Mark Grand
905a92fe34
Added more details about PostgreSQL
2020-01-10 09:26:14 +01:00
Viswa Teja Nariboina
5082ed2fcb
[ KEYCLOAK-12606 ] Passing email in login_hint query parameter during Identity brokering fails when an account already exists
2020-01-09 10:40:42 +01:00
Pedro Igor
03bbf77b35
[KEYCLOAK-12511] - Mapper not visible in client's mapper list
2020-01-09 10:25:06 +01:00
mposolda
fea7b4e031
KEYCLOAK-12424 SPNEGO / Kerberos sends multiple 401 responses with WWW-Authenticate: Negotiate header when kerberos token is invalid
2020-01-09 10:21:24 +01:00
Tom Billiet
0f8d988d58
[KEYCLOAK-12299] JWKS parsing: fallback to RS256 for RSA keys without alg field
2020-01-09 10:12:34 +01:00
Thomas Darimont
062cbf4e0a
KEYCLOAK-9925 Use Client WebOrigins in UserInfoEndpoint
...
We now use the allowed WebOrigins configured for the client
for which the user info is requested.
Previously, Web Origins defined on the Client were not being recognized
by the /userinfo endpoint unless you apply the "Allowed Web Origins"
protocol mapper.
This was an inconsistency with how the Web Origins work compared
with the /token endpoint.
2020-01-09 10:10:59 +01:00
Bodo Graumann
65b674a131
KEYCLOAK-10818 Add hint about +, * in client CORS
...
The '+' in the allowed CORS origins does not replicate a '*' wildcard
from the Valid Redirect URIs. This information is now available in the
tooltip.
Also translated changed message into german.
2020-01-09 10:09:02 +01:00
Pedro Igor
dae212c035
[KEYCLOAK-12312] - Partial import of realm breaking access to client's service account roles
2020-01-09 10:06:32 +01:00
Pedro Igor
c596647241
[KEYCLOAK-11712] - Request body not buffered when using body CIP in Undertow
2020-01-09 10:02:18 +01:00
Pedro Igor
709cbfd4b7
[KEYCLOAK-10705] - Return full resource representation when querying policies by id
2020-01-09 10:00:24 +01:00
Pedro Igor
9fd7ab81f0
[KEYCLOAK-10407] - Avoiding redundant calls on identity.getid
2020-01-09 09:56:48 +01:00
stianst
80187b54ff
KEYCLOAK-10974 Add quotes in kcreg.bat to allow installation dir with spaces
2020-01-09 09:45:40 +01:00
Bruno Oliveira da Silva
e04bceafcd
Update release notes for Gatekeeper
2020-01-08 12:50:01 +01:00
Stian Thorgersen
db5e6583e7
Update document-attributes-product.adoc
2020-01-08 12:47:31 +01:00
Manfred Duchrow
f926529767
KEYCLOAK-12616 Vault unit test always failes on Windows
2020-01-07 20:55:50 +01:00
vmuzikar
8e0e972957
KEYCLOAK-12626 Fix compilation errors in Admin Console tests
2020-01-07 11:56:14 -05:00
Hynek Mlnarik
f7379086e0
KEYCLOAK-12619 Improve mapped byte buffer cleanup
2020-01-07 16:07:43 +01:00
Stian Thorgersen
051e84719f
Update supported-platforms.adoc ( #816 )
2020-01-07 14:03:51 +01:00
Stian Thorgersen
c9239cbfb6
Merge pull request #804 from keycloak/stianst-patch-3
...
Update idp_httpclient_subelement.adoc
2020-01-07 13:49:00 +01:00
Stian Thorgersen
8768ed5568
Update java-adapter-config.adoc
2020-01-07 13:48:53 +01:00
Dan Langille
8303a18ffa
achieve -> achieved
2020-01-07 08:40:49 +01:00
Cyrille Chopelet
e1e033d7ea
Fix typos in load-balancer documentation
2020-01-07 08:35:22 +01:00
Madhurjya Roy
565afce358
Update docker-overview.adoc
...
Fix a typo where "public" was written as "pulic" in two places in docker-overview.adoc.
2020-01-07 08:34:19 +01:00
DavidHofs
bd6663129c
Update ssl.doc in line with RFC1918
...
Private networks include 10.0.0.0/8 (instead of 10.0.0.0/16)
2020-01-07 08:33:55 +01:00
Etienne
39f846aecb
Update javascript-adapter.adoc
...
The `pkceMethod` option has to be configured in the `init` method and not the `constructor` (see https://github.com/keycloak/keycloak/blob/master/adapters/oidc/js/src/main/resources/keycloak.js#L160 )
2020-01-07 08:31:51 +01:00
zthulj
fa5faf8e29
Added missing step in getting started
2020-01-07 08:27:38 +01:00
Bruno Oliveira da Silva
c0aa0891cd
[KEYCLOAK-12533] Applications UI has erroneous "Remove Access" button
2020-01-06 10:49:52 -03:00
Thomas Darimont
54b69bd1dc
KEYCLOAK-10190 Fix NPE on missing clientSession in TokenEndpoint.codeToToken
...
