Commit graph

405 commits

Author SHA1 Message Date
Martin Kanis
f429469fc8 KEYCLOAK-5270 Realm cookie path for IE<=11 users (#5106) 2018-05-31 08:44:34 +02:00
Stian Thorgersen
dbf5c395b0
Bump version to 4.0.0.Final (#5224) 2018-05-24 19:02:30 +02:00
Stian Thorgersen
90e5c7f3eb
Bump version to 4.0.0.Beta3-SNAPSHOT (#5185) 2018-05-02 14:32:20 +02:00
stianst
07fea02146 Bump versions to 4.0.0.Beta2-SNAPSHOT 2018-03-26 18:17:38 +02:00
Pedro Igor
91bdc4bde2 [KEYCLOAK-3169] - UMA 2.0 (#4368)
* [KEYCLOAK-3169] - UMA 2.0 Support

* [KEYCLOAK-3169] - Changes to account service and more tests

* [KEYCLOAK-3169] - Code cleanup and tests

* [KEYCLOAK-3169] - Changes to account service and tests

* [KEYCLOAK-3169] - Changes to account service and tests

* [KEYCLOAK-3169] - More tests

* [KEYCLOAK-3169] - Changes to adapter configuration

* [KEYCLOAK-3169] - Reviewing UMA specs and more tests

* [KEYCLOAK-3169] - Reviewing UMA specs and more tests

* [KEYCLOAK-3169] - Changes to UMA Grant Type and refactoring

* [KEYCLOAK-3169] - Refresh tokens for RPT responses and tests

* [KEYCLOAK-3169] - Changes to account my resources and policy enforcers

* [KEYCLOAK-3169] - Realm settings flag to enable/disable user-managed access in account mgmt console

* [KEYCLOAK-3169] - More changes to my resource pages in account mgmt console

* [KEYCLOAK-3169] - Need to enable user-managed on realm to run tests

* [KEYCLOAK-3169] - Removing more UMA 1.0 related code

* [KEYCLOAK-3169] - Only submit requests if ticket exists

* [KEYCLOAK-3169] - Returning UMA 401 response when not authenticated

* [KEYCLOAK-3169] - Removing unused code

* [KEYCLOAK-3169] - Removing unused code

* [KEYCLOAK-3169] - 403 response in case ticket is not created

* [KEYCLOAK-3169] - Fixing AbstractPhotozExampleAdapterTest#testClientRoleRepresentingUserConsent

