Takashi Norimatsu
dce163d3e2
KEYCLOAK-18587 CIBA signed request: Client must configure the algorithm
2021-07-08 10:16:22 +02:00
Benjamin Weimer
8c1ea60b04
* Add sid claim to ID Token
...
* deprecate session state parameter in ID Token
* remove charset=UTF-8 from backchannel logout post request Content-Type header
2021-07-06 15:30:53 -03:00
Takashi Norimatsu
2b1624390a
KEYCLOAK-17937 Client Policy - Endpoint : support CIBA Backchannel Authentication Endpoint
2021-07-03 08:57:20 +02:00
Hryhorii Hevorkian
2803685cd7
KEYCLOAK-18353 Implement Pushed Authorization Request inside the Keycloak
...
Co-authored-by: Takashi Norimatsu <takashi.norimatsu.ws@hitachi.com>
Co-authored-by: mposolda <mposolda@gmail.com>
2021-07-03 08:47:42 +02:00
lbortoli
e5ae113453
KEYCLOAK-18452 FAPI JARM: JWT Secured Authorization Response Mode for OAuth 2.0
2021-07-03 00:00:32 +02:00
Vlastimil Elias
04ff2c327b
[KEYCLOAK-18429] Support a dynamic update profile form
2021-07-02 10:22:47 -03:00
Vlastimil Elias
f32447bcc1
[KEYCLOAK-18424] GUI order for user profile attributes
2021-07-02 08:37:24 -03:00
Pedro Igor
b26b41332e
[KEYCLOAK-18626] - Avoid changing username when registration as email is enabled
2021-07-02 08:07:04 -03:00
Pedro Igor
3e07ca3c22
[KEYCLOAK-18425] - Allow mapping user profile attributes
2021-07-01 10:19:28 -03:00
vramik
2b9b50d50a
KEYCLOAK-18194 fix migration of default role when realm id contains apostrophe
2021-07-01 11:22:11 +02:00
lbortoli
164f3df080
KEYCLOAK-18502 - Support for additional parameters from the backchannel authentication request and backchannel authentication callback.
2021-07-01 00:31:26 +02:00
Luca Leonardo Scorcia
ae98d8ea28
KEYCLOAK-18315 SAML Client - Add parameter to request specific AttributeConsumingServiceIndex
2021-06-29 16:22:38 +02:00
Martin Bartoš
9dc7300178
KEYCLOAK-18391 CIBATest failures
2021-06-29 16:15:12 +02:00
Sebastian Rose
ca6b78b730
KEYCLOAK-18390 GroupProvider search implementation of JPA and Map delivers different results
2021-06-29 14:59:01 +02:00
Takashi Norimatsu
57c80483bb
KEYCLOAK-17936 FAPI-CIBA : support Signed Authentication Request
...
Co-authored-by: Pritish Joshi <pritish@banfico.com>
Co-authored-by: mposolda <mposolda@gmail.com>
2021-06-29 08:07:40 +02:00
Pedro Igor
948f453e2d
[KEYCLOAK-18427] - Allowing switching to declarative provider
2021-06-28 15:50:04 -03:00
Vlastimil Elias
512bcd14f7
[KEYCLOAK-18428] - dynamic registration form
2021-06-25 17:11:15 -03:00
Pedro Igor
faadb896ea
[KEYCLOAK-18426] - Support required by role and scopes in Admin UI
2021-06-24 10:43:49 -03:00
Yoshiyuki Tabata
52ced98f92
KEYCLOAK-18503 Regex Policy for authorization service
2021-06-24 08:49:41 -03:00
Vlastimil Elias
b7a4fd8745
KEYCLOAK-18423 - Support a user-friendly name property for user profile
...
attributes
2021-06-24 08:17:06 -03:00
Michal Hajas
ccf9456bdf
KEYCLOAK-18534 Fix js tests timeout failure
2021-06-23 14:12:02 -03:00
Luca Leonardo Scorcia
cdf9621257
KEYCLOAK-18450 Add basic tests for the Identity Provider Redirector Default IdP feature
2021-06-23 08:42:14 +02:00
Andy Fedotov
17b374f53a
[KEYCLOAK-16455][Adapter - JavaScript] Propagate 3rd party cookies check
...
errors outside of JS adapter
2021-06-23 08:36:26 +02:00
Vlastimil Elias
458c841c39
[KEYCLOAK-18447] Dynamically select attributes based on requested scopes
2021-06-22 08:54:03 -03:00
Vlastimil Elias
b87d764137
[KEYCLOAK-17443] Username and email form fields kept in registration
...
form when duplicate
2021-06-22 08:46:42 -03:00
rmartinc
b8452374d2
[KEYCLOAK-18473] Add max length to password policy
2021-06-22 10:15:48 +02:00
Luca Leonardo Scorcia
f5123cb51b
KEYCLOAK-17935 SAML Client - Validate InResponseTo attribute
2021-06-21 12:25:18 +02:00
keycloak-bot
13f7831a77
Set version to 15.0.0-SNAPSHOT
2021-06-18 10:42:27 +02:00
Pedro Igor
6bb7a8894d
[KEYCLOAK-18464] - Failures when running without tls and remote
2021-06-17 14:33:35 +02:00
Martin Bartoš
333d279d7a
KEYCLOAK-18406 SAMLServletAdapterTest failures
2021-06-17 11:30:39 +02:00
Tomas Kyjovsky
6db1c8204a
KEYCLOAK-18393 SAMLAdapterCrossDCTest failures
2021-06-16 18:46:38 +02:00
Martin Bartoš
78b6762326
KEYCLOAK-18442 LifespanAdapterTest - duplicate resources
2021-06-15 15:32:59 +02:00
Pedro Igor
ef3a0ee06c
[KEYCLOAK-17399] - Declarative User Profile and UI
...
