Takashi Norimatsu
355a5d65fb
KEYCLOAK-18052 Client Policies : Revise SecureRequestObjectExecutor to have an option for checking nbf claim
2021-05-11 14:29:33 +02:00
rmartinc
2539bd9ed3
[KEYCLOAK-17903] idp metadata describing one entity MUST have EntityDescriptor root element
2021-05-11 13:02:13 +02:00
Takashi Norimatsu
5dced05591
KEYCLOAK-18050 Client Policies : Rename "secure-redirecturi-enforce-executor" to indicate what this executor does
2021-05-11 07:42:18 +02:00
Takashi Norimatsu
b4e4e75743
KEYCLOAK-17928 Determine public client based on token_endpoint_auth_method during OIDC dynamic client registration
2021-05-10 08:24:18 +02:00
Takashi Norimatsu
624d300a55
KEYCLOAK-17938 Not possible to create client in the admin console when client policy with "secure-redirecturi-enforce-executor" condition is used
2021-05-07 17:52:09 +02:00
Takashi Norimatsu
b38b1eb782
KEYCLOAK-17895 SecureSigningAlgorithmEnforceExecutor: Ability to auto-configure default algorithm
2021-05-07 12:37:39 +02:00
Takashi Norimatsu
faab3183e0
KEYCLOAK-18034 Enforce SecureSigningAlgorithmForSignedJwtEnforceExecutor to private-key-jwt clients regardless their option
2021-05-07 12:26:46 +02:00
keycloak-bot
4b44f7d566
Set version to 14.0.0-SNAPSHOT
2021-05-06 14:55:01 +02:00
Hynek Mlnarik
6d97a573e6
KEYCLOAK-17696 Make MapStorageFactory amphibian
2021-05-06 11:38:41 +02:00
Takashi Norimatsu
0a4fdc64f3
KEYCLOAK-17929 SecureSigningAlgorithmForSignedJwtEnforceExecutor polishing for FAPI
2021-05-06 08:41:05 +02:00
Takashi Norimatsu
b78d151a23
KEYCLOAK-16808 Client Policy : Implement existing ConsentRequiredClientRegistrationPolicy as Client Policies' executor
...
Co-authored-by: Andrii Murashkin <amu@adorsys.com.ua>
2021-05-06 08:36:34 +02:00
Sam Dammers
e73c6103cf
KEYCLOAK-17888 This reverts [KEYCLOAK-14299] - Do not create keys during startup but on-demand
...
Restoring the original realm key provisioning process due to undesirable behaviour when using
on demand provisoning under load (duplicate keys created).
2021-05-05 08:43:44 -03:00
Václav Muzikář
57fca2a34f
KEYCLOAK-15170 Reset password link is not invalidated if email address is changed
2021-05-05 08:45:47 +02:00
Christoph Leistert
61bdc92ad9
KEYCLOAK-17387: 403 response on localization endpoint for cross realm users
...
- add ForbiddenPage class for the assertion at the selenium test
- add assertion to selenium test
- GET requests for localization texts require at least one role for the realm
- Make GET requests for localization texts public, to display the admin UI correctly, even if the role view-realm is missing
2021-05-03 13:29:11 -03:00
Hynek Mlnarik
96501760e0
KEYCLOAK-17501 Add support for map storage in WildFly
2021-05-03 16:00:30 +02:00
Hynek Mlnarik
32fb45eb5b
KEYCLOAK-17774 Implement equals method for work cache events
...
Co-Authored-By: stianst <stianst@gmail.com>
Co-Authored-By: Michal Hajas <mhajas@redhat.com>
2021-05-03 10:47:15 +02:00
Václav Muzikář
5a33ec2244
disabledReason as read-only attribute, AuthenticatorUtils
2021-05-03 09:39:34 +02:00
Václav Muzikář
315b9e3c29
KEYCLOAK-17835 Account Permanent Lockout and login error messages
2021-05-03 09:39:34 +02:00
Christoph Leistert
b75648bda2
KEYCLOAK-17284 Evaluate ID-Token and UserInfo-Endpoint:
...
