mposolda
9dd5ecd464
Kerberos automated test
2015-02-23 13:13:34 +01:00
Bill Burke
69582ee3be
more claims work
2015-02-21 10:26:55 -05:00
Bill Burke
42ffe21f91
Merge remote-tracking branch 'upstream/master'
2015-02-20 09:23:18 -05:00
Bill Burke
20f12ea960
changes
2015-02-20 09:22:49 -05:00
mposolda
d8024b0c6c
Kerberos refactored to be federation provider. Support for Kerberos and LDAP. Username/password authentication support with kerberos credentials.
...
First step - KerberosFederationProvider
Finished KerberosFederationProvider. Added support for username/password authentication with kerberos credentials
Added Kerberos UI to LDAPFederationProvider
Fixes
2015-02-18 17:19:15 +01:00
mposolda
5da05aa62a
LDAP testing improvements. Support for embedded Kerberos server in testsuite
2015-02-16 11:50:28 +01:00
mposolda
3ef243dd42
Add authenticateByDefault flag to IdentityProviderModel
2015-02-13 10:08:51 +01:00
pedroigor
b0fb737de3
[KEYCLOAK-883] - Code cleanup and refactoring.
2015-02-13 01:27:11 -02:00
mposolda
534187f4d7
KEYCLOAK-1037 Bad error message on login form in case of expired code
2015-02-11 18:48:32 +01:00
mposolda
03d607b022
Fix showing federation links of users in admin console
2015-02-11 13:03:31 +01:00
mposolda
4b637036ac
Display error page if kerberos token is unavailable
2015-02-11 12:25:20 +01:00
Bill Burke
40f2fb91bc
Merge pull request #960 from girirajsharma/master
...
Updated BC provider versions and deprecated CertificateUtil methods.
2015-02-10 17:55:45 -05:00
mposolda
f582250b31
KEYCLOAK-1036 Don't allow registration through identity brokering in case that realm registration is disabled
2015-02-10 16:57:07 +01:00
girirajsharma
c3d7ef8066
Updated BC provider versions and deprecated CertificateUtil methods.
2015-02-10 18:44:54 +05:30
mposolda
90496f62ac
KEYCLOAK-1035 Brokered identity linked by account management may not be recognized during login
2015-02-10 13:54:45 +01:00
mposolda
d523d7f202
Ensure timestamp on clientSession is updated in AccountService when linking identity broker
2015-02-10 09:49:44 +01:00
pedroigor
ff1f10d7a7
[KEYCLOAK-883] - Refactoring to services endpoints and exposing them through admin client.
2015-02-09 21:30:21 -02:00
pedroigor
cb72fa4788
[KEYCLOAK-883] - Idp hint should be processed firts.
2015-02-08 22:01:30 -02:00
pedroigor
1e13254598
[KEYCLOAK-992] - Initial code for examples. Fixing cors when retreiving tokens.
2015-02-08 03:27:57 -02:00
pedroigor
4b1ba704ec
[KEYCLOAK-992] - Token retrieval from brokered idps.
2015-02-06 22:23:34 -02:00
mposolda
8b4e724aeb
KEYCLOAK-1025 Skip automatic logout from KC admin console for non-authorized users
2015-02-06 18:13:17 +01:00
pedroigor
99a457c5c1
[KEYCLOAK-996] - Allow application to select provider.
2015-01-30 14:02:53 -02:00
girirajsharma
2d6e1048ef
Fixed adding right CORS headers to actual and preflight CORS requests.
2015-01-30 13:57:27 +05:30
Pedro Igor
f013796324
Merge pull request #938 from pedroigor/KEYCLOAK-883
...
[KEYCLOAK-883] - Initial tests for SAML brokering.
2015-01-29 09:11:39 -02:00
pedroigor
1960c608cd
[KEYCLOAK-883] - Initial tests for SAML brokering.
2015-01-29 00:04:02 -02:00
Bill Burke
fd20a25100
Merge remote-tracking branch 'upstream/master'
2015-01-28 17:09:59 -05:00
Bill Burke
ea3bba98aa
saml frontchannel logout
2015-01-28 17:09:13 -05:00
Stian Thorgersen
6ecd9fbde7
Merge pull request #936 from stianst/master
...
Provider loaders
2015-01-28 11:51:05 +01:00
Stian Thorgersen
67ba1de56f
KEYCLOAK-999 Load providers from file-system
2015-01-28 09:15:07 +01:00
pedroigor
2065815627
[KEYCLOAK-883] - Model tests.
2015-01-27 23:53:56 -02:00
pedroigor
c2ba2a70ce
[KEYCLOAK-997] - Redirect directly to provider if password login is disabled and there's only one provider.
2015-01-23 18:20:19 -02:00
pedroigor
b9a7594113
[KEYCLOAK-883] - More SAML configuration. Using SAML builders to create AuthnRequest.
2015-01-21 23:40:20 -02:00
Stian Thorgersen
f31bece1b9
KEYCLOAK-980 Password reset is possible with expired link
2015-01-21 13:11:06 +01:00
Stian Thorgersen
e7a792f922
KEYCLOAK-983 Fix login after reset-password
2015-01-21 12:28:30 +01:00
Bill Burke
8b6a3ad8e4
Merge remote-tracking branch 'upstream/master'
2015-01-16 18:58:01 -05:00
Bill Burke
a0ba6d2c16
saml redirect logout 1st step
2015-01-16 18:57:33 -05:00
Bill Burke
ef2698936b
Merge pull request #919 from pedroigor/KEYCLOAK-884
...
[KEYCLOAK-884] - OpenID Connect UserInfo Endpoint.
2015-01-16 14:28:30 -05:00
pedroigor
4f432775ed
[KEYCLOAK-884] - OpenID Connect UserInfo Endpoint.