Co-authored-by: Vlastimil Elias <velias@redhat.com>
2021-06-14 11:28:32 +02:00
Václav Muzikář
9854f21ace
KEYCLOAK-18332 Client Scopes are reset to realm's default when Client is updated
2021-06-11 07:41:18 +02:00
mposolda
070c68e18a
KEYCLOAK-18069 Migration of client policies JSON from Keycloak 13
2021-06-10 10:40:14 +02:00
Douglas Palmer
aac0b6ec5f
[KEYCLOAK-17602] Email account verification link is wrongly encoded
2021-06-10 08:34:53 +02:00
Martin Bartoš
8ea2551d25
KEYCLOAK-18247 LifespanAdapterTest fails due to validation error on EAP
2021-06-10 07:07:35 +02:00
Martin Bartoš
07d57ca30f
KEYCLOAK-17179 IdP mappers with MultiValued property can't be saved
2021-06-10 07:02:21 +02:00
mposolda
91865fa93e
KEYCLOAK-18368 Invalidate client session after refresh token re-use
2021-06-09 14:43:29 +02:00
vramik
95bf912dc9
KEYCLOAK-18035 Fix update client with default default scope assigned as optional
2021-06-07 16:22:55 +02:00
Tomas Kyjovsky
b071be7799
KEYCLOAK-18260 ClientSearchTest.testQuerySearch failure on MSSQL2019
...
- removed Central European characters from the test
2021-06-07 16:20:53 +02:00
Tomas Kyjovsky
80eabcb7eb
KEYCLOAK-18249 WelcomePageTest fails on MSSQL 2019
...
- removed reference to `FK_P56CTINXXB9GSK57FO49F9TAC` from the `DropAllServlet`
2021-06-07 16:18:32 +02:00
vramik
5c007420ef
KEYCLOAK-18367 fix compilation failure
2021-06-07 12:50:23 +02:00
Martin Bartoš
4b009ebf5e
KEYCLOAK-14540 Determine project/product name
2021-06-07 11:24:29 +02:00
Václav Muzikář
6b365d7c12
KEYCLOAK-18044 Client Policy: UI tests (old Admin Console)
2021-06-07 06:43:35 +02:00
mposolda
3d16a1e8d3
KEYCLOAK-16811 Add executor for disable 'Full Scope Allowed' and add it to FAPI profiles
2021-06-04 15:46:33 +02:00
Tomas Kyjovsky
1033b272e8
KEYCLOAK-13757 fix for KEYCLOAK-18267_KEYCLOAK-17254
2021-06-03 13:52:25 +02:00
Tomas Kyjovsky
2802740101
KEYCLOAK-13757 update JDG version to 8.1 - testsuite updates
2021-06-03 13:52:25 +02:00
Jan Lieskovsky
cbd4288205
[KEYCLOAK-17254] Adaptively add the default modular JVM options
...
to the "javaVmArguments" to start the cache server container with,
if the JVM used to run the cache server is modular (JDK 9+)
Signed-off-by: Jan Lieskovsky <jlieskov@redhat.com>
2021-06-03 10:36:53 +02:00
mposolda
12c47150e7
KEYCLOAK-18337 FAPI1Test fails in pipeline with auth-server-undertow-non-tls
2021-06-03 10:09:40 +02:00
vramik
0959475099
KEYCLOAK-18305 revisit tests - authz disabled
2021-06-02 14:26:22 +02:00
Douglas Palmer
986b69c03f
[KEYCLOAK-17405] Session auth time updated when user has not re-authenticated
2021-06-01 19:35:42 +02:00
Miquel Simon
ccad4653d8
KEYCLOAK-18324. Exclude FAPI tests for remote auth server.