- add additional REST endpoints for evaluation:
- for ID Token: GET /realm/clients/id/evaluate-scopes/generate-example-id-token
- for UserInfo-Endpoint: GET /realm/clients/id/evaluate-scopes/generate-example-userinfo
- extend UI: add additional tabs "Generated ID Token" and "Generated User Info" to the client scopes evaluation screen
Co-authored-by: Daniel Fesenmeyer <daniel.fesenmeyer@bosch.io>
2021-04-29 16:45:30 +02:00
Takashi Norimatsu
65c48a4183
KEYCLOAK-12137 OpenID Connect Client Initiated Backchannel Authentication (CIBA) ( #7679 )
...
* KEYCLOAK-12137 OpenID Connect Client Initiated Backchannel Authentication (CIBA)
Co-authored-by: Andrii Murashkin <amu@adorsys.com.ua>
Co-authored-by: Christophe Lannoy <c4r1570p4e@gmail.com>
Co-authored-by: Pedro Igor <pigor.craveiro@gmail.com>
Co-authored-by: mposolda <mposolda@gmail.com>
2021-04-29 15:56:39 +02:00
vramik
162043beec
KEYCLOAK-17615 Move database initialization from KeycloakApplication to JpaConnectionProviderFactory
2021-04-28 13:43:48 +02:00
Martin Kanis
515bfb5064
KEYCLOAK-16378 User / client session map store
...
Co-authored-by: Martin Kanis <mkanis@redhat.com>
Co-authored-by: Hynek Mlnarik <hmlnarik@redhat.com>
2021-04-28 09:09:15 +02:00
Ayat Bouchouareb
8255cba930
KEYCLOAK-17612- Invalid SAML Response : Invalid Destination
2021-04-26 11:15:28 +02:00
bohmber
455e93856c
KEYCLOAK-17829
...
Unnessary calls to session.users().getUserById in DefaultBruteForceProtector
2021-04-23 13:44:34 +02:00
Takashi Norimatsu
190b60c5cd
KEYCLOAK-17827 Client Policy - Condition : Client - Client Host : Removing Option
2021-04-21 15:16:00 +02:00
i7a7467
ada7f37430
KEYCLOAK-16918 Set custom user attribute to Name ID Format for a SAML client
...
https://issues.redhat.com/browse/KEYCLOAK-16918
Co-authored-by: Michal Hajas <mhajas@redhat.com>
2021-04-20 10:29:17 +02:00
Michal Hajas
1e2db74d86
KEYCLOAK-16932 Authorization map storage
2021-04-16 17:26:16 +02:00
AlistairDoswald
8b3e77bf81
KEYCLOAK-9992 Support for ARTIFACT binding in server to client communication
...
Co-authored-by: AlistairDoswald <alistair.doswald@elca.ch>
Co-authored-by: harture <harture414@gmail.com>
Co-authored-by: Michal Hajas <mhajas@redhat.com>
2021-04-16 12:15:59 +02:00
Michal Hajas
64ccbda5d5
KEYCLOAK-17323 Compute token expiration using Time.currentTime() instead of userSession.getStarted()
2021-04-14 12:58:45 +02:00
Martin Bartoš
5a9068e732
KEYCLOAK-16401 Deny/Allow access in a conditional context
2021-04-09 12:04:45 +02:00
Michito Okai
d9ebbe4958
KEYCLOAK-17202 Restrict Issuance of Refresh tokens to specific clients
2021-04-08 11:51:25 +02:00
Takashi Norimatsu
8b0b657a8f
KEYCLOAK-17682 Client Policy - Executor : remove inner config class for executor without any config
2021-04-08 09:22:16 +02:00
Takashi Norimatsu
3221708499
KEYCLOAK-17667 Client Policy - Executor : Only Accept Confidential Client
2021-04-08 09:17:10 +02:00
Takashi Norimatsu
e9035bb7b3
KEYCLOAK-17681 Client Policy - Executor : Limiting available period of Request Object with its configuration
2021-04-08 09:12:20 +02:00
Daniel Fesenmeyer
a48d04bfe0
KEYCLOAK-16082 save attributes when role is created (with REST POST request)
...
- add missing mapping code to RoleContainerResource#createRole
- extend ClientRolesTest and RealmRolesTest to check that now the attributes are saved when a role is created
- remove no longer needed code which updated roles because attributes were not saved on creation
2021-04-07 14:08:49 -03:00
Takashi Norimatsu
7b227ae47c
KEYCLOAK-17666 Client Policy - Executor : Limiting available period of Request Object
2021-04-07 08:36:26 +02:00
Takashi Norimatsu
42dec08f3c
KEYCLOAK-16805 Client Policy : Support New Admin REST API (Implementation) ( #7780 )
...
