vmuzikar
01be601dbd
KEYCLOAK-14306 OIDC redirect_uri allows dangerous schemes resulting in potential XSS
...
(cherry picked from commit e86bec81744707f270230b5da40e02a7aba17830)
Conflicts:
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/client/ClientRegistrationTest.java
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/ClientTest.java
services/src/main/java/org/keycloak/validation/DefaultClientValidationProvider.java
2020-11-12 08:21:54 +01:00
Miquel Simon
e8e5808aa9
KEYCLOAK-13639. Added metrics and custom healthcheck endpoints, both enabled via 'metrics.enabled' config parameter.
2020-11-11 21:16:14 +01:00
Takashi Norimatsu
e35a4bcefc
KEYCLOAK-14206 Client Policy - Executor : Enforce more secure state and nonce treatment for preventing CSRF
2020-11-11 21:11:34 +01:00
Dmitry Polienko
12d8247288
[KEYCLOAK-15571] Fix IdentityProviderFactory.createConfig signature
2020-11-11 17:30:35 +01:00
mposolda
9b2f2015f7
KEYCLOAK-16244 RealmRealmLocalizationResourceTest fails on auth-server-quarkus
2020-11-11 14:56:31 +01:00
Hynek Mlnarik
030a077e99
KEYCLOAK-16157 Fix Unexpected I/O error message
2020-11-11 11:12:52 +01:00
Pedro Igor
852c4a57ff
[KEYCLOAK-14468] - Scope permission sometimes not removed when removing scopes
2020-11-11 08:44:28 +01:00
niwde
c69f92831b
[KEYCLOAK-16215] Typo in EventConfigTest
2020-11-10 13:54:39 -03:00
Martin Kanis
d9029b06b9
KEYCLOAK-15889 Streamification of ProtocolMappers
2020-11-10 16:40:34 +01:00
rmartinc
e6bd12b174
[KEYCLOAK-16139] Serialize the calls for groups tab on admin console
2020-11-10 15:41:16 +01:00
Takashi Norimatsu
a0b1710735
KEYCLOAK-14198 Client Policy - Condition : Client - Client IP
2020-11-10 15:37:26 +01:00
Stefan Guilhen
aa46735173
[KEYCLOAK-15200] Complement methods for accessing users with Stream variants
2020-11-10 15:13:11 +01:00
Martin Kanis
8d6577d66c
KEYCLOAK-15898 Streamification of Keymanager
2020-11-10 14:43:23 +01:00
Hynek Mlnarik
2fd6deaf63
KEYCLOAK-16217 Fix compilation errors
2020-11-10 14:26:49 +01:00
Pedro Igor
f6fe88b587
[KEYCLOAK-16126] - Windows support
2020-11-10 08:48:39 +01:00
Takashi Norimatsu
a63814da67
KEYCLOAK-14201 Client Policy - Executor : Enforce Proof Key for Code Exchange (PKCE)
2020-11-09 08:18:05 +01:00
Hynek Mlnarik
f2856385bd
KEYCLOAK-16189 Publish surefire reports
2020-11-06 13:52:29 +01:00
Thomas Darimont
de20830412
KEYCLOAK-9551 KEYCLOAK-16159 Make refresh_token generation for client_credentials optional. Support for revocation of access tokens.
...
Co-authored-by: mposolda <mposolda@gmail.com>
2020-11-06 09:15:34 +01:00
stianst
1281f28bb8
KEYCLOAK-15012 Fix issue with folder theme provider
2020-11-06 09:14:36 +01:00
vmuzikar
2df62369c3
KEYCLOAK-15295 User can manage resources with just "view-profile" role using new Account Console
...
(cherry picked from commit 1b063825755d9f5aa13e612757e8ef7299430761)
2020-11-06 08:55:57 +01:00
stianst
6b2e1cbc5f
KEYCLOAK-16167 Enable Account REST API by default
2020-11-06 08:06:03 +01:00
Takashi Norimatsu
6dc136dfc0
KEYCLOAK-14199 Client Policy - Executor : Enforce more secure client authentication method when client registration
2020-11-05 20:42:49 +01:00
Martin Bartos
7522d5ac74
KEYCLOAK-15841 Upgrade rest of the minor forms to PF4
2020-11-05 17:58:41 +01:00
Martin Kanis
db026e5566
KEYCLOAK-16155 Add cluster tests to GitHub Actions
2020-11-05 17:32:24 +01:00
Hynek Mlnarik
f93924e782
KEYCLOAK-16156 Optimize maven repo handling
2020-11-05 17:24:05 +01:00
Martin Bartoš
da6c59f0c3
KEYCLOAK-15242 Error in application logs when refresh token is expired.
