libre.sh/keycloak-scim
2
0
Fork 0
Code Issues 14 Pull requests Releases Packages Activity Actions
21873 commits 4 branches 5 tags 483 MiB
Commit graph

21873 commits

This branch
This branch
All branches
Author SHA1 Message Date
vmuzikar
cb5c893d87 Add tests for KEYCLOAK-15481 2020-09-11 07:03:24 -04:00
Stan Silvert
952e8fecee KEYCLOAK-15481: Display forbidden screen 2020-09-11 07:03:24 -04:00
Miquel Simon
2572b1464b KEYCLOAK-15395. Removed totp/remove (DELETE) and credentials/password (GET, POST) endpoints. 2020-09-10 18:03:03 -03:00
Erik Jan de Wit
1297c9f391
Restructure (#78) 
* moved files into new structure

* translation files / namespace per "page"

fixes: #77

* renamed pages to sections

* moved save, delete and others to common bundle
 2020-09-10 14:04:03 -04:00
Takashi Norimatsu
af2f18449b KEYCLOAK-14195 FAPI-RW Client Policy - Condition : Client - Client Role 2020-09-10 18:34:19 +02:00
Clement Cureau
b19fe5c01b Finegrain admin as fallback and added some tests 2020-09-10 12:26:55 -03:00
Clement Cureau
73378df52e [KEYCLOAK-11621] Allow user creation via group permissions (Admin API) 
Problem:
Using fine-grained admin permissions on groups, it is not permitted to create new users
within a group.

Cause:
The POST /{realm}/users API does not check permission for each group part of the new
user representation

Solution:
- Change access logic for POST /{realm}/users to require MANAGE_MEMBERS and
MANAGE_MEMBERSHIP permissions on each of the incoming groups

Tests:
Manual API testing performed:
  1. admin user from master realm:
    - POST /{realm}/users without groups                  => HTTP 201 user created
    - POST /{realm}/users with groups                     => HTTP 201 user created
  2. user with MANAGE_MEMBERS & MANAGE_MEMBERSHIP permissions on group1
    - POST /{realm}/users without groups                  => HTTP 403 user NOT created
    - POST /{realm}/users with group1                     => HTTP 201 user created
    - POST /{realm}/users with group1 & group2            => HTTP 403 user NOT created
    - POST /{realm}/users with group1 & wrong group path  => HTTP 400 user NOT created
  3. user with MANAGE_MEMBERS permission on group1
    - POST /{realm}/users without groups                  => HTTP 403 user NOT created
    - POST /{realm}/users with group1                     => HTTP 403 user NOT created
    - POST /{realm}/users with group1 & group2            => HTTP 403 user NOT created
    - POST /{realm}/users with group1 & wrong group path  => HTTP 400 user NOT created
 2020-09-10 12:26:55 -03:00
testn
706299557e KEYCLOAK-15174: ResourceServerAdapter.toEntity checks the wrong type 2020-09-10 12:19:25 -03:00
testn
c288175c03 KEYCLOAK-15208: PermissionTicketAdapter checks for the wrong type 2020-09-10 12:16:48 -03:00
Heikki Simperi
4500dcbbc6 KEYCLOAK-13837 Admin cli command has alias parameter should be keyAlias 2020-09-10 10:58:52 -03:00
Andy Munro
df1cb476fe KEYCLOAK-14845 Updating IBM Z and OpenJ9 terminology 2020-09-09 15:02:07 -03:00
Sebastian Laskawiec
e01159a943 KEYCLOAK-14767 OpenShift Review Endpoint audience fix 2020-09-09 11:57:24 -03:00
Erik Jan de Wit
7f66895631
added export and delete (#63) 
* added export and delete

* added types
 2020-09-09 16:34:05 +02:00
Michael Furman
6b9a5f2854 Update spring-security-adapter.adoc 2020-09-09 11:19:57 +02:00
Michael Furman
cdbdac6c36 Fixing KEYCLOAK-14642 
Fixing documentation to resolve KEYCLOAK-14642
 2020-09-09 11:19:57 +02:00
Takashi Norimatsu
cbb79f0430 KEYCLOAK-15448 FAPI-RW : Error Response on OIDC private_key_jwt Client Authentication Error (400 error=invalid_client) 2020-09-09 11:14:21 +02:00
Stan Silvert
8fbcf7582a
Flesh out left navigation (#76) 
Co-authored-by: Erik Jan de Wit <erikjan.dewit@gmail.com>
 2020-09-09 11:07:17 +02:00
mhajas
df52c12ebb KEYCLOAK-15479 Replace enlistAfterCompletion with enlist in MapClientProvider 2020-09-09 08:27:38 +02:00
Sarah Rambacher
bc38db7dbb
Adjusts toolbar help menu items (#65) 
* Adjusts toolbar help menu items

* remove workaround css for dropdown description text

* fixes formatting

* capitalize menu item

* revert change in variable name
 2020-09-08 14:54:21 -04:00
Erik Jan de Wit
8fa720438e
some small fixes to the realm selector (#74) 2020-09-08 13:20:29 -04:00
Erik Jan de Wit
082682e6d3
initial version of json file upload component (#75) 2020-09-08 13:16:08 -04:00
Erik Jan de Wit
c59a7198c9
initial version of help items (#70) 2020-09-08 13:12:42 -04:00
Benjamin Weimer
b2934e8dd0 KEYCLOAK-15327 backchannel logout invalidate offline session even if there is no corresponding active session found 2020-09-08 11:17:20 -03:00
Stan Silvert
ca7c014e55
Run tsc on build to check for typescript errors (#69) 
* Run tsc on build to check for typescript errors

* Fix typescript errors.  Rename failing stories.