2015-01-16 15:45:27 -02:00
mposolda
e4a8ced8b0
KEYCLOAK-974 ServerVersionResource doesn't handle cors requests
2015-01-16 12:57:08 +01:00
Stian Thorgersen
8828d6e2f1
KEYCLOAK-965 NPE in TokenManager.verifyAccess if application is deleted
2015-01-16 11:25:05 +01:00
Stian Thorgersen
bf6c46da1c
KEYCLOAK-962 Changed access token request to use redirect_uri from initial request instead of the resolved redirect_uri
2015-01-16 11:01:03 +01:00
Stian Thorgersen
29b8c2c924
KEYCLOAK-949 Disabled user with wrong credentials receive wrong error message
2015-01-14 10:10:53 +01:00
Stian Thorgersen
abd5967be3
KEYCLOAK-957 Access Token Request does not verify redirect_uri
2015-01-14 09:59:21 +01:00
Michael Gerber
3be74cda30
check if email is null
2015-01-14 09:18:05 +01:00
pedroigor
fa2533ed11
[KEYCLOAK-883] - Initial changes.
2015-01-13 00:58:19 -02:00
mposolda
fff8ae9f8a
KEYCLOAK-942 Incorrect condition in ResourceAdminManager could cause global logout
2015-01-08 11:09:11 +01:00
pedroigor
c4892428ae
[KEYCLOAK-928] - Validate duplicated emails when updating profile.
2015-01-07 11:09:40 -02:00
Michael Gerber
181c1c8b5b
add error event if mail can not be send
2015-01-06 13:02:27 +01:00
Stian Thorgersen
45a1f4361e
Add test
2015-01-05 14:34:08 +01:00
Stian Thorgersen
39daeca09c
Merge branch 'reset-password' of https://github.com/gerbermichi/keycloak into gerbermichi-reset-password
2015-01-05 14:26:51 +01:00
gerbermichi
0c73e67372
a disabled user should not receive an email to reset the password
2015-01-05 14:07:03 +01:00
Stian Thorgersen
628437c146
KEYCLOAK-760 OAuth2 refresh token expiration date
2015-01-05 10:50:50 +01:00
Michael Gerber
019bb558d1
reset-password-email with redirect_uri and client_id
2015-01-02 14:10:44 +01:00
Michael Gerber
53e18b3ebe
fix reset-password-email
2015-01-02 12:52:21 +01:00
Stian Thorgersen
f97b71c207
KEYCLOAK-903
...
No client session for direct grant
2014-12-30 13:28:08 +01:00
Stian Thorgersen
a367473386
KEYCLOAK-902 State should not be required
2014-12-30 10:38:08 +01:00
Stian Thorgersen
e174802b0d
KEYCLOAK-825
...
Log out user sessions on password reset
2014-12-17 14:54:33 +01:00
Stian Thorgersen
6cf42db584
KEYCLOAK-891 Create server info page on admin console
2014-12-17 13:21:31 +01:00
gerbermichi
2186fe32a9
Bugfix: Can not read keycloak-server.json if the path contains a space
...
https://issues.jboss.org/browse/KEYCLOAK-892
2014-12-17 12:32:06 +01:00
apenders
f3adf02eea
Added CORS preflight support for realms/<realm>/tokens/refresh
2014-12-02 15:33:15 -07:00
Stian Thorgersen
a843e31c12
KEYCLOAK-862 Use HmacSHA256 for code signatures
2014-11-27 10:02:08 +01:00
Bill Burke
46983d68f3
move ServerCookie to core
2014-11-14 09:20:03 -05:00
mposolda
a94ab5883d
KEYCLOAK-835 Move AdapterConstants to different package
2014-11-10 22:16:20 +01:00
Marek Posolda
c0f377c8c7
Merge pull request #841 from jpkrohling/JPK-KEYCLOAK-821
...
KEYCLOAK-821 - Support for comma-separated list of file names to import.
2014-11-06 20:32:31 +01:00
Juraci Paixão Kröhling
cd0ad70952
KEYCLOAK-821 - Support for comma-separated list of file names to import.
2014-11-05 17:04:17 +01:00
Stian Thorgersen
e7625c2bb1
KEYCLOAK-820 Don't expose realm private key through admin endpoints
2014-11-05 15:34:56 +01:00
Bill Burke
9c175bfb5d
Merge remote-tracking branch 'upstream/master'
2014-11-04 15:55:47 -05:00
Bill Burke
ede59a4441
fix jax-doclets
2014-11-04 15:55:33 -05:00
Stian Thorgersen
7327423a03
Fix ResetPasswordTest
2014-11-04 13:05:50 +01:00
Stian Thorgersen
bb2de4dc59
KEYCLOAK-787 Clicking back to login after sending password reset email fails
2014-10-31 13:59:56 +01:00
Stian Thorgersen
9b0d5acb50
KEYCLOAK-704 KEYCLOAK-768 Improvements to access code generation
2014-10-31 12:45:03 +01:00
Stian Thorgersen
8adad9dddf
KEYCLOAK-806
...
