Commit graph

1846 commits

Author SHA1 Message Date
Bill Burke
07efba364e hotp 2015-08-05 20:39:47 -04:00
Vlastimil Elias
2e52d8ea7a KEYCLOAK-1731 - patched user attribute handling for
login-update-profile.ftl form. Relevant tests added. Tests for user
attributes handling from register.ftl also added.
2015-08-05 17:07:21 +02:00
mposolda
e27a754f5f KEYCLOAK-1595 Don't send 401 from AuthorizeClientUtil if public client sent client_id parameter together with Authorization: Negotiate 2015-08-04 15:22:03 +02:00
Bill Burke
930fc66ebf flow editing 2015-08-03 18:58:14 -04:00
Bill Burke
04d3d26cb1 refactor execution model 2015-08-03 09:52:56 -04:00
Bill Burke
de940ccff9 auth flow editing 2015-08-02 19:03:33 -04:00
Stian Thorgersen
8d90ad816a KEYCLOAK-1710 UserInfoEndpoint throws NPE if user session is not found 2015-07-27 15:43:52 +02:00
Stian Thorgersen
6a2b369014 KEYCLOAK-1707 Can't export SAML keys 2015-07-27 13:00:22 +02:00
Stian Thorgersen
a8775f757f KEYCLOAK-1694 Null Client Exception on OAuth Grant Page 2015-07-27 09:59:50 +02:00
Bill Burke
f76b90fab9 timeout message 2015-07-25 12:43:46 -04:00
Bill Burke
ccd8beae92 Merge remote-tracking branch 'upstream/master' 2015-07-25 12:16:05 -04:00
Bill Burke
33f01009d2 login timeouts, verify email 2015-07-25 12:13:41 -04:00
Stian Thorgersen
86de481ba1 Merge pull request #1499 from stianst/master
KEYCLOAK-1542
2015-07-24 17:30:29 +02:00
Stian Thorgersen
5d075a97dd Fixes to server-info 2015-07-24 16:45:58 +02:00
Stian Thorgersen
d1964c20ab Refactored server-info and updated admin console 2015-07-24 14:47:37 +02:00
mposolda
d068cddbaf Fix MSAD and OpenLDAP 2015-07-23 18:03:12 +02:00
Vlastimil Elias
ee57c79784 KEYCLOAK-1542 - rewrote showing info from providers to be generic 2015-07-23 16:40:57 +02:00
Vlastimil Elias
7e41b8df27 KEYCLOAK-1542 - code formatting cleanup 2015-07-23 16:40:56 +02:00
Vlastimil Elias
79c1d7bafa KEYCLOAK-1542 - code cleanup ahead of PR 2015-07-23 16:40:55 +02:00
Vlastimil Elias
652b2fee86 KEYCLOAK-1542 - Server Info page extended by info about DB and MongoDB.
Functional test for /serverinfo REST endpoint added.
2015-07-23 16:40:54 +02:00
Vlastimil Elias
dfb871c26a KEYCLOAK-1542 - added system and memory info into "System Info" page 2015-07-23 16:40:53 +02:00
mposolda
c99785f266 KEYCLOAK-401 Service account refactoring and fixes 2015-07-23 11:29:52 +02:00
Bill Burke
7dc05a45ac conflict 2015-07-22 14:20:52 -04:00
Bill Burke
48a76c2d0d test brute force 2015-07-22 12:30:52 -04:00
Bill Burke
d9b0415047 brute force fixes, code cleanup, tests 2015-07-22 09:40:11 -04:00
mposolda
d8c1081578 KEYCLOAK-401 KEYCLOAK-941 Service accounts initial impl. Client credentials grant support 2015-07-22 10:55:50 +02:00
Bill Burke
576db8e0e1 Merge remote-tracking branch 'upstream/master' 2015-07-21 20:56:22 -04:00
Bill Burke
fe9dc4a28d non-browser flow 2015-07-21 20:56:05 -04:00
Stian Thorgersen
2dd2173553 Merge pull request #1473 from mstruk/KEYCLOAK-1560
KEYCLOAK-1560 IDENTITY_PROVIDER_LOGIN event is send twice
2015-07-21 10:28:32 +02:00
Marko Strukelj
fcd5400cda KEYCLOAK-1560 IDENTITY_PROVIDER_LOGIN event is send twice 2015-07-21 09:49:37 +02:00
Bill Burke
548c0db0ae Merge remote-tracking branch 'upstream/master' 2015-07-20 12:21:57 -04:00
Bill Burke
3ecd1307b0 clean up client sessions 2015-07-20 12:21:48 -04:00
Stian Thorgersen
f884aed25e KEYCLOAK-1576 2015-07-20 13:35:56 +02:00
Stian Thorgersen
66a2b916f2 Fix CRLF with LF 2015-07-20 07:48:02 +02:00
Bill Burke
2e848da1a8 resolve conflicts 2015-07-17 09:45:53 -04:00
Stian Thorgersen
1642ac2394 KEYCLOAK-1385 Introduce end-of-line normalization 2015-07-17 13:46:51 +02:00
Stian Thorgersen
0bec2bcd1e KEYCLOAK-1504 2015-07-17 10:21:15 +02:00
Bill Burke
e51d2137cf migrate RequiredCredentials 2015-07-16 22:03:12 -04:00
Bill Burke
e825be1c79 nonce in tokens 2015-07-16 10:17:44 -04:00
Bill Burke
57cfbb3770 SAML IDP Initiated login 2015-07-15 20:08:55 -04:00
Gregor Tudan
c8c0d0e804 KEYCLOAK-1564: Add CORS-Headers to token requests by password credentials 2015-07-14 08:22:08 +02:00
Bill Burke
8dcc909b6e Merge remote-tracking branch 'upstream/master' 2015-07-12 10:12:31 -04:00
Bill Burke
fafaf2c490 test impersonate 2015-07-12 10:12:19 -04:00
mposolda
dc366c53a7 KEYCLOAK-1175 Import at startup can fail if master realm not present 2015-07-11 18:56:52 +02:00
mposolda
fe1ede26be KEYCLOAK-1558 Can't import the file exported in 1.2.0.Beta1 through admin console 2015-07-11 18:56:52 +02:00
Bill Burke
1017a0af1d Merge remote-tracking branch 'upstream/master' 2015-07-11 11:09:48 -04:00
Bill Burke
ff25484a34 viewUser fixes 2015-07-11 11:01:26 -04:00
Bill Burke
919a3f1b91 fixes 2015-07-11 10:30:23 -04:00
Bill Burke
608701aea7 impersonation redo in admin console 2015-07-11 10:10:05 -04:00
mposolda
142d44a01f KEYCLOAK-1233 Admin console support for add/remove federated identity 2015-07-11 14:08:49 +02:00
Bill Burke
6e55604dc3 impersonation 2015-07-10 20:38:43 -04:00
Bill Burke
4a962aa75a Merge remote-tracking branch 'upstream/master' 2015-07-08 19:18:23 -04:00
Bill Burke
e786158071 role selector 2015-07-08 19:18:11 -04:00
mposolda
bde65a6c57 KEYCLOAK-1533 Handle importing LDAP user with duplicate email during authentication 2015-07-08 20:41:32 +02:00
mposolda
94c0a436b5 KEYCLOAK-1534 handle account management update email or username to the already existing value 2015-07-08 15:27:05 +02:00
Bill Burke
d49c7d47a2 Merge remote-tracking branch 'upstream/master' 2015-07-06 17:44:52 -04:00
Bill Burke
8f18e9bbbc auth config ui 2015-07-06 17:44:39 -04:00
mposolda
71ea61e7a6 KEYCLOAK-1532 LDAP sync fixes and other bugfixing 2015-07-04 22:25:47 +02:00
Bill Burke
917151123f display flows 2015-07-02 11:25:51 -04:00
Bill Burke
212f5b4082 Merge pull request #1410 from dbarentine/master
Spec compliance, bug fixes
2015-07-01 15:27:47 -04:00
Bill Burke
39f2a4ab71 repatcha 2015-07-01 15:10:04 -04:00
Bill Burke
39aa09ca36 form action refactor 2015-07-01 14:07:02 -04:00
Bill Burke
a1c612f833 remove old code 2015-06-30 12:47:34 -04:00
Bill Burke
bc39bb32d4 Merge remote-tracking branch 'upstream/master' 2015-06-30 12:46:29 -04:00
Bill Burke
884308ecb5 reg flow 2015-06-30 12:46:10 -04:00
Bill Burke
afa65d9ead registration flow 2015-06-29 22:12:06 -04:00
mposolda
605c88a029 KEYCLOAK-1487 Multivalued support for UserAttribute protocol mapper. End-to-end LDAP example test including application 2015-06-29 21:45:47 +02:00
mposolda
09994d1730 KEYCLOAK-1487 Support for multiple values of one UserModel attribute. LDAP multivalued attribute support 2015-06-29 14:56:40 +02:00
Bill Burke
064d677fdc form auth 2015-06-24 21:07:38 -04:00
Dane Barentine
8da532da93 [KEYCLOAK-1492] Fix mapClaim when nested attribute already exists 2015-06-22 11:00:40 -07:00
Bill Burke
000159226d refactor 2015-06-21 12:09:22 -04:00
Bill Burke
4ebdb8d24b refactor 2015-06-21 11:52:30 -04:00
Bill Burke
adff0d5da0 make authenticator config optional 2015-06-19 21:16:45 -04:00
Bill Burke
a26ade3988 refactor registration and console pages 2015-06-19 17:51:59 -04:00
Bill Burke
d7b818cba2 cleanup client sessions 2015-06-19 14:43:40 -04:00
Bill Burke
84faac0cd6 handle page refresh better 2015-06-18 20:01:12 -04:00
Bill Burke
1bce639d35 refactor flow first phase 2015-06-18 16:48:28 -04:00
Bill Burke
70fd7bea99 cleanup authenticators 2015-06-17 17:15:01 -04:00
Bill Burke
f5b4a0788e timeout message 2015-06-17 10:16:21 -04:00
Bill Burke
5615d8d870 required actions edit 2015-06-17 09:42:58 -04:00
Bill Burke
dddc5181e7 required actions storage/display 2015-06-16 22:48:39 -04:00
Bill Burke
3b78fa2d5d required actions model 2015-06-16 18:17:38 -04:00
Bill Burke
8f5b53e3ce clientsession timeout checks 2015-06-16 09:29:36 -04:00
Bill Burke
cd84e78b27 access code checks 2015-06-16 07:59:53 -04:00
Bill Burke
9638c0dd83 verify clientsession actions 2015-06-15 18:04:55 -04:00
Bill Burke
43bad9a608 merge 2015-06-15 09:02:15 -04:00
Bill Burke
c51cc4703b kerberos fixes 2015-06-14 20:58:02 -04:00
Stian Thorgersen
c89a412661 KEYCLOAK-1321
Error page is displayed if user rejects sign in with social provider
2015-06-12 13:32:30 +02:00
Stian Thorgersen
2d82d15e5b Merge pull request #1361 from ssilvert/KEYCLOAK-1083-unlock-user-account
KEYCLOAK-1083: Provide a way for admin to unlock user account
2015-06-12 07:44:07 +01:00
Bill Burke
392fa21f1e finish reg 2015-06-11 21:15:53 -04:00
Bill Burke
fa99b5415d flow alias lookup 2015-06-11 18:02:49 -04:00
Stan Silvert
d6e64a2c5e KEYCLOAK-1083: Provide a way for admin to unlock user account 2015-06-11 15:32:03 -04:00
Bill Burke
3f62cd9271 terms and conditions 2015-06-11 14:39:08 -04:00
Matthias Wessendorf
d3e178d459 Applying suggested import change from mstruk 💄 2015-06-11 08:52:53 +02:00
Bill Burke
3dd282e11b pluggable required actions backend 2015-06-10 11:38:01 -04:00
Bill Burke
95349e6e2e clientsession.action to String 2015-06-10 09:21:23 -04:00
mposolda
557edbec6d KEYCLOAK-1416 federation provider/mapper model fixes 2015-06-09 23:15:43 +02:00
mposolda
d3e9b29d78 KEYCLOAK-1088 Audit of user grants during login 2015-06-09 20:37:12 +02:00
mposolda
9a5ca4d367 Minor improve in error messages and tests 2015-06-09 17:43:20 +02:00
Stian Thorgersen
c61c05be51 Merge pull request #1335 from ssilvert/keycloak-config
KEYCLOAK-1404: Need recovery mechanism for master admin user
2015-06-09 07:02:47 +01:00
Stan Silvert
e977a363ef Require user to specify a temporary admin password to do admin recovery. 2015-06-08 13:04:52 -04:00
Bill Burke
dcc40b0a63 error handling 2015-06-05 15:51:43 -04:00
Bill Burke
dc0d9a8dce merge 2015-06-05 14:44:37 -04:00
Bill Burke
021b01f0bd passing tests 2015-06-05 13:49:24 -04:00
Stan Silvert
6812514683 KEYCLOAK-1404: Need recovery mechanism for master admin user 2015-06-04 15:29:44 -04:00
Bill Burke
9ab023cc6c more 2015-06-04 10:18:24 -04:00
Stian Thorgersen
f50570e350 KEYCLOAK-1325
Public/private SPI
2015-06-04 15:59:47 +02:00
Marek Posolda
826c60ae36 Merge pull request #1324 from velias/KEYCLOAK-1371
KEYCLOAK-1371 - Perform "Update Profile on First Login" only if some of mandatory user profile fields is missing from identity provider
2015-06-04 15:19:59 +02:00
Bill Burke
b54061fc3f more 2015-06-03 18:51:57 -04:00
Bill Burke
c12fe28b2d phased auth spi introduction 2015-06-03 10:55:03 -04:00
Stian Thorgersen
1dd0b563b6 KEYCLOAK-1386 Direct Grant API always on 2015-06-03 16:24:15 +02:00
Vlastimil Elias
dcc19a39d7 KEYCLOAK-1371 - Perform "Update Profile on First Login" only if some of
mandatory user profile fields is missing from identity provider
2015-06-03 15:24:25 +02:00
Stian Thorgersen
3d3871b0e6 Merge pull request #1291 from AOEpeople/KEYCLOAK-1305
KEYCLOAK-1305 Add possibility to change username
2015-06-03 10:51:34 +01:00
Stian Thorgersen
060a59f982 Merge pull request #1317 from velias/KEYCLOAK-1372
KEYCLOAK-1372 - do not perform email verification if email is provided by trusted Identity provider
2015-06-03 10:29:52 +01:00
Sebastian Rose
17affe576f KEYCLOAK-1350 client_session_state should be updated when refreshing a token 2015-06-02 15:01:47 +02:00
Vlastimil Elias
b86d091ad1 KEYCLOAK-1372 - do not perform email verification if email is provided
by trusted Identity provider
2015-06-02 14:59:29 +02:00
Niko Köbler
492e6cd856 KEYCLOAK-1305 Add possibility to change username 2015-06-02 14:08:19 +02:00
Stian Thorgersen
