keycloak-bot
4b44f7d566
Set version to 14.0.0-SNAPSHOT
2021-05-06 14:55:01 +02:00
Hynek Mlnarik
6d97a573e6
KEYCLOAK-17696 Make MapStorageFactory amphibian
2021-05-06 11:38:41 +02:00
Václav Muzikář
315b9e3c29
KEYCLOAK-17835 Account Permanent Lockout and login error messages
2021-05-03 09:39:34 +02:00
Takashi Norimatsu
65c48a4183
KEYCLOAK-12137 OpenID Connect Client Initiated Backchannel Authentication (CIBA) ( #7679 )
...
* KEYCLOAK-12137 OpenID Connect Client Initiated Backchannel Authentication (CIBA)
Co-authored-by: Andrii Murashkin <amu@adorsys.com.ua>
Co-authored-by: Christophe Lannoy <c4r1570p4e@gmail.com>
Co-authored-by: Pedro Igor <pigor.craveiro@gmail.com>
Co-authored-by: mposolda <mposolda@gmail.com>
2021-04-29 15:56:39 +02:00
vramik
162043beec
KEYCLOAK-17615 Move database initialization from KeycloakApplication to JpaConnectionProviderFactory
2021-04-28 13:43:48 +02:00
Martin Kanis
515bfb5064
KEYCLOAK-16378 User / client session map store
...
Co-authored-by: Martin Kanis <mkanis@redhat.com>
Co-authored-by: Hynek Mlnarik <hmlnarik@redhat.com>
2021-04-28 09:09:15 +02:00
Yoshiyuki Tabata
45202bd49a
KEYCLOAK-17637 Client Scope Policy for authorization service
2021-04-26 08:58:33 -03:00
AlistairDoswald
8b3e77bf81
KEYCLOAK-9992 Support for ARTIFACT binding in server to client communication
...
Co-authored-by: AlistairDoswald <alistair.doswald@elca.ch>
Co-authored-by: harture <harture414@gmail.com>
Co-authored-by: Michal Hajas <mhajas@redhat.com>
2021-04-16 12:15:59 +02:00
Takashi Norimatsu
42dec08f3c
KEYCLOAK-16805 Client Policy : Support New Admin REST API (Implementation) ( #7780 )
...
* KEYCLOAK-16805 Client Policy : Support New Admin REST API (Implementation)
* support tests using auth-server-quarkus
* Configuration changes for ClientPolicyExecutorProvider
* Change VALUE of table REALM_ATTRIBUTES to NCLOB
* add author tag
* incorporate all review comments
Co-authored-by: mposolda <mposolda@gmail.com>
2021-04-06 16:31:10 +02:00
vramik
185075d373
KEYCLOAK-14552 Realm Map Store
2021-03-31 15:49:03 +02:00
rmartinc
0a0caa07d6
KEYCLOAK-17215 Slowness issue while hitting /auth/admin/realms/$REALM/clients?viewableOnly=true after DELETE a role
2021-03-31 12:57:17 +02:00
vramik
c3b9c66941
KEYCLOAK-17460 invalidate client when assigning scope
2021-03-30 10:58:16 +02:00
Hynek Mlnarik
a36fafe04e
KEYCLOAK-17409 Support for amphibian (both component and standalone) provider
2021-03-25 13:28:20 +01:00
Michito Okai
298ab0bc3e
KEYCLOAK-7675 Support for Device Authorization Grant
2021-03-15 10:09:20 -03:00
Łukasz Dywicki
f58bf0deeb
Make sure additional params are passed between device request and user authnetication.
2021-03-15 10:09:20 -03:00
Hiroyuki Wada
9d57b88dba
KEYCLOAK-7675 Prototype Implementation of Device Authorization Grant.
...
Author: Hiroyuki Wada <h2-wada@nri.co.jp>
Date: Thu May 2 00:22:24 2019 +0900
Signed-off-by: Łukasz Dywicki <luke@code-house.org>
2021-03-15 10:09:20 -03:00
vramik
6e501946b1
KEYCLOAK-17021 Client Scope map store
2021-03-08 21:59:28 +01:00
Takashi Norimatsu
882f5ffea4
KEYCLOAK-15533 Client Policy : Extends Policy Interface to Migrate Client Registration Policies
...
Co-authored-by: Hryhorii Hevorkian <hhe@adorsys.com.ua>
Co-authored-by: Andrii Murashkin <amu@adorsys.com.ua>
2021-03-02 09:26:04 +01:00
mposolda
f4b5942c6c
KEYCLOAK-16755 ClearExpiredUserSessions optimization. Rely on infinispan expiration rather than Keycloak own background task.
2021-02-04 08:49:42 +01:00
Martin Kanis
8432513daa
KEYCLOAK-16908 Refactor UserSessionPersisterProvider
2021-01-29 09:29:00 +01:00
Hynek Mlnarik
78c05d2da2
KEYCLOAK-16118 Replace MapStorage.entrySet() with search by criteria
...
* Add model class parameter to MapStorage
* Add shortcut read(id) method to MapKeycloakTransaction
2021-01-20 16:20:56 +01:00
Hynek Mlnarik
6c07679446
KEYCLOAK-16584 Rename map to CRUD operations
...
* rename putIfAbsent() to create(), get() to read(), put() to update(), remove() to delete()
* move ConcurrentHashMapStorage to org.keycloak.models.map.storage.chm package
* Add javadoc to MapStorage
2021-01-20 16:20:56 +01:00
Martin Kanis
9f580e3ed8
KEYCLOAK-15695 Streamification cleanup
2021-01-20 14:39:53 +01:00
Michal Hajas
ba8e2fef6b
KEYCLOAK-15524 Cleanup user related interfaces
2021-01-18 16:56:10 +01:00
Takashi Norimatsu
5f445ec18e
KEYCLOAK-14200 Client Policy - Executor : Enforce Holder-of-Key Token
...
Co-authored-by: Hryhorii Hevorkian <hhe@adorsys.com.ua>
2021-01-12 11:21:41 +01:00
vramik
1402d021de
KEYCLOAK-14846 Default roles processing
2021-01-08 13:55:48 +01:00
keycloak-bot
75be33ccad
Set version to 13.0.0-SNAPSHOT
2020-12-16 17:31:55 +01:00
Stefan Guilhen
d6422e415c
[KEYCLOAK-16508] Complement methods for accessing user sessions with Stream variants
2020-12-15 19:52:31 +01:00
Michal Hajas
8e376aef51
KEYCLOAK-15847 Add MapUserProvider
2020-12-10 08:57:53 +01:00
Martin Kanis
f6be378eca
KEYCLOAK-14556 Authentication session map store
2020-12-07 20:48:59 +01:00
Stefan Guilhen
edef93cd49
[KEYCLOAK-16232] Streamify the UserCredentialStore and UserCredentialManager interfaces
2020-12-07 19:48:35 +01:00
Hynek Mlnarik
363df6cab4
KEYCLOAK-16405 Tests for storage logical layer
2020-11-25 12:16:48 +01:00
Stefan Guilhen
84df008bc2
[KEYCLOAK-16341] Make the new stream-based methods in server-spi user interfaces default instead of the collection-based versions.
...
- this ensures that providing implementation for the collection-based methods is enough, which preserves
backwards compatibility with older custom implementations.
- alternative interfaces now allow new implementations to focus on the stream variants of the query methods.
2020-11-18 21:07:51 +01:00
Martin Kanis
d9029b06b9
KEYCLOAK-15889 Streamification of ProtocolMappers
2020-11-10 16:40:34 +01:00
Stefan Guilhen
aa46735173
[KEYCLOAK-15200] Complement methods for accessing users with Stream variants
2020-11-10 15:13:11 +01:00
Martin Kanis
8d6577d66c
KEYCLOAK-15898 Streamification of Keymanager
2020-11-10 14:43:23 +01:00
Christoph Leistert
e131de9574
KEYCLOAK-14855 Added realm-specific localization texts which affect texts in every part of the UI (admin console / login page / personal info page / email templates). Also new API endpoints and a new UI screen to manage the realm-specific localization texts were introduced.
...
