Pedro Igor
6acb87bd7a
[KEYCLOAK-10822] - Prevent access to users from another realm
2019-10-21 10:32:50 +02:00
Pedro Igor
17785dac08
[KEYCLOAK-10714] - Add filtering support in My Resources endpoint by name
2019-10-16 16:26:55 +02:00
Hynek Mlnarik
9d685a2c47
KEYCLOAK-11558 Fix unique constraint violation in PartialImportTest
...
(cherry picked from commit 672703cbc1320466d37761c4cb0d46c5dd0ce0f1)
2019-10-14 14:40:20 +02:00
Takashi Norimatsu
7c75546eac
KEYCLOAK-9360 Two factor authentication with W3C Web Authentication - 1st impl phase
...
* KEYCLOAK-9360 Two factor authentication with W3C Web Authentication - 1st impl phase
2019-10-01 15:17:38 +02:00
Kohei Tamura
c68afdab83
KEYCLOAK-7547 Change log level of a message when deleting user
...
When deleting a user (who has not failed to log in yet if Brute Force Detection is not enabled), the following message is always recorded:
{noformat}
10:34:15,101 WARN [org.keycloak.models.sessions.infinispan.changes.InfinispanChangelogBasedTransaction] (default task-7) Not present cache item for key LoginFailureKey [ realmId=568c76c7-9308-4d84-bfc1-ec3542deaf02. userId=4c011785-a39a-43bf-b0c1-43c63decf2f1 ]
{noformat}
This is noisy and should not be logged at warning level.
2019-09-20 11:37:30 +02:00
Jan Lieskovsky
cfb225b499
[KEYCLOAK-8253] Improve the time complexity of LDAP groups synchronization
...
(in the direction from LDAP provider to Keycloak) from exponential to
linear time in the case of syncing flat LDAP groups structure
Add a corresponding test (intentionally configured as to be ignored
by CI/CD due to higher demand on time, required fo the test completion)
Signed-off-by: Jan Lieskovsky <jlieskov@redhat.com>
2019-09-12 09:54:13 +02:00
Hynek Mlnarik
9eb2e1d845
KEYCLOAK-11028 Use pessimistic locks to prevent DB deadlock when deleting objects
2019-09-09 10:57:49 +02:00
Pedro Igor
a1d8850373
[KEYCLOAK-7416] - Device Activity
2019-09-05 11:43:27 -03:00
Takashi Norimatsu
8225157a1c
KEYCLOAK-6768 Signed and Encrypted ID Token Support
2019-08-15 15:57:35 +02:00
Vlastimil Elias
4571f65d1e
KEYCLOAK-10209 - AuthenticationSessionModel made available through
...
KeycloakContext in KeycloakSession
2019-07-30 12:36:57 +02:00
Pedro Igor
967d21dbb5
[KEYCLOAK-10713] - Pagination to resources rest api
2019-07-29 16:19:22 -03:00
keycloak-bot
17e9832dc6
Set version to 8.0.0-SNAPSHOT
2019-07-19 19:05:03 +02:00
Hynek Mlnarik
04f266d381
KEYCLOAK-10744 Fix MariaDB cannot create database
2019-07-18 13:59:49 +02:00
Martin Kanis
efdf0f1bd8
KEYCLOAK-6839 You took too long to login after SSO idle
2019-07-10 10:15:26 +02:00
rmartinc
bd5dec1830
KEYCLOAK-10112: Issues in loading offline session in a cluster environment during startup
2019-07-03 13:17:45 +02:00
Pedro Igor
0cdd23763c
[KEYCLOAK-10443] - Define a global decision strategy for resource servers
2019-07-02 09:14:37 -03:00
Sebastian Loesch
c9fbed7eb8
KEYCLOAK-10545 Fix formatting error in log message
...
