Commit graph

523 commits

Author SHA1 Message Date
Alfredo Boullosa
716afe9404 KEYCLOAK-18075 - Remove "role_list" from expected default client scopes 2021-05-13 10:30:12 +02:00
keycloak-bot
4b44f7d566 Set version to 14.0.0-SNAPSHOT 2021-05-06 14:55:01 +02:00
Michal Hajas
e7821bb67b KEYCLOAK-17995 Add a warning to standalone migration scripts to perform a manual migration script if needed + fix test failures when migrating from 9.0.3 2021-05-06 11:40:01 +02:00
rmartinc
7de5e7d298
KEYCLOAK-17074 Infinite loop logging as an user or impersonating an user as admin (#7799) 2021-05-03 21:05:12 -04:00
Christoph Leistert
61bdc92ad9
KEYCLOAK-17387: 403 response on localization endpoint for cross realm users
- add ForbiddenPage class for the assertion at the selenium test
- add assertion to selenium test
- GET requests for localization texts require at least one role for the realm
- Make GET requests for localization texts public, to display the admin UI correctly, even if the role view-realm is missing
2021-05-03 13:29:11 -03:00
Jan Lieskovsky
16ba4c0104 [KEYCLOAK-16723] Upgrade to Wildfly 22
Base fixes:
* [KEYCLOAK-16724] Upgrade Keycloak to Wildfly 22.0.0.Beta1 / Wildfly Core 14.0.0.Beta4
* [KEYCLOAK-16822] Upgrade Keycloak to Wildfly 22.0.0.Final / Wildfly Core 14.0.0.Final
* [KEYCLOAK-17158] Upgrade Keycloak to Wildfly 22.0.1.Final / Wildfly Core 14.0.1.Final

Other (related) fixes:
* [KEYCLOAK-16174] Upgrade (RH-SSO adapters) to EAP CD 21
* [KEYCLOAK-16202] Don't upgrade versions of httpclient and httpcore in the Fuse adapter
                   as part of the Wildfly upgrade script run
* [KEYCLOAK-16737] Keycloak core depends on org.bouncycastle:bcprov-jdk15on:1.65, which
                   suffers from CVE-2020-28052
* [KEYCLOAK-16907] ConfigMigrationTest fails after upgrade to Wildfly 22.0.0.Final
* [KEYCLOAK-17156] org.keycloak.test.config.migration.ConfigMigrationTest fails with
                   'illegal reflective access to method com.sun.net.ssl.internal.ssl.Provider.isFIPS()'

Signed-off-by: Jan Lieskovsky <jlieskov@redhat.com>
2021-04-29 12:36:03 +02:00
AlistairDoswald
8b3e77bf81 KEYCLOAK-9992 Support for ARTIFACT binding in server to client communication
Co-authored-by: AlistairDoswald <alistair.doswald@elca.ch>
Co-authored-by: harture <harture414@gmail.com>
Co-authored-by: Michal Hajas <mhajas@redhat.com>
2021-04-16 12:15:59 +02:00
Alfredo Boullosa
cd342ad571 KEYCLOAK-17620 - Fix ClientClientScopesTest 2021-04-08 15:56:51 +02:00
Alfredo Boullosa
2f0f99c204 KEYCLOAK-17619 - Fix DefaultRolesTest 2021-04-08 12:17:53 +02:00
Alfredo Boullosa
e126969f82 Add Retry 2021-03-24 15:15:02 +01:00
Stan Silvert
717d9515fa
KEYCLOAK-16890: Stored XSS attack on new acct console (#7867) 2021-03-22 11:24:12 +01:00
Stan Silvert
3b80eee5bf KEYCLOAK-17033: Reflected XSS attack with referrer in new account
console
2021-03-22 11:22:23 +01:00
Clement Cureau
0b68f24a09
[KEYCLOAK-14046] Include groups in user creation via Admin Console (#7035)
* [KEYCLOAK-14046] Include groups in user creation via Admin Console

Since the POST /users API now supports providing groups membership, here is the UI
part!

