jmcshane
e99b08c6da
Adding a instance of HttpComponentsClientHttpRequestFactory that supports the embedded servlet container auth pattern
2017-07-07 23:48:43 -05:00
Stian Thorgersen
9a9f4137e5
KEYCLOAK-4556 KEYCLOAK-5022 Only cache keycloak.js and iframe if specific version is requested ( #4289 )
2017-07-04 21:18:34 +02:00
Marek Posolda
09ec642543
Merge pull request #4232 from wvdhaute/token-store
...
[KEYCLOAK-5067] Allow refreshable context to have an optional adapter token store
2017-07-03 20:55:26 +02:00
Stian Thorgersen
454c5f4d83
Set version to 3.3.0.CR1-SNAPSHOT
2017-06-30 09:47:11 +02:00
hmlnarik
b4ad69b841
KEYCLOAK-5115 ( #4272 )
2017-06-29 15:50:50 +02:00
Sebastien Blanc
500a21685f
KEYCLOAK-5082 : Add new redirect-rewrite-rule parameters for the adapters ( #4255 )
...
* add rewrite rule config property
* add subsystem support for redirect rewrite
* update deployment unit test
* add license headers
* Optimize rewrite method
2017-06-29 12:50:42 +02:00
Stian Thorgersen
4be0e36306
Merge pull request #4208 from ASzc/KEYCLOAK-4758
...
KEYCLOAK-4758
2017-06-27 11:35:43 +02:00
Stian Thorgersen
b041146a3f
Merge pull request #4200 from guigarage/servlet-config
...
KeycloakConfigResolver config for servlet filter
2017-06-27 10:45:29 +02:00
Stian Thorgersen
cc14c5db23
Merge pull request #4239 from frelibert/KEYCLOAK-4897
...
KEYCLOAK-4897 SAML Adapter fails to validate signature on assertion
2017-06-22 08:45:04 +02:00
Stian Thorgersen
8e36a52f1e
Merge pull request #4227 from sebastienblanc/KEYCLOAK-3492-rebased
...
KEYCLOAK-3492 : Changing request matcher to attempt auth on /sso/login or Auhtorizati…
2017-06-21 08:51:09 +02:00
Stian Thorgersen
9edb5b53c0
Merge pull request #4199 from guigarage/spring-security-annotation
...
Easy Spring security annotation
2017-06-21 08:47:17 +02:00
Frederik Libert
63d2d0f7ed
KEYCLOAK-4897 SAML Adapter fails to validate signature on assertion
2017-06-19 18:26:17 +02:00
Wim Vandenhaute
0e0140d88b
Allow refreshable context to have an optional adapter token store
2017-06-15 15:24:07 +02:00
Hendrik Ebbers
0ac92c4bfa
new line in doc
2017-06-15 13:01:05 +02:00
Hendrik Ebbers
98a5c57e65
Author added
2017-06-15 13:00:24 +02:00
emilienbondu
91585f8563
Changing request matcher to attempt auth on /sso/login or Auhtorization header
...
Add default login URL.
Throwing exception if login fails to enable auth entry point
Adding a test for invalid token and bearer-only
handle redirect correctly
2017-06-14 14:41:35 +02:00
Stian Thorgersen
6cccd66162
Merge pull request #4192 from hokuda/KEYCLOAK-4980
...
KEYCLOAK-4980 SAML adapter should return 403 when unauthenticated Aja…
2017-06-09 04:40:26 +02:00
Hisanobu Okuda
9135ba7c40
KEYCLOAK-4980 SAML adapter should return 401 when unauthenticated Ajax client accesses
2017-06-08 23:36:25 +09:00
Alex Szczuczko
5d88c2b8be
KEYCLOAK-4758 Update Encode class using latest resteasy. Use encodeQueryParamAsIs instead of encodeQueryParam when encoding key=value pairs for URI query sections. Also fix a few callers who were relying on the bad behaviour of queryParam.
2017-06-05 16:24:38 -06:00
Pedro Igor
d69d00082f
[KEYCLOAK-4932] - Improvements to policy enforcer and better spring boot support
2017-06-01 22:55:58 -03:00
Hendrik Ebbers
4d5e03049e
provide a custom KeycloakConfigResolver instance for servlet filter.
2017-06-01 14:35:12 +02:00
Hendrik Ebbers
7d017b4edf
Easy Spring security annotation
2017-06-01 12:05:02 +02:00
Stian Thorgersen
63c237423d
Merge pull request #4098 from ahus1/KEYCLOAK-4814-disable-keycloak-spring-boot-by-configuration
...
KEYCLOAK-4814 disable keycloak spring boot by configuration
2017-05-24 07:12:05 +02:00
Stian Thorgersen
c00a64208a
Merge pull request #4136 from frelibert/KEYCLOAK-4897
...
