libre.sh/keycloak-scim
2
0
Fork 0
Code Issues 14 Pull requests Releases Packages Activity Actions 6
10299 commits 4 branches 5 tags 480 MiB
Commit graph

1782 commits

Author SHA1 Message Date
Stian Thorgersen
5666bfe88b KEYCLOAK-4962 Fix updating mappers for identity providers on Oracle 2017-11-27 19:46:12 +01:00
Marko Strukelj
c35c6e6ab7 KEYCLOAK-5762 [Client Registration CLI] Fix instructions in built-in help 2017-11-27 17:00:48 +01:00
Marko Strukelj
0e2332196d KEYCLOAK-5741 [Admin CLI] Fix instructions in build-in help 2017-11-27 16:12:00 +01:00
Pavel Drozd
a8bcdfb401
Merge pull request #4735 from vmuzikar/fix-ui 
KEYCLOAK-5816, KEYCLOAK-5815 UI tests fixes
 2017-11-27 15:12:35 +01:00
Pavel Drozd
87b17a6e6c
Merge pull request #4743 from wyvie/springboot-testing-fix 
[KEYCLOAK-3837] fix to spring boot test application for jenkins
 2017-11-27 15:07:22 +01:00
wyvie
6035e5c831 [KEYCLOAK-3837] fix to spring boot test application for jenkins 2017-11-27 13:58:36 +01:00
Bruno Oliveira
9d35891e7d [KEYCLOAK-5467] X.509 Auth - missing internationalization support 2017-11-27 13:44:38 +01:00
Bruno Oliveira
00677a6b92 [KEYCLOAK-5898] X.509 Auth - add tests for CRL with direct grant 2017-11-27 13:43:37 +01:00
Bruno Oliveira
697caaa805 [KEYCLOAK-4683] Add key usage tests for X.509 Authentication 
These tests cover the scenarios already available at our certificates:
* Key Usage with the flag critical
* Extended Key Usage without the flag critical
 2017-11-27 13:42:57 +01:00
Marek Posolda
dd6502013e
Merge pull request #4734 from rmartinc/ui_locales 
KEYCLOAK-5896: Parameter "ui_locales" not redirected to login page in java adapters
 2017-11-24 10:59:26 +01:00
rmartinc
ecbf6e5386 KEYCLOAK-5896: adding a test for the ui_locales change. 2017-11-24 08:21:37 +01:00
pedroigor
2721e6a5e4 [KEYCLOAK-5770] - Logout event test 2017-11-23 21:08:07 +01:00
mposolda
6d91ab674b KEYCLOAK-5895 CrossDC: NotSerializableException when opening sessions tab in admin console 2017-11-23 20:03:12 +01:00
vmuzikar
6f4ab8870e KEYCLOAK-5816, KEYCLOAK-5815 UI tests fixes 2017-11-23 13:51:38 +01:00
Pavel Drozd
94ba85c210
Merge pull request #4720 from vramik/KEYCLOAK-5872 
KEYCLOAK-5872 add preview assumption to InvalidationCrossDCTest.authz…
 2017-11-23 07:42:31 +01:00
Bill Burke
2117db5e6d
Merge pull request #4730 from patriot1burke/master 
KEYCLOAK-4715
 2017-11-22 12:45:23 -05:00
Bill Burke
116bfb05c2 fix 2017-11-22 11:55:10 -05:00
Bill Burke
aee6d16f58 fix more stupidity 2017-11-22 10:22:47 -05:00
Bill Burke
ae29e36e1f fix my stupidity 2017-11-22 08:19:30 -05:00
Pavel Drozd
12bdf48ecc
Merge pull request #4707 from abstractj/KEYCLOAK-5858 
[KEYCLOAK-5858] Failing TokensTest in Console UI Tests
 2017-11-22 13:22:28 +01:00
mposolda
bd1072d2eb KEYCLOAK-5747 Ensure refreshToken doesn't need to send request to the other DC. Other fixes and polishing 2017-11-22 11:55:12 +01:00
Bill Burke
75d517a1e8 cleanup test 2017-11-21 21:49:51 -05:00
Bill Burke
8993ca08ad KEYCLOAK-4715 2017-11-21 17:46:48 -05:00
vmuzikar
7fd237b40b KEYCLOAK-5879 Fix SocialLoginTest with -Pauth-server-wildfly 2017-11-21 11:12:21 +01:00
Bill Burke
06762ba13d KEYCLOAK-5878 2017-11-20 17:03:28 -05:00
vramik