Co-authored-by: Daniel Fesenmeyer <daniel.fesenmeyer@bosch.io>
2020-10-30 08:02:43 -03:00
vramik
785f2e78bc
KEYCLOAK-14977 create MapRoleProvider
2020-10-30 08:15:22 +01:00
Hynek Mlnarik
925f089d62
KEYCLOAK-16077 Remove need for MapStorage.replace
2020-10-29 15:40:47 +01:00
stianst
74b5143c5e
KEYCLOAK-15498 Disable gzip encoding when themes are not cached
2020-10-22 09:07:37 +02:00
Daniel Fesenmeyer
de8d2eafa3
KEYCLOAK-14781 Extend Admin REST API with search by federated identity
...
- Add parameters idpAlias and idpUserId to the resource /{realm}/users and allow it to be combined with the other search parameters like username, email and so on
- Add attribute "federatedIdentities" to UserEntity to allow joining on this field
- extend integration test "UserTest"
2020-10-22 08:51:26 +02:00
Martin Kanis
086f7b4696
KEYCLOAK-15450 Complement methods for accessing realms with Stream variants
2020-10-14 08:16:49 +02:00
Elisabeth Schulz
73564c5815
KEYCLOAK-13983 Include algorithm parameters
...
Lazy initialization of additional parameters
2020-10-12 10:12:01 +02:00
Elisabeth Schulz
9143bc748f
KEYCLOAK-13983 Include algorithm parameters
...
Include suggestions made by @mposolda to enable more generic
usage
2020-10-12 10:12:01 +02:00
Elisabeth Schulz
396fec19a8
KEYCLOAK-13983 Include algorithm parameters
...
Adds the capacity to add both public and secret algorithm
specific data to a PasswordCredentialModel. The default
way to create the models in maintained to minimize the change
impact for the default hash infrastructure.
Publishes the PasswordCredentialModel constructor to
ease in building such extended credential models.
2020-10-12 10:12:01 +02:00
mposolda
ff05072c16
KEYCLOAK-15770 Skip creating session for docker protocol authentication
2020-10-09 07:53:26 +02:00
Thomas Darimont
12576e339d
KEYCLOAK-15146 Add support for searching users by emailVerified status
...
We now allow to search for users by their emailVerified status.
This enables users to easily find users and deal with incomplete user accounts.
2020-09-29 08:28:59 -03:00
mhajas
12bc84322a
KEYCLOAK-14974 Map group storage provider
2020-09-21 15:56:32 +02:00
Martin Kanis
5d5e56dde3
KEYCLOAK-15199 Complement methods for accessing roles with Stream variants
2020-09-16 16:29:51 +02:00
Benjamin Weimer
b2934e8dd0
KEYCLOAK-15327 backchannel logout invalidate offline session even if there is no corresponding active session found
2020-09-08 11:17:20 -03:00
Martin Kanis
4e9bdd44f3
KEYCLOAK-14901 Replace deprecated ClientProvider related methods across Keycloak
2020-09-07 13:11:55 +02:00
Konstantinos Georgilakis
1fa93db1b4
KEYCLOAK-14304 Enhance SAML Identity Provider Metadata processing
2020-09-02 20:43:09 +02:00
mhajas
bdccfef513
KEYCLOAK-14973 Create GroupStorageManager
2020-09-01 10:21:39 +02:00
Martin Kanis
d59a74c364
KEYCLOAK-15102 Complement methods for accessing groups with Stream variants
2020-08-28 20:56:10 +02:00
mhajas
ae39760a62
KEYCLOAK-14972 Add independent GroupProvider interface
2020-08-13 21:13:12 +02:00
David Hellwig
ddc2c25951
KEYCLOAK-2940 - draft - Backchannel Logout ( #7272 )
...
* KEYCLOAK-2940 Backchannel Logout
Co-authored-by: Benjamin Weimer <external.Benjamin.Weimer@bosch-si.com>
Co-authored-by: David Hellwig <hed4be@bosch.com>
2020-08-12 09:07:58 -03:00
vramik
6b00633c47
KEYCLOAK-14812 Create RoleStorageManager
2020-07-31 15:11:25 -03:00
vramik
bfa21c912c
KEYCLOAK-14811 Create RoleProvider and make it independent of ClientProvider and RealmProvider
2020-07-31 15:11:25 -03:00
Martin Idel
97400827d2
KEYCLOAK-14870: Fix bug where user is incorrectly imported
...
Bug: SerializedBrokeredIdentityContext was changed to mirror
UserModel changes. However, when creating the user in LDAP,
the username must be provided first (everything else can
be handled via attributes).
2020-07-29 11:33:41 +02:00
Martin Idel
bf411d7567
KEYCLOAK-14869: Fix nullpointer exception in FullNameLDAPStorageMapper
...
Setting an attribute should be possible with a list
containing no elements or a null list
This can happen e.g. when creating users via idps
using a UserAttributeStatementMapper.
Fix this unprotected access in other classes too
2020-07-28 09:54:37 +02:00
Martin Kanis
feef5b4db2
KEYCLOAK-14220 Complement methods for accessing clients with Stream variants
2020-07-27 10:38:39 +02:00
Lorent Lempereur
e82fe7d9e3
KEYCLOAK-13950 SAML2 Identity Provider - Send Subject in SAML requests
2020-07-24 21:41:57 +02:00
keycloak-bot
afff0a5109
Set version to 12.0.0-SNAPSHOT
2020-07-22 14:36:15 +02:00
Hynek Mlnarik
c566b46e8f
KEYCLOAK-14549 Make ClientProvider independent of RealmProvider
...
Co-Authored-By: vramik <vramik@redhat.com>
2020-07-22 00:08:15 +02:00
Hynek Mlnarik
ac0011ab6f
KEYCLOAK-14553 Client map store
...
Co-Authored-By: vramik <vramik@redhat.com>
2020-07-22 00:08:15 +02:00
Takashi Norimatsu
e0fbfa722e
KEYCLOAK-14189 Client Policy : Basics
2020-07-21 07:50:08 +02:00
vmuzikar
7087c081f0
KEYCLOAK-14023 Instagram User Endpoint change
...
Co-authored-by: Jean-Baptiste PIN <jibet.pin@gmail.com>
2020-07-10 17:36:51 -03:00
Pedro Igor
9c4da9b3ce
[KEYCLOAK-14147] - Request filter refactoring
...
Co-authored-by: Stian Thorgersen <stian@redhat.com>
Co-authored-by: Martin Kanis <mkanis@redhat.com>
2020-07-07 11:26:12 -03:00
Plamen Kostov
914b226d11
[KEYCLOAK-14282] Create additional filtering for GET /users endpoint for enabled/disabled users
2020-07-03 09:07:42 -03:00
Martin Idel
05b6ef8327
KEYCLOAK-14536 Migrate UserModel fields to attributes
...
- In order to make lastName/firstName/email/username field
configurable in profile
we need to store it as an attribute
- Keep database as is for now (no impact on performance, schema)
- Keep field names and getters and setters (no impact on FTL files)
Fix tests with logic changes
- PolicyEvaluationTest: We need to take new user attributes into account
- UserTest: We need to take into account new user attributes
Potential impact on users:
- When subclassing UserModel, consistency issues may occur since one can
now set e.g. username via setSingleAttribute also
- When using PolicyEvaluations, the number of attributes has changed
2020-06-25 14:50:57 +02:00
Pedro Igor
e16f30d31f
[KEYCLOAK-2343] - Allow exact user search by user attributes
...
Co-authored-by: Hynek Mlnařík <hmlnarik@users.noreply.github.com>
2020-06-10 12:02:50 -03:00
Yoshiyuki Tabata
f03ee2ec98
KEYCLOAK-14145 OIDC support for Client "offline" session lifespan
2020-06-04 14:24:52 +02:00
stianst
b04932ede5
KEYCLOAK-12414 Remove the need to specify defaults in config file
2020-05-13 09:02:29 -03:00
Michael Cooney
3291161954
KEYCLOAK-13818: Addressing performance issues with adding client scopes during realm creation. Removing redundant lookups by passing all scopes that need to be created at once.
