Bill Burke
8e65356891
creds
2016-09-22 19:57:39 -04:00
Bill Burke
7209a95dce
credential refactoring
2016-09-22 08:34:45 -04:00
Thomas Darimont
8e113384aa
KEYCLOAK-3491 Revise Scripting Support
...
Refactored the scripting infrastructure and added documentation.
Added tests and an authenticator template in JavaScript for a quickstart.
Increased height of ace code editor to 600px to avoid scrolling.
2016-09-20 14:33:39 +02:00
Martin Hardselius
04d03452bd
KEYCLOAK-3422 support pairwise subject identifier in oidc
2016-09-13 09:18:45 +02:00
mposolda
bf6246f5c1
KEYCLOAK-905 Realm keys rotation support on adapters
2016-09-12 21:24:04 +02:00
Stian Thorgersen
1630b9a20c
Merge pull request #3220 from abstractj/KEYCLOAK-3535
...
KEYCLOAK-3535 - Check if SSSD is available via DBUS
2016-09-09 08:15:11 +02:00
Bill Burke
2a5c778af5
Merge pull request #3209 from patriot1burke/master
...
KEYCLOAK-3440
2016-09-08 09:10:54 -04:00
Stian Thorgersen
36bb94afb8
Environment dependent provider
2016-09-08 07:40:19 -03:00
mposolda
4fd0238ca9
KEYCLOAK-3542 Not possible to enable bruteForceProtection for realm
2016-09-08 12:30:38 +02:00
Stian Thorgersen
f726caea9b
Merge pull request #3205 from stianst/KEYCLOAK-3342
...
KEYCLOAK-3342 Add Identity Provider authenticator
2016-09-08 08:40:32 +02:00
Stian Thorgersen
1f27fc9e4b
Merge pull request #3153 from cargosoft/KEYCLOAK-3327
...
KEYCLOAK-3327 Make realm attributes accessible via the RealmModel
2016-09-08 08:00:14 +02:00
Stian Thorgersen
7c292b1213
KEYCLOAK-3342 Add Identity Provider authenticator
2016-09-08 07:20:35 +02:00
Bill Burke
3b9a6b32e1
Revert "Revert "KEYCLOAK-3440""
...
This reverts commit 01e48dc4b8
.
2016-09-07 23:41:32 -04:00
Bill Burke
01e48dc4b8
Revert "KEYCLOAK-3440"
2016-09-07 23:17:35 -04:00
Bill Burke
3f35234cf5
Merge remote-tracking branch 'upstream/master'
2016-09-07 23:11:38 -04:00
Bill Burke
da135389c7
KEYCLOAK-3440
2016-09-07 23:11:28 -04:00
mposolda
5a015a6518
KEYCLOAK-3494 Input elements backed by user attributes fail to update in themes
2016-09-07 20:08:09 +02:00
Bill Burke
15d31a202f
Merge remote-tracking branch 'upstream/master'
2016-09-06 08:56:17 -04:00
Bill Burke
6714c1a136
cred refactor
2016-09-06 08:55:47 -04:00
mposolda
8c5b1e4892
KEYCLOAK-3525 Validation callback when creating/updating protocolMapper
2016-09-06 07:15:27 +02:00
Stian Thorgersen
f5b4efc080
Merge pull request #3131 from abstractj/removal-changeset
...
Removal of never used classes from the changeset package
2016-09-05 09:35:08 +02:00
mposolda
a24a43c4be
KEYCLOAK-3349 Support for 'request' and 'request_uri' parameters
2016-09-02 20:20:38 +02:00
Stian Thorgersen
1bea93b1e1
KEYCLOAK-3501 Fix NPE in migration of OTP action
2016-08-31 12:05:49 +02:00
mposolda
02f28a7e8e
KEYCLOAK-3416 Add support for signed Userinfo requests
2016-08-30 20:21:04 +02:00
mposolda
494d9973a6
KEYCLOAK-3460 Support for ClientUpdatedEvent
2016-08-23 14:57:31 +02:00
Stian Thorgersen
c522a20ab9
KEYCLOAK-3447 Manual upgrade of database schema
2016-08-22 10:22:08 +02:00
Dimitri Teleguin
b109ce14b0
KEYCLOAK-3327 Make realm attributes accessible via the RealmModel
2016-08-18 23:28:32 +03:00
Pedro Igor
4cd0a8e894
[KEYCLOAK-3377] - Add pagination to authorization UI
2016-08-18 13:29:54 -03:00
Bill Burke
6c44e9befa
Merge remote-tracking branch 'upstream/master'
2016-08-18 11:57:25 -04:00
Bill Burke
8e9cfc4a28
creds
2016-08-18 11:52:00 -04:00
Pedro Igor
a8d2b810cf
[KEYCLOAK-3144] - Add authorization settings when exporting/importing a realm.