2020-11-05 14:40:53 +01:00
Pedro Igor
a01dcc5456
Minor updates to config based on design document changes
2020-11-05 12:23:44 +01:00
Martin Kanis
7b5fdc9c0d
KEYCLOAK-16147 KEYCLOAK-16148 Add crossdc tests to GitHub Actions
2020-11-05 09:06:27 +01:00
Martin Kanis
6c1f92bee3
KEYCLOAK-16166 Remove adapter-tests from GitHub Actions
2020-11-04 09:13:56 +01:00
stianst
a43d0a9dbd
KEYCLOAK-16144 Added unit tests to GA
2020-11-04 08:45:11 +01:00
Otto Leppänen
bc6bb22173
[KEYCLOAK-16055] Update DefaultKeyManager kid is null logging
...
Got this "kid is null, can't find public key" without a hint to which realm it's belonging. Not sure if the realm name is dropped because it's null(?), but at least the log message is now explicit. Dropping kid because the text says it's null. Haven't tested whether this breaks tests etc.
2020-11-03 20:40:00 +01:00
Martin Kanis
6f6c21333b
KEYCLOAK-16145 Add adapter-tests to GitHub Actions
2020-11-03 13:20:03 +01:00
Hynek Mlnarik
8060e3b3ac
KEYCLOAK-16115 Remove need for MapStorage.keySet() and values()
2020-11-03 08:46:42 +01:00
Hynek Mlnarik
7b8575fa1a
KEYCLOAK-16090 Work around LDAPUserLoginTest false failures
2020-11-03 08:38:54 +01:00
Peter Zaoral
4fbc6389b5
KEYCLOAK-15386 Some icons are not displayed properly
...
* pficon.woff/woff2 - updated PatternFly font resource
* pficon.css - css that contains @font-face rule
Signed-off-by: Peter Zaoral <pzaoral@redhat.com>
2020-11-02 20:21:38 +01:00
Pedro Igor
2b9ee02adc
[KEYCLOAK-11698] - Change context path of Keycloak to / for Keycloak.X
2020-11-02 15:25:11 -03:00
Pedro Igor
8d7195637d
[KEYCLOAK-16116] - PersistedConfigSource for resolving build time properties
2020-11-02 15:30:32 +01:00
Hynek Mlnarik
f0bdcdd204
KEYCLOAK-16113 Add JPA event test
2020-10-30 21:08:27 +01:00
Pedro Igor
18c67f51ce
KEYCLOAK-16066 KEYCLOAK-14255 Unable to build Keycloak distribution on Windows due to io.quarkus.builder.BuildException failure
...
* file separator removed from KeycloakPropertiesConfigSource.java
Signed-off-by: Peter Zaoral <pzaoral@redhat.com>
fixing windows
2020-10-30 12:13:00 -03:00
Pedro Igor
452bcd8bd9
Improvements to configuration
2020-10-30 12:17:55 +01:00
Christoph Leistert
e131de9574
KEYCLOAK-14855 Added realm-specific localization texts which affect texts in every part of the UI (admin console / login page / personal info page / email templates). Also new API endpoints and a new UI screen to manage the realm-specific localization texts were introduced.
...
Co-authored-by: Daniel Fesenmeyer <daniel.fesenmeyer@bosch.io>
2020-10-30 08:02:43 -03:00
vramik
785f2e78bc
KEYCLOAK-14977 create MapRoleProvider
2020-10-30 08:15:22 +01:00
Martin Kanis
b494b8bb44
KEYCLOAK-16034 Not scroll-able event queries for postgres and mssql
2020-10-30 08:10:00 +01:00
Hynek Mlnarik
925f089d62
KEYCLOAK-16077 Remove need for MapStorage.replace
2020-10-29 15:40:47 +01:00
Pedro Igor
1418c6e938
Update Quarkus 1.9.1.Final
2020-10-29 10:51:28 -03:00
Martin Bartos
2e59d5c232
KEYCLOAK-14679 Unable to log in with WebAuthn on unsupported browsers
2020-10-29 14:03:17 +01:00
Martin Bartoš
ceb46c266d
KEYCLOAK-15962 Update quickstarts/examples for new login theme
2020-10-29 12:45:05 +01:00
Johannes Knutsen
23c575c236
KEYCLOAK-15399: Wrong token type in token response. bearer vs Bearer
2020-10-28 10:38:22 -03:00
Pedro Igor
24f90ca6cb
[KEYCLOAK-15406] - Grant access when evaluating user-managed permission for the owner
2020-10-28 09:59:24 -03:00
Stian Thorgersen
ee3f9b71db
Update README.md
2020-10-27 23:48:08 +01:00