253 commits

Author	SHA1	Message	Date
Ricardo Martin	9c780e9190	Honor turnOffChangeSessionIdOnLogin in SAML adapter (#185) ... Closes keycloak/keycloak-private#183 Signed-off-by: rmartinc <rmartinc@redhat.com>	2024-09-16 09:21:07 +02:00
mposolda	125124c2d9	Error when deploying SAML application with the keys in PEM format inside keycloak-saml.xml ... closes #32817 Signed-off-by: mposolda <mposolda@gmail.com>	2024-09-11 19:03:10 +02:00
mposolda	dad4477995	Remove keycloak-core and keycloak-crypto-default from SAML galleon feature pack and upgrade them to Java 17 ... closes #32586 Signed-off-by: mposolda <mposolda@gmail.com>	2024-09-03 15:58:57 +02:00
rmartinc	a38d3b2f55	SAML IdMapperUpdaterSessionListener should be added always and must implement HttpSessionIdListener interface ... Closes #32084 Signed-off-by: rmartinc <rmartinc@redhat.com>	2024-08-13 15:53:45 +02:00
Giuseppe Graziano	ee44f09cf3	Removed jakarta transformation modules from saml adapters ... Closes #30556 Signed-off-by: Giuseppe Graziano <g.graziano94@gmail.com>	2024-06-24 11:03:38 +02:00
Jon Koops	df18629ffe	Use a default Java version from root POM (#29927) ... Signed-off-by: Jon Koops <jonkoops@gmail.com>	2024-06-21 14:19:31 +02:00
rmartinc	f690947cea	Remove the SAML undertow adapter ... Closes #30554 Signed-off-by: rmartinc <rmartinc@redhat.com>	2024-06-20 09:47:14 +02:00
rmartinc	536534dd25	Remove the transformed output directory before executing JakartaTransformer ... Closes #30086 Signed-off-by: rmartinc <rmartinc@redhat.com>	2024-06-03 19:03:46 +02:00
Martin Bartoš	262fc09edc	OpenJDK 21 support (#28518) ... * OpenJDK 21 support Closes #28517 Co-authored-by: Václav Muzikář <vaclav@muzikari.cz> Signed-off-by: Martin Bartoš <mabartos@redhat.com> * x509 SAN UPN other name is not handled in JDK 21 (#904) closes #29968 Signed-off-by: mposolda <mposolda@gmail.com> --------- Signed-off-by: Martin Bartoš <mabartos@redhat.com> Signed-off-by: mposolda <mposolda@gmail.com> Co-authored-by: Václav Muzikář <vaclav@muzikari.cz> Co-authored-by: Marek Posolda <mposolda@gmail.com>	2024-06-03 14:17:28 +02:00
Douglas Palmer	b9c04bb8bc	Refactor PolicyEnforcer tests to remove dependency on keycloak-adapter-core and remove keycloak-adapter-core ... Closes #29189 Closes #28791 Signed-off-by: Douglas Palmer <dpalmer@redhat.com>	2024-05-27 15:00:13 -03:00
Pedro Ruivo	cbce548e71	Infinispan 15.0.3.Final ... Closes #29068 Signed-off-by: Pedro Ruivo <pruivo@redhat.com>	2024-05-08 17:18:39 +02:00
Dimitri Papadopoulos Orfanos	cd8e0fd333	Fix user-facing typos in Javadoc (#28971) ... Signed-off-by: Dimitri Papadopoulos <3234522+DimitriPapadopoulos@users.noreply.github.com> Co-authored-by: Erik Jan de Wit <erikjan.dewit@gmail.com>	2024-05-06 18:57:55 +00:00
Douglas Palmer	8a0322cc13	Remove remaining servlet filter adapter bits ... Closes #29225 Signed-off-by: Douglas Palmer <dpalmer@redhat.com>	2024-05-02 20:29:23 +02:00
Douglas Palmer	b2f09feebf	Remove servlet filter saml adapters ... Closes #28786 Signed-off-by: Douglas Palmer <dpalmer@redhat.com>	2024-04-26 09:30:35 +02:00
Douglas Palmer	c5dbab2740	Remove Jetty SAML adapter ... Closes #28782 Signed-off-by: Douglas Palmer <dpalmer@redhat.com>	2024-04-26 09:30:35 +02:00
Douglas Palmer	98faf6e6a0	Remove Tomcat SAML adapter ... Signed-off-by: Douglas Palmer <dpalmer@redhat.com> Closes #28783	2024-04-26 09:30:35 +02:00
Steven Hawkins	9486432f3f	fix: removing httpclient override (#28304) ... we need to have a dependency on commons-logging-jboss-logging closes: #21392 Signed-off-by: Steve Hawkins <shawkins@redhat.com>	2024-04-23 10:09:06 +02:00