* Make prettier happy

* Use only tsconfig for tsc.
 2020-09-08 07:56:44 +02:00
Hynek Mlnarik
bf637dc8ca KEYCLOAK-14961 Update release notes 2020-09-07 15:19:40 +02:00
PoojaChandak
1fd8a6e28e Update fine-grain.adoc 
review comment update
 2020-09-07 06:09:50 -07:00
PoojaChandak
43dbad7cfc Update fine-grain.adoc 
Observed a few changes, suggesting the same. Kindly check.
 2020-09-07 06:09:50 -07:00
Martin Kanis
4e9bdd44f3 KEYCLOAK-14901 Replace deprecated ClientProvider related methods across Keycloak 2020-09-07 13:11:55 +02:00
stianst
76f7fbb984 KEYCLOAK-14548 Add support for cached gzip encoding of resources 2020-09-07 00:58:47 -07:00
Martin Bartos
e34ff6cd9c [KEYCLOAK-14326] Identity Provider force sync is not working 2020-09-07 09:42:40 +02:00
Stan Silvert
0eea5b8057
Use isBlock instead of css (#67) 
* Use isBlock instead of css

* Make prettier happy

* Fix tests
 2020-09-05 15:37:42 -04:00
Eugenia
c6a310a827
add realm selector (#48) 
* WIP realm selector

* realm dropdown is working

* address PR feedback

* address PR feedback and fix conflicts

* fix formatting

* fix path

* address PR feedback from Stan

* update snapshot tests

* fix formatting

* change minwidth
 2020-09-04 14:16:11 -04:00
Erik Jan de Wit
87d8414bd7
fix storybook imports (#62) 2020-09-04 06:38:58 -04:00
Erik Jan de Wit
258b21e334
remove env vars and use simple copy task to switch (#60) 2020-09-04 06:38:23 -04:00
Takashi Norimatsu
1d8230d438 KEYCLOAK-14190 Client Policy - Condition : The way of creating/updating a client 2020-09-04 09:54:55 +02:00
Luca Leonardo Scorcia
67b2d5ffdd KEYCLOAK-14961 SAML Client: Add ability to request specific AuthnContexts to remote IdPs 2020-09-03 21:25:36 +02:00
Luca Leonardo Scorcia
865dd55f04 KEYCLOAK-14961 SAML Client: Add ability to request specific AuthnContexts to remote IdPs 2020-09-03 21:25:30 +02:00
Erik Jan de Wit
f1c9d2e49e
Import client json file (#55) 
* import form

* added confirmation dialog

* introduced page component for clients
 2020-09-03 15:25:05 -04:00
Erik Jan de Wit
a0b2b52b4f
upgraded to storybook 6 and changed to tsx (#58) 2020-09-03 13:26:36 -04:00
Erik Jan de Wit
050f6aaed5
added more tests (#59) 2020-09-03 13:25:35 -04:00
dependabot-preview[bot]
ad16ce23d4
Bump i18next-http-backend from 1.0.17 to 1.0.18 (#57) 
Bumps [i18next-http-backend](https://github.com/i18next/i18next-http-backend) from 1.0.17 to 1.0.18.
- [Release notes](https://github.com/i18next/i18next-http-backend/releases)
- [Commits](https://github.com/i18next/i18next-http-backend/compare/v1.0.17...v1.0.18)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
 2020-09-03 14:58:42 +02:00
Hynek Mlnarik
1c4a2db8e1 KEYCLOAK-14510 Properly close Response object 2020-09-03 11:23:05 +02:00
Simon Legner
bed664e4fe KEYCLOAK-15186 Sort user federation table 2020-09-02 17:40:41 -04:00
stianst
a92bf0c3be KEYCLOAK-15091 Fix issue with custom favicon.ico 2020-09-02 23:18:49 +02:00
Konstantinos Georgilakis
1fa93db1b4 KEYCLOAK-14304 Enhance SAML Identity Provider Metadata processing 2020-09-02 20:43:09 +02:00
Alex Szczuczko
106669cd45 KEYCLOAK-15428 Fix two broken links causing test failures 
http://browsercookielimits.squawky.net no longer exists, and I can't find an
equivilent of what it did, so I've removed it.

https://wildfly.org needed a slash on the end and a www up front, to prevent a redirect.

That should resolve the test failures currently causing all PRs to be flagged.
 2020-09-02 14:25:07 -03:00
Takashi Norimatsu
aad3bdcb88 KEYCLOAK-15251 keycloak-themes build fails in windows 2020-09-02 12:40:07 -04:00
Erik Jan de Wit
f41e8bd63b
css path (#54) 2020-09-02 08:55:59 -04:00
David Kanenwisher
afb6e99e3c Fix typo 
Correct the conjugation of "have".
 2020-09-02 14:30:16 +02:00
Takashi Norimatsu
b93a6ed19f KEYCLOAK-14919 Dynamic registration - Scope ignored 2020-09-02 13:59:22 +02:00