2021-06-01 11:47:13 +02:00
mposolda
73a38997d8
KEYCLOAK-14208 Default client profiles for FAPI
2021-05-31 12:31:52 +02:00
mposolda
ab13e3e4fe
KEYCLOAK-17939 Enable Client policies feature by default
2021-05-31 12:31:52 +02:00
Michito Okai
bc6a746780
KEYCLOAK-18112 Token introspection of the revoked refresh token
2021-05-31 11:01:01 +02:00
vramik
2bf727d408
KEYCLOAK-17753 remove KeycloakModelUtils.isClientScopeUsed method
2021-05-28 21:07:14 +02:00
rmartinc
38101d01c2
[KEYCLOAK-18250] LDAPSyncTest.test09MembershipUsingDifferentAttributes fails on MySQL 8 and MariaDB 10.3
2021-05-28 00:01:57 +02:00
Michal Hajas
b216b9579c
KEYCLOAK-18264 Fix SamlLogoutTest with different consumer and provider url
2021-05-27 23:23:46 +02:00
Michal Hajas
4dcb69596b
KEYCLOAK-18146 Search for clients by client attribute when doing saml artifact resolution
2021-05-27 23:02:22 +02:00
Stian Thorgersen
2cb59e2503
KEYCLOAK-17844 Add option to disable authorization services to workaround issues with many clients
2021-05-27 22:28:56 +02:00
Martin Kanis
23aee6c210
KEYCLOAK-16616 Limit number of authSessios per rootAuthSession
2021-05-27 22:10:36 +02:00
Takashi Norimatsu
669556af71
KEYCLOAK-18296 RefreshTokenRequest returns incorrect error code during failed HoK request
2021-05-27 15:28:29 +02:00
Martin Bartoš
2096a0f5cc
KEYCLOAK-18246 DemoFilterServletAdapterTest fails for app servers with TLS
2021-05-27 13:06:35 +02:00
vramik
3aa06c2721
KEYCLOAK-18073 avoid ModelDuplicateException during parallel starup of servers
2021-05-27 07:10:35 +02:00
Stefan Guilhen
eb631bf63b
[KEYCLOAK-8730] Ensure role mappers don't remove roles already granted by another mapper when updating a brokered user
2021-05-26 17:21:54 +02:00
Michal Hajas
5c71c3d97f
KEYCLOAK-17764 Remove all clients querying fallback ( #8077 )
2021-05-26 13:18:58 +02:00
Martin Bartoš
77fe3e9bed
KEYCLOAK-18054 EAP6Fuse6HawtioAdapterTest fails due to wrong port without TLS
2021-05-26 08:58:03 +02:00
Pedro Igor
b7e5db6534
[KEYCLOAK-18007] - Configure resolved paths with the method config from configuration
2021-05-25 09:48:30 -03:00
Luca Leonardo Scorcia
478319348b
KEYCLOAK-16450 X509 Direct Grant Auth does not verify certificate timestamp validity
2021-05-25 10:32:17 +02:00
Takashi Norimatsu
6e7898039b
KEYCLOAK-18139 SecureResponseTypeExecutor: polishing for FAPI 1 final
2021-05-25 08:32:43 +02:00
mposolda
d4374f37ae
KEYCLOAK-18258 Not possible to login with public client, which was confidential with custom client authenticator set
2021-05-24 13:17:14 +02:00
Lukas Hanusovsky
afb8da7ff0
KEYCLOAK-18056 exclude test for remote testsuite.
2021-05-24 11:27:44 +02:00
Takashi Norimatsu
6532baa9a7
KEYCLOAK-18127 Option for skip return user's claims in the ID Token for hybrid flow
2021-05-24 08:02:34 +02:00
Michito Okai
cc2d6f0741
KEYCLOAK-18235 Display of options about device grant when selecting
...
"public" as the access type
2021-05-21 08:24:27 +02:00
Vlastimil Elias
4ad1687f2b
[KEYCLOAK-17399] UserProfile SPI - Validation SPI integration
2021-05-20 15:26:17 -03:00
Pedro Igor
9ebbc7673c
[KEYCLOAK-18111] - Error when processing path without associated resource
2021-05-20 11:15:11 -03:00
Thomas Darimont
c49dbd66fa
KEYCLOAK-15437 Ensure at_hash is generated for IDTokens on token-refresh
2021-05-20 16:05:11 +02:00
Pedro Igor
a0f8d2bc0e
[KEYCLOAK-17399] - Review User Profile SPI
...
Co-Authored-By: Vlastimil Elias <vlastimil.elias@worldonline.cz>
2021-05-20 08:44:24 -03:00
rmartinc
b97f177f26
[KEYCLOAK-14696] Unable to fetch list of members from a group through keycloak admin console.
2021-05-20 11:32:23 +02:00
Michal Hajas
3bb5bff8e0
KEYCLOAK-17495 Do not include principal in the reference to broker sessionId
2021-05-20 11:32:11 +02:00
mposolda
d3e9e21abd
KEYCLOAK-17906 Use auto-configure instead of is-augment. Use default-client-authenticator option in SecureClientAuthenticatorExecutor
2021-05-19 12:18:11 +02:00
vramik
4d776cd780
KEYCLOAK-18137 Fix introduced SPI name
2021-05-18 20:30:21 +02:00
Mathieu CLAUDEL
df714506cc
KEYCLOAK-17655 - Can't impersonate
2021-05-18 14:16:01 +02:00
mposolda
71dcbec642
KEYCLOAK-18108 Refactoring retrieve of condition/executor providers. Make sure correct configuration of executor/condition is used for particular provider
2021-05-18 12:20:47 +02:00
mposolda
b8a7750000
KEYCLOAK-18113 Refactor some executor/condition provider IDs
2021-05-18 09:17:41 +02:00
Václav Muzikář
62e6883524
KEYCLOAK-17084 KEYCLOAK-17434 Support querying clients by client attributes
2021-05-14 13:58:53 +02:00
Tomas Kyjovsky
1292135729
KEYCLOAK-17322 Align tested databases with EAP 7.4 support matrix
2021-05-14 09:27:00 +02:00
Peter Flintholm
919899b994
KEYCLOAK-18039: Optimise offline session load on startup
...
