keycloak-scim

Author	SHA1	Message	Date
Martin Kanis	395bd447f2	Hot Rod map storage: Login failure no-downtime store	2022-04-01 20:43:18 +02:00
Douglas Palmer	f57d0dd100	Automated tests for session limits authenticator (browser, direct grant, reset password) (#11046 ) Closes #11003	2022-04-01 18:44:38 +02:00
Michal Hajas	44000caaf5	KEYCLOAK-19177 Disable ECP flow by default for all Saml clients; ecp flow creates only transient users sessions	2022-03-31 16:06:44 +02:00
Teubner, Malte	b5f70d8a32	Add scope parameter to admin-client TokenManager. Closes #10759	2022-03-31 10:56:08 -03:00
iingawal	6016b461db	Fix for "updatedAt" user attribute in "profile" client scope should use number instead of String (#11020 ) Closes #10081 Co-authored-by: Indrajit Ingawale <iingawal@iingawal.pnq.csb>	2022-03-31 14:33:03 +02:00
Marek Posolda	aacae9b9ac	Support for frontchannel_logout_session_required OIDC client parameter (#11009 ) * Support for frontchannel_logout_session_required OIDC client parameter Closes #10137	2022-03-31 14:25:24 +02:00
Marek Posolda	22a16ee899	OIDC RP-Initiated logout endpoint (#10887 ) * OIDC RP-Initiated logout endpoint Closes #10885 Co-Authored-By: Marek Posolda <mposolda@gmail.com> * Review feedback Co-authored-by: Douglas Palmer <dpalmer@redhat.com>	2022-03-30 11:55:26 +02:00
Andrea Peruffo	da5db5a813	Fix NPEs during realm import (#10962 ) Closes #10961	2022-03-29 21:48:37 +02:00
Marcelo Daniel Silva Sales	091b1472ce	Introduce client secret rotation dynamic registration (#10952 ) Closes #10609	2022-03-28 20:39:11 +02:00
Konstantinos Georgilakis	99fa6275c1	KEYCLOAK-19313 configure the name format in Attribute Importer IdP Mapper	2022-03-25 09:42:22 +01:00
Takashi Norimatsu	9c01d819cb	Client Policies : An executor rejecting all requests Closes #9097	2022-03-23 12:45:38 +01:00
Marcelo Daniel Silva Sales	6efa45f93e	Update secret rotation when the policy is enabled using jwt (#10853 ) Closes #10666	2022-03-23 08:25:58 +01:00
Martin Kanis	e493b08fa7	Add expiration field to root authentication session	2022-03-23 07:47:47 +01:00
Michal Hajas	99c06d1102	Authorization services refactoring Closes: #10447 * Prepare logical layer to distinguish between ResourceServer id and client.id * Reorder Authz methods: For entities outside of Authz we use RealmModel as first parameter for each method, to be consistent with this we move ResourceServer to the first place for each method in authz * Prepare Logical (Models/Adapters) layer for returning other models instead of ids * Replace resourceServerId with resourceServer model in PermissionTicketStore * Replace resourceServerId with resourceServer model in PolicyStore * Replace resourceServerId with resourceServer model in ScopeStore * Replace resourceServerId with resourceServer model in ResourceStore * Fix PermissionTicketStore bug * Fix NPEs in caching layer * Replace primitive int with Integer for pagination parameters	2022-03-22 20:49:40 +01:00
Alexander Schwartz	fb92b95c33	Revert from getParameterCount() to getParameterTypes().length to be Java 1.7 compatible. This reverts commit `bc27c7c464`. Closes #10840	2022-03-22 10:23:25 +01:00
keycloak-bot	c71aa8b711	Set version to 999-SNAPSHOT (#10784 )	2022-03-22 09:22:48 +01:00
Martin Kanis	0faf3987f6	Hot Rod map storage: Authentication session no-downtime store	2022-03-22 09:05:52 +01:00
Pedro Igor	ffa6df5547	Fixes to hostname (#10820 ) Closes #10627 Closes #10331	2022-03-22 08:11:50 +01:00
Joaquim Fellmann	92c4e6d585	KEYCLOAK-16134 Allow webauthn idless login flow (#7860 ) Closes #10832	2022-03-21 11:37:33 +01:00
Clara Fang	bc27c7c464	Replace occurrences of getParameterTypes().length and getParameters().length with getParameterCount() Closes #10333	2022-03-18 11:20:52 +01:00
Michal Hajas	c18a682f50	Do not store undefined values in store Closes #10744	2022-03-17 16:44:33 +01:00
mposolda	9e12587181	Protocol mapper and client scope for 'acr' claim Closes #10161	2022-03-11 09:23:25 +01:00
Martin Bartoš	8ee7ae24de	Make WebAuthn feature default for the product version Closes #10695	2022-03-10 19:00:54 +01:00
