keycloak-scim

Author	SHA1	Message	Date
Некрасов Александр Сергеевич	5474496867	KEYCLOAK-3089 Change email subject encoding to utf-8/base64	2016-06-07 09:11:46 +06:00
Bill Burke	b2d8c6bca2	Merge pull request #2418 from schmeedy/master Fix k_query_bearer_token endpoint in proxy	2016-06-05 11:20:08 -04:00
Bill Burke	4c9a0b45d4	Merge pull request #2229 from thomasdarimont/issue/KEYCLOAK-2489-script-based-authenticator-definitions KEYCLOAK-2489 - Add support for Script-based AuthenticationExecution definitions.	2016-06-05 11:12:05 -04:00
Bill Burke	b3f3449e39	Merge pull request #2810 from thomasdarimont/issue/KEYCLOAK-2974-handle-ModelException-in-UsersResource KEYCLOAK-2974: Handle ModelException in UsersResource	2016-06-05 11:06:32 -04:00
Bill Burke	a76a4730e3	Merge pull request #2884 from thomasdarimont/issue/KEYCLOAK-2891-link-to-oidc-endpoints-from-admin-console KEYCLOAK-2891: Add link to OpenID Endpoint Configuration to realm details page.	2016-06-05 11:06:11 -04:00
Bill Burke	dbeb3353f8	Merge pull request #2911 from thomasdarimont/issue/KEYCLOAK-3081-oidc-support-user-role-mapper KEYCLOAK-3081: Add client mappers to map user roles to token	2016-06-05 11:03:47 -04:00
Thomas Darimont	a2d1c8313d	KEYCLOAK-3081: Add client mapper to map user roles to token Introduced two new client protocol mappers to propagate assigned user client / realm roles to a JWT ID/Access Token. Each protocol mapper supports to use a prefix string that is prepended to each role name. The client role protocol mapper can specify from which client the roles should be considered. Composite Roles are resolved recursively. Background: Some OpenID Connect integrations like mod_auth_openidc don't support analyzing deeply nested or encoded structures. In those scenarios it is helpful to be able to define custom client protocol mappers that allow to propagate a users's roles as a flat structure (e.g. comma separated list) as a top-level (ID/Access) Token attribute that can easily be matched with a regex. In order to differentiate between client specific roles and realm roles it is possible to configure both separately to be able to use the same role names with different contexts rendered as separate token attributes.	2016-06-03 15:52:58 +02:00
Marek Posolda	193233899f	Merge pull request #2910 from mposolda/master KEYCLOAK-3074 AdminEventStoreProviderTest fixes	2016-06-03 11:33:22 +02:00
mposolda	c42b8f81e3	KEYCLOAK-3074 Change the TestingResourceProvider to always both firstResults and maxResults in JPA criteria query	2016-06-03 10:31:32 +02:00
mposolda	13bf36ce49	KEYCLOAK-3074 Change the signature of TestingResourceProvider.getAdminEvents to use String instead of java.util.Date	2016-06-03 10:31:24 +02:00
Stian Thorgersen	31eee347d4	Merge pull request #2895 from mhajas/fixMissingPOM KEYCLOAK-3051 Fix missing version in POM	2016-06-02 18:55:03 +02:00
Stian Thorgersen	c37f1c24ee	Merge pull request #2900 from tkyjovsk/performance-tests Updates to the performance tests.	2016-06-02 18:54:47 +02:00
Stian Thorgersen	fba78f3e2a	Merge pull request #2908 from mstruk/KEYCLOAK-2879-a KEYCLOAK-2879 UserResource	2016-06-02 18:53:53 +02:00
Marko Strukelj	ec258c6515	KEYCLOAK-2879 UserResource	2016-06-02 15:23:18 +02:00
Stian Thorgersen	087f84bfff	Merge pull request #2901 from mposolda/master KEYCLOAK-3065 Remove 'provider' from realmCache in keycloak-server.js…	2016-06-02 14:58:16 +02:00
