rmartinc
6283c7add3
KEYCLOAK-10975: Clock skew configuration in keycloak-saml.xml can't be found in the keycloak-saml subsystem
2019-09-27 09:35:03 +02:00
Jon Koops
ff77b549ec
[KEYCLOAK-11193] Change 'disableLogging' to 'enableLogging' and default to false
2019-09-24 10:31:02 -03:00
Stefan Guilhen
b833ce9dd3
[KEYCLOAK-11485] Add test case for the as7-eap6 SAML subsystem
2019-09-19 13:39:24 +02:00
Jon Koops
0b9c6192a3
KEYCLOAK-11193 Allow JavaScript logging to be disabled
2019-09-19 07:09:32 -03:00
rmartinc
7f54a57271
KEYCLOAK-10757: Replaying assertion with signature in SAML adapters
2019-09-18 16:49:00 +02:00
Karel Hala
f8e4ccd57a
KEYCLOAK-11195 Add module loading to dependencies
...
Use window global libraries for AMD
2019-09-13 14:47:45 -03:00
Stefan Guilhen
60205845a8
[KEYCLOAK-7264] Add a RoleMappingsProvider SPI to allow for the configuration of custom role mappers in the SAML adapters.
...
- Provides a default implementation based on mappings loaded from a properties file.
- Role mappers can also be configured in the keycloak-saml susbsytem.
2019-09-09 05:24:25 -03:00
jferrer
97fccd6d50
KEYCLOAK-10910 login function now uses promise type specified in init
2019-09-06 15:24:31 -04:00
Jon Koops
c902896ab6
KEYCLOAK-11196 Document the type for the useNonce
option
2019-08-30 14:34:20 -04:00
Jon Koops
2d465df94d
KEYCLOAK-11194 Remove dead code from JavaScript adapter
2019-08-30 14:32:54 -04:00
Niko Köbler
49e9cd759b
KEYCLOAK-10734 Let the check-sso feature do the check in hidden iframe
2019-08-20 15:41:09 -03:00
Martin Kanis
75d2ec8ff6
KEYCLOAK-11012 Unable to install EAP6 adapter
2019-08-16 12:44:50 +02:00
Valeran86
b0d0d3e579
[KEYCLOAK-10849] - KeycloakRole equals only with itself
...
I use Keycloak Spring Adapter (KSA) to secure existing application. Today I realized that some functions didn't work anymore because of security checking like this:
```
GrantedAuthority adminRole = new MySpecialGrantedAuthority( "superadmin" );
for ( GrantedAuthority role : userRoles ) {
if ( role.equals( adminRole ) ) {
return true;
}
}
```
In this example, when I use KSA authorization fails.
I believe, that more preferable in `KeycloakRole` use this implementation of `equals` method.
2019-08-16 05:20:03 -03:00
Takashi Norimatsu
8225157a1c
KEYCLOAK-6768 Signed and Encrypted ID Token Support
2019-08-15 15:57:35 +02:00
mhajas
4b18c6a117
KEYCLOAK-7207 Check session expiration for SAML session
2019-07-24 13:35:07 +02:00
keycloak-bot
17e9832dc6
Set version to 8.0.0-SNAPSHOT
2019-07-19 19:05:03 +02:00
Hynek Mlnarik
67f8622d13
KEYCLOAK-8318 Workaround Elytron's double encoding of the query parameters
...
Co-Authored-By: mhajas <mhajas@redhat.com>
2019-07-19 14:37:38 +02:00
Stefan Guilhen
ceaae7a254
[KEYCLOAK-10384] Add equals and hashCode to KeycloakUndertowAccount, SamlPrincipal and SamlSession to avoid cache misses in the PicketBox JAAS auth manager
2019-07-18 21:08:22 +02:00
kuan
1c5f7c1420
Update KeycloakTokenParsed definition.
...
To match KeycloakInstance's realm access and resources access.
2019-07-17 15:29:34 -04:00
Hynek Mlnarik
67eb0c3079
KEYCLOAK-8318 Workaround ELY-1525 similarly to OIDC adapter
2019-07-17 09:33:20 +02:00
Hynek Mlnarik
3d4283fac9
KEYCLOAK-9987 Upgrade to Wildfly17
...
Co-Authored-By: hmlnarik <hmlnarik@redhat.com>
2019-07-16 08:05:46 +02:00
Steeve Beroard
fc9a0e1766
[KEYCLOAK-8104] Keycloak SAML Adapter does not support clockSkew configuration
...
Co-Authored-By: vramik <vramik@redhat.com>
2019-07-15 13:08:52 +02:00
Pedro Igor
9215957bd0
Revert "KeycloakRole equals only with itself"
...
This reverts commit 2899375614
.
2019-07-09 09:05:20 -03:00
Valeran86
2899375614
KeycloakRole equals only with itself
...
I use Keycloak Spring Adapter (KSA) to secure existing application. Today I realized that some functions didn't work anymore because of security checking like this:
```
GrantedAuthority adminRole = new MySpecialGrantedAuthority( "superadmin" );
for ( GrantedAuthority role : userRoles ) {
if ( role.equals( adminRole ) ) {
return true;
}
}
```
In this example, when I use KSA authorization fails.
I believe, that more preferable in `KeycloakRole` use this implementation of `equals` method.
