Takashi Norimatsu
88bfa563df
KEYCLOAK-2604 Proof Key for Code Exchange by OAuth Public Clients - RFC
...
7636 - Server Side Implementation
2017-02-03 10:38:54 +09:00
Stian Thorgersen
5fd3eb2990
KEYCLOAK-3729 Ability to run tests within Keycloak server
2017-01-27 12:14:19 +01:00
Stian Thorgersen
6f22f88d85
Bump version to 3.0.0.CR1
2017-01-26 06:18:11 +01:00
Stian Thorgersen
426e55664f
KEYCLOAK-4176
2017-01-10 08:02:49 +01:00
Stian Thorgersen
e805ffd945
Bump version to 2.5.1.Final-SNAPSHOT
2016-12-22 08:22:18 +01:00
Stian Thorgersen
b6b3c04400
Merge pull request #3663 from sldab/autodetect-bearer-only
...
KEYCLOAK-2962 Autodetect bearer-only clients
2016-12-20 14:05:25 +01:00
Stian Thorgersen
f6323d94ec
Merge pull request #3676 from stianst/KEYCLOAK-4109
...
KEYCLOAK-4109 Ability to disable impersonation
2016-12-20 09:35:03 +01:00
Stian Thorgersen
eb7ad07e31
KEYCLOAK-4109 Ability to disable impersonation
2016-12-20 08:46:21 +01:00
Pedro Igor
0b3e867362
[KEYCLOAK-4034] - Minor changes to policy enforcer
2016-12-19 23:44:51 -02:00
Pedro Igor
40591cff25
Merge pull request #3662 from pedroigor/KEYCLOAK-4034
...
[KEYCLOAK-4034] - Improvements to UI, performance and some code cleanup
2016-12-19 16:49:10 -02:00
Slawomir Dabek
b6d29ccd30
KEYCLOAK-2962 Autodetect bearrer-only clients
...
Suport more headers
2016-12-19 17:13:14 +01:00
Marek Posolda
c6363aa146
Merge pull request #3630 from sldab/duplicate-email-support
...
KEYCLOAK-4059 Support for duplicate emails
2016-12-19 15:37:18 +01:00
Pedro Igor
c9c9f05e29
[KEYCLOAK-4034] - Improvements to UI, performance and some code cleanup
2016-12-19 11:22:37 -02:00
Slawomir Dabek
93cec9b3ee
KEYCLOAK-4059 Support for duplicate emails
2016-12-19 10:55:12 +01:00
Stian Thorgersen
f29bb7d501
KEYCLOAK-4092 key provider for HMAC signatures
2016-12-19 10:50:43 +01:00
mposolda
a38544796f
KEYCLOAK-3823 KEYCLOAK-3824 Added public-key-cache-ttl for OIDC adapters. Invalidate cache when notBefore sent
2016-12-01 12:25:07 +01:00
Stian Thorgersen
b771b84f56
Bump to 2.5.0.Final-SNAPSHOT
2016-11-30 15:44:51 +01:00
Bill Burke
1dacddb7e3
KEYCLOAK-3980
2016-11-28 12:20:40 -05:00
Stian Thorgersen
6ec82865d3
Bump version to 2.4.1.Final-SNAPSHOT
2016-11-22 14:56:21 +01:00
Pedro Igor
9b2ef96b22
[KEYCLOAK-3830] - Allow to configure enforcement-mode to a path definition
2016-11-17 20:50:28 -02:00
Bill Burke
cc0eb47814
merge
2016-11-14 15:09:41 -05:00
Bill Burke
c75dcb90c2
ldap port
2016-11-04 21:25:47 -04:00
Hynek Mlnarik
057cc37b60
KEYCLOAK-1881 Clone OIDC adapter HttpClient tools to SAML adapter
...
and
KEYCLOAK-1881 Extract httpclient configuration from AdapterConfig
2016-11-04 21:53:43 +01:00
Bill Burke
ccaac40863
Merge pull request #3437 from patriot1burke/master
...