* KEYCLOAK-16805 Client Policy : Support New Admin REST API (Implementation)
* support tests using auth-server-quarkus
* Configuration changes for ClientPolicyExecutorProvider
* Change VALUE of table REALM_ATTRIBUTES to NCLOB
* add author tag
* incorporate all review comments
Co-authored-by: mposolda <mposolda@gmail.com>
2021-04-06 16:31:10 +02:00
Stan Silvert
ca49840266
KEYCLOAK-17610: WhoAMI doesn't support CORS
2021-03-31 18:51:39 +02:00
vramik
185075d373
KEYCLOAK-14552 Realm Map Store
2021-03-31 15:49:03 +02:00
Konstantinos Georgilakis
ec5c256562
KEYCLOAK-5657 Support for transient NameIDPolicy and AllowCreate in SAML IdP
2021-03-31 14:45:39 +02:00
rmartinc
0a0caa07d6
KEYCLOAK-17215 Slowness issue while hitting /auth/admin/realms/$REALM/clients?viewableOnly=true after DELETE a role
2021-03-31 12:57:17 +02:00
vramik
c3b9c66941
KEYCLOAK-17460 invalidate client when assigning scope
2021-03-30 10:58:16 +02:00
sma1212
e10f3b3672
[KEYCLOAK-17484] OIDC Conformance - Authorization response with Hybrid flow does not contain token_type ( #7872 )
...
* [KEYCLOAK-17484] fix oidc conformance for hybrid-flow
* [KEYCLOAK-17484] add TokenType & ExpiresIn to OAuth2Constants
* [KEYCLOAK-17484] add request validation for oidc-flows automated tests
2021-03-30 08:59:30 +02:00
devopsix
590ee1b1a2
KEYCLOAK-15459 Fix serialization of locale in admin console's “whoami” ( #7397 )
...
call.
2021-03-29 18:37:26 -04:00
Alexandros Trifyllis
a60cb65252
KEYCLOAK-17444 Enlist the EventListenerTransaction with the Keycloak Transaction Manager
2021-03-26 12:47:15 +01:00
Thomas Darimont
7ec6a54e22
KEYCLOAK-17581 Prevent empty group names
...
Create / Update operations in `GroupResource ` and `GroupsResource#addTopLevelGroup`
did not validate the given group name. This allowed the creation of groups with empty names.
We now prevent the creation of groups with empty names.
2021-03-25 19:10:38 -03:00
Hynek Mlnarik
a36fafe04e
KEYCLOAK-17409 Support for amphibian (both component and standalone) provider
2021-03-25 13:28:20 +01:00
Xiangjiaox
ca81e6ae8c
KEYCLOAK-15015 Extend KeyWrapper to add whole certificate chain in x5c parameter ( #7643 )
...
* [KEYCLOAK-15015] - Publishing the x5c for JWK
Co-authored-by: Vetle Bergstad <vetle.bergstad@evry.com>
Co-authored-by: Pedro Igor <pigor.craveiro@gmail.com>
2021-03-23 08:37:50 -03:00
cgeorgilakis
18afdea392
KEYCLOAK-16048 SAML Client import - add md:RequestedAttribute as "User Attribute" ProtocolMapper
2021-03-22 21:55:32 +01:00
mposolda
853a6d7327
KEYCLOAK-17000 Adding server tmp directory inside the auth-server home directory
2021-03-17 10:06:48 +01:00
Andrew Elwell
c76ca4ad13
Correct "doesn't exists" typos - fixes KEYCLOAK-14986 ( #7316 )
...
* Correct "doesn't exists" typos
* Revert changes to imported package
Co-authored-by: Stian Thorgersen <stianst@gmail.com>
2021-03-16 11:52:36 +01:00
Yang Xie
db30b470c4
KEYCLOAK-17342 Make the default value of default signature algorithm show up in the admin console
2021-03-16 09:15:22 +01:00
Michito Okai
298ab0bc3e
KEYCLOAK-7675 Support for Device Authorization Grant
2021-03-15 10:09:20 -03:00
Łukasz Dywicki
f58bf0deeb
Make sure additional params are passed between device request and user authnetication.
2021-03-15 10:09:20 -03:00
Hiroyuki Wada
5edf14944e
KEYCLOAK-7675 SPI and default implementation for Device User Code.
...
