keycloak-scim

Author	SHA1	Message	Date
Jess Thrysoee	3b58692d7c	KEYCLOAK-11596 Enable template cache when cacheTemplates attribute is true	2019-10-01 14:37:48 +02:00
David Festal	d73a2b821c	Fix a NPE when using token-exchange When using the preview token-exchange feature with the `openshit-v3` identity provider, a NPE is triggered, because it tries to extract the `metadata` field twice from the user profile: ``` 13:17:13,667 ERROR [org.keycloak.services.error.KeycloakErrorHandler] (default task-7) Uncaught server error: java.lang.NullPointerException at org.keycloak.broker.oidc.AbstractOAuth2IdentityProvider.getJsonProperty(AbstractOAuth2IdentityProvider.java:357) at org.keycloak.social.openshift.OpenshiftV3IdentityProvider.extractUserContext(OpenshiftV3IdentityProvider.java:61) at org.keycloak.social.openshift.OpenshiftV3IdentityProvider.extractIdentityFromProfile(OpenshiftV3IdentityProvider.java:87) at org.keycloak.broker.oidc.AbstractOAuth2IdentityProvider.validateExternalTokenThroughUserInfo(AbstractOAuth2IdentityProvider.java:489) at org.keycloak.broker.oidc.AbstractOAuth2IdentityProvider.exchangeExternalUserInfoValidationOnly(AbstractOAuth2IdentityProvider.java:548) at org.keycloak.broker.oidc.AbstractOAuth2IdentityProvider.exchangeExternalImpl(AbstractOAuth2IdentityProvider.java:528) at org.keycloak.broker.oidc.AbstractOAuth2IdentityProvider.exchangeExternal(AbstractOAuth2IdentityProvider.java:519) at org.keycloak.protocol.oidc.endpoints.TokenEndpoint.exchangeExternalToken(TokenEndpoint.java:917) at org.keycloak.protocol.oidc.endpoints.TokenEndpoint.tokenExchange(TokenEndpoint.java:696) at org.keycloak.protocol.oidc.endpoints.TokenEndpoint.processGrantRequest(TokenEndpoint.java:194) ..... 13:17:28,916 ERROR [org.keycloak.services.error.KeycloakErrorHandler] (default task-7) Uncaught server error: java.lang.NullPointerException at org.keycloak.broker.oidc.AbstractOAuth2IdentityProvider.getJsonProperty(AbstractOAuth2IdentityProvider.java:357) at org.keycloak.social.openshift.OpenshiftV3IdentityProvider.extractUserContext(OpenshiftV3IdentityProvider.java:61) at org.keycloak.social.openshift.OpenshiftV3IdentityProvider.extractIdentityFromProfile(OpenshiftV3IdentityProvider.java:87) at org.keycloak.broker.oidc.AbstractOAuth2IdentityProvider.validateExternalTokenThroughUserInfo(AbstractOAuth2IdentityProvider.java:489) at org.keycloak.broker.oidc.AbstractOAuth2IdentityProvider.exchangeExternalUserInfoValidationOnly(AbstractOAuth2IdentityProvider.java:548) at org.keycloak.broker.oidc.AbstractOAuth2IdentityProvider.exchangeExternalImpl(AbstractOAuth2IdentityProvider.java:528) at org.keycloak.broker.oidc.AbstractOAuth2IdentityProvider.exchangeExternal(AbstractOAuth2IdentityProvider.java:519) at org.keycloak.protocol.oidc.endpoints.TokenEndpoint.exchangeExternalToken(TokenEndpoint.java:917) at org.keycloak.protocol.oidc.endpoints.TokenEndpoint.tokenExchange(TokenEndpoint.java:696) at org.keycloak.protocol.oidc.endpoints.TokenEndpoint.processGrantRequest(TokenEndpoint.java:194) ...... 