Commit graph

365 commits

Author SHA1 Message Date
pedroigor
792ffdf39b [KEYCLOAK-5925] - Trace-level should log tokens without their signatures 2017-11-28 09:54:57 -02:00
Thomas Kuestermann
bb900f9db8 KEYCLOAK-5753 fixed NPE thrown when using custom RequestMatcher 2017-11-27 09:55:32 +01:00
pedroigor
819a60932e [KEYCLOAK-2517] - Doesn't work always refresh token 2017-11-24 23:40:29 -02:00
rmartinc
0b3ae30473 Parameter "ui_locales" not redirected to login page in java adapters 2017-11-23 11:18:29 +01:00
Thomas Recloux
04ad634986 Add configuration for KeycloakAuthenticatedActionsFilter
Fixes KEYCLOAK-5227
2017-11-10 10:44:12 +01:00
Bartłomiej Piech
d4b9c3c014 KEYCLOAK-5679 2017-11-10 10:42:26 +01:00
emilienbondu
8b8e694c60 Fix https://issues.jboss.org/browse/KEYCLOAK-5636 NPE 2017-11-09 19:32:27 +01:00
Stian Thorgersen
128ff12f8f Bump versions 2017-11-09 15:37:21 +01:00
Xiaojian Liu
19eed51582 KEYCLOAK-5352 Basic Auth fails if password contains a ':' 2017-11-09 13:56:02 +01:00
Xiaojian Liu
9ff22f596d KEYCLOAK-5352 Basic Auth fails if password contains a ':' 2017-11-09 13:56:02 +01:00
Xiaojian Liu
e1af9f133f KEYCLOAK-5352 Basic Auth fails if password contains a ':' 2017-11-09 13:56:02 +01:00
Pedro Igor
a8ba3eb7f9 [KEYCLOAK-4439] - Fixing elytron adapter for standalone apps 2017-11-08 14:09:34 -02:00
Paramvir-JIndal
d1468eaa45 [KEYCLOAK-5767]IE9 sometimes using HTTP status code 1223 instead of 204 (#4628) 2017-11-07 10:46:13 +01:00
Pedro Igor
d3dee07956 [KEYCLOAK-5763] - Forward credentials when using Elytron Adapter 2017-10-27 12:34:31 -02:00
Pedro Igor
7dd7b6b984 [KEYCLOAK-5726] - Defaults to true in case no required scopes are defined 2017-10-24 10:39:55 -02:00
Pedro Igor
a6e1413d58 [KEYCLOAK-5726] - Support define enforcement mode for scopes on the adapter configuration 2017-10-24 10:39:54 -02:00
Pavel Drozd
20d0fa1b4e Merge pull request #4528 from RaiSaurabh/test
KEYCLOAK-5623: Fix to support the URL handler for the file loading.
2017-10-23 12:52:10 +02:00
saurabhrai
6dd8592434 KEYCLOAK-5623: Updated to code to check the profile configuration to support Jboss Fuse adapter. Read from profile resource. 2017-10-23 14:17:18 +05:30
Gabriel Lavoie
e2f5ac60cf KEYCLOAK-5499: Use authentication token type rather than token source detection to identify interactive and non-interactive authentications. (#4488)
- access_token URL parameter wasn't interpreted correctly as a non-interactive authentication.
2017-10-16 09:38:05 +02:00
Sjoerd Cranen
cb43e3d763 KEYCLOAK-5191 Prevent exception in KeycloakAuthenticationFailureHandler (#4319)
* KEYCLOAK-5191 Don't attempt to send 401 when response is already committed

* KEYCLOAK-5191 Defend against configuration errors by preventing 2xx response after authentication failure
2017-10-16 09:34:58 +02:00
Stian Thorgersen
7774d5c6b8 Revert changes in KEYCLOAK-5621 (#4539) 2017-10-06 14:02:34 +02:00
Wojciech Trocki
a6e852495d Remove bug with login redirect on IOS (#4514)
* Create wrapper for window.open

* Move function to variable
2017-10-06 06:24:07 +02:00
Bartek Andrzejczak
8c7313f290 Renames realmKey to realmPublicKey for consistency (#4526) 2017-10-04 08:29:09 +02:00
Pedro Igor
4c71e2ec17 [KEYCLOAK-4439] - Changes for Wildfly 11.0.0.CR1 (#4504)
* [KEYCLOAK-4439] - Changes for Wildfly 11.0.0.CR1

