Commit graph

15319 commits

Author SHA1 Message Date
Stefan Guilhen
eb631bf63b [KEYCLOAK-8730] Ensure role mappers don't remove roles already granted by another mapper when updating a brokered user 2021-05-26 17:21:54 +02:00
mposolda
9b76b07144 KEYCLOAK-18284 WARNING in the log when login to public clients 2021-05-26 14:38:14 +02:00
Michal Hajas
5c71c3d97f
KEYCLOAK-17764 Remove all clients querying fallback (#8077) 2021-05-26 13:18:58 +02:00
Martin Kanis
1ab0d585a9
KEYCLOAK-11019 Initial support for lazy offline user-session loading
Co-authored-by: Thomas Darimont <thomas.darimont@googlemail.com>
Co-authored-by: Thomas Darimont <thomas.darimont@gmail.com>
2021-05-26 09:54:28 +02:00
Martin Bartoš
77fe3e9bed KEYCLOAK-18054 EAP6Fuse6HawtioAdapterTest fails due to wrong port without TLS 2021-05-26 08:58:03 +02:00
stianst
962047e7ea KEYCLOAK-17750 Check admin has view/query access first before listing clients 2021-05-25 16:14:35 +02:00
Pedro Igor
b7e5db6534 [KEYCLOAK-18007] - Configure resolved paths with the method config from configuration 2021-05-25 09:48:30 -03:00
Pedro Igor
a3a88d7d3c [KEYCLOAK-17864] - Improving themes support 2021-05-25 09:47:43 -03:00
Luca Leonardo Scorcia
478319348b KEYCLOAK-16450 X509 Direct Grant Auth does not verify certificate timestamp validity 2021-05-25 10:32:17 +02:00
Michal Hajas
4b2c20c871 KEYCLOAK-17765 Remove doubled synchronization of UserPolicies on UserRemovedEvent 2021-05-25 10:31:05 +02:00
Takashi Norimatsu
6e7898039b KEYCLOAK-18139 SecureResponseTypeExecutor: polishing for FAPI 1 final 2021-05-25 08:32:43 +02:00
mposolda
d4374f37ae KEYCLOAK-18258 Not possible to login with public client, which was confidential with custom client authenticator set 2021-05-24 13:17:14 +02:00
Lukas Hanusovsky
afb8da7ff0 KEYCLOAK-18056 exclude test for remote testsuite. 2021-05-24 11:27:44 +02:00
mposolda
2817cb4a19 KEYCLOAK-17683 Use dedicated tmp directory even in unit tests 2021-05-24 10:07:26 +02:00
Yoshiyuki Tabata
4c49d595cb Fix HOW-TO-RUN.md 2021-05-24 09:28:38 +02:00
Takashi Norimatsu
6532baa9a7 KEYCLOAK-18127 Option for skip return user's claims in the ID Token for hybrid flow 2021-05-24 08:02:34 +02:00
Václav Muzikář
5d578f0c90 KEYCLOAK-17905 Quarkus: ClientPoliciesImportExportTest.testSingleFileRealmExportImport failed in GHA 2021-05-21 08:27:36 +02:00
Michito Okai
cc2d6f0741 KEYCLOAK-18235 Display of options about device grant when selecting
"public" as the access type
2021-05-21 08:24:27 +02:00
Vlastimil Elias
4ad1687f2b [KEYCLOAK-17399] UserProfile SPI - Validation SPI integration 2021-05-20 15:26:17 -03:00
Václav Muzikář
7c2341f1ed KEYCLOAK-18041 Client Policy UI Improvements: Action column for built-in profile 2021-05-20 16:38:26 +02:00
Pedro Igor
9ebbc7673c [KEYCLOAK-18111] - Error when processing path without associated resource 2021-05-20 11:15:11 -03:00
Thomas Darimont
c49dbd66fa KEYCLOAK-15437 Ensure at_hash is generated for IDTokens on token-refresh 2021-05-20 16:05:11 +02:00
Hynek Mlnarik
860fc4c06c KEYCLOAK-17756 KEYCLOAK-17757 Optimize IdP-first lookup 2021-05-20 14:44:55 +02:00
Pedro Igor
a0f8d2bc0e [KEYCLOAK-17399] - Review User Profile SPI
Co-Authored-By: Vlastimil Elias <vlastimil.elias@worldonline.cz>
2021-05-20 08:44:24 -03:00
vramik
1c283cdebc KEYCLOAK-14301 OTP secrets migrated incorrectly 2021-05-20 13:19:27 +02:00
rmartinc
b97f177f26 [KEYCLOAK-14696] Unable to fetch list of members from a group through keycloak admin console. 2021-05-20 11:32:23 +02:00
Michal Hajas
3bb5bff8e0 KEYCLOAK-17495 Do not include principal in the reference to broker sessionId 2021-05-20 11:32:11 +02:00
vramik
3913526934 KEYCLOAK-18031 Update to 13.0.0 fails due to liquibase error 2021-05-20 11:29:02 +02:00
Václav Muzikář
d0f01740be KEYCLOAK-18043 Client Policy UI Improvements: Navigation 2021-05-20 07:54:53 +02:00
Vlastimil Eliáš
0913a22c30
KEYCLOAK-2045 Simple Validation SPI for UserProfile SPI (#8053)
* KEYCLOAK-2045 Simple Validation API