2020-05-12 15:59:42 +02:00
keycloak-bot
ae20b7d3cd
Set version to 11.0.0-SNAPSHOT
2020-04-29 12:57:55 +02:00
Yoshiyuki Tabata
874642fe9e
KEYCLOAK-12406 Add "Client Session Max" and "Client Session Idle" for OIDC
2020-04-28 15:34:25 +02:00
Martin Idel
7e8018c7ca
KEYCLOAK-11862 Add Sync mode option
...
- Store in config map in database and model
- Expose the field in the OIDC-IDP
- Write logic for import, force and legacy mode
- Show how mappers can be updated keeping correct legacy mode
- Show how mappers that work correctly don't have to be modified
- Log an error if sync mode is not supported
Fix updateBrokeredUser method for all mappers
- Allow updating of username (UsernameTemplateMapper)
- Delete UserAttributeStatementMapper: mapper isn't even registered
Was actually rejected but never cleaned up: https://github.com/keycloak/keycloak/pull/4513
The mapper won't work as specified and it's not easy to tests here
- Fixup json mapper
- Fix ExternalKeycloakRoleToRoleMapper:
Bug: delete cannot work - just delete it. Don't fix it in legacy mode
Rework mapper tests
- Fix old tests for Identity Broker:
Old tests did not work at all:
They tested that if you take a realm and assign the role,
this role is then assigned to the user in that realm,
which has nothing to do with identity brokering
Simplify logic in OidcClaimToRoleMapperTests
- Add SyncMode tests to most mappers
Added tests for UsernameTemplateMapper
Added tests to all RoleMappers
Add test for json attribute mapper (Github as example)
- Extract common test setup(s)
- Extend admin console tests for sync mode
Signed-off-by: Martin Idel <external.Martin.Idel@bosch.io>
2020-04-24 15:54:32 +02:00
Takashi Norimatsu
8513760e25
KEYCLOAK-12176 WebAuthn: show the attestation statement format in the admin console
2020-04-23 10:01:19 +02:00
keycloak-bot
33314ae3ca
Set version to 10.0.0-SNAPSHOT
2020-04-21 09:19:32 +02:00
Stefan Guilhen
d3a4bef9a4
[KEYCLOAK-8789] Fix getAttribute(String name) implementations so they never return null
...
- user adapter classes were violating the UserModel contract as the javadoc for the method states that null must never be returned
2020-04-14 16:35:35 +02:00
Pedro Igor
b812159193
[KEYCLOAK-10675] - Deleting an Identity Provider doesn't remove the associated IdP Mapper for that user
2020-03-26 11:41:17 +01:00
keycloak-bot
f6a592b15a
Set version to 9.0.4-SNAPSHOT
2020-03-24 08:31:18 +01:00
mposolda
72e4690248
KEYCLOAK-13174 Not possible to delegate creating or deleting OTP credential to userStorage
2020-03-11 12:51:56 +01:00
mposolda
803f398dba
KEYCLOAK-12876 KEYCLOAK-13148 KEYCLOAK-13149 KEYCLOAK-13151 Re-introduce some changes to preserve UserStorage SPI backwards compatibility. Added test for backwards compatibility of user storage
2020-03-11 12:51:56 +01:00
rmartinc
ad3b9fc389
KEYCLOAK-12579: LDAP groups duplicated during UI listing of user groups
2020-03-11 06:14:29 +01:00
Sebastian Schuster
99aba33980
KEYCLOAK-13163 Fixed searching for user with fine-grained permissions
2020-03-09 09:56:13 -03:00
Pedro Igor
2f489a41eb
[KEYCLOAK-12192] - Missing Input Validation in IDP Authorization URLs
2020-03-05 06:32:35 +01:00
stianst
bcb542d9cc
KEYCLOAK-13116 Fix backwards compatilbity changes in LocaleSelectorSPI
2020-03-04 06:39:24 +01:00
stianst
9e47022116
KEYCLOAK-8044 Clear theme caches on hot-deploy
2020-02-20 08:50:10 +01:00
keycloak-bot
d352d3fa8e
Set version to 9.0.1-SNAPSHOT
2020-02-17 20:38:54 +01:00
mposolda
a76c496c23
KEYCLOAK-12860 KEYCLOAK-12875 Fix for Account REST Credentials to work with LDAP and social users
2020-02-14 20:24:42 +01:00
stianst
42773592ca
KEYCLOAK-9632 Improve handling of user locale
2020-02-14 08:32:20 +01:00
Axel Messinese
b73553e305
Keycloak-11526 search and pagination for roles
2020-02-05 15:28:25 +01:00
rmartinc
5b9eb0fe19
KEYCLOAK-10884: Need clock skew for SAML identity provider
2020-02-03 22:00:44 +01:00
Marek Posolda
154bce5693
KEYCLOAK-12340 KEYCLOAK-12386 Regression in credential handling when … ( #6668 )
2020-02-03 19:23:30 +01:00
Leon Graser
01a42f417f
Search and Filter for the count endpoint
2020-02-03 09:36:30 +01:00
Marek Posolda
d8e450719b
KEYCLOAK-12469 KEYCLOAK-12185 Implement nice design to the screen wit… ( #6690 )
...
* KEYCLOAK-12469 KEYCLOAK-12185 Add CredentialTypeMetadata. Implement the screen with authentication mechanisms and implement Account REST Credentials API by use the credential type metadata
2020-01-31 14:28:23 +01:00
Marek Posolda
d46620569a
KEYCLOAK-12174 WebAuthn: create authenticator, requiredAction and policy for passwordless ( #6649 )
2020-01-29 09:33:45 +01:00
Benjamin Weimer
dd9ad305ca
KEYCLOAK-12757 New Identity Provider Mapper "Advanced Claim to Role Mapper" with
...
following features
* Regex support for claim values.
* Support for multiple claims.
2020-01-23 07:17:22 -06:00
Peter Skopek
530b99c933
KEYCLOAK-12281 Fix export/import for users that have custom credential algorithms with no salt
...
- do not swallow exception when decoding salt
2020-01-23 05:43:29 -06:00
Peter Skopek
b8a8f88764
KEYCLOAK-12281 Fix export/import for users that have custom credential algorithms with no salt
...
- do not swallow exception when decoding salt
2020-01-23 05:43:29 -06:00
mposolda
f0d95da52d
KEYCLOAK-12281 Fix export/import for users that have custom credential algorithms with no salt
2020-01-23 05:43:29 -06:00
Stefan Guilhen
9f69386a53
[KEYCLOAK-11707] Add support for Elytron credential store vault
...
- Adds the elytron-cs-keystore provider that reads secrets from a keystore-backed elytron credential store
- Introduces an abstract provider and factory that unifies code that is common to the existing implementations
- Introduces a VaultKeyResolver interface to allow the creation of different algorithms to combine the realm
and key names when constructing the vault entry id
- Introduces a keyResolvers property to the existing implementation via superclass that allows for the
configuration of one or more VaultKeyResolvers, creating a fallback mechanism in which different key formats
are tried in the order they were declared when retrieving a secret from the vault
- Adds more tests for the files-plaintext provider using the new key resolvers
- Adds a VaultTestExecutionDecider to skip the elytron-cs-keystore tests when running in Undertow. This is
needed because the new provider is available only as a Wildfly extension
2019-12-18 11:54:06 +01:00
harture
26458125cb
[KEYCLOAK-12254] Fix re-evaluation of conditional flow ( #6558 )
2019-12-18 08:45:11 +01:00
Douglas Palmer
106e6e15a9
[KEYCLOAK-11859] Added option to always display a client in the accounts console
2019-12-17 17:12:49 -03:00
Cristian Schuszter
5c7ce775cf
KEYCLOAK-11472 Pagination support for clients
...
