Commit graph

808 commits

Author SHA1 Message Date
stianst
e1a0e581b9 Update to 4.1.0.Final-SNAPSHOT 2018-06-14 14:22:28 +02:00
Marek Posolda
49407c2e4f
KEYCLOAK-6630 Client scopes initial support (#5076)
* KEYCLOAK-6630 KEYCLOAK-349 Client Scopes

Co-authored-by: vramik <vramik@redhat.com>

* KEYCLOAK-6630 Change some clientTemplate occurences to clientScope
2018-06-08 15:38:38 +02:00
Federico M. Facca
5a9bfea419 [KEYCLOAK-7353] Support Policy Management in Protection API
See https://issues.jboss.org/browse/KEYCLOAK-7353
2018-06-06 19:36:42 -03:00
Pedro Igor
f8919f8baa
Merge pull request #5211 from pedroigor/KEYCLOAK-7367
[KEYCLOAK-7367] - User-Managed Policy Provider
2018-06-04 09:35:13 -03:00
Pedro Igor
2b6597e9f1 [KEYCLOAK-7367] - User-Managed Policy Provider 2018-05-25 16:18:15 -03:00
Stian Thorgersen
dbf5c395b0
Bump version to 4.0.0.Final (#5224) 2018-05-24 19:02:30 +02:00
Stian Thorgersen
90e5c7f3eb
Bump version to 4.0.0.Beta3-SNAPSHOT (#5185) 2018-05-02 14:32:20 +02:00
Pedro Igor
5cae1bb134
Merge pull request #5093 from pedroigor/KEYCLOAK-4102
[KEYCLOAK-4102] - Support lazy load paths
2018-03-29 09:16:34 -03:00
pedroigor
4a425c2674 [KEYCLOAK-4102] - Support lazy loading of paths via policy enforcer config 2018-03-28 09:23:59 -03:00
dongay
707b80f436 KEYCLOAK-3210 Apply @Nationalized attribute to entity fields that should support unicode character sets 2018-03-27 20:55:59 +02:00
Pedro Igor
ffeb0420bf
Merge pull request #5079 from pedroigor/KEYCLOAK-6529
[KEYCLOAK-6529] - Resource Attributes
2018-03-27 09:30:38 -03:00
stianst
07fea02146 Bump versions to 4.0.0.Beta2-SNAPSHOT 2018-03-26 18:17:38 +02:00
pedroigor
758ae41999 [KEYCLOAK-6529] - Constraint name too long 2018-03-22 07:05:03 -03:00
pedroigor
08896ee9c9 [KEYCLOAK-6529] - Resource Attributes 2018-03-19 13:21:39 -03:00
Pedro Igor
2aa71d1737
Merge pull request #5051 from pedroigor/KEYCLOAK-6787
[KEYCLOAK-6787] - Wrong validation of resources with same name and different owners
2018-03-12 11:41:49 -03:00
Bill Burke
4b6b45cf43 KEYCLOAK-6026 2018-03-05 11:57:05 -05:00
vramik
9bd2e70376 KEYCLOAK-6790 Identifier for RESOURCE_SERVER_PERMISSION_TICKET table is too long for Oracle databases 2018-03-02 12:46:19 +01:00
Bill Burke
7f21cdd1f4 KEYCLOAK-6551 2018-03-02 10:41:05 +01:00
pedroigor
1e1de85685 [KEYCLOAK-6787] - Wrong validation of resources with same name and different owners 2018-03-01 16:50:05 -03:00
pedroigor
cb531056a6 [KEYCLOAK-6621] - Fixing cache and queries of policies with type scope 2018-02-28 16:33:45 -03:00
Pedro Igor
91bdc4bde2 [KEYCLOAK-3169] - UMA 2.0 (#4368)
* [KEYCLOAK-3169] - UMA 2.0 Support

* [KEYCLOAK-3169] - Changes to account service and more tests

* [KEYCLOAK-3169] - Code cleanup and tests

* [KEYCLOAK-3169] - Changes to account service and tests

* [KEYCLOAK-3169] - Changes to account service and tests

* [KEYCLOAK-3169] - More tests

* [KEYCLOAK-3169] - Changes to adapter configuration

* [KEYCLOAK-3169] - Reviewing UMA specs and more tests

* [KEYCLOAK-3169] - Reviewing UMA specs and more tests

* [KEYCLOAK-3169] - Changes to UMA Grant Type and refactoring

* [KEYCLOAK-3169] - Refresh tokens for RPT responses and tests

* [KEYCLOAK-3169] - Changes to account my resources and policy enforcers

* [KEYCLOAK-3169] - Realm settings flag to enable/disable user-managed access in account mgmt console