6baefa7490 Merge pull request #1307 from velias/KEYCLOAK-1361
KEYCLOAK-1361 - ability to add custom fields (user.attributes) on login-update-profile.ftl page
2015-06-02 08:40:54 +01:00
Stian Thorgersen
319b29aa7d Merge pull request #1300 from girirajsharma/master
[KEYCLOAK-1200] From and To filter fields in Event viewer in admin app
2015-06-02 08:32:02 +01:00
mposolda
f57ab78916 KEYCLOAK-886 LDAP: Fixes and improvements 2015-06-01 17:38:34 +02:00
Vlastimil Elias
ea98b26766 KEYCLOAK-1361 - ability to add custom fields (user.attributes) on
login-update-profile.ftl page
2015-06-01 15:44:36 +02:00
Stian Thorgersen
5f787028df KEYCLOAK-1327 Updated for users 2015-05-29 15:29:04 +01:00
girirajsharma
5bb71d396a [KEYCLOAK-1200] From and To filter fields in Event viewer in admin app 2015-05-29 19:13:56 +05:30
Stian Thorgersen
5a3a0ae437 KEYCLOAK-1325 Log warning if internal SPI is used 2015-05-29 13:58:40 +01:00
Stian Thorgersen
a953b52eac KEYCLOAK-1327 Updated for client stats 2015-05-29 13:15:35 +01:00
Stian Thorgersen
6f164f0ee9 KEYCLOAK-1327 Updated for clients 2015-05-29 13:15:34 +01:00
mposolda
bcd607a1ee KEYCLOAK-1360 ModelExceptionMapper logges the exception 2015-05-28 19:54:15 +02:00
Stian Thorgersen
f65b502a96 Merge pull request #1283 from girirajsharma/master
[KEYCLOAK-1200]- From and To filter fields in Event viewer in admin app
2015-05-28 15:03:22 +02:00
girirajsharma
efe8342965 [KEYCLOAK-1200]- From and To filter fields in Event viewer in admin app 2015-05-28 18:05:31 +05:30
mposolda
98dd87efbc Added ProviderConfigProperty.CLIENT_LIST and refactor role federation mapper to use it 2015-05-28 12:28:26 +02:00
mposolda
ce6576ce84 KEYCLOAK-1355 Make admin requests to have RealmModel and ClientModel available in KeycloakContext 2015-05-28 12:28:26 +02:00
behana
e8e22ee44c KEYCLOAK-1352 Add send-verify-email to admin-rest-api 2015-05-28 00:05:39 +02:00
Bill Burke
a2718a889d unfinished working auth spi 2015-05-27 14:28:47 -04:00
Bill Burke
143d176dcd Merge remote-tracking branch 'upstream/master' 2015-05-27 10:39:59 -04:00
Bill Burke
a1f7cfaf3a auth spi initialization 2015-05-27 10:39:46 -04:00
mposolda
dfe232cf80 KEYCLOAK-886 User Federation Mappers - admin console 2015-05-26 17:48:52 +02:00
Stian Thorgersen
ab934f3d35 Merge pull request #1273 from girirajsharma/master
[KEYCLOAK-1334] Forgot password page does not return validation error
2015-05-26 08:56:04 +02:00
Bill Burke
f5e301fe0d merge 2015-05-22 16:15:55 -04:00
Bill Burke
68976f5b0c auth spi datamodel 2015-05-22 16:03:26 -04:00
girirajsharma
8e7e208265 [KEYCLOAK-1334] Forgot password page does not return validation error
message when input field is empty
2015-05-23 01:18:23 +05:30
mposolda
61c35265a6 KEYCLOAK-826 Show count of created/updated users during federation sync 2015-05-22 21:06:38 +02:00
Stian Thorgersen
12c3aa83dd Updated admin events 2015-05-19 11:40:17 +02:00
Stian Thorgersen
c193ba0c81 Merge pull request #1261 from panga/master
KEYCLOAK-1306 - Better Admin API error handling (new)
2015-05-19 08:56:19 +02:00
Bill Burke
3851a2fe72 merge 2015-05-18 16:41:51 -04:00
Bill Burke
338300df32 1st phase auth/required action spi 2015-05-18 16:32:38 -04:00
Stian Thorgersen
0c7f63b2f3 Merge branch 'master' of https://github.com/girirajsharma/keycloak into girirajsharma-master
Conflicts:
	services/src/main/java/org/keycloak/services/resources/admin/RealmAdminResource.java
2015-05-18 06:56:12 +02:00
Leonardo Loch Zanivan
abcd830af1 Fix response code 2015-05-13 15:39:51 -03:00
Leonardo Loch Zanivan
f807c999b6 Initial messages SPI implementation for Admin REST Services. 2015-05-13 11:13:49 -03:00
girirajsharma
ccd5deb85f [KEYCLOAK 392] Audit admin events 2015-05-13 16:47:30 +05:30
Stian Thorgersen
698660c92a Added isPrivate to Spi 2015-05-12 08:25:24 +02:00
Stian Thorgersen
d00e0021b6 Merge branch 'master' of https://github.com/girirajsharma/keycloak into girirajsharma-master
Conflicts:
	connections/jpa-liquibase/src/main/resources/META-INF/jpa-changelog-master.xml
	services/src/main/java/org/keycloak/services/resources/admin/IdentityProvidersResource.java
2015-05-11 13:36:30 +02:00
Stian Thorgersen
ccbd4bace1 KEYCLOAK-1289 Support environment variables in keycloak.json 2015-05-11 10:17:25 +02:00
Bill Burke
e4204a56f5 username mapper 2015-05-08 20:41:31 -04:00
mposolda
91eb80beb0 Minor improvements 2015-05-07 20:07:30 +02:00
Bill Burke
69347aa7f6 Merge pull request #1220 from panga/master
KEYCLOAK-1269 and KEYCLOAK-1270
2015-05-05 14:31:48 -04:00
Bill Burke
082ebe8043 no backchannel if state 2015-05-05 13:58:07 -04:00
Leonardo Zanivan
a13a02c995 KEYCLOAK-1270 fix 2015-05-05 11:17:27 -03:00
mposolda
e03140a9f2 Fix redirect after unlink federated identity and logout from account management 2015-05-04 14:42:25 +02:00
girirajsharma
70f53c6c06 [KEYCLOAK-392] - Admin audit events 2015-05-03 01:46:52 +05:30
Bill Burke
311fca5a72 exception handling fix 2015-05-01 10:31:03 -04:00
Bill Burke
9372d23ad9 bump default keysize to 2048 2015-05-01 10:11:49 -04:00
Stian Thorgersen
3768c1f1ad KEYCLOAK-1243
Federated Identities table is empty for user synced from classpath properties provider
2015-04-30 14:31:20 +02:00
Bill Burke
35c33f132e demo fix and error message fix 2015-04-29 21:16:59 -04:00
Bill Burke
666827b7cb remove resteasy ClientRequest 2015-04-29 20:46:14 -04:00
Stian Thorgersen
ee358ccbc4 Removed PatternFly themes 2015-04-29 19:47:56 +02:00
Stian Thorgersen
0b821a71e3 KEYCLOAK-887 Updated admin console theme 2015-04-29 19:34:08 +02:00
mposolda
063cefa18c When revoke consent from admin console, logout clientSessions similarly like done in Account mgmt 2015-04-29 15:35:33 +02:00
Bill Burke
be656b2dba Merge remote-tracking branch 'upstream/master' 2015-04-28 18:52:42 -04:00
Bill Burke
bfcf595346 backchannel broker logout 2015-04-28 18:52:30 -04:00
mposolda
5e0f560fdc KEYCLOAK-1070 Migration for adding names to builtin clients 2015-04-28 09:35:57 +02:00
mposolda
1d4bf4ddaa UserSessionNote mapper have combobox for claim type in admin console 2015-04-28 07:56:45 +02:00
mposolda
316053018b KEYCLOAK-1070 Support for view and revoke consents in admin console 2015-04-28 07:56:45 +02:00
Bill Burke
4166393396 model migration 2015-04-27 16:12:43 -04:00
Bill Burke
44787d83d2 more broker mappers 2015-04-26 10:31:53 -04:00
Bill Burke
9151d2aebd Merge remote-tracking branch 'upstream/master' 2015-04-24 18:37:18 -04:00
Bill Burke
5e1ac684a5 broker logout fixes 2015-04-24 16:32:32 -04:00
mposolda
a338626d2b KEYCLOAK-1216 Click on 'Logout all sessions' in Account mgmt should propagate logout to the apps 2015-04-24 18:42:18 +02:00
Bill Burke
104a9f9842 Merge remote-tracking branch 'upstream/master' 2015-04-23 16:31:09 -04:00
Bill Burke
d49e0eda9e broker token role 2015-04-23 15:26:07 -04:00
mposolda
14b3d085a0 KEYCLOAK-1070 Rename 'Access' to 'Applications' 2015-04-23 18:21:21 +02:00
mposolda
c942a8ac4f KEYCLOAK-1070 ClientModel.setName/getName 2015-04-23 18:21:21 +02:00
mposolda
535023d800 KEYCLOAK-1070 add setProtocolMappers/getProtocolMappers to ClientSession 2015-04-23 18:20:34 +02:00
Bill Burke
a7d245b1fb finish 2015-04-23 11:40:29 -04:00
Bill Burke
1f4df58e6c broker token exchange refactor 2015-04-23 11:26:44 -04:00
mposolda
34e033e351 KEYCLOAK-1070 JSON representation and export/import for userConsent 2015-04-22 11:29:43 +02:00
mposolda
11035dbe1b KEYCLOAK-1070 Rename GrantedConsentModel to UserConsentModel. Mongo support for consents. Mongo fixes 2015-04-22 11:29:36 +02:00
Stian Thorgersen
b5f3efe272 KEYCLOAK-1218 Better security for ServerInfoAdminResource 2015-04-22 08:59:00 +02:00
Bill Burke
af736a29f1 Merge pull request #1144 from TFaga/master
[KEYCLOAK-1211] Fixed AD users authenticating without providing a password
2015-04-20 12:31:58 -04:00
Bill Burke
8eb2f35423 Merge remote-tracking branch 'upstream/master' 2015-04-17 16:41:16 -04:00
Bill Burke
a7c563b0eb oidc broker role mapper 2015-04-17 16:41:04 -04:00
mposolda
78830836b8 KEYCLOAK-1070 Persistent grants - step 1 2015-04-17 14:03:23 +02:00
girirajsharma
f959332117 [KEYCLOAK-402] - Force password changes at regular intervals 2015-04-16 23:41:45 +05:30
Stian Thorgersen
115e533a71 KEYCLOAK-1061 Add back to application link to error page
KEYCLOAK-1148 space in redirect uri gives error
2015-04-16 14:17:32 +02:00
Stian Thorgersen
5addabe893 KEYCLOAK-1212 CORS requests blocked on OPTIONS request 2015-04-16 11:27:30 +02:00
Stian Thorgersen
0027d22964 KEYCLOAK-1213 Installation file for bearer-only doesn't include auth-server-url 2015-04-16 09:19:55 +02:00
Bill Burke
edb9f0cecf merge conflicts 2015-04-15 11:18:47 -04:00
Bill Burke
0addc4cf58 broker mapper mgmt 2015-04-15 11:10:53 -04:00
Tilen Faganel
770d2d8a4c [KEYCLOAK-1211] Fixed Active Directory users authenticating without providing a password 2015-04-15 16:59:55 +02:00
Stian Thorgersen
f3e5541b7d KEYCLOAK-1109 Added KeycloakContext
KEYCLOAK-1042 Access to Cookies within Events
KEYCLOAK-1209 Enable jboss-logging event listener by default and allow configuring log level
2015-04-15 13:34:54 +02:00
girirajsharma
e3bb61248a [KEYCLOAK-405] - Feature that doesn't allow old password to be reused 2015-04-15 02:08:05 +05:30
Bill Burke
f61fb4ba18 fix conflicts 2015-04-13 09:59:59 -04:00
Bill Burke
d2a5403527 refactor for broker mappers 2015-04-13 09:45:23 -04:00
Stian Thorgersen
4fbbf39c51 KEYCLOAK-1187 Admin console and endpoints 2015-04-13 13:29:31 +02:00
Stian Thorgersen
9a047eda36 KEYCLOAK-1187 Updated representations 2015-04-13 10:13:32 +02:00
Stian Thorgersen
a18715a774 Deprecate OAuthClientRepresentation and ApplicationRepresentation and added ClientRepresentation 2015-04-10 13:33:29 +02:00
Stian Thorgersen
6fbc0975c0 KEYCLOAK-1187 First round: Combined ApplicationModel and OAuthClientModel into ClientModel. Removed OAuth Clients from Admin console and renamed Applications to Clients. 2015-04-09 12:27:30 +02:00
girirajsharma
ca13e3c4ba [KEYCLOAK-400]Provide a configuration for regex in the password policies 2015-04-02 23:37:25 +05:30
Bill Burke
10ced1e908 Merge remote-tracking branch 'upstream/master' 2015-04-01 10:33:25 -04:00
Bill Burke
1d56805faf unique username for brokered user 2015-04-01 10:32:47 -04:00
Stian Thorgersen
41828cd865 Prompt query param not added correctly after OIDC refactoring 2015-04-01 13:33:28 +02:00
mposolda
a5567ead7a KEYCLOAK-1169 Skip DB write at each broker login if 3rd party token is not required 2015-04-01 11:00:02 +02:00
Stian Thorgersen
a2c4a1f760 Merge branch 'KEYCLOAK-1113' of https://github.com/velias/keycloak into velias-KEYCLOAK-1113
Conflicts:
	services/src/main/java/org/keycloak/services/resources/LoginActionsService.java
2015-04-01 09:45:13 +02:00
Stian Thorgersen
f9d814598e KEYCLOAK-946 Only show endpoints relevant for admin rest api 2015-04-01 07:31:17 +02:00
Bill Burke
03bfca5e41 expire cookie on backchannel 2015-03-31 19:33:43 -04:00
Stian Thorgersen
fcc2e0a9f0 Removed admin audit events - need to rethink how to implement it 2015-03-31 14:37:54 +02:00
Stian Thorgersen
96dad77c66 KEYCLOAK-392 Admin events 2015-03-30 14:38:32 +02:00
girirajsharma
962b623b4a [KEYCLOAK-392] - Admin audit events 2015-03-30 14:06:01 +02:00
Vlastimil Elias
01094663bf KEYCLOAK-1113 - profile update now uses correct form validation also 2015-03-30 12:53:05 +02:00
Michael Gerber
7b820a4eed i18n for default claims
role description i18n

