Commit graph

1873 commits

Author SHA1 Message Date
mposolda
3779bfb6b4 KEYCLOAK-3666 client registration policies - polishing 2016-10-19 17:45:23 +02:00
mposolda
964cd50f1d KEYCLOAK-3666 Added client reg policies for maxClients and clientDisabled 2016-10-19 17:45:23 +02:00
Stian Thorgersen
36c367a3bc Merge pull request #3369 from stianst/KEYCLOAK-3625
KEYCLOAK-3625
2016-10-19 15:56:57 +02:00
Stian Thorgersen
1b24d2edd8 KEYCLOAK-3625 More work on the issue 2016-10-19 14:21:50 +02:00
Stian Thorgersen
bbc1d26b72 Merge pull request #3367 from stianst/KEYCLOAK-3745
KEYCLOAK-3745 Change attributes in user rep
2016-10-19 14:01:39 +02:00
Stian Thorgersen
4efe12cb93 KEYCLOAK-3745 Change attributes in user rep 2016-10-19 12:15:13 +02:00
Stian Thorgersen
f2f508ac2e Merge pull request #3357 from stianst/KEYCLOAK-3107
KEYCLOAK-3017 Expose Location header in cors request to admin endpoint
2016-10-19 08:45:18 +02:00
Stian Thorgersen
13220e1d38 Merge pull request #3355 from stianst/KEYCLOAK-2699
KEYCLOAK-2699 Potential for NPE in DirImportProvider.getRealmsToImport
2016-10-19 07:35:54 +02:00
Stian Thorgersen
116027bd7b Merge pull request #3354 from stianst/KEYCLOAK-2488
KEYCLOAK-2488 Token introspection returns wrong response for invalid …
2016-10-19 07:33:25 +02:00
Stian Thorgersen
a33997976f KEYCLOAK-3017 Expose Location header in cors request to admin endpoint 2016-10-18 21:27:46 +02:00
Stian Thorgersen
0a8d1e28f1 KEYCLOAK-2699 Potential for NPE in DirImportProvider.getRealmsToImport 2016-10-18 20:31:51 +02:00
Stian Thorgersen
29538332d9 KEYCLOAK-2488 Token introspection returns wrong response for invalid token 2016-10-18 20:28:14 +02:00
Bill Burke
d941e07169 Merge pull request #3350 from patriot1burke/master
federated import/export to json
2016-10-18 14:15:25 -04:00
Stian Thorgersen
e41d11877f Merge pull request #3349 from stianst/KEYCLOAK-2741
KEYCLOAK-2741
2016-10-18 19:39:54 +02:00
mposolda
b62e6e2751 KEYCLOAK-3653 CORS headers not sent in certs endpoint 2016-10-18 16:57:06 +02:00
Stian Thorgersen
74dad004e3 KEYCLOAK-2741
Don't remove KEYCLOAK_REMEMBERME cookie when sso session expires.
2016-10-18 16:14:36 +02:00
Bill Burke
2199df71bf Merge remote-tracking branch 'upstream/master' 2016-10-18 10:14:00 -04:00
Bill Burke
4182e4d92a federated import/export 2016-10-18 10:13:51 -04:00
Marek Posolda
3986ce2ce0 Merge pull request #3345 from mposolda/master
KEYCLOAK-3499 Fixes in OIDCProtocolMapper support for includeInUserInfo
2016-10-18 14:28:29 +02:00
Stian Thorgersen
4b56743788 Merge pull request #3343 from stianst/KEYCLOAK-2884
KEYCLOAK-2884 Remove ClientTemplateResource.getKeycloakApplication()
2016-10-18 14:08:50 +02:00
mposolda
a7287aad36 KEYCLOAK-3499 More fixes for IncludeInUserInfo. Fixing tests and migration 2016-10-18 13:09:30 +02:00
Thomas Darimont
c3b577de11 KEYCLOAK-3499 Revise OIDCProtocolMapper support
Moved methods `transformUserInfoToken`, `transformAccessToken`,
`transformIDToken` to the `AbstractOIDCProtocolMapper` base class
in order to reduce code duplication.
Previously every mapper implemented at least one or two of those
methods with exactly the same code.
Having those methods in the base class ensures that the code is the
same for all mappers. Since the mentioned methods are declared
on the `OIDCIDTokenMapper`, `OIDCAccessTokenMapper` and `UserInfoTokenMapper`
interfaces `AbstractOIDCProtocolMapper` implementations can now choose
how they should be handled by the `TokenManager`
by implementing the desired set of interfaces `*TokenMapper`-interfaces.