* [KEYCLOAK-3169] - 403 status code only returned for non-bearer clients
2018-02-28 08:53:10 +01:00
Bill Burke
aa089980ce
Merge pull request #4942 from mstruk/KEYCLOAK-5807
KEYCLOAK-5807 Intermittent failures in UserStorageTest
2018-02-26 12:14:38 -05:00
stianst
505cf5b251 KEYCLOAK-6519 Theme resource provider 2018-02-09 08:28:59 +01:00
Marko Strukelj
62a9d4ea91 KEYCLOAK-5807 Under daily eviction policy user entries not returned from cache when they should 2018-02-02 19:27:23 +01:00
vramik
019c3c9ef9 KEYCLOAK-6146 realm import fails when password policy is specified 2018-02-02 08:30:06 +01:00
Bill Burke
126dd70efc client stat improvement 2018-01-31 13:05:13 -05:00
Bill Burke
4bf23cc83a caching 2018-01-29 12:28:17 -05:00
Bill Burke
1d8e38f0c6 admin console 2018-01-27 13:05:02 -05:00
Bill Burke
6b84b9b4b6 done 1st iteration 2018-01-27 09:47:16 -05:00
Bill Burke
ddad1cb8af Merge remote-tracking branch 'upstream/master' into client-storage-spi 2018-01-25 10:08:37 -05:00
Bill Burke
8a17b61f4e initial work 2018-01-25 10:08:26 -05:00
Bill Burke
7c66f76858
Merge pull request #4932 from patriot1burke/per-client-flow
KEYCLOAK-6335
2018-01-25 09:55:11 -05:00
Douglas Palmer
42759be6ff [KEYCLOAK-6143] Remove Hmac prefix from algorithms in the OTP manual config pages 2018-01-25 07:10:30 +01:00
Bill Burke
a9297df89c KEYCLOAK-6335 2018-01-23 12:09:49 -05:00
stianst
35ada9d636 KEYCLOAK-6289 Add ThemeSelectorSPI 2018-01-18 09:14:13 +01:00
stianst
0bedbb4dd3 Bump version to 4.0.0.CR1-SNAPSHOT 2017-12-21 15:06:00 +01:00
stianst
b303acaaba KEYCLOAK-2120 Added manual setup page for OTP 2017-12-18 11:20:20 +01:00
Hynek Mlnarik
e4a91c0706 KEYCLOAK-6042 Encode user ID before storing in auth session 2017-12-15 15:16:26 +01:00
mposolda
63efee6e15 KEYCLOAK-5938 Authentication sessions: Support for logins of multiple tabs of same client 2017-12-12 08:01:02 +01:00
Bill Burke
5d5a200413
Merge pull request #4818 from patriot1burke/master
KEYCLOAK-5926
2017-12-08 09:59:32 -05:00
Bill Burke
0dee393071 KEYCLOAK-5926 2017-12-07 19:49:10 -05:00
stianst
c055ffb083 KEYCLOAK-4215 Consider session expiration when setting token timeouts 2017-12-07 10:45:02 +01:00
mposolda
8a0fa521c4 KEYCLOAK-5915 Support for sticky sessions managed by loadbalancer. Support for KeyAffinityService 2017-12-06 13:06:54 +01:00
stianst
37de8e9f69 Bump version to 3.4.2.Final-SNAPSHOT 2017-12-01 09:34:48 +01:00
mposolda
7b03eed9c8 KEYCLOAK-5797 Refactoring authenticationSessions to support login in multiple browser tabs with different clients 2017-11-30 12:56:45 +01:00
pedroigor
17748d5ba8 [KEYCLOAK-5660] - Adding UserQueryProvider.getUsersCount(realm, includeServiceAccount) method 2017-11-30 10:45:54 +01:00
Bill Burke
c66ff60c58 KEYCLOAK-5715 2017-11-17 11:34:32 -05:00
Bill Burke
485ba4a3e4 KEYCLOAK-5676 2017-11-15 10:29:02 -05:00
Bruno Oliveira
03d0488335 [KEYCLOAK-2052] Allows independently set timeouts for e-mail verification link and rest e.g. forgot password link
Co-authored-by: Hynek Mlnarik <hmlnarik@redhat.com>
2017-11-13 19:57:04 -02:00
Stian Thorgersen
128ff12f8f Bump versions 2017-11-09 15:37:21 +01:00
Hynek Mlnarik
75c354fd94 KEYCLOAK-5745 Separate user and client sessions in infinispan 2017-10-26 10:39:41 +02:00
Marek Posolda
13fe9e7cf8 Merge pull request #4510 from glavoie/KEYCLOAK-3303
KEYCLOAK-3303: Allow reuse of refresh tokens.
2017-09-29 17:07:45 +02:00
mposolda
3b6e1f4e93 KEYCLOAK-5007 Used single-use cache for tracke OAuth code. OAuth code changed to be encrypted and signed JWT 2017-09-29 13:20:22 +02:00
Gabriel Lavoie