tests

typo

fix unit test
2015-03-29 11:34:53 +02:00
Bill Burke
878ce0761d broker fixes 2015-03-27 12:13:48 -04:00
Vlastimil Elias
8727aef647 KEYCLOAK-1113 - LoginFormProvider extended to allow per field errors,
freemarker implementation extended (backward compatible), used for
registration form
2015-03-27 15:41:42 +01:00
Stian Thorgersen
b727087f04 KEYCLOAK-1150
'iss' should be URL not just realm name
2015-03-26 13:50:36 +01:00
Bill Burke
d36ee0d0af Merge pull request #1088 from patriot1burke/master
oidc and saml broker backchannel logout
2015-03-26 08:43:21 -04:00
mposolda
477d8b35e3 KEYCLOAK-1116 KEYCLOAK-1117 JSON migration and removal of ClientModel.claimsMask 2015-03-26 11:49:22 +01:00
mposolda
2599e77491 Fix oracle 2015-03-26 08:10:26 +01:00
Bill Burke
f64d84b03a Merge remote-tracking branch 'upstream/master' 2015-03-25 19:02:23 -04:00
Bill Burke
e0c70e1c47 oidc broker backchannel logout 2015-03-25 19:02:07 -04:00
Bill Burke
13268c52c6 saml backchannel logout 2015-03-25 16:51:25 -04:00
Stian Thorgersen
14683882e8 KEYCLOAK-1138 Appliance distribution from master failes with ClassNotFoundException 2015-03-25 10:11:56 +01:00
Bill Burke
c3859fa34f oidc logout and console fixes 2015-03-23 21:30:56 -04:00
Bill Burke
410953fc5f broker oidc logout 2015-03-23 13:21:17 -04:00
Bill Burke
f546358d66 oidc logout profile 2015-03-22 12:45:36 -04:00
Bill Burke
97d5f4aafc broker refactor 2015-03-20 18:56:25 -04:00
Bill Burke
90c815055d broker logout 2015-03-20 12:13:33 -04:00
Stian Thorgersen
71c7d8e48b Merge pull request #1062 from velias/KEYCLOAK-1053
KEYCLOAK-1053 patch of email validation during social login without email
2015-03-20 05:37:16 +01:00
Michael Gerber
d8193f0f25 ui_locales as specified in:
http://openid.net/specs/openid-connect-core-1_0.html#rfc.section.3.1.2

replace ' through '' and introduce msg method for i18n in *.ftl files

replace ' through '' and introduce msg method for i18n in *.ftl files

css dorpdown

get current url with locale as query parameter

Introduce LocaleBean

add css dropdown to account page

css styling...