disable credential type REST and admin ui
2016-10-28 11:33:16 -04:00
Bill Burke
91da6a47d7
disable cred types ui
2016-10-27 16:17:02 -04:00
sebastien blanc
621d234adc
renaming fields to align with json names
2016-10-27 16:16:30 +02:00
sebastien blanc
e8dd05619b
KEYCLOAK-3796 : add missing setters
2016-10-27 14:41:52 +02:00
Bill Burke
3129e392b0
storage link on user detail
2016-10-25 16:50:34 -04:00
Stian Thorgersen
c615674cbb
Bump version
2016-10-21 07:03:15 +02:00
mposolda
3779bfb6b4
KEYCLOAK-3666 client registration policies - polishing
2016-10-19 17:45:23 +02:00
Stian Thorgersen
4efe12cb93
KEYCLOAK-3745 Change attributes in user rep
2016-10-19 12:15:13 +02:00
Bill Burke
2199df71bf
Merge remote-tracking branch 'upstream/master'
2016-10-18 10:14:00 -04:00
Bill Burke
4182e4d92a
federated import/export
2016-10-18 10:13:51 -04:00
mposolda
00879b39b7
KEYCLOAK-3719 Add 'options' to ProviderConfigProperty and use it for 'List' type instead of defaultValue
2016-10-17 21:34:21 +02:00
Geir Ole Hiåsen Stevning
95f62c6aeb
KEYCLOAK-3626 - CreatedDate and lastUpdatedDate on user consent
2016-10-17 13:53:12 +02:00
mposolda
18e0c0277f
KEYCLOAK-3666 Dynamic client registration policies
2016-10-14 20:20:40 +02:00
Bill Burke
8c8a39c833
sync and import
2016-10-13 20:49:02 -04:00
Bill Burke
0938390654
sync and import
2016-10-13 20:38:49 -04:00
Stian Thorgersen
d2cae0f8c3
KEYCLOAK-905
...
Realm key rotation for OIDC
2016-10-13 11:19:52 +02:00
Bill Burke
d4c3fae546
merge conflicts
2016-09-30 19:19:12 -04:00
mposolda
f9a0abcfc4
KEYCLOAK-3493 KEYCLOAK-3532 Added KeyStorageProvider. Support key rotation for OIDC clients and identity providers with JWKS url.
2016-09-30 21:28:23 +02:00
Bill Burke
8967ca4066
refactor mongo entities, optimize imports
2016-09-28 15:25:39 -04:00
Bruno Oliveira
98d2fe15e8
[KEYCLOAK-2438] - Add display name to social login buttons
...
[KEYCLOAK-3291] - Names of social identity providers are wrongly capitalized (eg GitHub vs Github)
2016-09-26 13:36:28 -03:00
Bill Burke
ecc104719d
bump pom version
2016-09-26 11:01:18 -04:00
Bill Burke
8e65356891
creds
2016-09-22 19:57:39 -04:00
Bill Burke
7209a95dce
credential refactoring
2016-09-22 08:34:45 -04:00
Stian Thorgersen
992268a8e6
KEYCLOAK-3579 Add ability to define profiles
2016-09-20 08:41:23 +02:00
Martin Hardselius
04d03452bd
KEYCLOAK-3422 support pairwise subject identifier in oidc
2016-09-13 09:18:45 +02:00
mposolda
bf6246f5c1
KEYCLOAK-905 Realm keys rotation support on adapters
2016-09-12 21:24:04 +02:00
Stian Thorgersen
f726caea9b
Merge pull request #3205 from stianst/KEYCLOAK-3342
...
KEYCLOAK-3342 Add Identity Provider authenticator
2016-09-08 08:40:32 +02:00
Stian Thorgersen
1f27fc9e4b
Merge pull request #3153 from cargosoft/KEYCLOAK-3327
...
KEYCLOAK-3327 Make realm attributes accessible via the RealmModel
2016-09-08 08:00:14 +02:00
Stian Thorgersen
7c292b1213
KEYCLOAK-3342 Add Identity Provider authenticator
2016-09-08 07:20:35 +02:00
mposolda
02f28a7e8e
KEYCLOAK-3416 Add support for signed Userinfo requests
2016-08-30 20:21:04 +02:00
Dimitri Teleguin
b109ce14b0
KEYCLOAK-3327 Make realm attributes accessible via the RealmModel
2016-08-18 23:28:32 +03:00
Pedro Igor
a8d2b810cf
[KEYCLOAK-3144] - Add authorization settings when exporting/importing a realm.