Fixes the formatting error
java.util.IllegalFormatConversionException: d != java.util.UUID
2019-06-26 10:22:15 +02:00
mposolda
c124aec586
KEYCLOAK-10262 DBLockTest.testLockConcurrently fails with MariaDB Galera 10.1
2019-06-24 11:23:18 +02:00
Pedro Igor
fdc0943a92
[KEYCLOAK-8060] - My Resources REST API
2019-06-11 14:23:26 -03:00
Pedro Igor
61eb94c674
[KEYCLOAK-8915] - Support resource type in authorization requests
2019-06-04 21:02:54 -03:00
skyfalke
0007bad6f3
KEYCLOAK-10393 Fix permission ticket pagination in Authz Client
...
KEYCLOAK-10393 Ensure idempotency of find method of permission ticket store
2019-05-29 09:43:54 -03:00
mduchrow
c80531dfa7
KEYCLOAK-9847 Checking user cache for being not null before using it
2019-05-15 15:47:03 +02:00
Hynek Mlnarik
835b2cf9c2
KEYCLOAK-9944 Add Primary Key Constraint into RESOURCE_URIS table
2019-05-13 12:43:23 +02:00
Sebastian Loesch
96250c9685
[KEYCLOAK-9573] Allow AdminEvents for custom resource types
2019-04-26 09:57:28 +01:00
mposolda
7a671052a3
KEYCLOAK-9988 Fix unstable UserSessionPersisterOfflineTest.testExpired. Adding ResetTimeOffsetEvent
2019-04-23 20:58:37 +02:00
keycloak-bot
49d4e935cb
Set version to 7.0.0-SNAPSHOT
2019-04-17 09:48:07 +01:00
mposolda
a8af51c7bb
KEYCLOAK-9988 Fix unstable UserSessionProviderOfflineTest.testExpired
2019-04-12 17:16:53 +02:00
Bekh-Ivanov George
ebcfeb20a3
[KEYCLOAK-10020] - Add ability to request user-managed (ticket) permissions by name
2019-04-12 08:44:57 -03:00
Axel Messinese
e18fb56389
KEYCLOAK-4978 Add endpoint to get groups by role
2019-03-15 06:00:17 +01:00
keycloak-bot
e843d84f6e
Set version to 6.0.0-SNAPSHOT
2019-03-06 15:54:08 +01:00
stianst
7ad02e7318
Fixes for releasing
2019-03-06 11:38:09 +01:00
Stefan Guilhen
9c34cc7365
[KEYCLOAK-9371] Fix premature termination of sessions when remember-me is in use
2019-02-27 15:08:50 +01:00
Hynek Mlnarik
37ef47d6ab
KEYCLOAK-9509 Upgrade to Wildfly 15
...
KEYCLOAK-9584 Update Wildfly Arquillian version
KEYCLOAK-9581: Fix CookiePathTests
KEYCLOAK-9607 CLI sripts and configuration files update
KEYCLOAK-9580 Fix component registration error
KEYCLOAK-9590 Update JDG to newest version
* Infinispan is using whatever version is set in root pom.xml.
KEYCLOAK-9509 Fix Undertow tests
Co-Authored-By: vramik <vramik@redhat.com>
Co-Authored-By: sebastienblanc <scm.blanc@gmail.com>
2019-02-25 08:56:46 +01:00
Gideon Caranzo
4cd617bc42
KEYCLOAK-8977 Added method to return KeycloakSession from RealmCreationEvent
2019-02-21 11:21:54 +01:00
stianst
e06c705ca8
Set version 5.0.0
2019-02-21 09:35:14 +01:00
Hynek Mlnarik
52840533c9
KEYCLOAK-9111 Fix for unhandled exception
2019-02-13 15:49:49 +01:00
Hynek Mlnarik
a74d6ab932
KEYCLOAK-9107 Fix NPE
2019-02-13 15:49:49 +01:00
Pedro Igor
885eec5ef2
[KEYCLOAK-8348] - Containerize database tests
2019-01-30 16:29:03 -02:00
vramik
c4a46a5591
KEYCLOAK-7677 KEYCLOAK-7723 fix version collision of httpclient
...
