Commit graph

21873 commits

Author SHA1 Message Date
Sebastian Laskawiec
cc7a125606 Fixed an outdated link 2019-07-12 09:58:23 -03:00
mposolda
ae7631ee89 KEYCLOAK-10810 Typo in the server-developer guide in SPI chapter 2019-07-12 11:17:35 +02:00
mposolda
77e9f16ad3 KEYCLOAK-10813 ComponentsTest.testConcurrencyWithChildren failed with oracle due timeout 2019-07-12 10:42:37 +02:00
mposolda
c003dabf6c KEYCLOAK-10753 Possibility for JavascriptExecutor to use the timeout from pageload.timeout property instead of hardcoded 2019-07-12 10:42:37 +02:00
mposolda
91b41b1a2e KEYCLOAK-10793 Possibility to increase server startup timeout 2019-07-12 10:42:37 +02:00
Takashi Norimatsu
2e850b6d4a KEYCLOAK-10747 Explicit Proof Key for Code Exchange Activation Settings 2019-07-12 08:33:20 +02:00
Takashi Norimatsu
a55e3a5b13 KEYCLOAK-10747 Explicit Proof Key for Code Exchange Activation Settings 2019-07-12 08:32:45 +02:00
Andy Munro
13c5aea904 removing installation guide links and adding a Preview note to the cross DC topic 2019-07-11 15:52:13 +02:00
mposolda
625efcfdf8 KEYCLOAK-10445 KEYCLOAK-10446 Fixes for add DB tests with PostgreSQL 10.1 and PostgresPlus to the pipeline 2019-07-10 15:21:27 +02:00
Martin Kanis
efdf0f1bd8 KEYCLOAK-6839 You took too long to login after SSO idle 2019-07-10 10:15:26 +02:00
Gregor Tudan
334ca6e96b KEYCLOAK-10796: fix build on MacOS by giving DeSerializerFunctions in the StringUtils a distinct name 2019-07-09 22:52:12 +02:00
Kohei Tamura
55a6141bff KEYCLOAK-10783 Fix internal server error when logging out after sharing my resource 2019-07-09 09:06:58 -03:00
Pedro Igor
9215957bd0 Revert "KeycloakRole equals only with itself"
This reverts commit 2899375614.
2019-07-09 09:05:20 -03:00
vramik
5a5325672b KEYCLOAK-10718 Refactor fuse adapter test 2019-07-09 08:56:35 +02:00
mposolda
5f9feee3f8 KEYCLOAK-9846 Verifying signatures on CRL during X509 authentication 2019-07-08 20:20:38 +02:00
Valeran86
2899375614 KeycloakRole equals only with itself
I use Keycloak Spring Adapter (KSA) to secure existing application. Today I realized that some functions didn't work anymore because of security checking like this:
```
GrantedAuthority adminRole = new MySpecialGrantedAuthority( "superadmin" );
for ( GrantedAuthority role : userRoles ) {
        if ( role.equals( adminRole ) ) {
          return true;
        }
      }
```
In this example, when I use KSA authorization fails.
I believe, that more preferable in `KeycloakRole` use this implementation of `equals` method.
2019-07-08 14:33:03 -03:00
k-tamura
c636b7a1cd KEYCLOAK-10784 i18n support for UMA resource pages 2019-07-08 14:25:05 -03:00
Tomasz Prętki
0376e7241a KEYCLOAK-10251 New Claim JSON Type - JSON 2019-07-08 11:59:57 +02:00
Sven-Torben Janus
c883c11e7e KEYCLOAK-10158 Use PEM cert as X.509 user identity
Allows to use the full PEM encoded X.509 certificate from client cert
authentication as a user identity. Also allows to validate that user's
identity against LDAP in PEM (String and binary format). In addition,
a new custom attribute mapper allows to validate against LDAP when
certificate is stored in DER format (binay, Octet-String).

