Commit graph

660 commits

Author SHA1 Message Date
Pedro Igor
517413d38e [KEYCLOAK-3129] - Add authorization services endpoints to PermissionsTest 2016-09-06 17:32:37 -03:00
mposolda
0520d465c1 KEYCLOAK-3414 Support for client registration from trusted hosts 2016-08-11 15:55:32 +02:00
mposolda
a8fb988e31 KEYCLOAK-3406 OIDC dynamic client registrations specs fixes 2016-08-11 15:54:51 +02:00
mposolda
d52e043322 Set version to 2.2.0-SNAPSHOT 2016-08-10 08:57:18 +02:00
Bill Burke
530870f05e realm components import/export 2016-08-09 15:06:29 -04:00
Bill Burke
b224917fc5 bump version 2016-06-30 17:17:53 -04:00
Pedro Igor
afa9471c7c [KEYCLOAK-3128] - Admin Client Authorization Endpoints 2016-06-30 10:26:05 -03:00
Stian Thorgersen
e538394e60 KEYCLOAK-3091 Change brute force to use userId 2016-06-13 15:30:13 +02:00
Marko Strukelj
ec258c6515 KEYCLOAK-2879 UserResource 2016-06-02 15:23:18 +02:00
Marko Strukelj
ebc184bf94 KEYCLOAK-2863 ClientAttributeCertificateResource 2016-05-11 15:22:39 +02:00
Stian Thorgersen
d43b230b93 KEYCLOAK-2880 Refactor PermissionTest to not require Java8 2016-05-09 07:25:03 +02:00
mposolda
bea2678e85 KEYCLOAK-2862 AuthenticationManagementResource tests 2016-05-06 20:19:58 +02:00
Stian Thorgersen
0ca117b8e9 KEYCLOAK-2865 Extend coverage of client admin endpoints 2016-05-06 08:08:52 +02:00
Marko Strukelj
f337085ed0 KEYCLOAK-2869 IdentityProvidersResource/IdentityProviderResource 2016-05-05 17:04:45 +02:00
Stian Thorgersen
2355db57da KEYCLOAK-2880 Permissions tests for admin endpoints 2016-05-04 08:25:05 +02:00
Stian Thorgersen
95724e36f3 KEYCLOAK-2871 Extend coverage on RealmAdminResource 2016-04-27 10:29:24 +02:00
mposolda
e0aedfb93d KEYCLOAK-2878 UserFederation mapper testing 2016-04-22 14:03:42 +02:00
mposolda
afcdce6b71 Simplified calling of AuthenticationManagementResource.getExecutions() 2016-04-21 23:11:25 +02:00
mposolda
f6a718f10a KEYCLOAK-2878 Testing of UserFederation admin REST endpoints 2016-04-21 23:11:14 +02:00
Stian Thorgersen
34d5e85316 KEYCLOAK-2873 / KEYCLOAK-2875 Test RoleContainerResource 2016-04-21 10:58:46 +02:00
Stian Thorgersen
4f5b71d81a KEYCLOAK-2872 Test RoleByIdResource 2016-04-21 07:09:25 +02:00
Stian Thorgersen
86dfcecef6 KEYCLOAK-2861 Test AttackDetectionResource 2016-04-20 16:21:57 +02:00
Stian Thorgersen
f64ffcbefe KEYCLOAK-2818
Fix poms not updated by versions plugin
2016-04-14 08:16:07 +02:00
mposolda
3c3bbdbbdb KEYCLOAK-2809 NPE when removing role, which is in scope of some ClientTemplate 2016-04-13 11:49:29 +02:00
mposolda
e4f75409c9 KEYCLOAK-2802 NPE during identity broker cancelled from account mgmt 2016-04-11 23:31:24 +02:00
mposolda
98ad9b7e7c KEYCLOAK-2801 Redirected to login theme error page after failed social linking from account management 2016-04-11 23:30:18 +02:00
Guus der Kinderen
38670df49a
KEYCLOAK-2785: Admin client should be able to delete a user.
The delete user service should be exposed in the admin client.
2016-04-08 16:34:46 +02:00
Konstantin Gribov
974c5615af Revert accidentally removed ResteasyClient configuration in admin
Fixes accidentally removed in PR #2449 ResteasyClient pool size parameter in
`org.keycloak.admin.client.Keycloak`.