13:17:53,492 ERROR [org.keycloak.services.error.KeycloakErrorHandler] (default task-7) Uncaught server error: java.lang.NullPointerException at org.keycloak.broker.oidc.AbstractOAuth2IdentityProvider.getJsonProperty(AbstractOAuth2IdentityProvider.java:357) at org.keycloak.social.openshift.OpenshiftV3IdentityProvider.extractUserContext(OpenshiftV3IdentityProvider.java:61) at org.keycloak.social.openshift.OpenshiftV3IdentityProvider.extractIdentityFromProfile(OpenshiftV3IdentityProvider.java:87) at org.keycloak.broker.oidc.AbstractOAuth2IdentityProvider.validateExternalTokenThroughUserInfo(AbstractOAuth2IdentityProvider.java:489) at org.keycloak.broker.oidc.AbstractOAuth2IdentityProvider.exchangeExternalUserInfoValidationOnly(AbstractOAuth2IdentityProvider.java:548) at org.keycloak.broker.oidc.AbstractOAuth2IdentityProvider.exchangeExternalImpl(AbstractOAuth2IdentityProvider.java:528) at org.keycloak.broker.oidc.AbstractOAuth2IdentityProvider.exchangeExternal(AbstractOAuth2IdentityProvider.java:519) at org.keycloak.protocol.oidc.endpoints.TokenEndpoint.exchangeExternalToken(TokenEndpoint.java:917) at org.keycloak.protocol.oidc.endpoints.TokenEndpoint.tokenExchange(TokenEndpoint.java:696) at org.keycloak.protocol.oidc.endpoints.TokenEndpoint.processGrantRequest(TokenEndpoint.java:194) ```	2019-10-01 14:23:46 +02:00
mhajas	f852ef157d	KEYCLOAK-11470 Fix rebase issue	2019-10-01 08:20:55 +02:00
mhajas	6f097bdf89	KEYCLOAK-11470 Remove Assertj from testsuite There is no reason to use more types of assertions and we already heavily use hamcrest	2019-09-30 13:16:01 +02:00
vramik	67bcaf9ad7	KEYCLOAK-10155 app-server-remote tests	2019-09-30 10:29:51 +02:00
vramik	b1697a5e71	KEYCLOAK-11069 auth-server-remote tests	2019-09-30 10:29:51 +02:00
Mathieu CLAUDEL	2fb507e170	KEYCLOAK-10802 add support of SAMLv2 ForceAuthn	2019-09-27 09:55:54 +02:00
rmartinc	6283c7add3	KEYCLOAK-10975: Clock skew configuration in keycloak-saml.xml can't be found in the keycloak-saml subsystem	2019-09-27 09:35:03 +02:00
vmuzikar	1cdc5e1969	KEYCLOAK-11514 Add option to download specific WebDriver binaries versions	2019-09-26 09:54:30 -03:00
Yaroslav Kvasetskiy	622d049207	KEYCLOAK-10837 Add possibility to disable certificate verification for outgoing https connections	2019-09-26 08:12:09 -03:00
Tommy Odom	6f86c6d253	KEYCLOAK-10875 Adding quotes around the path to the JAR in case %DIRNAME% contains spaces	2019-09-26 10:28:47 +02:00
madgaet	0d12b8dd5a	[KEYCLOAK-11497] OIDC Idp authentication with private_key_jwt may not always work (#6337 )	2019-09-25 23:10:07 +02:00
mhajas	b126c81ae3	KEYCLOAK-11313 Ignore failure of uninstalling arquillian bundle	2019-09-25 13:48:48 +02:00
Jon Koops	ff77b549ec	[KEYCLOAK-11193] Change 'disableLogging' to 'enableLogging' and default to false	2019-09-24 10:31:02 -03:00
Benjamin Weimer	2b1acb99a2	KEYCLAOK-9999 fix client import (#6136 )	2019-09-23 13:08:24 +02:00
mhajas	f810e85526	KEYCLOAK-11316 Fix Photoz instabilities on windows Error message: Cannot read property 'token_endpoint' of undefined	2019-09-20 13:12:09 +02:00