rmartinc	92bcd2645c	Retry the login in the SAML adapter if response is authentication_expired ... Closes #28412 Signed-off-by: rmartinc <rmartinc@redhat.com>	2024-04-12 14:55:31 +02:00
David M. Lloyd	b5535ac970	Do not rely on boot module loader for finding module dependencies ... The `Module.getBootModuleLoader()` API may be deprecated at some point, so use a safer alternative. Closes #28448 Signed-off-by: David M. Lloyd <david.lloyd@redhat.com>	2024-04-04 19:20:43 +02:00
Takashi Norimatsu	b99f45ed3d	Supporting EdDSA ... closes #15714 Signed-off-by: Takashi Norimatsu <takashi.norimatsu.ws@hitachi.com> Co-authored-by: Muhammad Zakwan Bin Mohd Zahid <muhammadzakwan.mohdzahid.fg@hitachi.com> Co-authored-by: rmartinc <rmartinc@redhat.com>	2024-01-24 12:10:41 +01:00
Alexander Schwartz	a8eca6add0	Changing to the Infinispan BOM to avoid mis-aligned Infinispan dependencies (#26137) ... Closes #22922 Signed-off-by: Alexander Schwartz <aschwart@redhat.com> Signed-off-by: Pedro Ruivo <pruivo@redhat.com> Co-authored-by: Pedro Ruivo <pruivo@redhat.com>	2024-01-15 09:20:47 +01:00
Steven Hawkins	08751001db	enhance: adds truststores to the keycloak cr (#25215) ... also generally correcting the misspelling trustore closes: #24798 Signed-off-by: Steve Hawkins <shawkins@redhat.com>	2023-12-14 11:15:06 -03:00
Martin Bartoš	fd56666334	SAML ECP does not work on the latest WF/EAP8 ... Fixes #24746 Signed-off-by: Martin Bartoš <mabartos@redhat.com>	2023-11-16 21:17:19 +01:00
rokkiter	e1735138cb	clean util * (#24174) ... Signed-off-by: rokkiter <yongen.pan@daocloud.io>	2023-11-01 17:14:11 +01:00
Peter Skopek	35c2d52a54	Set distinct wildfly-common versions for Quarkus and WildFly based modules ... Signed-off-by: Peter Skopek <pskopek@redhat.com>	2023-09-07 13:32:25 +02:00
Peter Skopek	bca5fe8051	Tidy up SAML Adapter Galleon Feature Pack build ... Signed-off-by: Peter Skopek <pskopek@redhat.com>	2023-09-07 13:32:25 +02:00
Farah Juma	ec08a7bb73	Update the Keycloak SAML adapter subsystem to no longer use the AttributeDefinition#getAttributeMarshaller method ... Closes https://github.com/keycloak/keycloak/issues/22593 Signed-off-by: Peter Skopek <pskopek@redhat.com>	2023-09-07 13:32:25 +02:00
Peter Skopek	ef272f7668	SAML Adapter fix for EAP8 and WF29 ... Signed-off-by: Peter Skopek <pskopek@redhat.com>	2023-09-07 13:32:25 +02:00
Václav Muzikář	776bcbcbd4	Update bcpkix and bcprov dependencies (#21543) ... Closes #21360	2023-07-20 11:57:18 +02:00
mauritsdebruin	8c7a08e580	Fix connection-pool-size 0 being ignored and being unable to disable the connection pool	2023-07-03 19:26:41 -03:00
Martin Bartoš	124591ce1a	Adapters can still use Java EE ... - Provided all JavaEE dependencies for adapters - Automatically build Undertow Jakarta EE for testsuite (missing SAML) --- Quarkus3 branch sync no. 11 (24.3.2023) Resolved conflicts: keycloak/adapters/oidc/spring-security/pom.xml - Modified --- Quarkus3 branch sync no. 7 (27.2.2023) Resolved conflicts: keycloak/pom.xml - Modified --- Quarkus3 branch sync no. 5 (10.2.2023) Resolved conflicts: keycloak/testsuite/integration-arquillian/servers/auth-server/services/testsuite-providers/pom.xml - Modified --- Quarkus3 branch sync no. 1 (18.1.2023) Resolved conflicts: keycloak/testsuite/integration-arquillian/tests/base/pom.xml - Modified	2023-04-27 13:36:54 +02:00