2016-04-07 20:24:57 +03:00
Stian Thorgersen
e8932bbea0 Merge pull request #2449 from grossws/KEYCLOAK-2236
KEYCLOAK-2236 add service account support to keycloak-admin-client
2016-04-07 15:45:10 +02:00
Konstantin Gribov
96424536a7 Add service account support to Keycloak admin client
Added grant_type=client_credentials support to keycloak-admin-client
so `keycloak-admin-client` can be used with service client account.

Fixes #KEYCLOAK-2236
2016-04-07 15:24:07 +03:00
Guus der Kinderen
be578684b9
KEYCLOAK-2767: Should return a primitive if possible.
A JSON primitive is valid JSON. There is no need to construct a JSON object
just for the sake of being JSON complient. This keeps things nice and simple.
2016-04-07 13:19:29 +02:00
Stian Thorgersen
6dc1194247 Merge pull request #2508 from guusdk/KEYCLOAK-2731
KEYCLOAK-2731: Improve thread safety of TokenManager
2016-04-07 07:36:22 +02:00
Stian Thorgersen
a7c956bf10 Merge pull request #2505 from guusdk/KEYCLOAK-2746
KEYCLOAK-2746: By default, allow for concurrent usage
2016-04-07 07:35:39 +02:00
Stian Thorgersen
0907feb508 Merge pull request #2446 from guusdk/KEYCLOAK-2726
KEYCLOAK-2726: Invalidate token upon failure
2016-04-07 07:24:03 +02:00
Stian Thorgersen
30e2709bd0 Merge pull request #2443 from guusdk/KEYCLOAK-2721
KEYCLOAK-2721: Do not recreate TokenService proxy
2016-04-07 07:20:46 +02:00
Guus der Kinderen
804dd13abd KEYCLOAK-2731: Improve thread safety of TokenManager
This commit guards access to the non-final fields of TokenManager by its intrinsic lock.
2016-04-05 15:01:37 +02:00
Guus der Kinderen
120b880427 KEYCLOAK-2746: By default, allow for concurrent usage
The nature of Keycloak makes it very plausible that it is used in
a concurrent setting. With that in mind, it would make sense to,
by default, allow for more than one concurrent Resteasy connection
in the admin client code.
2016-04-05 11:34:02 +02:00
Stian Thorgersen
48551d362a KEYCLOAK-2704
User count missing in REST admin endpoint
2016-04-05 07:48:20 +02:00
Bill Burke
545fb8b849 KEYCLOAK-2716 2016-03-30 18:15:11 -04:00
Guus der Kinderen
ad7a6c4854 KEYCLOAK-2726: Invalidate token upon failure
When a token managed by TokenManager is known to be invalid, it should no
longer be used. This commit adds a response listener to the only filter
using TokenManager, which causes, upon authentication failure, to
invalidate the token that was used.
2016-03-30 15:33:58 +02:00
Guus der Kinderen
89158c9dcf KEYCLOAK-2721: Do not recreate TokenService proxy
By re-using the service proxy, classloading issues can be prevented.
2016-03-29 11:11:35 +02:00
Stian Thorgersen
28fe13a800 Next is 2.0.0.CR1 2016-03-10 08:13:00 +01:00
Stian Thorgersen
d722e53108 Next is 1.9.2.Final 2016-03-10 07:28:27 +01:00
Stian Thorgersen
56c3d53a24 Merge pull request #2324 from ssilvert/client-tests
KEYCLOAK-2535: ClientResource endpoint tests
2016-03-07 06:13:55 +01:00
Bruno Oliveira
4a027d97b0 Client registration won't compile without these changes 2016-03-04 12:46:57 -03:00
Stan Silvert
2c79456e72 KEYCLOAK-2535: ClientResource endpoint tests 2016-03-04 07:41:24 -05:00
Stian Thorgersen
24328fdc47 KEYCLOAK-2555 ForbiddenException when importing test realm or creating test user 2016-02-29 10:09:06 +01:00
Stan Silvert
3383b044b2 KEYCLOAK-2316: Sync admin client with endpoints for Client. First commit. 2016-02-23 13:29:12 -05:00
Stian Thorgersen
a1d9753ec2 Next is 1.9.1.Final-SNAPSHOT 2016-02-23 08:48:26 +01:00
Stian Thorgersen
4fd97091ff Version bump to 2.0.0.CR1-SNAPSHOT 2016-02-22 11:36:56 +01:00
Stian Thorgersen
7841c5f07b Merge pull request #2232 from abstractj/cli-registration-parent
Fixes the parent for Keycloak client registration cli module
2016-02-17 07:45:15 +00:00
Bruno Oliveira
f3752f804f Fixes the parent for Keycloak client registration cli module 2016-02-16 15:33:49 -02:00
Stan Silvert
17e09a557b Fix conflict. 2016-02-11 15:38:58 -05:00
Stan Silvert
dd9cf3be39 KEYCLOAK-2481: Create admin client endpoint for partial endpoint + tests 2016-02-11 15:26:52 -05:00
Marko Strukelj
dadb470609 KEYCLOAK-1967 Add support for authentication flows into admin-rest-client 2016-02-11 12:18:01 +01:00
Stian Thorgersen
77912b2117 KEYCLOAK-2475
Move client registration endpoints
2016-02-10 14:23:04 +01:00
Stan Silvert
e89f511465 KEYCLOAK-1976: Add support for events into admin-rest-client. Also,
arquillian tests for events.
