Bill Burke
ef60512e09
change exchange error message
2017-10-02 11:29:59 -04:00
Marek Posolda
13fe9e7cf8
Merge pull request #4510 from glavoie/KEYCLOAK-3303
...
KEYCLOAK-3303: Allow reuse of refresh tokens.
2017-09-29 17:07:45 +02:00
mposolda
3b6e1f4e93
KEYCLOAK-5007 Used single-use cache for tracke OAuth code. OAuth code changed to be encrypted and signed JWT
2017-09-29 13:20:22 +02:00
Gabriel Lavoie
134daeac7f
KEYCLOAK-3303: Allow reuse of refresh tokens.
...
- Configurable max reuse count.
2017-09-28 15:30:40 -04:00
Bill Burke
fd025ae76b
Merge pull request #4209 from guitaro/feature/group-search-and-pagination
...
[KEYCLOAK-2538] - groups pagination and group search
2017-09-23 20:52:19 -04:00
Bill Burke
eb4f7f3b21
KEYCLOAK-5516
2017-09-22 11:48:30 -04:00
Bill Burke
8ace0e68c3
KEYCLOAK-910 KEYCLOAK-5455
2017-09-21 17:15:18 -04:00
Bill Burke
f927ee7b4e
KEYCLOAK-5491 KEYCLOAK-5492
2017-09-15 16:30:45 -04:00
Bill Burke
affeadf4f3
KEYCLOAK-5490
2017-09-14 21:16:50 -04:00
Léventé NAGY
503ce3a47f
Merge branch 'master' into feature/group-search-and-pagination
2017-09-13 10:27:38 +02:00
Pedro Igor
90db6654d3
Merge pull request #4451 from glavoie/KEYCLOAK-4858-ResourceServer
...
KEYCLOAK-4858: Slow query performance for client with large data volume
2017-09-12 15:54:16 -03:00
Levente NAGY
c8c88dd58c
KEYCLOAK 2538 - UI group pagination - TU + some code improvement + add mockito dependency
2017-09-12 15:09:08 +02:00
Hynek Mlnarik
24e9cbb292
KEYCLOAK-4899 Replace updates to user session with temporary auth session
2017-09-11 21:43:49 +02:00
Gabriel Lavoie
c1664478d9
KEYCLOAK-4858: Slow query performance for client with large data volume
...
- Changing RESOURCE_SERVER PK to the client ID.
- Changing FK on children of RESOURCE_SERVER.
- Use direct fetch of ResourceServer through ID/PK to avoid a lot of implicit Hibernate flush.
2017-09-06 09:55:53 -03:00
Pedro Igor
fa6d5f0ee2
[KEYCLOAK-4653] - Identity.hasClientRole(String) and Identity.hasRole(String) break role namespaces and should be removed
2017-09-01 16:08:34 -03:00
Stian Thorgersen
463661b051
Set version to 3.4.0.CR1-SNAPSHOT
2017-08-28 15:46:22 +02:00
Stian Thorgersen
8cc1d02d46
KEYCLOAK-5342 ( #4431 )
2017-08-28 14:35:58 +02:00
Bruno Oliveira da Silva
859cd30c3a
Include frame-ancestors for CSP 2 ( #4413 )
...
Signed-off-by: Bruno Oliveira <bruno@abstractj.org>
2017-08-28 06:46:03 +02:00
Bill Burke
6696c44dc0
Merge remote-tracking branch 'upstream/master'
2017-08-24 15:19:48 -04:00
Bill Burke
7a57723c01
more token exchange
2017-08-24 15:19:38 -04:00
mposolda
fe5891fbdb
KEYCLOAK-5293 Add notBefore to user
2017-08-23 08:58:26 +02:00
Stian Thorgersen
6119572934
KEYCLOAK-5282 ( #4389 )
2017-08-17 09:22:23 +02:00
Bill Burke
16954fc370
fix
2017-08-10 14:58:09 -04:00
Levente NAGY
c8aa708cff
Merge remote-tracking branch 'upstream/master'
2017-08-10 18:14:49 +02:00
Bill Burke
3b5ca2bac0
Merge pull request #4366 from hmlnarik/KEYCLOAK-4694-null
...
