Hynek Mlnarik
812e76c39b
KEYCLOAK-8163 Improve SAML validations
2018-09-05 15:47:03 +02:00
Pedro Igor
33efcc6b93
[KEYCLOAK-8142] - Fixing regression when setting path enforcement mode to disabled
2018-09-04 10:32:06 -03:00
Dmitry Telegin
bc8763ccf3
KEYCLOAK-7858 - OIDC servlet filter adapter OSGi support
2018-09-04 11:29:45 +02:00
Jani
42553cdc44
[KEYCLOAK-7695] Restore token_type and expires_in for implicit flow
...
As KEYCLOAK-6585 concerns only hybrid flow, this commit restores the behavior for implicit flow.
This commit partially reverts #5041 (061049e41a6b0e6fb45c75f05748023ad7ab7d92).
2018-08-29 13:00:57 +02:00
mposolda
6fc99cd749
KEYCLOAK-7594 Upgrade to Wildfly 13. Cross-DC: Upgrade to infinispan server 9.2.4 and JDG 7.2
...
Co-authored-by: Douglas Palmer <dpalmer@redhat.com>
Co-authored-by: stianst <stianst@gmail.com>
Co-authored-by: Hynek Mlnarik <hmlnarik@redhat.com>
2018-08-27 12:52:53 +02:00
Dan Hooper
0a8fca7ec4
Created common interface for parsed tokens in typescript declaration file
2018-08-23 16:14:17 -04:00
Frank Schmager
3e2e0ac91c
Renamed factory and java doc
2018-08-22 16:39:55 +02:00
Frank Schmager
dda365e002
initial exposing of BasicAuthRequestAuthenticator to make extensible
2018-08-22 16:39:55 +02:00
Grzegorz Grzybek
fdc9882709
[KEYCLOAK-8101] Return just cached deployment to prevent NPE
2018-08-21 09:56:58 +02:00
Alex Szczuczko
a35ed671e6
KEYCLOAK-7480 Make fuse7 tomcat8 adapter community-only
2018-08-20 09:06:45 +02:00
Alex Szczuczko
f0a2f7a675
KEYCLOAK-7480 Make fuse7 adapter's jetty94 conditional on the community profile
...
In commit d70859ef
keycloak-pax-web-jetty94 was added.
org.keycloak:keycloak-jetty94-adapter:jar is a dependency of this module, and
isn't produced outside of the community profile. So, the jetty94 module here
must be consistent with that.
2018-08-20 09:06:45 +02:00
Erin Recachinas
fa8cb004a1
KEYCLOAK-6086 Casting Jetty WebAppContext in Spring Adapter checks validity and unwraps
2018-08-13 11:16:19 +02:00
Hynek Mlnarik
a8a9631d4f
KEYCLOAK-6832 Unify Destination attribute handling
2018-08-09 10:30:30 +02:00
Pedro Igor
80e5227bcd
[KEYCLOAK-4902] - Refactoring and improvements to processing of authz requests
2018-08-07 10:53:40 -03:00
mposolda
959cd035ba
Set version to 4.3.0.Final-SNAPSHOT
2018-08-01 22:40:05 +02:00
Tair Sabirgaliev
d88568266f
KEYCLOAK-7821 Enable tomcat-specific features: *
(all roles), **
(authenticated user) in authRoles
constraint
2018-07-27 14:24:49 +02:00
mhajas
a6e4f4f9aa
KEYCLOAK-7922 Use Time.currentTimeMillis() instead of System.currentTimeMillis() in PathCache
2018-07-24 08:52:48 -03:00
Hynek Mlnarik
c8bc0d6d7b
KEYCLOAK-7400 Remove dead code
...
This commit can only be merged once the Camel 2.21.2 would be
released, otherwise the code won't compile due to missing dependencies.
See https://issues.apache.org/jira/browse/CAMEL-12514 for details.
2018-07-23 14:46:00 +02:00
Pedro Igor
7c14a6a503
[KEYCLOAK-6547] - AuthenticatedActionsHandler should process responses after identity is established
2018-07-19 10:05:04 -03:00
Grzegorz Grzybek
2cb7ec9432
[KEYCLOAK-7703] HierarchicalPathBasedKeycloakConfigResolver for more fine/coarse grained Keycloak configuration in Karaf
2018-07-19 14:25:52 +02:00
Gregor Tudan
3417b569c0
KEYCLOAK-2606: add support for native browsers on cordova
...