2016-08-15 10:35:28 -03:00
mposolda
2cba13db9c
KEYCLOAK-3424 Possibility to import JWK key through admin console
2016-08-12 15:51:14 +02:00
mposolda
3eb9134e02
KEYCLOAK-3424 Support for save JWKS in OIDC ClientRegistration endpoint
2016-08-12 15:51:14 +02:00
mposolda
0520d465c1
KEYCLOAK-3414 Support for client registration from trusted hosts
2016-08-11 15:55:32 +02:00
mposolda
a8fb988e31
KEYCLOAK-3406 OIDC dynamic client registrations specs fixes
2016-08-11 15:54:51 +02:00
mposolda
d52e043322
Set version to 2.2.0-SNAPSHOT
2016-08-10 08:57:18 +02:00
Bill Burke
ff703f935f
component export/import
2016-08-09 12:25:04 -04:00
mposolda
9be6777685
KEYCLOAK-2169 KEYCLOAK-3286 Support for at_hash and c_hash
2016-08-08 10:57:44 +02:00
Marek Posolda
65c49c39f4
Merge pull request #3114 from mposolda/master
...
KEYCLOAK-3321 OIDC requests without 'nonce' claim should be rejected …
2016-08-05 16:45:56 +02:00
mposolda
e0a59baaf2
KEYCLOAK-3321 OIDC requests without 'nonce' claim should be rejected unless using the code flow. Started responseType tests
2016-08-05 15:05:26 +02:00
Thomas Darimont
586f6eeece
KEYCLOAK-3142 - Capture ResourceType that triggers an AdminEvent
...
Introduced new ResourceType enum for AdminEvents which lists
the current supported ResourceTypes for which AdminEvents
can be fired.
Previously it was difficult for custom EventListeners to figure
out which ResourceType triggered an AdminEvent in order
to handle it appropriately, effectively forcing users to parse
the representation.
Having dedicated resource types as a marker on an AdminEvent helps
to ease custom EventListener code.
We now also allow filtering of admin events by ResourceType in the
admin-console.
Signed-off-by: Thomas Darimont <thomas.darimont@gmail.com>
2016-08-04 11:30:02 +02:00
Bill Burke
09693eb108
component model
2016-08-02 05:48:57 +02:00
Pedro Igor
ae1a7542d8
[KEYCLOAK-3385] - Improvements to evaluation tool UI and result
2016-08-01 18:01:24 -03:00
Pedro Igor
3c8ed8e3d8
[KEYCLOAK-3372] - Code cleanup
2016-07-29 05:18:38 -03:00
Pedro Igor
7e1b97888a
[KEYCLOAK-3338] - Adding client roles to role policy and UX improvements
2016-07-27 15:15:14 -03:00
mposolda
9169bcd88d
KEYCLOAK-3354 request and request_uri not supported
2016-07-22 13:44:45 +02:00
mposolda
56e011dce4
KEYCLOAK-3318 Adapter support for prompt and max_age. Refactoring to not hardcode OIDC specifics to CookieAuthenticator
2016-07-21 18:19:53 +02:00
Pedro Igor
484d5d6e08
[KEYCLOAK-3313] - UI improvements and messages
2016-07-20 22:11:24 -03:00
mposolda
f4ddfe4a52
KEYCLOAK-3318 Support for prompt=login. More tests for prompt parameter
2016-07-20 21:27:38 +02:00
mposolda
dcc4ea3aea
KEYCLOAK-3237 Change OIDC adapters to use scope=openid as required per specs
2016-07-14 23:56:46 +02:00
mposolda
ee3ac3fdaf
KEYCLOAK-3223 Basic support for acr claim
2016-07-14 12:36:12 +02:00
Stian Thorgersen
4f1d83b9dc
Merge pull request #3030 from stianst/KEYCLOAK-2824-2
...
KEYCLOAK-2824 Password Policy SPI
2016-07-14 10:12:25 +02:00
Stian Thorgersen
ea44b5888b
KEYCLOAK-2824 Password Policy SPI
2016-07-14 07:20:30 +02:00
mposolda
abde62f369
KEYCLOAK-3220 redirect to client with error if possible
2016-07-13 20:57:43 +02:00
mposolda
3bfd999590
KEYCLOAK-3222 extend WellKnown to return supported types of client authentications. More tests
2016-07-08 15:39:13 +02:00
Pedro Igor
80a67149af
Merge pull request #3002 from pedroigor/KEYCLOAK-3249
...