Co-authored-by: Pedro Igor <psilva@redhat.com>
2019-01-10 17:45:41 -02:00
stianst
7c9f15778a
Set version to 4.8.3.Final
2019-01-09 20:39:30 +01:00
stianst
7c4890152c
Set version to 4.8.2
2019-01-03 14:43:22 +01:00
mposolda
04445c8a23
KEYCLOAK-8904 Backpressure in RemoteCacheSessionsLoader
2018-12-10 22:49:43 +01:00
Stefan Guilhen
3462be857b
[KEYCLOAK-8835] Add missing not-null constraint to the new remember-me columns in the realm table
2018-12-07 11:32:30 +01:00
Pedro Igor
0c39eda8d2
[KECLOAK-8237] - Openshift Client Storage
2018-12-06 10:57:53 -02:00
stianst
b674c0d4d9
Prepare for 4.8.0.Final
2018-12-04 13:54:25 +01:00
Hynek Mlnarik
d395043fc7
KEYCLOAK-8707 Fix client template to scope migration
2018-11-22 15:07:47 +01:00
mposolda
6e93ca36af
KEYCLOAK-8519 OIDCScopeTest.testClientDisplayedOnConsentScreenWithEmptyConsentText failing on Oracle
2018-11-22 09:30:01 +01:00
mposolda
6db1f60e27
KEYCLOAK-7774 KEYCLOAK-8438 Errors when SSO authenticating to same client multiple times concurrently in more browser tabs
2018-11-21 21:51:32 +01:00
Takashi Norimatsu
0793234c19
KEYCLOAK-8460 Request Object Signature Verification Other Than RS256 ( #5603 )
...
* KEYCLOAK-8460 Request Object Signature Verification Other Than RS256
also support client signed signature verification by refactored token
verification mechanism
* KEYCLOAK-8460 Request Object Signature Verification Other Than RS256
incorporate feedbacks and refactor client public key loading mechanism
* KEYCLOAK-8460 Request Object Signature Verification Other Than RS256
unsigned request object not allowed
* KEYCLOAK-8460 Request Object Signature Verification Other Than RS256
revert to re-support "none"
2018-11-19 14:28:32 +01:00
Stefan Guilhen
a3d4612edd
KEYCLOAK-8854 Updated UserSessionPredicate.ExternalizerImpl to include the remember-me properties
2018-11-19 12:17:03 +01:00
mposolda
0533782d90
KEYCLOAK-7275 KEYCLOAK-5479 Faster offline sessions preloading at startup. Track lastSessionRefresh timestamps more properly by support bulk update to DB
2018-11-16 14:23:28 +01:00
Michael Gottlieb
3bdbbf41af
KEYCLOAK-8702:Fix Offline Sessions requires column
...
Prevent RemoveDuplicateOfflineSessions from running when migration to 3.2.0 has been run.
This prevents running when the database has already dropped CLIENT_SESSION_ID from OFFLINE_CLIENT_SESSION table.
This change unblocks migrating from 3.2.0 to 4.4.0 and later.
2018-11-16 12:03:57 +01:00
Leon Graser
85f11873c3
KEYCLOAK-8613 Group Membership Pagination
2018-11-15 17:54:07 +01:00
Thomas Darimont
cf57a1bc4b
KEYCLOAK-1267 Add dedicated SSO timeouts for Remember-Me
...
Previously remember-me sessions where tied to the SSO max session
timeout which could lead to unexpected early session timeouts.
We now allow SSO timeouts to be configured separately for sessions
with enabled remember-me. This enables users to opt-in for longer
session timeouts.
SSO session timeouts for remember-me can now be configured in the
tokens tab in the realm admin console. This new configuration is
optional and will tipically host values larger than the regular
max SSO timeouts. If no value is specified for remember-me timeouts
then the regular max SSO timeouts will be used.