- Added a field in the user creation UI to specify groups the newly created user
will be joining
- Added associated messages in english language

* Added UI integration tests

* Fixed UI tests

* Flatten nested groups in user creation groups searchbox

* Filtering out searched groups

* Removed unused injection

* Fixed UI tests

Co-authored-by: Clement Cureau <clement.cureau@cdiscount.com>
2021-03-19 13:55:45 +01:00
Miquel Simon
1d54dd5e8b KEYCLOAK-16006. Fixed Spring Boot tests with new offset value. 2021-03-11 09:51:28 +01:00
Alfredo Boullosa
95d9cd2b38 KEYCLOAK-17376 - Fix DeviceActivityTest, SigningInTest and PermissionsTest 2021-03-10 09:00:30 +01:00
Alfredo Boullosa
3d76e2b775 KEYCLOAK-17378 - Fix DisableAuthorizationSettingsTest 2021-03-09 16:09:53 +01:00
Pedro Igor
1dc0b005fe [KEYCLOAK-17087] - X509 OCSP Validation Not Checking Intermediate CAs 2021-02-22 13:50:19 +01:00
Lukas Hanusovsky
223d0ea456 KEYCLOAK-16625 : Testsuite -> auth.server.remote: adding keystore file to a build directory. 2021-02-09 15:22:43 +01:00
Martin Kanis
9f580e3ed8 KEYCLOAK-15695 Streamification cleanup 2021-01-20 14:39:53 +01:00
vramik
1402d021de KEYCLOAK-14846 Default roles processing 2021-01-08 13:55:48 +01:00
keycloak-bot
75be33ccad Set version to 13.0.0-SNAPSHOT 2020-12-16 17:31:55 +01:00
vramik
2ed8ed2543 KEYCLOAK-15390 fix ClientMappersOIDCTest 2020-12-16 15:14:35 +01:00
Lukas Hanusovsky
7f916ad20c KEYCLOAK-14231 - validate supported locales 2020-12-07 19:56:32 +01:00
Joaquim Fellmann
87cedeaac6 KEYCLOAK 15634: Add ldap test 2020-12-07 17:44:18 +01:00
Joaquim Fellmann
6a6dba5d6e KEYCLOAK-15634: Prevent federated user removal with new account console 2020-11-27 13:44:36 +01:00
Jan Lieskovsky
833bf98643 [KEYCLOAK-15692] Upgrade to Wildfly "21.0.1.Final"
Base fixes:
* [KEYCLOAK-15780]      Upgrade Keycloak to Wildfly 21.0.0.Beta1 / Wildfly Core 13.0.0.Beta6
* [KEYCLOAK-16031]      Upgrade Keycloak to Wildfly 21.0.0.Final / Wildfly Core 13.0.1.Final
* [KEYCLOAK-16442]      Upgrade Keycloak to Wildfly 21.0.1.Final / Wildfly Core 13.0.3.Final

Other (dependent) fixes:
* [KEYCLOAK-15408]      Deprecate former Wildfly and Wildfly Core versions in Arquillian's
                        testsuite pom.xml file as part of the upgrade script
* [KEYCLOAK-15442]      Update the version of 'jboss-parent' as part of the Wildfly upgrade
                        script if necessary
* [KEYCLOAK-15474]      Add --verbose and --force options to the Wildfly upgrade automated script
* [KEYCLOAK-15649]      Update "urn:jboss:domain:infinispan:10.0" version as part of the Wildfly
                        upgrade automated script
* [KEYCLOAK-15652]      Wildfly upgrade automated script - Align Python artifact version
                        comparsion algorithm with the Maven / Java one

