModel with method hasDirectRole(RoleModel), which only checks for direct assignment in contrast to the existing method hasRole(RoleModel)
- extend ScopeContainerModel with method hasDirectScope(RoleModel), which only checks for direct scope mapping in contrast to the existing method hasScope(RoleModel)
- use the new hasDirectRole and hasDirectScope methods to check whether a role is in the "available" list and whether it can be assigned (previously, the hasRole method was used for this purpose)
- add hint to UI that available roles contain effectively assigned roles which are not directly assigned
- adjust and extend tests
2021-09-22 13:56:29 +02:00
Vlastimil Elias
28e220fa6d
KEYCLOAK-18497 - Support different input types in built-in dynamic forms
2021-09-20 09:14:49 -03:00
Takashi Norimatsu
375e47877e
KEYCLOAK-18558 Client Policy - Endpoint : support Device Authorization Endpoint
2021-09-20 11:22:58 +02:00