134daeac7f KEYCLOAK-3303: Allow reuse of refresh tokens.
- Configurable max reuse count.
2017-09-28 15:30:40 -04:00
Bill Burke
fd025ae76b Merge pull request #4209 from guitaro/feature/group-search-and-pagination
[KEYCLOAK-2538] - groups pagination and group search
2017-09-23 20:52:19 -04:00
Antonio Howcroft Ferreira
a551195ddf KEYCLOAK-2035 update with feedback from PR by bburke 2017-09-22 15:05:49 +01:00
howcroft
e78bf5f876 Keycloak 2035
This PR adds:
* an endpoint to Role that lists users with the Role
* a tab "Users in Role" in Admin console Role page
* it is applicable to Realm and Client Roles
* Extends UserQueryProvider with default methods (throwing Runtime Exception if not overriden)
* Testing in base testsuite and Console
2017-09-22 15:05:49 +01:00
Léventé NAGY
503ce3a47f Merge branch 'master' into feature/group-search-and-pagination 2017-09-13 10:27:38 +02:00
Levente NAGY
db56d82dbd KEYCLOAK 2538 - UI group pagination - fix duplicate result for search + sort result 2017-09-12 11:45:37 +02:00
Hynek Mlnarik
24e9cbb292 KEYCLOAK-4899 Replace updates to user session with temporary auth session 2017-09-11 21:43:49 +02:00
Levente NAGY
2c24b39268 KEYCLOAK 2538 - UI group pagination 2017-09-07 19:39:06 +02:00
Stian Thorgersen
463661b051 Set version to 3.4.0.CR1-SNAPSHOT 2017-08-28 15:46:22 +02:00
mposolda
fe5891fbdb KEYCLOAK-5293 Add notBefore to user 2017-08-23 08:58:26 +02:00
Levente NAGY
c8aa708cff Merge remote-tracking branch 'upstream/master' 2017-08-10 18:14:49 +02:00
mposolda
07e2136b3b KEYCLOAK-4187 Added UserSession support for cross-dc 2017-07-27 22:32:58 +02:00
Hynek Mlnarik
c36074c7f3 KEYCLOAK-4187 Minor updates (abstraction) 2017-07-18 15:08:06 +02:00
Stian Thorgersen
454c5f4d83 Set version to 3.3.0.CR1-SNAPSHOT 2017-06-30 09:47:11 +02:00
Josh Cain
89fcddd605 KEYCLOAK-3592 Docker auth implementation 2017-06-29 06:37:34 +02:00
Léventé NAGY
1a50e77a4d Merge branch 'master' into feature/group-search-and-pagination 2017-06-26 20:36:36 +02:00
Bill Burke
bc05560d4d Merge remote-tracking branch 'upstream/master' 2017-06-26 11:41:12 -04:00
Bill Burke
3ee86fedc7 Merge remote-tracking branch 'upstream/master' 2017-06-23 09:57:35 -04:00
Hynek Mlnarik
8f9ed32a66 KEYCLOAK-5078 ConcurrencyTest fails intermittently
This commit fixes 401 Unauthorized issues
2017-06-23 15:16:23 +02:00
Léventé NAGY
41d8d17062 Merge branch 'master' into feature/group-search-and-pagination 2017-06-22 17:41:30 +02:00
Bill Burke
d08ddade2e merge 2017-06-21 17:43:54 -04:00
Bill Burke
52e40922bc removal 2017-06-21 17:42:57 -04:00
mposolda
fc61a4e89f KEYCLOAK-4631 Move ClientInitialAccessModel from userSession model to realm model 2017-06-21 22:14:20 +02:00
mposolda
e91dd011c5 KEYCLOAK-4438 Disable kerberos flow when provider removed 2017-06-21 09:38:20 +02:00
Levente NAGY
f377a45c4e [KEYCLOAK-2538] - groups count for pagination limits 2017-06-07 20:52:22 +02:00
Levente NAGY
c4da7637d6 [KEYCLOAK-2538] - groups pagination and group search 2017-06-06 18:32:48 +02:00
Stian Thorgersen
8c53c5a90e KEYCLOAK-4888
Change default hashing provider for realm
2017-05-30 09:54:05 +02:00
mposolda
5560175888 KEYCLOAK-4626 Changed javadoc. Remove unused ClientSessionModel class 2017-05-25 18:51:05 +02:00
Stian Thorgersen
097a2267f5 KEYCLOAK-4889
Improve error messages for password policies
2017-05-23 13:18:06 +02:00
Hynek Mlnarik
b8262a9f02 KEYCLOAK-4628 Single-use cache + its functionality incorporated into reset password token. Utilize single-use cache for relevant actions in execute-actions token 2017-05-11 22:16:26 +02:00
Hynek Mlnarik