* [KEYCLOAK-5463] - Fixing servlet filter when using elytron adapters
2017-09-28 11:46:17 +02:00
jtyrrell-se-jboss
9673ce5541 Update OAuthRequestAuthenticator.java (#4427)
Removed a check for a 400 error, I was seeing a 403 error, and it wasn't until I rewrote the code to be like what is in line 334 I did not see enough meaningful information to figure out I had a /etc/hosts issue, where I had it locally on my machine, but the remote tomcat instance needed it also.
2017-09-12 08:24:36 +02:00
Bill Burke
2cadf0a260 Merge pull request #4454 from sebastienblanc/KEYCLOAK-3473
KEYCLOAK-3473 : add new flag to determine if error response must be sent or not
2017-09-11 18:52:07 -04:00
Bill Burke
9c48da2a78 Merge pull request #4417 from mgmeiner/master
KEYCLOAK-5329 async support for tomcat7 and tomcat8
2017-09-11 18:51:20 -04:00
sebastienblanc
aaac85e541 add new flag to determine if error response must be sent or not 2017-09-05 15:08:17 +02:00
Stian Thorgersen
463661b051 Set version to 3.4.0.CR1-SNAPSHOT 2017-08-28 15:46:22 +02:00
WITT-AD\Micgme
0a82a6b434 KEYCLOAK-5329 abstracted AuthenticatedActionsValve to allow async support for Tomcat7 and Tomcat8 adapter 2017-08-24 15:54:43 +02:00
Pedro Igor
b4530cfbe9 fixing policy enforcer /* 2017-08-23 13:30:24 -03:00
Pedro Igor
a6dfb4ccdd [KEYCLOAK-5015] - Support for Elytron capabilities in subsystem 2017-08-22 18:01:19 -03:00
Pedro Igor
d3e559453b [KEYCLOAK-5015] - Updating Elytron Adapters 2017-08-22 18:01:19 -03:00
Markus Heberling
ef32585f57 create JS source maps (#4365)
updated minify plugin to 1.7.6
switch minify plugin to use CLOSURE compiler
enable source map generation https://docs.google.com/document/d/1U1RGAehQwRypUTovF1KRlpiOFze0b-_2gc6fAH0KY0k
include source maps in distribution files
2017-08-22 08:10:09 +02:00
Stian Thorgersen
b5ed8961f7 Add title attribute for iframe to suppress accessibility errors (#4407) 2017-08-22 08:07:04 +02:00
Bill Burke
61ab6d5b8b Merge pull request #4303 from jmcshane/master
KEYCLOAK-5173 Spring Boot KeycloakRestTemplate support
2017-08-13 12:22:45 -04:00
Bill Burke
02f043d9a6 fix readme file 2017-07-28 16:21:33 -04:00
Bill Burke
852e9274d4 Merge remote-tracking branch 'upstream/master' 2017-07-28 16:15:53 -04:00
Bill Burke
db9b1bcb21 token exchange 2017-07-28 16:15:39 -04:00
c5403
ec89aab8fb Refactoring the spring-boot adapter to use the rest template customizer 2017-07-24 11:15:01 -05:00
Thomas Recloux
69fa9de4d8 Fix KEYCLOAK-3471 ClassCastException 2017-07-23 21:49:16 +02:00
Pedro Igor
5456514499 [KEYCLOAK-5015] - Pushing keycloak context to exchange scope 2017-07-19 16:39:38 -03:00
jmcshane
e99b08c6da Adding a instance of HttpComponentsClientHttpRequestFactory that supports the embedded servlet container auth pattern 2017-07-07 23:48:43 -05:00
Stian Thorgersen
9a9f4137e5 KEYCLOAK-4556 KEYCLOAK-5022 Only cache keycloak.js and iframe if specific version is requested (#4289) 2017-07-04 21:18:34 +02:00
Marek Posolda
09ec642543 Merge pull request #4232 from wvdhaute/token-store
[KEYCLOAK-5067] Allow refreshable context to have an optional adapter token store
2017-07-03 20:55:26 +02:00
Stian Thorgersen
454c5f4d83 Set version to 3.3.0.CR1-SNAPSHOT 2017-06-30 09:47:11 +02:00
Sebastien Blanc
500a21685f KEYCLOAK-5082 : Add new redirect-rewrite-rule parameters for the adapters (#4255)
* add rewrite rule config property