Co-authored-by: Hynek Mlnarik <hmlnarik@redhat.com>
2021-05-13 16:26:26 +02:00
Marek Posolda
a6d4316084
KEYCLOAK-14209 Client policies admin console support. Changing of format of JSON for client policies and profiles. Remove support for default policies ( #7969 )
...
* KEYCLOAK-14209 KEYCLOAK-17988 Client policies admin console support. Changing of format of JSON for client policies and profiles. Refactoring based on feedback and remove builtin policies
2021-05-12 16:19:55 +02:00
Takashi Norimatsu
355a5d65fb
KEYCLOAK-18052 Client Policies : Revise SecureRequestObjectExecutor to have an option for checking nbf claim
2021-05-11 14:29:33 +02:00
rmartinc
2539bd9ed3
[KEYCLOAK-17903] idp metadata describing one entity MUST have EntityDescriptor root element
2021-05-11 13:02:13 +02:00
Takashi Norimatsu
5dced05591
KEYCLOAK-18050 Client Policies : Rename "secure-redirecturi-enforce-executor" to indicate what this executor does
2021-05-11 07:42:18 +02:00
Pedro Igor
6397671c88
[KEYCLOAK-17885] - Delete user-managed policies when removing groups
2021-05-10 16:33:23 -03:00
Takashi Norimatsu
b4e4e75743
KEYCLOAK-17928 Determine public client based on token_endpoint_auth_method during OIDC dynamic client registration
2021-05-10 08:24:18 +02:00
Takashi Norimatsu
624d300a55
KEYCLOAK-17938 Not possible to create client in the admin console when client policy with "secure-redirecturi-enforce-executor" condition is used
2021-05-07 17:52:09 +02:00
Takashi Norimatsu
b38b1eb782
KEYCLOAK-17895 SecureSigningAlgorithmEnforceExecutor: Ability to auto-configure default algorithm
2021-05-07 12:37:39 +02:00
Takashi Norimatsu
faab3183e0
KEYCLOAK-18034 Enforce SecureSigningAlgorithmForSignedJwtEnforceExecutor to private-key-jwt clients regardless their option
2021-05-07 12:26:46 +02:00
keycloak-bot
4b44f7d566
Set version to 14.0.0-SNAPSHOT
2021-05-06 14:55:01 +02:00
Hynek Mlnarik
98a88e3e8b
KEYCLOAK-17991 Introduce preview feature for map storage
2021-05-06 11:38:41 +02:00
Hynek Mlnarik
6d97a573e6
KEYCLOAK-17696 Make MapStorageFactory amphibian
2021-05-06 11:38:41 +02:00
Takashi Norimatsu
0a4fdc64f3
KEYCLOAK-17929 SecureSigningAlgorithmForSignedJwtEnforceExecutor polishing for FAPI
2021-05-06 08:41:05 +02:00
Takashi Norimatsu
b78d151a23
KEYCLOAK-16808 Client Policy : Implement existing ConsentRequiredClientRegistrationPolicy as Client Policies' executor
...
Co-authored-by: Andrii Murashkin <amu@adorsys.com.ua>
2021-05-06 08:36:34 +02:00
Peter Skopek
b2ed99c70d
KEYCLOAK-16928 Fix typo in authenticatorFlow representation
2021-05-06 08:33:19 +02:00
mposolda
20fc430be0
KEYCLOAK-17874 Server cannot be started with oracle19cRAC
2021-05-05 13:12:07 +02:00
Václav Muzikář
57fca2a34f
KEYCLOAK-15170 Reset password link is not invalidated if email address is changed
2021-05-05 08:45:47 +02:00
Martin Bartoš
c2c1b482ea
KEYCLOAK-17734 LifespanAdapterTest fails due to header check
2021-05-04 12:36:33 +02:00
Christoph Leistert
61bdc92ad9
KEYCLOAK-17387: 403 response on localization endpoint for cross realm users
...
- add ForbiddenPage class for the assertion at the selenium test
- add assertion to selenium test
- GET requests for localization texts require at least one role for the realm
- Make GET requests for localization texts public, to display the admin UI correctly, even if the role view-realm is missing
2021-05-03 13:29:11 -03:00
Václav Muzikář
315b9e3c29
KEYCLOAK-17835 Account Permanent Lockout and login error messages
2021-05-03 09:39:34 +02:00
Takashi Norimatsu
65c48a4183
KEYCLOAK-12137 OpenID Connect Client Initiated Backchannel Authentication (CIBA) ( #7679 )
...