Stian Thorgersen	733a51b1ea	Merge pull request #2903 from pedroigor/KEYCLOAK-3068 [KEYCLOAK-3068] - Setting XInclude to false	2016-06-02 07:59:17 +02:00
Stian Thorgersen	4141690857	Merge pull request #2905 from pedroigor/KEYCLOAK-3069 [KEYCLOAK-3069] - Adding back javax.xml.soap.api dependency	2016-06-02 07:58:35 +02:00
Pedro Igor	0ad86b3a53	[KEYCLOAK-3069] - Adding javax.xml.soap.api dependency	2016-06-01 16:57:06 -03:00
Pedro Igor	a39907de76	[KEYCLOAK-3068] - Setting XInclude to false	2016-06-01 16:43:02 -03:00
mposolda	fd2fc34386	KEYCLOAK-3065 Remove 'provider' from realmCache in keycloak-server.json to have 'enabled' switch working	2016-06-01 17:25:51 +02:00
Stian Thorgersen	93d3a0eb38	Merge pull request #2898 from stianst/master KEYCLOAK-3066	2016-06-01 16:30:06 +02:00
Tomas Kyjovsky	ef95510da4	Updates to the performance tests. Conflicts: testsuite/integration-arquillian/tests/other/adapters/jboss/remote/pom.xml testsuite/integration-arquillian/tests/other/clean-start/pom.xml	2016-06-01 16:06:51 +02:00
Stian Thorgersen	8fab2f0718	KEYCLOAK-3066 Uploaded Realm Certificate is not validated	2016-06-01 15:12:21 +02:00
mhajas	6da8ca70dc	Fix missing version in POM	2016-05-27 12:09:20 +02:00
Stian Thorgersen	2343e517c9	Merge pull request #2891 from pedroigor/KEYCLOAK-2894 [KEYCLOAK-2894] - Fixing saml signature validation	2016-05-26 16:57:13 +02:00
Pedro Igor	60f954a497	[KEYCLOAK-2894] - Fixing saml signature validation	2016-05-26 10:48:30 -03:00
Stian Thorgersen	af30142097	Merge pull request #2886 from ssilvert/migrate-events KEYCLOAK-2912 Migrate events package to new testsuite	2016-05-26 15:01:57 +02:00
Stian Thorgersen	c5e287b7b1	Merge pull request #2885 from fernandomora/fix-base-theme-login KEYCLOAK-3045 Fixes displaying message on login using base theme	2016-05-26 08:40:06 +02:00
Stian Thorgersen	c206ae13db	Merge pull request #2889 from mposolda/master Admin events fixes and more tests	2016-05-26 08:29:51 +02:00
mposolda	882dbc3f25	KEYCLOAK-3006 Fix admin event inconsistencies related to roles (points 1,3,4,15,16 from JIRA)	2016-05-25 23:18:01 +02:00
mposolda	022be3aee5	KEYCLOAK-3006 Fix admin event inconsistencies (points 2,5-14 from JIRA)	2016-05-25 23:17:47 +02:00
Thomas Darimont	5f73c338d8	KEYCLOAK-2947: Include group representation for GroupMembership changes in AdminEvents We now include the full group representation in AdminEvents for Group Membership changes. This enables EventListener to propagate potential role / attribute chnages based on the removal / addition of the group.	2016-05-25 23:17:35 +02:00
mposolda	f58936025f	KEYCLOAK-3003 Support for admin events in AuthenticationManagementResource	2016-05-25 23:17:24 +02:00
Stan Silvert	1042a22cf7	KEYCLOAK-2912 Migrate events package to new testsuite	2016-05-25 15:22:17 -04:00
Fernando Mora	5148e69006	Fixes displaying message on login using base theme Using base theme produces an error when login page tries to display a message. The following properties that are not defined in base theme (only in keycloak theme) are being called without default_value operator "!" * Steps to Reproduce: 1. Set `base` theme as `Login Theme` 2. Sign out 3. Try to sign in using and invalid username/password * Expected behaviour: * Message `Invalid username or password.