Increase defaults for 'SSO Session Idle Timeout'
2014-10-31 09:41:21 +01:00
Bill Burke
cf747dac22
remove info logging
2014-10-30 09:53:06 -04:00
Bill Burke
0183ac43bc
aud should be client-id, issuer should be realm
2014-10-29 15:56:25 -04:00
Stian Thorgersen
6e4785e74c
KEYCLOAK-777 No login event for social login
2014-10-28 19:56:41 +01:00
Bill Burke
12e2a4698d
idp descriptor
2014-10-28 12:49:31 -04:00
Bill Burke
e3609cc85b
app importer
2014-10-28 11:54:58 -04:00
Bill Burke
971f0f5c16
publish protocol support
2014-10-24 11:25:04 -04:00
Bill Burke
1be070e34d
cleanup
2014-10-24 11:00:34 -04:00
Bill Burke
ce76270ad8
saml key refactor
2014-10-24 10:58:32 -04:00
mposolda
f3da9760a3
Send node registration at 1st request instead of deployment startup. Bugfixing
2014-10-21 23:15:21 +02:00
Bill Burke
668497df4d
upload keys
2014-10-21 16:33:17 -04:00
mposolda
01c705b4d3
KEYCLOAK-759 Added adapter clustering to admin console
2014-10-21 12:32:53 +02:00
Stian Thorgersen
dd4b2f811b
KEYCLOAK-710 Ignore missing roles in access-code
2014-10-21 11:15:35 +02:00
Stian Thorgersen
6b2a4229e3
KEYCLOAK-700 Check path is valid in account/login-redirect
2014-10-21 09:57:56 +02:00
Stian Thorgersen
63b41e2548
KEYCLOAK-703 Check valid origin is passed to login-status-iframe
2014-10-21 09:57:56 +02:00
Stian Thorgersen
ed895ce02d
KEYCLOAK-699 Set maximum size of qr-code
2014-10-21 09:57:56 +02:00
mposolda
7d8f265789
KEYCLOAK-759 dynamic registration of managementUrls in cluster
2014-10-17 21:51:46 +02:00
Bill Burke
8fbc8fc736
Merge remote-tracking branch 'upstream/master'
2014-10-14 18:39:08 -04:00
Bill Burke
7760887ac1
app cert support, bug fixes
2014-10-14 18:38:48 -04:00
Stian Thorgersen
106a0cb48d
KEYCLOAK-755 Support env variables in keycloak-server.json
2014-10-14 15:06:18 +02:00
Stian Thorgersen
1021e8af5c
KEYCLOAK-753 Add 'username:' prefix to remember me cookie to prevent issue with old cookie
2014-10-14 13:44:03 +02:00
Stian Thorgersen
4d401224de
KEYCLOAK-746 Allow linking to account from external provider
2014-10-13 10:48:45 +02:00
Bill Burke
4d007c776a
generate/store realm certificate
2014-10-11 10:49:04 -04:00
Bill Burke
deffa9b4e1
oauth id in admin console
2014-10-10 16:55:57 -04:00
Bill Burke
0ace5cd746
merge conflicts
2014-10-09 18:26:14 -04:00
Bill Burke
94da99bf10
use app id in admin console urls
2014-10-09 18:22:02 -04:00
mposolda
9954d68a1f
KEYCLOAK-748 cluster-aware logout for non-distributable apps
2014-10-09 21:33:07 +02:00
mposolda
ac8b43358d
Reduce logging
2014-10-08 23:28:02 +02:00
mposolda
7e7406ddb7
KEYCLOAK-743 Stateless session mgmt. Drop statistics for adapters.
2014-10-08 22:18:10 +02:00
Bill Burke
a1d1877751
ClientModel attributes and protocol
2014-10-08 10:54:13 -04:00
Bill Burke
5f1e6f3a23
merge
2014-10-07 18:17:44 -04:00
Bill Burke
6d5ab0f66b
saml backchannel logout
2014-10-07 18:06:02 -04:00
Bill Burke
e01424b815
Merge pull request #741 from patriot1burke/master
...
saml basic
2014-10-04 22:15:56 -04:00
Bill Burke
e3a3933390
saml basic
2014-10-04 21:27:48 -04:00
Stian Thorgersen
0d5be568f8
KEYCLOAK-722 Refreshing token throws RuntimeException if realm keys have changed
2014-10-03 13:23:21 +02:00
Stian Thorgersen
d6f030a05a
KEYCLOAK-662 NPE when using direct grant API with email as username
2014-10-03 12:10:52 +02:00
mposolda
e6121f301f
KEYCLOAK-732 AuthenticationManager.logout should logout just current userSession
2014-10-02 22:52:44 +02:00
mposolda
72b5632cfe
KEYCLOAK-731 Support for replacing configuration of Java adapters with system properties
2014-10-02 19:15:37 +02:00
mposolda
95521e8a95
KEYCLOAK-709 ResourceAdminManager.logoutApplication shouldn't immediatelly fail with RuntimeException
2014-10-01 23:20:49 +02:00
Bill Burke
6cf62a2768
move pre-auth
2014-10-01 14:57:52 -04:00
Bill Burke
cbc383d494
finish protocol refactoring
2014-10-01 14:19:59 -04:00
Bill Burke
546d45b009
protocol abstraction
2014-10-01 10:38:42 -04:00
Bill Burke
4b399fe05a
login protocol abstraction
2014-10-01 10:01:42 -04:00
Bill Burke
e32f73880f
Merge remote-tracking branch 'upstream/master'
2014-09-30 15:58:39 -04:00
Bill Burke
63b65c933b
token service refactoring
2014-09-30 15:58:20 -04:00
Stian Thorgersen
1d4e842cc0
Fixes to Mongo user session provider
2014-09-30 14:24:49 +02:00
Stian Thorgersen