KEYCLOAK-4694
2017-08-02 19:47:34 -04:00
Hynek Mlnarik
4583a45e78
KEYCLOAK-4694
2017-08-01 09:57:12 +02:00
Bill Burke
852e9274d4
Merge remote-tracking branch 'upstream/master'
2017-07-28 16:15:53 -04:00
Bill Burke
db9b1bcb21
token exchange
2017-07-28 16:15:39 -04:00
mposolda
07e2136b3b
KEYCLOAK-4187 Added UserSession support for cross-dc
2017-07-27 22:32:58 +02:00
Pedro Igor
6865b4bbb1
[KEYCLOAK-4808] - Import large authz settings a bit faster
2017-07-06 18:22:13 -03:00
Pedro Igor
adffe16cb8
[KEYCLOAK-5135] - Wrong comparison when checking for duplicate resources during creation
2017-07-04 10:16:55 -03:00
Stian Thorgersen
454c5f4d83
Set version to 3.3.0.CR1-SNAPSHOT
2017-06-30 09:47:11 +02:00
Josh Cain
89fcddd605
KEYCLOAK-3592 Docker auth implementation
2017-06-29 06:37:34 +02:00
Stian Thorgersen
1220d7f898
KEYCLOAK-5074 Allow updating client secret through client registration service
2017-06-28 08:11:51 +02:00
Bruno Oliveira
361ab1c988
[KEYCLOAK-4444] Allow sending test email
2017-06-27 08:38:36 +02:00
Léventé NAGY
1a50e77a4d
Merge branch 'master' into feature/group-search-and-pagination
2017-06-26 20:36:36 +02:00
Bill Burke
39dea4b078
restricting admin role mapping
2017-06-22 16:51:46 -04:00
Léventé NAGY
41d8d17062
Merge branch 'master' into feature/group-search-and-pagination
2017-06-22 17:41:30 +02:00
Bill Burke
d08ddade2e
merge
2017-06-21 17:43:54 -04:00
Bill Burke
52e40922bc
removal
2017-06-21 17:42:57 -04:00
Bill Burke
8c82201add
Merge pull request #4224 from pedroigor/KEYCLOAK-3168
...
[KEYCLOAK-3168] - Group-Based Access Control
2017-06-21 17:03:34 -04:00
mposolda
e91dd011c5
KEYCLOAK-4438 Disable kerberos flow when provider removed
2017-06-21 09:38:20 +02:00
Pedro Igor
93d57c7d00
Merge pull request #4236 from CoreFiling/js-policy-performance
...
[KEYCLOAK-5072] - Improve performance of JSPolicyProvider
2017-06-20 15:11:40 -03:00
mposolda
f363dbcad0
KEYCLOAK-4327 Switching language on User consent gives error
2017-06-20 09:21:41 +02:00
Jay Anslow
7614ff8c6f
Extract EvaluatebleScriptAdapter
...
Precursor for InvocableScriptAdapter, which compiles/evaluates a script without affecting the engine's bindings. This allows the same script to be compiled once and then evaluated multiple times (with the same ScriptEngine).
2017-06-19 15:32:14 +01:00
Pedro Igor
0b5e6b0d49
JS policy should use ScriptingSPI
2017-06-16 11:49:32 -03:00
Pedro Igor
169280b6a1
[KEYCLOAK-3168] - Group-Based Access Control
2017-06-13 19:05:44 -03:00
Pedro Igor
fd8a3dccaf
Merge pull request #4214 from pedroigor/KEYCLOAK-4904
...
[KEYCLOAK-4904] - Authorization Audit - Part 1
2017-06-09 17:17:30 -03:00
Pedro Igor
f12cef2c86
[KEYCLOAK-4904] - Authorization Audit - Part 1
2017-06-09 13:31:06 -03:00
Pedro Igor
84d2d7b431
Missing invalidation for some queries cache
2017-06-08 18:09:44 -03:00
Bill Burke
94528976d4
console work
2017-06-07 16:29:43 -04:00
Levente NAGY
c4da7637d6
[KEYCLOAK-2538] - groups pagination and group search
2017-06-06 18:32:48 +02:00
Pedro Igor
9be9e30ad6
Merge pull request #4206 from pedroigor/KEYCLOAK-4983
...
