Takashi Norimatsu
9b3e297cd0
KEYCLOAK-9756 PS256 algorithm support for token signing and validation
2019-04-09 20:52:02 +02:00
Francesco Degrassi
1bf19ada7e
KEYCLOAK-9825: keep existing refresh token on token exchange requiring refresh if new one not provided in response
2019-04-09 15:21:56 -03:00
Francesco Degrassi
5b78063dce
KEYCLOAK-6614: Support requesting refresh tokens from Google using access_type=offline
2019-04-08 15:06:03 -03:00
Stefan Guilhen
2fa2437555
KEYCLOAK-5613 Add built-in optional client scope for MicroProfile-JWT
2019-04-02 08:40:19 -03:00
Hisanobu Okuda
b44c86bd26
KEYCLOAK-9833 Large SSO Session Idle/SSO Session Max causes login failure
2019-03-27 11:42:40 +01:00
vramik
b7c5ca8b38
KEYCLOAK-8535 Inconsistent SAML Logout endpoint handling
2019-03-22 14:09:31 +01:00
Pedro Igor
d2275ca563
[KEYCLOAK-7939] - Startup logs warning instead of error when admin user already exists
2019-03-21 11:44:17 -03:00
mposolda
db271f7150
KEYCLOAK-9572 Support for multiple CRLs with X509 authentication
2019-03-20 15:00:44 +01:00
Hynek Mlnarik
25c07f78bc
KEYCLOAK-9578 Fix typo in SAML attribute name format
2019-03-19 11:45:38 +01:00
Hynek Mlnarik
1c906c834b
KEYCLOAK-3373 Remove SAML IdP descriptor from client installation and publicize it in realm endpoint instead
2019-03-19 11:37:15 +01:00
fisache
a868b8b22a
[KEYCLOAK-9772] Permissions are duplicated
...
- when resource server is current user
2019-03-18 16:37:54 -03:00
stianst
8d42c9193b
KEYCLOAK-9838 Trim username in admin welcome page
2019-03-18 09:20:38 +01:00
vramik
3cc405b1c5
KEYCLOAK-8542 Remove resteasy workaround - KeycloakStringEntityFilter
2019-03-16 13:53:54 +01:00
mposolda
a48698caa3
KEYCLOAK-6056 Map user by Subject Alternative Name (otherName) when authenticating user with X509
2019-03-15 23:11:47 +01:00
Yaser Abouelenein
404ac1d050
KEYCLOAK-8701 changes needed to include x5c property in jwks
2019-03-15 06:01:15 +01:00
Axel Messinese
e18fb56389
KEYCLOAK-4978 Add endpoint to get groups by role
2019-03-15 06:00:17 +01:00
Corey McGregor
be77fd9459
KEYCLOAK-2339 Adding impersonator details to user session notes and supporting built-in protocol mappers.
2019-03-08 09:14:42 +01:00
rmartinc
231db059b2
KEYCLOAK-8996: Provide a way to set a responder certificate in OCSP/X509 Authenticator
2019-03-07 07:57:20 +01:00
keycloak-bot
e843d84f6e
Set version to 6.0.0-SNAPSHOT
2019-03-06 15:54:08 +01:00
Gilles
f295a2e303
[KEYCLOAK-3723] Fixed updated of protocol mappers within client updates in clients-registrations resource
2019-03-04 11:57:59 +01:00
vramik
5d205d16e8
KEYCLOAK-9167 Using kcadm to update an identity-provider instance via a json file does not work without an "internalId" present in the json
2019-02-27 14:56:36 +01:00
Stan Silvert
fe5966d224
KEYCLOAK-8602: PatternFly 4 integration
2019-02-25 08:26:54 -03:00
Simon Neaves
b5fbc04e5e
KEYCLOAK-9376 Add "aud" to DEFAULT_CLAIMS_SUPPORTED
...