Kohei Tamura	a09b593342	KEYCLOAK-10952 Fix incorrect message when clicking revoke grant	2019-09-20 12:02:34 +02:00
Łukasz Dywicki	76e988ad18	KEYCLOAK-11308 Fallback to imported realm version. In case of missing RH SSO version lets stick with bare Keycloak version.	2019-09-20 11:54:23 +02:00
Hynek Mlnarik	8a9152b769	KEYCLOAK-11320 Add tooltips to fields with vault support	2019-09-20 11:48:00 +02:00
Kohei Tamura	c68afdab83	KEYCLOAK-7547 Change log level of a message when deleting user When deleting a user (who has not failed to log in yet if Brute Force Detection is not enabled), the following message is always recorded: {noformat} 10:34:15,101 WARN [org.keycloak.models.sessions.infinispan.changes.InfinispanChangelogBasedTransaction] (default task-7) Not present cache item for key LoginFailureKey [ realmId=568c76c7-9308-4d84-bfc1-ec3542deaf02. userId=4c011785-a39a-43bf-b0c1-43c63decf2f1 ] {noformat} This is noisy and should not be logged at warning level.	2019-09-20 11:37:30 +02:00
Hisanobu Okuda	da49dbce2b	KEYCLOAK-10770 user-storage/{id}/sync should return 400 instead of 404	2019-09-20 11:17:09 +02:00
mhajas	37b7b595a5	KEYCLOAK-11410 Do not throw exception in PlaintextVaultProvider if unconfigured	2019-09-19 14:56:19 +02:00
rradillen	b71198af9f	[KEYCLOAK-8575] oidc idp basic auth (#6268 ) * [KEYCLOAK-8575] Allow to choose between basic auth and form auth for oidc idp * uncomment ui and add tests * move basic auth to abstract identity provider (except for getting refresh tokens) * removed duplications	2019-09-19 14:36:16 +02:00
Stefan Guilhen	b833ce9dd3	[KEYCLOAK-11485] Add test case for the as7-eap6 SAML subsystem	2019-09-19 13:39:24 +02:00
Captain-P-Goldfish	b45f5980e0	Make password policy identifiers public If a password policy should be modified prgorammatically the constant key identifiers to set the values should be accessible globally	2019-09-19 12:30:15 +02:00
Jon Koops	0b9c6192a3	KEYCLOAK-11193 Allow JavaScript logging to be disabled	2019-09-19 07:09:32 -03:00
k-tamura	f35d3a8ec9	KEYCLOAK-10791 Remove duplicate lines in properties	2019-09-19 08:49:32 +02:00
rmartinc	7f54a57271	KEYCLOAK-10757: Replaying assertion with signature in SAML adapters	2019-09-18 16:49:00 +02:00
Sven-Torben Janus	1887d3b038	KEYCLOAK-10942 Incorporate comments from code review see https://github.com/keycloak/keycloak/pull/6251/files#r325212980	2019-09-18 09:47:18 +02:00
Sven-Torben Janus	f261c43fab	KEYCLOAK-10942 Support eDirectory GUID Convert eDirectory GUID which is in binary format to a UUID in dashed string format.	2019-09-18 09:47:18 +02:00
farmersmurf	515727c944	fix: as discussed changed to NOT_ACCEPTABLE rather than OK to prevent INTERNAL SERVER ERROR on validation	2019-09-17 16:35:42 +02:00
farmersmurf	ae74335760	KEYCLOAK-10944 Fix 500 Error Code on Update Password	2019-09-17 16:35:42 +02:00
farmersmurf	b443c8186d	KEYCLOAK-10944 Fix 500 Error Code on Update Password	2019-09-17 16:35:42 +02:00
madgaet	53b28aaa7e	[KEYCLOAK-9809] Support private_key_jwt authentication for external IdP	2019-09-17 16:04:23 +02:00