I think this provides a good balance between ease of use, reduced code duplication
and ensured backwards compatiblity.
Existing protocol mapper implementations will still work since they just implement
their own logic for `transformUserInfoToken`, `transformAccessToken`,
`transformIDToken`.

The "claim" information provided by a `ProtocolMapper` to a `*Token` can now
be provided by overriding the `AbstractOIDCProtocolMapper.setClaim` method.

Adapted all eligible ProtocolMapper implementations within the
`org.keycloak.protocol.oidc.mappers` package accordingly.
2016-10-18 13:09:30 +02:00
Stian Thorgersen
e157a60a23 KEYCLOAK-2884 Remove ClientTemplateResource.getKeycloakApplication() 2016-10-18 09:01:24 +02:00
Marek Posolda
2fd680092a Merge pull request #3336 from mposolda/master
KEYCLOAK-3719 Add 'options' to ProviderConfigProperty and use it for …
2016-10-18 08:33:26 +02:00
mposolda
00879b39b7 KEYCLOAK-3719 Add 'options' to ProviderConfigProperty and use it for 'List' type instead of defaultValue 2016-10-17 21:34:21 +02:00
Stian Thorgersen
77499be8d2 KEYCLOAK-3728
Disable script based authenticator in product profile
2016-10-17 21:16:51 +02:00
Stian Thorgersen
64339aaca7 Merge pull request #3317 from stianst/KEY-ROTATION
Updated labels for java keystore provider config
2016-10-17 19:39:47 +02:00
Stian Thorgersen
2ed6067de0 Merge pull request #3290 from hmlnarik/KEYCLOAK-3655
KEYCLOAK-3655: Fix for unexpected server error when adding duplicate auth flow
2016-10-17 19:31:43 +02:00
Stian Thorgersen
d22f45f0d2 Merge pull request #3335 from stianst/KEYCLOAK-3635
KEYCLOAK-3635 Not possible to filter debug/trace logging
2016-10-17 18:50:10 +02:00
Stian Thorgersen
b320eb8fc7 KEYCLOAK-3635 Not possible to filter debug/trace logging 2016-10-17 16:12:14 +02:00
Geir Ole Hiåsen Stevning
95f62c6aeb KEYCLOAK-3626 - CreatedDate and lastUpdatedDate on user consent 2016-10-17 13:53:12 +02:00
mposolda
5732b2c58f KEYCLOAK-3716 Unable to start Keycloak on wildfly 2016-10-17 12:22:33 +02:00
mposolda
18e0c0277f KEYCLOAK-3666 Dynamic client registration policies 2016-10-14 20:20:40 +02:00
Bill Burke
1c0abbd722 Merge pull request #3315 from patriot1burke/master
import and sync spi
2016-10-14 10:12:42 -04:00
Stian Thorgersen
422805b511 Updated labels for java keystore provider config 2016-10-14 10:36:17 +02:00
Bill Burke
8c8a39c833 sync and import 2016-10-13 20:49:02 -04:00
Bill Burke
0938390654 sync and import 2016-10-13 20:38:49 -04:00
Stian Thorgersen
4e245d428c KEYCLOAK-905 More testing 2016-10-13 20:44:33 +02:00
Stian Thorgersen
d2cae0f8c3 KEYCLOAK-905
Realm key rotation for OIDC
2016-10-13 11:19:52 +02:00
Bill Burke
fbaa731dfa import spi 2016-10-11 18:33:59 -04:00
Bill Burke
db05dc6ee4 KEYCLOAK-3671 2016-10-06 15:02:15 -04:00
Bill Burke
fbb65fa072 KEYCLOAK-3671 2016-10-06 14:56:02 -04:00
Bill Burke
74325fe133 initial sync/import spi 2016-10-06 14:48:53 -04:00
Hynek Mlnarik
cfbc9cf14b KEYCLOAK-3655: Fix for unexpected server error when adding duplicate auth flow 2016-10-05 13:57:02 +02:00
Bill Burke
c5600e888d revactor CredentialValidationOutput apis 2016-10-04 17:26:45 -04:00
Bill Burke
4af0976194 remove UserCredValueModel and hold hash providers 2016-10-04 12:34:15 -04:00
mposolda
bc916a1909 KEYCLOAK-3564 Update demo examples with public key rotation 2016-10-04 14:05:01 +02:00
mposolda
0f9798a10d KEYCLOAK-3493 KEYCLOAK-3532 Renamed KeyStorageProvider to PublicKeyStorageProvider 2016-10-03 15:23:50 +02:00
Thomas Darimont
c852d6d817 KEYCLOAK-3642 Favor StreamUtil over IOUTils in ScriptBasedAuthenticatorFactory
The dependency on commons-io through the use of IOUtils in
ScriptBasedAuthenticatorFactory resulted in
NoClassDefFoundError org/apache/commons/io/IOUtils when building the
keycloak-distribution.