KEYCLOAK-2606 Added cordova native
KEYCLOAK-2606 Some more fixes and tweaks
Fix redirect in example realm
feature(cordova-native): fix universalLinks and kc options
Added 'cordova-native' to typings
Added an option to define a "default" redirectUri in keycloak.js
Added 'login' and 'logout' event to universalLinks configuration in config.xml
Improved 'cordova-native' example to always use a redirectUri and
update state after successfull logout
Setting the 'authenticated' flag for the keycloak instance to 'false'
after a logout redirect
KEYCLOAK-2606: Simplify example for cordova-native
I wanted to make it explicit which options are actually needed, so I didn't want to reuse the keycloak conf
KEYCLOAK-2606: simplify example
The update state after logout shouldn't be necessary as it is set in `keycloak.onAuthLogout = updateState;`
Not sure why it is called after the login promise...
Fixes
2018-07-18 10:51:59 +02:00
Martin Kanis
b520dda3ef
KEYCLOAK-4662 Keycloak adapter missing configuration attribute proxy-url
2018-07-13 14:30:40 +02:00
mhajas
5aebc74f8c
KEYCLOAK-7269 Setting more uris for Authorization Resource
2018-07-11 17:48:34 -03:00
Pedro Igor
55550f2023
[KEYCLOAK-6547] - AuthenticatedActionsHandler should process responses after identity is established
2018-07-11 11:33:31 -03:00
rmartinc
4a82979792
KEYCLOAK-1925: SAML adapter multitenant support
2018-07-10 13:21:11 +02:00
mposolda
d0a824dde4
Updating version to 4.2.0.Final-SNAPSHOT
2018-07-05 07:42:48 -04:00
sebastienblanc
f5d00ddffb
making Spring Boot 2 the default starter
2018-07-03 22:04:16 +02:00
Pedro Igor
dcadc61220
[KEYCLOAK-7670] - PEP not returning correct status code when authorization header is not set
2018-06-29 09:39:55 -03:00
Pedro Igor
f10c47955f
[KEYCLOAK-7427] - Fix to support writing to response when doing programmatic logouts
2018-06-28 11:08:28 -03:00
Pedro Igor
23db2b852b
[KEYCLOAK-7679] - Wildfly adapter must be disabled when using Elytron
2018-06-28 11:08:28 -03:00
Grzegorz Grzybek
3c9d3c2c04
[KEYCLOAK-7681] Review pax-web OSGi dependencies
...
Co-Authored-By: Hynek Mlnarik <hmlnarik@redhat.com>
2018-06-22 13:47:20 +02:00
Grzegorz Grzybek
f90e0fc14c
[KEYCLOAK-7425] Correctly import packages of httpclient and http core, fix Karaf feature
2018-06-21 14:28:47 +02:00
Hynek Mlnarik
6b968796ce
KEYCLOAK-7667 Fix namespace handling when decrypting assertion
2018-06-21 13:09:18 +02:00
vramik
2fcfa5cf71
KEYCLOAK-7094 Support redirect to external logout page for saml filter adapter
2018-06-19 13:23:18 +02:00
stianst
e1a0e581b9
Update to 4.1.0.Final-SNAPSHOT
2018-06-14 14:22:28 +02:00
Dennis Bayer
c43d8b3d85
Get role list to update directly from the security context rather than from previously created subject info.
...
Roles within groups must be unpacked added separately in order to contain all roles.
2018-06-13 21:03:30 -03:00
Dennis Bayer
6a2a121d4e
Map group members of authenticated subject into subject info.
...
This commit contains a POC for the issue "Roles get lost after security context was propagated back to wildfly-swarm, if using jwt for authentication" (KEYCLOAK-7309).
2018-06-13 21:03:30 -03:00
Hynek Mlnarik
9dc5709ce7
KEYCLOAK-7593 Setters for httpContext
2018-06-13 16:32:39 +02:00
vramik
5f1f3dff5e
KEYCLOAK-7094 Support redirect to external logout page for elytron adapter
2018-06-13 12:50:38 +02:00
Stefan Guilhen
d897159560
[KEYCLOAK-7598] - Set CIP config when defining paths in policy enforcer config ( #5264 )
2018-06-12 11:24:17 -03:00
Vlasta Ramik
182c975e01
KEYCLOAK-7597 fix logger classes ( #5263 )
2018-06-12 11:02:04 -03:00
Pedro Igor
db60abc604
[KEYCLOAK-7543] - Policy enforcer should not delegate decisions when using UMA ( #5252 )
2018-06-11 08:17:40 -03:00
Lorent Lempereur
f55c93a1e4
Javascript Adapter - Add 'cordovaOptions' to the Typescript definition of KeycloakLoginOptions ( #5250 )
2018-06-11 08:21:04 +02:00
Grzegorz Grzybek
fca6da3a5a
KEYCLOAK-7523 better context path detection in PathBasedKeycloakConfigResolver
2018-06-08 21:32:14 +02:00
Marek Posolda
49407c2e4f
KEYCLOAK-6630 Client scopes initial support ( #5076 )
...