css styling...
2015-03-19 21:28:55 +01:00
mposolda
a65bac7751 Mongo migration: admin roles, timeout, protocol mappers 2015-03-19 19:58:19 +01:00
mposolda
82e290e06c Minor model fix 2015-03-19 19:58:19 +01:00
Vlastimil Elias
c0cf537654 KEYCLOAK-1053 - social login do not fail when email validation is
enabled for realm but email is not provided by social login provider
(eg. Twitter)
2015-03-19 17:19:55 +01:00
Bill Burke
b26277a17c broker fixes 2015-03-18 21:58:04 -04:00
mposolda
24f18609dd Update federated links when identity provider alias is changed 2015-03-18 09:43:53 +01:00
mposolda
aeb27ff047 KEYCLOAK-1108 Remove option for enable/disable login per application 2015-03-18 09:43:53 +01:00
Bill Burke
ce2c4188fb saml broker import/export, and module fixes 2015-03-17 19:20:46 -04:00
Stian Thorgersen
13b22d6644 KEYCLOAK-1107 saml and oidc broker options don't sho 2015-03-17 12:10:53 +01:00
Stian Thorgersen
2d785b5d5e KEYCLOAK-1050 Added support for selecting multiple values 2015-03-17 07:52:55 +01:00
Bill Burke
4a8f34f27f Merge pull request #1052 from patriot1burke/master
set saml issuer
2015-03-16 16:18:36 -04:00
Bill Burke
de2aa8e676 javadoc fixes 2015-03-16 15:37:49 -04:00
mposolda
4da566ae4d KEYCLOAK-1094 Rename k_idp_hint to kc_idp_hint 2015-03-16 20:00:20 +01:00
Bill Burke
321041fccf Merge pull request #1050 from patriot1burke/master
saml broker SPSSO descriptor
2015-03-16 13:31:47 -04:00
Bill Burke
224066f0fd saml broker defaults and export page 2015-03-16 12:34:20 -04:00
mposolda
5fe0c38498 KEYCLOAK-1092 Fix test for crud of federated identity links 2015-03-16 16:49:01 +01:00
Bill Burke
ec1ba40f4a Merge remote-tracking branch 'upstream/master' 2015-03-16 09:22:55 -04:00
Stian Thorgersen
e2b02d414f Change adapters to use auth and token endpoints 2015-03-16 09:23:12 +01:00
Michael Gerber
144ee2c56d add localization support to realm
(cherry picked from commit b00764b)

add localization support to realm
(cherry picked from commit b00764b)

add localization support to realm
(cherry picked from commit b00764b)

admin gui for localization support
(cherry picked from commit c157cc3)

added locale support to ClassLoaderTheme and FolderTheme
(cherry picked from commit 764960a)

rename localizatin to internationalization
(cherry picked from commit 74a0658)

fallback if no message can be found
(cherry picked from commit 2d54e6f)

fallback if no message can be found
(cherry picked from commit 2d54e6f)

add HttpHeaders
(cherry picked from commit be921c8)

add HttpHeaders
(cherry picked from commit be921c8)

NPE fix
(cherry picked from commit 148158b)

improve locale helper
(cherry picked from commit 57a805a)

write cookie
fix npe
(cherry picked from commit 33398b3)

dropdown to choose language
(cherry picked from commit 9e2eb60)

added dropdown to choose locale to the account page.
fixed the path of the cookie.
(cherry picked from commit 871469a)

remove debug info
(cherry picked from commit c3ea6b1)

added dropdown to change locale for user.
(cherry picked from commit 1575bea)

add i18n for emails
(cherry picked from commit b6280e9)

i18n for emails
(cherry picked from commit 6118c51)

set default locale to english
(cherry picked from commit 386447b)

change locale type form String to Locale
(cherry picked from commit 8dcc595)

change file encoding
(cherry picked from commit 2cce96d)

added parameters to setSuccess, setWarning, setError
(cherry picked from commit 64ea438)

i18n for error messages
(cherry picked from commit e75d5ef)

i18n for error message in login
(cherry picked from commit 8b60c96)

add i18n for messages in account pages
(cherry picked from commit 9849d94)

fix unit test
(cherry picked from commit a70a1c7)

fix unit test
(cherry picked from commit 008744b)

locale localization :)
(cherry picked from commit f3a2144)

locale localization :)
(cherry picked from commit 21f6384)

messages refactoring
(cherry picked from commit 08f1ae7)

messages refactoring
(cherry picked from commit 3b4b53a)

messages refactoring
(cherry picked from commit 69146d4)

messages refactoring
(cherry picked from commit cd3db1d)

messages refactoring
(cherry picked from commit 715583f)

fix unit tests after message refactoring
(cherry picked from commit a82c9ff)

fix unit tests after message refactoring
(cherry picked from commit 5662d83)

fix unit tests after message refactoring
(cherry picked from commit 1188de6)

fix unit tests after message refactoring
(cherry picked from commit 90ded07)

German translations
(cherry picked from commit 9822b99)

removed newliines
(cherry picked from commit 34ca1d8)

removed java 8 dependency
(cherry picked from commit 3a23f4f)

typo
(cherry picked from commit a818122)

typo
(cherry picked from commit a818122)

forgotten properties

unit test fixes

unit test fixes

fixes after rebase

add localization support to realm
(cherry picked from commit b00764b)

add localization support to realm
(cherry picked from commit b00764b)

add localization support to realm
(cherry picked from commit b00764b)

admin gui for localization support
(cherry picked from commit c157cc3)

added locale support to ClassLoaderTheme and FolderTheme
(cherry picked from commit 764960a)

rename localizatin to internationalization
(cherry picked from commit 74a0658)

fallback if no message can be found
(cherry picked from commit 2d54e6f)

fallback if no message can be found
(cherry picked from commit 2d54e6f)

add HttpHeaders
(cherry picked from commit be921c8)

add HttpHeaders
(cherry picked from commit be921c8)

NPE fix
(cherry picked from commit 148158b)

improve locale helper
(cherry picked from commit 57a805a)

write cookie
fix npe
(cherry picked from commit 33398b3)

dropdown to choose language
(cherry picked from commit 9e2eb60)

added dropdown to choose locale to the account page.
fixed the path of the cookie.
(cherry picked from commit 871469a)

remove debug info
(cherry picked from commit c3ea6b1)

added dropdown to change locale for user.
(cherry picked from commit 1575bea)

add i18n for emails
(cherry picked from commit b6280e9)

i18n for emails
(cherry picked from commit 6118c51)

set default locale to english
(cherry picked from commit 386447b)

change locale type form String to Locale
(cherry picked from commit 8dcc595)

change file encoding
(cherry picked from commit 2cce96d)

added parameters to setSuccess, setWarning, setError
(cherry picked from commit 64ea438)

i18n for error messages
(cherry picked from commit e75d5ef)

i18n for error message in login
(cherry picked from commit 8b60c96)

add i18n for messages in account pages
(cherry picked from commit 9849d94)

fix unit test
(cherry picked from commit a70a1c7)

fix unit test
(cherry picked from commit 008744b)

locale localization :)
(cherry picked from commit f3a2144)

locale localization :)
(cherry picked from commit 21f6384)

messages refactoring
(cherry picked from commit 08f1ae7)

messages refactoring
(cherry picked from commit 3b4b53a)

messages refactoring
(cherry picked from commit 69146d4)

messages refactoring
(cherry picked from commit cd3db1d)

messages refactoring
(cherry picked from commit 715583f)

fix unit tests after message refactoring
(cherry picked from commit a82c9ff)

fix unit tests after message refactoring
(cherry picked from commit 5662d83)

fix unit tests after message refactoring
(cherry picked from commit 1188de6)

fix unit tests after message refactoring
(cherry picked from commit 90ded07)

German translations
(cherry picked from commit 9822b99)

removed newliines
(cherry picked from commit 34ca1d8)

removed java 8 dependency
(cherry picked from commit 3a23f4f)

typo
(cherry picked from commit a818122)

typo
(cherry picked from commit a818122)

forgotten properties

unit test fixes

unit test fixes

fixes after rebase

fixes after rebase

fixes after rebase

fixes after rebase
2015-03-14 14:08:06 +01:00
Bill Burke
60ecf99aa6 export saml broker SPSSO descriptor 2015-03-13 20:56:40 -04:00
Juraci Paixão Kröhling
a64ce244d5 KEYCLOAK-1101 - Added notUsername() to password policy. 2015-03-13 15:50:28 +01:00
Vlastimil Elias
43aa61ace3 KEYCLOAK-1074
- field label changes on login page
- added all relevant integration tests
2015-03-12 15:45:41 +01:00
Vlastimil Elias
dec8d33af1 code formatting improved to keep only real changes done for
KEYCLOAK-1074
2015-03-12 15:43:16 +01:00
Vlastimil Elias
c8c0449124 code formatting patched to be close to original and produce better difs 2015-03-12 15:39:31 +01:00
Vlastimil Elias
21b4f9a2f1 KEYCLOAK-1074 - Allow registration with email as username (without
username as separate field)
2015-03-12 15:31:19 +01:00
Stian Thorgersen
ffbb2df1f3 KEYCLOAK-571 OpenID Connect Discovery
KEYCLOAK-1091 JSON Web Key Set endpoint
KEYCLOAK-790 One OpenID Connect token endpoint URL
2015-03-12 11:45:13 +01:00
Bill Burke
6450c4c5f3 cleanup and docs for mappers 2015-03-11 12:05:27 -04:00
Bill Burke
451ce64907 role name mapper 2015-03-11 09:59:56 -04:00
Bill Burke
28a5e61dff role mappers and testing 2015-03-09 21:03:35 -04:00
Bill Burke
5cf64546c8 Merge remote-tracking branch 'upstream/master' 2015-03-09 09:05:53 -04:00
Bill Burke
cdf22669f4 test oidc mappers 2015-03-09 09:05:39 -04:00
Bill Burke
d4468913dd hardcoded saml mappers 2015-03-09 07:55:20 -04:00
Stian Thorgersen
452931bfb8 Simplified setting to/from dates 2015-03-09 11:47:08 +01:00
girirajsharma
d2188a3f55 Fixed Event Viewer pagination, date filter and added testcases. 2015-03-09 11:47:08 +01:00
girirajsharma
ce33ce2485 [KEYCLOAK-1050] - Improve filtering in Event viewer in admin app. 2015-03-09 11:47:08 +01:00
Bill Burke
5c6c30fef4 saml role list mapper 2015-03-07 19:47:34 -05:00
Bill Burke
1de285b724 mappers 2015-03-06 18:42:20 -05:00
Bill Burke
4a4158a4e4 test saml attributes 2015-03-06 18:29:36 -05:00
mposolda
db07d79009 KEYCLOAK-1066 Kerberos credential delegation support 2015-03-06 12:59:29 +01:00
Stian Thorgersen
1f5fedb0b0 Module provider loader 2015-03-06 05:30:17 +01:00
Bill Burke
db2c01caa9 more mappers 2015-03-05 19:55:53 -05:00
Bill Burke
98831ec05a fix other claims in IDToken 2015-03-04 20:27:06 -05:00
Bill Burke
453ef808cc ID token mapping 2015-03-04 18:39:10 -05:00
Bill Burke
94980fff29 merge conflicts 2015-03-04 17:27:44 -05:00
Bill Burke
33520e9fec reg/account custom attributes 2015-03-04 17:25:50 -05:00
Stian Thorgersen
6c7f35c509 KEYCLOAK-1014 Don't redirect to app after reset password or verify email if new browser session 2015-03-04 13:39:11 +01:00
Stian Thorgersen
f907a749aa KEYCLOAK-1015 Allow configuring login timeout separate to login actions 2015-03-04 08:45:01 +01:00
Bill Burke
396e0c6171 refactor mappers 2015-03-03 20:38:28 -05:00
Bill Burke
608185f06a boolean mapper property types 2015-03-03 12:00:40 -05:00
Bill Burke
753feae49e fixes 2015-03-02 21:39:43 -05:00
mposolda
58a7e549b2 Fix mongo to pass with testsuite 2015-03-02 12:07:31 +01:00
Bill Burke
4361ce1d42 mapper refactoring 2015-02-28 19:48:50 -05:00
Bill Burke
2da925505e saml attribute mappers 2015-02-28 11:17:06 -05:00
Bill Burke
07b038e126 add mapper category and help text 2015-02-27 18:21:42 -05:00
Bill Burke
8533d49dfb Merge remote-tracking branch 'upstream/master' 2015-02-27 17:28:09 -05:00
Bill Burke
1c6e90c4ef protocol mapper ui 2015-02-27 17:21:02 -05:00
pedroigor
b45d6b896a [KEYCLOAK-883] - Configuration option to disable token retrieval from applications. 2015-02-27 02:13:27 -03:00
pedroigor
17653e7e74 [KEYCLOAK-883] - Reverting change that redirects to error page when federating identities.. 2015-02-26 15:27:32 -03:00
pedroigor
8f263a43e3 [KEYCLOAK-883] - Examples config and logging changes. 2015-02-26 12:34:33 -03:00
pedroigor
6e38964838 [KEYCLOAK-883] - Minor changes to the configuration of identity providers for clients. 2015-02-25 21:00:49 -03:00
Bill Burke
430daf4c39 Merge remote-tracking branch 'upstream/master' 2015-02-25 11:35:04 -05:00
Bill Burke
9f759ed77c rest interface for claim mapping 2015-02-25 11:34:51 -05:00
Stian Thorgersen
195a5dffdc Merge pull request #995 from stianst/master
KEYCLOAK-1017 Add server version to cached resources to prevent problems...
2015-02-25 16:15:11 +01:00
pedroigor
128cd98ce2 [KEYCLOAK-1036] - Revert. 2015-02-25 11:21:56 -03:00
Stian Thorgersen
5a10bbc8ca KEYCLOAK-1017 Add server version to cached resources to prevent problems with browser cache 2015-02-25 15:03:01 +01:00
Stian Thorgersen
b6a512b494 KEYCLOAK-934 Extract dependencies into modules 2015-02-25 12:05:48 +01:00
Bill Burke
c20ad93807 claim mappings next phase 2015-02-24 19:37:07 -05:00
Bill Burke
100dbd5fd7 ProviderFactory.postInit() 2015-02-23 12:11:48 -05:00
Bill Burke
d06b7a47ac Merge remote-tracking branch 'upstream/master' 2015-02-23 11:39:39 -05:00
Bill Burke
1dde3e1459 provider events 2015-02-23 11:39:24 -05:00
mposolda
9f8b59dfb6 Kerberos/LDAP fixes 2015-02-23 14:07:55 +01:00
mposolda
9dd5ecd464 Kerberos automated test 2015-02-23 13:13:34 +01:00
Bill Burke
69582ee3be more claims work 2015-02-21 10:26:55 -05:00
Bill Burke
42ffe21f91 Merge remote-tracking branch 'upstream/master' 2015-02-20 09:23:18 -05:00
Bill Burke
20f12ea960 changes 2015-02-20 09:22:49 -05:00
mposolda
d8024b0c6c Kerberos refactored to be federation provider. Support for Kerberos and LDAP. Username/password authentication support with kerberos credentials.
First step - KerberosFederationProvider