See https://issues.jboss.org/browse/KEYCLOAK-9376?_sscc=t
2019-02-25 10:21:49 +01:00
Pedro Igor
99f8e5f808
[KEYCLOAK-9489] - Fixing fine-grained permission functionality
2019-02-22 09:22:14 -03:00
Steven Aerts
d36cb27bd9
KEYCLOAK-9526 admin console auth-url with hostname SPI
2019-02-21 11:55:11 +01:00
Guilhem Lucas
b666756b8f
KEYCLOAK-9320 Make theme properties available in email templates
2019-02-21 11:19:17 +01:00
stianst
e06c705ca8
Set version 5.0.0
2019-02-21 09:35:14 +01:00
Pedro Igor
34d8974e7f
[KEYCLOAK-9489] - User not able to log in to admin console when using query-* roles
2019-02-20 18:09:36 +01:00
Hynek Mlnarik
52840533c9
KEYCLOAK-9111 Fix for unhandled exception
2019-02-13 15:49:49 +01:00
Hynek Mlnarik
37e6b6ffc6
KEYCLOAK-9113 Add support for inspecting log messages for uncaught errors
2019-02-13 15:49:49 +01:00
stianst
7c9f15778a
Set version to 4.8.3.Final
2019-01-09 20:39:30 +01:00
Pedro Igor
382f6b0c2c
[KEYCLOAK-9185] - Update LinkedIn broker to LinkedIn API v2
2019-01-09 15:29:40 +01:00
stianst
7c4890152c
Set version to 4.8.2
2019-01-03 14:43:22 +01:00
Hynek Mlnarik
ca76f943c1
KEYCLOAK-9190 Update GoogleIdentityProvider endpoints
...
per https://accounts.google.com/.well-known/openid-configuration
2019-01-03 14:32:57 +01:00
stianst
07ccbdc3db
KEYCLOAK-9182
2019-01-03 14:28:35 +01:00
Hynek Mlnarik
2e52093ac5
KEYCLOAK-9123 Fix content-type check
2018-12-19 10:43:33 +01:00
mposolda
061693a8c9
KEYCLOAK-9089 IllegalArgumentException when trying to use ES256 as OIDC access token signature
2018-12-14 21:01:03 +01:00
mposolda
1237986fd0
KEYCLOAK-8838 Incorrect resource_access in accessToken when clientId contains dots
2018-12-13 10:31:27 +01:00
rmartinc
3c44e6c377
KEYCLOAK-9068: IDP-initiated-flow is not working with REDIRECT binding
2018-12-13 06:28:38 -02:00
mposolda
c51c492996
KEYCLOAK-9050 Change LoginProtocol.authenticated to read most of the values from authenticationSession
2018-12-12 13:30:03 +01:00
Stan Silvert
3ed77825a2
KEYCLOAK-8495: Account REST Svc doesn't require acct roles
2018-12-12 12:07:29 +01:00
mposolda
a7f57c7e23
KEYCLOAK-9021
2018-12-12 07:09:14 +01:00
mposolda
10eb13854e
KEYCLOAK-9028 Fix another NPE in Cors debug logging
2018-12-11 21:24:32 +01:00
Hynek Mlnarik
cea9e877ad
KEYCLOAK-9036 Fix NPE
2018-12-11 15:35:19 +01:00
MICHEL Arnault (UA 2118)
3f13df81ab
[KEYCLOAK-8580] Fixes and log improvements :
...
- fix buildChain method (return value)
- method setJVMDebuggingForCertPathBuilder removed as it doesn't output anything in server.log
- Performance : don't reload truststore on each authentication request
- Don't generate stacktrace while detecting intermediate CA's
- review log levels and messages : no log if
- log if truststore is not properly configured in standalone[-ha].xml
2018-12-10 13:58:58 +01:00
Hynek Mlnarik
dad12635f6
KEYCLOAK-9014 Fix displayed applications
2018-12-10 09:59:46 +01:00
Pedro Igor
0c39eda8d2
[KECLOAK-8237] - Openshift Client Storage
2018-12-06 10:57:53 -02:00
Hynek Mlnarik
27f145969f
KEYCLOAK-7936 Prevent registration of the same node
...
The root cause is that NodesRegistrationManagement.tryRegister can be
called from multiple threads on the same node, so it can require
registration of the same node multiple times. Hence once it turns to
tasks that invoke sendRegistrationEvent (called sequentially), the same
check has been added to that method to prevent multiple invocations on
server side, or invocation upon undeployment/termination.
2018-12-05 12:34:17 +01:00
Pedro Igor
e798c3bca2
[KEYCLOAK-8901] - Identity Provider : UserInfo response as JWT Token not supported
2018-12-05 09:28:12 -02:00
stianst
b674c0d4d9
Prepare for 4.8.0.Final
2018-12-04 13:54:25 +01:00