2016-08-15 10:35:28 -03:00
mposolda
3eb9134e02
KEYCLOAK-3424 Support for save JWKS in OIDC ClientRegistration endpoint
2016-08-12 15:51:14 +02:00
Pedro Igor
27187c11f1
Merge pull request #3138 from pedroigor/KEYCLOAK-3428
...
[KEYCLOAK-3428] - Removing scope policies in case the resource does not match
2016-08-11 14:59:20 -03:00
Pedro Igor
0030df060b
[KEYCLOAK-3428] - Removing scope policies in case the resource does not match
2016-08-11 14:58:14 -03:00
mposolda
0520d465c1
KEYCLOAK-3414 Support for client registration from trusted hosts
2016-08-11 15:55:32 +02:00
Bruno Oliveira
4d8e19eb7c
Removal of never used classes from the changeset package
2016-08-10 17:28:38 -03:00
Bill Burke
530870f05e
realm components import/export
2016-08-09 15:06:29 -04:00
Bill Burke
ff703f935f
component export/import
2016-08-09 12:25:04 -04:00
Bill Burke
83306963e8
jta transaction abstraction
2016-08-08 12:32:36 -04:00
Thomas Darimont
586f6eeece
KEYCLOAK-3142 - Capture ResourceType that triggers an AdminEvent
...
Introduced new ResourceType enum for AdminEvents which lists
the current supported ResourceTypes for which AdminEvents
can be fired.
Previously it was difficult for custom EventListeners to figure
out which ResourceType triggered an AdminEvent in order
to handle it appropriately, effectively forcing users to parse
the representation.
Having dedicated resource types as a marker on an AdminEvent helps
to ease custom EventListener code.
We now also allow filtering of admin events by ResourceType in the
admin-console.
Signed-off-by: Thomas Darimont <thomas.darimont@gmail.com>
2016-08-04 11:30:02 +02:00
Bill Burke
70722d0d3d
user storage provider jpa example
2016-08-03 19:16:11 -04:00
Bill Burke
09693eb108
component model
2016-08-02 05:48:57 +02:00
mposolda
a5cbe113fd
Migration fix
2016-08-02 05:45:20 +02:00
Dmitry Telegin
fea277a7f5
KEYCLOAK-3369: Fire RealmPostCreateEvent
2016-08-01 01:00:50 +03:00
Pedro Igor
3c8ed8e3d8
[KEYCLOAK-3372] - Code cleanup
2016-07-29 05:18:38 -03:00
Bill Burke
5d9fe09599
Merge pull request #3070 from mstruk/KEYCLOAK-2571
...
KEYCLOAK-2571 RESET_PASSWORD_ERROR and UPDATE_PASSWORD_ERROR events not fired
2016-07-28 07:23:32 -04:00
Bill Burke
2219cd363e
Merge pull request #3079 from patriot1burke/master
...