* KEYCLOAK-6630 KEYCLOAK-349 Client Scopes
Co-authored-by: vramik <vramik@redhat.com>
* KEYCLOAK-6630 Change some clientTemplate occurences to clientScope
2018-06-08 15:38:38 +02:00
Pedro Igor
aa128d6c07
Merge pull request #5240 from pedroigor/KEYCLOAK-7353
...
[KEYCLOAK-7353] Support Policy Management in Protection API
2018-06-07 11:05:49 -03:00
Federico M. Facca
5a9bfea419
[KEYCLOAK-7353] Support Policy Management in Protection API
...
See https://issues.jboss.org/browse/KEYCLOAK-7353
2018-06-06 19:36:42 -03:00
Hynek Mlnarik
5a241392cf
KEYCLOAK-7094 Support redirect to external logout page
2018-06-05 14:51:18 +02:00
Pedro Igor
bc665fdbc3
Merge pull request #5195 from suem/bugfix_FilterSessionStore
...
NullPointerException in FilterSessionStore when restoring request
2018-06-01 10:51:28 -03:00
Stian Thorgersen
dbf5c395b0
Bump version to 4.0.0.Final ( #5224 )
2018-05-24 19:02:30 +02:00
Hynek Mlnarik
1e438cdc45
KEYCLOAK-7277 KEYCLOAK-7282 Tomcat 8/Pax Web integration
2018-05-23 13:14:07 +02:00
Hynek Mlnarik
d70859ef1b
KEYCLOAK-7277 KEYCLOAK-7282 Jetty/Pax Web integration
2018-05-23 13:14:07 +02:00
Hynek Mlnarik
cace03c3cc
KEYCLOAK-7279 Camel/Undertow integration
2018-05-23 13:14:07 +02:00
Hynek Mlnarik
b2df872ad4
KEYCLOAK-7278 KEYCLOAK-7280 CXF/Undertow integration
2018-05-23 13:14:07 +02:00
Hynek Mlnarik
dd65c231f9
KEYCLOAK-7277 KEYCLOAK-7282 Undertow/Pax Web integration
2018-05-23 13:14:07 +02:00
Hynek Mlnarik
ae690e0679
KEYCLOAK-5522 Base for Fuse 7 adapter
2018-05-23 13:14:07 +02:00
Pedro Igor
dac5d313b3
Merge pull request #5166 from pedroigor/KEYCLOAK-7021
...
[KEYCLOAK-7021] - keycloak-authz.js and keycloak-authz.d.ts do not work with TypeScript
2018-05-17 17:42:51 -03:00
Pedro Igor
21d139c6c2
Merge pull request #5173 from pedroigor/KEYCLOAK-7148
...
[KEYCLOAK-7148] - Associate sub resources to a parent resource
2018-05-17 16:51:55 -03:00
Lorent Lempereur
27d8afe4a7
Javascript Adapter - Reject 'login' promise when users close their cordova in-app-browser on purpose ( #5000 )
2018-05-09 15:49:38 -07:00
Samuel Ueltschi
3391ec5377
check if content-type is null when restoring request
2018-05-09 12:47:14 +02:00
Lorent Lempereur
f6125a2542
[KEYCLOAK-6655] Javascript Adapter - Allow users to provide cordova-specific options to login and register ( #4998 )
...
* Javascript Adapter - Allow users to pass cordova-specific options (in-app-browser) to the login and register functions
* Javascript Adapter - Allow users to pass cordova-specific options (in-app-browser) to the login and register functions
* [KEYCLOAK-6655] On Android 8, explicit hidden=no fails on in-app-browser load.