Finished KerberosFederationProvider. Added support for username/password authentication with kerberos credentials

Added Kerberos UI to LDAPFederationProvider

Fixes
2015-02-18 17:19:15 +01:00
mposolda
5da05aa62a LDAP testing improvements. Support for embedded Kerberos server in testsuite 2015-02-16 11:50:28 +01:00
mposolda
3ef243dd42 Add authenticateByDefault flag to IdentityProviderModel 2015-02-13 10:08:51 +01:00
pedroigor
b0fb737de3 [KEYCLOAK-883] - Code cleanup and refactoring. 2015-02-13 01:27:11 -02:00
mposolda
534187f4d7 KEYCLOAK-1037 Bad error message on login form in case of expired code 2015-02-11 18:48:32 +01:00
mposolda
03d607b022 Fix showing federation links of users in admin console 2015-02-11 13:03:31 +01:00
mposolda
4b637036ac Display error page if kerberos token is unavailable 2015-02-11 12:25:20 +01:00
Bill Burke
40f2fb91bc Merge pull request #960 from girirajsharma/master
Updated BC provider versions and deprecated CertificateUtil methods.
2015-02-10 17:55:45 -05:00
mposolda
f582250b31 KEYCLOAK-1036 Don't allow registration through identity brokering in case that realm registration is disabled 2015-02-10 16:57:07 +01:00
girirajsharma
c3d7ef8066 Updated BC provider versions and deprecated CertificateUtil methods. 2015-02-10 18:44:54 +05:30
mposolda
90496f62ac KEYCLOAK-1035 Brokered identity linked by account management may not be recognized during login 2015-02-10 13:54:45 +01:00
mposolda
d523d7f202 Ensure timestamp on clientSession is updated in AccountService when linking identity broker 2015-02-10 09:49:44 +01:00
pedroigor
ff1f10d7a7 [KEYCLOAK-883] - Refactoring to services endpoints and exposing them through admin client. 2015-02-09 21:30:21 -02:00
pedroigor
cb72fa4788 [KEYCLOAK-883] - Idp hint should be processed firts. 2015-02-08 22:01:30 -02:00
pedroigor
1e13254598 [KEYCLOAK-992] - Initial code for examples. Fixing cors when retreiving tokens. 2015-02-08 03:27:57 -02:00
pedroigor
4b1ba704ec [KEYCLOAK-992] - Token retrieval from brokered idps. 2015-02-06 22:23:34 -02:00
mposolda
8b4e724aeb KEYCLOAK-1025 Skip automatic logout from KC admin console for non-authorized users 2015-02-06 18:13:17 +01:00
pedroigor
99a457c5c1 [KEYCLOAK-996] - Allow application to select provider. 2015-01-30 14:02:53 -02:00
girirajsharma
2d6e1048ef Fixed adding right CORS headers to actual and preflight CORS requests. 2015-01-30 13:57:27 +05:30
Pedro Igor
f013796324 Merge pull request #938 from pedroigor/KEYCLOAK-883
[KEYCLOAK-883] - Initial tests for SAML brokering.
2015-01-29 09:11:39 -02:00
pedroigor
1960c608cd [KEYCLOAK-883] - Initial tests for SAML brokering. 2015-01-29 00:04:02 -02:00
Bill Burke
fd20a25100 Merge remote-tracking branch 'upstream/master' 2015-01-28 17:09:59 -05:00
Bill Burke
ea3bba98aa saml frontchannel logout 2015-01-28 17:09:13 -05:00
Stian Thorgersen
6ecd9fbde7 Merge pull request #936 from stianst/master
Provider loaders
2015-01-28 11:51:05 +01:00
Stian Thorgersen
67ba1de56f KEYCLOAK-999 Load providers from file-system 2015-01-28 09:15:07 +01:00
pedroigor
2065815627 [KEYCLOAK-883] - Model tests. 2015-01-27 23:53:56 -02:00
pedroigor
c2ba2a70ce [KEYCLOAK-997] - Redirect directly to provider if password login is disabled and there's only one provider. 2015-01-23 18:20:19 -02:00
pedroigor
b9a7594113 [KEYCLOAK-883] - More SAML configuration. Using SAML builders to create AuthnRequest. 2015-01-21 23:40:20 -02:00
Stian Thorgersen
f31bece1b9 KEYCLOAK-980 Password reset is possible with expired link 2015-01-21 13:11:06 +01:00
Stian Thorgersen
e7a792f922 KEYCLOAK-983 Fix login after reset-password 2015-01-21 12:28:30 +01:00
Bill Burke
8b6a3ad8e4 Merge remote-tracking branch 'upstream/master' 2015-01-16 18:58:01 -05:00
Bill Burke
a0ba6d2c16 saml redirect logout 1st step 2015-01-16 18:57:33 -05:00
Bill Burke
ef2698936b Merge pull request #919 from pedroigor/KEYCLOAK-884
[KEYCLOAK-884] - OpenID Connect UserInfo Endpoint.
2015-01-16 14:28:30 -05:00
pedroigor
4f432775ed [KEYCLOAK-884] - OpenID Connect UserInfo Endpoint. 2015-01-16 15:45:27 -02:00
mposolda
e4a8ced8b0 KEYCLOAK-974 ServerVersionResource doesn't handle cors requests 2015-01-16 12:57:08 +01:00
Stian Thorgersen
8828d6e2f1 KEYCLOAK-965 NPE in TokenManager.verifyAccess if application is deleted 2015-01-16 11:25:05 +01:00
Stian Thorgersen
bf6c46da1c KEYCLOAK-962 Changed access token request to use redirect_uri from initial request instead of the resolved redirect_uri 2015-01-16 11:01:03 +01:00
Stian Thorgersen
29b8c2c924 KEYCLOAK-949 Disabled user with wrong credentials receive wrong error message 2015-01-14 10:10:53 +01:00
Stian Thorgersen
abd5967be3 KEYCLOAK-957 Access Token Request does not verify redirect_uri 2015-01-14 09:59:21 +01:00
Michael Gerber
3be74cda30 check if email is null 2015-01-14 09:18:05 +01:00
pedroigor
fa2533ed11 [KEYCLOAK-883] - Initial changes. 2015-01-13 00:58:19 -02:00
mposolda
fff8ae9f8a KEYCLOAK-942 Incorrect condition in ResourceAdminManager could cause global logout 2015-01-08 11:09:11 +01:00
pedroigor
c4892428ae [KEYCLOAK-928] - Validate duplicated emails when updating profile. 2015-01-07 11:09:40 -02:00
Michael Gerber
181c1c8b5b add error event if mail can not be send 2015-01-06 13:02:27 +01:00
Stian Thorgersen
45a1f4361e Add test 2015-01-05 14:34:08 +01:00
Stian Thorgersen
39daeca09c Merge branch 'reset-password' of https://github.com/gerbermichi/keycloak into gerbermichi-reset-password 2015-01-05 14:26:51 +01:00
gerbermichi
0c73e67372 a disabled user should not receive an email to reset the password 2015-01-05 14:07:03 +01:00
Stian Thorgersen
628437c146 KEYCLOAK-760 OAuth2 refresh token expiration date 2015-01-05 10:50:50 +01:00
Michael Gerber
019bb558d1 reset-password-email with redirect_uri and client_id 2015-01-02 14:10:44 +01:00
Michael Gerber
53e18b3ebe fix reset-password-email 2015-01-02 12:52:21 +01:00
Stian Thorgersen
f97b71c207 KEYCLOAK-903
No client session for direct grant
2014-12-30 13:28:08 +01:00
Stian Thorgersen
a367473386 KEYCLOAK-902 State should not be required 2014-12-30 10:38:08 +01:00
Stian Thorgersen
e174802b0d KEYCLOAK-825
Log out user sessions on password reset
2014-12-17 14:54:33 +01:00
Stian Thorgersen
6cf42db584 KEYCLOAK-891 Create server info page on admin console 2014-12-17 13:21:31 +01:00
gerbermichi
2186fe32a9 Bugfix: Can not read keycloak-server.json if the path contains a space
https://issues.jboss.org/browse/KEYCLOAK-892
2014-12-17 12:32:06 +01:00
apenders
f3adf02eea Added CORS preflight support for realms/<realm>/tokens/refresh 2014-12-02 15:33:15 -07:00
Stian Thorgersen
a843e31c12 KEYCLOAK-862 Use HmacSHA256 for code signatures 2014-11-27 10:02:08 +01:00
Bill Burke
46983d68f3 move ServerCookie to core 2014-11-14 09:20:03 -05:00
mposolda
a94ab5883d KEYCLOAK-835 Move AdapterConstants to different package 2014-11-10 22:16:20 +01:00
Marek Posolda
c0f377c8c7 Merge pull request #841 from jpkrohling/JPK-KEYCLOAK-821
KEYCLOAK-821 - Support for comma-separated list of file names to import.
2014-11-06 20:32:31 +01:00
Juraci Paixão Kröhling
cd0ad70952 KEYCLOAK-821 - Support for comma-separated list of file names to import. 2014-11-05 17:04:17 +01:00
Stian Thorgersen
e7625c2bb1 KEYCLOAK-820 Don't expose realm private key through admin endpoints 2014-11-05 15:34:56 +01:00
Bill Burke
9c175bfb5d Merge remote-tracking branch 'upstream/master' 2014-11-04 15:55:47 -05:00
Bill Burke
ede59a4441 fix jax-doclets 2014-11-04 15:55:33 -05:00
Stian Thorgersen
7327423a03 Fix ResetPasswordTest 2014-11-04 13:05:50 +01:00
Stian Thorgersen
bb2de4dc59 KEYCLOAK-787 Clicking back to login after sending password reset email fails 2014-10-31 13:59:56 +01:00
Stian Thorgersen
9b0d5acb50 KEYCLOAK-704 KEYCLOAK-768 Improvements to access code generation 2014-10-31 12:45:03 +01:00
Stian Thorgersen
8adad9dddf KEYCLOAK-806
Increase defaults for 'SSO Session Idle Timeout'
2014-10-31 09:41:21 +01:00
Bill Burke
cf747dac22 remove info logging 2014-10-30 09:53:06 -04:00
Bill Burke
0183ac43bc aud should be client-id, issuer should be realm 2014-10-29 15:56:25 -04:00
Stian Thorgersen
6e4785e74c KEYCLOAK-777 No login event for social login 2014-10-28 19:56:41 +01:00
Bill Burke
12e2a4698d idp descriptor 2014-10-28 12:49:31 -04:00
Bill Burke
e3609cc85b app importer 2014-10-28 11:54:58 -04:00
Bill Burke
971f0f5c16 publish protocol support 2014-10-24 11:25:04 -04:00
Bill Burke
1be070e34d cleanup 2014-10-24 11:00:34 -04:00
Bill Burke
ce76270ad8 saml key refactor 2014-10-24 10:58:32 -04:00
mposolda
f3da9760a3 Send node registration at 1st request instead of deployment startup. Bugfixing 2014-10-21 23:15:21 +02:00
Bill Burke
668497df4d upload keys 2014-10-21 16:33:17 -04:00
mposolda
01c705b4d3 KEYCLOAK-759 Added adapter clustering to admin console 2014-10-21 12:32:53 +02:00
Stian Thorgersen
dd4b2f811b KEYCLOAK-710 Ignore missing roles in access-code 2014-10-21 11:15:35 +02:00
Stian Thorgersen
6b2a4229e3 KEYCLOAK-700 Check path is valid in account/login-redirect 2014-10-21 09:57:56 +02:00
Stian Thorgersen
63b41e2548 KEYCLOAK-703 Check valid origin is passed to login-status-iframe 2014-10-21 09:57:56 +02:00
Stian Thorgersen
ed895ce02d KEYCLOAK-699 Set maximum size of qr-code 2014-10-21 09:57:56 +02:00
mposolda
7d8f265789 KEYCLOAK-759 dynamic registration of managementUrls in cluster 2014-10-17 21:51:46 +02:00
Bill Burke
8fbc8fc736 Merge remote-tracking branch 'upstream/master' 2014-10-14 18:39:08 -04:00
Bill Burke
7760887ac1 app cert support, bug fixes 2014-10-14 18:38:48 -04:00
Stian Thorgersen
106a0cb48d KEYCLOAK-755 Support env variables in keycloak-server.json 2014-10-14 15:06:18 +02:00
Stian Thorgersen
1021e8af5c KEYCLOAK-753 Add 'username:' prefix to remember me cookie to prevent issue with old cookie 2014-10-14 13:44:03 +02:00
Stian Thorgersen
4d401224de KEYCLOAK-746 Allow linking to account from external provider 2014-10-13 10:48:45 +02:00
Bill Burke
4d007c776a generate/store realm certificate 2014-10-11 10:49:04 -04:00
Bill Burke
deffa9b4e1 oauth id in admin console 2014-10-10 16:55:57 -04:00
Bill Burke
0ace5cd746 merge conflicts 2014-10-09 18:26:14 -04:00
Bill Burke
94da99bf10 use app id in admin console urls 2014-10-09 18:22:02 -04:00
mposolda
9954d68a1f KEYCLOAK-748 cluster-aware logout for non-distributable apps 2014-10-09 21:33:07 +02:00
mposolda
ac8b43358d Reduce logging 2014-10-08 23:28:02 +02:00
mposolda
7e7406ddb7 KEYCLOAK-743 Stateless session mgmt. Drop statistics for adapters. 2014-10-08 22:18:10 +02:00
Bill Burke
a1d1877751 ClientModel attributes and protocol 2014-10-08 10:54:13 -04:00
Bill Burke
5f1e6f3a23 merge 2014-10-07 18:17:44 -04:00
Bill Burke
6d5ab0f66b saml backchannel logout 2014-10-07 18:06:02 -04:00
Bill Burke
e01424b815 Merge pull request #741 from patriot1burke/master
saml basic
2014-10-04 22:15:56 -04:00
Bill Burke
e3a3933390 saml basic 2014-10-04 21:27:48 -04:00
Stian Thorgersen
0d5be568f8 KEYCLOAK-722 Refreshing token throws RuntimeException if realm keys have changed 2014-10-03 13:23:21 +02:00
Stian Thorgersen
d6f030a05a KEYCLOAK-662 NPE when using direct grant API with email as username 2014-10-03 12:10:52 +02:00
mposolda
e6121f301f KEYCLOAK-732 AuthenticationManager.logout should logout just current userSession 2014-10-02 22:52:44 +02:00
mposolda
72b5632cfe KEYCLOAK-731 Support for replacing configuration of Java adapters with system properties 2014-10-02 19:15:37 +02:00
mposolda
95521e8a95 KEYCLOAK-709 ResourceAdminManager.logoutApplication shouldn't immediatelly fail with RuntimeException 2014-10-01 23:20:49 +02:00
Bill Burke
6cf62a2768 move pre-auth 2014-10-01 14:57:52 -04:00
Bill Burke
cbc383d494 finish protocol refactoring 2014-10-01 14:19:59 -04:00
Bill Burke
546d45b009 protocol abstraction 2014-10-01 10:38:42 -04:00
Bill Burke
4b399fe05a login protocol abstraction 2014-10-01 10:01:42 -04:00
Bill Burke
e32f73880f Merge remote-tracking branch 'upstream/master' 2014-09-30 15:58:39 -04:00
Bill Burke
63b65c933b token service refactoring 2014-09-30 15:58:20 -04:00
Stian Thorgersen
1d4e842cc0 Fixes to Mongo user session provider 2014-09-30 14:24:49 +02:00
Stian Thorgersen
99c73a9cc7 Clustering support 2014-09-30 09:40:20 +02:00
Bill Burke
fc867e59ea action url refactor 2014-09-29 16:57:58 -04:00
Bill Burke
75a3093dda login refactor phase 2, still more to do 2014-09-29 16:15:33 -04:00
Bill Burke
67f10bee24 Merge remote-tracking branch 'upstream/master' 2014-09-29 09:56:37 -04:00
Bill Burke
524b423733 ClientSession everywhere refactor phase1 2014-09-26 17:44:33 -04:00
Stian Thorgersen
f2e97ff9d6 Add test to add/remove attributes to user through admin endpoints 2014-09-25 19:35:57 +02:00
Bill Burke
66d58476d0 refactor security page flow 2014-09-23 11:05:10 -04:00
Bill Burke
bf42227224 remove junk 2014-09-22 16:35:22 -04:00
Bill Burke
99a6713e6f clientsession notes 2014-09-22 16:34:42 -04:00
Bill Burke
0b8b31a3ea KEYCLOAK-705 2014-09-19 10:00:47 -04:00
Stian Thorgersen
dcb5717154 KEYCLOAK-696 Display Keycloak version in admin console 2014-09-18 13:24:03 +02:00
mposolda
89471b7db1 KEYCLOAK-695 Let KEYCLOAK_REMEMBER_ME cookie to be valid for 1 year 2014-09-18 11:03:44 +02:00
mposolda
1049bca433 Prefill login form just if rememberMe enabled for the realm 2014-09-17 08:54:29 +02:00
mposolda
5352872b4b Use KEYCLOAK_REMEMBER_ME as hint to prefill login form. Change lifespan of KEYCLOAK_IDENTITY to maxSsoSessionLifespan 2014-09-16 22:09:27 +02:00
mposolda
1be2bff95f Typo 2014-09-12 16:57:02 +02:00
Stian Thorgersen
811cfd52c9 KEYCLOAK-657 Set cache-control for keycloak.js and login-iframe 2014-09-12 13:46:56 +02:00
Stian Thorgersen
7c15a70f53 Fixes to KEYCLOAK-682 2014-09-12 12:26:52 +02:00
Stian Thorgersen
5d141d4d8a KEYCLOAK-682 Only send logout admin action to clients associated with user session 2014-09-12 11:47:11 +02:00
mposolda
6f173d4554 KEYCLOAK-678 Preserve form values in account mgmt after error 2014-09-11 20:54:48 +02:00
mposolda
649a40f58c KEYCLOAK-676 Validate email address format during registration or account mgmt 2014-09-11 20:05:00 +02:00
Stian Thorgersen
b23463a1d2 KEYCLOAK-653 Add theme support to welcome-pages 2014-09-11 15:58:29 +02:00
Stian Thorgersen
280cbf2174 KEYCLOAK-680 Add/remove social-links through admin api 2014-09-11 12:09:55 +02:00
mposolda
aa7bbeb11b Support for cors in PublicRealmResource 2014-09-10 13:05:53 +02:00
mposolda
52920119bd Ensure that ServerInfo request is authorized and add CORS support to it 2014-09-10 10:42:05 +02:00
Stian Thorgersen
557de7690e Fix CRSF protection on Chrome, and add check if 'Referer' header 2014-09-10 10:32:56 +02:00
Bill Burke
e3e32982a0 change CSRF to random value 2014-09-09 13:27:34 -04:00
Bill Burke
ac29db51e5 nolog CORS exception 2014-09-09 12:51:55 -04:00
Bill Burke
d0a3a04d34 CSRF 2014-09-09 12:06:48 -04:00
Stian Thorgersen
3530fa6259 KEYCLOAK-666 Update session last refreshed on every token refresh 2014-09-09 11:01:24 +02:00