2016-02-05 18:45:25 -05:00
Stian Thorgersen
579ab56a5a Bump version to 1.9.0.Final-SNAPSHOT 2016-02-04 15:55:11 +01:00
Stian Thorgersen
c7a8742a36 KEYCLOAK-1524
Source code headers
2016-02-03 11:20:22 +01:00
Stian Thorgersen
59c7cfcc97 KEYCLOAK-2312 Move client-registration libs into integration 2016-01-21 09:06:23 +01:00
Bill Burke
d9487a8745 social broker reorg 2016-01-20 16:46:38 -05:00
Stian Thorgersen
73db7a0ea9 KEYCLOAK-2323 Revert changes 2016-01-20 14:34:59 +01:00
Stian Thorgersen
ded919c0a6 Merge pull request #2033 from ahus1/ahus1_location_fragment_lost_on_logout
Handle URL fragments when redirect from logout / KEYCLOAK-2323
2016-01-18 09:52:37 +01:00
Stian Thorgersen
504218470b Merge pull request #2032 from ahus1/ahus1_timeskew_for_init
set timeSkew when passing tokens to init()
2016-01-15 16:38:38 +01:00
Alexander Schwartz
b7ac2548f1 Handle URL fragments when redirect from logout / KEYCLOAK-2323 2016-01-14 23:06:16 +01:00
Alexander Schwartz
9b8c80e83f set timeSkew when passing tokens to init(), also allow timeSkew to be passed as a parameter / KEYCLOAK-2322 2016-01-14 22:37:29 +01:00
Stian Thorgersen
435980d776 KEYCLOAK-1809
Upgrade jackson to version 2.x
2016-01-14 16:34:30 +01:00
Stian Thorgersen
ddb41e2c58 Merge pull request #2017 from mposolda/master
KEYCLOAK-2270 Use sub instead of iss for clientId in JWTClientAuthent…
2016-01-13 11:10:09 +01:00
mposolda
4642876323 KEYCLOAK-2270 Use sub instead of iss for clientId in JWTClientAuthenticator 2016-01-13 10:12:20 +01:00
Stian Thorgersen
0193c696ab Version bump 2016-01-13 09:20:38 +01:00
Bill Burke
f7ac5fae2a Merge pull request #1945 from raehalme/KEYCLOAK-1579
KEYCLOAK-1579: Replaced AdapterDeploymentContextBean with AdapterDeploymentContextFactoryBean
2016-01-04 17:15:25 -05:00
Bill Burke
d939b6a431 template scope 2015-12-18 17:15:27 -05:00
Thomas Raehalme
566a58b5d8 Replaced AdapterDeploymentContextBean with AdapterDeploymentContextFactoryBean and added support for KeycloakConfigResolver. 2015-12-15 11:53:10 +02:00
Bill Burke
96e1813b34 client templates backend 2015-12-11 10:31:42 -05:00
Stian Thorgersen
34c3ffaae1 Ported AdminApiTest to use admin client 2015-12-03 08:24:23 +01:00
Stian Thorgersen
ff806eae08 Version bump 2015-12-01 19:54:28 +01:00
Stian Thorgersen
2c5510284d Merge pull request #1891 from mstruk/wildfly-modules-rename
KEYCLOAK-2099 WildFly 10 adapter subsystem
2015-11-30 09:48:15 +01:00
mposolda
57b60797ce KEYCLOAK-1129 Implicit flow: more work 2015-11-28 00:15:41 +01:00
mposolda
ef80b64d1c KEYCLOAK-1129 Implicit flow and Hybrid flow support 2015-11-27 22:28:38 +01:00
Marko Strukelj
373fc23fc0 KEYCLOAK-2099 WildFly 10 adapter subsystem 2015-11-27 20:46:20 +01:00
Stian Thorgersen
c83e3bd2d1 KEYCLOAK-2106 HTTP 500 for unparsable refresh tokens 2015-11-27 08:59:23 +01:00
Bill Burke