37b625fd99 KEYCLOAK-5872 add preview assumption to InvalidationCrossDCTest.authzResourceInvalidationTest 2017-11-20 11:30:44 +01:00
Bruno Oliveira
641069d4fd [KEYCLOAK-5866] MigrationTest fails for extracting realm keys 2017-11-16 19:44:09 +01:00
Pavel Drozd
a06fd31412
Merge pull request #4688 from vramik/KEYCLOAK-5678 
KEYCLOAK-5678 configs for rh-sso and keycloak are different, skip tes…
 2017-11-16 08:38:12 +01:00
Bruno Oliveira
07aa718cb9 [KEYCLOAK-5379] MigrationTest fails for migration to 3.3.0 2017-11-16 07:22:57 +01:00
Pedro Igor
f96c3312e2 [KEYCLOAK-5841] - Test 2017-11-16 07:03:08 +01:00
Bruno Oliveira
d1579f62a3
[KEYCLOAK-5858] Failing TokensTest in Console UI Tests 2017-11-16 00:24:12 -02:00
Hynek Mlnařík
393fae74b3
Merge pull request #4693 from hmlnarik/KEYCLOAK-5349-JS-client-breaks-login-session 
KEYCLOAK-5349 User session count in IdP-initiated flow tests
 2017-11-15 12:35:19 +01:00
Hynek Mlnarik
a2f6c16764 KEYCLOAK-5349 User session count in IdP-initiated flow tests 2017-11-15 11:41:45 +01:00
Pedro Igor
63a01b1e1f
Merge pull request #4689 from pedroigor/KEYCLOAK-5844 
[KEYCLOAK-5844] - Refreshing PAT instead of obtaining a new one every time
 2017-11-14 18:25:24 -02:00
Pedro Igor
fdb618219f [KEYCLOAK-5844] - Refreshing PAT instead of obtaining a new one every time 2017-11-14 11:24:45 -02:00
Stian Thorgersen
89f4b87038 KEYCLOAK-5567 Set correct status code on login error pages 2017-11-14 12:33:29 +01:00
vramik
ea869a3008 KEYCLOAK-5678 configs for rh-sso and keycloak are different, skip test interfaces for now 2017-11-14 11:27:03 +01:00
Bruno Oliveira
03d0488335 [KEYCLOAK-2052] Allows independently set timeouts for e-mail verification link and rest e.g. forgot password link 
Co-authored-by: Hynek Mlnarik <hmlnarik@redhat.com>
 2017-11-13 19:57:04 -02:00
Stian Thorgersen
925d5e1dea KEYCLOAK-3173 enable logout offline refresh token using OIDC logout endpoint 2017-11-13 18:23:39 +01:00
Stian Thorgersen
d30bf938ee KEYCLOAK-5821 Fix basic auth tests with embedded Undertow 2017-11-13 16:34:25 +01:00
Pavel Drozd
0f4b8be2b0
Merge pull request #4643 from vramik/KEYCLOAK-5678 
KEYCLOAK-5678 Extend server-config-migration tests to test also exten…
 2017-11-13 12:02:46 +01:00
Pavel Drozd
af97a84108
Merge pull request #4635 from vmuzikar/fix-x509 
KEYCLOAK-5720 Fix X.509 tests
 2017-11-13 11:56:16 +01:00
Stian Thorgersen
4295f4ec31 KEYCLOAK-1886 Added cors headers to errors in token endpoint 2017-11-10 12:01:21 +01:00
mposolda
b033ce0669 KEYCLOAK-5371 SessionExpirationCrossDCTest - improve stability. Remove checks for counts of sent messages 2017-11-09 22:18:47 +01:00
mposolda
a98f085be6 KEYCLOAK-5618 Fix SessionsPreloadCrossDCTest. Update HOW-TO-RUN docs. Ensure it's executed in travis. 2017-11-09 17:39:04 +01:00
Stian Thorgersen
128ff12f8f Bump versions 2017-11-09 15:37:21 +01:00
Marko Strukelj
dae0fafc8a KEYCLOAK-5040 ProfileAssume needs to use server info endpoint 2017-11-09 14:19:06 +01:00
Bruno Oliveira
26e253f4a5 [KEYCLOAK-5284] 2017-11-09 13:45:06 +01:00
Marko Strukelj
2854a2006e KEYCLOAK-5810 ClientTokenExchangeTest failures with -Pproduct profile 2017-11-09 13:44:10 +01:00
vmuzikar
