Commit graph

7962 commits

Author SHA1 Message Date
Stan Silvert
55556fc63c KEYCLOAK-3681: Delete top flow doesn't remove all subflows 2016-11-16 12:43:11 -05:00
Marek Posolda
989a701e95 Merge pull request #3498 from hmlnarik/KEYCLOAK-3734
KEYCLOAK-3734 Unify master changelog of DB2 and other databases
2016-11-14 21:18:27 +01:00
Marek Posolda
37c1c84e04 Merge pull request #3499 from abstractj/KEYCLOAK-3900
[KEYCLOAK-3900] - SSSD Provider: NullPointerException when SSSD is stopped
2016-11-14 21:16:19 +01:00
Pedro Igor
a2c54b03c8 Merge pull request #3500 from pedroigor/KEYCLOAK-3554-new
[KEYCLOAK-3554] - Properly handle dependencies between policies when importing settings
2016-11-14 18:10:37 -02:00
Pedro Igor
fb1cd9d27d [KEYCLOAK-3554] - Properly handle dependencies between policies when importing settings 2016-11-14 18:55:53 +00:00
Bruno Oliveira
b612415a88 [KEYCLOAK-3900] - SSSD Provider: NullPointerException when SSSD is stopped 2016-11-14 16:04:18 -02:00
Hynek Mlnarik
223041bc6b KEYCLOAK-3734 Unify master changelog of DB2 and other databases 2016-11-14 15:19:54 +01:00
Stian Thorgersen
6c64494620 Merge pull request #3493 from stianst/master
Try to fix Travis
2016-11-11 17:00:25 +01:00
Stian Thorgersen
c9e3fe9a92 Try to fix Travis 2016-11-11 17:00:11 +01:00
Pavel Drozd
1052c71124 Merge pull request #3488 from vramik/KEYCLOAK-3885
KEYCLOAK-3885 Add missing migration test for 2.3.0
2016-11-11 09:46:03 +01:00
Stian Thorgersen
a86b5988b5 Merge pull request #3484 from hmlnarik/KEYCLOAK-3658
KEYCLOAK-3658 Fixed typo in condition
2016-11-11 09:41:48 +01:00
Stian Thorgersen
088f0ea630 Merge pull request #3490 from stianst/KEYCLOAK-3086
[KEYCLOAK-3086] -  NPE when accessing Account with invalid clientId s…
2016-11-11 09:35:45 +01:00
Stian Thorgersen
08dbdeb57f Merge pull request #3489 from stianst/KEYCLOAK-3882
KEYCLOAK-3882 Split server-spi into server-spi and server-spi-private
2016-11-11 09:35:08 +01:00
Bruno Oliveira
675faee593 [KEYCLOAK-3086] - NPE when accessing Account with invalid clientId set as ?referrer, and additional referrer_uri set 2016-11-10 13:49:40 +01:00
Stian Thorgersen
7e33f4a7d1 KEYCLOAK-3882 Split server-spi into server-spi and server-spi-private 2016-11-10 13:28:42 +01:00
Vlasta Ramik
71c88a8dfc Add missing migration test for 2.3.0 2016-11-10 11:02:26 +01:00
Stian Thorgersen
52a4509ada Merge pull request #3483 from hmlnarik/KEYCLOAK-3870-keycloak-saml-xsd
KEYCLOAK-3870 Schema for keycloak-saml.xml
2016-11-10 08:20:24 +01:00
Stian Thorgersen
1ee6df412e Merge pull request #3482 from vramik/KEYCLOAK-2741
KEYCLOAK-2741 remove KEYCLOAK_REMEMBERME when user logs in without rememberme checked
2016-11-10 07:45:07 +01:00
Hynek Mlnarik
9c724b616d KEYCLOAK-3658 Fixed typo in condition 2016-11-09 11:27:33 +01:00
Hynek Mlnarik
025cf5ebaf KEYCLOAK-3870 Schema for keycloak-saml.xml
Updated schema schema for keycloak-saml.xml (added documentation, set
up enumeration instead of free string where applicable per documentation)
and updated existing keycloak-saml.xml files with schema reference.