* KEYCLOAK-12137 OpenID Connect Client Initiated Backchannel Authentication (CIBA)
Co-authored-by: Andrii Murashkin <amu@adorsys.com.ua>
Co-authored-by: Christophe Lannoy <c4r1570p4e@gmail.com>
Co-authored-by: Pedro Igor <pigor.craveiro@gmail.com>
Co-authored-by: mposolda <mposolda@gmail.com>
2021-04-29 15:56:39 +02:00
Jan Lieskovsky
6df5ba0f1c
[KEYCLOAK-17227] Wildfly 23 upgrade
...
Base fixes:
* [KEYCLOAK-17228] Upgrade Keycloak to Wildfly 23.0.0.Final / Wildfly Core 15.0.0.Final
Other (related) fixes:
* [KEYCLOAK-17477] Update org.wildfly.common to 1.5.4.Final
* [KEYCLOAK-17478] Update wildfly-galleon-maven-plugin to 5.1.0.Final
* [KEYCLOAK-17479] Keycloak Galleon Feature Pack: Adapter fails to build on top of Wildfly 23
* [KEYCLOAK-17482] Sync Wildfly 23 model changes to Keycloak
* [KEYCLOAK-17508] Apply workaround for WFCORE-5335
* [KEYCLOAK-17231] Update org.keycloak.testsuite.metrics.MetricsRestServiceTest
to work with org.wildfly.extension.health
* [KEYCLOAK-17585] Fix Quarkus startup failure post applying Wildfly 23 upgrade changes
* [KEYCLOAK-17583] Fix ConfigMigrationTest post applying Wildfly 23 model changes
* [KEYCLOAK-17584] Fix ActionTokenCrossDCTest#sendResetPasswordEmailSuccessWorksInCrossDc
test failure post applying Wildfly 23 upgrade changes
Signed-off-by: Jan Lieskovsky <jlieskov@redhat.com>
2021-04-29 12:36:03 +02:00
vramik
de79493294
KEYCLOAK-17896 Add maven profile for map storage
2021-04-28 21:05:42 +02:00
vramik
162043beec
KEYCLOAK-17615 Move database initialization from KeycloakApplication to JpaConnectionProviderFactory
2021-04-28 13:43:48 +02:00
Martin Kanis
515bfb5064
KEYCLOAK-16378 User / client session map store
...
Co-authored-by: Martin Kanis <mkanis@redhat.com>
Co-authored-by: Hynek Mlnarik <hmlnarik@redhat.com>
2021-04-28 09:09:15 +02:00
Yoshiyuki Tabata
45202bd49a
KEYCLOAK-17637 Client Scope Policy for authorization service
2021-04-26 08:58:33 -03:00
Ayat Bouchouareb
8255cba930
KEYCLOAK-17612- Invalid SAML Response : Invalid Destination
2021-04-26 11:15:28 +02:00
Pedro Igor
068a1811f2
[KEYCLOAK-17452] - Removing policies created from a user-managed policy
2021-04-21 11:30:57 -03:00
Pedro Igor
228de42859
[KEYCLOAK-17598] - Changing root path check when resolving resource by uri
2021-04-21 11:30:07 -03:00
Takashi Norimatsu
190b60c5cd
KEYCLOAK-17827 Client Policy - Condition : Client - Client Host : Removing Option
2021-04-21 15:16:00 +02:00
i7a7467
ada7f37430
KEYCLOAK-16918 Set custom user attribute to Name ID Format for a SAML client
...
https://issues.redhat.com/browse/KEYCLOAK-16918
Co-authored-by: Michal Hajas <mhajas@redhat.com>
2021-04-20 10:29:17 +02:00
Martin Bartoš
ca019c36e8
KEYCLOAK-17457 Failed OfflineServletsAdapterTest
2021-04-19 16:58:38 -03:00
AlistairDoswald
8b3e77bf81
KEYCLOAK-9992 Support for ARTIFACT binding in server to client communication
...
Co-authored-by: AlistairDoswald <alistair.doswald@elca.ch>
Co-authored-by: harture <harture414@gmail.com>
Co-authored-by: Michal Hajas <mhajas@redhat.com>
2021-04-16 12:15:59 +02:00
Michal Hajas
64ccbda5d5
KEYCLOAK-17323 Compute token expiration using Time.currentTime() instead of userSession.getStarted()
2021-04-14 12:58:45 +02:00
Martin Bartoš
b237c503ba
KEYCLOAK-16913 Fix failed FuseAdapterTest
2021-04-14 09:51:02 +02:00
Martin Bartoš
5a9068e732
KEYCLOAK-16401 Deny/Allow access in a conditional context
2021-04-09 12:04:45 +02:00
Michito Okai
d9ebbe4958
KEYCLOAK-17202 Restrict Issuance of Refresh tokens to specific clients
2021-04-08 11:51:25 +02:00
Takashi Norimatsu
8b0b657a8f
KEYCLOAK-17682 Client Policy - Executor : remove inner config class for executor without any config
2021-04-08 09:22:16 +02:00
Takashi Norimatsu
3221708499
KEYCLOAK-17667 Client Policy - Executor : Only Accept Confidential Client
2021-04-08 09:17:10 +02:00
Takashi Norimatsu
e9035bb7b3
KEYCLOAK-17681 Client Policy - Executor : Limiting available period of Request Object with its configuration
2021-04-08 09:12:20 +02:00
Daniel Fesenmeyer
a48d04bfe0
KEYCLOAK-16082 save attributes when role is created (with REST POST request)
...
