Commit graph

313 commits

Author SHA1 Message Date
Hendrik Ebbers
0ac92c4bfa new line in doc 2017-06-15 13:01:05 +02:00
Hendrik Ebbers
98a5c57e65 Author added 2017-06-15 13:00:24 +02:00
emilienbondu
91585f8563 Changing request matcher to attempt auth on /sso/login or Auhtorization header
Add default login URL.

Throwing exception if login fails to enable auth entry point

Adding a test for invalid token and bearer-only

handle redirect correctly
2017-06-14 14:41:35 +02:00
Alex Szczuczko
5d88c2b8be KEYCLOAK-4758 Update Encode class using latest resteasy. Use encodeQueryParamAsIs instead of encodeQueryParam when encoding key=value pairs for URI query sections. Also fix a few callers who were relying on the bad behaviour of queryParam. 2017-06-05 16:24:38 -06:00
Pedro Igor
d69d00082f [KEYCLOAK-4932] - Improvements to policy enforcer and better spring boot support 2017-06-01 22:55:58 -03:00
Hendrik Ebbers
4d5e03049e provide a custom KeycloakConfigResolver instance for servlet filter. 2017-06-01 14:35:12 +02:00
Hendrik Ebbers
7d017b4edf Easy Spring security annotation 2017-06-01 12:05:02 +02:00
Stian Thorgersen
63c237423d Merge pull request #4098 from ahus1/KEYCLOAK-4814-disable-keycloak-spring-boot-by-configuration
KEYCLOAK-4814 disable keycloak spring boot by configuration
2017-05-24 07:12:05 +02:00
Stian Thorgersen
cd53486566 Merge pull request #4167 from sebastienblanc/bug-KEYCLOAK-3492
Fix https://issues.jboss.org/browse/KEYCLOAK-3492
2017-05-23 13:58:19 +02:00
Stian Thorgersen
178fd08d9a Merge pull request #4066 from johnament/KEYCLOAK-4765
KEYCLOAK-4765 - Add ability to disable Query Parameter parsing.
2017-05-23 13:24:08 +02:00
emilienbondu
3580dea399 Fix https://issues.jboss.org/browse/KEYCLOAK-3492 2017-05-22 10:18:22 +02:00
Pedro Igor
b68494b3f0 [KEYCLOAK-4927] - Authz client incompatible with client definition 2017-05-18 09:57:12 -03:00
Marek Posolda
70d7e07526 Merge pull request #4132 from mposolda/cross-dc4-squash
KEYCLOAK-4626 KEYCLOAK-4627 Authentication sessions & Action tokens
2017-05-15 12:46:43 +02:00
Bill Burke
789722ec6a Merge pull request #4137 from pedroigor/master
Caching improvements and checking attachments in Elytron adapter
2017-05-12 10:09:44 -04:00
Pedro Igor
aaddb035a8 Checking if attachments are supported by the underlying container 2017-05-12 10:23:37 -03:00
mposolda
168153c6e7 KEYCLOAK-4626 Authentication sessions - SAML, offline tokens, broker logout and other fixes 2017-05-11 22:16:26 +02:00
Stan Silvert
64cd689e38 KEYCLOAK-4822: Change copyright to reflect correct author. 2017-05-10 16:32:05 -04:00
Stan Silvert
2d825dd366 KEYCLOAK-4822: Update to ES6-compatible typings 2017-05-05 15:08:23 -04:00
Stian Thorgersen
e0da7ed6b4 Merge pull request #4074 from sebastienblanc/allow_headers
Keycloak-3297 : adding cors-exposed-headers to conf
2017-05-05 12:54:47 +02:00
Marko Strukelj
47ea1ade8a KEYCLOAK-4037 JS Adapter fails in Cordova mode for iOS apps 2017-05-03 17:05:54 +02:00
Alexander Schwartz
5a8634e359 KEYCLOAK-4814 disable keycloak spring boot by configuration 2017-04-28 09:48:42 +02:00
sebastienblanc
dee4548798 rename the starter and spring-boot-starter 2017-04-27 15:54:44 +02:00
Stian Thorgersen
87dedb56e5 Set version to 3.2.0.CR1-SNAPSHOT 2017-04-27 14:23:03 +02:00
sebastienblanc
0781f3b33d add shading
add new module containing adapters