We now use the StreamUtil from keycloak-common to avoid this dependency.
2016-10-03 13:33:53 +02:00
Bill Burke
d4c3fae546 merge conflicts 2016-09-30 19:19:12 -04:00
Bill Burke
6a4e413bf4 final mongo fixes 2016-09-30 19:08:34 -04:00
mposolda
f9a0abcfc4 KEYCLOAK-3493 KEYCLOAK-3532 Added KeyStorageProvider. Support key rotation for OIDC clients and identity providers with JWKS url. 2016-09-30 21:28:23 +02:00
Stian Thorgersen
5d34b7e682 Merge pull request #3189 from thomasdarimont/issue/KEYCLOAK-3491-revise-scripting-support
KEYCLOAK-3491 Revise Scripting Support
2016-09-29 10:12:15 +02:00
Bill Burke
8967ca4066 refactor mongo entities, optimize imports 2016-09-28 15:25:39 -04:00
Stian Thorgersen
34f62eb31d Fixes to [KEYCLOAK-2438] PR 2016-09-28 10:25:37 +02:00
Bruno Oliveira
98d2fe15e8 [KEYCLOAK-2438] - Add display name to social login buttons
[KEYCLOAK-3291] - Names of social identity providers are wrongly capitalized (eg GitHub vs Github)
2016-09-26 13:36:28 -03:00
Bill Burke
ecc104719d bump pom version 2016-09-26 11:01:18 -04:00
Stian Thorgersen
033d1f564a KEYCLOAK-2756
Renaming a realm breaks down the Clients
2016-09-26 10:11:28 +02:00
Bill Burke
27e86e36c4 Merge remote-tracking branch 'upstream/master' 2016-09-23 16:50:16 -04:00
Bill Burke
ff1326fe35 authenticator example updated 2016-09-23 16:50:08 -04:00
Marek Posolda
5fc7149aac Merge pull request #3257 from mposolda/pairwise
KEYCLOAK-3422 Pairwise subjects : few fixes and bit of refactoring
2016-09-23 20:58:51 +02:00
Bill Burke
a1bcd0651d fixes 2016-09-23 10:38:49 -04:00
Marek Posolda
22aaa4cb52 Merge pull request #3237 from brat000012001/kc-iss-3505
KEYCLOAK-3505: updated the oidc user attribute mapper used to map oid…
2016-09-23 15:38:20 +02:00
mposolda
04f05c0cd1 KEYCLOAK-3422 Pairwise subjects : few fixes and bit of refactoring 2016-09-23 15:29:13 +02:00
Bill Burke
8e65356891 creds 2016-09-22 19:57:39 -04:00
Bill Burke
7209a95dce credential refactoring 2016-09-22 08:34:45 -04:00
Thomas Darimont
8e113384aa KEYCLOAK-3491 Revise Scripting Support
Refactored the scripting infrastructure and added documentation.
Added tests and an authenticator template in JavaScript for a quickstart.
Increased height of ace code editor to 600px to avoid scrolling.
2016-09-20 14:33:39 +02:00
Stian Thorgersen
4977527f60 Merge pull request #3239 from stianst/SERVER-PROFILE
KEYCLOAK-3579 Add ability to define profiles
2016-09-20 10:39:05 +02:00
Stian Thorgersen
992268a8e6 KEYCLOAK-3579 Add ability to define profiles 2016-09-20 08:41:23 +02:00
Stian Thorgersen
44c47431a1 Merge pull request #3233 from betovieirasilva/master-KEYCLOAK-LoginUsername
[PULL-REQUEST-3181 & PULL-REQUEST-3233] Username is not displayed on the login screen with that email
2016-09-16 09:23:26 +02:00
Peter Nalyvayko
0348e427de KEYCLOAK-3505: cosmetic coding style changes 2016-09-15 15:42:09 -04:00
Peter Nalyvayko
b97908fb02 KEYCLOAK-3505: updated the oidc user attribute mapper used to map oidc broker claims to map the claims from userinfo claim set 2016-09-15 11:11:58 -04:00
Gilberto Vieira da Silva
6d5dc673d4 When keycloak is set to login email and Username is different from email, to check the "Remember Me" username is not displayed on the login screen with that email because the KEYCLOAK_REMEMBER_ME cookie is always recorded the username field.
Conflicts:
	services/src/main/java/org/keycloak/services/managers/AuthenticationManager.java