KEYCLOAK-3268
2016-07-28 07:22:45 -04:00
Pedro Igor
7e1b97888a
[KEYCLOAK-3338] - Adding client roles to role policy and UX improvements
2016-07-27 15:15:14 -03:00
Marko Strukelj
59e0570cdf
KEYCLOAK-2571 RESET_PASSWORD_ERROR and UPDATE_PASSWORD_ERROR events not fired
2016-07-26 21:32:57 +02:00
Bill Burke
69f051fb0a
test user fed registration spi
2016-07-23 08:55:06 -04:00
Bill Burke
06fca9c897
Merge remote-tracking branch 'upstream/master'
2016-07-22 11:42:14 -04:00
Bill Burke
72d134748c
user fed spi querying tests
2016-07-22 11:42:07 -04:00
mposolda
56e011dce4
KEYCLOAK-3318 Adapter support for prompt and max_age. Refactoring to not hardcode OIDC specifics to CookieAuthenticator
2016-07-21 18:19:53 +02:00
Bill Burke
2a05f00d0c
user fed tests
2016-07-20 17:26:00 -04:00
Bill Burke
c709598fdd
user fed spi simple test
2016-07-20 10:59:45 -04:00
Stian Thorgersen
f384c2340e
KEYCLOAK-3266 password policy NotUsername breaks new user registration
2016-07-15 07:34:13 +02:00
Stian Thorgersen
ea44b5888b
KEYCLOAK-2824 Password Policy SPI
2016-07-14 07:20:30 +02:00
mposolda
c10a005997
KEYCLOAK-3290 UserInfoEndpoint error responses don't have correct statuses
2016-07-08 12:15:07 +02:00
Bill Burke
bf2ca4008e
log level info
2016-07-07 12:06:57 -04:00
Bill Burke
0040d3fc3b
Merge remote-tracking branch 'upstream/master'
2016-07-07 10:35:45 -04:00
Bill Burke
7e5a5f79cf
fixes for new user fed spi
2016-07-07 10:35:35 -04:00
Stan Silvert
4628946a55
Automatically migrate required action name.
2016-07-05 15:07:54 -04:00
Stan Silvert
a231c1b31b
RHSSO-296: Required Action "Configure Totp" should be "Configure OTP"
2016-07-05 15:07:52 -04:00
Stian Thorgersen
7cfee80e58
KEYCLOAK-3189 KEYCLOAK-3190 Add kid and typ to JWT header
2016-07-05 08:26:26 +02:00
Stian Thorgersen
450b57c76a
Merge pull request #2984 from stianst/master
...
KEYCLOAK-3172 Add view authorization role to existing realms
2016-07-01 12:41:09 +02:00
Bill Burke
3f1eecc4be
Merge remote-tracking branch 'upstream/master'
2016-06-30 16:47:55 -04:00
Pedro Igor
afa9471c7c
[KEYCLOAK-3128] - Admin Client Authorization Endpoints
2016-06-30 10:26:05 -03:00
Stian Thorgersen
1fe8da67dc
KEYCLOAK-3172 Add view authorization role to existing realms
2016-06-30 08:52:18 +02:00
Bill Burke
a9f6948d74
Merge remote-tracking branch 'upstream/master'
2016-06-29 15:37:32 -04:00
Bill Burke
f51098c50b
user fed refactor
2016-06-29 15:37:22 -04:00
Pedro Igor
8b0bf503c3
[KEYCLOAK-3172] - Migrating older versions with authorization services.
2016-06-29 12:07:49 -03:00
mposolda
5c731b4d14
KEYCLOAK-3149 DB update triggered before DBLock is retrieved
2016-06-21 17:14:25 +02:00
Erik Mulder
f4ead484de
KEYCLOAK-2474 Possibility to add custom SPI and extend the data model
2016-06-20 10:56:33 +02:00
Stian Thorgersen
3c0f7e2ee2
Merge pull request #2617 from pedroigor/KEYCLOAK-2753
...
[KEYCLOAK-2753] - Fine-grained Authorization Services
2016-06-17 13:40:15 +02:00
Pedro Igor
086c29112a
[KEYCLOAK-2753] - Fine-grained Authorization Services
2016-06-17 02:07:34 -03:00
Stian Thorgersen
e538394e60
KEYCLOAK-3091 Change brute force to use userId
2016-06-13 15:30:13 +02:00
Bill Burke
4c9a0b45d4
Merge pull request #2229 from thomasdarimont/issue/KEYCLOAK-2489-script-based-authenticator-definitions
...
KEYCLOAK-2489 - Add support for Script-based AuthenticationExecution definitions.
2016-06-05 11:12:05 -04:00
Thomas Darimont
4bc64350b2
KEYCLOAK-3021: Add Realm Display Name to the label part of the otpauth URI.
...
Due to the removal of the realm-displayname as a result of changes made for KEYCLOAK-2410
the otpauth URI no longer included the realm display name as a hint for the user to which system an
authenticator belongs to.
We now ensure that the realm display name is again part of the label component of the otpauth URI.
This enables a user to better distinguish between user accounts for different systems.