madgaet	c35718cb87	[KEYCLOAK-9809] Support private_key_jwt authentication for external IdP	2019-09-17 16:04:23 +02:00
Stan Silvert	69359eab23	KEYCLOAK-11426: Remove background	2019-09-17 09:37:14 -03:00
Armel Soro	f26f634887	Fix typo in client authenticator tooltip message	2019-09-17 12:21:18 +02:00
Jan Lieskovsky	63e9eec52d	[KEYCLOAK-11415] Switch the 'GroupMapperConfig.PRESERVE_GROUP_INHERITANCE' setting reliably Use own, separate context when trying to switch 'GroupMapperConfig.PRESERVE_GROUP_INHERITANCE' group mapper config setting to 'false' (or back), across the various tests from LDAPGroupMapperSyncTest suite. This makes the test results deterministic again (prevents 'test02_syncWithGroupInheritance()' and 'test03_syncWithDropNonExistingGroups()' tests randomly to fail depending if attempt to reset the 'GroupMapperConfig.PRESERVE_GROUP_INHERITANCE' back to 'true' in previous 'test01_syncNoPreserveGroupInheritance()' test succeeded, or not) Signed-off-by: Jan Lieskovsky <jlieskov@redhat.com>	2019-09-16 20:42:46 +02:00
Karel Hala	f8e4ccd57a	KEYCLOAK-11195 Add module loading to dependencies Use window global libraries for AMD	2019-09-13 14:47:45 -03:00
Kohei Tamura	09671aa480	KEYCLOAK-11178 Suppress incorrect warnings	2019-09-13 10:21:20 +02:00
Jan Lieskovsky	7ab854fecf	[KEYCLOAK-8253] When syncing flat (all groups being the top-level ones) structure of LDAP groups from federation provider to Keycloak, perform the search if the currently processed group already exists in Keycloak in log(N) time Signed-off-by: Jan Lieskovsky <jlieskov@redhat.com>	2019-09-12 20:14:18 +02:00
Jan Lieskovsky	cfb225b499	[KEYCLOAK-8253] Improve the time complexity of LDAP groups synchronization (in the direction from LDAP provider to Keycloak) from exponential to linear time in the case of syncing flat LDAP groups structure Add a corresponding test (intentionally configured as to be ignored by CI/CD due to higher demand on time, required fo the test completion) Signed-off-by: Jan Lieskovsky <jlieskov@redhat.com>	2019-09-12 09:54:13 +02:00
Shiva Prasad Thagadur Prakash	ff8b790549	KEYCLOAK-10022 Fixing few admin events not raised bug	2019-09-11 18:01:10 -03:00
Cédric Couralet	9c37da0ee9	KEYCLOAK-8818 Support message bundle in theme resources	2019-09-11 08:03:16 +02:00
Juergen Lesny	c2f3350f8a	KEYCLOAK-11230 Update german translation in themes	2019-09-11 07:56:05 +02:00
mhajas	2703388946	KEYCLOAK-11245 Adapt LDAPConnectionTestManager to use newly introduced LDAPContextManager	2019-09-10 22:51:19 +02:00
Hynek Mlnarik	6738e063f4	KEYCLOAK-11072 Mark vault SPI as a public SPI	2019-09-10 16:54:47 +02:00
mhajas	9c2525ec1a	KEYCLOAK-11245 Use transcription object for LDAP bindCredential	2019-09-09 19:39:53 +02:00
Martin Kanis	4235422798	KEYCLOAK-11246 Use the transcription object for SMTP password	2019-09-09 13:27:11 +02:00
Hynek Mlnarik	9eb2e1d845	KEYCLOAK-11028 Use pessimistic locks to prevent DB deadlock when deleting objects	2019-09-09 10:57:49 +02:00

1 2 3 4 5 ...

11703 commits