Stian Thorgersen
8c8c44e50f KEYCLOAK-658 Fix searching for users 2014-09-02 10:01:44 +02:00
Stian Thorgersen
31b0f5543f Fixes 2014-08-29 17:11:18 +02:00
Stian Thorgersen
39c0be5d99 KEYCLOAK-652
Social user can't set password
2014-08-29 16:51:10 +02:00
Stian Thorgersen
b9d0f64f74 Added password token to use inplace of plain-text password for totp 2014-08-28 13:51:55 +02:00
Stian Thorgersen
55d614fce8 Reduce log in UserFederationResource 2014-08-28 11:26:55 +02:00
Stian Thorgersen
3bfe3d256e Rename audit to events 2014-08-28 10:56:37 +02:00
mposolda
fb18004c1d KEYCLOAK-643 Handle flows with adding user with existing username or email in federation providers 2014-08-27 12:19:23 +02:00
Stian Thorgersen
55bd889a0f KEYCLOAK-531 Reduce info level logging 2014-08-27 11:17:24 +02:00
mposolda
b3b480c25f Display proper error message if LDAP-linked user couldn't be deleted due to read-only mode 2014-08-26 19:10:48 +02:00
mposolda
fd9d2ba4d5 Handle exceptions and UI errors when user is read only. Some sync issues 2014-08-26 12:54:05 +02:00
mposolda
6c7d0f27a7 More tooltips for LDAP and generic federation. Minor fixes 2014-08-25 16:28:52 +02:00
Bill Burke
e99afec7ec import console from export 2014-08-21 17:17:09 -04:00
Bill Burke
5dd84f1d9a fix AccountService referrer problems 2014-08-20 14:20:59 -04:00
Bill Burke
47f361a4ab nocache for fed provider list 2014-08-20 11:29:45 -04:00
Bill Burke
6e7924da76 demo fixes 2014-08-20 11:08:40 -04:00
Bill Burke
c38abb2cfe ? 2014-08-18 18:52:51 -04:00
Bill Burke
faf18dfdfd fix cookie parsing problem 2014-08-18 18:36:36 -04:00
Bill Burke
2dc32fb8c9 fix menu error 2014-08-18 18:06:23 -04:00
Bill Burke
c86a6ba3f3 fix admin reset email 2014-08-15 11:46:38 -04:00
Bill Burke
5dca2a3588 expanded token service coverage 2014-08-14 21:01:05 -04:00
Bill Burke
cfee00d4c5 fix relative uri problem 2014-08-14 11:01:04 -04:00
Bill Burke
29691a3167 Merge pull request #626 from patriot1burke/master
more tooltips, change password
2014-08-13 12:17:48 -04:00
Bill Burke
edf73af508 change password 2014-08-13 10:35:49 -04:00
mposolda
4bac0474c6 Sync UI for generic providers 2014-08-12 18:12:28 +02:00
mposolda
f0b66a2241 Admin console UI for sync of users from LDAP. Sync fixes 2014-08-12 18:12:27 +02:00
Bill Burke
abb1647672 Merge pull request #619 from patriot1burke/master
fix logout
2014-08-12 10:06:44 -04:00
Bill Burke
114c1b95fa fix logout 2014-08-12 10:06:19 -04:00
Stian Thorgersen
f95418dfc9 KEYCLOAK-592 Display login form with error message if trying to login with social provider where email already exists 2014-08-12 12:06:13 +01:00
Bill Burke
7c97e02715 X-Frame-Options, Content-Security-Policy 2014-08-11 17:45:01 -04:00
Stian Thorgersen
3f83538fc1 Merge pull request #612 from stianst/master
KEYCLOAK-616 Not require registration to add a new social user
2014-08-11 15:35:54 +01:00
Stian Thorgersen
3040f4e89f KEYCLOAK-616 Not require registration to add a new social user 2014-08-11 15:34:57 +01:00
mposolda
8ba7559cac Fix transaction handling in KeycloakModelUtils.runJobInTransaction. Start sync tasks for configured federation providers at startup 2014-08-11 13:51:44 +02:00
mposolda
d699404ce7 Support for periodic users sync 2014-08-10 23:23:50 +02:00
mposolda
5cb6c4e77c Improve TimerSPI to support cancelling of previously scheduled tasks 2014-08-10 23:17:39 +02:00
Bill Burke
48f7efc97f @NoCache where appropriate 2014-08-10 12:28:43 -04:00
Bill Burke
9aa6b4cbfa optimize imports 2014-08-10 12:17:45 -04:00
Bill Burke
dc4e8603d7 change logout behavior 2014-08-08 18:33:37 -04:00
Bill Burke
32a19563a5 KEYCLOAK-547 2014-08-06 19:15:52 -04:00
Bill Burke
aff32f69bb version 2014-08-06 15:44:50 -04:00
Bill Burke
5b5fea347a improved oauth login/grant 2014-08-05 19:36:19 -04:00
Bill Burke
19e1ddff1d logging 2014-08-05 16:04:13 -04:00
Bill Burke
ea0ceeb65d Merge pull request #589 from patriot1burke/master
app full scope
2014-08-04 16:26:51 -04:00
Bill Burke
a497c69758 relative logout 2014-08-04 16:17:35 -04:00
Bill Burke
731d75c756 app full scope by default 2014-08-04 16:04:10 -04:00
mposolda
5edb84ccfb Ensure that displayName is persisted. Add 'user' to ActiveDirectory classes 2014-08-04 16:42:48 +02:00
Bill Burke
60a564dcfd fix fed example 2014-08-03 10:53:37 -04:00
Bill Burke
101a72cd65 remove AuthenticationProvider/Link 2014-08-01 18:03:48 -04:00
Bill Burke
d1c5c55a61 switch to a get 2014-08-01 13:28:17 -04:00
Bill Burke
bdc31d9459 Merge remote-tracking branch 'upstream/master' 2014-08-01 13:18:46 -04:00
Bill Burke
f08c42a37e token validation 2014-08-01 13:18:32 -04:00
Stian Thorgersen
6cbeeb1b1a KEYCLOAK-591 Require SSL for all external requests by default 2014-08-01 13:52:04 +01:00
Bill Burke
705da88daa fix cache setup 2014-07-31 14:05:23 -04:00
Bill Burke
94c06f3f5d fed ui 2014-07-31 13:13:48 -04:00
Bill Burke
b72a7db6fe federation display name 2014-07-31 10:51:04 -04:00
Bill Burke
d0dc75c06f federation ui 2014-07-30 22:52:39 -04:00
Stian Thorgersen
fa01d53f9e KEYCLOAK-545 Stop NPE if no client_secret is specified or bearer-only application is used for grants/access 2014-07-30 16:41:07 +01:00
Stian Thorgersen
50bc53d673 KEYCLOAK-562 Cache theme instances 2014-07-30 16:06:08 +01:00
Stian Thorgersen
fcc4781e3a Updated admin endpoints and console to use oauth client name/clientId to retrieve a oauth client 2014-07-30 14:10:25 +01:00
Stian Thorgersen
614c718304 KEYCLOAK-581 Add login_hint query param to login 2014-07-30 13:43:46 +01:00
Stian Thorgersen
02a59812e6 Added ClientSessionModel to UserSessionProvider 2014-07-29 16:10:41 +01:00
Stian Thorgersen
7f4849e165 Merge pull request #560 from stianst/demo-non-localhost
KEYCLOAK-579 Use relative urls in examples
2014-07-28 10:48:30 +01:00
Stian Thorgersen
628c7dd92a KEYCLOAK-579 Use relative urls in examples 2014-07-28 10:41:21 +01:00
Bill Burke
3bb0842eae federation iteration 2 2014-07-25 21:05:45 -04:00
Stian Thorgersen
614bee3061 KEYCLOAK-570 Add use-resource-role-mappings to WildFly installation 2014-07-25 11:53:10 +01:00
Bill Burke
1b14444eba rename FederationProvider to UserFederationProvider 2014-07-24 11:11:21 -04:00
Stian Thorgersen
511cc483cb Moved audit/tests and model/tests to testsuite 2014-07-24 13:49:15 +01:00
Bill Burke
43d08f2d05 federation iteration 1 complete 2014-07-23 17:05:49 -04:00
Bill Burke
171e9b1ce9 Merge remote-tracking branch 'upstream/master' 2014-07-23 15:10:48 -04:00
Bill Burke
eec582e704 merge 2014-07-23 15:10:36 -04:00
Stian Thorgersen
d6f5bf6cde Moved rememberMe, usernameUsed fields from AccessCode to UserSessions. Change AccessCode to have a single action instead of a list of required actions, also used action for codes that needs user to grant permissions first. Finally removed expiration time on access code and use timestamp directly 2014-07-23 15:58:09 +01:00
Bill Burke
f1d72d0b6d fed 2 2014-07-23 10:42:18 -04:00
Bill Burke
148d494905 federation iteration 2014-07-23 10:21:25 -04:00
Stian Thorgersen
b196d0dded Remove access token from access code, and create token when code is exchanged for token 2014-07-22 09:37:21 +01:00
Bill Burke
f275ecf6d5 cache settings 2014-07-18 11:30:10 -04:00
mposolda
3dff4afe83 Export/import improvements and fixes 2014-07-17 21:31:33 +02:00
Stian Thorgersen
c21be01e97 Merge pull request #529 from stianst/master
KEYCLOAK-435 Added pagination support for users
2014-07-16 18:04:36 +01:00
Stian Thorgersen
72d240a57e KEYCLOAK-435 Added pagination support for users 2014-07-16 17:54:11 +01:00
Bill Burke
8fbfba907b Merge remote-tracking branch 'upstream/master' 2014-07-16 12:05:31 -04:00
Bill Burke
f342a8c7a3 move credential validation to UserProvider 2014-07-16 12:05:15 -04:00
Stian Thorgersen
e0ec121012 KEYCLOAK-559 If session iframe is enabled, check this before doing a login if onload is check-sso 2014-07-16 10:47:42 +01:00
Bill Burke
a5593469ae rename ModelProvider->RealmProvider 2014-07-15 15:44:50 -04:00
Bill Burke
484a4c1454 user provider refactor complete 2014-07-15 15:25:06 -04:00
Bill Burke
ff86bdc35f userprovider split 2014-07-15 12:11:12 -04:00
mposolda
c14840a4c0 More cleanup after rebase 2014-07-15 14:44:38 +02:00
mposolda
24a492ffe0 Export/import refactoring to use same representation as admin endpoints 2014-07-15 05:35:24 +02:00
Bill Burke
d2c27daa16 changes 2014-07-14 11:31:25 -04:00
Stian Thorgersen
3f68180ee7 KEYCLOAK-512 Pagination support for sessions 2014-07-14 11:49:59 +01:00
Stian Thorgersen
d625fb014c Added JPA connection provider and added basic support for multiple transactions to KeycloakSession 2014-07-14 10:10:03 +01:00
Bill Burke
626cecba95 enlist 2014-07-11 19:43:37 -04:00
Bill Burke
5f5316fbdc session transaction 2014-07-11 19:29:11 -04:00
Stian Thorgersen
86671a2354 Started UserSessionProvider 2014-07-10 16:48:25 +01:00
Stian Thorgersen
7491b1c369 KEYCLOAK-553 Added minified keycloak.js 2014-07-09 12:23:29 +01:00
Stian Thorgersen
ad6d52cb0f Removed model methods from KeycloakSession 2014-07-08 15:27:42 +01:00
Stian Thorgersen
8dc293f629 Removed removeAllData from model 2014-07-08 15:27:42 +01:00
Stian Thorgersen
621cae61b6 Added hybrid model provider with jpa stores 2014-07-08 12:04:09 +01:00
mposolda
ffc30b4c03 Changes in representations - adding role mappings under user representation 2014-07-07 22:48:53 +02:00
Stian Thorgersen
38857cf2e6 Remove notBefore from users 2014-07-07 16:23:53 +01:00
Stian Thorgersen
099743d448 Rename loginName to username 2014-07-07 15:56:21 +01:00
Stian Thorgersen
270d6108ca KEYCLOAK-501 Check if old session for browser exists and delete before creating a new 2014-06-27 12:55:33 +01:00
Stian Thorgersen
26eac398e0 KEYCLOAK-541 Create session after resetting password through email 2014-06-27 12:20:32 +01:00
Stian Thorgersen
34a1923d18 Refactor to prepar for splitting model 2014-06-27 09:39:06 +01:00
mposolda
b1cfab34fd Support for test of LDAP connection and authentication 2014-06-24 10:03:14 +02:00
mposolda
aea4fd8e30 Upgrade to picketlink 2.6.0.CR5. Support for sync whole UserModel into AuthenticationProvider 2014-06-23 15:29:00 +02:00
Stian Thorgersen
d73d2e0788 Started test tools module 2014-06-23 11:37:03 +01:00
Bill Burke
d21a19925b stateless access codes 2014-06-20 10:37:27 -04:00
Stian Thorgersen
469d044254 KEYCLOAK-532 2014-06-17 14:07:07 +01:00
Bill Burke
1eafb01c8d keycloak-521 2014-06-16 11:59:27 -04:00
Bill Burke
cbea141a54 cache impl 2014-06-13 17:17:45 -04:00
Bill Burke
2ae2067841 refactor for caching again 2014-06-12 11:11:14 -04:00
Bill Burke
0dd06e3343 model refactor for caching 2014-06-10 18:50:08 -04:00
Bill Burke
2f3c8bf079 cache refactor 2014-06-06 15:12:58 -04:00
Stian Thorgersen
5f6687ec62 KEYCLOAK-244 Social should be stateless 2014-06-05 10:09:17 +01:00
Bill Burke
9410adf9ce fix deadlocks 2014-06-02 21:33:43 -04:00
Stian Thorgersen
5dafad71ac Set cache-control on static resources from themes 2014-05-30 16:59:25 +01:00
Stian Thorgersen
24ac6cbbac Fix themes displayed multiple times in admin console 2014-05-29 10:28:05 +01:00
Stian Thorgersen
dd30a35e1e Disable session iframe in Corodova 2014-05-28 17:29:13 +01:00
Stian Thorgersen
9261c1608f Fix missing @Path in admin console 2014-05-27 13:40:32 +01:00
Bill Burke
199c786e22 jaxrs-doclet support 2014-05-26 20:41:33 -04:00
Bill Burke
1f8b2d4c7b stuff 2014-05-26 12:49:56 -04:00
Bill Burke
ab2932f75e effective roles to oauth 2014-05-23 19:01:09 -04:00
Bill Burke
e4232c73c6 admin rest api example 2014-05-23 18:20:55 -04:00
Bill Burke
54cc095ff5 admin cors support 2014-05-23 16:02:14 -04:00
Bill Burke
236f3ab768 admin cors 2014-05-23 09:37:07 -04:00
Stian Thorgersen
37099f3177 KEYCLOAK-494
Session state iframe uses first redirect uri for a client
2014-05-22 17:51:51 +01:00
Bill Burke
0d9e14d4c7 Merge remote-tracking branch 'upstream/master' 2014-05-21 10:56:21 -04:00
Stian Thorgersen
73f59417bd Remove index.html from redirect on '/auth/admin/' 2014-05-21 12:47:07 +01:00
Stian Thorgersen
6814230193 Fix NPE in account service 2014-05-21 12:13:00 +01:00
Stian Thorgersen
d68131ac00 KEYCLOAK-475
Log is shown in menu when audit is disabled for realm
2014-05-21 12:05:32 +01:00
Stian Thorgersen
952f098440 KEYCLOAK-483
Remove 'index.html' from console url
2014-05-21 11:16:48 +01:00
Stian Thorgersen
f08477ea66 Run import before creating default realm 2014-05-21 11:16:47 +01:00
Stian Thorgersen
eb47d43497 For installed app urn redirect to a page instead of returning the html, this is to prevent NPE if page is refreshed 2014-05-21 10:32:03 +01:00
Stian Thorgersen
59440840fe Read keycloak-sever.json from <JBOSS_HOME>/standalone/configuration if it exists 2014-05-21 09:35:01 +01:00
Bill Burke
ae3c4e8459 default web origin is redirect uris 2014-05-20 17:40:45 -04:00
Bill Burke
8e79f550b0 Merge remote-tracking branch 'upstream/master' 2014-05-20 16:49:28 -04:00
Bill Burke
0137918701 urn 2014-05-20 16:49:25 -04:00
Bill Burke
79828ddc78 Merge pull request #409 from patriot1burke/master
fix urn redirect uri
2014-05-20 16:15:40 -04:00
Bill Burke
fcca9dd90a fix urn redirect uri 2014-05-20 16:15:13 -04:00
Stian Thorgersen
b09e2f697e Email audit listener 2014-05-20 17:04:17 +01:00
Bill Burke
b3dd349342 check redirect uri exists in token service 2014-05-20 11:38:35 -04:00
Bill Burke
57f0ea0638 Merge remote-tracking branch 'upstream/master' 2014-05-20 09:27:18 -04:00
Bill Burke
f723ac79d1 redirect not required with bearer only 2014-05-20 09:19:04 -04:00
Stian Thorgersen
cc97265c06 Add realm option to enable/disable Resource Owner Password Credentials Grant 2014-05-20 11:32:22 +01:00
Stian Thorgersen
8d1149dc07 Add email theme config for realm 2014-05-20 11:00:43 +01:00
Bill Burke
a53206995a stuff 2014-05-19 15:08:38 -04:00
Bill Burke
11c23a7945 require redirect 2014-05-19 14:44:36 -04:00
Stian Thorgersen
a3d08e7191 Added theme support to emails 2014-05-19 17:34:58 +01:00
Bill Burke
7e8b16f975 acct svc + sessions 2014-05-19 17:34:48 +01:00
Bill Burke
dc7923c436 fix brute shutdown 2014-05-19 10:33:49 -04:00
Bill Burke
c2bf6c3822 Merge remote-tracking branch 'upstream/master' 2014-05-17 14:24:37 -04:00
Bill Burke
ab8de6ba25 client user-session association 2014-05-17 14:24:32 -04:00
Stian Thorgersen
855269f35d Added 'keycloak-server.json' for configuring the server
Added SPI interface to detect SPI's
Converted Model to SPI/Provider to be loaded through ProviderSessionFactory
2014-05-16 17:33:22 +01:00
Stian Thorgersen
a3ed02ea16 Merge pull request #391 from jeroenr/master
CORS improvements and clean up
2014-05-16 16:06:43 +01:00
Jeroen Rosenberg
84f13eadc1 * Possibility to add exposed headers
* Default allow headers
* Fix warnings, unused import, redundancies
2014-05-16 16:39:17 +02:00
Jeroen Rosenberg
cedf43c084 Refactored joining of allowed headers to be more efficient 2014-05-16 14:28:49 +02:00
Jeroen Rosenberg