* [KEYCLOAK-3169] - More changes to my resource pages in account mgmt console

* [KEYCLOAK-3169] - Need to enable user-managed on realm to run tests

* [KEYCLOAK-3169] - Removing more UMA 1.0 related code

* [KEYCLOAK-3169] - Only submit requests if ticket exists

* [KEYCLOAK-3169] - Returning UMA 401 response when not authenticated

* [KEYCLOAK-3169] - Removing unused code

* [KEYCLOAK-3169] - Removing unused code

* [KEYCLOAK-3169] - 403 response in case ticket is not created

* [KEYCLOAK-3169] - Fixing AbstractPhotozExampleAdapterTest#testClientRoleRepresentingUserConsent

* [KEYCLOAK-3169] - 403 status code only returned for non-bearer clients
2018-02-28 08:53:10 +01:00
gonzalad
898347366d KEYCLOAK-6589: Optimize jpql in User search API
This commit removes the 6 n+1 select
that are issued when calling GET /users api.

We now have 4 select queries.
2018-02-22 14:21:42 +01:00
pedroigor
d590600c12 [KEYCLOAK-6321] - NPE when deleting a resource with admin events enabled 2018-02-21 19:41:44 +01:00
Bruno Oliveira
b91998a0d8 [KEYCLOAK-6111] 'Override User-Initiated Action Lifespan' admin GUI can break realm configuration 2018-02-09 06:36:23 -02:00
pedroigor
76657d5239 [KEYCLOAK-6528] - Fixing mysql error. Probably a consequence of KEYCLOAK-6228 changes. 2018-02-08 21:17:33 +01:00
Bill Burke
a0d275c850 whoops, fix db script 2018-01-31 14:28:40 -05:00
Bill Burke
26411a123e migrate fix 2018-01-31 13:11:46 -05:00
Bill Burke
bd3eb9d662 more hynek db changes 2018-01-30 19:46:42 -05:00
Bill Burke
a571781240 hynek db changes 2018-01-30 17:00:55 -05:00
Bill Burke
dd4c0d448c Merge remote-tracking branch 'upstream/master' into client-storage-spi 2018-01-27 09:47:41 -05:00
Bill Burke
6b84b9b4b6 done 1st iteration 2018-01-27 09:47:16 -05:00
vramik
b0fbe5c8ba KEYCLOAK-6300 List of group members is not sorted alphabetically 2018-01-25 20:21:03 +01:00
Bill Burke
4bfb62d7f4 marek suggested fixes 2018-01-24 09:32:38 -05:00
Bill Burke
a9297df89c KEYCLOAK-6335 2018-01-23 12:09:49 -05:00
Douglas Palmer
fc3c07f6de [KEYCLOAK-6236] Use MessageDigest.isEquals in place of String.equals 2018-01-18 13:04:54 +01:00
Hynek Mlnarik
e4c875eb41 KEYCLOAK-6108 Remove DROP INDEX in postgres (handled automatically) 2018-01-04 09:03:52 +01:00
Hynek Mlnarik
f0c1e65b2d KEYCLOAK-6095 Include schema in custom SQL 2018-01-04 09:03:52 +01:00
stianst
0bedbb4dd3 Bump version to 4.0.0.CR1-SNAPSHOT 2017-12-21 15:06:00 +01:00
Martin Kanis
351dbffaf2 KEYCLOAK-5172 Set oidc as default protocol to clients 2017-12-20 13:38:12 +01:00
mposolda
6696c0f0b2 KEYCLOAK-5245 Restart failures when deleting a client with existing sessions/offline_tokens 2017-12-13 15:53:10 +01:00
Bill Burke
efa5949f69
Merge pull request #4814 from patriot1burke/master
KEYCLOAK-5350
2017-12-07 10:07:35 -05:00
stianst
c055ffb083 KEYCLOAK-4215 Consider session expiration when setting token timeouts 2017-12-07 10:45:02 +01:00
stianst
5fd3c9161d KEYCLOAK-5868 2017-12-07 10:42:21 +01:00
Bill Burke
64f8d7ce25 KEYCLOAK-5350 2017-12-06 16:00:23 -05:00
stianst
6d1c33ccdc KEYCLOAK-5667 2017-12-06 06:45:23 +01:00
stianst
37de8e9f69 Bump version to 3.4.2.Final-SNAPSHOT 2017-12-01 09:34:48 +01:00
pedroigor
17748d5ba8 [KEYCLOAK-5660] - Adding UserQueryProvider.getUsersCount(realm, includeServiceAccount) method 2017-11-30 10:45:54 +01:00
pedroigor