- add missing mapping code to RoleContainerResource#createRole
- extend ClientRolesTest and RealmRolesTest to check that now the attributes are saved when a role is created
- remove no longer needed code which updated roles because attributes were not saved on creation
2021-04-07 14:08:49 -03:00
Lukas Hanusovsky
e0d660d815
KEYCLOAK-17311 - exclude for Remote testsuite
2021-04-07 13:37:38 +02:00
Lukas Hanusovsky
17b19b2e36
KEYCLOAK-17302 - exclude for Remote testsuite
2021-04-07 13:35:47 +02:00
Takashi Norimatsu
7b227ae47c
KEYCLOAK-17666 Client Policy - Executor : Limiting available period of Request Object
2021-04-07 08:36:26 +02:00
Takashi Norimatsu
42dec08f3c
KEYCLOAK-16805 Client Policy : Support New Admin REST API (Implementation) ( #7780 )
...
* KEYCLOAK-16805 Client Policy : Support New Admin REST API (Implementation)
* support tests using auth-server-quarkus
* Configuration changes for ClientPolicyExecutorProvider
* Change VALUE of table REALM_ATTRIBUTES to NCLOB
* add author tag
* incorporate all review comments
Co-authored-by: mposolda <mposolda@gmail.com>
2021-04-06 16:31:10 +02:00
vramik
d1ad905407
KEYCLOAK-17640 fix MultiVersionClusterTest.verifyFailureOn* tests
2021-04-06 12:55:26 +02:00
Miquel Simon
5f551e018d
KEYCLOAK-17310. Disabled test in remote environment. ( #7898 )
2021-04-06 09:03:04 +02:00
vramik
185075d373
KEYCLOAK-14552 Realm Map Store
2021-03-31 15:49:03 +02:00
Konstantinos Georgilakis
ec5c256562
KEYCLOAK-5657 Support for transient NameIDPolicy and AllowCreate in SAML IdP
2021-03-31 14:45:39 +02:00
rmartinc
0a0caa07d6
KEYCLOAK-17215 Slowness issue while hitting /auth/admin/realms/$REALM/clients?viewableOnly=true after DELETE a role
2021-03-31 12:57:17 +02:00
vramik
c3b9c66941
KEYCLOAK-17460 invalidate client when assigning scope
2021-03-30 10:58:16 +02:00
sma1212
e10f3b3672
[KEYCLOAK-17484] OIDC Conformance - Authorization response with Hybrid flow does not contain token_type ( #7872 )
...
* [KEYCLOAK-17484] fix oidc conformance for hybrid-flow
* [KEYCLOAK-17484] add TokenType & ExpiresIn to OAuth2Constants
* [KEYCLOAK-17484] add request validation for oidc-flows automated tests
2021-03-30 08:59:30 +02:00
devopsix
590ee1b1a2
KEYCLOAK-15459 Fix serialization of locale in admin console's “whoami” ( #7397 )
...
call.
2021-03-29 18:37:26 -04:00
Bodo Graumann
0033b7daf7
[KEYCLOAK-17166] Use radio buttons for otp select
2021-03-29 15:46:34 +02:00
Thomas Darimont
7ec6a54e22
KEYCLOAK-17581 Prevent empty group names
...
Create / Update operations in `GroupResource ` and `GroupsResource#addTopLevelGroup`
did not validate the given group name. This allowed the creation of groups with empty names.
We now prevent the creation of groups with empty names.
2021-03-25 19:10:38 -03:00
Hynek Mlnarik
a36fafe04e
KEYCLOAK-17409 Support for amphibian (both component and standalone) provider
2021-03-25 13:28:20 +01:00
Jan Lieskovsky
5fac80b05e
[KEYCLOAK-17100] Testsuite Wildfly initialization error on Windows
...
[KEYCLOAK-17392] Java CLASSPATH is wrongly parsed on Windows
Signed-off-by: Jan Lieskovsky <jlieskov@redhat.com>
Co-Authored-By: Peter Zaoral <pzaoral@redhat.com>
2021-03-25 09:21:34 +01:00
Pedro Igor
fca65ac644
Adding a test when custom policies are used
2021-03-24 08:24:43 -03:00
Xiangjiaox
ca81e6ae8c
KEYCLOAK-15015 Extend KeyWrapper to add whole certificate chain in x5c parameter ( #7643 )
...