99c73a9cc7
Clustering support
2014-09-30 09:40:20 +02:00
Bill Burke
fc867e59ea
action url refactor
2014-09-29 16:57:58 -04:00
Bill Burke
75a3093dda
login refactor phase 2, still more to do
2014-09-29 16:15:33 -04:00
Bill Burke
67f10bee24
Merge remote-tracking branch 'upstream/master'
2014-09-29 09:56:37 -04:00
Bill Burke
524b423733
ClientSession everywhere refactor phase1
2014-09-26 17:44:33 -04:00
Stian Thorgersen
f2e97ff9d6
Add test to add/remove attributes to user through admin endpoints
2014-09-25 19:35:57 +02:00
Bill Burke
66d58476d0
refactor security page flow
2014-09-23 11:05:10 -04:00
Bill Burke
bf42227224
remove junk
2014-09-22 16:35:22 -04:00
Bill Burke
99a6713e6f
clientsession notes
2014-09-22 16:34:42 -04:00
Bill Burke
0b8b31a3ea
KEYCLOAK-705
2014-09-19 10:00:47 -04:00
Stian Thorgersen
dcb5717154
KEYCLOAK-696 Display Keycloak version in admin console
2014-09-18 13:24:03 +02:00
mposolda
89471b7db1
KEYCLOAK-695 Let KEYCLOAK_REMEMBER_ME cookie to be valid for 1 year
2014-09-18 11:03:44 +02:00
mposolda
1049bca433
Prefill login form just if rememberMe enabled for the realm
2014-09-17 08:54:29 +02:00
mposolda
5352872b4b
Use KEYCLOAK_REMEMBER_ME as hint to prefill login form. Change lifespan of KEYCLOAK_IDENTITY to maxSsoSessionLifespan
2014-09-16 22:09:27 +02:00
mposolda
1be2bff95f
Typo
2014-09-12 16:57:02 +02:00
Stian Thorgersen
811cfd52c9
KEYCLOAK-657 Set cache-control for keycloak.js and login-iframe
2014-09-12 13:46:56 +02:00
Stian Thorgersen
7c15a70f53
Fixes to KEYCLOAK-682
2014-09-12 12:26:52 +02:00
Stian Thorgersen
5d141d4d8a
KEYCLOAK-682 Only send logout admin action to clients associated with user session
2014-09-12 11:47:11 +02:00
mposolda
6f173d4554
KEYCLOAK-678 Preserve form values in account mgmt after error
2014-09-11 20:54:48 +02:00
mposolda
649a40f58c
KEYCLOAK-676 Validate email address format during registration or account mgmt
2014-09-11 20:05:00 +02:00
Stian Thorgersen
b23463a1d2
KEYCLOAK-653 Add theme support to welcome-pages
2014-09-11 15:58:29 +02:00
Stian Thorgersen
280cbf2174
KEYCLOAK-680 Add/remove social-links through admin api
2014-09-11 12:09:55 +02:00
mposolda
aa7bbeb11b
Support for cors in PublicRealmResource
2014-09-10 13:05:53 +02:00
mposolda
52920119bd
Ensure that ServerInfo request is authorized and add CORS support to it
2014-09-10 10:42:05 +02:00
Stian Thorgersen
557de7690e
Fix CRSF protection on Chrome, and add check if 'Referer' header
2014-09-10 10:32:56 +02:00
Bill Burke
e3e32982a0
change CSRF to random value
2014-09-09 13:27:34 -04:00
Bill Burke
ac29db51e5
nolog CORS exception
2014-09-09 12:51:55 -04:00
Bill Burke
d0a3a04d34
CSRF
2014-09-09 12:06:48 -04:00
Stian Thorgersen
3530fa6259
KEYCLOAK-666 Update session last refreshed on every token refresh
2014-09-09 11:01:24 +02:00
Stian Thorgersen
8c8c44e50f
KEYCLOAK-658 Fix searching for users
2014-09-02 10:01:44 +02:00
Stian Thorgersen
31b0f5543f
Fixes
2014-08-29 17:11:18 +02:00
Stian Thorgersen
39c0be5d99
KEYCLOAK-652
...
Social user can't set password
2014-08-29 16:51:10 +02:00
Stian Thorgersen
b9d0f64f74
Added password token to use inplace of plain-text password for totp
2014-08-28 13:51:55 +02:00
Stian Thorgersen
55d614fce8
Reduce log in UserFederationResource
2014-08-28 11:26:55 +02:00
Stian Thorgersen
3bfe3d256e
Rename audit to events
2014-08-28 10:56:37 +02:00
mposolda
fb18004c1d
KEYCLOAK-643 Handle flows with adding user with existing username or email in federation providers
2014-08-27 12:19:23 +02:00
Stian Thorgersen
55bd889a0f
KEYCLOAK-531 Reduce info level logging
2014-08-27 11:17:24 +02:00
mposolda
b3b480c25f
Display proper error message if LDAP-linked user couldn't be deleted due to read-only mode
2014-08-26 19:10:48 +02:00
mposolda
fd9d2ba4d5
Handle exceptions and UI errors when user is read only. Some sync issues
2014-08-26 12:54:05 +02:00
mposolda
6c7d0f27a7
More tooltips for LDAP and generic federation. Minor fixes
2014-08-25 16:28:52 +02:00
Bill Burke
e99afec7ec
import console from export
2014-08-21 17:17:09 -04:00
Bill Burke
5dd84f1d9a
fix AccountService referrer problems
2014-08-20 14:20:59 -04:00
Bill Burke
47f361a4ab
nocache for fed provider list
2014-08-20 11:29:45 -04:00
Bill Burke
6e7924da76
demo fixes
2014-08-20 11:08:40 -04:00
Bill Burke
c38abb2cfe
?