KEYCLOAK-4897
2017-05-23 14:10:34 +02:00
Stian Thorgersen
cd53486566
Merge pull request #4167 from sebastienblanc/bug-KEYCLOAK-3492
...
Fix https://issues.jboss.org/browse/KEYCLOAK-3492
2017-05-23 13:58:19 +02:00
Stian Thorgersen
178fd08d9a
Merge pull request #4066 from johnament/KEYCLOAK-4765
...
KEYCLOAK-4765 - Add ability to disable Query Parameter parsing.
2017-05-23 13:24:08 +02:00
emilienbondu
3580dea399
Fix https://issues.jboss.org/browse/KEYCLOAK-3492
2017-05-22 10:18:22 +02:00
Pedro Igor
b68494b3f0
[KEYCLOAK-4927] - Authz client incompatible with client definition
2017-05-18 09:57:12 -03:00
Frederik Libert
71f0db0837
KEYCLOAK-4897
...
SAML Adapter fails to validate signature on encrypted assertion.
2017-05-17 15:47:04 +02:00
Marek Posolda
70d7e07526
Merge pull request #4132 from mposolda/cross-dc4-squash
...
KEYCLOAK-4626 KEYCLOAK-4627 Authentication sessions & Action tokens
2017-05-15 12:46:43 +02:00
Bill Burke
789722ec6a
Merge pull request #4137 from pedroigor/master
...
Caching improvements and checking attachments in Elytron adapter
2017-05-12 10:09:44 -04:00
Pedro Igor
aaddb035a8
Checking if attachments are supported by the underlying container
2017-05-12 10:23:37 -03:00
mposolda
168153c6e7
KEYCLOAK-4626 Authentication sessions - SAML, offline tokens, broker logout and other fixes
2017-05-11 22:16:26 +02:00
Stan Silvert
64cd689e38
KEYCLOAK-4822: Change copyright to reflect correct author.
2017-05-10 16:32:05 -04:00
Stan Silvert
2d825dd366
KEYCLOAK-4822: Update to ES6-compatible typings
2017-05-05 15:08:23 -04:00
Stian Thorgersen
e0da7ed6b4
Merge pull request #4074 from sebastienblanc/allow_headers
...
Keycloak-3297 : adding cors-exposed-headers to conf
2017-05-05 12:54:47 +02:00
Marko Strukelj
47ea1ade8a
KEYCLOAK-4037 JS Adapter fails in Cordova mode for iOS apps
2017-05-03 17:05:54 +02:00
Alexander Schwartz
5a8634e359
KEYCLOAK-4814 disable keycloak spring boot by configuration
2017-04-28 09:48:42 +02:00
sebastienblanc
dee4548798
rename the starter and spring-boot-starter
2017-04-27 15:54:44 +02:00
Stian Thorgersen
87dedb56e5
Set version to 3.2.0.CR1-SNAPSHOT
2017-04-27 14:23:03 +02:00
sebastienblanc
0781f3b33d
add shading
...
add new module containing adapters
remove conditional bean
move bundle module
2017-04-27 09:15:36 +02:00
John Ament
b37ed7145c
KEYCLOAK-4765 - Adding support for wildfly subsystem disable query parameter parsing.
2017-04-26 09:42:00 -04:00
Stian Thorgersen
7c2ea4db98
Merge pull request #4080 from hmlnarik/KEYCLOAK-2122-Config-of-AssertionConsumerServiceUrl-in-Saml-Adapter
...
KEYCLOAK-2122 Configuration of AssertionConsumerServiceUrl in SAML adapter
2017-04-26 15:26:50 +02:00
Stian Thorgersen
eedb40bbe0
Merge pull request #4071 from stianst/KEYCLOAK-4784
...
KEYCLOAK-4784 Cannot build project with -Dproduct
2017-04-26 12:51:20 +02:00
Stian Thorgersen
c83e192a6f
KEYCLOAK-4784 Add Jetty 9.3 to product profile
2017-04-26 12:07:47 +02:00
Hynek Mlnarik
d7615d6a68
KEYCLOAK-2122 Configuration of AssertionConsumerServiceUrl in SAML adapter
2017-04-26 11:59:37 +02:00
John Ament
1f98dc5527
KEYCLOAK-4765 - Simplified unit tests.
2017-04-25 20:38:07 -04:00
Pedro Igor
79c9078caa
[KEYCLOAK-4792] - Client credentials provider support and making easier to obtain authz client
2017-04-25 14:51:45 -03:00
emilienbondu
46bc102799
adding cors-exposed-headers to conf
...
add missing field in the BaseAdapterConfig
cleaning for PR & adding unit test
Adding property to subsystem, removing formatting changes
2017-04-25 12:02:17 +02:00
John Ament
cb7cef8858
KEYCLOAK-4765 - Add ability to disable Query Parameter parsing.