Co-authored-by: stianst <stianst@gmail.com>
2019-12-05 08:17:17 +01:00
Andrei Arlou
301e76c0b9
KEYCLOAK-12214 Fix minor warnings for collections in module "server-spi"
2019-11-26 08:57:21 +01:00
Andrei Arlou
448344f5ca
KEYCLOAK-12212 Remove unused imports from module "server-spi"
2019-11-26 08:41:45 +01:00
Andrei Arlou
71b17375de
KEYCLOAK-12213 Fix minor warnings with modificators for methods and fields in module "server-spi"
2019-11-26 08:39:34 +01:00
keycloak-bot
76aa199fee
Set version to 9.0.0-SNAPSHOT
2019-11-15 20:43:21 +01:00
stianst
3a36569e20
KEYCLOAK-9129 Don't expose Keycloak version in resource paths
2019-11-15 08:21:28 +01:00
AlistairDoswald
4553234f64
KEYCLOAK-11745 Multi-factor authentication ( #6459 )
...
Co-authored-by: Christophe Frattino <christophe.frattino@elca.ch>
Co-authored-by: Francis PEROT <francis.perot@elca.ch>
Co-authored-by: rpo <harture414@gmail.com>
Co-authored-by: mposolda <mposolda@gmail.com>
Co-authored-by: Jan Lieskovsky <jlieskov@redhat.com>
Co-authored-by: Denis <drichtar@redhat.com>
Co-authored-by: Tomas Kyjovsky <tkyjovsk@redhat.com>
2019-11-14 14:45:05 +01:00
stianst
b8881b8ea0
KEYCLOAK-11728 New default hostname provider
...
Co-authored-by: Hynek Mlnarik <hmlnarik@redhat.com>
2019-11-11 12:25:44 +01:00
pkokush
ff551c5545
KEYCLOAK-10307: check password history length in password verification ( #6058 )
2019-10-24 21:33:21 +02:00
Martin Kanis
37304fdd7d
KEYCLOAK-10728 Upgrade to WildFly 18 Final
2019-10-21 14:06:44 +02:00
Takashi Norimatsu
7c75546eac
KEYCLOAK-9360 Two factor authentication with W3C Web Authentication - 1st impl phase
...
* KEYCLOAK-9360 Two factor authentication with W3C Web Authentication - 1st impl phase
2019-10-01 15:17:38 +02:00
Cédric Couralet
9c37da0ee9
KEYCLOAK-8818 Support message bundle in theme resources
2019-09-11 08:03:16 +02:00
Hynek Mlnarik
6738e063f4
KEYCLOAK-11072 Mark vault SPI as a public SPI
2019-09-10 16:54:47 +02:00
Stefan Guilhen
bb9c811a65
[KEYCLOAK-10935] Add a vault transcriber implementation that can be obtained from the session.
...
- automatically parses ${vault.<KEY>} expressions to obtain the key that contains the secret in the vault.
- enchances the capabilities of the VaultProvider by offering methods to convert the raw secrets into other types.
2019-09-04 22:34:08 +02:00
Takashi Norimatsu
8225157a1c
KEYCLOAK-6768 Signed and Encrypted ID Token Support
2019-08-15 15:57:35 +02:00
Vlastimil Elias
4571f65d1e
KEYCLOAK-10209 - AuthenticationSessionModel made available through
...
KeycloakContext in KeycloakSession
2019-07-30 12:36:57 +02:00
keycloak-bot
17e9832dc6
Set version to 8.0.0-SNAPSHOT
2019-07-19 19:05:03 +02:00
Martin Kanis
efdf0f1bd8
KEYCLOAK-6839 You took too long to login after SSO idle
2019-07-10 10:15:26 +02:00
Tomasz Prętki
0376e7241a
KEYCLOAK-10251 New Claim JSON Type - JSON
2019-07-08 11:59:57 +02:00
keycloak-bot
49d4e935cb
Set version to 7.0.0-SNAPSHOT
2019-04-17 09:48:07 +01:00
Axel Messinese
e18fb56389
KEYCLOAK-4978 Add endpoint to get groups by role
2019-03-15 06:00:17 +01:00
rmartinc
231db059b2
KEYCLOAK-8996: Provide a way to set a responder certificate in OCSP/X509 Authenticator
2019-03-07 07:57:20 +01:00
keycloak-bot
e843d84f6e
Set version to 6.0.0-SNAPSHOT
2019-03-06 15:54:08 +01:00
Gideon Caranzo
4cd617bc42
KEYCLOAK-8977 Added method to return KeycloakSession from RealmCreationEvent
2019-02-21 11:21:54 +01:00
Thibault Nélis
cc79963f81
Fix typo: "credentia" -> "credential"
2019-02-21 11:20:06 +01:00
stianst
e06c705ca8
Set version 5.0.0
2019-02-21 09:35:14 +01:00
stianst
7c9f15778a
Set version to 4.8.3.Final
2019-01-09 20:39:30 +01:00
stianst
7c4890152c
Set version to 4.8.2
2019-01-03 14:43:22 +01:00
mposolda
c51c492996
KEYCLOAK-9050 Change LoginProtocol.authenticated to read most of the values from authenticationSession
2018-12-12 13:30:03 +01:00
Hynek Mlnarik
dad12635f6
KEYCLOAK-9014 Fix displayed applications
2018-12-10 09:59:46 +01:00
Pedro Igor
0c39eda8d2
[KECLOAK-8237] - Openshift Client Storage
2018-12-06 10:57:53 -02:00
stianst
b674c0d4d9
Prepare for 4.8.0.Final
2018-12-04 13:54:25 +01:00
mposolda
6db1f60e27
KEYCLOAK-7774 KEYCLOAK-8438 Errors when SSO authenticating to same client multiple times concurrently in more browser tabs
2018-11-21 21:51:32 +01:00
Takashi Norimatsu
0793234c19
KEYCLOAK-8460 Request Object Signature Verification Other Than RS256 ( #5603 )
...
* KEYCLOAK-8460 Request Object Signature Verification Other Than RS256
also support client signed signature verification by refactored token
verification mechanism
* KEYCLOAK-8460 Request Object Signature Verification Other Than RS256
incorporate feedbacks and refactor client public key loading mechanism
* KEYCLOAK-8460 Request Object Signature Verification Other Than RS256
unsigned request object not allowed
* KEYCLOAK-8460 Request Object Signature Verification Other Than RS256
revert to re-support "none"
2018-11-19 14:28:32 +01:00
mposolda
0533782d90
KEYCLOAK-7275 KEYCLOAK-5479 Faster offline sessions preloading at startup. Track lastSessionRefresh timestamps more properly by support bulk update to DB
2018-11-16 14:23:28 +01:00
Leon Graser
85f11873c3
KEYCLOAK-8613 Group Membership Pagination
2018-11-15 17:54:07 +01:00
Thomas Darimont
cf57a1bc4b
KEYCLOAK-1267 Add dedicated SSO timeouts for Remember-Me
...
Previously remember-me sessions where tied to the SSO max session
timeout which could lead to unexpected early session timeouts.
We now allow SSO timeouts to be configured separately for sessions
with enabled remember-me. This enables users to opt-in for longer
session timeouts.
SSO session timeouts for remember-me can now be configured in the
tokens tab in the realm admin console. This new configuration is
optional and will tipically host values larger than the regular
max SSO timeouts. If no value is specified for remember-me timeouts
then the regular max SSO timeouts will be used.
Work based on PR https://github.com/keycloak/keycloak/pull/3161 by
Thomas Darimont <thomas.darimont@gmail.com>
2018-11-15 06:11:22 +01:00
stianst
ecd476fb10
Prepare for 4.7.0.Final
2018-11-14 20:10:59 +01:00
mposolda
ffcd8e09e7
KEYCLOAK-8175 Possibility of clientScope not being used if user doesn't have a role
2018-10-31 18:04:41 +01:00
Graser Leon
9ef4c7fffd
KEYCLOAK-8377 Role Attributes
2018-10-24 22:04:28 +02:00
Gideon Caranzo
7d85ce93bb
KEYCLOAK-8555 queried only realms with user storage provider to speed up user storage sync bootstrap
2018-10-19 09:53:58 +02:00
vramik
7a96911a83
KEYCLOAK-8300 KEYCLOAK-8301 Wildfly 14 upgrade
...