2014-08-18 18:52:51 -04:00
Bill Burke
faf18dfdfd
fix cookie parsing problem
2014-08-18 18:36:36 -04:00
Bill Burke
2dc32fb8c9
fix menu error
2014-08-18 18:06:23 -04:00
Bill Burke
c86a6ba3f3
fix admin reset email
2014-08-15 11:46:38 -04:00
Bill Burke
5dca2a3588
expanded token service coverage
2014-08-14 21:01:05 -04:00
Bill Burke
cfee00d4c5
fix relative uri problem
2014-08-14 11:01:04 -04:00
Bill Burke
29691a3167
Merge pull request #626 from patriot1burke/master
...
more tooltips, change password
2014-08-13 12:17:48 -04:00
Bill Burke
edf73af508
change password
2014-08-13 10:35:49 -04:00
mposolda
4bac0474c6
Sync UI for generic providers
2014-08-12 18:12:28 +02:00
mposolda
f0b66a2241
Admin console UI for sync of users from LDAP. Sync fixes
2014-08-12 18:12:27 +02:00
Bill Burke
abb1647672
Merge pull request #619 from patriot1burke/master
...
fix logout
2014-08-12 10:06:44 -04:00
Bill Burke
114c1b95fa
fix logout
2014-08-12 10:06:19 -04:00
Stian Thorgersen
f95418dfc9
KEYCLOAK-592 Display login form with error message if trying to login with social provider where email already exists
2014-08-12 12:06:13 +01:00
Bill Burke
7c97e02715
X-Frame-Options, Content-Security-Policy
2014-08-11 17:45:01 -04:00
Stian Thorgersen
3f83538fc1
Merge pull request #612 from stianst/master
...
KEYCLOAK-616 Not require registration to add a new social user
2014-08-11 15:35:54 +01:00
Stian Thorgersen
3040f4e89f
KEYCLOAK-616 Not require registration to add a new social user
2014-08-11 15:34:57 +01:00
mposolda
8ba7559cac
Fix transaction handling in KeycloakModelUtils.runJobInTransaction. Start sync tasks for configured federation providers at startup
2014-08-11 13:51:44 +02:00
mposolda
d699404ce7
Support for periodic users sync
2014-08-10 23:23:50 +02:00
mposolda
5cb6c4e77c
Improve TimerSPI to support cancelling of previously scheduled tasks
2014-08-10 23:17:39 +02:00
Bill Burke
48f7efc97f
@NoCache where appropriate
2014-08-10 12:28:43 -04:00
Bill Burke
9aa6b4cbfa
optimize imports
2014-08-10 12:17:45 -04:00
Bill Burke
dc4e8603d7
change logout behavior
2014-08-08 18:33:37 -04:00
Bill Burke
32a19563a5
KEYCLOAK-547
2014-08-06 19:15:52 -04:00
Bill Burke
aff32f69bb
version
2014-08-06 15:44:50 -04:00
Bill Burke
5b5fea347a
improved oauth login/grant
2014-08-05 19:36:19 -04:00
Bill Burke
19e1ddff1d
logging
2014-08-05 16:04:13 -04:00
Bill Burke
ea0ceeb65d
Merge pull request #589 from patriot1burke/master
...
app full scope
2014-08-04 16:26:51 -04:00
Bill Burke
a497c69758
relative logout
2014-08-04 16:17:35 -04:00
Bill Burke
731d75c756
app full scope by default
2014-08-04 16:04:10 -04:00
mposolda
5edb84ccfb
Ensure that displayName is persisted. Add 'user' to ActiveDirectory classes
2014-08-04 16:42:48 +02:00
Bill Burke
60a564dcfd
fix fed example
2014-08-03 10:53:37 -04:00
Bill Burke
101a72cd65
remove AuthenticationProvider/Link
2014-08-01 18:03:48 -04:00
Bill Burke
d1c5c55a61
switch to a get
2014-08-01 13:28:17 -04:00
Bill Burke
bdc31d9459
Merge remote-tracking branch 'upstream/master'
2014-08-01 13:18:46 -04:00
Bill Burke
f08c42a37e
token validation
2014-08-01 13:18:32 -04:00
Stian Thorgersen
6cbeeb1b1a
KEYCLOAK-591 Require SSL for all external requests by default
2014-08-01 13:52:04 +01:00
Bill Burke
705da88daa
fix cache setup
2014-07-31 14:05:23 -04:00
Bill Burke
94c06f3f5d
fed ui
2014-07-31 13:13:48 -04:00
Bill Burke
b72a7db6fe
federation display name
2014-07-31 10:51:04 -04:00
Bill Burke
d0dc75c06f
federation ui
2014-07-30 22:52:39 -04:00
Stian Thorgersen
fa01d53f9e
KEYCLOAK-545 Stop NPE if no client_secret is specified or bearer-only application is used for grants/access
2014-07-30 16:41:07 +01:00
Stian Thorgersen
50bc53d673
KEYCLOAK-562 Cache theme instances
2014-07-30 16:06:08 +01:00
Stian Thorgersen
fcc4781e3a
Updated admin endpoints and console to use oauth client name/clientId to retrieve a oauth client
2014-07-30 14:10:25 +01:00
Stian Thorgersen
614c718304
KEYCLOAK-581 Add login_hint query param to login
2014-07-30 13:43:46 +01:00
Stian Thorgersen
02a59812e6
Added ClientSessionModel to UserSessionProvider
2014-07-29 16:10:41 +01:00
Stian Thorgersen
7f4849e165
Merge pull request #560 from stianst/demo-non-localhost
...