`is shown * Actual behavior: * Bank page is shown and following stackatrace in logs: ``` 15:58:19,575 ERROR [freemarker.runtime] (default task-9) Error executing FreeMarker template: freemarker.core.InvalidReferenceException: The following has evaluated to null or missing: ==> properties.kcFeedbackErrorIcon [in template "template.ftl" at line 67, column 76] ---- Tip: It's the step after the last dot that caused this error, not those before it. ---- Tip: If the failing expression is known to be legally refer to something that's sometimes null or missing, either specify a default value like myOptionalVar!myDefault, or use <#if myOptionalVar??>when-present<#else>when-missing</#if>. (These only cover the last step of the expression; to cover the whole expression, use parenthesis: (myOptionalVar.foo)!myDefault, (myOptionalVar.foo)?? ---- ---- FTL stack trace ("~" means nesting-related): - Failed at: ${properties.kcFeedbackErrorIcon} [in template "template.ftl" in macro "registrationLayout" at line 67, column 74] - Reached through: @layout.registrationLayout displayInf... [in template "login.ftl" at line 2, column 1] ---- at freemarker.core.InvalidReferenceException.getInstance(InvalidReferenceException.java:131) at freemarker.core.EvalUtil.coerceModelToString(EvalUtil.java:355) at freemarker.core.Expression.evalAndCoerceToString(Expression.java:82) at freemarker.core.DollarVariable.accept(DollarVariable.java:41) at freemarker.core.Environment.visit(Environment.java:324) at freemarker.core.MixedContent.accept(MixedContent.java:54) at freemarker.core.Environment.visitByHiddingParent(Environment.java:345) at freemarker.core.ConditionalBlock.accept(ConditionalBlock.java:48) at freemarker.core.Environment.visit(Environment.java:324) at freemarker.core.MixedContent.accept(MixedContent.java:54) at freemarker.core.Environment.visitByHiddingParent(Environment.java:345) at freemarker.core.ConditionalBlock.accept(ConditionalBlock.java:48) at freemarker.core.Environment.visit(Environment.java:324) at freemarker.core.MixedContent.accept(MixedContent.java:54) at freemarker.core.Environment.visit(Environment.java:324) at freemarker.core.Macro$Context.runMacro(Macro.java:184) at freemarker.core.Environment.invoke(Environment.java:701) at freemarker.core.UnifiedCall.accept(UnifiedCall.java:84) at freemarker.core.Environment.visit(Environment.java:324) at freemarker.core.MixedContent.accept(MixedContent.java:54) at freemarker.core.Environment.visit(Environment.java:324) at freemarker.core.Environment.process(Environment.java:302) at freemarker.template.Template.process(Template.java:325) at org.keycloak.theme.FreeMarkerUtil.processTemplate(FreeMarkerUtil.java:61) at org.keycloak.forms.login.freemarker.FreeMarkerLoginFormsProvider.createResponse(FreeMarkerLoginFormsProvider.java:314) at org.keycloak.forms.login.freemarker.FreeMarkerLoginFormsProvider.createLogin(FreeMarkerLoginFormsProvider.java:431) at org.keycloak.authentication.authenticators.browser.AbstractUsernameFormAuthenticator.invalidUser(AbstractUsernameFormAuthenticator.java:58) at org.keycloak.authentication.authenticators.browser.AbstractUsernameFormAuthenticator.invalidUser(AbstractUsernameFormAuthenticator.java:87) at org.keycloak.authentication.authenticators.browser.AbstractUsernameFormAuthenticator.validateUserAndPassword(AbstractUsernameFormAuthenticator.java:141) at org.keycloak.authentication.authenticators.browser.UsernamePasswordForm.validateForm(UsernamePasswordForm.java:56) at org.keycloak.authentication.authenticators.browser.UsernamePasswordForm.action(UsernamePasswordForm.java:49) at