Commit graph

6915 commits

Author SHA1 Message Date
Pedro Igor
6a1fb8f870 [KEYCLOAK-3132] - Single module for common policy providers 2016-06-17 20:38:03 -03:00
Stian Thorgersen
111bcb7433 Merge pull request #2942 from stianst/master
Refactor authz changelog in to separate authz-master.xml
2016-06-17 15:26:43 +02:00
Stian Thorgersen
8f3cfed7c5 Merge pull request #2934 from fkiss/master-truststore
KEYCLOAK-2283 added email truststore test
2016-06-17 14:05:38 +02:00
Stian Thorgersen
807fc71626 Merge pull request #2939 from mhajas/fixEAP6
KEYCLOAK-3125 Fix ssl tests on EAP6
2016-06-17 14:02:23 +02:00
Stian Thorgersen
8ae08f0432 Merge pull request #2938 from mhajas/addJSConsoleTests-master
KEYCLOAK-3121 Add JS adapter tests
2016-06-17 14:01:21 +02:00
Stian Thorgersen
2beb1f2466 Merge branch 'KEYCLOAK-3052' of https://github.com/cargosoft/keycloak into cargosoft-KEYCLOAK-3052 2016-06-17 13:55:55 +02:00
Stian Thorgersen
1a9fada964 KEYCLOAK-2753 Refactor authz changelog into separate authz-master.xml 2016-06-17 13:40:22 +02:00
Stian Thorgersen
9030edc04d KEYCLOAK-2753 Removed unused imports from PolicyAdapter 2016-06-17 13:40:22 +02:00
Stian Thorgersen
3c0f7e2ee2 Merge pull request #2617 from pedroigor/KEYCLOAK-2753
[KEYCLOAK-2753] - Fine-grained Authorization Services
2016-06-17 13:40:15 +02:00
Pedro Igor
086c29112a [KEYCLOAK-2753] - Fine-grained Authorization Services 2016-06-17 02:07:34 -03:00
mhajas
0df2525298 Fix ssl tests on EAP6 2016-06-16 11:56:31 +02:00
mhajas
cdb40fce19 Add JS adapter tests 2016-06-16 11:43:06 +02:00
Dimitri Teleguin
524ad9728a correct resource URL 2016-06-14 21:07:36 +03:00
fkiss
b50513a946 KEYCLOAK-2283 added email truststore test 2016-06-14 13:49:16 +02:00
Dmitry Telegin
3203842b58 Fix KEYCLOAK-3052 2016-06-14 12:32:43 +03:00
Stian Thorgersen
2d036b58a6 Merge pull request #2932 from stianst/master
KEYCLOAK-3050 - fix npe on deployment
2016-06-13 21:16:04 +02:00
Michaël van de Giessen
55910f5f70 KEYCLOAK-3050 - fix npe on deployment 2016-06-13 20:15:41 +02:00
Stian Thorgersen
c1e202eaf9 Merge pull request #2931 from stianst/master
KEYCLOAK-3091 Change brute force to use userId
2016-06-13 18:02:32 +02:00
Stian Thorgersen
e538394e60 KEYCLOAK-3091 Change brute force to use userId 2016-06-13 15:30:13 +02:00
Stian Thorgersen
46b17e6149 Merge pull request #2928 from mposolda/KEYCLOAK-3106
KEYCLOAK-3106 EventStoreProviderTest.query is failing in some environ…
2016-06-13 15:05:19 +02:00
mposolda
e6b3586b87 KEYCLOAK-3106 EventStoreProviderTest.query is failing in some environments 2016-06-13 15:02:10 +02:00
Stian Thorgersen
bdaba4c85a Merge pull request #2926 from mposolda/master
KEYCLOAK-3105 Can't access single realm with the admin user from mast…
2016-06-13 14:50:19 +02:00
mposolda
1510ac5eb4 KEYCLOAK-3105 Can't access single realm with the admin user from master realm 2016-06-13 12:09:11 +02:00
Marek Posolda
443772d5ec Merge pull request #2924 from mposolda/master
KEYCLOAK-2028: Add preemptive access token refresh support to servlet adapters
2016-06-09 21:51:15 +02:00
mposolda
72736e5e47 KEYCLOAK-2028 Add test for token-minimum-time-to-live adapter option 2016-06-09 19:22:15 +02:00
Ben Loy
ec180db39f KEYCLOAK-2028: Add preemptive access token refresh support
Add a new keycloak.json property and mechanism to automatically
refresh access tokens if they are going to expire in less than a configurable
amount of time.
2016-06-09 19:22:15 +02:00
Marek Posolda
f6d075fbe4 Merge pull request #2922 from mposolda/master
KEYCLOAK-2714 Remove the pre-liquibase workarounds
2016-06-08 15:54:36 +02:00
mposolda
5fc5bafbb6 KEYCLOAK-2714 Remove the pre-liquibase workarounds 2016-06-08 14:40:33 +02:00
Stian Thorgersen
a189545f81 Merge pull request #2920 from thomasdarimont/issue/KEYCLOAK-3092-Increase-number-of-users-shown-in-UserListing
KEYCLOAK-3092: Show 25 users per page in user list by default
2016-06-08 13:21:13 +02:00
Stian Thorgersen
1c694b4795 Merge pull request #2921 from thomasdarimont/issue/KEYCLOAK-3054-fix-npe-on-unknown-protocol-adjustment
KEYCLOAK-3054: Use string format for log message
2016-06-08 07:08:05 +02:00
Stian Thorgersen
819c42dad2 Merge pull request #2918 from chameleon82/issue/KEYCLOAK-3089-email-subject-internationalization
KEYCLOAK-3089 Change email subject encoding to utf-8/base64
2016-06-08 07:07:37 +02:00
Некрасов Александр Сергеевич
7bdccc21b2 KEYCLOAK-3089 Change email subject encoding to utf-8 2016-06-08 09:10:39 +06:00
Thomas Darimont
a9f461bfd1 KEYCLOAK-3054: Use string format for log message
Need to use log.debugf(..) to correctly resolve the %s placeholder.
2016-06-07 21:56:04 +02:00
Thomas Darimont
56a565f913 KEYCLOAK-3092: Show 20 users per page in user list by default
More sensible default for number of users shown per page in
the user listing of the admin console.
This is also recommended in the patternfly guidelines.