2016-05-20 13:59:19 +02:00
Thomas Darimont
c8d47926b8
KEYCLOAK-2489 - Add support for Script-based AuthenticationExecution definitions.
...
This is a POC for script based authenticator support.
Introduced a ScriptBasedAuthenticator that is bootstraped via a
ScriptBasedAuthenticatorFactory can be execute a configured script
against a provided execution context.
Added an alias property to the AuthFlowExecutionRepresentation in order
to be able to differentiate multiple instances of an Authenticator
within the same AuthFlow.
For convenience editing the AngularJS bindings for the ACE editor were
added for fancy script editing - this needs to be cut down a bit wrt to
themes and supported scripts - e.g. we probably don't expect users to write
authenticator scripts in Cobol...
Removed currently not needed ACE sytax highlighting and themes.
Scripting is now available to all keycloak components that have access to the KeycloakSession.
Introduced new Scripting SPI for configurable scripting providers.
2016-04-27 14:37:13 +02:00
mposolda
afc8179cf8
KEYCLOAK-2846 export/import of clientTemplate scopes
2016-04-20 13:30:01 +02:00
mposolda
32d7464e52
KEYCLOAK-2819 Fix realm security header setup after migration
2016-04-14 10:43:48 +02:00
Bill Burke
8f7f9e0b9c
KEYCLOAK-2790
2016-04-12 18:25:23 -04:00
Stian Thorgersen
1c2eafeb80
KEYCLOAK-2807 Fix server info providers page
2016-04-12 15:38:52 +02:00
Stian Thorgersen
01beff741d
KEYCLOAK-2766 Add missing id to AuthenticatorConfigRepresentation
2016-04-11 07:42:55 +02:00
mposolda
90fc721315
KEYCLOAK-2614 Refactor database lock to use 'SELECT FOR UPDATE' pessimistic locking
2016-04-08 12:20:54 +02:00
Stian Thorgersen
8de8446cb5
Merge pull request #2520 from stianst/KEYCLOAK-2756
...
KEYCLOAK-2756
2016-04-06 19:25:53 +02:00
Stian Thorgersen
6ccf3549ad
KEYCLOAK-2756
...
Renaming a realm breaks down the Clients
2016-04-06 15:18:49 +02:00
mposolda
72371e5d76
KEYCLOAK-1982 Some builtin objects might be missing when import JSON exported from old versions
2016-04-06 11:43:58 +02:00
Stian Thorgersen
0c829cd605
KEYCLOAK-2262 Refactor realm resource provider, remove admin resource provider and added example
2016-04-06 10:24:30 +02:00
Pedro Igor
e876a3c988
[KEYCLOAK-2262] - New SPIs to extend both Realm and Admin RESTful APIs
2016-04-06 09:43:24 +02:00
Stian Thorgersen
134c9b11c0
KEYCLOAK-2608
...
Timestamp resolution of 1s for Event.time is inappropriate for use with tests
2016-04-04 08:30:01 +02:00
Bill Burke
4d5ae5dd68
KEYCLOAK-2512
2016-04-01 14:50:26 -04:00
mposolda
36bc97e3cd
KEYCLOAK-2661 Broken migration from Keycloak 1.5 with Mongo 3
2016-03-31 22:30:41 +02:00
Bill Burke
12bf4b498e
KEYCLOAK-2691
2016-03-30 15:07:24 -04:00
mposolda
c9545e16f7
KEYCLOAK-2713 Fix error at startup
2016-03-24 15:30:53 +01:00
Thomas Darimont
fa8af64098
KEYCLOAK-2686 - Fix failing migration from 1.9.1 to 1.9.2.
...
Since the `Map` returned by `realm.getBrowserSecurityHeaders()` is unmodifiable
we need to add the new header setting to a copy of the map which we then set
on the realm.