Author: Hiroyuki Wada <h2-wada@nri.co.jp>
Date: Sun May 12 15:47:15 2019 +0900
Signed-off-by: Łukasz Dywicki <luke@code-house.org>
2021-03-15 10:09:20 -03:00
Hiroyuki Wada
9d57b88dba
KEYCLOAK-7675 Prototype Implementation of Device Authorization Grant.
...
Author: Hiroyuki Wada <h2-wada@nri.co.jp>
Date: Thu May 2 00:22:24 2019 +0900
Signed-off-by: Łukasz Dywicki <luke@code-house.org>
2021-03-15 10:09:20 -03:00
Hynek Mlnarik
4946484cb6
KEYCLOAK-17377 Fix invalidation cluster tests (do not hide failures)
2021-03-11 16:14:59 +01:00
Yang Xie
2605eddbe7
KEYCLOAK-17300 Add a method to check if the token revocation request has duplicate parameters
2021-03-09 18:27:38 +01:00
vramik
6e501946b1
KEYCLOAK-17021 Client Scope map store
2021-03-08 21:59:28 +01:00
Michal Hajas
fc29a39e5a
KEYCLOAK-16592 Do not require destination with SOAP binding
2021-03-05 19:52:00 +01:00
Douglas Palmer
852593310f
[KEYCLOAK-14913] GitLab Identity Provider shouldn't request for 'api' scope
2021-03-05 14:23:34 +01:00
mposolda
99c1ee7f5a
KEYCLOAK-16793 KEYCLOAK-16948 Cors on error responses for logoutEndpoint and tokenEndpoint
2021-03-05 14:14:53 +01:00
Pedro Igor
6c7f66d30c
[KEYCLOAK-17174] - Fxing not passing referrer param when reaching the account console ( #7818 )
2021-03-04 09:00:10 -05:00
Blake Smith
b122f31d2c
KEYCLOAK-17257 Fix NPEs when user storage doesn't implement the CredentialInputValidator interface
2021-03-04 09:49:12 +01:00
Denis
23bfaef4bb
KEYCLOAK-15535 Account Log of user login with realm not available details when update profile
2021-03-04 08:06:36 +01:00
Yang Xie
78754d1127
KEYCLOAK-17259 Add a method to check if the introspection request has duplicate parameters
2021-03-03 16:23:27 +01:00
Pedro Igor
2796f62899
[KEYCLOAK-17174] - New admin console using wrong base URI for redirection ( #7794 )
2021-03-03 10:15:24 -05:00
Takashi Norimatsu
882f5ffea4
KEYCLOAK-15533 Client Policy : Extends Policy Interface to Migrate Client Registration Policies
...
Co-authored-by: Hryhorii Hevorkian <hhe@adorsys.com.ua>
Co-authored-by: Andrii Murashkin <amu@adorsys.com.ua>
2021-03-02 09:26:04 +01:00
i7a7467
b83064b142
KEYCLOAK-16679 Add algorithm settings for client assertion signature in OIDC identity broker
2021-03-01 18:11:25 +01:00
Takashi Norimatsu
c4bf8ecdf0
KEYCLOAK-16880 Client Policy - Condition : Negative Logic Support
2021-03-01 14:27:39 +01:00
mposolda
41dc94fead
KEYCLOAK-14483 Broker state param fix
2021-02-24 19:07:58 -03:00
mposolda
6f409d088a
KEYCLOAK-15239 Reset Password Success Message not shown when Kerberos is Enabled
2021-02-23 16:15:50 -03:00
Pedro Igor
dbc6514bfc
[KEYCLOAK-17206] - Avoid removing attributes when updating user and profile
2021-02-23 08:41:41 +01:00
Juan Manuel Rodriguez Alvarado
6255ebe6b5
[KEYCLOAK-16536] Implement Audit Events for Authorization Services requests
2021-02-22 17:28:59 -03:00
mposolda
ed8d5a257f
KEYCLOAK-16517 Make sure that just real clients with standardFlow or implicitFlow enabled are considered for redirectUri during logout
2021-02-22 14:30:32 +01:00
mposolda
0058011265
KEYCLOAK-16006 User should not be required to re-authenticate after revoking consent to an application
2021-02-22 14:29:42 +01:00
Pedro Igor
ffadbc3ba3
[KEYCLOAK-17173] - Support for script providers in keycloak.x
2021-02-22 10:12:36 -03:00
Pedro Igor
1dc0b005fe
[KEYCLOAK-17087] - X509 OCSP Validation Not Checking Intermediate CAs
2021-02-22 13:50:19 +01:00
Pedro Igor
9356843c6c
[KEYCLOAK-16521] - Fixing secret for non-confidential clients
2021-02-19 08:38:49 +01:00
Torsten Roemer
00ee6bb9fa
KEYCLOAK-14577 OIDCIdentityProvider incorrectly sets firstName and lastName in BrokeredIdentityContext
2021-02-18 19:50:27 +01:00
rmartinc
056b52fbbe
KEYCLOAK-16800 userinfo fails with 500 Internal Server Error for service account token
2021-02-18 19:37:52 +01:00
Pedro Igor
431f137c37
[KEYCLOAK-17123] - Avoid validation and updates for read-only attributes during updates
2021-02-17 17:57:46 +01:00
stefvdwel
8f719885fd
Fixed tests. Removed styling changes.