Co-authored-by: Marek Posolda <mposolda@redhat.com>
2018-10-17 20:01:07 +02:00
stianst
86a2f28561
KEYCLOAK-8310 Add support to set fixed scheme on fixed hostname provider
2018-10-05 09:34:17 +02:00
mposolda
0d9b1e73b8
KEYCLOAK-7855 Cannot reset Client Consent Screen Text
2018-10-04 21:00:48 +02:00
mposolda
2a4cee6044
KEYCLOAK-6884 KEYCLOAK-3454 KEYCLOAK-8298 Default 'roles' and 'web-origins' client scopes. Add roles and allowed-origins to the token through protocol mappers
2018-10-04 12:00:38 +02:00
Pedro Igor
b4b3527df7
[KEYCLOAK-7950] - Fixes user pagination when using filtering users members of groups
2018-10-02 15:44:23 -03:00
stianst
c3fc9e9815
Set version to 4.6.0.Final-SNAPSHOT
2018-09-26 20:58:41 +02:00
Johannes Knutsen
d4a5c81034
KEYCLOAK-8146: Extract LocaleSelectorSPI to allow custom overrides of locale selection
2018-09-11 20:35:48 +02:00
stianst
24e60747b6
KEYCLOAK-7560 Refactor token signature SPI PR
...
Also incorporates:
KEYCLOAK-6770 ES256/384/512 providers
KEYCLOAK-4622 Use HS256 for refresh tokens
KEYCLOAK-4623 Use HS256 for client reg tokens
2018-09-11 08:14:10 +02:00
stianst
bf758809ba
KEYCLOAK-6229 OpenShift Token Review interface
2018-09-07 08:21:28 +02:00
stianst
1fb4ca4525
Set version to 4.5.0.Final
2018-09-06 20:08:02 +02:00
vramik
8761819b24
KEYCLOAK-8176 fix export issue for required action
2018-09-05 08:40:31 +02:00
mposolda
b70468341e
KEYCLOAK-7470 Ability to order client scopes
2018-08-29 14:37:27 +02:00
mposolda
959cd035ba
Set version to 4.3.0.Final-SNAPSHOT
2018-08-01 22:40:05 +02:00
stianst
f99299ee39
KEYCLOAK-7967 Introduce Hostname SPI
2018-08-01 11:57:45 +02:00
Hiroyuki Wada
7c0ca9aad2
KEYCLOAK-6313 Add required action's priority for customizing the execution order
2018-07-23 22:21:04 +02:00
mposolda
d0a824dde4
Updating version to 4.2.0.Final-SNAPSHOT
2018-07-05 07:42:48 -04:00
stianst
3c5027de3c
KEYCLOAK-7701 Refactor key providers to support additional algorithms
2018-06-29 14:14:25 +02:00
Takashi Norimatsu
2fb022e501
KEYCLOAK-7688 Offline Session Max for Offline Token
2018-06-26 08:25:06 +02:00
stianst
e1a0e581b9
Update to 4.1.0.Final-SNAPSHOT
2018-06-14 14:22:28 +02:00
Marek Posolda
49407c2e4f
KEYCLOAK-6630 Client scopes initial support ( #5076 )
...
* KEYCLOAK-6630 KEYCLOAK-349 Client Scopes
Co-authored-by: vramik <vramik@redhat.com>
* KEYCLOAK-6630 Change some clientTemplate occurences to clientScope
2018-06-08 15:38:38 +02:00
Martin Kanis
f429469fc8
KEYCLOAK-5270 Realm cookie path for IE<=11 users ( #5106 )
2018-05-31 08:44:34 +02:00
Stian Thorgersen
dbf5c395b0
Bump version to 4.0.0.Final ( #5224 )
2018-05-24 19:02:30 +02:00
Stian Thorgersen
90e5c7f3eb
Bump version to 4.0.0.Beta3-SNAPSHOT ( #5185 )
2018-05-02 14:32:20 +02:00
stianst
07fea02146
Bump versions to 4.0.0.Beta2-SNAPSHOT
2018-03-26 18:17:38 +02:00
Pedro Igor
91bdc4bde2
[KEYCLOAK-3169] - UMA 2.0 ( #4368 )
...
* [KEYCLOAK-3169] - UMA 2.0 Support
* [KEYCLOAK-3169] - Changes to account service and more tests
* [KEYCLOAK-3169] - Code cleanup and tests
* [KEYCLOAK-3169] - Changes to account service and tests
* [KEYCLOAK-3169] - Changes to account service and tests
* [KEYCLOAK-3169] - More tests
* [KEYCLOAK-3169] - Changes to adapter configuration
* [KEYCLOAK-3169] - Reviewing UMA specs and more tests
* [KEYCLOAK-3169] - Reviewing UMA specs and more tests
* [KEYCLOAK-3169] - Changes to UMA Grant Type and refactoring
* [KEYCLOAK-3169] - Refresh tokens for RPT responses and tests
* [KEYCLOAK-3169] - Changes to account my resources and policy enforcers
* [KEYCLOAK-3169] - Realm settings flag to enable/disable user-managed access in account mgmt console
* [KEYCLOAK-3169] - More changes to my resource pages in account mgmt console
* [KEYCLOAK-3169] - Need to enable user-managed on realm to run tests
* [KEYCLOAK-3169] - Removing more UMA 1.0 related code
* [KEYCLOAK-3169] - Only submit requests if ticket exists
* [KEYCLOAK-3169] - Returning UMA 401 response when not authenticated
* [KEYCLOAK-3169] - Removing unused code
* [KEYCLOAK-3169] - Removing unused code
* [KEYCLOAK-3169] - 403 response in case ticket is not created
* [KEYCLOAK-3169] - Fixing AbstractPhotozExampleAdapterTest#testClientRoleRepresentingUserConsent
* [KEYCLOAK-3169] - 403 status code only returned for non-bearer clients
2018-02-28 08:53:10 +01:00
Bill Burke
aa089980ce
Merge pull request #4942 from mstruk/KEYCLOAK-5807
...
KEYCLOAK-5807 Intermittent failures in UserStorageTest
2018-02-26 12:14:38 -05:00
stianst
505cf5b251
KEYCLOAK-6519 Theme resource provider
2018-02-09 08:28:59 +01:00
Marko Strukelj
62a9d4ea91
KEYCLOAK-5807 Under daily eviction policy user entries not returned from cache when they should
2018-02-02 19:27:23 +01:00
vramik
019c3c9ef9
KEYCLOAK-6146 realm import fails when password policy is specified
2018-02-02 08:30:06 +01:00
Bill Burke
126dd70efc
client stat improvement
2018-01-31 13:05:13 -05:00
Bill Burke
4bf23cc83a
caching
2018-01-29 12:28:17 -05:00
Bill Burke
1d8e38f0c6
admin console
2018-01-27 13:05:02 -05:00
Bill Burke
6b84b9b4b6
done 1st iteration
2018-01-27 09:47:16 -05:00
Bill Burke
ddad1cb8af
Merge remote-tracking branch 'upstream/master' into client-storage-spi
2018-01-25 10:08:37 -05:00
Bill Burke
8a17b61f4e
initial work
2018-01-25 10:08:26 -05:00
Bill Burke
7c66f76858
Merge pull request #4932 from patriot1burke/per-client-flow
...
KEYCLOAK-6335
2018-01-25 09:55:11 -05:00
Douglas Palmer
42759be6ff
[KEYCLOAK-6143] Remove Hmac prefix from algorithms in the OTP manual config pages
2018-01-25 07:10:30 +01:00
Bill Burke
a9297df89c
KEYCLOAK-6335
2018-01-23 12:09:49 -05:00
stianst
35ada9d636
KEYCLOAK-6289 Add ThemeSelectorSPI
2018-01-18 09:14:13 +01:00
stianst
0bedbb4dd3
Bump version to 4.0.0.CR1-SNAPSHOT
2017-12-21 15:06:00 +01:00
stianst
b303acaaba
KEYCLOAK-2120 Added manual setup page for OTP
2017-12-18 11:20:20 +01:00
Hynek Mlnarik
e4a91c0706
KEYCLOAK-6042 Encode user ID before storing in auth session
2017-12-15 15:16:26 +01:00
mposolda
63efee6e15
KEYCLOAK-5938 Authentication sessions: Support for logins of multiple tabs of same client
2017-12-12 08:01:02 +01:00
Bill Burke
5d5a200413
Merge pull request #4818 from patriot1burke/master
...