Co-authored-by: Thomas Darimont <thomas.darimont@googlemail.com>
2021-05-19 13:57:34 -03:00
mhajas
e609949264 KEYCLOAK-17267 Add index to user attribute name and value to support user sync from ldap 2021-05-19 13:38:11 +02:00
mposolda
d3e9e21abd KEYCLOAK-17906 Use auto-configure instead of is-augment. Use default-client-authenticator option in SecureClientAuthenticatorExecutor 2021-05-19 12:18:11 +02:00
Václav Muzikář
23fef24fe1 KEYCLOAK-18042 Client Policy UI Improvements: Add delete confirmation modal dialog 2021-05-19 11:57:14 +02:00
Hynek Mlnarik
c02a706a86 KEYCLOAK-17748 Optimize validation of redirect URIs in logout endpoint
Reimplementation of KEYCLOAK-17718
2021-05-18 20:31:21 +02:00
vramik
4d776cd780 KEYCLOAK-18137 Fix introduced SPI name 2021-05-18 20:30:21 +02:00
Bruno Oliveira da Silva
008fa8c2b1 [KEYCLOAK-18030] Upgrade Freemarker 2021-05-18 12:59:40 -03:00
Martin Bartoš
8c299b417a KEYCLOAK-17784: Remember me - fix test 2021-05-18 16:15:30 +02:00
Bastian Ike
5c3d7f186e KEYCLOAK-17784: URL encode Keycloak's remember-me cookie to allow non-ascii usernames.
International users using non-ascii symbols such as the german `äöü`
will make Keycloak set the KEYCLOAK_REMEMBER_ME cookie without URL
encoding. This will trigger an java.lang.IllegalArgumentException:
UT000173 exception in undertow's cookie parser which does not
allow non-ascii characters.

Co-authored-by: Fabian Freyer <mail@fabianfreyer.de>
2021-05-18 16:15:30 +02:00
Václav Muzikář
65fbf3f68c KEYCLOAK-18079 Client Policy UI Improvements: JSON error handling 2021-05-18 16:12:48 +02:00
Mathieu CLAUDEL
df714506cc KEYCLOAK-17655 - Can't impersonate 2021-05-18 14:16:01 +02:00
mposolda
71dcbec642 KEYCLOAK-18108 Refactoring retrieve of condition/executor providers. Make sure correct configuration of executor/condition is used for particular provider 2021-05-18 12:20:47 +02:00
Hynek Mlnarik
c2e2cbe180 KEYCLOAK-17749 Remove need for iterating by all clients 2021-05-18 09:28:42 +02:00
mposolda
b8a7750000 KEYCLOAK-18113 Refactor some executor/condition provider IDs 2021-05-18 09:17:41 +02:00
Nikolas Laskaris
35601aaaba
KEYCLOAK-17140 (#7781) 2021-05-17 14:49:26 -04:00
Gregor Tudan
10f7ea01d4 KEYCLOAK-16091: only persist webauthn-authentication count if the authenticator increments it beyond zero
Fixes an issue with Apple Keys stored in the secure enclave. They don's support counters and recommend attestation instead. This is a valid design choice according to the Webauthn-Spec (counters are mentioned as SHOULD)
2021-05-17 08:42:50 +02:00
Václav Muzikář
62e6883524 KEYCLOAK-17084 KEYCLOAK-17434 Support querying clients by client attributes 2021-05-14 13:58:53 +02:00
Pedro Igor
62e17f3be7 [KEYCLOAK-17588] - Authz confirmation popping out twice 2021-05-14 07:21:06 -03:00
Pedro Igor
927c359693
[KEYCLOAK-18086] - cluster-stack setting not working (#8037) 2021-05-14 09:54:01 +02:00
Tomas Kyjovsky
1292135729 KEYCLOAK-17322 Align tested databases with EAP 7.4 support matrix 2021-05-14 09:27:00 +02:00
Bruno Oliveira da Silva
a6ab3119d6
[KEYCLOAK-18059] Upgrade dev dependencies for the new Account Console (#8020) 2021-05-13 19:37:22 -04:00