Commit graph

142 commits

Author SHA1 Message Date
Stian Thorgersen
61fa152e62 Merge pull request #3277 from ahus1/KEYCLOAK-2977-spring-cloud-rebinder-fix
KEYCLOAK-2977: fix re-binding problem with spring-cloud
2016-10-19 17:32:40 +02:00
Stian Thorgersen
bd8e435164 KEYCLOAK-3625 Fix url 2016-10-19 17:07:01 +02:00
Alexander Schwartz
c2692cc0ac KEYCLOAK-2977: fix re-binding problem with spring-cloud 2016-10-19 16:07:28 +02:00
Stian Thorgersen
1b24d2edd8 KEYCLOAK-3625 More work on the issue 2016-10-19 14:21:50 +02:00
sebastien blanc
32df5225cf add check on list size 2016-10-19 14:21:41 +02:00
sebastien blanc
116f5f5795 KEYCLOAK-3625: conform to oidc specs 2016-10-19 14:21:41 +02:00
Stian Thorgersen
9193142bb9 Merge pull request #3305 from sebastienblanc/KEYCLOAK-3683
KEYCLOAK-3683: Remove trustore and trustore-password check
2016-10-17 19:39:02 +02:00
Stian Thorgersen
144898c0d2 Merge pull request #3262 from vramik/KEYCLOAK-3615
KEYCLOAK-3615 Resolve warnings while building the effective model
2016-10-17 19:09:30 +02:00
Hynek Mlnarik
4a19d4cdc1 KEYCLOAK-3664 Fix for NPE in subsystem when secure-deployment is undefined for a particular deployment 2016-10-17 09:19:44 +02:00
Stian Thorgersen
d2cae0f8c3 KEYCLOAK-905
Realm key rotation for OIDC
2016-10-13 11:19:52 +02:00
sebastienblanc
f5a5fc3458 KEYCLOAK-3683: Remove trustore and trustore-password check 2016-10-11 15:19:31 +02:00
mposolda
a60dd48300 KEYCLOAK-3646 Missing attributes in AS7 adapter subsystem 2016-10-04 08:30:35 +02:00
mposolda
d71fadabeb KEYCLOAK-3634 Allow adapter subsystem to just inject dependencies 2016-10-03 17:38:41 +02:00
mposolda
7447ca7b58 KEYCLOAK-3564 Added token-minimum-time-to-live and min-time-between-jwks-requests to adapter subsystem 2016-10-03 16:06:45 +02:00
Bill Burke
d4c3fae546 merge conflicts 2016-09-30 19:19:12 -04:00
mposolda
f9a0abcfc4 KEYCLOAK-3493 KEYCLOAK-3532 Added KeyStorageProvider. Support key rotation for OIDC clients and identity providers with JWKS url. 2016-09-30 21:28:23 +02:00
Bill Burke
8967ca4066 refactor mongo entities, optimize imports 2016-09-28 15:25:39 -04:00
Bill Burke
ecc104719d bump pom version 2016-09-26 11:01:18 -04:00
Vlasta Ramik
103fa975a1 Resolve warnings while building the effective model 2016-09-26 12:34:46 +02:00
Stian Thorgersen
06c48a2830 KEYCLOAK-3586
Token is not refreshed in updateToken
2016-09-21 09:13:05 +02:00
mwcz
bd2f220736 always resolve keycloak.init's promise 2016-09-15 17:25:29 -04:00
mposolda
bf6246f5c1 KEYCLOAK-905 Realm keys rotation support on adapters 2016-09-12 21:24:04 +02:00
Stian Thorgersen
6d40e0dd07 Merge pull request #3212 from didiez/master
KEYCLOAK-3513 Prevent clearing all registered sessions when invalidating some by sessionId
2016-09-08 13:50:14 +02:00
didiez
df3079852e Prevent clearing all registered sessions when invalidating some by sessionId 2016-09-08 09:19:30 +02:00
Stian Thorgersen
5d20651c66 KEYCLOAK-3475 Fixes for on token expired event 2016-09-06 13:00:37 +02:00
Stian Thorgersen
7a66b055be KEYCLOAK-3475 Call event handlers when initialized with tokens 2016-09-06 09:00:29 +02:00
Stian Thorgersen
d9e95455a2 Merge pull request #3172 from mwcz/js-updateToken-withCredentials
send cookies along with keycloak.updateToken()
2016-09-05 09:37:00 +02:00
Pedro Igor
ce78cc1d1c [KEYCLOAK-3472] - Multiple paths with the same name and tests 2016-08-31 21:04:36 -03:00
mwcz
ec5289b5c8 send cookies along with keycloak.updateToken() 2016-08-26 11:23:44 -04:00
mposolda
a8fb988e31 KEYCLOAK-3406 OIDC dynamic client registrations specs fixes 2016-08-11 15:54:51 +02:00
mposolda
d52e043322 Set version to 2.2.0-SNAPSHOT 2016-08-10 08:57:18 +02:00
Bill Burke
1e7cf9fb3f Merge pull request #3088 from thomasdarimont/issue/KEYCLOAK-3380-allow-ignore-pattern-in-filter
KEYCLOAK-3380 Allow to configure paths to skip in KeycloakOIDCFilter
2016-08-03 21:30:20 -04:00
mposolda
3b3368eead KEYCLOAK-3237 Add scope=openid to KeycloakInstalled 2016-08-02 05:45:55 +02:00
Pedro Igor
ae1a7542d8 [KEYCLOAK-3385] - Improvements to evaluation tool UI and result 2016-08-01 18:01:24 -03:00
Thomas Darimont
79c7203fe8 KEYCLOAK-3380 Allow to configure paths to skip in KeycloakOIDCFilter
We now allow configuration of path patterns which should not
be handled by the `KeycloakOIDCFilter` than can be specified via
the new init-parameter `keycloak.config.skipPattern` of
the `KeycloakOIDCFilter`.
Patterns are matched against the requestURI without the context-path.
A request for `/myapp/index.html` would be matched with `/index.html`
against the skip pattern.
This allows for for more flexible path handling when using the
`KeycloakOIDCFilter` in combination with existing applications.