KEYCLOAK-579 Use relative urls in examples
2014-07-28 10:48:30 +01:00
Stian Thorgersen
628c7dd92a
KEYCLOAK-579 Use relative urls in examples
2014-07-28 10:41:21 +01:00
Bill Burke
3bb0842eae
federation iteration 2
2014-07-25 21:05:45 -04:00
Stian Thorgersen
614bee3061
KEYCLOAK-570 Add use-resource-role-mappings to WildFly installation
2014-07-25 11:53:10 +01:00
Bill Burke
1b14444eba
rename FederationProvider to UserFederationProvider
2014-07-24 11:11:21 -04:00
Stian Thorgersen
511cc483cb
Moved audit/tests and model/tests to testsuite
2014-07-24 13:49:15 +01:00
Bill Burke
43d08f2d05
federation iteration 1 complete
2014-07-23 17:05:49 -04:00
Bill Burke
171e9b1ce9
Merge remote-tracking branch 'upstream/master'
2014-07-23 15:10:48 -04:00
Bill Burke
eec582e704
merge
2014-07-23 15:10:36 -04:00
Stian Thorgersen
d6f5bf6cde
Moved rememberMe, usernameUsed fields from AccessCode to UserSessions. Change AccessCode to have a single action instead of a list of required actions, also used action for codes that needs user to grant permissions first. Finally removed expiration time on access code and use timestamp directly
2014-07-23 15:58:09 +01:00
Bill Burke
f1d72d0b6d
fed 2
2014-07-23 10:42:18 -04:00
Bill Burke
148d494905
federation iteration
2014-07-23 10:21:25 -04:00
Stian Thorgersen
b196d0dded
Remove access token from access code, and create token when code is exchanged for token
2014-07-22 09:37:21 +01:00
Bill Burke
f275ecf6d5
cache settings
2014-07-18 11:30:10 -04:00
mposolda
3dff4afe83
Export/import improvements and fixes
2014-07-17 21:31:33 +02:00
Stian Thorgersen
c21be01e97
Merge pull request #529 from stianst/master
...
KEYCLOAK-435 Added pagination support for users
2014-07-16 18:04:36 +01:00
Stian Thorgersen
72d240a57e
KEYCLOAK-435 Added pagination support for users
2014-07-16 17:54:11 +01:00
Bill Burke
8fbfba907b
Merge remote-tracking branch 'upstream/master'
2014-07-16 12:05:31 -04:00
Bill Burke
f342a8c7a3
move credential validation to UserProvider
2014-07-16 12:05:15 -04:00
Stian Thorgersen
e0ec121012
KEYCLOAK-559 If session iframe is enabled, check this before doing a login if onload is check-sso
2014-07-16 10:47:42 +01:00
Bill Burke
a5593469ae
rename ModelProvider->RealmProvider
2014-07-15 15:44:50 -04:00
Bill Burke
484a4c1454
user provider refactor complete
2014-07-15 15:25:06 -04:00
Bill Burke
ff86bdc35f
userprovider split
2014-07-15 12:11:12 -04:00
mposolda
c14840a4c0
More cleanup after rebase
2014-07-15 14:44:38 +02:00
mposolda
24a492ffe0
Export/import refactoring to use same representation as admin endpoints
2014-07-15 05:35:24 +02:00
Bill Burke
d2c27daa16
changes
2014-07-14 11:31:25 -04:00
Stian Thorgersen
3f68180ee7
KEYCLOAK-512 Pagination support for sessions
2014-07-14 11:49:59 +01:00
Stian Thorgersen
d625fb014c
Added JPA connection provider and added basic support for multiple transactions to KeycloakSession
2014-07-14 10:10:03 +01:00
Bill Burke
626cecba95
enlist
2014-07-11 19:43:37 -04:00
Bill Burke
5f5316fbdc
session transaction
2014-07-11 19:29:11 -04:00
Stian Thorgersen
86671a2354
Started UserSessionProvider
2014-07-10 16:48:25 +01:00
Stian Thorgersen
7491b1c369
KEYCLOAK-553 Added minified keycloak.js
2014-07-09 12:23:29 +01:00
Stian Thorgersen
ad6d52cb0f
Removed model methods from KeycloakSession
2014-07-08 15:27:42 +01:00
Stian Thorgersen
8dc293f629
Removed removeAllData from model
2014-07-08 15:27:42 +01:00
Stian Thorgersen
621cae61b6
Added hybrid model provider with jpa stores
2014-07-08 12:04:09 +01:00
mposolda
ffc30b4c03
Changes in representations - adding role mappings under user representation
2014-07-07 22:48:53 +02:00
Stian Thorgersen
38857cf2e6
Remove notBefore from users
2014-07-07 16:23:53 +01:00
Stian Thorgersen
099743d448
Rename loginName to username
2014-07-07 15:56:21 +01:00
Stian Thorgersen
270d6108ca
KEYCLOAK-501 Check if old session for browser exists and delete before creating a new
2014-06-27 12:55:33 +01:00
Stian Thorgersen
26eac398e0
KEYCLOAK-541 Create session after resetting password through email
2014-06-27 12:20:32 +01:00
Stian Thorgersen
34a1923d18
Refactor to prepar for splitting model
2014-06-27 09:39:06 +01:00
mposolda
b1cfab34fd
Support for test of LDAP connection and authentication
2014-06-24 10:03:14 +02:00
mposolda
aea4fd8e30
Upgrade to picketlink 2.6.0.CR5. Support for sync whole UserModel into AuthenticationProvider
2014-06-23 15:29:00 +02:00
Stian Thorgersen
d73d2e0788
Started test tools module
2014-06-23 11:37:03 +01:00
Bill Burke
d21a19925b
stateless access codes
2014-06-20 10:37:27 -04:00
Stian Thorgersen
469d044254
KEYCLOAK-532
2014-06-17 14:07:07 +01:00
Bill Burke
1eafb01c8d
keycloak-521
2014-06-16 11:59:27 -04:00
Bill Burke
cbea141a54
cache impl
2014-06-13 17:17:45 -04:00
Bill Burke
2ae2067841
refactor for caching again
2014-06-12 11:11:14 -04:00
Bill Burke
0dd06e3343
model refactor for caching
2014-06-10 18:50:08 -04:00
Bill Burke
2f3c8bf079
cache refactor
2014-06-06 15:12:58 -04:00
Stian Thorgersen
5f6687ec62
KEYCLOAK-244 Social should be stateless
2014-06-05 10:09:17 +01:00
Bill Burke
9410adf9ce
fix deadlocks
2014-06-02 21:33:43 -04:00
Stian Thorgersen
5dafad71ac
Set cache-control on static resources from themes
2014-05-30 16:59:25 +01:00
Stian Thorgersen
24ac6cbbac
Fix themes displayed multiple times in admin console
2014-05-29 10:28:05 +01:00
Stian Thorgersen
dd30a35e1e
Disable session iframe in Corodova
2014-05-28 17:29:13 +01:00
Stian Thorgersen
9261c1608f
Fix missing @Path in admin console
2014-05-27 13:40:32 +01:00
Bill Burke
199c786e22
jaxrs-doclet support
2014-05-26 20:41:33 -04:00
Bill Burke
1f8b2d4c7b
stuff
2014-05-26 12:49:56 -04:00
Bill Burke
ab2932f75e
effective roles to oauth
2014-05-23 19:01:09 -04:00
Bill Burke
e4232c73c6
admin rest api example
2014-05-23 18:20:55 -04:00
Bill Burke
54cc095ff5
admin cors support
2014-05-23 16:02:14 -04:00
Bill Burke
236f3ab768
admin cors
2014-05-23 09:37:07 -04:00
Stian Thorgersen
37099f3177
KEYCLOAK-494
...
