Pedro Igor
7501e42969
[KEYCLOAK-14646] - Improving permission resolution and evaluation
2020-07-21 14:22:09 +02:00
Thomas Vitale
4cd5ace800
KEYCLOAK-9321 Remove invalid token_introspection_endpoint
...
The discovery document is advertizing both token_introspection_endpoint
and introspection_endpoint. The former has been removed as it is not
defined by OAuth2/OIDC.
2020-07-17 11:41:28 +02:00
Álvaro Gómez Giménez
666832d1be
KEYCLOAK-13066 Include resourceType in ScopePermissionRepresentation
2020-05-12 17:11:35 -03:00
keycloak-bot
ae20b7d3cd
Set version to 11.0.0-SNAPSHOT
2020-04-29 12:57:55 +02:00
Bart Monhemius
9389332675
[KEYCLOAK-13927] Accept only ticketId instead of the PermissionTicketRepresentation for delete in PermissionResource
2020-04-23 15:59:43 -03:00
Bart Monhemius
56a70bd376
[KEYCLOAK-13927] Fix java doc @param name in PermissionResource
2020-04-23 15:59:43 -03:00
Bart Monhemius
acc5ab9e44
[KEYCLOAK-13927] Allow deleting permission tickets with the Authz client
2020-04-23 15:59:43 -03:00
keycloak-bot
33314ae3ca
Set version to 10.0.0-SNAPSHOT
2020-04-21 09:19:32 +02:00
keycloak-bot
f6a592b15a
Set version to 9.0.4-SNAPSHOT
2020-03-24 08:31:18 +01:00
keycloak-bot
d352d3fa8e
Set version to 9.0.1-SNAPSHOT
2020-02-17 20:38:54 +01:00
Pedro Igor
421ec34557
[KEYCLOAK-8049] - Prevent users from not choosing a group
2020-02-13 10:10:46 +01:00
mhajas
62c9e15776
KEYCLOAK-12638 Remove Request parameters from exception message
2020-02-10 09:23:31 +01:00
Pedro Igor
ed2d392a3d
[KEYCLOAK-9666] - Entitlement request with service account results in server error
2020-02-03 08:57:56 +01:00
Pedro Igor
658a083a0c
[KEYCLOAK-9600] - Find by name in authz client returning wrong resource
2020-02-03 08:57:20 +01:00
Pedro Igor
873c62bbef
[KEYCLOAK-12569] - User cannot be deleted if he has owned resources / permission tickets
...
Co-authored-by: mhajas <mhajas@redhat.com>
2020-01-30 11:08:28 +01:00
Pedro Igor
946088d48d
[KEYCLOAK-12109] - Resolving authz discovery url using KeycloakUriBuilder
2019-12-19 14:18:21 +01:00
Pedro Igor
cee884e4a7
[KEYCLOAK-8406] - Remove Drools/Rules Policy
2019-11-22 15:38:51 +01:00
keycloak-bot
76aa199fee
Set version to 9.0.0-SNAPSHOT
2019-11-15 20:43:21 +01:00
Pedro Igor
bb4ff55229
[KEYCLOAK-10868] - Deploy JavaScript code directly to Keycloak server
...
Conflicts:
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/example/authorization/AbstractPhotozExampleAdapterTest.java
(cherry picked from commit 338fe2ae47a1494e786030eb39f908c964ea76c4)
2019-10-22 10:34:24 +02:00
keycloak-bot
17e9832dc6
Set version to 8.0.0-SNAPSHOT
2019-07-19 19:05:03 +02:00
Pedro Igor
fdc0943a92
[KEYCLOAK-8060] - My Resources REST API
2019-06-11 14:23:26 -03:00
skyfalke
0007bad6f3
KEYCLOAK-10393 Fix permission ticket pagination in Authz Client
...
KEYCLOAK-10393 Ensure idempotency of find method of permission ticket store
2019-05-29 09:43:54 -03:00
Pedro Igor
e9ea1f0e36
[KEYCLOAK-10279] - Do not limit results when fetching resources
2019-05-28 15:35:29 -03:00
keycloak-bot
49d4e935cb
Set version to 7.0.0-SNAPSHOT
2019-04-17 09:48:07 +01:00
keycloak-bot
e843d84f6e
Set version to 6.0.0-SNAPSHOT
2019-03-06 15:54:08 +01:00
stianst
e06c705ca8
Set version 5.0.0
2019-02-21 09:35:14 +01:00
stianst
7c9f15778a
Set version to 4.8.3.Final
2019-01-09 20:39:30 +01:00
stianst
7c4890152c
Set version to 4.8.2
2019-01-03 14:43:22 +01:00
stianst
b674c0d4d9
Prepare for 4.8.0.Final
2018-12-04 13:54:25 +01:00
Pedro Igor
ed0b5d4df1
[KEYCLOAK-8857] - Provide utility to create AuthzClient from InputStream
2018-12-03 11:14:43 -02:00
stianst
ecd476fb10
Prepare for 4.7.0.Final
2018-11-14 20:10:59 +01:00
Pedro Igor
cd96d6cc35
[KEYCLOAK-8694] - Mark Drools policy as tech preview
2018-11-09 11:08:49 -02:00
vramik
7a96911a83
KEYCLOAK-8300 KEYCLOAK-8301 Wildfly 14 upgrade
...