* [KEYCLOAK-15015] - Publishing the x5c for JWK
Co-authored-by: Vetle Bergstad <vetle.bergstad@evry.com>
Co-authored-by: Pedro Igor <pigor.craveiro@gmail.com>
2021-03-23 08:37:50 -03:00
cgeorgilakis
18afdea392
KEYCLOAK-16048 SAML Client import - add md:RequestedAttribute as "User Attribute" ProtocolMapper
2021-03-22 21:55:32 +01:00
Clement Cureau
0b68f24a09
[KEYCLOAK-14046] Include groups in user creation via Admin Console ( #7035 )
...
* [KEYCLOAK-14046] Include groups in user creation via Admin Console
Since the POST /users API now supports providing groups membership, here is the UI
part!
- Added a field in the user creation UI to specify groups the newly created user
will be joining
- Added associated messages in english language
* Added UI integration tests
* Fixed UI tests
* Flatten nested groups in user creation groups searchbox
* Filtering out searched groups
* Removed unused injection
* Fixed UI tests
Co-authored-by: Clement Cureau <clement.cureau@cdiscount.com>
2021-03-19 13:55:45 +01:00
mposolda
853a6d7327
KEYCLOAK-17000 Adding server tmp directory inside the auth-server home directory
2021-03-17 10:06:48 +01:00
Pascal Euhus
82fc401298
[KEYCLOAK-9841] use LDAPUser UUID as an identifier instead of username
2021-03-16 17:55:24 +01:00
Andrew Elwell
c76ca4ad13
Correct "doesn't exists" typos - fixes KEYCLOAK-14986 ( #7316 )
...
* Correct "doesn't exists" typos
* Revert changes to imported package
Co-authored-by: Stian Thorgersen <stianst@gmail.com>
2021-03-16 11:52:36 +01:00
Yang Xie
db30b470c4
KEYCLOAK-17342 Make the default value of default signature algorithm show up in the admin console
2021-03-16 09:15:22 +01:00
Michito Okai
298ab0bc3e
KEYCLOAK-7675 Support for Device Authorization Grant
2021-03-15 10:09:20 -03:00
Łukasz Dywicki
319195236b
Fix failing test, cause oauth device flow is encoded using realm attributes.
2021-03-15 10:09:20 -03:00
Hiroyuki Wada
9d57b88dba
KEYCLOAK-7675 Prototype Implementation of Device Authorization Grant.
...
Author: Hiroyuki Wada <h2-wada@nri.co.jp>
Date: Thu May 2 00:22:24 2019 +0900
Signed-off-by: Łukasz Dywicki <luke@code-house.org>
2021-03-15 10:09:20 -03:00
Thomas Darimont
d2060913be
KEYCLOAK-14412 Fixed compiler error in JavascriptAdapterTests
2021-03-11 13:03:08 -03:00
Thomas Darimont
b926cd20f1
KEYCLOAK-14412 Keycloak.js should honor scopes configured in initOptions and loginOptions
2021-03-11 13:03:08 -03:00
Hynek Mlnarik
4946484cb6
KEYCLOAK-17377 Fix invalidation cluster tests (do not hide failures)
2021-03-11 16:14:59 +01:00
Lukas Hanusovsky
b3ea6f74be
KEYCLOAK-16212 - Exclude Remote execution for the LDAPVaultCredentialsTest, fixed broken exclude Remote execution for the LDAPUserLoginTest.
2021-03-10 07:27:43 +01:00
Yang Xie
2605eddbe7
KEYCLOAK-17300 Add a method to check if the token revocation request has duplicate parameters
2021-03-09 18:27:38 +01:00
Lukas Hanusovsky
ef57714eaa
KEYCLOAK-17301 - fix -> added org.infinispan.commons module into jboss-deployment-structure.xml
2021-03-09 11:05:17 +01:00
vramik
6e501946b1
KEYCLOAK-17021 Client Scope map store
2021-03-08 21:59:28 +01:00
Michal Hajas
fc29a39e5a
KEYCLOAK-16592 Do not require destination with SOAP binding
2021-03-05 19:52:00 +01:00
mposolda
99c1ee7f5a
KEYCLOAK-16793 KEYCLOAK-16948 Cors on error responses for logoutEndpoint and tokenEndpoint
2021-03-05 14:14:53 +01:00
Martin Bartoš
d452041d7d
KEYCLOAK-17304 ClientPoliciesTest - exclude mTLS tests for non-required SSL
2021-03-05 12:24:37 +01:00
Martin Bartoš
da6a017e86
KEYCLOAK-17307 ResetPasswordTest - wrong redirect URIs
2021-03-05 08:49:34 +01:00
Pavel Drozd
8203c4451e
KEYCLOAK-14766 - Removed setting default password for LDAPRule configuration
2021-03-04 12:56:45 +01:00
Denis
23bfaef4bb
KEYCLOAK-15535 Account Log of user login with realm not available details when update profile
2021-03-04 08:06:36 +01:00
Yang Xie
78754d1127
KEYCLOAK-17259 Add a method to check if the introspection request has duplicate parameters
2021-03-03 16:23:27 +01:00
Pedro Igor
0f30b3118a
[KEYCLOAK-16676] - Client attributes should not be stored if null or empty
2021-03-03 15:37:05 +01:00
Pedro Igor
40efbb0f9c
[KEYCLOAK-13942] - Invalidate pre-defined paths when paths are invalidated
2021-03-02 15:01:42 +01:00
Takashi Norimatsu
882f5ffea4
KEYCLOAK-15533 Client Policy : Extends Policy Interface to Migrate Client Registration Policies
...