674fb31a2c [KEYCLOAK-5660] - Rest API User count returns wrong value 2017-11-30 10:45:54 +01:00
stianst
2be78a0239 KEYCLOAK-5924 Add error handler for uncaught errors 2017-11-30 10:33:13 +01:00
pedroigor
9ffc11d04f [KEYCLOAK-4231] - Unable to import PEM certificate > 2048 2017-11-29 20:26:22 +01:00
Bill Burke
8993ca08ad KEYCLOAK-4715 2017-11-21 17:46:48 -05:00
Hynek Mlnarik
a787cfa33a KEYCLOAK-5425 Have preconditions evaluated in manual mode 2017-11-15 13:37:32 +01:00
Bruno Oliveira
03d0488335 [KEYCLOAK-2052] Allows independently set timeouts for e-mail verification link and rest e.g. forgot password link
Co-authored-by: Hynek Mlnarik <hmlnarik@redhat.com>
2017-11-13 19:57:04 -02:00
Stian Thorgersen
128ff12f8f Bump versions 2017-11-09 15:37:21 +01:00
Hynek Mlnarik
c9aa5e638e KEYCLOAK-5230 Add indices to FED_* tables 2017-10-27 12:43:22 +02:00
vramik
223713bc53 KEYCLOAK-4928 Add primary key constraints 2017-10-24 10:46:46 +02:00
Bruno Oliveira da Silva
b6ab2852c2 Remove unused imports (#4558) 2017-10-16 14:23:42 +02:00
Gabriel Lavoie
134daeac7f KEYCLOAK-3303: Allow reuse of refresh tokens.
- Configurable max reuse count.
2017-09-28 15:30:40 -04:00
Bill Burke
fd025ae76b Merge pull request #4209 from guitaro/feature/group-search-and-pagination
[KEYCLOAK-2538] - groups pagination and group search
2017-09-23 20:52:19 -04:00
howcroft
e78bf5f876 Keycloak 2035
This PR adds:
* an endpoint to Role that lists users with the Role
* a tab "Users in Role" in Admin console Role page
* it is applicable to Realm and Client Roles
* Extends UserQueryProvider with default methods (throwing Runtime Exception if not overriden)
* Testing in base testsuite and Console
2017-09-22 15:05:49 +01:00
Oguz Kilcan
6ec5264f20 KEYCLOAK-5416 Migration from 3.2.1 to 3.3.0 doesn't work on MSSQL due to constraint violation (#4461) 2017-09-15 09:56:22 +02:00
Levente NAGY
d18aa44fb4 Merge branch 'feature/group-search-and-pagination' of https://github.com/guitaro/keycloak into feature/group-search-and-pagination 2017-09-13 16:48:24 +02:00
Levente NAGY
e907da77d7 KEYCLOAK 2538 - UI group pagination - Remove junit mocked TUs, add arquillian Tests, delete mockito from poms, fix groups sorting when get result from cache 2017-09-13 16:45:45 +02:00
Léventé NAGY
503ce3a47f Merge branch 'master' into feature/group-search-and-pagination 2017-09-13 10:27:38 +02:00
Pedro Igor
90db6654d3 Merge pull request #4451 from glavoie/KEYCLOAK-4858-ResourceServer
KEYCLOAK-4858: Slow query performance for client with large data volume
2017-09-12 15:54:16 -03:00
Levente NAGY
c8c88dd58c KEYCLOAK 2538 - UI group pagination - TU + some code improvement + add mockito dependency 2017-09-12 15:09:08 +02:00
Levente NAGY
db56d82dbd KEYCLOAK 2538 - UI group pagination - fix duplicate result for search + sort result 2017-09-12 11:45:37 +02:00
Marek Posolda
2a1f40d487 Merge pull request #4408 from MarkSchmitt/master
KEYCLOAK-5322: Rewrote delete statement to scale better
2017-09-12 11:14:08 +02:00
Gabriel Lavoie
bf184e8599 KEYCLOAK-4858: ResourceServer PK change to CLIENT_ID.
- MSSQL needs the index to be dropped before the column.
- Different UPDATE statement format to support MSSQL.
2017-09-11 13:50:58 -04:00
Levente NAGY
2c24b39268 KEYCLOAK 2538 - UI group pagination 2017-09-07 19:39:06 +02:00
fmugrau