Co-authored-by: Marek Posolda <mposolda@redhat.com>
2018-10-17 20:01:07 +02:00
Pedro Igor
8e57cee30f
[KEYCLOAK-8445] - Owner not granted with permissions when using only scope-based permissions
2018-10-08 09:57:21 -03:00
Pedro Igor
0a6e22ba54
[KEYCLOAK-8412] - Upgrade to Drools 7.11.0.Final
2018-10-04 09:41:41 -03:00
stianst
c3fc9e9815
Set version to 4.6.0.Final-SNAPSHOT
2018-09-26 20:58:41 +02:00
Pedro Igor
6b0bc0b3be
[KEYCLOAK-8308] - Deprecate token_introspection_endpoint claim from OIDC discovery document
2018-09-19 09:46:50 -03:00
stianst
1fb4ca4525
Set version to 4.5.0.Final
2018-09-06 20:08:02 +02:00
mposolda
6fc99cd749
KEYCLOAK-7594 Upgrade to Wildfly 13. Cross-DC: Upgrade to infinispan server 9.2.4 and JDG 7.2
...
Co-authored-by: Douglas Palmer <dpalmer@redhat.com>
Co-authored-by: stianst <stianst@gmail.com>
Co-authored-by: Hynek Mlnarik <hmlnarik@redhat.com>
2018-08-27 12:52:53 +02:00
Corentin Dupont
b80701589c
[KEYCLOAK-7804] - Option to return resource body
2018-08-20 13:07:29 -03:00
Pedro Igor
625f613128
[KEYCLOAK-4902] - Using streams to process requested permissions and limit support for scope responses
2018-08-17 11:00:53 -03:00
Stefan Guilhen
0b95cdacb8
[KEYCLOAK-7885] Add user policy support to the policy API
2018-08-13 22:09:17 -03:00
Stefan Guilhen
1912a8acf4
[KEYCLOAK-7885] Fix javadoc/log message typos
2018-08-13 22:09:17 -03:00
Stefan Guilhen
060b3b8d0f
[KEYCLOAK-4902] - Using streams when fetching resources
2018-08-09 16:28:31 -03:00
Pedro Igor
80e5227bcd
[KEYCLOAK-4902] - Refactoring and improvements to processing of authz requests
2018-08-07 10:53:40 -03:00
mposolda
959cd035ba
Set version to 4.3.0.Final-SNAPSHOT
2018-08-01 22:40:05 +02:00
Pedro Igor
8b6979ac18
[KEYCLOAK-7849] - Improvements to RPT upgrade
2018-07-18 16:40:55 -03:00
Tommy Cheng
fba2bf0b2f
[KEYCLOAK-7822] - Fix access token and refresh token timeout in resource server
2018-07-11 15:13:50 -03:00
mposolda
d0a824dde4
Updating version to 4.2.0.Final-SNAPSHOT
2018-07-05 07:42:48 -04:00
Grzegorz Grzybek
f90e0fc14c
[KEYCLOAK-7425] Correctly import packages of httpclient and http core, fix Karaf feature
2018-06-21 14:28:47 +02:00
stianst
e1a0e581b9
Update to 4.1.0.Final-SNAPSHOT
2018-06-14 14:22:28 +02:00
Federico M. Facca
5a9bfea419
[KEYCLOAK-7353] Support Policy Management in Protection API
...
See https://issues.jboss.org/browse/KEYCLOAK-7353
2018-06-06 19:36:42 -03:00
Pedro Igor
f8919f8baa
Merge pull request #5211 from pedroigor/KEYCLOAK-7367
...
[KEYCLOAK-7367] - User-Managed Policy Provider
2018-06-04 09:35:13 -03:00
Pedro Igor
2b6597e9f1
[KEYCLOAK-7367] - User-Managed Policy Provider
2018-05-25 16:18:15 -03:00
Stian Thorgersen
dbf5c395b0
Bump version to 4.0.0.Final ( #5224 )
2018-05-24 19:02:30 +02:00
Federico M. Facca
76076cdb3c
[KEYCLOAK-7354] split ticket management and permission endpoint
...
see (https://issues.jboss.org/browse/KEYCLOAK-7354 )
* created new endpoint for ticket management /permission/ticket
* removed unused class
* support for direct creation of ticket by resource owner
* fix DELETE ticket
2018-05-16 15:10:39 +02:00
Stian Thorgersen
90e5c7f3eb
Bump version to 4.0.0.Beta3-SNAPSHOT ( #5185 )
2018-05-02 14:32:20 +02:00
Pedro Igor
e1f5245145
Merge pull request #5120 from pedroigor/KEYCLOAK-7029
...
