Commit graph

11590 commits

Author SHA1 Message Date
mhajas
57a8fcb669 KEYCLOAK-10776 Add session expiration to Keycloak saml login response 2019-07-24 13:35:07 +02:00
mhajas
4b18c6a117 KEYCLOAK-7207 Check session expiration for SAML session 2019-07-24 13:35:07 +02:00
mhajas
bf33cb0cf9 KEYCLOAK-9102 Add tests for Saml RelayState 2019-07-24 12:28:00 +02:00
Martin Kanis
a88a3d05f3 KEYCLOAK-10908 Broken alignment with PME 3.7.1 2019-07-23 15:43:28 +02:00
keycloak-bot
17e9832dc6 Set version to 8.0.0-SNAPSHOT 2019-07-19 19:05:03 +02:00
Leon Graser
e1cb17586f display users in roles 2019-07-19 09:52:13 -04:00
Conciso GmbH
785eed791d Add company to ADOPTERS
Add Conciso GmbH as an adopter for Keycloak
2019-07-19 15:24:17 +02:00
Martin Kanis
af1e8144ff KEYCLOAK-10891 Align versions and update licenses for CD7 2019-07-19 15:18:00 +02:00
Hynek Mlnarik
67f8622d13 KEYCLOAK-8318 Workaround Elytron's double encoding of the query parameters
Co-Authored-By: mhajas <mhajas@redhat.com>
2019-07-19 14:37:38 +02:00
mhajas
282569df23 KEYCLOAK-10797 Ignore test until the issue is resolved 2019-07-19 13:37:20 +02:00
Stefan Guilhen
ceaae7a254 [KEYCLOAK-10384] Add equals and hashCode to KeycloakUndertowAccount, SamlPrincipal and SamlSession to avoid cache misses in the PicketBox JAAS auth manager 2019-07-18 21:08:22 +02:00
vramik
74f6e362af KEYCLOAK-10878 Realm exports may fail with future community releases 2019-07-18 10:50:34 -03:00
Martin Reinhardt
1ca66b4789 [KEYCLOAK-10018] Show complete group path for assigned groups 2019-07-18 09:24:21 -04:00
Martin Reinhardt
60f2853d44 [KEYCLOAK-10018] Fix inject component utils 2019-07-18 09:24:21 -04:00
Martin Reinhardt
36c47e7491 [KEYCLOAK-10018] Adding search logic for user partials, too 2019-07-18 09:24:21 -04:00
Martin Reinhardt
c08d0a626f Fix search on enter issue 2019-07-18 09:24:21 -04:00
Hynek Mlnarik
04f266d381 KEYCLOAK-10744 Fix MariaDB cannot create database 2019-07-18 13:59:49 +02:00
kuan
1c5f7c1420 Update KeycloakTokenParsed definition.
To match KeycloakInstance's realm access and resources access.
2019-07-17 15:29:34 -04:00
Hynek Mlnarik
67eb0c3079 KEYCLOAK-8318 Workaround ELY-1525 similarly to OIDC adapter 2019-07-17 09:33:20 +02:00
Hynek Mlnarik
3d4283fac9 KEYCLOAK-9987 Upgrade to Wildfly17
Co-Authored-By: hmlnarik <hmlnarik@redhat.com>
2019-07-16 08:05:46 +02:00
Pedro Igor
5f5cb6cb7b [KEYCLOAK-10808] - Do not show authorization tab when client is not confidential 2019-07-15 10:07:31 -03:00
Steeve Beroard
fc9a0e1766 [KEYCLOAK-8104] Keycloak SAML Adapter does not support clockSkew configuration
Co-Authored-By: vramik <vramik@redhat.com>
2019-07-15 13:08:52 +02:00
rmartinc
1d2d6591b2 KEYCLOAK-10826: Provide the locale name in the LocaleBean to be used in themes 2019-07-13 07:18:40 +02:00
rmartinc
6d6db1f3e5 KEYCLOAK-10345: OCSP validation fails if there is no intermediate CA in the client certificate 2019-07-12 15:16:00 +02:00
mposolda
77e9f16ad3 KEYCLOAK-10813 ComponentsTest.testConcurrencyWithChildren failed with oracle due timeout 2019-07-12 10:42:37 +02:00
mposolda
c003dabf6c KEYCLOAK-10753 Possibility for JavascriptExecutor to use the timeout from pageload.timeout property instead of hardcoded 2019-07-12 10:42:37 +02:00
mposolda
91b41b1a2e KEYCLOAK-10793 Possibility to increase server startup timeout 2019-07-12 10:42:37 +02:00
Takashi Norimatsu
2e850b6d4a KEYCLOAK-10747 Explicit Proof Key for Code Exchange Activation Settings 2019-07-12 08:33:20 +02:00
mposolda
625efcfdf8 KEYCLOAK-10445 KEYCLOAK-10446 Fixes for add DB tests with PostgreSQL 10.1 and PostgresPlus to the pipeline 2019-07-10 15:21:27 +02:00
Martin Kanis
efdf0f1bd8 KEYCLOAK-6839 You took too long to login after SSO idle 2019-07-10 10:15:26 +02:00
Gregor Tudan
334ca6e96b KEYCLOAK-10796: fix build on MacOS by giving DeSerializerFunctions in the StringUtils a distinct name 2019-07-09 22:52:12 +02:00
Kohei Tamura
55a6141bff KEYCLOAK-10783 Fix internal server error when logging out after sharing my resource 2019-07-09 09:06:58 -03:00
Pedro Igor
9215957bd0 Revert "KeycloakRole equals only with itself"
This reverts commit 2899375614.
2019-07-09 09:05:20 -03:00
vramik
5a5325672b KEYCLOAK-10718 Refactor fuse adapter test 2019-07-09 08:56:35 +02:00
mposolda
5f9feee3f8 KEYCLOAK-9846 Verifying signatures on CRL during X509 authentication 2019-07-08 20:20:38 +02:00
Valeran86
2899375614 KeycloakRole equals only with itself
I use Keycloak Spring Adapter (KSA) to secure existing application. Today I realized that some functions didn't work anymore because of security checking like this:
```
GrantedAuthority adminRole = new MySpecialGrantedAuthority( "superadmin" );
for ( GrantedAuthority role : userRoles ) {
        if ( role.equals( adminRole ) ) {
          return true;
        }
      }
```
In this example, when I use KSA authorization fails.
I believe, that more preferable in `KeycloakRole` use this implementation of `equals` method.
2019-07-08 14:33:03 -03:00
k-tamura
c636b7a1cd KEYCLOAK-10784 i18n support for UMA resource pages 2019-07-08 14:25:05 -03:00
Tomasz Prętki
0376e7241a KEYCLOAK-10251 New Claim JSON Type - JSON 2019-07-08 11:59:57 +02:00
Sven-Torben Janus
c883c11e7e KEYCLOAK-10158 Use PEM cert as X.509 user identity
Allows to use the full PEM encoded X.509 certificate from client cert
authentication as a user identity. Also allows to validate that user's
identity against LDAP in PEM (String and binary format). In addition,
a new custom attribute mapper allows to validate against LDAP when
certificate is stored in DER format (binay, Octet-String).