c431cc1b01 KEYCLOAK-4627 IdP email account verification + code cleanup. Fix for concurrent access to auth session notes 2017-05-11 22:16:26 +02:00
mposolda
168153c6e7 KEYCLOAK-4626 Authentication sessions - SAML, offline tokens, broker logout and other fixes 2017-05-11 22:16:26 +02:00
Hynek Mlnarik
47aaa5a636 KEYCLOAK-4627 reset credentials and admin e-mails use action tokens. E-mail verification via action tokens. 2017-05-11 22:16:26 +02:00
mposolda
e7272dc05a KEYCLOAK-4626 AuthenticationSessions - brokering works. Few other fixes and tests added 2017-05-11 22:16:26 +02:00
mposolda
a9ec69e424 KEYCLOAK-4626: AuthenticationSessions - working login, registration, resetPassword flows 2017-05-11 22:16:26 +02:00
mposolda
83b29c5080 KEYCLOAK-4626 AuthenticationSessions: start 2017-05-11 22:16:26 +02:00
Stian Thorgersen
c3a2b3a6b6 KEYCLOAK-4523 PBKDF2WithHmacSHA256 and PBKDF2WithHmacSHA512 providers 2017-05-11 11:58:22 +02:00
Eriksson Fabian
ca1152c3e5 KEYCLOAK-4204 Extend brute force protection with permanent lockout on failed attempts
- Can still use temporary brute force protection.
- After X-1 failed login attempt, if the user successfully logs in his/her fail login count is reset.
2017-04-28 09:02:10 +02:00
Stian Thorgersen
87dedb56e5 Set version to 3.2.0.CR1-SNAPSHOT 2017-04-27 14:23:03 +02:00
Stian Thorgersen
a87ee04024 Bump to 3.1.0.CR1-SNAPSHOT 2017-03-16 14:21:40 +01:00
Bill Burke
3bb29e033b KEYCLOAK-4501, KEYCLOAK-4511, KEYCLOAK-4513 2017-03-03 09:48:52 -05:00
Bill Burke
cf5e2a1d20 unlink/remoteimported 2017-02-08 19:48:22 -05:00
Bill Burke
f128be9b31 LDAP No-Import 2017-02-04 10:29:34 -05:00
Bill Burke
79dede8e78 KEYCLOAK-4363 2017-02-01 10:19:15 -05:00
Stian Thorgersen
6f22f88d85 Bump version to 3.0.0.CR1 2017-01-26 06:18:11 +01:00
mposolda
843b4b470b KEYCLOAK-2333 LDAP/MSAD password policies are not used when user changes password 2017-01-17 21:06:09 +01:00
Bill Burke
6aee6b0c46 KEYCLOAK-4220 2017-01-13 11:45:48 -05:00
Bill Burke
89e6f93fa4 KEYCLOAK-4099 2017-01-12 09:34:26 -05:00
Bill Burke
6ac1301dc2 Merge remote-tracking branch 'upstream/master' 2017-01-03 15:21:16 -05:00
Stian Thorgersen
e805ffd945 Bump version to 2.5.1.Final-SNAPSHOT 2016-12-22 08:22:18 +01:00
Bill Burke
172007f59c conflict 2016-12-20 08:56:08 -05:00
Marek Posolda
c6363aa146 Merge pull request #3630 from sldab/duplicate-email-support
KEYCLOAK-4059 Support for duplicate emails
2016-12-19 15:37:18 +01:00
Slawomir Dabek
93cec9b3ee KEYCLOAK-4059 Support for duplicate emails 2016-12-19 10:55:12 +01:00
Stian Thorgersen
f29bb7d501 KEYCLOAK-4092 key provider for HMAC signatures 2016-12-19 10:50:43 +01:00
Bruno Oliveira
15f23eb045
[KEYCLOAK-3560]: Unable to import exported users which contain terms_and_conditions required action 2016-12-06 15:29:56 -02:00
Hynek Mlnarik
3c4114091f KEYCLOAK-4035 Composite roles need to be expanded in SAML attribute mapper 2016-12-05 16:16:08 +01:00
Bill Burke
8fd7091068 KEYCLOAK-3986 2016-12-03 09:33:52 -05:00
Bill Burke
ce50b0ed29 Merge remote-tracking branch 'upstream/master' 2016-12-02 19:26:34 -05:00
Bill Burke
e88af874ca finish 2016-12-02 19:25:17 -05:00
Stian Thorgersen
5ecc8d1c71 KEYCLOAK-4006 Fix performance drop caused by changes to client session codes 2016-12-01 12:17:54 +01:00
Stian Thorgersen
b771b84f56 Bump to 2.5.0.Final-SNAPSHOT 2016-11-30 15:44:51 +01:00
Bill Burke
9e50a45b4c UserBulkUpdateProvider interface 2016-11-29 18:43:22 -05:00
mposolda
69ce1e05f0 KEYCLOAK-3822 Changing signature validation settings of an external IdP is not sometimes reflected 2016-11-28 15:27:25 +01:00