* add subsystem support for redirect rewrite

* update deployment unit test

* add license headers

* Optimize rewrite method
2017-06-29 12:50:42 +02:00
Stian Thorgersen
4be0e36306 Merge pull request #4208 from ASzc/KEYCLOAK-4758
KEYCLOAK-4758
2017-06-27 11:35:43 +02:00
Stian Thorgersen
b041146a3f Merge pull request #4200 from guigarage/servlet-config
KeycloakConfigResolver config for servlet filter
2017-06-27 10:45:29 +02:00
Stian Thorgersen
8e36a52f1e Merge pull request #4227 from sebastienblanc/KEYCLOAK-3492-rebased
KEYCLOAK-3492 : Changing request matcher to attempt auth on /sso/login or Auhtorizati…
2017-06-21 08:51:09 +02:00
Stian Thorgersen
9edb5b53c0 Merge pull request #4199 from guigarage/spring-security-annotation
Easy Spring security annotation
2017-06-21 08:47:17 +02:00
Wim Vandenhaute
0e0140d88b Allow refreshable context to have an optional adapter token store 2017-06-15 15:24:07 +02:00
Hendrik Ebbers
0ac92c4bfa new line in doc 2017-06-15 13:01:05 +02:00
Hendrik Ebbers
98a5c57e65 Author added 2017-06-15 13:00:24 +02:00
emilienbondu
91585f8563 Changing request matcher to attempt auth on /sso/login or Auhtorization header
Add default login URL.

Throwing exception if login fails to enable auth entry point

Adding a test for invalid token and bearer-only

handle redirect correctly
2017-06-14 14:41:35 +02:00
Alex Szczuczko
5d88c2b8be KEYCLOAK-4758 Update Encode class using latest resteasy. Use encodeQueryParamAsIs instead of encodeQueryParam when encoding key=value pairs for URI query sections. Also fix a few callers who were relying on the bad behaviour of queryParam. 2017-06-05 16:24:38 -06:00
Pedro Igor
d69d00082f [KEYCLOAK-4932] - Improvements to policy enforcer and better spring boot support 2017-06-01 22:55:58 -03:00
Hendrik Ebbers
4d5e03049e provide a custom KeycloakConfigResolver instance for servlet filter. 2017-06-01 14:35:12 +02:00
Hendrik Ebbers
7d017b4edf Easy Spring security annotation 2017-06-01 12:05:02 +02:00
Stian Thorgersen
63c237423d Merge pull request #4098 from ahus1/KEYCLOAK-4814-disable-keycloak-spring-boot-by-configuration
KEYCLOAK-4814 disable keycloak spring boot by configuration
2017-05-24 07:12:05 +02:00
Stian Thorgersen
cd53486566 Merge pull request #4167 from sebastienblanc/bug-KEYCLOAK-3492
Fix https://issues.jboss.org/browse/KEYCLOAK-3492
2017-05-23 13:58:19 +02:00
Stian Thorgersen
178fd08d9a Merge pull request #4066 from johnament/KEYCLOAK-4765
KEYCLOAK-4765 - Add ability to disable Query Parameter parsing.
2017-05-23 13:24:08 +02:00
emilienbondu
3580dea399 Fix https://issues.jboss.org/browse/KEYCLOAK-3492 2017-05-22 10:18:22 +02:00
Pedro Igor
b68494b3f0 [KEYCLOAK-4927] - Authz client incompatible with client definition 2017-05-18 09:57:12 -03:00
Marek Posolda
70d7e07526 Merge pull request #4132 from mposolda/cross-dc4-squash
KEYCLOAK-4626 KEYCLOAK-4627 Authentication sessions & Action tokens
2017-05-15 12:46:43 +02:00
Bill Burke
789722ec6a Merge pull request #4137 from pedroigor/master
Caching improvements and checking attachments in Elytron adapter
2017-05-12 10:09:44 -04:00
Pedro Igor
aaddb035a8 Checking if attachments are supported by the underlying container 2017-05-12 10:23:37 -03:00
mposolda
168153c6e7 KEYCLOAK-4626 Authentication sessions - SAML, offline tokens, broker logout and other fixes 2017-05-11 22:16:26 +02:00
Stan Silvert
64cd689e38 KEYCLOAK-4822: Change copyright to reflect correct author. 2017-05-10 16:32:05 -04:00
Stan Silvert
2d825dd366 KEYCLOAK-4822: Update to ES6-compatible typings 2017-05-05 15:08:23 -04:00
Stian Thorgersen
e0da7ed6b4 Merge pull request #4074 from sebastienblanc/allow_headers
Keycloak-3297 : adding cors-exposed-headers to conf
2017-05-05 12:54:47 +02:00
Marko Strukelj
47ea1ade8a KEYCLOAK-4037 JS Adapter fails in Cordova mode for iOS apps 2017-05-03 17:05:54 +02:00
Alexander Schwartz
5a8634e359 KEYCLOAK-4814 disable keycloak spring boot by configuration 2017-04-28 09:48:42 +02:00
sebastienblanc
dee4548798 rename the starter and spring-boot-starter 2017-04-27 15:54:44 +02:00
Stian Thorgersen
87dedb56e5 Set version to 3.2.0.CR1-SNAPSHOT 2017-04-27 14:23:03 +02:00
sebastienblanc
0781f3b33d add shading
add new module containing adapters