4c281a39bb Unused import 2014-05-16 14:10:13 +02:00
Jeroen Rosenberg
5533357c46 Added HEAD as default allowed method for Cors 2014-05-16 14:09:50 +02:00
Bill Burke
67e3e60f28 test sso idle, logout on idle 2014-05-15 23:10:14 -04:00
Bill Burke
bc2360e985 sso session idle and max lifespan 2014-05-15 17:25:57 -04:00
Bill Burke
27efd3c0a4 ssoSessionIdleTimeout refactor 2014-05-15 13:53:28 -04:00
Bill Burke
26f6da10dd Merge pull request #385 from patriot1burke/master
Improved role and scope mapping screens
2014-05-14 14:50:52 -04:00
Bill Burke
7ba8e09aef improved scope screen 2014-05-14 14:50:11 -04:00
Stian Thorgersen
7bea4af6c9 Redirect to login page if logged out and submitting forms in acct mngmt 2014-05-14 17:46:30 +01:00
Bill Burke
0e0dfb60e0 composite role mapping listing 2014-05-14 10:37:50 -04:00
Stian Thorgersen
f4f9b1e323 KEYCLOAK-431 View open sessions, and logout all sessions, through account management 2014-05-14 11:56:28 +01:00
Bill Burke
639b7c5610 fix IE problems 2014-05-13 22:33:46 -04:00
Bill Burke
b30809d681 httponly, ie keycloak.js fix 2014-05-13 22:06:32 -04:00
Bill Burke
e8f8829a76 cors example 2014-05-13 17:17:27 -04:00
Bill Burke
ea672e36ae rename realm management app 2014-05-12 19:28:34 -04:00
Bill Burke
1e1991e285 per-realm admin 2014-05-12 10:12:31 -04:00
Bill Burke
1194e40ef2 iframe check login 2014-05-10 11:23:44 -04:00
Stian Thorgersen
624fcf6197 KEYCLOAK-421 Set realm admin apps to bearer-only 2014-05-09 12:03:39 +01:00
Stian Thorgersen
6f0b12174c KEYCLOAK-432 Added user sessions 2014-05-09 11:52:45 +01:00
Bill Burke
d957cc4883 Merge remote-tracking branch 'upstream/master' 2014-05-08 20:03:20 -04:00
Bill Burke
2d949b63b5 keycloak.js login for admin 2014-05-08 19:55:57 -04:00
mposolda
c51011acef KEYCLOAK-354 Possibility for admin to see social links of some user in admin console 2014-05-07 17:28:13 +02:00
mposolda
6b1e0401ba KEYCLOAK-361 it shouldn't be possible to remove last social link if user don't have password 2014-05-07 17:28:13 +02:00
Bruno Oliveira
334b981741 notBefore wasn't being assigned 2014-05-07 08:10:03 -03:00
Bill Burke
5edf05d569 Merge pull request #366 from mposolda/export-import-rebased
Full export-import implemented. Remove dependency of mongo on picketlink...
2014-05-06 21:17:51 -04:00
Bill Burke
f987d331b7 /rest removal and pom fixes 2014-05-06 20:43:01 -04:00
Bill Burke
64f591769a remove /rest from RealmsResource 2014-05-06 20:21:49 -04:00
mposolda
0801c9c120 Full export-import implemented. Remove dependency of mongo on picketlink-common 2014-05-06 22:15:57 +02:00
Stian Thorgersen
1d760388de KEYCLOAK-441 Remove org.json 2014-05-06 12:32:29 +01:00
Bill Burke
e7c64b7812 adatper deployment context fixes, picketlink abstraction 2014-05-05 18:20:52 -04:00
Bill Burke
7ff2c77a82 relative uri tests and fixes 2014-05-02 12:30:08 -04:00
Bill Burke
e5e43173bc relative redirect uris 2014-05-02 10:58:29 -04:00
Bill Burke
2576975988 fix mimetype 2014-04-30 14:25:23 -04:00
Bill Burke
8c5ae9d052 fix mimetype 2014-04-30 14:24:37 -04:00
Stian Thorgersen
38e6bde07e KEYCLOAK-415 Make sure query params are included when navigating in acct mngmt 2014-04-30 11:03:13 +01:00
Stian Thorgersen
9811aaeecc KEYCLOAK-333 Removed use of RestEasy's Logger 2014-04-30 10:13:53 +01:00
Stian Thorgersen
316431c4d1 Ensure role name unique within realm/app 2014-04-30 09:50:29 +01:00
Stian Thorgersen
646e762cbe Ensure user loginName and email unique within realm 2014-04-29 17:15:28 +01:00
Stian Thorgersen
1d94649b96 Ensure application and client names are unique within realm 2014-04-29 12:03:09 +01:00
Stian Thorgersen
364998b34b Enforce that realm name is unique in model 2014-04-29 10:43:27 +01:00
Bill Burke
62f8811a46 Merge remote-tracking branch 'upstream/master'
Conflicts:
	bundled-war-example/src/main/java/org/keycloak/server/KeycloakServerApplication.java
	bundled-war-example/src/main/webapp/WEB-INF/web.xml
2014-04-28 18:04:50 -04:00
Bill Burke
2d1dc4a874 application refactor 2014-04-28 17:34:06 -04:00
Stian Thorgersen
3d02fd5d0e KEYCLOAK-429 Remove role from composite roles when deleted 2014-04-28 12:55:04 +01:00
Stian Thorgersen
292089cee8 Ensure Realm names are unique 2014-04-25 17:02:03 +01:00
Stian Thorgersen
f64f55a4c6 KEYCLOAK-347 Link realm and realm-permissions application 2014-04-25 15:32:28 +01:00
Stian Thorgersen
b8dfac391a KEYCLOAK-385 Add CORS support to refresh token 2014-04-25 14:09:39 +01:00
Stian Thorgersen
d6e5e376bf Theme support for admin 2014-04-25 13:58:58 +01:00
Bill Burke
541e865fe8 brute force fixes 2014-04-23 17:55:13 -04:00
Bill Burke
54abfb670c brute force settings 2014-04-15 11:37:27 -04:00
Bill Burke
2b8d2288fb more brute force detection 2014-04-14 18:58:45 -04:00
Bill Burke
272806a3f3 app/keycloak self bootstrapping bundle 2014-04-11 13:24:07 -04:00
Bill Burke
cc982cf246 workarounds for resteasy 2.3.7 bugs 2014-04-11 10:33:53 -04:00
Bill Burke
b41c45d40a remove transitive dependencies 2014-04-10 11:29:47 -04:00
Bill Burke
ecaa0d1401 use resteasy 2.3.7 2014-04-10 05:21:07 -04:00
Bill Burke
cdc35d99bc cleanup 2014-04-09 22:34:36 -04:00
Stian Thorgersen
eb3e69d5d7 Updated audit timer 2014-04-09 06:40:15 +01:00
mposolda
5aefe52ccc Refactoring of Authentication SPI and Picketlink to use ProviderSessions
Refactoring of ProviderSessionFactory to support dependencies between components
Calling lifecycle methods
Removing KeycloakRegistry
2014-04-09 00:34:01 +02:00
mposolda
c8c4cfbaae Restructure of authentication module and packages 2014-04-09 00:06:04 +02:00
Stian Thorgersen
7f0cf3eda8 Allow clearing audit events through admin console, and added timer to clear expired events 2014-04-08 11:32:20 +01:00
Stian Thorgersen
8ca46fa35d Audit configurable through admin console 2014-04-07 17:58:52 +01:00
Stian Thorgersen
948960f33f Allow changing base url for Keycloak 2014-04-07 10:54:27 +01:00
mposolda
58083fbb96 Hide password tab in acct management if passwordUpdate not supported 2014-04-04 23:47:12 +02:00
mposolda
ad068a300b Basic support for registration of new users in AuthenticationProvider 2014-04-04 19:53:02 +02:00
Stian Thorgersen
216e24864a Merge branch 'ldap' of https://github.com/mposolda/keycloak into mposolda-ldap
Conflicts:
	admin-ui/src/main/resources/META-INF/resources/admin/js/app.js
	admin-ui/src/main/resources/META-INF/resources/admin/js/controllers/realm.js
2014-04-04 15:29:03 +01:00
Stian Thorgersen
88ddc8ebca Added audit to admin console 2014-04-04 15:16:08 +01:00
mposolda
2aac603fad Added configuration of authentication providers into admin console 2014-04-04 13:20:12 +02:00
Stian Thorgersen
8caf3fa83a Added details to log view in acct mngmt 2014-04-04 11:01:18 +01:00
Stian Thorgersen
3433227fa7 Added audit log to account mngmt 2014-04-03 16:27:31 +01:00
Stian Thorgersen
e6067c915d Added ProviderSession to requests 2014-04-03 16:27:31 +01:00
Bill Burke
126b444d77 brute force merge 2014-04-02 20:26:33 -04:00
Bill Burke
d58870545f brute force protection 2014-04-02 20:09:14 -04:00
mposolda
25bf6d63b4 Refactoring of AuthenticationProvider SPI 2014-04-02 17:27:07 +02:00
mposolda
05cd8a82e5 Storing default AuthenticationProvider at the realm creation time 2014-04-02 17:17:33 +02:00
Stian Thorgersen
225307e855 KEYCLOAK-389 Added AuditListener SPI
KEYCLOAK-390 Added JBoss Logging AuditListener
KEYCLOAK-391 Audit Token events
2014-03-31 17:35:14 +01:00
mposolda
77a44751a6 KEYCLOAK-388 - Auth SPI should be able to differentiate between the INVALID_USERNAME and INVALID_CREDENTIALS 2014-03-26 09:49:47 +01:00
mposolda
ab02dea902 Fixes in AuthenticationProvider. Fixing testsuite 2014-03-25 15:05:08 +01:00
mposolda
793f69d4b6 Authentication SPI. Implementations based on Picketlink+LDAP, model and external model (other realm). Added KeycloakRegistry 2014-03-24 23:11:11 +01:00
Stian Thorgersen
702ae0307e Fixes to account referrer to allow configurable referrer uri based on app redirect uri 2014-03-19 16:52:41 +00:00
Stian Thorgersen
331ab71427 KEYCLOAK-380 Added OAuth2Constants 2014-03-15 10:43:52 +00:00
Stian Thorgersen
f9aaa16cfe KEYCLOAK-378 KEYCLOAK-379 KEYCLOAK-381 Fix refresh token if token contains app roles. Changed long time fields in AccessCode and AccessToken to int 2014-03-15 10:15:10 +00:00
Bill Burke
08769a2daa NPE in create user 2014-03-13 10:56:09 -04:00
Bill Burke
52018b1f81 revoke on logoutAll 2014-03-12 15:57:43 -04:00
Bill Burke
e48cc006f6 Merge remote-tracking branch 'upstream/master' 2014-03-12 10:17:24 -04:00
Bill Burke
accb56be7f user import fix 2014-03-12 10:17:09 -04:00
Stian Thorgersen
a1f10ef54b Merge pull request #285 from stianst/master
Add user friendly username for social links. Show access denied if social login is cancelled
2014-03-12 13:52:28 +00:00
Stian Thorgersen
0214827492 KEYCLOAK-364 Show access denied if social login is cancelled 2014-03-12 09:21:11 +00:00
Stian Thorgersen
6dc156712e KEYCLOAK-359 Add user friendly username for social links 2014-03-12 08:52:47 +00:00
Bill Burke
e836371887 security context propagation 2014-03-11 17:40:53 -04:00
mposolda
3d0d130622 KEYCLOAK-26 Linking social providers to existing account 2014-03-10 11:31:59 +01:00
Bill Burke
2b01de5ecf remove transaction 2014-03-07 08:35:41 -05:00
Bill Burke
dd292c1d52 remove scope support for now part 2 2014-03-06 10:26:46 -05:00
Bill Burke
801ef3281a remove scope support for now 2014-03-06 09:59:27 -05:00
Bill Burke
8f29bf0a5a client type selection 2014-03-06 09:48:52 -05:00
Bill Burke
599faa3cb5 public clients 2014-03-05 20:26:27 -05:00
Stian Thorgersen
60bb05e6ca Added Config to centralize system properties used to configure KC 2014-03-05 15:20:53 +00:00
Stian Thorgersen
0219aa1e4c Added support for any port with http://localhost redirect uri 2014-03-05 12:54:57 +00:00
Bill Burke
d6bd02ea7d session mgmt 2014-03-04 22:25:33 -05:00
Bill Burke
7699dd2701 Merge remote-tracking branch 'upstream/master' 2014-03-04 15:52:40 -05:00
Bill Burke
2d86b29b6c session stats 2014-03-04 15:52:27 -05:00
Stian Thorgersen
77259320cf Fix js for cors requests 2014-03-04 15:27:13 +00:00
Bill Burke
06288fa07b revocation app level 2014-03-03 17:10:15 -05:00
Bill Burke
01154f18dd Merge remote-tracking branch 'upstream/master' 2014-03-03 15:50:21 -05:00
Bill Burke
716972347d revocation 2014-03-03 15:50:10 -05:00
Stian Thorgersen
87aaaf0b06 Started support for installed applications 2014-03-03 12:58:16 +00:00
Bill Burke
8126110312 refactor getRoleById 2014-03-02 20:28:58 -05:00
Bill Burke
c8023c6651 revocation next phase: undertow complete 2014-03-02 17:32:25 -05:00
Bill Burke
7b30cc59b8 revocation phase 1 2014-02-28 19:47:05 -05:00
Bill Burke
0d309d058c add claims to grant page 2014-02-28 10:45:12 -05:00
Bill Burke
11559cba50 public realm info update 2014-02-28 09:52:53 -05:00
Bill Burke
4dc4c56921 fix NPE 2014-02-28 09:19:26 -05:00
Bill Burke
3fc273070e remove clientmodel.agent phase1 2014-02-27 13:55:04 -05:00
Bill Burke
f8da693fd0 move secret to clientmodel 2014-02-27 10:59:47 -05:00
Stian Thorgersen
32b7c464c7 Added create-realm role 2014-02-27 11:07:48 +00:00
Stian Thorgersen
b3375d4279 Fixed permissions not updated when realm is imported 2014-02-27 10:23:27 +00:00
Bill Burke
42d30a5a70 rename scope rep username to client 2014-02-26 22:23:04 -05:00
Bill Burke
48d39bf977 Use ClientModel wherever possible 2014-02-26 22:04:57 -05:00
Bill Burke
c02d532001 refactor model 2014-02-26 19:25:42 -05:00
Bill Burke
0f67feb9dd IDToken setup 2014-02-26 19:04:42 -05:00
Bill Burke
8613452f4f Merge remote-tracking branch 'upstream/master' 2014-02-26 15:29:31 -05:00
Bill Burke
b249809d2e claims backend 2014-02-26 15:29:17 -05:00
Stian Thorgersen
ae1b98e38f Added view roles, including updating console to make forms read-only 2014-02-26 17:38:42 +00:00
Stian Thorgersen
9a73936002 KEYCLOAK-292 Fine-grained admin control 2014-02-25 12:53:36 +00:00
Bill Burke
64065a4573 javascript refresh token 2014-02-24 19:58:54 -05:00
Bill Burke
166e00f2e8 remember me 2014-02-23 11:30:32 -05:00
Bill Burke
01ddafa83a central login timeouts, rememberme framework 2014-02-22 21:52:29 -05:00
Bill Burke
3e88cb3b76 logout 2014-02-22 20:40:06 -05:00
Bill Burke
273e706a42 undertow refresh token support 2014-02-22 17:24:04 -05:00
Bill Burke
0a9b82a6f4 refresh tokens server side 2014-02-21 17:36:39 -05:00
Bill Burke
97dd7470ce rename tokenLifespan to accessTokenLifespan 2014-02-21 12:12:54 -05:00
Bill Burke
e583dc60ae Merge remote-tracking branch 'upstream/master' 2014-02-21 12:02:36 -05:00
Bill Burke
9607acdb6a refactor token creation 2014-02-21 12:02:24 -05:00
Stian Thorgersen
05bd92d765 KEYCLOAK-286 Allow login with username or email. KEYCLOAK-287 Remove recover username as we now support login with email 2014-02-21 15:25:55 +00:00
Bill Burke
9442601e42 rename some classes 2014-02-21 10:16:12 -05:00
Stian Thorgersen
9ce8e16063 KEYCLOAK-284 Subject in token is now user id instead of username 2014-02-21 09:48:43 +00:00
Bill Burke
6794166b58 tokens/access/codes now uses basic auth 2014-02-20 17:19:51 -05:00
Stian Thorgersen
e9750c3d70 KEYCLOAK-298 If admin or accnt mngmt cookies are invalid, the identity cookie was expired by mistake 2014-02-19 11:12:59 +00:00
Stian Thorgersen
325919e24a KEYCLOAK-297 Fixed invalid state param when loggin to admin acct mngmt 2014-02-17 15:14:11 +00:00
Bill Burke
81a90232d6 Merge pull request #213 from patriot1burke/master
oauth client generates secret
2014-02-14 17:46:09 -05:00
Bill Burke
b518fa2f4b oauth client generates secret 2014-02-14 17:45:46 -05:00
Stian Thorgersen
01bb835285 Updated login forms to use Patternfly styles 2014-02-14 17:38:04 +00:00
Bill Burke
0cdd5e857e use secrets 2014-02-13 18:36:41 -05:00
mposolda
b9ff73d61c Moved model unit tests from services to model/tests . Mongo profile in testsuite 2014-02-11 18:26:50 +01:00
mposolda
b3f1032f96 Mongo: Refactoring. All unit tests and testsuite are passing with Mongo. 2014-02-11 18:25:57 +01:00
mposolda
81ff7b0c6d Refactoring Mongo model. All unit tests passing with mongo 2014-02-11 15:23:30 +01:00
Stian Thorgersen
a89a1d524c KEYCLOAK-288 Check if totp setup or email verification is required on social login 2014-02-07 16:13:53 +00:00
Bill Burke
127ee40f23 Merge pull request #194 from patriot1burke/master
composite switch
2014-02-05 10:28:41 -05:00
Bill Burke
cce8814254 composite switch 2014-02-05 10:28:11 -05:00
Stian Thorgersen
722f7c8840 KEYCLOAK-272 Improved user credential management, including option to send user password reset email from admin console 2014-02-05 14:43:48 +00:00
Stian Thorgersen
457853aa28 KEYCLOAK-233 Add referrer query parm to manage app link in admin console to display back to app link 2014-02-05 11:31:18 +00:00
Stian Thorgersen
8b5fbe92d6 Added GitHub provider. Simplified FaceBook provider 2014-02-05 10:55:52 +00:00
Bill Burke
d2ad6349ba remove setComposite 2014-02-04 18:41:36 -05:00