KEYCLOAK-10158 Allow lookup of certs in binary adn DER format from LDAP
2019-07-08 11:58:26 +02:00
Hynek Mlnarik
ca4e14fbfa KEYCLOAK-7852 Use original NameId value in logout requests 2019-07-04 19:30:21 +02:00
Vlasta Ramik
cc8cfd4269 KEYCLOAK-10751 Fix SAML undertow adapter not sending challenge
Co-Authored-By: mhajas <mhajas@redhat.com>
Co-Authored-By: Hynek Mlnarik <hmlnarik@redhat.com>
2019-07-04 10:04:51 +02:00
mposolda
5b40691deb KEYCLOAK-10355 Avoid LastSessionRefreshUnitTest to trigger scheduled tasks 2019-07-04 09:53:19 +02:00
Sebastian Laskawiec
b5d8f70cc7 KEYCLOAK-8224 Client not found error message 2019-07-03 18:34:56 +02:00
Asier Aguado
bed22b9b8d [KEYCLOAK-10710] Make social providers compatible with OIDC UsernameTemplateMappers 2019-07-03 15:01:46 +02:00
rmartinc
bd5dec1830 KEYCLOAK-10112: Issues in loading offline session in a cluster environment during startup 2019-07-03 13:17:45 +02:00
Thomas Darimont
d58d4f62bd Add note about PKCE to KeycloakInstalled adapter documentation 2019-07-03 08:50:17 +02:00
Thomas Darimont
009af1e1a3 KEYCLOAK-10313 Document PKCE usage for KeycloakInstalled Adapter 2019-07-03 08:50:17 +02:00
Thomas Darimont
53d0db80c3 KEYCLOAK-10313 Only use PKCE if enable-pkce is configured for KeycloakInstalled adapter
Users who want to use PKCE support with the KeycloakInstalled adapter need to set the property
``"enable-pkce": true` in the adapter configuration / `keycloak.json`.
2019-07-03 08:49:55 +02:00
Thomas Darimont
8bd48391ca KEYCLOAK-10313 Add PKCE support to KeycloakInstalled Adpater
This adds PKCE support for Desktop Apps as
a followup to KEYCLOAK-1033 #6047.
2019-07-03 08:49:55 +02:00
Axel Messinese
b32d52e62b KEYCLOAK-10750 Check if role exist on get user/group in role endpoint 2019-07-03 08:46:36 +02:00
Pedro Igor
d1b05ff0ce [KEYCLOAK-10443] - Define a global decision strategy for resource servers 2019-07-02 11:10:33 -03:00
Pedro Igor
0cdd23763c [KEYCLOAK-10443] - Define a global decision strategy for resource servers 2019-07-02 09:14:37 -03:00
vramik
44d3c851fc KEYCLOAK-9598 Apache Tomcat adapter - relase notes 2019-07-01 08:15:55 +02:00
stianst
aad12c6bd8 Fix links 2019-06-28 09:13:26 +02:00
stianst
077d52f9e8 Fix link 2019-06-28 09:13:26 +02:00
Peter Skopek
aca8c89d3e KEYCLOAK-10075 fix drop all tables for postgres and mssql 2019-06-27 14:03:13 +02:00
mposolda
a46bf708c0 KEYCLOAK-9947 KEYCLOAK-10451 Better support for DB manual migration test with DB provided by docker or dballocator plugin 2019-06-27 13:52:17 +02:00
Sebastian Loesch
335f690012 [KEYCLOAK-9554] - Add X.509 authenticator option for canonical DN
- added documentation for the new option
- updated the configuration picture
- corrected the provider value to select in section "Adding X.509 Client
  Certificate Authentication to a Browser Flow"
2019-06-27 08:46:04 +02:00
Stian Thorgersen
1778269c68
Update .travis.yml 2019-06-27 07:25:46 +02:00
Stian Thorgersen
4005d205e2
Update .travis.yml 2019-06-27 07:25:23 +02:00
Stian Thorgersen
65ca41b1bf
Update .travis.yml 2019-06-27 07:21:56 +02:00
Stian Thorgersen
6efe38a1d3
Update .travis.yml 2019-06-27 07:19:12 +02:00
Andy Munro
cabd6a051b adding note to enable brute force detection 2019-06-26 15:28:25 -03:00
Sebastian Loesch
c9fbed7eb8 KEYCLOAK-10545 Fix formatting error in log message
Fixes the formatting error
java.util.IllegalFormatConversionException: d != java.util.UUID
2019-06-26 10:22:15 +02:00
mhajas
fe62ece2c3 KEYCLOAK-10701 Remove SpringBoot test within test-apps directory 2019-06-24 21:58:48 +02:00
Kohei Tamura
e10711114b Fix wrong file names 2019-06-24 15:46:36 -03:00
mposolda
c124aec586 KEYCLOAK-10262 DBLockTest.testLockConcurrently fails with MariaDB Galera 10.1 2019-06-24 11:23:18 +02:00
Jeroen ter Voorde
7654793713 [KEYCLOAK-10419] Remove user and group resource at the end of the GroupTest. 2019-06-21 11:31:01 +02:00
Jeroen ter Voorde
7518692c0d [KEYCLOAK-10419] Added briefRepresentation parameter support to the admin client interface
And added a aquillian test for it.
2019-06-21 11:31:01 +02:00
Jeroen ter Voorde
a2099cff39 [KEYCLOAK-10419] Added support for briefRepresentation param on the GroupResource members endpoint. 2019-06-21 11:31:01 +02:00