[PULL-REQUEST-3181]
2016-09-13 18:56:25 -03:00
Gilberto Vieira da Silva
55e07bcde2 Reverted to appli to branch master-KEYCLOAK-LoginUsername 2016-09-13 18:52:16 -03:00
Gilberto Vieira da Silva
cb1b34eee5 When keycloak is set to login email and Username is different from email, to check the "Remember Me" username is not displayed on the login screen with that email because the KEYCLOAK_REMEMBER_ME cookie is always recorded the username field.
Conflicts:
	services/src/main/java/org/keycloak/services/managers/AuthenticationManager.java
2016-09-13 18:21:04 -03:00
Martin Hardselius
04d03452bd KEYCLOAK-3422 support pairwise subject identifier in oidc 2016-09-13 09:18:45 +02:00
mposolda
bf6246f5c1 KEYCLOAK-905 Realm keys rotation support on adapters 2016-09-12 21:24:04 +02:00
Stian Thorgersen
1630b9a20c Merge pull request #3220 from abstractj/KEYCLOAK-3535
KEYCLOAK-3535 - Check if SSSD is available via DBUS
2016-09-09 08:15:11 +02:00
Stian Thorgersen
65befb16fd Merge pull request #3219 from pedroigor/KEYCLOAK-3534
[KEYCLOAK-3534] - Authorization tab appears too soon in admin console
2016-09-09 08:14:03 +02:00
Stian Thorgersen
e8f99a2109 Merge pull request #3221 from patriot1burke/master
KEYCLOAK-3423
2016-09-09 07:45:53 +02:00
Pedro Igor
7af16fc747 [KEYCLOAK-3534] - Authorization tab appears too soon in admin console 2016-09-09 01:03:09 -03:00
Bill Burke
84f5c0926b KEYCLOAK-3423 2016-09-08 16:47:06 -04:00
Bruno Oliveira
11245701d2 Check if SSSD is available via DBUS 2016-09-08 16:01:45 -03:00
Bill Burke
2a5c778af5 Merge pull request #3209 from patriot1burke/master
KEYCLOAK-3440
2016-09-08 09:10:54 -04:00
Stian Thorgersen
36bb94afb8 Environment dependent provider 2016-09-08 07:40:19 -03:00
Marek Posolda
76e1160b36 Merge pull request #3210 from mposolda/master
KEYCLOAK-3537 Username not shown when validation error on Account pro…
2016-09-08 10:04:38 +02:00
Stian Thorgersen
f726caea9b Merge pull request #3205 from stianst/KEYCLOAK-3342
KEYCLOAK-3342 Add Identity Provider authenticator
2016-09-08 08:40:32 +02:00
mposolda
16282aeb7b KEYCLOAK-3537 Username not shown when validation error on Account profile page 2016-09-08 08:36:39 +02:00
Stian Thorgersen
d2c546bdc2 Merge pull request #3201 from pedroigor/KEYCLOAK-3129
[KEYCLOAK-3129] - Add authorization services endpoints to PermissionsTest
2016-09-08 08:03:40 +02:00
Stian Thorgersen
7c292b1213 KEYCLOAK-3342 Add Identity Provider authenticator 2016-09-08 07:20:35 +02:00
Bill Burke
3b9a6b32e1 Revert "Revert "KEYCLOAK-3440""
This reverts commit 01e48dc4b8.
2016-09-07 23:41:32 -04:00
Bill Burke
01e48dc4b8 Revert "KEYCLOAK-3440" 2016-09-07 23:17:35 -04:00
Bill Burke
3f35234cf5 Merge remote-tracking branch 'upstream/master' 2016-09-07 23:11:38 -04:00
Bill Burke
da135389c7 KEYCLOAK-3440 2016-09-07 23:11:28 -04:00
mposolda
5a015a6518 KEYCLOAK-3494 Input elements backed by user attributes fail to update in themes 2016-09-07 20:08:09 +02:00
Pedro Igor
517413d38e [KEYCLOAK-3129] - Add authorization services endpoints to PermissionsTest 2016-09-06 17:32:37 -03:00
Bill Burke
15d31a202f Merge remote-tracking branch 'upstream/master' 2016-09-06 08:56:17 -04:00
Bill Burke
6714c1a136 cred refactor 2016-09-06 08:55:47 -04:00
mposolda
8c5b1e4892 KEYCLOAK-3525 Validation callback when creating/updating protocolMapper 2016-09-06 07:15:27 +02:00
mposolda
03c05bd72b KEYCLOAK-2957 IdpEmailVerificationAuthenticator should setEmailVerified to true after successfuly link user by email verification 2016-09-05 18:04:24 +02:00