Bill Burke
7c190e40ee fix demo 2014-02-04 12:02:09 -05:00
Bill Burke
4e66a3bf81 Merge remote-tracking branch 'upstream/master' 2014-02-04 10:09:25 -05:00
Bill Burke
92091d9474 composite tests 2014-02-04 10:09:09 -05:00
Stian Thorgersen
4c22a8c92b Renamed login forms provider classes 2014-02-04 14:45:11 +00:00
Stian Thorgersen
97897cab1d KEYCLOAK-15 Customize login and registration forms 2014-02-04 11:45:24 +00:00
Bill Burke
8505cc612a composite representations 2014-02-03 17:21:56 -05:00
Bill Burke
e222240282 composite UI 2014-01-31 21:39:54 -05:00
Bill Burke
1543963c9f composite tests 2014-01-30 20:31:44 -05:00
Bill Burke
6a5994c3e2 composite roles 2 2014-01-29 23:28:08 -05:00
Bill Burke
bb5991239b composite roles 2014-01-29 20:19:32 -05:00
Stian Thorgersen
06c3a6ea30 KEYCLOAK-271 Check password policy when recovering password through email 2014-01-24 14:48:58 +00:00
Bill Burke
cbd1e0aad5 error screen 2014-01-21 13:05:56 -05:00
Stian Thorgersen
e92980b776 Simplified check for ssl, since x-forward is sorted by Undertow 2014-01-20 19:31:02 +00:00
Stian Thorgersen
070c0ddba4 Renamed registration to default roles, add default roles to all users when they are created 2014-01-17 10:03:13 +00:00
Stian Thorgersen
c5366f1c81 KEYCLOAK-264 Remove option to enable/disable acct mngmt 2014-01-17 09:30:56 +00:00
Stian Thorgersen
dcfb83b0f2 KEYCLOAK-64 KEYCLOAK-246 Updated social to use update profile required action instead of registration form. Fixed Google provider 2014-01-16 12:52:46 +00:00
Bill Burke
b162190c7f remove cookieLoginAllowed 2014-01-15 20:31:01 -05:00
Bill Burke
894c28c64f role name instead of id 2014-01-15 19:39:21 -05:00
Bill Burke
ed0d33126c use app name instead of id 2014-01-15 16:57:12 -05:00
Bill Burke
6326d5d2b5 auth-server-url and Realm/App name changes 2014-01-15 10:02:56 -05:00
Bill Burke
cb391eb89a finish using realm name instead of id 2014-01-14 16:13:52 -05:00
Bill Burke
2dbd7cfa02 realm name for url param 2014-01-14 13:03:13 -05:00
Bill Burke
4825974edc realm name in url 2014-01-13 23:38:00 -05:00
Bill Burke
62cc002396 constants 2014-01-13 19:42:34 -05:00
Bill Burke
39b61728d6 change uri scheme 2014-01-13 17:07:36 -05:00
Stian Thorgersen
739866de0c KEYCLOAK-255 Added tmp redirect to admin/index.html as work-around to WildFly issue 2014-01-13 11:27:02 +00:00
Stian Thorgersen
6647ddb66e KEYCLOAK-252 Show error page (or 406) if realm requires https and http is used 2014-01-10 17:04:52 +00:00
Stian Thorgersen
0a57ba026b KEYCLOAK-180 Renamed JWT prn to sub 2014-01-10 10:22:58 +00:00
Stian Thorgersen
f14931d234 KEYCLOAK-251 Added installation page for oauth clients to admin console 2014-01-10 10:17:39 +00:00
Bill Burke
a1b7297f25 wildfly deployment structure.xml 2014-01-02 16:24:04 -05:00
Bill Burke
30cb9df307 undertow logout 2013-12-19 18:32:47 -05:00
Bill Burke
834baf0e27 refactor admin actions 2013-12-19 15:22:15 -05:00
Bill Burke
cbf46720c7 installation text 2013-12-17 18:16:17 -05:00
Bill Burke
d22b6f8df7 factor out jwt/jose/jws 2013-12-16 11:19:46 -05:00
Stian Thorgersen
fbe8c5cdec Added SocialLoader to social core 2013-12-11 14:24:18 +00:00
Stian Thorgersen
00a7d88dee Replaced javax.imageio.spi.ServiceRegistry with java.util.ServiceLoader 2013-12-11 14:24:18 +00:00
mposolda
8e3e99f392 KEYCLOAK-225 NPe after login when 'Verify email' is enabled but SMTP is not configured 2013-12-10 16:30:12 +01:00
mposolda
bec267237a KEYCLOAK-226 Display header To in email message sent from Keycloak 2013-12-10 16:05:13 +01:00
Stian Thorgersen
53e61326c1 Set status code to internal server error on error pages 2013-12-07 16:00:13 +00:00
Stian Thorgersen
145eab98d8 KEYCLOAK-221 Don't require username to recover password 2013-12-07 13:34:31 +00:00
Stian Thorgersen
cd8c8d52e8 KEYCLOAK-217 Add option to recover username 2013-12-07 13:18:06 +00:00
Stian Thorgersen
0dad786b35 KEYCLOAK-220 Fix login to realm with space in id, KEYCLOAK-199 Add account management to admin realm 2013-12-07 11:35:32 +00:00
Stian Thorgersen
43da684a91 KEYCLOAK-218 Show error page if failed to send email 2013-12-07 11:00:45 +00:00
Bill Burke
c63abbdf3e Merge remote-tracking branch 'upstream/master' 2013-12-06 17:28:51 -05:00
Bill Burke
edba13e596 realm upload 2013-12-06 17:28:32 -05:00
Stian Thorgersen
a423c38e42 KEYCLOAK-214 view all users in a realm through admin console 2013-12-06 19:09:03 +00:00
Stian Thorgersen
493d281dc4 KEYCLOAK-193 Prevent creating multiple apps in a realm with the same name 2013-12-05 13:22:15 +00:00
Stian Thorgersen
f133ecfcf7 KEYCLOAK-192 Set realm id to name if not specified 2013-12-05 13:22:15 +00:00
Stian Thorgersen
eea812dfda KEYCLOAK-190 KEYCLOAK-191 Fixed redirect uri's 2013-12-04 19:04:19 +00:00
Stian Thorgersen
a7b653de28 KEYCLOAK-185 Added cancel button to login form 2013-12-03 15:11:18 +00:00
Stian Thorgersen
7f499b2833 KEYCLOAK-186 Password policies 2013-12-03 12:53:26 +00:00
Stian Thorgersen
85eeb415e1 KEYCLOAK-181
Link back to application from account management pages
2013-11-28 13:48:30 +00:00
Bill Burke
799df520b8 realm import changes 2013-11-27 17:02:12 -05:00
Bill Burke
3a9f9d73c2 Merge remote-tracking branch 'upstream/master' 2013-11-26 15:40:24 -05:00
Bill Burke
f79739f73e oauth client 2013-11-26 15:39:57 -05:00
Stian Thorgersen
c6f4e21b84 KEYCLOAK-153
Realm installation page
2013-11-26 17:28:00 +00:00
Stian Thorgersen
52c7ae057a Delete realm 2013-11-25 15:38:25 +00:00
Stian Thorgersen
fad194fc8f Improved error handling in admin console. Delete roles through admin console. 2013-11-25 13:46:04 +00:00
vrockai
846c094ba2 KEYCLOAK-154 Added UI for user req actions 2013-11-20 16:46:25 +01:00
vrockai
ab7cc63084 KEYCLOAK-156 add new user properties to admin ui 2013-11-20 10:50:05 +01:00
Stian Thorgersen
42d7e430ce Fix adding all roles for an application to token, should be all roles associated with the user for that application 2013-11-18 14:16:37 +00:00
Stian Thorgersen
61e56c4cd8 Fix issue in Firefox if there's a space in the fragment on redirect 2013-11-16 12:29:04 +00:00
Stian Thorgersen
19d4b09626 KEYCLOAK-152 Re-generate realm's key pair 2013-11-16 12:21:15 +00:00
Stian Thorgersen
7a0ff0cb66 KEYCLOAK-159 2013-11-16 10:41:49 +00:00
Stian Thorgersen
219c0efbaf KEYCLOAK-105 2013-11-16 10:13:23 +00:00
Stian Thorgersen
fa710a923b KEYCLOAK-53 2013-11-16 09:14:22 +00:00
Stian Thorgersen
45424e5eba Removed '*' role 2013-11-15 16:38:44 +00:00
Stian Thorgersen
a923f44619 KEYCLOAK-100
UI: Delete User does not work
2013-11-15 16:38:28 +00:00
Stian Thorgersen
66f99d66d8 KEYCLOAK-124 2013-11-15 15:00:57 +00:00
Stian Thorgersen
9e73592381 NPE if trying to update user with no attributes 2013-11-15 15:00:43 +00:00
Stian Thorgersen
158d1740b8 KEYCLOAK-72 and KEYCLOAK-158 2013-11-15 11:03:25 +00:00
vrockai
10516a62ac KEYCLOAK-151 fix for account app lookup 2013-11-15 08:10:43 +01:00
Stian Thorgersen
10f48a1bda Change dist to WildFly 1.0.0.Beta1 2013-11-14 16:16:08 +00:00
Stian Thorgersen
794976792a Removed empty include templates from forms, and use templates from theme directly 2013-11-12 15:26:26 +00:00
Stian Thorgersen
5916eaad13 Removed mongo dependencies from services 2013-11-12 15:19:55 +00:00
Stian Thorgersen
2e9a474eac Use service loader to load model provider 2013-11-12 11:49:03 +00:00
Stian Thorgersen
5b19e34f50 Fixed allowed methods for retrieving token with cors 2013-11-11 12:42:55 +00:00
Stian Thorgersen
fd2bfee7d9 Assign default roles to users when they register instead of directly to tokens 2013-11-08 17:51:44 +00:00
Bill Burke
2861ea0e96 nasty merge 2013-11-05 23:12:07 -05:00
Bill Burke
d04ca2c34f jpa backend 2013-11-05 21:26:33 -05:00
Stian Thorgersen
7bbeddc2a3 Tweaked EmailSender, fixed SSL prop in console + added option for StartTLS 2013-11-05 10:58:33 +00:00
Stian Thorgersen
d083909136 Added support for default application roles. Added authz to account, user (or client if oauth) is required to have role manage-account to manage their account, this is a default role for the Account application. 2013-11-04 17:21:46 +00:00
Stian Thorgersen
c6f43baf0d Allow oauth clients to ask for permission to view user profile, and manage user account 2013-11-03 16:14:15 +00:00
Stian Thorgersen
7f691b463c KEYCLOAK-75 Retrieve user profile 2013-11-03 13:33:22 +00:00
Stian Thorgersen
85220ba054 Clean-up in social core 2013-11-01 16:41:16 +00:00
Stian Thorgersen
2ff46353bc Moved SocialRequestManager from social/core to services 2013-11-01 15:59:33 +00:00
Bill Burke
d6ee6aef9f adapter cors support 2013-10-30 08:28:23 -04:00
Bill Burke
0f03670c06 Merge remote-tracking branch 'upstream/master' 2013-10-25 18:04:35 -04:00
Bill Burke
6e6dccd339 cors token modifications 2013-10-25 18:03:28 -04:00
vrockai
2f9aa14a7d KEYCLOAK-115 fixing message headers 2013-10-25 15:15:53 +01:00
vrockai
508a9a1e6b KEYCLOAK-115 add social provider config page 2013-10-25 15:14:19 +01:00
Stian Thorgersen
45b5f5afd5 Add setting realm.accessCodeLifespanUserAction in admin console 2013-10-25 12:39:25 +01:00
Stian Thorgersen
2bb3753289 Added prompt option to auth/login. If prompt='none' is specified the authentication form or grant forms will not be displayed, instead an error is returned 2013-10-24 10:54:00 +01:00
Stian Thorgersen
3ee6f02068 Fix for KEYCLOAK-116 2013-10-22 14:14:31 +01:00
Stian Thorgersen
bb3a82f932 KEYCLOAK-116
Use social provider settings from realm
2013-10-22 14:05:56 +01:00
Stian Thorgersen
6e3dd959eb KEYCLOAK-114 Use SMTP server settings from realm 2013-10-22 13:47:30 +01:00
Stian Thorgersen
a88dcace3d Added maps for social config and smtp server to realm 2013-10-22 13:47:30 +01:00
Bill Burke
158f85cb7a Merge remote-tracking branch 'upstream/master' 2013-10-21 14:49:56 -04:00
vrockai
f7d6c41304 KEYCLOAK-112 - fixing various forms UI related issues 2013-10-21 18:23:53 +02:00
Stian Thorgersen
115c0bdeca Converted QR servlet into JAX-RS resource 2013-10-21 11:50:29 +01:00
Stian Thorgersen
d79d299073 Made account management an optional feature on a realm, and added login and logout to account management pages 2013-10-19 16:24:58 +01:00
stianst
8de6224501 Merge pull request #78 from vrockai/KEYCLOAK-108
KEYCLOAK-108 add warning alerts to req action forms
2013-10-19 02:09:09 -07:00
Bill Burke
645cfa5beb Merge remote-tracking branch 'upstream/master' 2013-10-18 15:47:49 -04:00
Bill Burke
1d75b50acb cors 2013-10-18 15:47:33 -04:00
Stian Thorgersen
34fe0a751c Added cors support to TokenService.accessCodeToToken 2013-10-18 19:17:11 +01:00
vrockai
89ca52e960 KEYCLOAK-108 add warning alerts to req action forms 2013-10-18 14:45:28 +02:00
Bill Burke
5851430983 Merge pull request #76 from patriot1burke/master
bootstrapping 2
2013-10-17 12:47:55 -07:00
Bill Burke
2a6b6ebef5 stuff 2013-10-17 13:53:46 -04:00
Stian Thorgersen
79c1230a9d Added redirect uris to application 2013-10-17 15:25:06 +01:00
Stian Thorgersen
1d5ef3d541 Added separate service to process required login actions - leaving AccountService for only user account management 2013-10-16 19:49:11 +01:00
Stian Thorgersen
77159861e8 Move required actions into separate service 2013-10-16 18:17:26 +01:00
vrockai
5ec74be39e KEYCLOAK-38 Adding OAuth Grant to forms 2013-10-16 19:04:02 +02:00
Bill Burke
ba082b0d6d Merge remote-tracking branch 'upstream/master' 2013-10-16 08:27:06 -04:00
Bill Burke
13c75c02e1 bootstrap 2013-10-16 08:26:33 -04:00
vrockai
71f3d00e31 KEYCLOAK-107 fix for login form error feedback issues 2013-10-16 14:02:36 +02:00
Bill Burke
fc92ead9be Merge remote-tracking branch 'upstream/master' 2013-10-14 09:59:28 -04:00
Bill Burke
5f7f4aeb30 merge 2013-10-14 09:59:19 -04:00
vrockai
23f2fb9125 KEYCLOAK-84 added totp test and better form feedback 2013-10-14 10:57:24 +02:00
vrockai
a0808ad224 KEYCLOAK-84 add totp remove button functionality 2013-10-14 10:57:24 +02:00
Stian Thorgersen
4af43fb63e Fix path for resources in formflows 2013-10-10 13:03:56 +01:00
mposolda
6ac643c45b Creating MongoDBSessionFactory in KeycloakApplication via reflection to avoid compile-time dependency on mongo module 2013-10-10 10:43:54 +02:00
mposolda
453e1c5cf7 Added ServletContextListener for start of embedded MongoDB at Keycloak deploy. Added PropertiesManager 2013-10-10 10:43:54 +02:00
mposolda
71cd9cffa4 Rebased MongoDB on top of latest master. Divide testsuite into integration and performance submodules 2013-10-10 10:43:54 +02:00
mposolda
ae4bd42ff7 Add support for TOTP in MongoDB 2013-10-10 10:28:36 +02:00
mposolda
86cf090909 Adapt MongoDB impl with latest changes on UserModel and RealmModel. Support for Enums in Converter SPI 2013-10-10 10:28:36 +02:00
mposolda
58d862819a Added performance tests to testsuite to compare Picketlink+JPA+MySQL with Mongo. 2013-10-10 10:28:36 +02:00
mposolda
68ed19f15d Support MongoDB in unit tests. Added parameterized test, so ImportTest and AdapterTest work with both picketlink and mongo 2013-10-10 10:28:35 +02:00
mposolda
4db738689f Mongo: Remove realmAdmins when realm is removed. Refactored Converters to support list of embedded objects 2013-10-10 10:28:35 +02:00
mposolda
be48672ba6 Added system properties to support switch between picketlink and mongo. Support for Mongo data objects without ID or @DBCollection 2013-10-10 10:28:35 +02:00
mposolda
5b8908c822 Added NoSQLQueryBuilder API. Support for persistence of all objects. All unit tests are passing and UI is working with MongoDB 2013-10-10 10:28:35 +02:00
mposolda
815e466d43 Adding TypeConverters. AdapterTest.test1CreateRealm() is passing for MongoDB 2013-10-10 10:28:35 +02:00
mposolda
0acc9e978a Added first version of NoSQL api and MongoDBImpl implementation 2013-10-10 10:28:35 +02:00
Bill Burke
7226a10abc mv admin ui to module 2013-10-09 19:39:56 -04:00
Bill Burke
e730b5a2aa Merge remote-tracking branch 'upstream/master' 2013-10-09 17:28:09 -04:00
Bill Burke
b58b2c760f scope mapping, oauth client 2013-10-09 17:27:45 -04:00
Stian Thorgersen
5ccb557f7c KEYCLOAK-88
Reset expiration on AccessCode before sending to application
2013-10-09 17:05:18 +01:00
Bill Burke
a3945c85bc Merge pull request #57 from patriot1burke/master
app password
2013-10-06 15:42:08 -07:00
Bill Burke
7613df71c2 app password 2013-10-06 18:41:35 -04:00
vrockai
b1715c3725 KEYCLOAK-83 add error page 2013-10-03 17:44:05 +02:00
Bill Burke
a4e3431445 model module refactor 2013-10-02 09:54:26 -04:00
stianst
02d5d709ed Merge pull request #49 from vrockai/KEYCLOAK-74_2
KEYCLOAK-74 email verification fixes
2013-10-01 07:06:31 -07:00
vrockai
ee42b74c17 KEYCLOAK-74 email verification fixes 2013-10-01 15:48:46 +02:00
stianst
6071c9a724 Merge pull request #47 from vrockai/KEYCLOAK-74_2
KEYCLOAK-74 Adapting the Forget password forms to original design
2013-10-01 01:28:04 -07:00
vrockai
144f5f9cfd KEYCLOAK-74 Adapting the Forget password forms to original design 2013-09-30 19:10:23 +02:00