2018-05-07 00:26:46 +02:00
pedroigor
7ebcc69cb9
[KEYCLOAK-7148] - Associate sub resources to a parent resource
2018-05-02 13:04:11 -03:00
Stian Thorgersen
90e5c7f3eb
Bump version to 4.0.0.Beta3-SNAPSHOT ( #5185 )
2018-05-02 14:32:20 +02:00
Pedro Igor
e960642399
Merge pull request #5144 from pedroigor/KEYCLOAK-4903
...
[KEYCLOAK-4903] - Pushed Claims
2018-04-26 15:59:13 -03:00
Stan Silvert
35154db50f
KEYCLOAK-7123: l10n dropdowns ( #5170 )
...
* KEYCLOAK-7196: Add kc_locale to keycloak.js
* KEYCLOAK-7123: Localization dropdowns
* Update keycloak-service to latest keycloak.js
2018-04-25 15:04:12 -04:00
pedroigor
b249a48dcf
[KEYCLOAK-7147] - Support obtaining a buffered input stream in HttpFacade.Request
2018-04-25 10:16:41 -03:00
pedroigor
035ebc881a
[KEYCLOAK-4903] - Claim Information point Provider SPI and configuration
2018-04-25 10:16:41 -03:00
Stan Silvert
b6a0303a4c
KEYCLOAK-7196: Add kc_locale to keycloak.js ( #5165 )
...
* KEYCLOAK-7196: Add kc_locale to keycloak.js
* Update keycloak.d.ts
2018-04-23 11:45:32 -04:00
pedroigor
824b900a43
[KEYCLOAK-7021] - keycloak-authz.js and keycloak-authz.d.ts do not work with TypeScript
2018-04-23 08:48:42 -03:00
pedroigor
c3d297dd05
[KEYCLOAK-7162] - Expose WWW-Authenticate Header when using CORS
2018-04-23 08:46:54 +02:00
pedroigor
527d6ca4d8
[KEYCLOAK-6414] - Empty response body with 200 response when using Elytron
2018-04-23 08:46:54 +02:00
Wojciech Trocki
c3c1a0fb4e
Allow to use custom adapter ( #5067 )
...
* Allow to use custom adapter
* fix: improve TypeScript documentation
2018-04-20 09:18:46 +02:00
Pedro Igor
e1f5245145
Merge pull request #5120 from pedroigor/KEYCLOAK-7029
...
[KEYCLOAK-7029] - Configuration of cache policies for cached resources/path
2018-04-05 09:33:23 -03:00
Stian Thorgersen
5514812a4d
KEYCLOAK-7048 Clear token if refresh fails ( #5124 )
2018-04-04 20:12:25 +02:00
pedroigor
a939c45d58
[KEYCLOAK-7029] - Configuration of cache policies for cached resources/path
2018-04-03 16:44:27 -03:00
Bill Burke
0b2fe75828
Merge pull request #5115 from patriot1burke/kcinit-browser
...
KEYCLOAK-7004 KEYCLOAK-7003 KEYCLOAK-6999 KEYCLOAK-7033
2018-04-03 10:31:30 -04:00
pedroigor
5c52da80c6
[KEYCLOAK-7028] - Propagating AuthorizationContext when enforcement-mode is disable for a path
2018-04-02 11:10:43 -03:00
Bill Burke
4078e84fb6
server driven success page
2018-03-31 10:16:44 -04:00
Pedro Igor
5cae1bb134
Merge pull request #5093 from pedroigor/KEYCLOAK-4102
...
[KEYCLOAK-4102] - Support lazy load paths
2018-03-29 09:16:34 -03:00
pedroigor
4a425c2674
[KEYCLOAK-4102] - Support lazy loading of paths via policy enforcer config
2018-03-28 09:23:59 -03:00
Bill Burke
ad5f3fefc5
Merge remote-tracking branch 'upstream/master' into kcinit
2018-03-27 16:38:35 -04:00
pedroigor
e9e376419d
[KEYCLOAK-4102] - Removing create-resources configuration option
2018-03-27 09:51:13 -03:00
sebastienblanc
91135c95ae
KEYCLOAK-6732 : Make Spring Sec Dep optional
2018-03-27 10:59:29 +02:00
stianst
07fea02146
Bump versions to 4.0.0.Beta2-SNAPSHOT
2018-03-26 18:17:38 +02:00
Pedro Igor
593f57fd2c
Merge pull request #5088 from pedroigor/KEYCLOAK-6878
...
