Stian Thorgersen
52a4509ada
Merge pull request #3483 from hmlnarik/KEYCLOAK-3870-keycloak-saml-xsd
...
KEYCLOAK-3870 Schema for keycloak-saml.xml
2016-11-10 08:20:24 +01:00
Stian Thorgersen
1ee6df412e
Merge pull request #3482 from vramik/KEYCLOAK-2741
...
KEYCLOAK-2741 remove KEYCLOAK_REMEMBERME when user logs in without rememberme checked
2016-11-10 07:45:07 +01:00
Hynek Mlnarik
025cf5ebaf
KEYCLOAK-3870 Schema for keycloak-saml.xml
...
Updated schema schema for keycloak-saml.xml (added documentation, set
up enumeration instead of free string where applicable per documentation)
and updated existing keycloak-saml.xml files with schema reference.
2016-11-09 10:45:43 +01:00
Vlasta Ramik
6f1b8e1fee
remove KEYCLOAK_REMEMBERME when user logs in without rememberme checked + tests
2016-11-09 10:33:46 +01:00
Pavel Drozd
c05057748f
Merge pull request #3474 from vramik/KEYCLOAK-3489
...
KEYCLOAK-3489 migration tests - minor fix
2016-11-08 15:38:14 +01:00
Stian Thorgersen
de7006a048
Merge pull request #3473 from hmlnarik/KEYCLOAK-3215
...
KEYCLOAK-3215 Use RSA-OAEP for key encryption
2016-11-08 10:16:54 +01:00
Vlasta Ramik
2b6811a366
migration tests - minor fix
2016-11-08 09:48:15 +01:00
Pavel Drozd
10f9800327
Merge pull request #3469 from mhajas/KEYCLOAK-3853
...
KEYCLOAK-3853 Fix keyRotation adapter test
2016-11-08 08:34:11 +01:00
Stian Thorgersen
292777259e
Merge pull request #3472 from hmlnarik/KEYCLOAK-1881-saml-key-rotation
...
Keycloak 1881 - SAML key/cert rotation for IdP
2016-11-08 07:56:25 +01:00
Hynek Mlnarik
01c42f9359
KEYCLOAK-3215 Use RSA-OAEP for key encryption
2016-11-08 07:44:59 +01:00
Stian Thorgersen
ef48594d85
Merge pull request #3470 from sebastienblanc/KEYCLOAK-3548
...
KEYCLOAK-3548 : Send 401 when no keycloak.json for EAP6/AS7 Adapter
2016-11-08 07:37:00 +01:00
Stian Thorgersen
c9a58fad15
Merge pull request #3464 from stianst/KEYCLOAK-3692
...
KEYCLOAK-3692
2016-11-08 07:36:39 +01:00
Stian Thorgersen
5b54375490
Merge pull request #3468 from sebastienblanc/KEYCLOAK-3514
...
KEYCLOAK-3514 : fix servlet logout on bearer-only client
2016-11-08 07:35:44 +01:00
Stian Thorgersen
db4f3561a5
Merge pull request #3454 from ssilvert/keystore-error-messages
...
KEYCLOAK-3817: More detailed errors when loading keys from JKS
2016-11-08 07:33:43 +01:00
Stan Silvert
f922164a88
Merge pull request #3471 from ssilvert/otp-low-res
...
KEYCLOAK-3816: Tweak CSS for 1280 x 720 display
2016-11-04 17:10:22 -04:00
Hynek Mlnarik
36257863db
KEYCLOAK-1881 Integration tests for key rotation in SAML IdP
2016-11-04 21:53:43 +01:00
Hynek Mlnarik
14f96fdb4b
KEYCLOAK-1881 Wildfly, AS7, EAP Adapters
2016-11-04 21:53:43 +01:00
Hynek Mlnarik
570d71c07b
KEYCLOAK-1881 Update client adapter configuration
...
Client adapter configuration was updated to support for customization
of HttpClient used for key retrieval similarly to OIDC. Further, it is
now possible to specify several static public keys for signature
verification in saml-client.xml.
2016-11-04 21:53:43 +01:00
Hynek Mlnarik
8ae1b1740d
KEYCLOAK-1881 Client installers
2016-11-04 21:53:43 +01:00
Hynek Mlnarik
4f9e35c0a1
KEYCLOAK-1881 Support for multiple certificates in broker (hardcoded at the moment)
2016-11-04 21:53:43 +01:00
Hynek Mlnarik
67bb9aef3d
KEYCLOAK-1881 Add switch to enable/disable generation of <Extensions>
...
Some SP clients might be confused by using a standard SAML protocol tag
<Extensions> which is used for signed REDIRECT binding messages to
specify signing key ID. To enable the interoperability, generation of
the tag is disabled by default and can be enabled for individual
clients.
2016-11-04 21:53:43 +01:00
Hynek Mlnarik
1ae268ec6f
KEYCLOAK-1881 Include key ID for REDIRECT and use it for validation
...
Contrary to POST binding, signature of SAML protocol message sent using
REDIRECT binding is contained in query parameters and not in the
message. This renders <dsig:KeyName> key ID hint unusable. This commit
adds <Extensions> element in SAML protocol message containing key ID so
that key ID is present in the SAML protocol message.