[KEYCLOAK-4983] - Authz settings export of role base policy generates json where are just role-names
2017-06-05 16:19:58 -03:00
Pedro Igor
23887f4031
Fixing tests and more client policy tests
2017-06-05 11:26:33 -03:00
Pedro Igor
3760f2753b
[KEYCLOAK-4983] - Authz settings export of role base policy generates json where are just role-names
2017-06-02 20:09:33 -03:00
Pedro Igor
d0f505455d
[KEYCLOAK-4991] - Allow clients to limit the number of permission in a RPT when using entitlements
2017-06-02 19:06:40 -03:00
Bill Burke
b9f7a43a72
group permissions
2017-06-01 20:16:35 -04:00
Pedro Igor
c4a0470a37
[KEYCLOAK-4987] - Remove async support from AuthZ Token Endpoints
2017-05-30 12:48:18 -03:00
Stian Thorgersen
8c53c5a90e
KEYCLOAK-4888
...
Change default hashing provider for realm
2017-05-30 09:54:05 +02:00
mposolda
5560175888
KEYCLOAK-4626 Changed javadoc. Remove unused ClientSessionModel class
2017-05-25 18:51:05 +02:00
Stian Thorgersen
c442bcd8d3
Merge pull request #4174 from stianst/KEYCLOAK-4889
...
KEYCLOAK-4889
2017-05-23 14:26:15 +02:00
Stian Thorgersen
ff2d6941d0
Merge pull request #4140 from mstruk/RHSSO-978
...
RHSSO-978 Cannot migrate event types using export/import
2017-05-23 13:55:17 +02:00
Stian Thorgersen
130452f6c3
Merge pull request #4085 from mstruk/RHSSO-402
...
RHSSO-402 need a way to dump configuration (including ldap provider config) to a file
2017-05-23 13:29:32 +02:00
Stian Thorgersen
097a2267f5
KEYCLOAK-4889
...
Improve error messages for password policies
2017-05-23 13:18:06 +02:00
mposolda
8adde64e2c
KEYCLOAK-4016 Provide a Link to go Back to The Application on a Timeout
2017-05-23 09:08:58 +02:00
Pedro Igor
62ffab7239
Exporting a client is updating policy config
2017-05-19 19:45:47 -03:00
Bill Burke
ab763e7c5b
fixes after merge
2017-05-19 15:54:36 -04:00
Bill Burke
2cac8b1bb7
KEYCLOAK-4929
2017-05-18 16:53:31 -04:00
Bill Burke
c291748f43
KEYCLOAK-4929
2017-05-18 16:48:04 -04:00
mposolda
c178a2392d
KEYCLOAK-4907 Fix postgresql and mssql. Fix migration
2017-05-17 22:44:44 +02:00
Marko Strukelj
27b291c345
RHSSO-978 Cannot migrate event types using export/import
2017-05-16 18:52:58 +02:00
Marko Strukelj
7d0ca42c6c
RHSSO-402 need a way to dump configuration (including ldap provider config) to a file
2017-05-15 12:13:58 +02:00
Bill Burke
954ef99f22
Merge remote-tracking branch 'upstream/master'
2017-05-12 10:10:29 -04:00
mposolda
7d8796e614
KEYCLOAK-4626 Support for sticky sessions with AUTH_SESSION_ID cookie. Clustering tests with embedded undertow. Last fixes.