org.keycloak.authentication.DefaultAuthenticationFlow.processAction(DefaultAuthenticationFlow.java:84) at org.keycloak.authentication.DefaultAuthenticationFlow.processAction(DefaultAuthenticationFlow.java:75) at org.keycloak.authentication.AuthenticationProcessor.authenticationAction(AuthenticationProcessor.java:756) at org.keycloak.services.resources.LoginActionsService.processFlow(LoginActionsService.java:359) at org.keycloak.services.resources.LoginActionsService.processAuthentication(LoginActionsService.java:341) at org.keycloak.services.resources.LoginActionsService.authenticateForm(LoginActionsService.java:386) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:498) at org.jboss.resteasy.core.MethodInjectorImpl.invoke(MethodInjectorImpl.java:139) at org.jboss.resteasy.core.ResourceMethodInvoker.invokeOnTarget(ResourceMethodInvoker.java:295) at org.jboss.resteasy.core.ResourceMethodInvoker.invoke(ResourceMethodInvoker.java:249) at org.jboss.resteasy.core.ResourceLocatorInvoker.invokeOnTargetObject(ResourceLocatorInvoker.java:138) at org.jboss.resteasy.core.ResourceLocatorInvoker.invoke(ResourceLocatorInvoker.java:101) at org.jboss.resteasy.core.SynchronousDispatcher.invoke(SynchronousDispatcher.java:395) at org.jboss.resteasy.core.SynchronousDispatcher.invoke(SynchronousDispatcher.java:202) at org.jboss.resteasy.plugins.server.servlet.ServletContainerDispatcher.service(ServletContainerDispatcher.java:221) at org.jboss.resteasy.plugins.server.servlet.HttpServletDispatcher.service(HttpServletDispatcher.java:56) at org.jboss.resteasy.plugins.server.servlet.HttpServletDispatcher.service(HttpServletDispatcher.java:51) at javax.servlet.http.HttpServlet.service(HttpServlet.java:790) at io.undertow.servlet.handlers.ServletHandler.handleRequest(ServletHandler.java:85) at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:129) at org.keycloak.services.filters.KeycloakSessionServletFilter.doFilter(KeycloakSessionServletFilter.java:88) at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:60) at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131) at io.undertow.servlet.handlers.FilterHandler.handleRequest(FilterHandler.java:84) at io.undertow.servlet.handlers.security.ServletSecurityRoleHandler.handleRequest(ServletSecurityRoleHandler.java:62) at io.undertow.servlet.handlers.ServletDispatchingHandler.handleRequest(ServletDispatchingHandler.java:36) at org.wildfly.extension.undertow.security.SecurityContextAssociationHandler.handleRequest(SecurityContextAssociationHandler.java:78) at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) at io.undertow.servlet.handlers.security.SSLInformationAssociationHandler.handleRequest(SSLInformationAssociationHandler.java:131) at io.undertow.servlet.handlers.security.ServletAuthenticationCallHandler.handleRequest(ServletAuthenticationCallHandler.java:57) at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) at io.undertow.security.handlers.AbstractConfidentialityHandler.handleRequest(AbstractConfidentialityHandler.java:46) at io.undertow.servlet.handlers.security.ServletConfidentialityConstraintHandler.handleRequest(ServletConfidentialityConstraintHandler.java:64) at io.undertow.security.handlers.AuthenticationMechanismsHandler.handleRequest(AuthenticationMechanismsHandler.java:60) at io.undertow.servlet.handlers.security.CachedAuthenticatedSessionHandler.handleRequest(CachedAuthenticatedSessionHandler.java:77) at