2016-11-09 10:45:43 +01:00
Vlasta Ramik
6f1b8e1fee remove KEYCLOAK_REMEMBERME when user logs in without rememberme checked + tests 2016-11-09 10:33:46 +01:00
Pavel Drozd
c05057748f Merge pull request #3474 from vramik/KEYCLOAK-3489
KEYCLOAK-3489 migration tests - minor fix
2016-11-08 15:38:14 +01:00
Stian Thorgersen
de7006a048 Merge pull request #3473 from hmlnarik/KEYCLOAK-3215
KEYCLOAK-3215 Use RSA-OAEP for key encryption
2016-11-08 10:16:54 +01:00
Vlasta Ramik
2b6811a366 migration tests - minor fix 2016-11-08 09:48:15 +01:00
Pavel Drozd
10f9800327 Merge pull request #3469 from mhajas/KEYCLOAK-3853
KEYCLOAK-3853 Fix keyRotation adapter test
2016-11-08 08:34:11 +01:00
Stian Thorgersen
292777259e Merge pull request #3472 from hmlnarik/KEYCLOAK-1881-saml-key-rotation
Keycloak 1881 - SAML key/cert rotation for IdP
2016-11-08 07:56:25 +01:00
Hynek Mlnarik
01c42f9359 KEYCLOAK-3215 Use RSA-OAEP for key encryption 2016-11-08 07:44:59 +01:00
Stian Thorgersen
ef48594d85 Merge pull request #3470 from sebastienblanc/KEYCLOAK-3548
KEYCLOAK-3548 : Send 401 when no keycloak.json for EAP6/AS7 Adapter
2016-11-08 07:37:00 +01:00
Stian Thorgersen
c9a58fad15 Merge pull request #3464 from stianst/KEYCLOAK-3692
KEYCLOAK-3692
2016-11-08 07:36:39 +01:00
Stian Thorgersen
5b54375490 Merge pull request #3468 from sebastienblanc/KEYCLOAK-3514
KEYCLOAK-3514 : fix servlet logout on bearer-only client
2016-11-08 07:35:44 +01:00
Stian Thorgersen
db4f3561a5 Merge pull request #3454 from ssilvert/keystore-error-messages
KEYCLOAK-3817: More detailed errors when loading keys from JKS
2016-11-08 07:33:43 +01:00
Stan Silvert
f922164a88 Merge pull request #3471 from ssilvert/otp-low-res
KEYCLOAK-3816: Tweak CSS for 1280 x 720 display
2016-11-04 17:10:22 -04:00
Hynek Mlnarik
36257863db KEYCLOAK-1881 Integration tests for key rotation in SAML IdP 2016-11-04 21:53:43 +01:00
Hynek Mlnarik
14f96fdb4b KEYCLOAK-1881 Wildfly, AS7, EAP Adapters 2016-11-04 21:53:43 +01:00
Hynek Mlnarik
570d71c07b KEYCLOAK-1881 Update client adapter configuration
Client adapter configuration was updated to support for customization
of HttpClient used for key retrieval similarly to OIDC. Further, it is
now possible to specify several static public keys for signature
verification in saml-client.xml.
2016-11-04 21:53:43 +01:00
Hynek Mlnarik
8ae1b1740d KEYCLOAK-1881 Client installers 2016-11-04 21:53:43 +01:00
Hynek Mlnarik
4f9e35c0a1 KEYCLOAK-1881 Support for multiple certificates in broker (hardcoded at the moment) 2016-11-04 21:53:43 +01:00
Hynek Mlnarik
67bb9aef3d KEYCLOAK-1881 Add switch to enable/disable generation of <Extensions>
Some SP clients might be confused by using a standard SAML protocol tag
<Extensions> which is used for signed REDIRECT binding messages to
specify signing key ID. To enable the interoperability, generation of
the tag is disabled by default and can be enabled for individual
clients.
2016-11-04 21:53:43 +01:00
Hynek Mlnarik
1ae268ec6f KEYCLOAK-1881 Include key ID for REDIRECT and use it for validation
Contrary to POST binding, signature of SAML protocol message sent using
REDIRECT binding is contained in query parameters and not in the
message. This renders <dsig:KeyName> key ID hint unusable. This commit
adds <Extensions> element in SAML protocol message containing key ID so
that key ID is present in the SAML protocol message.
2016-11-04 21:53:43 +01:00
Hynek Mlnarik
10deac0b06 KEYCLOAK-1881 KeyLocator implementation for SAML descriptor 2016-11-04 21:53:43 +01:00
Hynek Mlnarik
057cc37b60 KEYCLOAK-1881 Clone OIDC adapter HttpClient tools to SAML adapter
and
KEYCLOAK-1881 Extract httpclient configuration from AdapterConfig
2016-11-04 21:53:43 +01:00
Hynek Mlnarik
70a8255eae KEYCLOAK-1881 Basic key locator support 2016-11-04 21:53:43 +01:00
Hynek Mlnarik
d5c3bde0af KEYCLOAK-1881 Make SAML descriptor endpoint return all certificates 2016-11-04 21:53:43 +01:00
Hynek Mlnarik
5d840500af KEYCLOAK-1881 Include key ID in <ds:KeyInfo> in SAML assertions and protocol message
Changes of SAML assertion creation/parsing that are required to allow
for validation of rotating realm key: signed SAML assertions and signed
SAML protocol message now contain signing key ID in XML <dsig:KeyName>
element.
2016-11-04 21:53:43 +01:00
Hynek Mlnarik
904a5c3ca5 KEYCLOAK-3864 Add support for SAML2 <Extensions> element in protocol messages 2016-11-04 21:53:43 +01:00
Stan Silvert
66698f60d4 KEYCLOAK-3816: Tweak CSS for 1280 x 720 display 2016-11-04 15:32:19 -04:00
sebastien blanc
6c18b300a4 add integration test 2016-11-04 07:39:22 +01:00
Stian Thorgersen
6baf9b89fe Merge pull request #3467 from abstractj/KEYCLOAK-3580
[KEYCLOAK-3580] - Migrate DBus Java from Unix Socket C library to jnr-unixsocket
2016-11-04 05:57:02 +01:00
mhajas
fd5f7eb165 KEYCLOAK-3853 Fix keyRotation adapter test 2016-11-03 16:04:31 +01:00
sebastien blanc
76c37de1e8 KEYCLOAK-3545: Send 401 if no kc configuration in EAP6/AS7 2016-11-03 15:39:02 +01:00