2019-07-08 14:33:03 -03:00
Hynek Mlnarik
ca4e14fbfa
KEYCLOAK-7852 Use original NameId value in logout requests
2019-07-04 19:30:21 +02:00
Vlasta Ramik
cc8cfd4269
KEYCLOAK-10751 Fix SAML undertow adapter not sending challenge
...
Co-Authored-By: mhajas <mhajas@redhat.com>
Co-Authored-By: Hynek Mlnarik <hmlnarik@redhat.com>
2019-07-04 10:04:51 +02:00
Thomas Darimont
53d0db80c3
KEYCLOAK-10313 Only use PKCE if enable-pkce is configured for KeycloakInstalled adapter
...
Users who want to use PKCE support with the KeycloakInstalled adapter need to set the property
``"enable-pkce": true` in the adapter configuration / `keycloak.json`.
2019-07-03 08:49:55 +02:00
Thomas Darimont
8bd48391ca
KEYCLOAK-10313 Add PKCE support to KeycloakInstalled Adpater
...
This adds PKCE support for Desktop Apps as
a followup to KEYCLOAK-1033 #6047 .
2019-07-03 08:49:55 +02:00
vramik
d245287320
KEYCLOAK-9598 Apache Tomcat adapter
2019-06-14 10:09:13 +02:00
mhajas
12d351ae97
KEYCLOAK-10595 Make KeycloakSpringBootConfigResolver Spring bean
2019-06-14 09:41:56 +02:00
Sebastian Laskawiec
e739344556
KEYCLOAK-9640 Unify surefire versions
2019-06-13 13:26:49 +02:00
Nils Christian Ehmke
a58a0e7678
[KEYCLOAK-10334] Keycloak Spring Boot Adapter shares configuration in static field
...
Signed-off-by: Nils Christian Ehmke <nils-christian.ehmke@bmiag.de>
2019-06-04 07:13:13 -03:00
Pedro Igor
803e44dcb1
[KEYCLOAK-10422] - Code challenge only sent when options object argument is passed to login method
2019-05-29 15:09:01 -03:00
Thomas Darimont
2825619243
KEYCLOAK-1033 Add PKCE support for JS Adapter
...
This adds support for the "S256" code_challenge_method to the JS Adapter.
Note that the method "plain" was deliberately left out as is not recommended
to be used in new applications.
Note that this PR includes two libraries:
- [base64-js]{@link https://github.com/beatgammit/base64-js }
- [js-sha256]{@link https://github.com/emn178/js-sha256 }
`base64-js` is needed for cross-browser support for decoding the
Uint8ArrayBuffer returned by `crypto.getRandomValues` to a PKCE
compatible base64 string.
`js-sha256` library is required because the `crypto.subtle.digest`
support is not available for all browsers.
The PKCE codeVerifier is stored in the callbackStore of the JS Adapter.
Note: This PR is based on #5255 which got messed up during a rebase.
2019-05-29 15:40:16 +02:00
Pedro Igor
e9ea1f0e36
[KEYCLOAK-10279] - Do not limit results when fetching resources
2019-05-28 15:35:29 -03:00
vramik
9a5b85910a
KEYCLOAK-9599 Remove Wildfly 8 adapter
2019-05-28 14:28:09 +02:00
vramik
3bbab225c8
KEYCLOAK-9596 Remove Apache Tomcat 6.0.x adapter
2019-05-28 12:00:19 +02:00
Alan Balbo
0a67e0a89e
KEYCLOAK-10097 Fix register method in javascript adatper for cordova
2019-05-24 08:49:10 -04:00
Sergio Livi
80932c07a2
KEYCLOAK-10071 check isNaN for minValidity
2019-05-20 09:18:40 -04:00
Jonas Kello
96f13e15ca
Add CompatPromise conditional type
2019-05-15 07:42:06 -04:00
mhajas
429863e83b
KEYCLOAK-9095 Fix NPE in AuthenticatedActionsHandler
2019-05-02 13:03:06 +02:00
Martin Kanis
e5092bb617
KEYCLOAK-10090 Fix alignment for CD 6 release in PNC
2019-04-18 09:13:02 +02:00
keycloak-bot
49d4e935cb
Set version to 7.0.0-SNAPSHOT
2019-04-17 09:48:07 +01:00
Sebastian Laskawiec
0042726dd8
KEYCLOAK-9601 KEYCLOAK-9602 Jetty 8.1 and 9.1 removal
...
Co-Authored-By: mhajas <mhajas@redhat.com>
2019-04-16 11:21:29 +02:00
Anders Rønning
3f7d32d1ae
KEYCLOAK-10026: Add missing TypeScript definition for init options
2019-04-15 07:46:05 -04:00
Pedro Igor
c8970c95d5
[KEYCLOAK-10015] - CIP not properly resolving objects from JSON request body
2019-04-11 18:19:43 -03:00
mhajas
5b47df8979
KEYCLOAK-10013 Do not reject tokens with issuedAt == notBefore
2019-04-11 21:57:11 +02:00
Hynek Mlnarik
a63efd872d
KEYCLOAK-9822 Fix deadlock in OIDC adapter upon logout
2019-04-09 21:03:02 +02:00
Pedro Igor
ad9f59f9f7
[KEYCLOAK-9353] - Avoids initialization of the policy enforcer during deployment
2019-04-05 16:02:53 -03:00
mposolda
a516a795a2
KEYCLOAK-9836 Deprecate keycloak-servlet-oauth-clien
2019-04-02 10:52:18 -03:00