KEYCLOAK-10158 Allow lookup of certs in binary adn DER format from LDAP
2019-07-08 11:58:26 +02:00
Hynek Mlnarik
ca4e14fbfa KEYCLOAK-7852 Use original NameId value in logout requests 2019-07-04 19:30:21 +02:00
Vlasta Ramik
cc8cfd4269 KEYCLOAK-10751 Fix SAML undertow adapter not sending challenge
Co-Authored-By: mhajas <mhajas@redhat.com>
Co-Authored-By: Hynek Mlnarik <hmlnarik@redhat.com>
2019-07-04 10:04:51 +02:00
mposolda
5b40691deb KEYCLOAK-10355 Avoid LastSessionRefreshUnitTest to trigger scheduled tasks 2019-07-04 09:53:19 +02:00
Sebastian Laskawiec
b5d8f70cc7 KEYCLOAK-8224 Client not found error message 2019-07-03 18:34:56 +02:00
Asier Aguado
bed22b9b8d [KEYCLOAK-10710] Make social providers compatible with OIDC UsernameTemplateMappers 2019-07-03 15:01:46 +02:00
rmartinc
bd5dec1830 KEYCLOAK-10112: Issues in loading offline session in a cluster environment during startup 2019-07-03 13:17:45 +02:00
Thomas Darimont
53d0db80c3 KEYCLOAK-10313 Only use PKCE if enable-pkce is configured for KeycloakInstalled adapter
Users who want to use PKCE support with the KeycloakInstalled adapter need to set the property
``"enable-pkce": true` in the adapter configuration / `keycloak.json`.
2019-07-03 08:49:55 +02:00
Thomas Darimont
8bd48391ca KEYCLOAK-10313 Add PKCE support to KeycloakInstalled Adpater
This adds PKCE support for Desktop Apps as
a followup to KEYCLOAK-1033 #6047.
2019-07-03 08:49:55 +02:00
Axel Messinese
b32d52e62b KEYCLOAK-10750 Check if role exist on get user/group in role endpoint 2019-07-03 08:46:36 +02:00
Pedro Igor
0cdd23763c [KEYCLOAK-10443] - Define a global decision strategy for resource servers 2019-07-02 09:14:37 -03:00
Peter Skopek
aca8c89d3e KEYCLOAK-10075 fix drop all tables for postgres and mssql 2019-06-27 14:03:13 +02:00