remove conditional bean

move bundle module
2017-04-27 09:15:36 +02:00
John Ament
b37ed7145c KEYCLOAK-4765 - Adding support for wildfly subsystem disable query parameter parsing. 2017-04-26 09:42:00 -04:00
Stian Thorgersen
eedb40bbe0 Merge pull request #4071 from stianst/KEYCLOAK-4784
KEYCLOAK-4784 Cannot build project with -Dproduct
2017-04-26 12:51:20 +02:00
Stian Thorgersen
c83e192a6f KEYCLOAK-4784 Add Jetty 9.3 to product profile 2017-04-26 12:07:47 +02:00
John Ament
1f98dc5527 KEYCLOAK-4765 - Simplified unit tests. 2017-04-25 20:38:07 -04:00
Pedro Igor
79c9078caa [KEYCLOAK-4792] - Client credentials provider support and making easier to obtain authz client 2017-04-25 14:51:45 -03:00
emilienbondu
46bc102799 adding cors-exposed-headers to conf
add missing field in the BaseAdapterConfig

cleaning for PR & adding unit test

Adding property to subsystem, removing formatting changes
2017-04-25 12:02:17 +02:00
John Ament
cb7cef8858 KEYCLOAK-4765 - Add ability to disable Query Parameter parsing. 2017-04-24 14:42:03 -04:00
Stian Thorgersen
3dbd0d5063 Merge pull request #3838 from ahus1/KEYCLOAK-4208-spring-boot-adapter-roles
KEYCLOAK-4208 restructure spring auth config to match servlet spec
2017-04-21 15:34:09 +02:00
Stian Thorgersen
257a973995 KEYCLOAK-4503 Require init with token and refreshToken 2017-04-21 13:39:53 +02:00
Stian Thorgersen
606c385f26 Merge pull request #4057 from stianst/KEYCLOAK-4480
KEYCLOAK-4480 Fix re-encoding of query params in keycloak.js after re…
2017-04-21 13:37:44 +02:00
Stian Thorgersen
e6486ab1c1 KEYCLOAK-4480 Fix re-encoding of query params in keycloak.js after redirect 2017-04-21 13:29:46 +02:00
Stian Thorgersen
b45089f5f0 Merge pull request #4033 from sebastienblanc/KEYCLOAK-3818
KEYCLOAK-3818 : safer method to retrieve the webcontext for jetty
2017-04-21 11:20:59 +02:00
Pedro Igor
fa1b998802 Merge pull request #4050 from pedroigor/KEYCLOAK-4769
[KEYCLOAK-4769] - Policy enforcer path matching tests
2017-04-20 14:02:59 -03:00
Pedro Igor
70a3dd1e4a [KEYCLOAK-4769] - Better error message when resource has no or invalid uri 2017-04-20 13:21:01 -03:00
Pedro Igor
80a80512ea [KEYCLOAK-4769] - Policy enforcer path matching tests 2017-04-20 13:21:01 -03:00
Alexander Schwartz
4d5fd0b75e KEYCLOAK-4208 restructure spring config to match servlet spec. updating jetty, tomcat and undertow 2017-04-20 12:52:13 +02:00
Stian Thorgersen
14b109da18 Merge pull request #4047 from stianst/KEYCLOAK-4287
KEYCLOAK-4287 Remove deprecated session iframe endpoint
2017-04-19 15:49:40 +02:00
Stian Thorgersen
8919015f74 KEYCLOAK-4287 Remove deprecated session iframe endpoint 2017-04-19 15:01:15 +02:00
Stian Thorgersen
c9630157e8 Merge pull request #4035 from sebastienblanc/KEYCLOAK-4486
KEYCLOAK-4486: add autodetect-bearer-only attribute in subsystem
2017-04-19 09:47:42 +02:00
Stian Thorgersen
e54c1d7de1 Merge pull request #4026 from mhajas/KEYCLOAK-4733
KEYCLOAK-4733 Replace character 160 with character 32
2017-04-18 15:21:23 +02:00
Pedro Igor
2a1a19f290 [KEYCLOAK-4751] - Send default access denied page when requests don't match any path config 2017-04-12 18:25:13 -03:00
sebastienblanc
886528dab8 add autodetect-bearer-only in subsystem 2017-04-12 16:40:19 +02:00
sebastienblanc
ea9c663ae1 try the registered beans , then the handler 2017-04-12 10:41:46 +02:00
sebastienblanc
a011f44d39 safer method to retrieve the webcontext for jetty 2017-04-11 18:53:58 +02:00
mhajas
e8bbfd9012 KEYCLOAK-4733 Replace character 160 with character 32 2017-04-07 15:30:54 +02:00
Bill Burke
3ce0c57e17 Merge pull request #3831 from Hitachi/master