3bf1904269 KEYCLOAK-5786 Fix testsuite not working with auth-server-eap profile 2017-11-09 08:10:58 +01:00
vmuzikar
2c2a332f80 KEYCLOAK-5332 Fix GitLab social test 2017-11-09 07:19:01 +01:00
vmuzikar
b21d5bbf04 KEYCLOAK-5805 Fix tests in the 'other' module 2017-11-09 07:01:27 +01:00
vramik
819181007c KEYCLOAK-5678 Extend server-config-migration tests to test also extensions and management 2017-11-07 12:46:13 +01:00
mposolda
62a1c187a2 KEYCLOAK-5716 KEYCLOAK-5738 Avoid infinispan deadlock. Ensure code-to-token works correctly in cross-dc 2017-11-07 09:01:59 +01:00
Hynek Mlnarik
fe2f65daac KEYCLOAK-5581 Fix SAML identity broker context serialization 2017-11-03 21:09:18 +01:00
vmuzikar
ef8adc15f4 KEYCLOAK-5720 Fix X.509 tests 2017-11-03 17:09:46 +01:00
Pedro Igor
3716fa44ac [KEYCLOAK-5728] - Permission Claims support 2017-10-27 12:40:30 -02:00
Pavel Drozd
12b2e72162 Merge pull request #4618 from vramik/KEYCLOAK-5244 
KEYCLOAK-5244 fix blacklists.path in tests
 2017-10-26 15:30:14 +02:00
Hynek Mlnařík
248da4687a Merge pull request #4610 from hmlnarik/KEYCLOAK-5745-Extract-client-sessions-from-user-sessions 
KEYCLOAK-5745 Separate user and client sessions in infinispan
 2017-10-26 13:09:06 +02:00
vramik
2b44cb70af KEYCLOAK-5244 fix blacklists.path in tests 2017-10-26 12:28:50 +02:00
Hynek Mlnarik
75c354fd94 KEYCLOAK-5745 Separate user and client sessions in infinispan 2017-10-26 10:39:41 +02:00
Bill Burke
903a4dd849 Merge pull request #4612 from patriot1burke/master 
KEYCLOAK-5273
 2017-10-25 13:54:32 -04:00
Bill Burke
de6eab6d5d fix 2017-10-25 13:00:58 -04:00
Bill Burke
8c1a3253fb KEYCLOAK-5273 2017-10-25 10:31:11 -04:00
Bruno Oliveira da Silva
375e01a074 KEYCLOAK-5278 (#4606) 2017-10-25 15:27:24 +02:00
Bill Burke
50ccb5e5f6 Merge pull request #4591 from abstractj/KEYCLOAK-5717 
KEYCLOAK-5717
 2017-10-24 17:38:28 -04:00
Pedro Igor
1840cc54e4 Merge pull request #4601 from pedroigor/KEYCLOAK-5726 
[KEYCLOAK-5726] - Support define enforcement mode for scopes on the adapter config
 2017-10-24 12:51:52 -02:00
Pedro Igor
80e9b08bb6 [KEYCLOAK-5726] - Tests for scopes-enforcement-mode ALL and ANY 2017-10-24 11:37:41 -02:00
Bruno Oliveira
4d762159ef KEYCLOAK-5717 2017-10-24 10:55:02 -02:00
Hynek Mlnařík
8e0cc2a5ea Merge pull request #4605 from mposolda/master 
KEYCLOAK-5710 Change cache-server to use backups based caches
 2017-10-24 14:40:01 +02:00
Pedro Igor
711aa83d31 [KEYCLOAK-5726] - Fixing web origins on photoz quickstart 2017-10-24 10:39:55 -02:00
Pedro Igor
a6e1413d58 [KEYCLOAK-5726] - Support define enforcement mode for scopes on the adapter configuration 2017-10-24 10:39:54 -02:00
Pavel Drozd
a4ec32ba66 Merge pull request #4602 from vramik/KEYCLOAK-5244 
KEYCLOAK-5244 fix PasswordPolicyTest.testBlacklistPasswordPolicyWithT…
 2017-10-24 14:17:35 +02:00
mposolda
9a19e95b60 KEYCLOAK-5710 Change cache-server to use backups based caches 2017-10-24 11:52:08 +02:00
Pavel Drozd
4010e5e247 Merge pull request #4588 from tkyjovsk/KEYCLOAK-5711 
KEYCLOAK-5711 Adapter test module for Wildfly has compilation error
 2017-10-23 22:27:31 +02:00
Stan Silvert
9083e5fe5c KEYCLOAK-5298: Enable autoescaping in Freemarker (#4561) 
* KEYCLOAK-5298: Enable autoescaping in Freemarker