[KEYCLOAK-3249] - AuthorizationContext.hasScopePermission() gives NPE
2016-07-08 09:16:51 -03:00
mposolda
c10a005997
KEYCLOAK-3290 UserInfoEndpoint error responses don't have correct statuses
2016-07-08 12:15:07 +02:00
mposolda
a7c9e71490
KEYCLOAK-3218 Support for max_age OIDC authRequest parameter and support for auth_time in IDToken
2016-07-07 17:04:32 +02:00
Pedro Igor
5ef65e837c
[KEYCLOAK-3249] - AuthorizationContext.hasScopePermission() gives NPE
2016-07-06 09:39:56 -03:00
Stian Thorgersen
7cfee80e58
KEYCLOAK-3189 KEYCLOAK-3190 Add kid and typ to JWT header
2016-07-05 08:26:26 +02:00
Bill Burke
b224917fc5
bump version
2016-06-30 17:17:53 -04:00
Pedro Igor
01f3dddd91
Adding a column to list policies associated with a permission.
2016-06-30 10:26:05 -03:00
Pedro Igor
afa9471c7c
[KEYCLOAK-3128] - Admin Client Authorization Endpoints
2016-06-30 10:26:05 -03:00
Pedro Igor
f48288865b
[KEYCLOAK-3156] - Missing CORS when responding with denies
2016-06-22 14:39:07 -03:00
Pedro Igor
086c29112a
[KEYCLOAK-2753] - Fine-grained Authorization Services
2016-06-17 02:07:34 -03:00
Ben Loy
ec180db39f
KEYCLOAK-2028: Add preemptive access token refresh support
...
Add a new keycloak.json property and mechanism to automatically
refresh access tokens if they are going to expire in less than a configurable
amount of time.
2016-06-09 19:22:15 +02:00
Bill Burke
4c9a0b45d4
Merge pull request #2229 from thomasdarimont/issue/KEYCLOAK-2489-script-based-authenticator-definitions
...
KEYCLOAK-2489 - Add support for Script-based AuthenticationExecution definitions.
2016-06-05 11:12:05 -04:00
mposolda
f58936025f
KEYCLOAK-3003 Support for admin events in AuthenticationManagementResource
2016-05-25 23:17:24 +02:00
mposolda
bea2678e85
KEYCLOAK-2862 AuthenticationManagementResource tests
2016-05-06 20:19:58 +02:00
Stian Thorgersen
2355db57da
KEYCLOAK-2880 Permissions tests for admin endpoints
2016-05-04 08:25:05 +02:00
Thomas Darimont
c8d47926b8
KEYCLOAK-2489 - Add support for Script-based AuthenticationExecution definitions.
...
This is a POC for script based authenticator support.
Introduced a ScriptBasedAuthenticator that is bootstraped via a
ScriptBasedAuthenticatorFactory can be execute a configured script
against a provided execution context.
Added an alias property to the AuthFlowExecutionRepresentation in order
to be able to differentiate multiple instances of an Authenticator
within the same AuthFlow.
For convenience editing the AngularJS bindings for the ACE editor were
added for fancy script editing - this needs to be cut down a bit wrt to
themes and supported scripts - e.g. we probably don't expect users to write
authenticator scripts in Cobol...
Removed currently not needed ACE sytax highlighting and themes.
Scripting is now available to all keycloak components that have access to the KeycloakSession.
Introduced new Scripting SPI for configurable scripting providers.
2016-04-27 14:37:13 +02:00
mposolda
f6a718f10a
KEYCLOAK-2878 Testing of UserFederation admin REST endpoints
2016-04-21 23:11:14 +02:00
mposolda
afc8179cf8
KEYCLOAK-2846 export/import of clientTemplate scopes
2016-04-20 13:30:01 +02:00
Stian Thorgersen
01beff741d
KEYCLOAK-2766 Add missing id to AuthenticatorConfigRepresentation
2016-04-11 07:42:55 +02:00
Thomas Darimont
bccc5fa7b1
KEYCLOAK-2054 - Allow to configure proxy for auth-server requests in adapters.
...
Previously the adapter configuration did not support specifying a proxy
for auth-server requests issued via the Apache HTTP Client by Keycloak.
This made it very difficult to connect an Application with Keycloak
that was required to use a proxy.
Introduced new `proxy-url` attribute to the adapter configuration
which makes it possible to configure a proxy to be used for auth-server
requests. Proxy-Host, Proxy-Port and Proxy-Scheme are taken from the
configured proxy URL.
Note that proxies that require authentication are currently not supported.
2016-04-07 11:09:40 +02:00
mposolda
65dc7ddb44
KEYCLOAK-2623 Remove auth-server-url-for-backend-requests from adapters
2016-04-05 11:43:41 +02:00