Signed-off-by: Jan Lieskovsky <jlieskov@redhat.com>
2020-11-26 09:25:29 +01:00
zak905
4f330f4a57 KEYCLOAK-953: add allowing user to delete his own account feature 2020-11-24 15:50:07 +01:00
Stan Silvert
0afd55f32c KEYCLOAK-14547: Make New Account Console the default. 2020-11-23 20:56:05 +01:00
Martin Bartos
ab347df5ee KEYCLOAK-14915 Upgrade registration screen to PF4 2020-11-18 10:54:17 +01:00
Miquel Simon
53dfa7c56b KEYCLOAK-14109. Added profiles for Spring 2.3 version.
KEYCLOAK-14737. Updated Jetty version to 9.4.29, as required per Spring 2.3.
2020-11-13 12:09:22 -03:00
Martin Bartos
7522d5ac74 KEYCLOAK-15841 Upgrade rest of the minor forms to PF4 2020-11-05 17:58:41 +01:00
Martin Bartos
a8df7d88a1 [KEYCLOAK-14139] Upgrade login screen to PF4 2020-10-27 20:24:07 +01:00
vmuzikar
cb5c893d87 Add tests for KEYCLOAK-15481 2020-09-11 07:03:24 -04:00
Hynek Mlnarik
1c4a2db8e1 KEYCLOAK-14510 Properly close Response object 2020-09-03 11:23:05 +02:00
keycloak-bot
afff0a5109 Set version to 12.0.0-SNAPSHOT 2020-07-22 14:36:15 +02:00
vmuzikar
0802323916 KEYCLOAK-14778 Springboot tests fails with compilation error 2020-07-16 09:21:28 -03:00
Erik Jan de Wit
ace64c1f0c KEYCLOAK-12249 added test to test that time is localized 2020-07-15 14:57:38 -04:00
vmuzikar
001fe9eb11 KEYCLOAK-13206 Session Status iframe cannot access cookies when 3rd party cookies are blocked
Co-authored-by: mhajas <mhajas@redhat.com>
2020-06-30 17:11:20 -03:00
Douglas Palmer
5e44bb781b [KEYCLOAK-14344] Cannot revoke offline access for an app if the app doesn't require consent 2020-06-26 14:56:08 -04:00
vramik
c163fce46e KEYCLOAK-14546 Springboot tests fails with compilation error 2020-06-26 15:18:17 -03:00
Erik Jan de Wit
8a31c331f5 KEYCLOAK-14566 dynamic hidden on WelcomeScreen 2020-06-24 11:40:16 -04:00
Erik Jan de Wit
55291bad76 KEYCLOAK-14531 Welcome cards should be driven by content.json
`content.js` is now `content.json` it's used in freemarker to create the cards
2020-06-22 11:29:20 -04:00
Erik Jan de Wit
c20766f2d7 KEYCLOAK-14140 added more test cases
Co-authored-by: vmuzikar <vmuzikar@redhat.com>
2020-06-17 13:56:11 -04:00
vramik
c403aa49f7 KEYCLOAK-14087 migration from 9.0.3 2020-06-15 14:47:13 +02:00
mhajas
5c2385d081 KEYCLOAK-14105 Update mod-auth-mellon tests to work with TLS 2020-06-15 12:56:49 +02:00
Erik Jan de Wit
8b0760a6d1 KEYCLOAK-14158 Polished the My Resource page
empty state

change case

added dropdown menu instead of buttons

now on edit you can add and remove permissions

changed how the actions work

updated success messages

use live region alerts toast alerts

username or email search

labels for the buttons

margin between accecpt and deny button

fixed test and types

changed to bigger distance with split component

changed to use seperate empty state component
2020-06-08 09:05:30 -04:00
Stan Silvert
4c7f4a8d9e KEYCLOAK-11268: Change project layout 2020-06-07 12:42:44 -04:00
Alfredo Boullosa
2ddfc94495 KEYCLOAK-14115 Add a refresh to avoid failure 2020-06-03 20:13:08 -04:00
cachescrubber
3382682115
KEYCLOAK-10927 - Implement LDAPv3 Password Modify Extended Operation … (#6962)
* KEYCLOAK-10927 - Implement LDAPv3 Password Modify Extended Operation (RFC-3062).

* KEYCLOAK-10927 - Introduce getLDAPSupportedExtensions(). Use result instead of configuration.

Co-authored-by: Lars Uffmann <lars.uffmann@vitroconnect.de>
Co-authored-by: Kevin Kappen <kevin.kappen@vitroconnect.de>
Co-authored-by: mposolda <mposolda@gmail.com>
2020-05-20 21:04:45 +02:00
Stan Silvert
13d0491ff3 KEYCLOAK-14038: Re-allow special characters for Roles only 2020-05-20 07:53:23 -04:00