Ivan Atanasov	5c6b123aff	Support for the Recovery codes (#8730 ) Closes #9540 Co-authored-by: Zachary Witter <torquekma@gmail.com> Co-authored-by: stelewis-redhat <91681638+stelewis-redhat@users.noreply.github.com>	2022-03-10 15:49:25 +01:00
Martin Bartoš	8a0f1ccb34	Properly execute AuthenticationFlowCallbackProviderTest with Map storage Closes #10268, Closes #10225	2022-03-10 15:00:23 +01:00
rmartinc	a7c8aa1dd3	[#10616 ] Incorrect username logged for federated accounts (#10662 ) Closes #10616	2022-03-10 13:21:39 +01:00
Marcelo Daniel Silva Sales	0c25da542c	Update secret rotation when the policy is disabled (#10674 ) Closes #10667	2022-03-10 13:03:09 +01:00
Alexander Schwartz	18f391d8c4	Fix spelling error in field and classname It's always a converter, unless electricity is involved. Closes #10573	2022-03-09 08:28:52 -03:00
Marcelo Daniel Silva Sales	7335abaf08	Keycloak 10489 support for client secret rotation (#10603 ) Closes #10602	2022-03-09 00:05:14 +01:00
mposolda	d394e51674	Introduce profile 'feature' for step-up authentication enabled by default Closes #10315	2022-03-08 14:42:46 +01:00
rmartinc	48565832d4	[#10608 ] Password blacklists folder	2022-03-08 08:22:34 -03:00
mposolda	93bba8e338	Replace 'Store LoA in User Session' with 'Max Age'. Refactoring of step-up authentications related to that. Closes #10205	2022-03-08 10:41:05 +01:00
Martin Bartoš	02d0fe82bc	Auth execution 'Condition - User Attribute' missing Closes #9895	2022-03-08 08:24:48 +01:00
Michal Hajas	f77ce315bb	Disable Authz caching for new storage tests Closes #10500	2022-03-07 10:22:55 -03:00
Michael Parlee	722ce950bf	Improve user search performance Removes bulder.lower() from user search queries on email and username. Closes #8893	2022-03-04 14:15:14 +01:00
Takashi Norimatsu	201277b897	Handle OIDC authz request with "response_type" missing and "response_mode=form_post" Closes #10144	2022-03-04 13:31:40 +01:00
Takashi Norimatsu	92f6c75328	Nonce parameter should be required in authorizationEndpoint only when "id_token" is included in response_type Closes #10143	2022-03-03 13:26:39 +01:00
Daniel Gozalo	76101e3591	[fixes #9225 ] - Get scopeIds from the AuthorizationRequestContext instead of session if DYNAMIC_SCOPES are enabled Add a test to make sure ProtocolMappers run with Dynamic Scopes Change the way we create the DefaultClientSessionContext with respect to OAuth2 scopes, and standardize the way we obtain them from the parameter	2022-03-01 13:47:58 +01:00
stianst	5ef8265b75	Remove Tomcat 7 adapter Closes #9428	2022-02-28 07:50:36 +01:00
mposolda	52712d2c82	ACR support in the javascript adapter Closes #10154	2022-02-24 20:07:50 +01:00
Martin Kanis	6249e34177	Hot Rod map storage: Client scope no-downtime store	2022-02-24 13:30:27 +01:00
Michal Hajas	b4281468d0	Convert Map Realm Entities into interfaces Closes #9736	2022-02-24 13:23:19 +01:00
Vlasta Ramik	aa6a131b73	Change String client.id to ClientModel client in ResourceServerStore Closes #10442	2022-02-24 12:46:26 +01:00
Pedro Igor	209df44641	Fixing responses when unexpected errors occurs (#10383 ) Closes #10338	2022-02-23 07:44:25 +01:00
Marek Posolda	8c3fc5a60e	Option for client to specify default acr level (#10364 ) Closes #10160	2022-02-22 07:54:30 +01:00
Marek Posolda	caf37b1f70	Support for acr_values_supported in OIDC well-known endpoint (#10265 ) * Support for acr_values_supported in OIDC well-known endpoint closes #10159	2022-02-18 11:33:31 +01:00
Filipe Bojikian Rissi	323c08c8cc	KEYCLOAK-19519 Encryption algorithm RSA-OAEP with A256GCM (#8553 ) Closes #10300	2022-02-17 17:41:54 +01:00
Martin Bartoš	314d303a99	Possibility to ignore tests for particular browsers Closes #10213	2022-02-17 09:02:11 +01:00
Pedro Igor	a9668d14ce	Proper error response when handing unexpected errors Closes #10176	2022-02-16 15:35:38 -03:00
Martin Bartoš	bbe9ab38bc	Unstable AuthenticationFlowCallbackProviderTest for undertow-map Closes #10225	2022-02-16 15:49:08 +01:00

1 2 3 4 5 ...

3145 commits