2017-05-11 22:24:07 +02:00
Hynek Mlnarik
b8262a9f02
KEYCLOAK-4628 Single-use cache + its functionality incorporated into reset password token. Utilize single-use cache for relevant actions in execute-actions token
2017-05-11 22:16:26 +02:00
Hynek Mlnarik
c431cc1b01
KEYCLOAK-4627 IdP email account verification + code cleanup. Fix for concurrent access to auth session notes
2017-05-11 22:16:26 +02:00
mposolda
168153c6e7
KEYCLOAK-4626 Authentication sessions - SAML, offline tokens, broker logout and other fixes
2017-05-11 22:16:26 +02:00
Hynek Mlnarik
47aaa5a636
KEYCLOAK-4627 reset credentials and admin e-mails use action tokens. E-mail verification via action tokens.
2017-05-11 22:16:26 +02:00
mposolda
e7272dc05a
KEYCLOAK-4626 AuthenticationSessions - brokering works. Few other fixes and tests added
2017-05-11 22:16:26 +02:00
mposolda
a9ec69e424
KEYCLOAK-4626: AuthenticationSessions - working login, registration, resetPassword flows
2017-05-11 22:16:26 +02:00
mposolda
83b29c5080
KEYCLOAK-4626 AuthenticationSessions: start
2017-05-11 22:16:26 +02:00
Stian Thorgersen
c3a2b3a6b6
KEYCLOAK-4523 PBKDF2WithHmacSHA256 and PBKDF2WithHmacSHA512 providers
2017-05-11 11:58:22 +02:00
Pedro Igor
e14be4460b
[KEYCLOAK-4867] - Cluster events and invalidations
2017-05-05 22:48:51 -03:00
Bill Burke
c3b44e61d4
Merge remote-tracking branch 'upstream/master'
2017-05-01 14:51:07 -04:00
Eriksson Fabian
ca1152c3e5
KEYCLOAK-4204 Extend brute force protection with permanent lockout on failed attempts
...
- Can still use temporary brute force protection.
- After X-1 failed login attempt, if the user successfully logs in his/her fail login count is reset.
2017-04-28 09:02:10 +02:00
Stian Thorgersen
87dedb56e5
Set version to 3.2.0.CR1-SNAPSHOT
2017-04-27 14:23:03 +02:00
Bill Burke
2276f99d54
Merge remote-tracking branch 'upstream/master'
2017-04-26 14:39:45 -04:00
Johannes Knutsen
0809033924
KEYCLOAK-4780 Ensure Base64 encoded HMAC secret key is decoded before use
2017-04-26 16:04:44 +02:00
Stian Thorgersen
cf7f28d97e
Merge pull request #4031 from abacusresearch/KEYCLOAK-4736_http_header_x-xss-protection
...
KEYCLOAK-4736 Extend security defenses with X-XSS-Protection header
2017-04-25 10:38:21 +02:00
Stian Thorgersen
54ee055bd8
KEYCLOAK-4671 Add server-private-spi to dependency deployer
2017-04-25 10:16:24 +02:00
Bill Burke
12cb295a35
Merge remote-tracking branch 'upstream/master'
2017-04-24 10:05:46 -04:00
Bill Burke
58868ca99f
prototype
2017-04-24 10:05:39 -04:00
Pedro Igor
bf69bc94bb
[KEYCLOAK-4754] - Unable to delete realm when using aggregated policies
2017-04-20 12:10:52 -03:00
Pedro Igor
b6978a424f
[KEYCLOAK-3135] - Reverting change to support import unordered policies
2017-04-12 15:15:46 -03:00
Pedro Igor
8e877a7f6c
[KEYCLOAK-3135] - More tests
2017-04-12 14:34:27 -03:00
Pedro Igor
eec712a259
[KEYCLOAK-3135] - Role and user policies apis
2017-04-12 00:52:14 -03:00
Pedro Igor
54ebc1918c
[KEYCLOAK-3135] - Using abstract policy representation when creating policies and updating tests
2017-04-12 00:52:13 -03:00
Pedro Igor
d60dcb4c62
[KEYCLOAK-3135] - Some more tests and making policy type rest api more generic
2017-04-12 00:52:13 -03:00
Pedro Igor
8e64bc3e4d
Tests for new permission management rest api
2017-04-12 00:52:13 -03:00
Pedro Igor
cf1e8d1dd8
[KEYCLOAK-3135] - Tests and typos
2017-04-12 00:52:13 -03:00