Michael Thirion
44ab3f46b7
[KEYCLOAK-6008] - Spring Boot does not honour wildcard auth-role ( #6579 )
2019-12-24 19:06:55 -03:00
Asbjørn Dyhrberg Thegler
1162455f32
KEYCLOAK-10894 Adds a ready indicating promise
...
This is non-intrusive and backwards compatible. With this change it is possible
to `await keycloakAuthorization.ready` to make sure the component has been
properly initialized.
2019-12-24 18:33:20 -03:00
Pedro Igor
e316e2a2f0
[KEYCLOAK-8616] - Process requests only if a deployment can be resolved
2019-12-20 13:33:12 +01:00
Pedro Igor
3bd193acd7
[KEYCLOAK-12412] - Policy enforcer should consider charset when comparing the content-type of the request
2019-12-19 14:14:33 +01:00
keycloak-bot
76aa199fee
Set version to 9.0.0-SNAPSHOT
2019-11-15 20:43:21 +01:00
scranen
2d3f771b70
Cookie token store not working in Spring Security adapter
...
Co-authored-by: scranen <scranen@gmail.com>
Co-authored-by: rainerfrey <frey.rainer@gmail.com>
Co-authored-by: pedroigor <pigor.craveiro@gmail.com>
2019-11-13 16:54:45 +01:00
Andrei Arlou
df5cdea1e8
KEYCLOAK-12006 Use diamond operator in module adapters/oidc/as7-eap6
2019-11-13 09:54:10 +01:00
Andrei Arlou
dca8835fbc
KEYCLOAK-12008 Fix minor warnings in module adapters/oidc/installed
2019-11-13 09:35:49 +01:00
Andrei Arlou
7f1de02ca0
KEYCLOAK-11994 Fix minor warnings in module in adapters/oidc/adapter-core
2019-11-11 09:49:13 +01:00
Andrei Arlou
066cdb7dec
KEYCLOAK-11993 Remove unused import and use diamond operator for collection in module adapters/oidc/adapter-core
2019-11-11 09:42:12 +01:00
Leonid Rozenblyum
a4edb083c3
KEYCLOAK-6752, KEYCLOAK-6565
...
Fixed missing deployment after deserialization.
Other adapters already have logic for filling in deployment when it's
missing in the context, Spring Security adapter lacked that feature.
The solution is based on an attachment
https://issues.jboss.org/secure/attachment/12431091/FixKeycloakSecurityContextRequestFilter.java
from https://issues.jboss.org/browse/KEYCLOAK-6565
2019-11-08 11:51:27 -03:00
Jon Koops
5281a38cf7
[KEYCLOAK-11771] Add missing type definitions for config
2019-11-08 10:36:04 -03:00
Jon Koops
913056b2b2
[KEYCLOAK-11971] Remove credentials option from configuration
2019-11-08 11:36:18 +01:00
sebastienblanc
263a64ef0a
add a legacy shaded adapters jar for spring boot 1
2019-11-07 13:58:20 +01:00
Stian Thorgersen
f14f92ab0b
KEYCLOAK-6073 Make adapters use discovery endpoint for URLs instead of hardcoding ( #6412 )
2019-11-06 10:34:35 +01:00
Peter Skopek
d0386dab85
KEYCLOAK-8785 remove k_version endpoint ( #6428 )
2019-11-05 11:35:55 +01:00
Douglas Palmer
a32c8c5190
[KEYCLOAK-11185] Fixed build with JDK 11
2019-11-04 10:56:07 -03:00
Leonid Rozenblyum
61561968ed
KEYCLOAK-10266 Allows proper handling of Single Sign Out events.
...
It was incorrectly relying on web application listeners on session
destruction.
While it's used as a Spring Bean (declared in
KeycloakWebSecurityConfigurerAdapter) so it has to use Spring-based
facility.
See also https://lists.jboss.org/pipermail/keycloak-user/2016-March/005479.html
2019-10-30 15:47:45 +01:00
Benjamin Bentmann
d6f56e58c1
KEYCLOAK-11806 Fix SAML adapter to not fail upon receiving a login response without the optional Destination attribute
2019-10-29 23:12:15 +01:00
Peter Sönder
68fa37b4cd
[KEYCLOAK-11765] Changed to jdk7 compliant code
2019-10-29 13:35:22 +01:00
Peter Sönder
6c83b36360
Do not log when failure.getError is blank/empty
...
Sometimes the error message is blank, which results in an empty error line getting logged.
Since the catch always logs "failed to turn code into token" and "status from server: " + failure.getStatus() (on separate lines) this extra blank line is simply noise in the log.
2019-10-29 13:35:22 +01:00
Denis Richtárik
6bf1e8a9a7
KEYCLOAK-9979 Remove keycloak-servlet-oauth-client ( #6423 )
2019-10-24 17:28:41 +02:00
mhajas
ac71ee9633
KEYCLOAK-11081 Include jetty94 adapter to product build
2019-10-23 15:53:37 +02:00
Martin Reinhardt
21a62a2670
[KEYCLOAK-6376] Reorganize imports and revert pom changes
2019-10-21 10:41:04 +02:00
Martin Reinhardt
eed4449f8d
[KEYCLOAK-6376] Fixing Conditional OTP by reusing existing API for role checks
2019-10-21 10:41:04 +02:00
Phil Brown
85ead8b38a
KEYCLOAK-11740:
...