* Fix several of the failing tests.

* Fix broken tests in integration-deprecated

* Fix last failing test.
 2017-10-23 12:03:00 -04:00
Pavel Drozd
1eb2d894e5 Merge pull request #4593 from vmuzikar/ssl-fix 
KEYCLOAK-5719 fix auth server ssl with base testsuite
 2017-10-23 16:39:22 +02:00
Stian Thorgersen
9b75b603e3 KEYCLOAK-5234 (#4585) 2017-10-23 16:13:22 +02:00
vramik
a3a1761eb7 KEYCLOAK-5244 fix PasswordPolicyTest.testBlacklistPasswordPolicyWithTestBlacklist on Wildfly 2017-10-23 12:11:36 +02:00
Bill Burke
73ba06b26b Merge pull request #4590 from patriot1burke/master 
KEYCLOAK-5698
 2017-10-20 14:58:07 -04:00
Bill Burke
92245e3fc8 fixes 2017-10-20 09:55:37 -04:00
vmuzikar
1dd2a90e20 KEYCLOAK-5719 fix auth server ssl with base testsuite 2017-10-20 14:10:06 +02:00
Tomas Kyjovsky
bd706418c9 KEYCLOAK-5711 Adapter test module for Wildfly has compilation error 2017-10-19 19:41:31 +02:00
Hynek Mlnarik
3248557897 KEYCLOAK-5707 Have travis run cross-dc tests when appropriate 2017-10-19 13:29:26 +02:00
Stian Thorgersen
d9ffc4fa21 KEYCLOAK-5225 (#4577) 
KEYCLOAK-5225 fix test

Fix
 2017-10-19 08:23:16 +02:00
Stian Thorgersen
fea4c54adc KEYCLOAK-5280 (#4576) 2017-10-19 08:02:23 +02:00
Wyvie
988d660083 [KEYCLOAK-3837] added session and account linking spring boot tests (#4564) 2017-10-19 06:29:59 +02:00
Pedro Igor
cedc095a9c [KEYCLOAK-4550] - Test invalid configuration for user policy 2017-10-18 18:42:55 -02:00
Thomas Darimont
3103e0fd0a KEYCLOAK-5244 Add BlacklistPasswordPolicyProvider (#4370) 
* KEYCLOAK-5244 Add BlacklistPasswordPolicyProvider

This introduces a new PasswordPolicy which can refer to
a named predefined password-blacklist to avoid users
choosing too easy to guess passwords.

The BlacklistPasswordPolicyProvider supports built-in as
well as custom blacklists.
built-in blacklists use the form `default/filename`
and custom ones `custom/filename`, where filename
is the name of the found blacklist-filename.

I'd propose to use some of the freely available password blacklists
from the [SecLists](https://github.com/danielmiessler/SecLists/tree/master/Passwords) project.