Co-authored-by: Hryhorii Hevorkian <hhe@adorsys.com.ua>
Co-authored-by: Andrii Murashkin <amu@adorsys.com.ua>
2021-03-02 09:26:04 +01:00
i7a7467
b83064b142
KEYCLOAK-16679 Add algorithm settings for client assertion signature in OIDC identity broker
2021-03-01 18:11:25 +01:00
Takashi Norimatsu
c4bf8ecdf0
KEYCLOAK-16880 Client Policy - Condition : Negative Logic Support
2021-03-01 14:27:39 +01:00
mposolda
41dc94fead
KEYCLOAK-14483 Broker state param fix
2021-02-24 19:07:58 -03:00
mposolda
6f409d088a
KEYCLOAK-15239 Reset Password Success Message not shown when Kerberos is Enabled
2021-02-23 16:15:50 -03:00
Pedro Igor
dbc6514bfc
[KEYCLOAK-17206] - Avoid removing attributes when updating user and profile
2021-02-23 08:41:41 +01:00
Juan Manuel Rodriguez Alvarado
6255ebe6b5
[KEYCLOAK-16536] Implement Audit Events for Authorization Services requests
2021-02-22 17:28:59 -03:00
mposolda
ed8d5a257f
KEYCLOAK-16517 Make sure that just real clients with standardFlow or implicitFlow enabled are considered for redirectUri during logout
2021-02-22 14:30:32 +01:00
mposolda
0058011265
KEYCLOAK-16006 User should not be required to re-authenticate after revoking consent to an application
2021-02-22 14:29:42 +01:00
Pedro Igor
1dc0b005fe
[KEYCLOAK-17087] - X509 OCSP Validation Not Checking Intermediate CAs
2021-02-22 13:50:19 +01:00
Lukas Hanusovsky
4a2830bc2e
KEYCLOAK-15849 : auth-remote-server exclude -> removed duplicated annotation, fixed @Test(timeout) bug -> replaced by lambda expression.
2021-02-22 13:40:47 +01:00
Pedro Igor
9356843c6c
[KEYCLOAK-16521] - Fixing secret for non-confidential clients
2021-02-19 08:38:49 +01:00
Torsten Roemer
750f5fdb0a
KEYCLOAK-14577 OIDCIdentityProvider incorrectly sets firstName and lastName in BrokeredIdentityContext
2021-02-18 19:50:27 +01:00
Torsten Roemer
00ee6bb9fa
KEYCLOAK-14577 OIDCIdentityProvider incorrectly sets firstName and lastName in BrokeredIdentityContext
2021-02-18 19:50:27 +01:00
rmartinc
056b52fbbe
KEYCLOAK-16800 userinfo fails with 500 Internal Server Error for service account token
2021-02-18 19:37:52 +01:00
Pedro Igor
431f137c37
[KEYCLOAK-17123] - Avoid validation and updates for read-only attributes during updates
2021-02-17 17:57:46 +01:00
stefvdwel
b97f5eb128
Added PermissionTicket count test.
2021-02-17 09:40:19 -03:00
Pedro Igor
2593c3dbc4
[KEYCLOAK-15893] - Incorrect resource match is returned for some cases when using wildcard in uri
2021-02-17 12:51:26 +01:00
mposolda
80bf0b6bad
KEYCLOAK-16708 Unexpected exceptions during client authentication
2021-02-12 18:27:54 +01:00
Pedro Igor
ca2a761d4b
[KEYCLOAK-16886] - Updating user account removes attributes
2021-02-12 12:01:50 -03:00
Michito Okai
33bb1fda38
KEYCLOAK-16931 Authorization Server Metadata of
...
introspection_endpoint_auth_methods_supported and
introspection_endpoint_auth_signing_alg_values_supported
2021-02-11 14:53:49 +01:00
Pedro Igor
7a4733acc9
[KEYCLOAK-14034] - Adding tests for matching uris once updated
2021-02-11 09:44:43 -03:00
mposolda
456cdc51f2
KEYCLOAK-15719 CORS headers missing on userinfo error response
2021-02-11 13:37:42 +01:00
diodfr
cb12fed96e
KEYCLOAK-4544 Detect existing user before granting user autolink
2021-02-11 11:06:49 +01:00
Lukas Hanusovsky
223d0ea456
KEYCLOAK-16625 : Testsuite -> auth.server.remote: adding keystore file to a build directory.
2021-02-09 15:22:43 +01:00
Pedro Igor
f6c3ec5d9e
[KEYCLOAK-14366] - Missing check for iss claim in JWT validation on Client Authentication (Token Endpoint)
2021-02-09 13:54:06 +01:00
Pedro Igor
ab9a38ec27
[KEYCLOAK-13115] - Unable to add a role to a user if username query matches multiple acounts
2021-02-09 13:49:25 +01:00