Fix debug message that does not properly handle single quotes
according to java.text.MessageFormat, which in turn causes the
replacement to not be handled.
Signed-off-by: Phil Brown <brownp@stellarscience.com>
2019-10-17 13:02:03 +02:00
stianst
ceeb087dbd
KEYCLOAK-8938 TypeError: kc.login(...).success is not a function
2019-10-16 17:57:18 +02:00
Martin Kanis
4d872d0c2c
KEYCLOAK-11527 Override version of jboss-as-subsystem-test for product profile
2019-10-10 21:09:22 +02:00
stianst
7866a6cff3
Playing with Travis
2019-10-09 10:10:20 +02:00
Martin Kanis
9200a33346
KEYCLOAK-11527 Change type of jboss-as-subsystem-test artifact to pom for product
2019-10-07 13:12:16 +02:00
Jon Koops
bc5b4de79e
[KEYCLOAK-11435] Log deprecation warning for usage of non-native Promises
2019-10-03 10:55:22 -04:00
rmartinc
6283c7add3
KEYCLOAK-10975: Clock skew configuration in keycloak-saml.xml can't be found in the keycloak-saml subsystem
2019-09-27 09:35:03 +02:00
Jon Koops
ff77b549ec
[KEYCLOAK-11193] Change 'disableLogging' to 'enableLogging' and default to false
2019-09-24 10:31:02 -03:00
Stefan Guilhen
b833ce9dd3
[KEYCLOAK-11485] Add test case for the as7-eap6 SAML subsystem
2019-09-19 13:39:24 +02:00
Jon Koops
0b9c6192a3
KEYCLOAK-11193 Allow JavaScript logging to be disabled
2019-09-19 07:09:32 -03:00
rmartinc
7f54a57271
KEYCLOAK-10757: Replaying assertion with signature in SAML adapters
2019-09-18 16:49:00 +02:00
Karel Hala
f8e4ccd57a
KEYCLOAK-11195 Add module loading to dependencies
...
Use window global libraries for AMD
2019-09-13 14:47:45 -03:00
Stefan Guilhen
60205845a8
[KEYCLOAK-7264] Add a RoleMappingsProvider SPI to allow for the configuration of custom role mappers in the SAML adapters.
...
- Provides a default implementation based on mappings loaded from a properties file.
- Role mappers can also be configured in the keycloak-saml susbsytem.
2019-09-09 05:24:25 -03:00
jferrer
97fccd6d50
KEYCLOAK-10910 login function now uses promise type specified in init
2019-09-06 15:24:31 -04:00
Jon Koops
c902896ab6
KEYCLOAK-11196 Document the type for the useNonce
option
2019-08-30 14:34:20 -04:00
Jon Koops
2d465df94d
KEYCLOAK-11194 Remove dead code from JavaScript adapter
2019-08-30 14:32:54 -04:00
Niko Köbler
49e9cd759b
KEYCLOAK-10734 Let the check-sso feature do the check in hidden iframe
2019-08-20 15:41:09 -03:00
Martin Kanis
75d2ec8ff6
KEYCLOAK-11012 Unable to install EAP6 adapter
2019-08-16 12:44:50 +02:00
Valeran86
b0d0d3e579
[KEYCLOAK-10849] - KeycloakRole equals only with itself
...
I use Keycloak Spring Adapter (KSA) to secure existing application. Today I realized that some functions didn't work anymore because of security checking like this:
```
GrantedAuthority adminRole = new MySpecialGrantedAuthority( "superadmin" );
for ( GrantedAuthority role : userRoles ) {
if ( role.equals( adminRole ) ) {
return true;
}
}
```
In this example, when I use KSA authorization fails.
I believe, that more preferable in `KeycloakRole` use this implementation of `equals` method.
2019-08-16 05:20:03 -03:00
Takashi Norimatsu
8225157a1c
KEYCLOAK-6768 Signed and Encrypted ID Token Support
2019-08-15 15:57:35 +02:00
mhajas
4b18c6a117
KEYCLOAK-7207 Check session expiration for SAML session
2019-07-24 13:35:07 +02:00
keycloak-bot
17e9832dc6
Set version to 8.0.0-SNAPSHOT
2019-07-19 19:05:03 +02:00
Hynek Mlnarik
67f8622d13
KEYCLOAK-8318 Workaround Elytron's double encoding of the query parameters
...
Co-Authored-By: mhajas <mhajas@redhat.com>
2019-07-19 14:37:38 +02:00
Stefan Guilhen
ceaae7a254
[KEYCLOAK-10384] Add equals and hashCode to KeycloakUndertowAccount, SamlPrincipal and SamlSession to avoid cache misses in the PicketBox JAAS auth manager
2019-07-18 21:08:22 +02:00
kuan
1c5f7c1420
Update KeycloakTokenParsed definition.
...
To match KeycloakInstance's realm access and resources access.
2019-07-17 15:29:34 -04:00