Session state iframe uses first redirect uri for a client
2014-05-22 17:51:51 +01:00
Bill Burke
0d9e14d4c7
Merge remote-tracking branch 'upstream/master'
2014-05-21 10:56:21 -04:00
Stian Thorgersen
73f59417bd
Remove index.html from redirect on '/auth/admin/'
2014-05-21 12:47:07 +01:00
Stian Thorgersen
6814230193
Fix NPE in account service
2014-05-21 12:13:00 +01:00
Stian Thorgersen
d68131ac00
KEYCLOAK-475
...
Log is shown in menu when audit is disabled for realm
2014-05-21 12:05:32 +01:00
Stian Thorgersen
952f098440
KEYCLOAK-483
...
Remove 'index.html' from console url
2014-05-21 11:16:48 +01:00
Stian Thorgersen
f08477ea66
Run import before creating default realm
2014-05-21 11:16:47 +01:00
Stian Thorgersen
eb47d43497
For installed app urn redirect to a page instead of returning the html, this is to prevent NPE if page is refreshed
2014-05-21 10:32:03 +01:00
Stian Thorgersen
59440840fe
Read keycloak-sever.json from <JBOSS_HOME>/standalone/configuration if it exists
2014-05-21 09:35:01 +01:00
Bill Burke
ae3c4e8459
default web origin is redirect uris
2014-05-20 17:40:45 -04:00
Bill Burke
8e79f550b0
Merge remote-tracking branch 'upstream/master'
2014-05-20 16:49:28 -04:00
Bill Burke
0137918701
urn
2014-05-20 16:49:25 -04:00
Bill Burke
79828ddc78
Merge pull request #409 from patriot1burke/master
...
fix urn redirect uri
2014-05-20 16:15:40 -04:00
Bill Burke
fcca9dd90a
fix urn redirect uri
2014-05-20 16:15:13 -04:00
Stian Thorgersen
b09e2f697e
Email audit listener
2014-05-20 17:04:17 +01:00
Bill Burke
b3dd349342
check redirect uri exists in token service
2014-05-20 11:38:35 -04:00
Bill Burke
57f0ea0638
Merge remote-tracking branch 'upstream/master'
2014-05-20 09:27:18 -04:00
Bill Burke
f723ac79d1
redirect not required with bearer only
2014-05-20 09:19:04 -04:00
Stian Thorgersen
cc97265c06
Add realm option to enable/disable Resource Owner Password Credentials Grant
2014-05-20 11:32:22 +01:00
Stian Thorgersen
8d1149dc07
Add email theme config for realm
2014-05-20 11:00:43 +01:00
Bill Burke
a53206995a
stuff
2014-05-19 15:08:38 -04:00
Bill Burke
11c23a7945
require redirect
2014-05-19 14:44:36 -04:00
Stian Thorgersen
a3d08e7191
Added theme support to emails
2014-05-19 17:34:58 +01:00
Bill Burke
7e8b16f975
acct svc + sessions
2014-05-19 17:34:48 +01:00
Bill Burke
dc7923c436
fix brute shutdown
2014-05-19 10:33:49 -04:00
Bill Burke
c2bf6c3822
Merge remote-tracking branch 'upstream/master'
2014-05-17 14:24:37 -04:00
Bill Burke
ab8de6ba25
client user-session association
2014-05-17 14:24:32 -04:00
Stian Thorgersen
855269f35d
Added 'keycloak-server.json' for configuring the server
...
Added SPI interface to detect SPI's
Converted Model to SPI/Provider to be loaded through ProviderSessionFactory
2014-05-16 17:33:22 +01:00
Stian Thorgersen
a3ed02ea16
Merge pull request #391 from jeroenr/master
...
CORS improvements and clean up
2014-05-16 16:06:43 +01:00
Jeroen Rosenberg
84f13eadc1
* Possibility to add exposed headers
...
* Default allow headers
* Fix warnings, unused import, redundancies
2014-05-16 16:39:17 +02:00
Jeroen Rosenberg
cedf43c084
Refactored joining of allowed headers to be more efficient
2014-05-16 14:28:49 +02:00
Jeroen Rosenberg
4c281a39bb
Unused import
2014-05-16 14:10:13 +02:00
Jeroen Rosenberg
5533357c46
Added HEAD as default allowed method for Cors
2014-05-16 14:09:50 +02:00
Bill Burke
67e3e60f28
test sso idle, logout on idle
2014-05-15 23:10:14 -04:00
Bill Burke
bc2360e985
sso session idle and max lifespan
2014-05-15 17:25:57 -04:00
Bill Burke
27efd3c0a4
ssoSessionIdleTimeout refactor
2014-05-15 13:53:28 -04:00
Bill Burke
26f6da10dd
Merge pull request #385 from patriot1burke/master
...