Stefan Guilhen	ab6ca6e63d	Enable KeycloakServer again by re-enabling undertow adapters ... --- Quarkus3 branch sync #2 (20.1.2023) Resolved conflicts: keycloak/testsuite/utils/pom.xml - Modified	2023-04-27 13:36:54 +02:00
Martin Bartoš	40c38e0133	Fix dependencies in testsuite, adapters and Quarkus module ... --- Quarkus3 branch sync no. 11 (24.3.2023) Resolved conflicts: keycloak/adapters/oidc/spring-security/pom.xml - Modified	2023-04-27 13:36:54 +02:00
Martin Bartoš	ceed48a45a	Ignore adapters	2023-04-27 13:36:54 +02:00
Martin Bartoš	7cff857238	Migrate packages from javax.* to jakarta.* ... --- Quarkus3 branch sync no. 14 (24.4.2023) Resolved conflicts: keycloak/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/federation/storage/ComponentExportImportTest.java - Modified keycloak/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/DeclarativeUserTest.java - Modified keycloak/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/federation/storage/FederatedStorageExportImportTest.java - Modified keycloak/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/authentication/FlowTest.java - Modified keycloak/services/src/main/java/org/keycloak/services/resources/admin/UserResource.java - Modified --- Quarkus3 branch sync no. 13 (11.4.2023) Resolved conflicts: keycloak/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/pages/AccountTotpPage.java - Deleted keycloak/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/federation/storage/BackwardsCompatibilityUserStorageTest.java - Modified --- Quarkus3 branch sync no. 12 (31.3.2023) Resolved conflicts: keycloak/quarkus/runtime/src/main/java/org/keycloak/quarkus/runtime/services/resources/QuarkusWelcomeResource.java - Modified keycloak/services/src/main/java/org/keycloak/protocol/saml/profile/util/Soap.java - Modified keycloak/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/util/UserInfoClientUtil.java - Modified keycloak/services/src/main/java/org/keycloak/protocol/oidc/endpoints/UserInfoEndpoint.java - Modified keycloak/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/sessionlimits/UserSessionLimitsTest.java - Modified --- Quarkus3 branch sync no. 10 (17.3.2023) Resolved conflicts: keycloak/services/src/main/java/org/keycloak/protocol/saml/SamlProtocolUtils.java - Modified --- Quarkus3 branch sync no. 9 (10.3.2023) Resolved conflicts: keycloak/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/federation/kerberos/AbstractKerberosSingleRealmTest.java - Modified keycloak/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/forms/LoginTest.java - Modified --- Quarkus3 branch sync no. 8 (3.3.2023) Resolved conflicts: keycloak/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/util/SamlClient.java Modified - Modified keycloak/services/src/main/java/org/keycloak/protocol/saml/SamlProtocol.java - Modified keycloak/examples/providers/authenticator/src/main/java/org/keycloak/examples/authenticator/SecretQuestionAuthenticator.java - Modified --- Quarkus3 branch sync no. 6 (17.2.2023) Resolved conflicts: keycloak/integration/admin-client/src/main/java/org/keycloak/admin/client/resource/ComponentsResource.java - Modified keycloak/testsuite/utils/src/main/java/org/keycloak/testsuite/KeycloakServer.java - Modified keycloak/services/src/main/java/org/keycloak/protocol/saml/installation/SamlSPDescriptorClientInstallation.java - Modified --- Quarkus3 branch sync no. 5 (10.2.2023) Resolved conflicts: /keycloak/services/src/main/java/org/keycloak/social/google/GoogleIdentityProvider.java Modified - Modified