2021-02-17 09:40:19 -03:00
stefvdwel
11b0c23937
Reduced code duplication
2021-02-17 09:40:19 -03:00
stefvdwel
ee28be982f
Reduced code duplication
2021-02-17 09:40:19 -03:00
stefvdwel
c15361c129
Revert "Removed styling changes"
...
This reverts commit d64361c3
2021-02-17 09:40:19 -03:00
stefvdwel
1fa68c0a52
Removed styling changes
2021-02-17 09:40:19 -03:00
stefvdwel
b97f5eb128
Added PermissionTicket count test.
2021-02-17 09:40:19 -03:00
stefvdwel
5a500055f6
Added permission ticket /count endpoint. Todo: testing
2021-02-17 09:40:19 -03:00
mposolda
80bf0b6bad
KEYCLOAK-16708 Unexpected exceptions during client authentication
2021-02-12 18:27:54 +01:00
Pedro Igor
ca2a761d4b
[KEYCLOAK-16886] - Updating user account removes attributes
2021-02-12 12:01:50 -03:00
Michito Okai
33bb1fda38
KEYCLOAK-16931 Authorization Server Metadata of
...
introspection_endpoint_auth_methods_supported and
introspection_endpoint_auth_signing_alg_values_supported
2021-02-11 14:53:49 +01:00
Florian Apolloner
e7a3dc59ab
[KEYCLOAK-15440] Fixed PasswordForm usage with LDAP users.
2021-02-11 14:32:28 +01:00
mposolda
456cdc51f2
KEYCLOAK-15719 CORS headers missing on userinfo error response
2021-02-11 13:37:42 +01:00
diodfr
cb12fed96e
KEYCLOAK-4544 Detect existing user before granting user autolink
2021-02-11 11:06:49 +01:00
Pedro Igor
307e16391c
[KEYCLOAK-14947] - Removing unnecessary code
2021-02-10 11:35:38 -03:00
Pedro Igor
f6c3ec5d9e
[KEYCLOAK-14366] - Missing check for iss claim in JWT validation on Client Authentication (Token Endpoint)
2021-02-09 13:54:06 +01:00
mposolda
f4b5942c6c
KEYCLOAK-16755 ClearExpiredUserSessions optimization. Rely on infinispan expiration rather than Keycloak own background task.
2021-02-04 08:49:42 +01:00
Yang Xie
cffe24f815
KECLOAK-16009 Add a method to check if the token request has duplicate parameters
2021-02-03 16:10:41 +01:00
Florian Apolloner
eeec82dea3
KEYCLOAK-16656 Only set execution authenticator for form flows.
2021-01-29 17:19:15 +01:00
Martin Kanis
8432513daa
KEYCLOAK-16908 Refactor UserSessionPersisterProvider
2021-01-29 09:29:00 +01:00
Hynek Mlnarik
60e4bd622f
KEYCLOAK-16828 Fix HttpClient failures and close HttpResponses
2021-01-28 08:38:34 +01:00
rmartinc
f3a4991b6a
KEYCLOAK-15975 NPE in DefaultThemeManager.loadTheme() if theme directory is absent
2021-01-27 22:05:19 +01:00
mposolda
99a70267d9
KEYCLOAK-16801 Improve performance of ClearExpiredEvents background task
2021-01-27 09:57:46 +01:00
Cédric Couralet
8fcbf465d9
KEYCLOAK-16862 Avoid NPE on realm update with trace enabled
2021-01-26 13:32:15 +01:00
Davy Van Roy
eacc95b699
KEYCLOAK-15298
2021-01-21 22:51:05 +01:00
Martin Kanis
9f580e3ed8
KEYCLOAK-15695 Streamification cleanup
2021-01-20 14:39:53 +01:00
Takashi Norimatsu
bcf313f321
KEYCLOAK-16858 Client Policy - Improper retainAll operation in Client Scope Condition and other minor bugs
2021-01-20 09:10:21 +01:00
Michal Hajas
ba8e2fef6b
KEYCLOAK-15524 Cleanup user related interfaces
2021-01-18 16:56:10 +01:00
mposolda
dae4a3eaf2
KEYCLOAK-16468 Support for deny list of metadata attributes not updateable by account REST and admin REST
...