2016-11-04 21:53:43 +01:00
Hynek Mlnarik
10deac0b06
KEYCLOAK-1881 KeyLocator implementation for SAML descriptor
2016-11-04 21:53:43 +01:00
Hynek Mlnarik
057cc37b60
KEYCLOAK-1881 Clone OIDC adapter HttpClient tools to SAML adapter
...
and
KEYCLOAK-1881 Extract httpclient configuration from AdapterConfig
2016-11-04 21:53:43 +01:00
Hynek Mlnarik
70a8255eae
KEYCLOAK-1881 Basic key locator support
2016-11-04 21:53:43 +01:00
Hynek Mlnarik
d5c3bde0af
KEYCLOAK-1881 Make SAML descriptor endpoint return all certificates
2016-11-04 21:53:43 +01:00
Hynek Mlnarik
5d840500af
KEYCLOAK-1881 Include key ID in <ds:KeyInfo> in SAML assertions and protocol message
...
Changes of SAML assertion creation/parsing that are required to allow
for validation of rotating realm key: signed SAML assertions and signed
SAML protocol message now contain signing key ID in XML <dsig:KeyName>
element.
2016-11-04 21:53:43 +01:00
Hynek Mlnarik
904a5c3ca5
KEYCLOAK-3864 Add support for SAML2 <Extensions> element in protocol messages
2016-11-04 21:53:43 +01:00
Stan Silvert
66698f60d4
KEYCLOAK-3816: Tweak CSS for 1280 x 720 display
2016-11-04 15:32:19 -04:00
sebastien blanc
6c18b300a4
add integration test
2016-11-04 07:39:22 +01:00
Stian Thorgersen
6baf9b89fe
Merge pull request #3467 from abstractj/KEYCLOAK-3580
...
[KEYCLOAK-3580] - Migrate DBus Java from Unix Socket C library to jnr-unixsocket
2016-11-04 05:57:02 +01:00
mhajas
fd5f7eb165
KEYCLOAK-3853 Fix keyRotation adapter test
2016-11-03 16:04:31 +01:00
sebastien blanc
76c37de1e8
KEYCLOAK-3545: Send 401 if no kc configuration in EAP6/AS7
2016-11-03 15:39:02 +01:00
Pavel Drozd
c3f3c5c6a5
Merge pull request #3453 from vramik/KEYCLOAK-2957
...
KEYCLOAK-2957 test
2016-11-03 15:26:14 +01:00
Pavel Drozd
f2b28d8215
Merge pull request #3456 from vramik/KEYCLOAK-3579
...
KEYCLOAK-3579 add preview profile assumption to tests
2016-11-03 15:25:17 +01:00
Pavel Drozd
672f5d879b
Merge pull request #3465 from mhajas/KEYCLOAK-3854
...
KEYCLOAK-3854 KEYCLOAK-3579 Move EnfrocerConfigTest out from adapter tests
2016-11-03 15:23:39 +01:00
Pavel Drozd
20a6795f74
Merge pull request #3458 from tkyjovsk/KEYCLOAK-3849
...
KEYCLOAK-3849 Add ability to select keycloak profile in testsuite
2016-11-03 15:21:22 +01:00
Pavel Drozd
c1ef4067bc
Merge pull request #3459 from mhajas/KEYCLOAK-3850
...
KEYCLOAK-3850 Fix test-apps-dist zip file name
2016-11-03 15:18:11 +01:00
Pavel Drozd
c1fb71c031
Merge pull request #3463 from mhajas/KEYCLOAK-3841
...
KEYCLOAK-3841 Remove missing dependency
2016-11-03 15:15:57 +01:00
Pavel Drozd
136f3bc5f9
Merge pull request #3457 from mhajas/KEYCLOAK-3728
...
KEYCLOAK-3728 Test for turned off script based authenticators
2016-11-03 15:15:32 +01:00
Stian Thorgersen
2052a0dff1
Fix
2016-11-03 14:37:07 +01:00
sebastien blanc
ee8c986e8e
add integration test
2016-11-03 14:30:42 +01:00
Bruno Oliveira
6c5d1b9214
[KEYCLOAK-3580] - Migrate DBus Java from Unix Socket C library to jnr-unixsocket
2016-11-03 10:25:45 -02:00
Pedro Igor
97be09a3bc
Merge pull request #3462 from pedroigor/KEYCLOAK-3704
...
[KEYCLOAK-3704] - Owner validation and removal
2016-11-03 09:20:16 -02:00
mhajas
6605ba1362
KEYCLOAK-3854 Move EnfrocerConfigTest out from adapter tests
2016-11-03 09:43:49 +01:00
Stian Thorgersen
ac18b6c71e
KEYCLOAK-3692
2016-11-03 08:33:56 +01:00
mhajas
d9069e0955
KEYCLOAK-3841 Remove missing dependency
2016-11-03 08:27:13 +01:00
Stan Silvert
3f98f23422
Merge pull request #3460 from ssilvert/otp-low-res
...
KEYCLOAK-3816: Broken OTP setup with smaller resolutions
2016-11-02 20:25:19 -04:00
Pedro Igor
706c1e2660
[KEYCLOAK-3704] - Registering UserSinchronizer to remove resources when the owner is removed
2016-11-02 21:40:58 -02:00
Pedro Igor
95d2130405
[KEYCLOAK-3704] - Checkign if owner is a valid user
2016-11-02 21:01:24 -02:00