keycloak/services/src/main/java/org/keycloak/social/twitter/TwitterIdentityProvider.java - Modified --- Quarkus3 branch sync no. 4 (3.2.2023) Resolved conflicts: keycloak/quarkus/runtime/src/main/java/org/keycloak/quarkus/runtime/integration/jaxrs/QuarkusKeycloakApplication.java - Modified --- Quarkus3 branch sync no. 1 (18.1.2023) Resolved conflicts: keycloak/testsuite/client/ClientPoliciesTest.java - Deleted keycloak/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/client/ClientRegistrationTest.java - Modified keycloak/model/map-jpa/src/main/java/org/keycloak/models/map/storage/jpa/JpaModelCriteriaBuilder.java - Modified	2023-04-27 13:36:54 +02:00
Peter Skopek	5cc385d460	Add a Galleon feature pack to allow Galleon provisioning of the SAML adapter to WildFly (#19710) ... * Add a Galleon feature pack to allow Galleon provisioning of the SAML adapter to WildFly Closes #12363 Signed-off-by: Peter Skopek <pskopek@redhat.com> * Transition SAML adapter modules to Jakarta #12363 Signed-off-by: Peter Skopek <pskopek@redhat.com> * Wildfly Galleon Pack version and configuration updated #12363 Signed-off-by: Peter Skopek <pskopek@redhat.com> --------- Signed-off-by: Peter Skopek <pskopek@redhat.com> Co-authored-by: Farah Juma <fjuma@redhat.com>	2023-04-18 08:47:24 +02:00
rmartinc	cab7e50410	Better handling for SAML signatures in POST and REDIRECT bindings ... Closes https://github.com/keycloak/keycloak/issues/17456	2023-03-15 09:06:59 -03:00
Jon Koops	972ebb9650	Use a valid SemVer format for the SNAPSHOT version (#17334) ... * Use a valid SemVer format for the SNAPSHOT version * Update pom.xml * Update pom.xml --------- Co-authored-by: Stian Thorgersen <stianst@gmail.com> Co-authored-by: Stian Thorgersen <stian@redhat.com>	2023-03-03 11:11:44 +01:00
laskasn	dc8b759c3d	Use encryption keys rather than sig for crypto in SAML ... Closes #13606 Co-authored-by: mhajas <mhajas@redhat.com> Co-authored-by: hmlnarik <hmlnarik@redhat.com>	2023-02-10 12:06:49 +01:00
Peter Skopek	8f9c3cdeab	SAML adapter is missing "crypto/default" module (#15146) ... Closes #15146	2022-10-26 11:59:56 +02:00
Stian Thorgersen	97ae90de88	Remove Red Hat Single Sign-On product profile from upstream (#14697) ... * Remove Red Hat Single Sign-On product profile from upstream Closes #14916 * review suggestions: Remove Red Hat Single Sign-On product profile from upstream Closes #14916 Co-authored-by: Peter Skopek <pskopek@redhat.com>	2022-10-18 14:43:04 +02:00
Alexander Schwartz	850af55edc	Ensure that only JDK 8 APIs are used where JDK 8 is still required. ... Closes #10842	2022-06-20 14:44:33 -03:00
Stian Thorgersen	075e284455	Remove legacy (non-Elytron) WildFly adapter (#11789) ... Closes #11683	2022-05-18 10:34:47 +02:00
Stian Thorgersen	491b3262de	Remove Jetty 9.2 and 9.3 adapters (#11792) ... Closes #11791	2022-05-04 15:24:46 +02:00
Stian Thorgersen	b65d76edab	Remove EAP6 and AS7 adapters (#11605) ... Closes #11604	2022-04-28 11:20:44 +02:00
Stian Thorgersen	e3f3e65ac5	Remove JDK7 support for adapters (#11607) ... Closes #11606	2022-04-27 08:33:23 +02:00
rmartinc	755080d745	[#10894] SAML Adapters tests start failing in recent versions of EAP/wildfly	2022-03-29 12:31:09 +02:00
keycloak-bot	c71aa8b711	Set version to 999-SNAPSHOT (#10784)	2022-03-22 09:22:48 +01:00
stianst	5ef8265b75	Remove Tomcat 7 adapter ... Closes #9428	2022-02-28 07:50:36 +01:00
Stian Thorgersen	fa87d46210	Remove additional repositories where they are not needed. Set updatePolicy for GA. (#10047) ... Closes: #10133	2022-02-16 08:59:05 +01:00