Signed-off-by: Thomas Darimont <thomas.darimont@gmail.com>
2016-08-01 11:43:49 +02:00
Marek Posolda
59f228be2b Merge pull request #3076 from Smartling/KEYCLOAK-3097
KEYCLOAK-3097: Fix JBoss Logging scope
2016-08-01 09:30:02 +02:00
Pedro Igor
3c8ed8e3d8 [KEYCLOAK-3372] - Code cleanup 2016-07-29 05:18:38 -03:00
Scott Rossillo
322597b420 KEYCLOAK-3097: Fix JBoss Logging scope
JBoss Logging Framework required by Keycloak Core.
2016-07-27 12:35:21 -04:00
mposolda
56e011dce4 KEYCLOAK-3318 Adapter support for prompt and max_age. Refactoring to not hardcode OIDC specifics to CookieAuthenticator 2016-07-21 18:19:53 +02:00
mposolda
7571dc07f9 KEYCLOAK-1733 added verifySSL checks for 'basic' and 'query' authentication 2016-07-20 11:04:31 +02:00
Marek Posolda
e03bf6eef6 Merge pull request #2990 from trex667/feat/keycloak-1733
[KEYCLOAK-1733]: introduce token as query paramter
2016-07-20 10:46:11 +02:00
Thomas Darimont
f574173ed3 KEYCLOAK-3301 Add support for Undertow in Spring Boot Adapter
We now support using Undertow in combination with the Spring Boot Adapter.
2016-07-18 10:07:07 +02:00
Stian Thorgersen
a42e4af78d Merge pull request #3018 from thomasdarimont/issue/KEYCLOAK-3300-support-jetty-in-spring-boot-adapter
KEYCLOAK-3300 Add support for jetty in spring-boot-adapter
2016-07-15 13:29:16 +02:00
mposolda
13a21e5fda KEYCLOAK-3220 Improve error handling on adapters 2016-07-14 23:56:46 +02:00
mposolda
dcc4ea3aea KEYCLOAK-3237 Change OIDC adapters to use scope=openid as required per specs 2016-07-14 23:56:46 +02:00
Stian Thorgersen
9ddec7d1eb Merge pull request #3019 from ssilvert/KEYCLOAK-3273-ear
KEYCLOAK-3273: Prefer module name for secure-deployment in Keycloak
2016-07-14 12:06:44 +02:00
Thomas Darimont
be5468a7cf KEYCLOAK-3300 Add support for jetty in spring-boot-adapter
This adds support for using Jetty together with the Keycloak
spring-boot-adapter. Sadly the KeycloakSpringBootProperties.SecurityCollection
definition is mostly inspired by Tomcats SecurityConstraint/SecurityCollection
which doesn't provide a good fit for jettys structures.
In cases where jetty only allows one setting, we use the first value.

We only initialize KeycloakJettyServerCustomizer if jetty is used, same
applies for tomcat.
Revised configuration and extracted serverCustomizer code into
dedicated classes.
Prepared infrastructure for Undertow support.
2016-07-12 23:19:30 +02:00
Stan Silvert
1d4e76117c KEYCLOAK-3273: Prefer module name for secure-deployment name. 2016-07-12 12:42:24 -04:00
Peter Donald
c283f9803c Return -1 from getDateHeader() when request is restored.
Other certain container will attempt to access date (such as when
checking If-Modified-Since header)  and fail when accessing restored
request. The javax.servlet.http.HttpServletRequest#getDateHeader()
javadocs indicate that -1 should be returned when date is not available
2016-07-12 16:28:45 +10:00
Stan Silvert
73cbf857c1 KEYCLOAK-3273: Prefer module name for secure-deployment in Keycloak
adapter subsystem
2016-07-11 20:58:31 -04:00