For testing purposes one can download the password blacklist
```
wget -O 10_million_password_list_top_1000000.txt https://github.com/danielmiessler/SecLists/blob/master/Passwords/10_million_password_list_top_1000000.txt?raw=true
```
to /data/keycloak/blacklists/

Custom password policies can be configured with the SPI
configuration mechanism via jboss-cli:
```
/subsystem=keycloak-server/spi=password-policy:add()
/subsystem=keycloak-server/spi=password-policy/provider=passwordBlacklist:add(enabled=true)
/subsystem=keycloak-server/spi=password-policy/provider=passwordBlacklist:write-attribute(name=properties.blacklistsFolderUri, value=file:///data/keycloak/blacklists/)
```

Password blacklist is stored in a TreeSet.

* KEYCLOAK-5244 Encode PasswordBlacklist as a BloomFilter

We now use a dynamically sized BloomFilter with a
false positive probability of 1% as a backing store
for PasswordBlacklists.

BloomFilter implementation is provided by google-guava
which is available in wildfly.

Password blacklist files are now resolved against
the ${jboss.server.data.dir}/password-blacklists.

This can be overridden via system property, or SPI config.
See JavaDoc of BlacklistPasswordPolicyProviderFactory for details.

Revised implementation to be more extensible, e.g. it could be
possible to use other stores like databases etc.

Moved FileSystem specific methods to FileBasesPasswordBlacklistPolicy.

The PasswordBlacklistProvider uses the guava version 20.0
shipped with wildfly. Unfortunately the arquillian testsuite
transitively depends on guava 23.0 via the selenium-3.5.1
dependency. Hence we need to use version 23.0 for tests but 20.0
for the policy provider to avoid NoClassDefFoundErrors in the
server-dist.

Configure password blacklist folder for tests

* KEYCLOAK-5244 Configure jboss.server.data.dir for test servers

* KEYCLOAK-5244 Translate blacklisted message in base/login
 2017-10-17 20:41:44 +02:00
Hynek Mlnařík
fe76b2428b Merge pull request #4563 from hmlnarik/KEYCLOAK-5656-Transport-factory-should-not-limit-to-a-single-DC-3 
KEYCLOAK-5656 Use standard infinispan remote-store
 2017-10-17 09:39:01 +02:00
Pavel Drozd
83b4279ce1 Merge pull request #4555 from vramik/KEYCLOAK-5673 
KEYCLOAK-5673 add support for testing config from prod 2.5.x
 2017-10-17 07:43:40 +02:00
Pavel Drozd
9c16a58d52 Merge pull request #4554 from vramik/KEYCLOAK-5672 
KEYCLOAK-5672 rewrite server-config-migration module to use offline mode
 2017-10-17 07:42:29 +02:00
vramik
cb2bd0fe1a KEYCLOAK-5672 rewrite server-config-migration module to use offline mode 2017-10-16 22:51:59 +02:00
Hynek Mlnarik
056ba75a72 KEYCLOAK-5656 Use standard infinispan remote-store 2017-10-16 21:49:42 +02:00
Bill Burke
31dccc9a5e Merge pull request #4509 from TeliaSoneraNorge/KEYCLOAK-5032 
KEYCLOAK-5032 Forward request parameters to another IdP
 2017-10-13 18:47:05 -04:00
Bill Burke
c66ce3a209 Merge pull request #4559 from micedre/KEYCLOAK-4052bis 
KEYCLOAK-4052 - add an option to validate Password Policy for ldap user storage
 2017-10-13 18:44:57 -04:00
Bill Burke
46d3ed7832 Merge remote-tracking branch 'upstream/master' 2017-10-13 17:00:57 -04:00
Bill Burke
d9af93850c KEYCLOAK-5683, KEYCLOAK-5684, KEYCLOAK-5682, KEYCLOAK-5612, KEYCLOAK-5611 2017-10-13 16:51:56 -04:00
Cédric Couralet
656fc5d7c0 KEYCLOAK-4052 - add an option to validate Password Policy for ldap user storage 2017-10-13 13:54:50 +02:00
vramik
4700b69158 KEYCLOAK-5673 add support for testing config from prod 2.5.x 2017-10-11 13:21:01 +02:00