2017-04-24 14:42:03 -04:00
Stian Thorgersen
3dbd0d5063
Merge pull request #3838 from ahus1/KEYCLOAK-4208-spring-boot-adapter-roles
...
KEYCLOAK-4208 restructure spring auth config to match servlet spec
2017-04-21 15:34:09 +02:00
Stian Thorgersen
257a973995
KEYCLOAK-4503 Require init with token and refreshToken
2017-04-21 13:39:53 +02:00
Stian Thorgersen
606c385f26
Merge pull request #4057 from stianst/KEYCLOAK-4480
...
KEYCLOAK-4480 Fix re-encoding of query params in keycloak.js after re…
2017-04-21 13:37:44 +02:00
Stian Thorgersen
e6486ab1c1
KEYCLOAK-4480 Fix re-encoding of query params in keycloak.js after redirect
2017-04-21 13:29:46 +02:00
Stian Thorgersen
b45089f5f0
Merge pull request #4033 from sebastienblanc/KEYCLOAK-3818
...
KEYCLOAK-3818 : safer method to retrieve the webcontext for jetty
2017-04-21 11:20:59 +02:00
Pedro Igor
fa1b998802
Merge pull request #4050 from pedroigor/KEYCLOAK-4769
...
[KEYCLOAK-4769] - Policy enforcer path matching tests
2017-04-20 14:02:59 -03:00
Pedro Igor
70a3dd1e4a
[KEYCLOAK-4769] - Better error message when resource has no or invalid uri
2017-04-20 13:21:01 -03:00
Pedro Igor
80a80512ea
[KEYCLOAK-4769] - Policy enforcer path matching tests
2017-04-20 13:21:01 -03:00
Alexander Schwartz
4d5fd0b75e
KEYCLOAK-4208 restructure spring config to match servlet spec. updating jetty, tomcat and undertow
2017-04-20 12:52:13 +02:00
Stian Thorgersen
14b109da18
Merge pull request #4047 from stianst/KEYCLOAK-4287
...
KEYCLOAK-4287 Remove deprecated session iframe endpoint
2017-04-19 15:49:40 +02:00
Stian Thorgersen
8919015f74
KEYCLOAK-4287 Remove deprecated session iframe endpoint
2017-04-19 15:01:15 +02:00
Stian Thorgersen
c9630157e8
Merge pull request #4035 from sebastienblanc/KEYCLOAK-4486
...
KEYCLOAK-4486: add autodetect-bearer-only attribute in subsystem
2017-04-19 09:47:42 +02:00
Stian Thorgersen
e54c1d7de1
Merge pull request #4026 from mhajas/KEYCLOAK-4733
...
KEYCLOAK-4733 Replace character 160 with character 32
2017-04-18 15:21:23 +02:00
Pedro Igor
2a1a19f290
[KEYCLOAK-4751] - Send default access denied page when requests don't match any path config
2017-04-12 18:25:13 -03:00
sebastienblanc
886528dab8
add autodetect-bearer-only in subsystem
2017-04-12 16:40:19 +02:00
sebastienblanc
ea9c663ae1
try the registered beans , then the handler
2017-04-12 10:41:46 +02:00
sebastienblanc
a011f44d39
safer method to retrieve the webcontext for jetty
2017-04-11 18:53:58 +02:00
mhajas
e8bbfd9012
KEYCLOAK-4733 Replace character 160 with character 32
2017-04-07 15:30:54 +02:00
Bill Burke
3ce0c57e17
Merge pull request #3831 from Hitachi/master
...
KEYCLOAK-2604 Proof Key for Code Exchange by OAuth Public Clients
2017-04-06 15:36:08 -04:00
Stian Thorgersen
f0b44ea93b
KEYCLOAK-4717 Added extra check for data content in receive message for session iframe
2017-04-06 08:49:32 +02:00
diego0020
a82278dcbf
Verify message comes from loginIframe
...
In the current implementation a message coming from any window on the same origin may cause the refresh token to be cleared.
In my case, messages generated by a chrome extension were causing the application to logout unexpectedly. With additional condition only messages coming from the login iFrame will be processed. Another suggestion would be changing the condition `event.data != "unchanged"` to something more specific.
2017-04-04 16:32:21 -05:00
Stian Thorgersen
0180d54dd9
KEYCLOAK-4668 Exclude modules in product profile
2017-03-28 10:04:20 +02:00
Takashi Norimatsu
ef3aef9381
Merge branch 'master' into master
2017-03-28 16:21:40 +09:00
Bill Burke
e5a2642e62
Merge pull request #3978 from pedroigor/KEYCLOAK-3573
...
[KEYCLOAK-3573] - Elytron SAML and OIDC Adapters
2017-03-25 19:24:42 -04:00
Stian Thorgersen
3ce8da0126
Merge pull request #3976 from stianst/KEYCLOAK-3250-PROD-PROFILE
...