KEYCLOAK-5926
2017-12-08 09:59:32 -05:00
Bill Burke
0dee393071
KEYCLOAK-5926
2017-12-07 19:49:10 -05:00
stianst
c055ffb083
KEYCLOAK-4215 Consider session expiration when setting token timeouts
2017-12-07 10:45:02 +01:00
mposolda
8a0fa521c4
KEYCLOAK-5915 Support for sticky sessions managed by loadbalancer. Support for KeyAffinityService
2017-12-06 13:06:54 +01:00
stianst
37de8e9f69
Bump version to 3.4.2.Final-SNAPSHOT
2017-12-01 09:34:48 +01:00
mposolda
7b03eed9c8
KEYCLOAK-5797 Refactoring authenticationSessions to support login in multiple browser tabs with different clients
2017-11-30 12:56:45 +01:00
pedroigor
17748d5ba8
[KEYCLOAK-5660] - Adding UserQueryProvider.getUsersCount(realm, includeServiceAccount) method
2017-11-30 10:45:54 +01:00
Bill Burke
c66ff60c58
KEYCLOAK-5715
2017-11-17 11:34:32 -05:00
Bill Burke
485ba4a3e4
KEYCLOAK-5676
2017-11-15 10:29:02 -05:00
Bruno Oliveira
03d0488335
[KEYCLOAK-2052] Allows independently set timeouts for e-mail verification link and rest e.g. forgot password link
...
Co-authored-by: Hynek Mlnarik <hmlnarik@redhat.com>
2017-11-13 19:57:04 -02:00
Stian Thorgersen
128ff12f8f
Bump versions
2017-11-09 15:37:21 +01:00
Hynek Mlnarik
75c354fd94
KEYCLOAK-5745 Separate user and client sessions in infinispan
2017-10-26 10:39:41 +02:00
Marek Posolda
13fe9e7cf8
Merge pull request #4510 from glavoie/KEYCLOAK-3303
...
KEYCLOAK-3303: Allow reuse of refresh tokens.
2017-09-29 17:07:45 +02:00
mposolda
3b6e1f4e93
KEYCLOAK-5007 Used single-use cache for tracke OAuth code. OAuth code changed to be encrypted and signed JWT
2017-09-29 13:20:22 +02:00
Gabriel Lavoie
134daeac7f
KEYCLOAK-3303: Allow reuse of refresh tokens.
...
- Configurable max reuse count.
2017-09-28 15:30:40 -04:00
Bill Burke
fd025ae76b
Merge pull request #4209 from guitaro/feature/group-search-and-pagination
...
[KEYCLOAK-2538] - groups pagination and group search
2017-09-23 20:52:19 -04:00
Antonio Howcroft Ferreira
a551195ddf
KEYCLOAK-2035 update with feedback from PR by bburke
2017-09-22 15:05:49 +01:00
howcroft
e78bf5f876
Keycloak 2035
...
This PR adds:
* an endpoint to Role that lists users with the Role
* a tab "Users in Role" in Admin console Role page
* it is applicable to Realm and Client Roles
* Extends UserQueryProvider with default methods (throwing Runtime Exception if not overriden)
* Testing in base testsuite and Console
2017-09-22 15:05:49 +01:00
Léventé NAGY
503ce3a47f
Merge branch 'master' into feature/group-search-and-pagination
2017-09-13 10:27:38 +02:00
Levente NAGY
db56d82dbd
KEYCLOAK 2538 - UI group pagination - fix duplicate result for search + sort result
2017-09-12 11:45:37 +02:00
Hynek Mlnarik
24e9cbb292
KEYCLOAK-4899 Replace updates to user session with temporary auth session
2017-09-11 21:43:49 +02:00
Levente NAGY
2c24b39268
KEYCLOAK 2538 - UI group pagination
2017-09-07 19:39:06 +02:00
Stian Thorgersen
463661b051
Set version to 3.4.0.CR1-SNAPSHOT
2017-08-28 15:46:22 +02:00
mposolda
fe5891fbdb
KEYCLOAK-5293 Add notBefore to user
2017-08-23 08:58:26 +02:00
Levente NAGY
c8aa708cff
Merge remote-tracking branch 'upstream/master'
2017-08-10 18:14:49 +02:00
mposolda
07e2136b3b
KEYCLOAK-4187 Added UserSession support for cross-dc
2017-07-27 22:32:58 +02:00
Hynek Mlnarik
c36074c7f3
KEYCLOAK-4187 Minor updates (abstraction)
2017-07-18 15:08:06 +02:00
Stian Thorgersen
454c5f4d83
Set version to 3.3.0.CR1-SNAPSHOT
2017-06-30 09:47:11 +02:00
Josh Cain
89fcddd605
KEYCLOAK-3592 Docker auth implementation
2017-06-29 06:37:34 +02:00
Léventé NAGY
1a50e77a4d
Merge branch 'master' into feature/group-search-and-pagination
2017-06-26 20:36:36 +02:00
Bill Burke
bc05560d4d
Merge remote-tracking branch 'upstream/master'
2017-06-26 11:41:12 -04:00
Bill Burke
3ee86fedc7
Merge remote-tracking branch 'upstream/master'
2017-06-23 09:57:35 -04:00
Hynek Mlnarik
8f9ed32a66
KEYCLOAK-5078 ConcurrencyTest fails intermittently
...
This commit fixes 401 Unauthorized issues
2017-06-23 15:16:23 +02:00
Léventé NAGY
41d8d17062
Merge branch 'master' into feature/group-search-and-pagination
2017-06-22 17:41:30 +02:00
Bill Burke
d08ddade2e
merge
2017-06-21 17:43:54 -04:00
Bill Burke
52e40922bc
removal
2017-06-21 17:42:57 -04:00
mposolda
fc61a4e89f
KEYCLOAK-4631 Move ClientInitialAccessModel from userSession model to realm model
2017-06-21 22:14:20 +02:00
mposolda
e91dd011c5
KEYCLOAK-4438 Disable kerberos flow when provider removed
2017-06-21 09:38:20 +02:00
Levente NAGY
f377a45c4e
[KEYCLOAK-2538] - groups count for pagination limits
2017-06-07 20:52:22 +02:00
Levente NAGY
c4da7637d6
[KEYCLOAK-2538] - groups pagination and group search
2017-06-06 18:32:48 +02:00
Stian Thorgersen
8c53c5a90e
KEYCLOAK-4888
...
Change default hashing provider for realm
2017-05-30 09:54:05 +02:00
mposolda
5560175888
KEYCLOAK-4626 Changed javadoc. Remove unused ClientSessionModel class
2017-05-25 18:51:05 +02:00
Stian Thorgersen
097a2267f5
KEYCLOAK-4889
...
Improve error messages for password policies
2017-05-23 13:18:06 +02:00
Hynek Mlnarik
b8262a9f02
KEYCLOAK-4628 Single-use cache + its functionality incorporated into reset password token. Utilize single-use cache for relevant actions in execute-actions token
2017-05-11 22:16:26 +02:00
Hynek Mlnarik
c431cc1b01
KEYCLOAK-4627 IdP email account verification + code cleanup. Fix for concurrent access to auth session notes
2017-05-11 22:16:26 +02:00
mposolda
168153c6e7
KEYCLOAK-4626 Authentication sessions - SAML, offline tokens, broker logout and other fixes
2017-05-11 22:16:26 +02:00
Hynek Mlnarik
47aaa5a636
KEYCLOAK-4627 reset credentials and admin e-mails use action tokens. E-mail verification via action tokens.
2017-05-11 22:16:26 +02:00
mposolda
e7272dc05a
KEYCLOAK-4626 AuthenticationSessions - brokering works. Few other fixes and tests added
2017-05-11 22:16:26 +02:00
mposolda
a9ec69e424
KEYCLOAK-4626: AuthenticationSessions - working login, registration, resetPassword flows
2017-05-11 22:16:26 +02:00
mposolda
83b29c5080
KEYCLOAK-4626 AuthenticationSessions: start
2017-05-11 22:16:26 +02:00
Stian Thorgersen
c3a2b3a6b6
KEYCLOAK-4523 PBKDF2WithHmacSHA256 and PBKDF2WithHmacSHA512 providers
2017-05-11 11:58:22 +02:00
Eriksson Fabian
ca1152c3e5
KEYCLOAK-4204 Extend brute force protection with permanent lockout on failed attempts
...