io.undertow.security.handlers.NotificationReceiverHandler.handleRequest(NotificationReceiverHandler.java:50) at io.undertow.security.handlers.AbstractSecurityContextAssociationHandler.handleRequest(AbstractSecurityContextAssociationHandler.java:43) at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) at org.wildfly.extension.undertow.security.jacc.JACCContextIdHandler.handleRequest(JACCContextIdHandler.java:61) at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) at io.undertow.servlet.handlers.ServletInitialHandler.handleFirstRequest(ServletInitialHandler.java:284) at io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(ServletInitialHandler.java:263) at io.undertow.servlet.handlers.ServletInitialHandler.access$000(ServletInitialHandler.java:81) at io.undertow.servlet.handlers.ServletInitialHandler$1.handleRequest(ServletInitialHandler.java:174) at io.undertow.server.Connectors.executeRootHandler(Connectors.java:202) at io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:793) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) at java.lang.Thread.run(Thread.java:745) ```	2016-05-25 18:38:11 +02:00
Thomas Darimont	08320890b1	KEYCLOAK-2891: Add link to OpenID Endpoint Configuration to realm details page We now show a link to the OIDC Endpoints configuration in the realm details page. This makes it easier for users to find the OIDC endpoints.	2016-05-25 14:26:44 +02:00
Stian Thorgersen	5ed09acd94	Merge pull request #2881 from stianst/KEYCLOAK-3034 KEYCLOAK-3034 NullPointerException when log in via Twitter	2016-05-25 13:44:05 +02:00
Stian Thorgersen	4728729302	Merge pull request #2882 from stianst/master KEYCLOAK-3029	2016-05-25 08:56:25 +02:00
Stian Thorgersen	d016ea4116	KEYCLOAK-3029	2016-05-25 08:55:45 +02:00
Stian Thorgersen	fa3a2aafec	KEYCLOAK-3034 NullPointerException when log in via Twitter	2016-05-25 08:10:55 +02:00
Stian Thorgersen	d85f9cb4e2	Merge pull request #2858 from thomasdarimont/issue/KEYCLOAK-3021-add-realm-display-name-to-otpauth-uri-label KEYCLOAK-3021: Add Realm Display Name to the label part of the otpauth URI	2016-05-25 07:29:14 +02:00
Stian Thorgersen	9edec8e4a6	Merge pull request #2875 from abstractj/KEYCLOAK-3023 OAuthRedirectUriTest.testLocalhost fails on wildfly	2016-05-25 07:25:22 +02:00
Stian Thorgersen	f12c54387c	Merge pull request #2873 from vramik/KEYCLOAK-3024 KEYCLOAK-3024 support for smoke test - clean start domain mode	2016-05-25 07:24:14 +02:00
Stian Thorgersen	d51a2cde2f	Merge pull request #2859 from ssilvert/migrate-i18n KEYCLOAK-2913 Migrate i18n package to new testsuite	2016-05-25 07:22:54 +02:00
Stian Thorgersen	39d2c3ad81	Merge pull request #2878 from stianst/master KEYCLOAK-3020 Fix migration docs	2016-05-25 06:51:26 +02:00
Stian Thorgersen	6ee11a94b4	KEYCLOAK-3020 Fix migration docs	2016-05-25 06:50:52 +02:00
Bruno Oliveira	b2850ec1d5	OAuthRedirectUriTest.testLocalhost fails on wildfly	2016-05-24 07:24:36 -03:00
Stan Silvert	8d56ab90ba	KEYCLOAK-2913 Switch to use xpath for finding links instead of adding an id.	2016-05-23 09:23:01 -04:00
Stian Thorgersen	3e4f5f40dc	Merge pull request #2871 from stianst/KEYCLOAK-3008 KEYCLOAK-3008 Upload Realm Keys doesn't work	2016-05-23 14:01:22 +02:00
Stian Thorgersen	097c49149c	Merge pull request #2867 from stianst/KEYCLOAK-3020 KEYCLOAK-3020	2016-05-23 13:59:13 +02:00

1 2 3 4 5 ...

6873 commits