2016-03-21 09:52:25 +01:00
mposolda
2d188068c4
KEYCLOAK-2644 Delete user with a READ_ONLY LDAP federation provider just from Keycloak DB
2016-03-14 09:39:14 +01:00
mposolda
85ccd64e01
KEYCLOAK-2643 Added write-only property to LDAP full-name attribute mapper
2016-03-11 22:32:55 +01:00
mposolda
73c3534e7a
KEYCLOAK-2629 LDAP Federation provider - input fields validation
2016-03-11 22:32:45 +01:00
Stian Thorgersen
7342261dbe
KEYCLOAK-2593 Character set missing from responses and no content sniffing defense in place
2016-03-11 15:31:15 +01:00
Bill Burke
82ad26189f
refactor user cache
2016-03-10 13:01:21 -05:00
mposolda
0708bceea7
KEYCLOAK-2582 Wrong message after synchronization (removing user from ldap)
2016-03-10 13:01:01 -05:00
mposolda
6d0e5d6ad1
KEYCLOAK-2529 Concurrent startup by more cluster nodes at the same time. Added DBLockProvider
2016-03-10 13:00:51 -05:00
Bill Burke
4be6dc2f0c
cleanup cache
2016-03-04 10:30:48 -05:00
mposolda
a258dd51ee
KEYCLOAK-2523 Fix concurrency tests with all databases by track transaction startup revision
2016-03-03 11:21:26 +01:00
Stian Thorgersen
370b86141c
KEYCLOAK-2557
...
Cannot login with email if another user is using this email as username
2016-03-02 08:08:48 +01:00
mposolda
0768bcc452
KEYCLOAK-2542 User can't set password for account created over social login if UserFedarationProvider used
2016-03-01 10:13:21 +01:00
Stian Thorgersen
ccfae82b77
KEYCLOAK-1040
...
Allow import of realm keys (like we do for SAML)
2016-02-29 09:35:08 +01:00
mposolda
e7a5b88b2d
KEYCLOAK-2561 Fix issues with blank password
2016-02-26 18:14:37 +01:00
Bill Burke
17ea3fca0b
Merge remote-tracking branch 'upstream/master'
2016-02-24 17:21:25 -05:00
Bill Burke
f10f00ba71
group list caching
2016-02-24 17:21:11 -05:00
Stian Thorgersen
ab96114ef8
KEYCLOAK-2539
...
Migration fails if DisplayNameHtml is null for master realm
2016-02-24 06:59:32 +01:00
Bill Burke
9488787986
Merge remote-tracking branch 'upstream/master'
2016-02-23 14:36:30 -05:00
Stian Thorgersen
af26b5b610
KEYCLOAK-2530
...
Missing IP address in Login Events
2016-02-23 14:33:30 +01:00
Bill Burke
599faa454b
Merge remote-tracking branch 'upstream/master'
2016-02-22 17:17:01 -05:00
Bill Burke
4dcdaf4985
role cached queries
2016-02-22 17:16:35 -05:00
Bill Burke
2e64d01251
reorg caching
2016-02-19 16:38:31 -05:00
Bill Burke
c45524d8d4
caching
2016-02-19 15:44:19 -05:00
mposolda
daca6d7062
KEYCLOAK-2505 Keystore configuration is not honored for LDAP over SSL connections
2016-02-19 18:02:39 +01:00
mposolda
a441be57ed
KEYCLOAK-2508 Possible NullPointerException during bigger load when removing UserSession
2016-02-19 11:49:30 +01:00
Stian Thorgersen
d386920b58
KEYCLOAK-2484
...
Update to new logo
2016-02-18 16:47:26 +01:00
Bill Burke
acf2d662c2
remove RealmModel.getClientNameMap()
2016-02-17 16:09:25 -05:00
Bill Burke
20348e5d0b
remove RealmModel.getClientNameMap()
2016-02-17 16:05:25 -05:00
Bill Burke
3143a2e500
unmodifiable complete
2016-02-17 15:43:03 -05:00
Bill Burke
d731189236
Merge remote-tracking branch 'upstream/master'
2016-02-17 14:57:38 -05:00
mposolda
e237bcd383
KEYCLOAK-2412 wildfly configs and polishing
2016-02-17 13:10:51 +01:00
mposolda
1328531f31
KEYCLOAK-2412 Added ClusterProvider. Avoid concurrent federation sync execution by more cluster nodes at the same time.
...