Work based on PR https://github.com/keycloak/keycloak/pull/3161 by
Thomas Darimont <thomas.darimont@gmail.com>
2018-11-15 06:11:22 +01:00
stianst
ecd476fb10
Prepare for 4.7.0.Final
2018-11-14 20:10:59 +01:00
mposolda
1b5a83c4f1
KEYCLOAK-6980 Check if client_assertion was already used during signed JWT client authentication
2018-11-14 20:09:22 +01:00
Graser Leon
9ef4c7fffd
KEYCLOAK-8377 Role Attributes
2018-10-24 22:04:28 +02:00
Gideon Caranzo
7d85ce93bb
KEYCLOAK-8555 queried only realms with user storage provider to speed up user storage sync bootstrap
2018-10-19 09:53:58 +02:00
vramik
7a96911a83
KEYCLOAK-8300 KEYCLOAK-8301 Wildfly 14 upgrade
...
Co-authored-by: Marek Posolda <mposolda@redhat.com>
2018-10-17 20:01:07 +02:00
Pedro Igor
79ca722b49
[KEYCLOAK-7605] - Make sure Evaluation API is read-only
2018-10-09 08:09:29 -03:00
Hynek Mlnarik
7f1c03a122
KEYCLOAK-8462 Close delegates properly
2018-10-08 14:45:48 +02:00
Pedro Igor
b4b3527df7
[KEYCLOAK-7950] - Fixes user pagination when using filtering users members of groups
2018-10-02 15:44:23 -03:00
stianst
c3fc9e9815
Set version to 4.6.0.Final-SNAPSHOT
2018-09-26 20:58:41 +02:00
Pedro Igor
609c521c17
[KEYCLOAK-8281] - Deletion of client with token exchange policy leads to breaking errors
2018-09-18 18:58:45 -03:00
stianst
24e60747b6
KEYCLOAK-7560 Refactor token signature SPI PR
...
Also incorporates:
KEYCLOAK-6770 ES256/384/512 providers
KEYCLOAK-4622 Use HS256 for refresh tokens
KEYCLOAK-4623 Use HS256 for client reg tokens
2018-09-11 08:14:10 +02:00
Leon Graser
df22c4d613
changed user and resource entity to fetch mode select with batch size 20
2018-09-10 20:31:04 +02:00
stianst
1fb4ca4525
Set version to 4.5.0.Final
2018-09-06 20:08:02 +02:00
Hynek Mlnarik
5fe1905e4b
KEYCLOAK-6803 Prevent duplicating required actions in JPA user storage
2018-09-03 19:42:18 +02:00
Hynek Mlnarik
54b5ec206e
KEYCLOAK-8183 Improve authz caching for negative cases
2018-08-31 18:31:55 +02:00
Hynek Mlnarik
8a7a545628
KEYCLOAK-7944 Remove duplicate offline client sessions
2018-08-29 10:55:38 +02:00
Hynek Mlnarik
2077975b1c
KEYCLOAK-6411 Fix list of keywords on MySQL/MariaDB
2018-08-28 09:51:58 +02:00
mposolda
6fc99cd749
KEYCLOAK-7594 Upgrade to Wildfly 13. Cross-DC: Upgrade to infinispan server 9.2.4 and JDG 7.2
...
Co-authored-by: Douglas Palmer <dpalmer@redhat.com>
Co-authored-by: stianst <stianst@gmail.com>
Co-authored-by: Hynek Mlnarik <hmlnarik@redhat.com>
2018-08-27 12:52:53 +02:00
Stefan Guilhen
f36e45cb10
[KEYCLOAK-4902] - Using streams to process scopes and cache improvements
2018-08-14 06:29:10 -03:00
Stefan Guilhen
060b3b8d0f
[KEYCLOAK-4902] - Using streams when fetching resources
2018-08-09 16:28:31 -03:00
Pedro Igor
905fd3ae00
[KEYCLOAK-8003] - Migration to 4.2.1 extracting RESOURCE_URIs fails with fine-grained admin permissions
2018-08-08 11:00:25 +02:00
Pedro Igor
80e5227bcd
[KEYCLOAK-4902] - Refactoring and improvements to processing of authz requests
2018-08-07 10:53:40 -03:00
Hiroyuki Wada
263792a4ab
KEYCLOAK-7984 Fix migration issue
2018-08-02 14:58:20 +02:00
alva.huang
3380fdc119
[KEYCLOAK-7985] fix the table name error, from RESOURCE_URI to RESOURCE_URIS
...