KEYCLOAK-2604 Proof Key for Code Exchange by OAuth Public Clients
2017-04-06 15:36:08 -04:00
Stian Thorgersen
f0b44ea93b KEYCLOAK-4717 Added extra check for data content in receive message for session iframe 2017-04-06 08:49:32 +02:00
diego0020
a82278dcbf Verify message comes from loginIframe
In the current implementation a message coming from any window on the same origin may cause the refresh token to be cleared.
In my case, messages generated by a chrome extension were causing the application to logout unexpectedly. With additional condition only messages coming from the login iFrame will be processed. Another suggestion would be changing the condition `event.data != "unchanged"` to something more specific.
2017-04-04 16:32:21 -05:00
Stian Thorgersen
0180d54dd9 KEYCLOAK-4668 Exclude modules in product profile 2017-03-28 10:04:20 +02:00
Takashi Norimatsu
ef3aef9381 Merge branch 'master' into master 2017-03-28 16:21:40 +09:00
Bill Burke
e5a2642e62 Merge pull request #3978 from pedroigor/KEYCLOAK-3573
[KEYCLOAK-3573] - Elytron SAML and OIDC Adapters
2017-03-25 19:24:42 -04:00
Stian Thorgersen
3ce8da0126 Merge pull request #3976 from stianst/KEYCLOAK-3250-PROD-PROFILE
KEYCLOAK-4659 Changes to adapters for product profile
2017-03-24 15:34:35 +01:00
Pedro Igor
30d7a5b01f [KEYCLOAK-3573] - Elytron SAML and OIDC Adapters 2017-03-24 11:32:08 -03:00
Stian Thorgersen
5d028205bf KEYCLOAK-4659 Changes to adapters for product profile 2017-03-24 12:07:21 +01:00
Stian Thorgersen
fc009969c9 Merge pull request #3971 from ssilvert/KEYCLOAK-4396-ng2-wrapper
KEYCLOAK-4396: Add keycloak.d.ts for TypeScript
2017-03-23 14:12:03 +01:00
Stan Silvert
e2970fcf8a KEYCLOAK-4396: Add keycloak.d.ts for TypeScript 2017-03-20 12:42:26 -04:00
Pedro Igor
258af94889 Delegating caching of resource instances to to path matcher 2017-03-17 09:35:19 -03:00
Pedro Igor
dabd7c0b27 [KEYCLOAK-4602] - Improving pattern matching algorithm 2017-03-17 09:34:52 -03:00
Pedro Igor
f6786e29c6 [KEYCLOAK-4602] - A runtime cache for path configurations 2017-03-17 09:34:16 -03:00
Stian Thorgersen
a87ee04024 Bump to 3.1.0.CR1-SNAPSHOT 2017-03-16 14:21:40 +01:00
Stian Thorgersen
f44405207b Merge pull request #3828 from wildloop/master
verifySSL() - debug info
2017-03-15 09:55:42 +01:00
wildloop
80c9e23282 Update RequestAuthenticator.java 2017-03-15 09:14:48 +01:00
wildloop
366dee6575 Update RequestAuthenticator.java 2017-03-15 09:13:41 +01:00
wildloop
d723c608d6 Update RequestAuthenticator.java 2017-03-14 11:36:57 +01:00
Stian Thorgersen
a555f99b1a Merge pull request #3937 from sebastienblanc/document_sb_properties
KEYCLOAK-4565 : javadoc for adapter properties and add metada generator
2017-03-14 10:19:34 +01:00
sebastienblanc
68da8c23ad KEYCLOAK-4565 : javadoc for adapter properties and add metada generator 2017-03-10 18:13:19 +01:00
wildloop
7904ce5a37 one-line debug log 2017-03-07 16:01:13 +01:00
Rene Ploetz
e770a05db0
KEYCLOAK-4537 Jetty 9.4 implementation (OIDC/SAML) 2017-03-06 23:01:24 +01:00
mposolda
f6bc0806d5 KEYCLOAK-4368 Switch default WebDriver impl to htmlUnit 2017-02-20 21:52:15 +01:00
Stian Thorgersen
aa59c2f95f KEYCLOAK-4394 Use JBoss logging 2017-02-15 09:05:42 +01:00
mposolda
72a5d03f34 KEYCLOAK-4385 Added BundleBasedKeycloakConfigResolver 2017-02-06 21:24:20 +01:00
Takashi Norimatsu
fe5fe4c968 KEYCLOAK-2604 Proof Key for Code Exchange by OAuth Public Clients - RFC
7636 - Client Side Implementation
2017-02-03 12:02:54 +09:00
Agile Developer
d60c3b7c0c missing import 2017-02-03 00:47:41 +01:00
Agile Developer
cde3e87ad9 verifySSL() - debug info
DEBUG report like this:

SSL Verification: 
		passed: true, request is secure: true, 
		SSL is required for: EXTERNAL, 
		SSL is required for remote addr 192.168.100.123: false
2017-02-02 21:18:14 +01:00
Stian Thorgersen
9aa2dacec9 KEYCLOAK-4366 Issues when keycloak.js is initialized with token 2017-02-02 10:57:03 +01:00
Stian Thorgersen
ee62c52543 KEYCLOAK-4338 KEYCLOAK-4331 Fixes to session iframe 2017-02-02 08:12:29 +01:00
Stian Thorgersen
6f22f88d85 Bump version to 3.0.0.CR1 2017-01-26 06:18:11 +01:00
Stian Thorgersen
d1e491d57d KEYCLOAK-4286 Add deprecated support for old keycloak.js 2017-01-25 15:59:43 +01:00
Pedro Igor
13e92cdb35 [KEYCLOAK-3261] - Properly handle apps deployed at the ROOT context 2017-01-23 21:27:43 -02:00
Slawomir Dabek
cc788cf44e KEYCLOAK-4222 Remove slash from state parameter 2017-01-19 20:11:18 +01:00
Bill Burke
41630d6962 Merge pull request #3727 from hmlnarik/KEYCLOAK-4141
KEYCLOAK-4141
2017-01-12 08:49:29 -05:00
Stian Thorgersen
139e12fa5f KEYCLOAK-4179 Fixed logic to init with token to prevent issues with timeSkew 2017-01-10 09:09:50 +01:00
Hynek Mlnarik
4df70c517d KEYCLOAK-4141 2017-01-10 09:02:36 +01:00
Stian Thorgersen
e805ffd945 Bump version to 2.5.1.Final-SNAPSHOT 2016-12-22 08:22:18 +01:00
Stian Thorgersen
b6b3c04400 Merge pull request #3663 from sldab/autodetect-bearer-only
KEYCLOAK-2962 Autodetect bearer-only clients
2016-12-20 14:05:25 +01:00
Pedro Igor
18b94a2153 [KEYCLOAK-4034] - More logging. 2016-12-20 00:04:59 -02:00
Pedro Igor
0b3e867362 [KEYCLOAK-4034] - Minor changes to policy enforcer 2016-12-19 23:44:51 -02:00
Slawomir Dabek
b6d29ccd30 KEYCLOAK-2962 Autodetect bearrer-only clients
Suport more headers
2016-12-19 17:13:14 +01:00
mposolda
8c99a13387 Minor synchronize update 2016-12-12 13:09:19 +01:00
mhajas
081958e282 KEYCLOAK-4051 Use debug instead of debugf 2016-12-08 09:42:52 +01:00
Bill Burke
7271fdaaaa KEYCLOAK-3509 2016-12-06 18:52:37 -05:00
Bill Burke
e3d0f8f6e5 Merge pull request #3548 from sebastienblanc/KEYCLOAK-3725
KEYCLOAK-3725: return Unauthorized when accessing bearer only in inte…
2016-12-03 13:46:52 -05:00
danren
87b243ed59 Fix for KEYCLOAK-3961 2016-12-02 13:30:53 +01:00
mposolda
74967737ee KEYCLOAK-3824 Ensure sending notBefore invalidates JWKPublicKeyLocator 2016-12-01 17:07:50 +01:00
mposolda
a38544796f KEYCLOAK-3823 KEYCLOAK-3824 Added public-key-cache-ttl for OIDC adapters. Invalidate cache when notBefore sent 2016-12-01 12:25:07 +01:00
Stian Thorgersen
c9cf7f6564 Merge pull request #3549 from RamonGebben/patch-1
KEYCLOAK-3993: Removed compare bug in `checkState` function
2016-12-01 07:57:29 +01:00