In certain scenarios, e.g. when an auth code from another realm login is
used to perform the code to token exchange, it can happen that the
ClientSession is null which triggered an NPE when the userSession field is accessed.
Added null check for clientSession in TokenEndpoint.codeToToken to prevent an NPE.
2020-01-06 14:45:20 +01:00
vramik
419d9c6351
KEYCLOAK-11597 Remote testing changes + possibility to exclude tests for specific auth server
...
Co-Authored-By: <mhajas@redhat.com>
2020-01-06 14:29:36 +01:00
Thomas Darimont
1a7aeb9b20
KEYCLOAK-8249 Improve extraction of Bearer tokens from Authorization headers ( #6624 )
...
We now provide a simple way to extract the Bearer token string from
Authorization header with a null fallback.
This allows us to have more fine grained error handling for the
various endpoints.
2020-01-06 13:58:52 +01:00
mhajas
28b01bc34d
KEYCLOAK-12609 Fix integer overflow for SAML XMLTimeUtil add method parameters
2020-01-06 13:53:16 +01:00
Yoshiyuki Tabata
e96725127f
KEYCLOAK-12165 Fix UserSessionProviderTest to work correctly ( #6513 )
2020-01-02 17:57:14 +01:00
mposolda
04737bd0df
KEYCLOAK-12278 Default first broker login flow is broken after migration
2020-01-02 17:55:28 +01:00
Marek Posolda
fa453e9c0c
KEYCLOAK-12278 Default first broker login flow is broken after migration ( #6556 )
2020-01-02 17:53:56 +01:00
Pedro Igor
56d53b191a
[KEYCLOAK-8779] - Fixing PartialImportTest
2019-12-28 06:24:19 -03:00
rmartinc
401d36b446
KEYCLOAK-8779: Partial export and import to an existing realm is breaking clients with service accounts
2019-12-27 15:59:38 -03:00
Michael Thirion
44ab3f46b7
[KEYCLOAK-6008] - Spring Boot does not honour wildcard auth-role ( #6579 )
2019-12-24 19:06:55 -03:00
Asbjørn Dyhrberg Thegler
1162455f32
KEYCLOAK-10894 Adds a ready indicating promise
...
This is non-intrusive and backwards compatible. With this change it is possible
to `await keycloakAuthorization.ready` to make sure the component has been
properly initialized.
2019-12-24 18:33:20 -03:00
Thomas Darimont
0219d62f09
KEYCLOAK-6867 UserInfoEndpoint should return WWW-Authenticate header for Invalid tokens
...
As required by the OIDC spec (1) we now return a proper WWW-Authenticate
response header if the given token is invalid.
1) https://openid.net/specs/openid-connect-core-1_0.html#UserInfoError
2019-12-23 07:42:06 -03:00
Andrei Arlou
23b794aa51
KEYCLOAK-12313 Remove unused method from org.keycloak.saml.common.util.DocumentUtil
2019-12-20 15:03:42 +01:00
Pedro Igor
e316e2a2f0
[KEYCLOAK-8616] - Process requests only if a deployment can be resolved
2019-12-20 13:33:12 +01:00
Andrei Arlou
eed4847469
KEYCLOAK-12311 Fix minor warnings with collections in packages: forms, keys, partialimport, protocol from module "services"
2019-12-20 13:31:38 +01:00
stianst
95741c2528
KEYCLOAK-12584 Fix link to user-credentials
2019-12-20 11:26:19 +01:00
stianst
d65a6bd18f
KEYCLOAK-9647 Fix header for script authenticator
2019-12-20 10:46:00 +01:00
stianst
78c71b782c
KEYCLOAK-12582 Fixes for product
2019-12-20 09:44:35 +01:00
Philipp Nanz
7409f6991f
KEYCLOAK-12166 Argument 'customJacksonProvider' not being passed on
2019-12-20 09:06:55 +01:00
Hynek Mlnarik
9194cbe2c4
KEYCLOAK-12535 Fix broken links
2019-12-20 08:09:48 +01:00
Peter Skopek
7a14661fce
KEYCLOAK-6115 Login fails if federated user is read-only and has selected a locale on the login screen
2019-12-19 14:36:50 +01:00
Pedro Igor
946088d48d
[KEYCLOAK-12109] - Resolving authz discovery url using KeycloakUriBuilder
2019-12-19 14:18:21 +01:00
Pedro Igor
3bd193acd7
[KEYCLOAK-12412] - Policy enforcer should consider charset when comparing the content-type of the request
2019-12-19 14:14:33 +01:00