KEYCLOAK-4659 Changes to adapters for product profile
2017-03-24 15:34:35 +01:00
Pedro Igor
30d7a5b01f
[KEYCLOAK-3573] - Elytron SAML and OIDC Adapters
2017-03-24 11:32:08 -03:00
Stian Thorgersen
5d028205bf
KEYCLOAK-4659 Changes to adapters for product profile
2017-03-24 12:07:21 +01:00
Stian Thorgersen
fc009969c9
Merge pull request #3971 from ssilvert/KEYCLOAK-4396-ng2-wrapper
...
KEYCLOAK-4396: Add keycloak.d.ts for TypeScript
2017-03-23 14:12:03 +01:00
Stan Silvert
e2970fcf8a
KEYCLOAK-4396: Add keycloak.d.ts for TypeScript
2017-03-20 12:42:26 -04:00
Pedro Igor
258af94889
Delegating caching of resource instances to to path matcher
2017-03-17 09:35:19 -03:00
Pedro Igor
dabd7c0b27
[KEYCLOAK-4602] - Improving pattern matching algorithm
2017-03-17 09:34:52 -03:00
Pedro Igor
f6786e29c6
[KEYCLOAK-4602] - A runtime cache for path configurations
2017-03-17 09:34:16 -03:00
Stian Thorgersen
a87ee04024
Bump to 3.1.0.CR1-SNAPSHOT
2017-03-16 14:21:40 +01:00
Stian Thorgersen
f44405207b
Merge pull request #3828 from wildloop/master
...
verifySSL() - debug info
2017-03-15 09:55:42 +01:00
Stian Thorgersen
feeac69197
Merge pull request #3888 from daklassen/KEYCLOAK-4421
...
KEYCLOAK-4421 Change any http maven urls to https to reduce build-time MITM vulnerability
2017-03-15 09:54:21 +01:00
wildloop
80c9e23282
Update RequestAuthenticator.java
2017-03-15 09:14:48 +01:00
wildloop
366dee6575
Update RequestAuthenticator.java
2017-03-15 09:13:41 +01:00
wildloop
d723c608d6
Update RequestAuthenticator.java
2017-03-14 11:36:57 +01:00
Stian Thorgersen
a555f99b1a
Merge pull request #3937 from sebastienblanc/document_sb_properties
...
KEYCLOAK-4565 : javadoc for adapter properties and add metada generator
2017-03-14 10:19:34 +01:00
David Klassen
32d3f760ec
KEYCLOAK-4421: Change http url to https
...
Change any http maven urls to https to reduce build-time MITM vulnerability
2017-03-14 10:18:40 +01:00
sebastienblanc
68da8c23ad
KEYCLOAK-4565 : javadoc for adapter properties and add metada generator
2017-03-10 18:13:19 +01:00
Bill Burke
0ff4223184
Merge pull request #3922 from hmlnarik/KEYCLOAK-4288-SAML-logouts-are-not-invalidating-the-sessions-for-all-the-logged-in-applications
...
KEYCLOAK-4288 Invalidate sessions in cluster for SAML logouts
2017-03-09 19:13:37 -05:00
wildloop
7904ce5a37
one-line debug log
2017-03-07 16:01:13 +01:00
Rene Ploetz
e770a05db0
KEYCLOAK-4537 Jetty 9.4 implementation (OIDC/SAML)
2017-03-06 23:01:24 +01:00
Hynek Mlnarik
3a0c2be885
KEYCLOAK-4288 AS 7 / EAP 6
2017-03-01 15:17:39 +01:00
Hynek Mlnarik
04da679628
KEYCLOAK-4288 Wildfly
2017-03-01 15:17:39 +01:00
Hynek Mlnarik
43be3fc409
KEYCLOAK-4288 Use SessionListener to keep track of local HTTP-SSO session mappings
2017-03-01 15:17:39 +01:00
Hynek Mlnarik
567393a102
KEYCLOAK-4288 Fix SAML logout session for Tomcat/EAP6
...
When logging out via application (via ?GLO=true query parameter),
CatalineSamlSessionStore does not expire session, while it does that
in logging by SAML session index.
This causes distributed sessions being invalidated only on node hanling
the request, but remains active in other nodes of the cluster. Then the
session can be resurrected on next cache replication back even to the
node where the logout was performed. This behaviour is fixed here.
2017-03-01 15:17:39 +01:00
mposolda
f6bc0806d5
KEYCLOAK-4368 Switch default WebDriver impl to htmlUnit
2017-02-20 21:52:15 +01:00
Stian Thorgersen
aa59c2f95f
KEYCLOAK-4394 Use JBoss logging
2017-02-15 09:05:42 +01:00