Signed-off-by: alva.huang <alva@izhiju.cn>
2018-08-02 08:31:44 -03:00
mposolda
959cd035ba
Set version to 4.3.0.Final-SNAPSHOT
2018-08-01 22:40:05 +02:00
Hiroyuki Wada
7c0ca9aad2
KEYCLOAK-6313 Add required action's priority for customizing the execution order
2018-07-23 22:21:04 +02:00
mhajas
1308a3231d
KEYCLOAK-7931 Correct wrong JPA changelog filenames
2018-07-23 11:49:54 +02:00
mhajas
5aebc74f8c
KEYCLOAK-7269 Setting more uris for Authorization Resource
2018-07-11 17:48:34 -03:00
mposolda
d0a824dde4
Updating version to 4.2.0.Final-SNAPSHOT
2018-07-05 07:42:48 -04:00
mposolda
40d129cf54
KEYCLOAK-7489 Replace failed for entity repeats infinitely
2018-07-04 10:22:49 +02:00
mposolda
8c66f520af
KEYCLOAK-7745 JTA error if offline sessions can't be preloaded at startup within 5 minutes
2018-07-04 10:22:13 +02:00
Martin Kanis
0e2e867e4a
KEYCLOAK-5023 database migration fails if mysql schema name has hyphen
2018-06-27 10:11:09 +02:00
Takashi Norimatsu
2fb022e501
KEYCLOAK-7688 Offline Session Max for Offline Token
2018-06-26 08:25:06 +02:00
Martin Kanis
998227ac53
KEYCLOAK-5461 Upgrade to Liquibase 3.5.5
2018-06-22 13:20:10 +02:00
stianst
e1a0e581b9
Update to 4.1.0.Final-SNAPSHOT
2018-06-14 14:22:28 +02:00
Marek Posolda
49407c2e4f
KEYCLOAK-6630 Client scopes initial support ( #5076 )
...
* KEYCLOAK-6630 KEYCLOAK-349 Client Scopes
Co-authored-by: vramik <vramik@redhat.com>
* KEYCLOAK-6630 Change some clientTemplate occurences to clientScope
2018-06-08 15:38:38 +02:00
Federico M. Facca
5a9bfea419
[KEYCLOAK-7353] Support Policy Management in Protection API
...
See https://issues.jboss.org/browse/KEYCLOAK-7353
2018-06-06 19:36:42 -03:00
Pedro Igor
f8919f8baa
Merge pull request #5211 from pedroigor/KEYCLOAK-7367
...
[KEYCLOAK-7367] - User-Managed Policy Provider
2018-06-04 09:35:13 -03:00
Martin Kanis
f429469fc8
KEYCLOAK-5270 Realm cookie path for IE<=11 users ( #5106 )
2018-05-31 08:44:34 +02:00
Johannes Knutsen
c64ecb1ab8
Remove expired objects from cache cluster instead of local only
2018-05-29 10:27:43 +02:00
Pedro Igor
2b6597e9f1
[KEYCLOAK-7367] - User-Managed Policy Provider
2018-05-25 16:18:15 -03:00
Stian Thorgersen
dbf5c395b0
Bump version to 4.0.0.Final ( #5224 )
2018-05-24 19:02:30 +02:00
Stian Thorgersen
90e5c7f3eb
Bump version to 4.0.0.Beta3-SNAPSHOT ( #5185 )
2018-05-02 14:32:20 +02:00
Pedro Igor
5cae1bb134
Merge pull request #5093 from pedroigor/KEYCLOAK-4102
...
[KEYCLOAK-4102] - Support lazy load paths
2018-03-29 09:16:34 -03:00
pedroigor
4a425c2674
[KEYCLOAK-4102] - Support lazy loading of paths via policy enforcer config
2018-03-28 09:23:59 -03:00
dongay
707b80f436
KEYCLOAK-3210 Apply @Nationalized attribute to entity fields that should support unicode character sets
2018-03-27 20:55:59 +02:00