Prior to the PR only 5 users were shown per page.
2016-06-07 13:23:03 +02:00
Stian Thorgersen
b6a76b1267 Merge pull request #2917 from thomasdarimont/issue/KEYCLOAK-3054-fix-npe-on-unknown-protocol
KEYCLOAK-3054: Fix potential NPE in RealmsResource
2016-06-07 13:09:54 +02:00
Thomas Darimont
67a63a806e KEYCLOAK-3054: Fix potential NPE in RealmsResource
Prior to PR .well-known Endpoint threw NPE with if unknown
Protocol was provided.
2016-06-07 08:29:23 +02:00
Stian Thorgersen
816b01860b Merge pull request #2912 from thomasdarimont/issue/KEYCLOAK-2891-fix-openidc-endpoint-label-alignment
KEYCLOAK-2891: Fix label alignment for OIDC Endpoint link.
2016-06-07 07:07:17 +02:00
Stian Thorgersen
ce2f009e76 Merge pull request #2915 from pdrozd/KEYCLOAK-3082
KEYCLOAK-3082 - clear queue before event
2016-06-07 07:00:42 +02:00
Stian Thorgersen
d5a44db2de Merge pull request #2914 from pdrozd/master
KEYCLOAK-3085 - Add module org.jboss.resteasy.resteasy-jaxrs to integ…
2016-06-07 07:00:11 +02:00
Некрасов Александр Сергеевич
5474496867 KEYCLOAK-3089 Change email subject encoding to utf-8/base64 2016-06-07 09:11:46 +06:00
Pavel Drozd
54d9943a3b KEYCLOAK-3085 - Add module org.jboss.resteasy.resteasy-jaxrs to integration-arquillian-testsuite-providers 2016-06-06 11:51:20 +02:00
Pavel Drozd
81de73df8e KEYCLOAK-3082 - clear queue before event 2016-06-06 11:46:39 +02:00
Thomas Darimont
51312ff7ff KEYCLOAK-2891: Fix label alignment for OIDC Endpoint link.
This probably happend during merge.
2016-06-06 09:55:31 +02:00
Bill Burke
b2d8c6bca2 Merge pull request #2418 from schmeedy/master
Fix k_query_bearer_token endpoint in proxy
2016-06-05 11:20:08 -04:00
Bill Burke
4c9a0b45d4 Merge pull request #2229 from thomasdarimont/issue/KEYCLOAK-2489-script-based-authenticator-definitions
KEYCLOAK-2489 - Add support for Script-based AuthenticationExecution definitions.
2016-06-05 11:12:05 -04:00
Bill Burke
b3f3449e39 Merge pull request #2810 from thomasdarimont/issue/KEYCLOAK-2974-handle-ModelException-in-UsersResource
KEYCLOAK-2974: Handle ModelException in UsersResource
2016-06-05 11:06:32 -04:00
Bill Burke
a76a4730e3 Merge pull request #2884 from thomasdarimont/issue/KEYCLOAK-2891-link-to-oidc-endpoints-from-admin-console
KEYCLOAK-2891: Add link to OpenID Endpoint Configuration to realm details page.
2016-06-05 11:06:11 -04:00
Bill Burke
dbeb3353f8 Merge pull request #2911 from thomasdarimont/issue/KEYCLOAK-3081-oidc-support-user-role-mapper
KEYCLOAK-3081: Add client mappers to map user roles to token
2016-06-05 11:03:47 -04:00
Thomas Darimont
a2d1c8313d KEYCLOAK-3081: Add client mapper to map user roles to token
Introduced two new client protocol mappers to propagate assigned user client / realm roles to a JWT ID/Access Token.
Each protocol mapper supports to use a prefix string that is prepended to each role name.

 The client role protocol mapper can specify from which client the roles should be considered.
 Composite Roles are resolved recursively.

Background:
Some OpenID Connect integrations like mod_auth_openidc don't support analyzing deeply nested or encoded structures.
In those scenarios it is helpful to be able to define custom client protocol mappers that allow to propagate a users's roles as a flat structure
(e.g. comma separated list) as a top-level  (ID/Access) Token attribute that can easily be matched with a regex.

In order to differentiate between client specific roles and realm roles it is possible to configure
both separately to be able to use the same role names with different contexts rendered as separate token attributes.
2016-06-03 15:52:58 +02:00
Marek Posolda
193233899f Merge pull request #2910 from mposolda/master
KEYCLOAK-3074 AdminEventStoreProviderTest fixes
2016-06-03 11:33:22 +02:00