remove conditional bean

move bundle module
2017-04-27 09:15:36 +02:00
John Ament
b37ed7145c KEYCLOAK-4765 - Adding support for wildfly subsystem disable query parameter parsing. 2017-04-26 09:42:00 -04:00
Stian Thorgersen
eedb40bbe0 Merge pull request #4071 from stianst/KEYCLOAK-4784
KEYCLOAK-4784 Cannot build project with -Dproduct
2017-04-26 12:51:20 +02:00
Stian Thorgersen
c83e192a6f KEYCLOAK-4784 Add Jetty 9.3 to product profile 2017-04-26 12:07:47 +02:00
John Ament
1f98dc5527 KEYCLOAK-4765 - Simplified unit tests. 2017-04-25 20:38:07 -04:00
Pedro Igor
79c9078caa [KEYCLOAK-4792] - Client credentials provider support and making easier to obtain authz client 2017-04-25 14:51:45 -03:00
emilienbondu
46bc102799 adding cors-exposed-headers to conf
add missing field in the BaseAdapterConfig

cleaning for PR & adding unit test

Adding property to subsystem, removing formatting changes
2017-04-25 12:02:17 +02:00
John Ament
cb7cef8858 KEYCLOAK-4765 - Add ability to disable Query Parameter parsing. 2017-04-24 14:42:03 -04:00
Stian Thorgersen
3dbd0d5063 Merge pull request #3838 from ahus1/KEYCLOAK-4208-spring-boot-adapter-roles
KEYCLOAK-4208 restructure spring auth config to match servlet spec
2017-04-21 15:34:09 +02:00
Stian Thorgersen
257a973995 KEYCLOAK-4503 Require init with token and refreshToken 2017-04-21 13:39:53 +02:00
Stian Thorgersen
606c385f26 Merge pull request #4057 from stianst/KEYCLOAK-4480
KEYCLOAK-4480 Fix re-encoding of query params in keycloak.js after re…
2017-04-21 13:37:44 +02:00
Stian Thorgersen
e6486ab1c1 KEYCLOAK-4480 Fix re-encoding of query params in keycloak.js after redirect 2017-04-21 13:29:46 +02:00
Stian Thorgersen
b45089f5f0 Merge pull request #4033 from sebastienblanc/KEYCLOAK-3818
KEYCLOAK-3818 : safer method to retrieve the webcontext for jetty
2017-04-21 11:20:59 +02:00
Pedro Igor
fa1b998802 Merge pull request #4050 from pedroigor/KEYCLOAK-4769
[KEYCLOAK-4769] - Policy enforcer path matching tests
2017-04-20 14:02:59 -03:00
Pedro Igor
70a3dd1e4a [KEYCLOAK-4769] - Better error message when resource has no or invalid uri 2017-04-20 13:21:01 -03:00
Pedro Igor
80a80512ea [KEYCLOAK-4769] - Policy enforcer path matching tests 2017-04-20 13:21:01 -03:00
Alexander Schwartz
4d5fd0b75e KEYCLOAK-4208 restructure spring config to match servlet spec. updating jetty, tomcat and undertow 2017-04-20 12:52:13 +02:00
Stian Thorgersen
14b109da18 Merge pull request #4047 from stianst/KEYCLOAK-4287
KEYCLOAK-4287 Remove deprecated session iframe endpoint
2017-04-19 15:49:40 +02:00
Stian Thorgersen
8919015f74 KEYCLOAK-4287 Remove deprecated session iframe endpoint 2017-04-19 15:01:15 +02:00
Stian Thorgersen
c9630157e8 Merge pull request #4035 from sebastienblanc/KEYCLOAK-4486
KEYCLOAK-4486: add autodetect-bearer-only attribute in subsystem
2017-04-19 09:47:42 +02:00
Stian Thorgersen
e54c1d7de1 Merge pull request #4026 from mhajas/KEYCLOAK-4733
KEYCLOAK-4733 Replace character 160 with character 32
2017-04-18 15:21:23 +02:00
Pedro Igor
2a1a19f290 [KEYCLOAK-4751] - Send default access denied page when requests don't match any path config 2017-04-12 18:25:13 -03:00
sebastienblanc
886528dab8 add autodetect-bearer-only in subsystem 2017-04-12 16:40:19 +02:00
sebastienblanc
ea9c663ae1 try the registered beans , then the handler 2017-04-12 10:41:46 +02:00
sebastienblanc
a011f44d39 safer method to retrieve the webcontext for jetty 2017-04-11 18:53:58 +02:00