Improved role and scope mapping screens
2014-05-14 14:50:52 -04:00
Bill Burke
7ba8e09aef
improved scope screen
2014-05-14 14:50:11 -04:00
Stian Thorgersen
7bea4af6c9
Redirect to login page if logged out and submitting forms in acct mngmt
2014-05-14 17:46:30 +01:00
Bill Burke
0e0dfb60e0
composite role mapping listing
2014-05-14 10:37:50 -04:00
Stian Thorgersen
f4f9b1e323
KEYCLOAK-431 View open sessions, and logout all sessions, through account management
2014-05-14 11:56:28 +01:00
Bill Burke
639b7c5610
fix IE problems
2014-05-13 22:33:46 -04:00
Bill Burke
b30809d681
httponly, ie keycloak.js fix
2014-05-13 22:06:32 -04:00
Bill Burke
e8f8829a76
cors example
2014-05-13 17:17:27 -04:00
Bill Burke
ea672e36ae
rename realm management app
2014-05-12 19:28:34 -04:00
Bill Burke
1e1991e285
per-realm admin
2014-05-12 10:12:31 -04:00
Bill Burke
1194e40ef2
iframe check login
2014-05-10 11:23:44 -04:00
Stian Thorgersen
624fcf6197
KEYCLOAK-421 Set realm admin apps to bearer-only
2014-05-09 12:03:39 +01:00
Stian Thorgersen
6f0b12174c
KEYCLOAK-432 Added user sessions
2014-05-09 11:52:45 +01:00
Bill Burke
d957cc4883
Merge remote-tracking branch 'upstream/master'
2014-05-08 20:03:20 -04:00
Bill Burke
2d949b63b5
keycloak.js login for admin
2014-05-08 19:55:57 -04:00
mposolda
c51011acef
KEYCLOAK-354 Possibility for admin to see social links of some user in admin console
2014-05-07 17:28:13 +02:00
mposolda
6b1e0401ba
KEYCLOAK-361 it shouldn't be possible to remove last social link if user don't have password
2014-05-07 17:28:13 +02:00
Bruno Oliveira
334b981741
notBefore wasn't being assigned
2014-05-07 08:10:03 -03:00
Bill Burke
5edf05d569
Merge pull request #366 from mposolda/export-import-rebased
...
Full export-import implemented. Remove dependency of mongo on picketlink...
2014-05-06 21:17:51 -04:00
Bill Burke
f987d331b7
/rest removal and pom fixes
2014-05-06 20:43:01 -04:00
Bill Burke
64f591769a
remove /rest from RealmsResource
2014-05-06 20:21:49 -04:00
mposolda
0801c9c120
Full export-import implemented. Remove dependency of mongo on picketlink-common
2014-05-06 22:15:57 +02:00
Stian Thorgersen
1d760388de
KEYCLOAK-441 Remove org.json
2014-05-06 12:32:29 +01:00
Bill Burke
e7c64b7812
adatper deployment context fixes, picketlink abstraction
2014-05-05 18:20:52 -04:00
Bill Burke
7ff2c77a82
relative uri tests and fixes
2014-05-02 12:30:08 -04:00
Bill Burke
e5e43173bc
relative redirect uris
2014-05-02 10:58:29 -04:00
Bill Burke
2576975988
fix mimetype
2014-04-30 14:25:23 -04:00
Bill Burke
8c5ae9d052
fix mimetype
2014-04-30 14:24:37 -04:00
Stian Thorgersen
38e6bde07e
KEYCLOAK-415 Make sure query params are included when navigating in acct mngmt
2014-04-30 11:03:13 +01:00
Stian Thorgersen
9811aaeecc
KEYCLOAK-333 Removed use of RestEasy's Logger
2014-04-30 10:13:53 +01:00
Stian Thorgersen
316431c4d1
Ensure role name unique within realm/app
2014-04-30 09:50:29 +01:00
Stian Thorgersen
646e762cbe
Ensure user loginName and email unique within realm
2014-04-29 17:15:28 +01:00
Stian Thorgersen
1d94649b96
Ensure application and client names are unique within realm
2014-04-29 12:03:09 +01:00
Stian Thorgersen
364998b34b
Enforce that realm name is unique in model
2014-04-29 10:43:27 +01:00
Bill Burke
62f8811a46
Merge remote-tracking branch 'upstream/master'
...
Conflicts:
bundled-war-example/src/main/java/org/keycloak/server/KeycloakServerApplication.java
bundled-war-example/src/main/webapp/WEB-INF/web.xml
2014-04-28 18:04:50 -04:00
Bill Burke
2d1dc4a874
application refactor
2014-04-28 17:34:06 -04:00
Stian Thorgersen
c06009d5fb
KEYCLOAK-430 Fix bundled war example
2014-04-28 13:36:34 +01:00
Stian Thorgersen
3d02fd5d0e
KEYCLOAK-429 Remove role from composite roles when deleted
2014-04-28 12:55:04 +01:00
Stian Thorgersen
292089cee8
Ensure Realm names are unique
2014-04-25 17:02:03 +01:00
Stian Thorgersen
f64f55a4c6
KEYCLOAK-347 Link realm and realm-permissions application
2014-04-25 15:32:28 +01:00
Stian Thorgersen
b8dfac391a
KEYCLOAK-385 Add CORS support to refresh token
2014-04-25 14:09:39 +01:00
Stian Thorgersen
d6e5e376bf
Theme support for admin
2014-04-25 13:58:58 +01:00
Bill Burke
541e865fe8
brute force fixes
2014-04-23 17:55:13 -04:00
Bill Burke
54abfb670c
brute force settings
2014-04-15 11:37:27 -04:00
Bill Burke
2b8d2288fb
more brute force detection
2014-04-14 18:58:45 -04:00