[KEYCLOAK-7029] - Configuration of cache policies for cached resources/path
2018-04-05 09:33:23 -03:00
Pedro Igor
3cea54e3a6
Merge pull request #5128 from sguilhen/KC6853
...
[KEYCLOAK-6853] Make TimePolicyProvider use the kc.date.time_date con…
2018-04-04 15:58:04 -03:00
Stefan Guilhen
87abe5e648
[KEYCLOAK-6853] Make TimePolicyProvider use the kc.date.time_date contextual attribute when evaluating policies
2018-04-04 14:37:03 -03:00
Stefan Guilhen
7e3703b2bf
[KEYCLOAK-5864] Display user friendly error message when a rule policy artifact can't be retrieved
2018-04-04 14:33:31 -03:00
pedroigor
a939c45d58
[KEYCLOAK-7029] - Configuration of cache policies for cached resources/path
2018-04-03 16:44:27 -03:00
pedroigor
4a425c2674
[KEYCLOAK-4102] - Support lazy loading of paths via policy enforcer config
2018-03-28 09:23:59 -03:00
Pedro Igor
ffeb0420bf
Merge pull request #5079 from pedroigor/KEYCLOAK-6529
...
[KEYCLOAK-6529] - Resource Attributes
2018-03-27 09:30:38 -03:00
stianst
07fea02146
Bump versions to 4.0.0.Beta2-SNAPSHOT
2018-03-26 18:17:38 +02:00
pedroigor
08896ee9c9
[KEYCLOAK-6529] - Resource Attributes
2018-03-19 13:21:39 -03:00
pedroigor
1e1de85685
[KEYCLOAK-6787] - Wrong validation of resources with same name and different owners
2018-03-01 16:50:05 -03:00
Pedro Igor
91bdc4bde2
[KEYCLOAK-3169] - UMA 2.0 ( #4368 )
...
* [KEYCLOAK-3169] - UMA 2.0 Support
* [KEYCLOAK-3169] - Changes to account service and more tests
* [KEYCLOAK-3169] - Code cleanup and tests
* [KEYCLOAK-3169] - Changes to account service and tests
* [KEYCLOAK-3169] - Changes to account service and tests
* [KEYCLOAK-3169] - More tests
* [KEYCLOAK-3169] - Changes to adapter configuration
* [KEYCLOAK-3169] - Reviewing UMA specs and more tests
* [KEYCLOAK-3169] - Reviewing UMA specs and more tests
* [KEYCLOAK-3169] - Changes to UMA Grant Type and refactoring
* [KEYCLOAK-3169] - Refresh tokens for RPT responses and tests
* [KEYCLOAK-3169] - Changes to account my resources and policy enforcers
* [KEYCLOAK-3169] - Realm settings flag to enable/disable user-managed access in account mgmt console
* [KEYCLOAK-3169] - More changes to my resource pages in account mgmt console
* [KEYCLOAK-3169] - Need to enable user-managed on realm to run tests
* [KEYCLOAK-3169] - Removing more UMA 1.0 related code
* [KEYCLOAK-3169] - Only submit requests if ticket exists
* [KEYCLOAK-3169] - Returning UMA 401 response when not authenticated
* [KEYCLOAK-3169] - Removing unused code
* [KEYCLOAK-3169] - Removing unused code
* [KEYCLOAK-3169] - 403 response in case ticket is not created
* [KEYCLOAK-3169] - Fixing AbstractPhotozExampleAdapterTest#testClientRoleRepresentingUserConsent
* [KEYCLOAK-3169] - 403 status code only returned for non-bearer clients
2018-02-28 08:53:10 +01:00
pedroigor
bda57d00df
[KEYCLOAK-6164] - Authorization services client doesn't work with JDK7
2018-01-31 13:42:30 -02:00
stianst
0bedbb4dd3
Bump version to 4.0.0.CR1-SNAPSHOT
2017-12-21 15:06:00 +01:00
Martin Kanis
47721957b7
KEYCLOAK-6018 Create BOM for Drools dependencies
2017-12-14 14:51:25 +01:00
stianst
37de8e9f69
Bump version to 3.4.2.Final-SNAPSHOT
2017-12-01 09:34:48 +01:00
Pedro Igor
eebf0b0499
Merge pull request #4690 from pedroigor/KEYCLOAK-5824
...