- Can still use temporary brute force protection.
- After X-1 failed login attempt, if the user successfully logs in his/her fail login count is reset.
2017-04-28 09:02:10 +02:00
Stian Thorgersen
87dedb56e5
Set version to 3.2.0.CR1-SNAPSHOT
2017-04-27 14:23:03 +02:00
Stian Thorgersen
a87ee04024
Bump to 3.1.0.CR1-SNAPSHOT
2017-03-16 14:21:40 +01:00
Bill Burke
3bb29e033b
KEYCLOAK-4501, KEYCLOAK-4511, KEYCLOAK-4513
2017-03-03 09:48:52 -05:00
Bill Burke
cf5e2a1d20
unlink/remoteimported
2017-02-08 19:48:22 -05:00
Bill Burke
f128be9b31
LDAP No-Import
2017-02-04 10:29:34 -05:00
Bill Burke
79dede8e78
KEYCLOAK-4363
2017-02-01 10:19:15 -05:00
Stian Thorgersen
6f22f88d85
Bump version to 3.0.0.CR1
2017-01-26 06:18:11 +01:00
mposolda
843b4b470b
KEYCLOAK-2333 LDAP/MSAD password policies are not used when user changes password
2017-01-17 21:06:09 +01:00
Bill Burke
6aee6b0c46
KEYCLOAK-4220
2017-01-13 11:45:48 -05:00
Bill Burke
89e6f93fa4
KEYCLOAK-4099
2017-01-12 09:34:26 -05:00
Bill Burke
6ac1301dc2
Merge remote-tracking branch 'upstream/master'
2017-01-03 15:21:16 -05:00
Stian Thorgersen
e805ffd945
Bump version to 2.5.1.Final-SNAPSHOT
2016-12-22 08:22:18 +01:00
Bill Burke
172007f59c
conflict
2016-12-20 08:56:08 -05:00
Marek Posolda
c6363aa146
Merge pull request #3630 from sldab/duplicate-email-support
...
KEYCLOAK-4059 Support for duplicate emails
2016-12-19 15:37:18 +01:00
Slawomir Dabek
93cec9b3ee
KEYCLOAK-4059 Support for duplicate emails
2016-12-19 10:55:12 +01:00
Stian Thorgersen
f29bb7d501
KEYCLOAK-4092 key provider for HMAC signatures
2016-12-19 10:50:43 +01:00
Bruno Oliveira
15f23eb045
[KEYCLOAK-3560]: Unable to import exported users which contain terms_and_conditions required action
2016-12-06 15:29:56 -02:00
Hynek Mlnarik
3c4114091f
KEYCLOAK-4035 Composite roles need to be expanded in SAML attribute mapper
2016-12-05 16:16:08 +01:00
Bill Burke
8fd7091068
KEYCLOAK-3986
2016-12-03 09:33:52 -05:00
Bill Burke
ce50b0ed29
Merge remote-tracking branch 'upstream/master'
2016-12-02 19:26:34 -05:00
Bill Burke
e88af874ca
finish
2016-12-02 19:25:17 -05:00
Stian Thorgersen
5ecc8d1c71
KEYCLOAK-4006 Fix performance drop caused by changes to client session codes
2016-12-01 12:17:54 +01:00
Stian Thorgersen
b771b84f56
Bump to 2.5.0.Final-SNAPSHOT
2016-11-30 15:44:51 +01:00
Bill Burke
9e50a45b4c
UserBulkUpdateProvider interface
2016-11-29 18:43:22 -05:00
mposolda
69ce1e05f0
KEYCLOAK-3822 Changing signature validation settings of an external IdP is not sometimes reflected
2016-11-28 15:27:25 +01:00
mposolda
7c6032cc84
KEYCLOAK-3825 Ability to expire publicKeys cache. Migrated OIDCBrokerWithSignatureTest to new testsuite
2016-11-25 17:45:37 +01:00
Bill Burke
ccbd8e8c70
remove User Fed SPI
2016-11-23 16:06:44 -05:00
Bill Burke
d5925b8ccf
remove realm UserFed SPI methods
2016-11-23 08:31:20 -05:00
Bill Burke
045d6ef1d0
Merge remote-tracking branch 'upstream/master'
2016-11-22 11:28:09 -05:00
Stian Thorgersen
6ec82865d3
Bump version to 2.4.1.Final-SNAPSHOT
2016-11-22 14:56:21 +01:00
Bill Burke
798fd84698
Merge remote-tracking branch 'upstream/master'
2016-11-21 11:33:52 -05:00
Bill Burke
19575b2c8f
port kerberos
2016-11-21 11:33:44 -05:00
mposolda
76bfbad2c4
KEYCLOAK-3895 Make UserSessionProvider and UserSessionPersisterProvider to rely on UserRemovedEvent callbacks
2016-11-18 15:58:33 +01:00
Marek Posolda
3e71aeddf3
Merge pull request #3479 from hmlnarik/KEYCLOAK-3469-UserRealmRoleMapper
...
KEYCLOAK-3469 Make role mappers account for user groups
2016-11-18 09:21:56 +01:00
mposolda
a27be0cee7
KEYCLOAK-3857 Clustered invalidation cache fixes and refactoring. Support for cross-DC for invalidation caches.
2016-11-16 22:29:23 +01:00
Stian Thorgersen
b4f072ed81
KEYCLOAK-3882 Move more provider factories and SPIs to private
2016-11-15 12:05:25 +01:00
Bill Burke
cc0eb47814
merge
2016-11-14 15:09:41 -05:00
Hynek Mlnarik
750e942267
KEYCLOAK-3469 Make role mappers account for user groups
2016-11-14 11:38:00 +01:00
Bill Burke
8a5f817030
ldap jpa migration
2016-11-10 16:52:18 -05:00
Stian Thorgersen
7e33f4a7d1
KEYCLOAK-3882 Split server-spi into server-spi and server-spi-private
2016-11-10 13:28:42 +01:00
Bill Burke
4880c0443c
ldap port admin console
2016-11-08 12:30:20 -05:00
Bill Burke
14dc0ff92f
Merge remote-tracking branch 'upstream/master'
2016-11-05 20:05:01 -04:00
Bill Burke
4302b440ee
ldap port
2016-11-05 20:04:53 -04:00
Bill Burke
c75dcb90c2
ldap port
2016-11-04 21:25:47 -04:00
Pedro Igor
706c1e2660
[KEYCLOAK-3704] - Registering UserSinchronizer to remove resources when the owner is removed
2016-11-02 21:40:58 -02:00
Bill Burke
ccaac40863
Merge pull request #3437 from patriot1burke/master
...
disable credential type REST and admin ui
2016-10-28 11:33:16 -04:00
Stian Thorgersen
b6b567f948
Merge pull request #3441 from stianst/KEYCLOAK-3733
...
KEYCLOAK-3733 Set default max results for paginated endpoints
2016-10-28 10:36:24 +02:00
Stian Thorgersen
a9d47287ee
KEYCLOAK-3733 Set default max results for paginated endpoints
2016-10-28 09:15:05 +02:00
Stian Thorgersen
db428dad1d
KEYCLOAK-3828
...
Component uses wrong role
2016-10-28 07:56:44 +02:00
Bill Burke
91da6a47d7
disable cred types ui
2016-10-27 16:17:02 -04:00
Bill Burke
6e773c84e8
Merge remote-tracking branch 'upstream/master'
2016-10-26 15:48:55 -04:00
Bill Burke
73e3f2a89b
REST API for disable cred type
2016-10-26 15:48:45 -04:00
Bill Burke
69dddfa73a
Merge pull request #3428 from patriot1burke/master
...
storage link on user detail
2016-10-26 14:58:33 -04:00
Stian Thorgersen
21459d0f43
Merge pull request #3430 from stianst/KEYCLOAK-3819
...