[KEYCLOAK-6878] - Always refresh token option not working for invalid tokens
2018-03-26 09:38:05 -03:00
Ryan Dawson
d57fb445eb
adapter for spring boot 2
...
remove built directory
update snapshot version references
refactor out core library to remove duplication
adapter for spring boot 2
remove built directory
update snapshot version references
Revert "merge from upstream"
This reverts commit 88c39a2f23b8f2d4b25360e2b46e683d11b4972b, reversing
changes made to f0811145ceeb8ec609ed66b06067f797e288aa89.
setting correct versions
updating to latest keycloak
arquillian test app for spring boot2
update to 2.0.0.RELEASE
added Rest Customizer
2018-03-22 14:23:55 +01:00
pedroigor
3559c5dc3c
[KEYCLOAK-6878] - Always refresh token option not working for invalid tokens
2018-03-21 10:01:02 -03:00
Bill Burke
f000cedcbb
Merge remote-tracking branch 'upstream/master' into kcinit
2018-03-20 16:49:43 -04:00
Bill Burke
681e3d751e
golang integration
2018-03-20 16:42:35 -04:00
Bill Burke
8926837a3e
tests
2018-03-19 16:47:13 -04:00
Bill Burke
4bba11cd94
kcinit
2018-03-16 12:11:57 -04:00
pedroigor
668b67dcdb
[KEYCLOAK-6623] - Policy enforcer gets confused with similar paths ending with wildcards
2018-03-09 16:38:57 -03:00
Pedro Igor
91bdc4bde2
[KEYCLOAK-3169] - UMA 2.0 ( #4368 )
...
* [KEYCLOAK-3169] - UMA 2.0 Support
* [KEYCLOAK-3169] - Changes to account service and more tests
* [KEYCLOAK-3169] - Code cleanup and tests
* [KEYCLOAK-3169] - Changes to account service and tests
* [KEYCLOAK-3169] - Changes to account service and tests
* [KEYCLOAK-3169] - More tests
* [KEYCLOAK-3169] - Changes to adapter configuration
* [KEYCLOAK-3169] - Reviewing UMA specs and more tests
* [KEYCLOAK-3169] - Reviewing UMA specs and more tests
* [KEYCLOAK-3169] - Changes to UMA Grant Type and refactoring
* [KEYCLOAK-3169] - Refresh tokens for RPT responses and tests
* [KEYCLOAK-3169] - Changes to account my resources and policy enforcers
* [KEYCLOAK-3169] - Realm settings flag to enable/disable user-managed access in account mgmt console
* [KEYCLOAK-3169] - More changes to my resource pages in account mgmt console
* [KEYCLOAK-3169] - Need to enable user-managed on realm to run tests
* [KEYCLOAK-3169] - Removing more UMA 1.0 related code
* [KEYCLOAK-3169] - Only submit requests if ticket exists
* [KEYCLOAK-3169] - Returning UMA 401 response when not authenticated
* [KEYCLOAK-3169] - Removing unused code
* [KEYCLOAK-3169] - Removing unused code
* [KEYCLOAK-3169] - 403 response in case ticket is not created
* [KEYCLOAK-3169] - Fixing AbstractPhotozExampleAdapterTest#testClientRoleRepresentingUserConsent
* [KEYCLOAK-3169] - 403 status code only returned for non-bearer clients
2018-02-28 08:53:10 +01:00
wyvie
f8022a5c2f
[KEYCLOAK-6585] hybrid flow: removed token_type and expires_in paramters from oidc auth response
2018-02-27 15:31:12 +01:00
Hynek Mlnarik
1f20c03afa
KEYCLOAK-6470 Refactor SAML adapter parsers
2018-02-27 09:37:29 +01:00
wyvie
52acd959e0
[KEYCLOAK-6584] removed not-before-policy parameter from authorization response
2018-02-26 17:41:18 +01:00
Hynek Mlnarik
e7cdb8ad54
KEYCLOAK-6473 KEYCLOAK-6472 SAML parser refactor + protocol parsers
2018-02-23 08:16:14 +01:00
stianst
eb326cd1bb
KEYCLOAK-6534 Check for string in receiveMessage in session iframe
2018-02-22 07:02:16 +01:00
stianst
9b63cd35f0
KEYCLOAK-6431
2018-02-13 19:38:46 +01:00
Bill Burke
5d5373454c
Merge pull request #4991 from patriot1burke/challenge-support
...
KEYCLOAK-6355
2018-02-13 09:38:45 -05:00