998262177f KEYCLOAK-5422: Rewrote statement to scale better 2017-09-07 10:17:22 +02:00
Pedro Igor
f10891b662 [KEYCLOAK-4858] - Migration configuration for resource server pk changes 2017-09-06 11:28:58 -03:00
Gabriel Lavoie
c1664478d9 KEYCLOAK-4858: Slow query performance for client with large data volume
- Changing RESOURCE_SERVER PK to the client ID.
- Changing FK on children of RESOURCE_SERVER.
- Use direct fetch of ResourceServer through ID/PK to avoid a lot of implicit Hibernate flush.
2017-09-06 09:55:53 -03:00
vramik
37479a9afe KEYCLOAK-5405 add synchronization of the persistence context when creating a group 2017-09-05 14:34:43 +02:00
vramik
d62164f6f0 KEYCLOAK-5385 add not null constraint for user_entity.not_before (#4446) 2017-09-01 08:57:50 +02:00
vramik
8bfab22417 KEYCLOAK-5049 add explicit removal of groups (#4416) 2017-08-30 08:16:00 +02:00
Stian Thorgersen
463661b051 Set version to 3.4.0.CR1-SNAPSHOT 2017-08-28 15:46:22 +02:00
Hynek Mlnařík
23560d9e41 KEYCLOAK-5235 Fix JPA update script for MariaDB (#4423) 2017-08-28 08:05:49 +02:00
mposolda
fe5891fbdb KEYCLOAK-5293 Add notBefore to user 2017-08-23 08:58:26 +02:00
mark.schmitt
6a28971218 KEYCLOAK-5322: Rewrote delete statement to scale better 2017-08-22 13:15:09 +00:00
Levente NAGY
c8aa708cff Merge remote-tracking branch 'upstream/master' 2017-08-10 18:14:49 +02:00
Pedro Igor
6865b4bbb1 [KEYCLOAK-4808] - Import large authz settings a bit faster 2017-07-06 18:22:13 -03:00
Pedro Igor
65251748c7 [KEYCLOAK-5148] - Create authorization settings when creating a new client using a config file 2017-07-05 18:19:00 -03:00
Stian Thorgersen
454c5f4d83 Set version to 3.3.0.CR1-SNAPSHOT 2017-06-30 09:47:11 +02:00
Josh Cain
89fcddd605 KEYCLOAK-3592 Docker auth implementation 2017-06-29 06:37:34 +02:00
Léventé NAGY
1a50e77a4d Merge branch 'master' into feature/group-search-and-pagination 2017-06-26 20:36:36 +02:00
Bill Burke
3ee86fedc7 Merge remote-tracking branch 'upstream/master' 2017-06-23 09:57:35 -04:00
Léventé NAGY
41d8d17062 Merge branch 'master' into feature/group-search-and-pagination 2017-06-22 17:41:30 +02:00
Levente NAGY
124bf43a27 [KEYCLOAK-2538] - groups count for pagination 2017-06-22 17:32:38 +02:00
Bill Burke
d08ddade2e merge 2017-06-21 17:43:54 -04:00
Bill Burke
52e40922bc removal 2017-06-21 17:42:57 -04:00
mposolda
fc61a4e89f KEYCLOAK-4631 Move ClientInitialAccessModel from userSession model to realm model 2017-06-21 22:14:20 +02:00
mposolda
e91dd011c5 KEYCLOAK-4438 Disable kerberos flow when provider removed 2017-06-21 09:38:20 +02:00
Levente NAGY
f377a45c4e [KEYCLOAK-2538] - groups count for pagination limits 2017-06-07 20:52:22 +02:00
Levente NAGY
c4da7637d6 [KEYCLOAK-2538] - groups pagination and group search 2017-06-06 18:32:48 +02:00
Bill Burke
b9f7a43a72 group permissions 2017-06-01 20:16:35 -04:00
Gabriel Lavoie
e59aeb56cc KEYCLOAK-3990: Very slow use of NamedQueries.
- Generates too many auto-flush checks by Hibernate.
- Moved to collections mapping to allow batching and the use of Hibernate L2 cache.
2017-05-23 08:09:39 -04:00
Stian Thorgersen
e3a04ebd90 Merge pull request #3557 from glavoie/KEYCLOAK-3988
KEYCLOAK-3988: Multiple missing indexes on FKs.
2017-05-23 14:07:51 +02:00
Bill Burke
ab763e7c5b fixes after merge 2017-05-19 15:54:36 -04:00
Bill Burke
2cac8b1bb7 KEYCLOAK-4929 2017-05-18 16:53:31 -04:00