KEYCLOAK-3819 Add support to change name of components
2016-10-26 11:39:27 +02:00
Stian Thorgersen
a8c844828d
KEYCLOAK-3819 Add support to change name of components
2016-10-26 10:00:58 +02:00
Bill Burke
3129e392b0
storage link on user detail
2016-10-25 16:50:34 -04:00
Bill Burke
f8a78d5565
finish cache policy
2016-10-25 16:13:22 -04:00
Bill Burke
68e853b4bd
Merge remote-tracking branch 'upstream/master'
2016-10-25 13:40:32 -04:00
Bill Burke
2cc4a920a0
fix
2016-10-25 13:40:24 -04:00
Bill Burke
b67cb0e97a
Merge remote-tracking branch 'upstream/master'
2016-10-25 11:44:22 -04:00
Stian Thorgersen
4b27e66714
KEYCLOAK-3782 Keysize for rsa-generated should be a dropdown
2016-10-25 08:52:02 +02:00
Bill Burke
3e28ac1e46
user spi cache policy
2016-10-24 15:36:37 -04:00
mposolda
c79378ca5f
KEYCLOAK-3779 ClientRegistrationPolicies test failing
2016-10-21 10:24:51 +02:00
Stian Thorgersen
4d47f758fc
Merge pull request #3405 from stianst/master
...
Bump version
2016-10-21 10:11:59 +02:00
Stian Thorgersen
c615674cbb
Bump version
2016-10-21 07:03:15 +02:00
Stian Thorgersen
9f8fb98083
Merge pull request #3382 from stianst/KEYCLOAK-3763
...
KEYCLOAK-3763
2016-10-20 21:24:11 +02:00
Bill Burke
fd86f3bda8
Merge pull request #3399 from patriot1burke/master
...
realm cache event
2016-10-20 14:02:41 -04:00
Stian Thorgersen
772a1580ff
Merge pull request #3403 from mposolda/master
...
KEYCLOAK-3773 Testsuite failing with mongo
2016-10-20 19:31:37 +02:00
Stian Thorgersen
5a00aaefa8
KEYCLOAK-2594
...
bind credential being leaked in admin tool JSON response
KEYCLOAK-2972
Keycloak leaks configuration passwords in Admin Event logs
2016-10-20 19:30:59 +02:00
mposolda
c4ad84945c
KEYCLOAK-3773 Testsuite failing with mongo
2016-10-20 17:47:34 +02:00
Bill Burke
36c2422fa4
realm cache event
2016-10-20 10:35:28 -04:00
Stian Thorgersen
839c4e8ede
KEYCLOAK-3772
...
Login with Twitter is not working
2016-10-20 15:05:07 +02:00
Bill Burke
1f00625930
Merge pull request #3386 from patriot1burke/master
...
test component import/export
2016-10-19 19:58:59 -04:00
Bill Burke
cdf7dd3a6c
Merge pull request #3372 from patriot1burke/master
...
onCreate for Components
2016-10-19 16:21:20 -04:00
Bill Burke
97dd10883c
test component import/export
2016-10-19 16:20:59 -04:00
mposolda
3779bfb6b4
KEYCLOAK-3666 client registration policies - polishing
2016-10-19 17:45:23 +02:00
mposolda
4136d76b7e
Minor javadoc update
2016-10-19 17:45:23 +02:00
mposolda
964cd50f1d
KEYCLOAK-3666 Added client reg policies for maxClients and clientDisabled
2016-10-19 17:45:23 +02:00
Bill Burke
fdb8c04ac9
Merge remote-tracking branch 'upstream/master'
2016-10-19 10:06:48 -04:00
Bill Burke
46e32b36d2
onCreate for Components
2016-10-19 10:06:09 -04:00
Stian Thorgersen
bbc1d26b72
Merge pull request #3367 from stianst/KEYCLOAK-3745
...
KEYCLOAK-3745 Change attributes in user rep
2016-10-19 14:01:39 +02:00
Stian Thorgersen
4efe12cb93
KEYCLOAK-3745 Change attributes in user rep
2016-10-19 12:15:13 +02:00
Stian Thorgersen
24715eabec
KEYCLOAK-3737
...
Migration problem from version 1.9.8 to 2.2.1
2016-10-19 09:06:55 +02:00
Bill Burke
2199df71bf
Merge remote-tracking branch 'upstream/master'
2016-10-18 10:14:00 -04:00
Bill Burke
4182e4d92a
federated import/export
2016-10-18 10:13:51 -04:00
Marek Posolda
940237ee78
Merge pull request #3304 from hmlnarik/KEYCLOAK-2964
...
KEYCLOAK-2964 - Fix groups not applied for authentication of admin operations
2016-10-18 14:50:12 +02:00
mposolda
a7287aad36
KEYCLOAK-3499 More fixes for IncludeInUserInfo. Fixing tests and migration
2016-10-18 13:09:30 +02:00
mposolda
00879b39b7
KEYCLOAK-3719 Add 'options' to ProviderConfigProperty and use it for 'List' type instead of defaultValue
2016-10-17 21:34:21 +02:00
Geir Ole Hiåsen Stevning
95f62c6aeb
KEYCLOAK-3626 - CreatedDate and lastUpdatedDate on user consent
2016-10-17 13:53:12 +02:00
mposolda
5732b2c58f
KEYCLOAK-3716 Unable to start Keycloak on wildfly
2016-10-17 12:22:33 +02:00
mposolda
18e0c0277f
KEYCLOAK-3666 Dynamic client registration policies
2016-10-14 20:20:40 +02:00
Bill Burke
8c8a39c833
sync and import
2016-10-13 20:49:02 -04:00
Bill Burke
0938390654
sync and import
2016-10-13 20:38:49 -04:00
Stian Thorgersen
d2cae0f8c3
KEYCLOAK-905
...
Realm key rotation for OIDC
2016-10-13 11:19:52 +02:00
Hynek Mlnarik
03cf9bad2e
KEYCLOAK-2964 - Fix groups not applied for authentication of admin operations
2016-10-11 15:21:38 +02:00
Bill Burke
74325fe133
initial sync/import spi
2016-10-06 14:48:53 -04:00
Bill Burke
c5600e888d
revactor CredentialValidationOutput apis
2016-10-04 17:26:45 -04:00
Bill Burke
4af0976194
remove UserCredValueModel and hold hash providers
2016-10-04 12:34:15 -04:00
mposolda
0f9798a10d
KEYCLOAK-3493 KEYCLOAK-3532 Renamed KeyStorageProvider to PublicKeyStorageProvider
2016-10-03 15:23:50 +02:00
Bill Burke
d4c3fae546
merge conflicts
2016-09-30 19:19:12 -04:00
Bill Burke
6a4e413bf4
final mongo fixes
2016-09-30 19:08:34 -04:00
Bill Burke
110f6ad549
mongo fed
2016-09-30 16:48:59 -04:00
mposolda
f9a0abcfc4
KEYCLOAK-3493 KEYCLOAK-3532 Added KeyStorageProvider. Support key rotation for OIDC clients and identity providers with JWKS url.
2016-09-30 21:28:23 +02:00
Stian Thorgersen
5d34b7e682
Merge pull request #3189 from thomasdarimont/issue/KEYCLOAK-3491-revise-scripting-support
...
KEYCLOAK-3491 Revise Scripting Support
2016-09-29 10:12:15 +02:00
Bill Burke
8967ca4066
refactor mongo entities, optimize imports
2016-09-28 15:25:39 -04:00
Stian Thorgersen
a58c985934
Merge pull request #3268 from stianst/REVIEW
...
KEYCLOAK-2438
2016-09-28 13:27:26 +02:00
Stian Thorgersen
34f62eb31d
Fixes to [KEYCLOAK-2438] PR
2016-09-28 10:25:37 +02:00
Bill Burke
d65cc830eb
mongo fixes
2016-09-27 17:07:16 -04:00
Bruno Oliveira
98d2fe15e8
[KEYCLOAK-2438] - Add display name to social login buttons
...
[KEYCLOAK-3291] - Names of social identity providers are wrongly capitalized (eg GitHub vs Github)
2016-09-26 13:36:28 -03:00