d6e2bccb16 Merge pull request #1840 from velias/KEYCLOAK-2075
KEYCLOAK-2075 KEYCLOAK-2107 - support for SAML IsPassive mode
2015-11-25 10:35:00 -05:00
Bill Burke
0c8f3f734d Merge pull request #1855 from Smartling/KEYCLOAK-1391
KEYCLOAK-1391: Return an HTTP 401 for API requests
2015-11-25 08:57:05 -05:00
Vlastimil Elias
e3060e5e58 rebased to latest master 2015-11-25 13:46:29 +01:00
Vlastimil Elias
18fa03bf97 KEYCLOAK-2107 - support IsPassive mode in SAML SP adapter library
KEYCLOAK-2075 - added integration tests for both server and adapter side
2015-11-25 08:39:55 +01:00
Stian Thorgersen
3685a185d4 Merge pull request #1859 from stianst/reset-pass
KEYCLOAK-1758 add-user script
2015-11-25 06:56:35 +01:00
Bill Burke
ff63c5552a sendError() handling' 2015-11-24 16:48:24 -05:00
Stian Thorgersen
cfc28b861b KEYCLOAK-1758 add-user script 2015-11-24 21:54:58 +01:00
Scott Rossillo
f1c3295cec KEYCLOAK-1391: Return an HTTP 401 for API requests
Non browser HTTP requests shouldn't redirect to the Keycloak login
page. Instead, return an HTTP 401 with a proper WWW-Authenticate
header.
2015-11-23 10:46:14 -05:00
Bill Burke
ac1baa059f Merge pull request #1797 from raehalme/KEYCLOAK-2041
KEYCLOAK-2041 Use sendError instead of setStatus to report errors
2015-11-20 11:50:37 -05:00
Bill Burke
98958a2bc4 default groups 2015-11-18 19:40:30 -05:00
Bill Burke
6989589e72 Merge remote-tracking branch 'upstream/master' 2015-11-18 15:24:45 -05:00
Bill Burke
41331111da resolve conflicts 2015-11-18 09:39:19 -05:00
Bill Burke
bff334d365 group token/assertion and tests 2015-11-18 09:36:47 -05:00
Stian Thorgersen
764c20d748 KEYCLOAK-2085 Initial access tokens for client registration 2015-11-18 10:33:24 +01:00
Stian Thorgersen
1df741a307 Merge pull request #1826 from lkubik/changeAllJettyToProvided
KEYCLOAK-2081
2015-11-16 20:23:31 +01:00
Lukas Kubik
13a52c1bb2 KEYCLOAK-2081
Change scope of jetty dependencies to provided
2015-11-13 15:43:11 +01:00
Thomas Darimont
c4416a25e0 KEYCLOAK-2068 - Fix Potential NPE when using Servlet-Filter Adapter.
When using the `org.keycloak.adapters.servlet.KeycloakOIDCFilter` a `NullPointerException`
can be thrown in the `org.keycloak.adapters.servlet.FilterSessionStore` within the `getParam`
method of the generated wrapper in `buildWrapper` when the `content-type` is not set.
Since the `content-type` is only used to parse the body. We just check whether the `body`
is `null` and if so avoid touching the `content-type` which prevents the NPE.

If the `body` is null we return an empty `MultivaluedHashMap` for the parameters.
2015-11-13 00:14:34 +01:00
Bruno Oliveira
9203971809 KEYCLOAK-2064: Update pax-web to make use of SecureRandom 2015-11-12 09:46:45 -02:00
Stian Thorgersen
64baa28301 Merge pull request #1810 from lkubik/updateJettyScope
Change scope of jetty dependencies in jetty-adapter-spi
2015-11-12 09:23:44 +01:00