[KEYCLOAK-5824] - Keycloak throws "Error while evaluating permissions" exception often
2017-11-14 18:35:56 -02:00
Pedro Igor
6731c55429
[KEYCLOAK-5824] - Wrong usage of SimpleDateFormat
2017-11-14 11:27:57 -02:00
Pedro Igor
fdb618219f
[KEYCLOAK-5844] - Refreshing PAT instead of obtaining a new one every time
2017-11-14 11:24:45 -02:00
Stian Thorgersen
128ff12f8f
Bump versions
2017-11-09 15:37:21 +01:00
Pedro Igor
a70cab502c
[KEYCLOAK-4901] - Reviewing methods on provider spis
2017-10-26 13:39:57 -02:00
Pedro Igor
4071dd7734
[KEYCLOAK-5703] - Improving exception handling and parsing server response
2017-10-18 20:27:21 -02:00
Bruno Oliveira da Silva
b6ab2852c2
Remove unused imports ( #4558 )
2017-10-16 14:23:42 +02:00
Gabriel Lavoie
c1664478d9
KEYCLOAK-4858: Slow query performance for client with large data volume
...
- Changing RESOURCE_SERVER PK to the client ID.
- Changing FK on children of RESOURCE_SERVER.
- Use direct fetch of ResourceServer through ID/PK to avoid a lot of implicit Hibernate flush.
2017-09-06 09:55:53 -03:00
Stian Thorgersen
463661b051
Set version to 3.4.0.CR1-SNAPSHOT
2017-08-28 15:46:22 +02:00
Stian Thorgersen
454c5f4d83
Set version to 3.3.0.CR1-SNAPSHOT
2017-06-30 09:47:11 +02:00
Bill Burke
8c82201add
Merge pull request #4224 from pedroigor/KEYCLOAK-3168
...
[KEYCLOAK-3168] - Group-Based Access Control
2017-06-21 17:03:34 -04:00
Pedro Igor
c7a20d7620
[KEYCLOAK-5702] - Caching scripts and removing when updating
2017-06-20 15:26:18 -03:00
Jay Anslow
a04d79c576
Cache compiled scripts in JSPolicyProviderFactory
2017-06-19 16:53:07 +01:00
Jay Anslow
7614ff8c6f
Extract EvaluatebleScriptAdapter
...
Precursor for InvocableScriptAdapter, which compiles/evaluates a script without affecting the engine's bindings. This allows the same script to be compiled once and then evaluated multiple times (with the same ScriptEngine).
2017-06-19 15:32:14 +01:00
Pedro Igor
0b5e6b0d49
JS policy should use ScriptingSPI
2017-06-16 11:49:32 -03:00
Pedro Igor
5028c05cc2
[KEYCLOAK-3168] - Export and import tests
2017-06-14 09:33:59 -03:00
Pedro Igor
169280b6a1
[KEYCLOAK-3168] - Group-Based Access Control
2017-06-13 19:05:44 -03:00
Pedro Igor
9be9e30ad6
Merge pull request #4206 from pedroigor/KEYCLOAK-4983
...
[KEYCLOAK-4983] - Authz settings export of role base policy generates json where are just role-names
2017-06-05 16:19:58 -03:00
Pedro Igor
40c4140021
Merge pull request #4198 from pedroigor/KEYCLOAK-4992
...
RFEs based on Openshift.io authz requirements
2017-06-05 16:03:50 -03:00
Pedro Igor
23887f4031
Fixing tests and more client policy tests
2017-06-05 11:26:33 -03:00
Pedro Igor
3760f2753b
[KEYCLOAK-4983] - Authz settings export of role base policy generates json where are just role-names
2017-06-02 20:09:33 -03:00
Pedro Igor
d0f505455d
[KEYCLOAK-4991] - Allow clients to limit the number of permission in a RPT when using entitlements
2017-06-02 19:06:40 -03:00
Pedro Igor
813af5d757
[KEYCLOAK-4992] - Using query parameter metadata for GET requests
2017-06-02 16:13:04 -03:00
Pedro Igor
d69d00082f
[KEYCLOAK-4932] - Improvements to policy enforcer and better spring boot support
2017-06-01 22:55:58 -03:00
Pedro Igor
dcd1a68d95
[KEYCLOAK-4992] - Allow clients to exclude resource_set_name from RPT
2017-05-31 19:33:34 -03:00
Bill Burke
2cac8b1bb7
KEYCLOAK-4929
2017-05-18 16:53:31 -04:00
Bill Burke
c291748f43
KEYCLOAK-4929
2017-05-18 16:48:04 -04:00
Pedro Igor
b68494b3f0
[KEYCLOAK-4927] - Authz client incompatible with client definition
2017-05-18 09:57:12 -03:00