Clustering - more progress
2016-02-17 11:02:42 +01:00
mposolda
61f2baf65e
KEYCLOAK-2412 Test for concurrent federation sync in cluster
2016-02-17 11:02:42 +01:00
Bill Burke
c9cc189602
make RealmModel unmodifiable collections
2016-02-12 16:28:07 -05:00
Bill Burke
24da8288eb
Merge remote-tracking branch 'upstream/master'
2016-02-12 11:38:36 -05:00
Bill Burke
4ff1848681
javadoc
2016-02-12 11:38:12 -05:00
mposolda
969b8c153f
KEYCLOAK-1989 Refreshing offline tokens didn't work correctly in cluster with revokeRefreshToken enabled
2016-02-12 12:54:47 +01:00
Bill Burke
860a104828
stress testing
2016-02-12 00:30:36 -05:00
Bill Burke
67ce3fdbd2
Merge pull request #2215 from patriot1burke/master
...
concurrency, some JPA cleanup too
2016-02-11 09:41:37 -05:00
Marko Strukelj
dadb470609
KEYCLOAK-1967 Add support for authentication flows into admin-rest-client
2016-02-11 12:18:01 +01:00
Bill Burke
45e5cfac99
concurrency 2
2016-02-09 21:10:30 -05:00
Bill Burke
347cdcbb28
concurrency
2016-02-09 12:25:48 -05:00
Bill Burke
ffc0e4f005
hashcode/equals on all entities/adapters
2016-02-08 12:20:14 -05:00
Stan Silvert
e89f511465
KEYCLOAK-1976: Add support for events into admin-rest-client. Also,
...
arquillian tests for events.
2016-02-05 18:45:25 -05:00
Stian Thorgersen
2974034974
KEYCLOAK-2435
...
Feedback on login screen not showing correctly
2016-02-03 13:41:31 +01:00
Stian Thorgersen
c7a8742a36
KEYCLOAK-1524
...
Source code headers
2016-02-03 11:20:22 +01:00
mposolda
db76655717
KEYCLOAK-2431 Ensure users removed through UserManager to properly invoke callbacks. Make UserSessionPersister implementations more resistent when user was not properly removed
2016-02-03 10:16:39 +01:00
Stian Thorgersen
26897ea46d
KEYCLOAK-2299
...
createdDate of credential is not exported
2016-02-03 09:49:10 +01:00
mposolda
732256eceb
KEYCLOAK-2235 Fix transaction leaks
2016-02-01 18:21:27 +01:00
mposolda
f2082d5e24
Fix testsuite with Sybase
2016-01-29 13:30:44 +01:00
Marek Posolda
a7619f90e2
Merge pull request #2128 from georgekankava/staging/long-suffix-L-should-be-upper-case-fix-1
...
squid:LowerCaseLongSuffixCheck - Long suffix "L" should be upper case
2016-01-29 13:20:42 +01:00
Stian Thorgersen
9bd04b18a8
KEYCLOAK-2410
...
TOTP shows both realm name and display name
2016-01-29 11:01:49 +01:00
George Kankava
e937dda556
squid:LowerCaseLongSuffixCheck - Long suffix "L" should be upper case
2016-01-28 19:06:41 +04:00
Bill Burke
25347cd45e
browser back button
2016-01-27 22:14:28 -05:00
Bill Burke
66e1ee79d0
KEYCLOAK-2349
2016-01-26 15:45:40 -05:00
Bill Burke
efd8317259
final re-org work
2016-01-20 17:26:26 -05:00
Bill Burke
ad33d3c0d8
infinispan reorg
2016-01-20 14:52:04 -05:00
Bill Burke
4ed1eb66ee
truststore httpclient
2016-01-19 17:29:16 -05:00
Bill Burke
46634b386e
reorg freemarker
2016-01-19 11:33:59 -05:00
Stian Thorgersen
904ed65a5c
KEYCLOAK-2319
...
Cannot login to admin console after upgrade 1.6 -> 1.8.CR1
2016-01-18 12:34:18 +01:00
Bill Burke
b0054b7682
email, login, account
2016-01-16 09:38:24 -05:00
Bill Burke
b403c9b934
broker and social
2016-01-16 09:15:17 -05:00
Bill Burke
d1a43d6318
fixes
2016-01-15 20:08:17 -05:00
Bill Burke
007e9530ec
brute force refactr, mv protocol
2016-01-15 19:25:28 -05:00
Bill Burke
5017d71383
exportimport and timer and events
2016-01-15 19:07:17 -05:00
Bill Burke
b93d55cb63
remove model-api, add server-spi
2016-01-15 18:44:17 -05:00