(cherry picked from commit 79db549c9d561b8d5efe3596370190c4da47e4e1)
(cherry picked from commit bf4401cddd5d3b0033820b1cb4904bd1c8b56db9)
2021-01-18 13:17:51 +01:00
mposolda
eac3329d22
KEYCLOAK-14019 Improvements for request_uri parameter
...
(cherry picked from commit da38b36297a5bd9890f7df031696b516268d6cff)
2021-01-18 13:05:09 +01:00
Pedro Igor
c631013031
[KEYCLOAK-16515] - Scope permissions not added to result if previous permission is granted
2021-01-14 17:08:05 +01:00
Albert-Jan Verhees
32319c727b
Removed representations as suggested
2021-01-13 16:23:31 +01:00
Albert-Jan Verhees
b0ac44cf7d
Applied PR suggestion: added resourceType and changed operation types
2021-01-13 16:23:31 +01:00
Albert-Jan Verhees
483e28bb02
[KEYCLOAK-14653] Changed operation type to UPDATE when updating client scopes in a client and added representation.
2021-01-13 16:23:31 +01:00
Thomas Darimont
42c47c1732
KEYCLOAK-16330 Expose ActionTokenLifespans in RealmBean to freemarker login themes
2021-01-12 21:11:10 +01:00
moritz.hilberg
70a20ef50d
KEYCLOAK-16566 Display Idp displayName if available
2021-01-12 20:56:18 +01:00
Luca Leonardo Scorcia
553514707e
KEYCLOAK-16428 Move certificate timestamp validation configuration to CertificateValidatorBuilder ( #7634 )
2021-01-12 20:52:34 +01:00
Takashi Norimatsu
5f445ec18e
KEYCLOAK-14200 Client Policy - Executor : Enforce Holder-of-Key Token
...
Co-authored-by: Hryhorii Hevorkian <hhe@adorsys.com.ua>
2021-01-12 11:21:41 +01:00
Takashi Norimatsu
f423c0dc51
KEYCLOAK-16249 Client Policy - Condition : Client - Any Client
2021-01-08 17:29:50 +01:00
vramik
1402d021de
KEYCLOAK-14846 Default roles processing
2021-01-08 13:55:48 +01:00
Takashi Norimatsu
05dfac75ca
KEYCLOAK-14202 Client Policy - Executor : Enforce secure signature algorithm for Signed JWT client authentication
...
Co-authored-by: Andrii Murashkin <amu@adorsys.com.ua>
2021-01-06 08:58:20 +01:00
Thomas Darimont
1a7600e356
KEYCLOAK-13923 Support PKCE for OIDC based Identity Providers ( #7381 )
...
* KEYCLOAK-13923 - Support PKCE for Identity Provider
We now support usage of PKCE for OIDC based Identity Providers.
* KEYCLOAK-13923 Warn if PKCE information cannot be found code-to-token request in OIDCIdentityProvider
* KEYCLOAK-13923 Pull up PKCE handling from OIDC to OAuth IdentityProvider infrastructure
* KEYCLOAK-13923 Adding test for PKCE support for OAuth Identity providers
* KEYCLOAK-13923 Use URI from KeycloakContext instead of HttpRequest
Co-authored-by: Pedro Igor <pigor.craveiro@gmail.com>
Co-authored-by: Pedro Igor <pigor.craveiro@gmail.com>
2021-01-05 10:59:59 -03:00
mposolda
d4a36d0d9c
KEYCLOAK-16350 invalid_scope error response should be displayed for openid-connect/auth
2021-01-05 12:55:53 +01:00
Sven-Torben Janus
4652fd4fcd
KEYCLOAK-16540 X.509 Authentication logs Exception when no client cert
...
When no client cert is present the variable clientCert is null. In this
case the log statement leads to a NPE which then gets logged as an
error.
2021-01-04 10:55:21 +01:00
Jiri Lunacek
d70de48ba9
KEYCLOAK-16605 add localpart username template transformer
2021-01-04 06:30:41 +01:00
keycloak-bot
75be33ccad
Set version to 13.0.0-SNAPSHOT
2020-12-16 17:31:55 +01:00
Stefan Guilhen
d6422e415c
[KEYCLOAK-16508] Complement methods for accessing user sessions with Stream variants
2020-12-15 19:52:31 +01:00
Takashi Norimatsu
edabbc9449
KEYCLOAK-14203 Client Policy - Executor : Enforce HTTPS URIs
2020-12-15 09:31:20 +01:00
Martin Bartoš
cfc035ee42
KEYCLOAK-15066 Internal Server error when calling random idp endpoint
2020-12-14 16:37:53 +01:00
Takashi Norimatsu
200b53ed1e
KEYCLOAK-14192 Client Policy - Condition : Author of a client - User Role
2020-12-14 15:37:05 +01:00
Luca Leonardo Scorcia
8b7806dbb1
KEYCLOAK-16519 Fix typo in regex
...
The regex has a typo that prevents correct splitting of parameter values containing multiple OIDs.
2020-12-12 21:28:08 +01:00
Michal Hajas
8e376aef51
KEYCLOAK-15847 Add MapUserProvider
2020-12-10 08:57:53 +01:00
Martin Kanis
3ddedc49f5
KEYCLOAK-11417 Internal server error on front channel logout with expired session
2020-12-09 14:45:04 +01:00
Thomas Riccardi
f45e187c35
Finish renaming 'application role' to 'client role' in help texts
2020-12-08 12:18:13 +01:00
Martin Bartoš
873a69305f
KEYCLOAK-15264 Import realm using directory provider twice with IGNORE_EXISTING will cause NPE for clientId
2020-12-08 11:28:07 +01:00
Hynek Mlnarik
8c0c542f09
KEYCLOAK-16489 Add ability to run model tests with LDAP
2020-12-07 20:54:06 +01:00
Martin Kanis
f6be378eca
KEYCLOAK-14556 Authentication session map store
2020-12-07 20:48:59 +01:00
Lukas Hanusovsky
7f916ad20c
KEYCLOAK-14231 - validate supported locales
2020-12-07 19:56:32 +01:00
Stefan Guilhen
edef93cd49
[KEYCLOAK-16232] Streamify the UserCredentialStore and UserCredentialManager interfaces
2020-12-07 19:48:35 +01:00
Stefan Guilhen
73d0bb34c4
[KEYCLOAK-16232] Replace usages of deprecated collection-based methods with the respective stream variants
2020-12-07 19:48:35 +01:00
vramik
bcfe985c24
KEYCLOAK-16543 fix compilation failure on keycloak-services
2020-12-04 13:01:22 +01:00
Ryoji
ea67033097
KEYCLOAK-16474 typo in javadoc sproxy_set_header -> proxy_set_header
2020-12-03 18:07:59 +01:00
Takashi Norimatsu
7da5a71314
KEYCLOAK-14191 Client Policy - Condition : Author of a client - User Group
2020-12-03 17:52:06 +01:00
Ian
be4c99dfe5
KEYCLOAK-15287 Ability to add custom claims to the AccessTokenResponse
2020-12-03 17:28:03 +01:00
Takashi Norimatsu
a51e0cc484
KEYCLOAK-14197 Client Policy - Condition : Client - Client Host
2020-12-02 09:05:42 +01:00
vramik
cd9e01af90
KEYCLOAK-16502 Migration of DELETE_ACCOUNT role
2020-12-01 13:10:20 +01:00
Luca Leonardo Scorcia
cb1060799e
KEYCLOAK-16429 Pass default boolean values as strings, as expected by the UI
2020-11-25 12:45:29 +01:00
zak905
4f330f4a57
KEYCLOAK-953: add allowing user to delete his own account feature
2020-11-24 15:50:07 +01:00
Václav Muzikář
e56bd9d8b8
KEYCLOAK-14547: Make New Account Console the default.
2020-11-23 20:56:05 +01:00