Commit graph

444 commits

Author SHA1 Message Date
Stian Thorgersen
b727087f04 KEYCLOAK-1150
'iss' should be URL not just realm name
2015-03-26 13:50:36 +01:00
mposolda
477d8b35e3 KEYCLOAK-1116 KEYCLOAK-1117 JSON migration and removal of ClientModel.claimsMask 2015-03-26 11:49:22 +01:00
Bill Burke
97d5f4aafc broker refactor 2015-03-20 18:56:25 -04:00
Stian Thorgersen
8ed1c475e4 KEYCLOAK-498 Package theme as a JAR 2015-03-20 14:13:25 +01:00
Stian Thorgersen
1714ce91d1 KEYCLOAK-1076 XML tag <enable-basic-auth> needed in secure-deployments for AS-7 subsystem 2015-03-20 07:37:16 +01:00
Stian Thorgersen
93f9706297 KEYCLOAK-1110 Fix role not removed from default roles when not deleted 2015-03-20 06:17:35 +01:00
Stian Thorgersen
1d4e8118f0 Updated admin-client to use new token endpoint 2015-03-20 06:04:36 +01:00
Bill Burke
b26277a17c broker fixes 2015-03-18 21:58:04 -04:00
Bill Burke
ce2c4188fb saml broker import/export, and module fixes 2015-03-17 19:20:46 -04:00
mposolda
4da566ae4d KEYCLOAK-1094 Rename k_idp_hint to kc_idp_hint 2015-03-16 20:00:20 +01:00
Stian Thorgersen
e2b02d414f Change adapters to use auth and token endpoints 2015-03-16 09:23:12 +01:00
mposolda
9b74393add KEYCLOAK-1102 Used just one ResteasyClient in admin client 2015-03-13 19:56:05 +01:00
Stian Thorgersen
1f5fedb0b0 Module provider loader 2015-03-06 05:30:17 +01:00
Stian Thorgersen
4cb3d51781 KEYCLOAK-1082
Make sure session is valid if keycloak.js is initialized with tokens
2015-03-05 07:42:31 +01:00
Bill Burke
98831ec05a fix other claims in IDToken 2015-03-04 20:27:06 -05:00
mposolda
03d607b022 Fix showing federation links of users in admin console 2015-02-11 13:03:31 +01:00
girirajsharma
c3d7ef8066 Updated BC provider versions and deprecated CertificateUtil methods. 2015-02-10 18:44:54 +05:30
pedroigor
ff1f10d7a7 [KEYCLOAK-883] - Refactoring to services endpoints and exposing them through admin client. 2015-02-09 21:30:21 -02:00
pedroigor
4ce2e76a2d [KEYCKOAK-883] - Adding idpHint config option when configuring login url. 2015-02-08 20:52:44 -02:00
mposolda
1d8ebd441d KEYCLOAK-1023 Improve osgi packaging for hawtio. Fix typos in fuse example docs. 2015-02-02 23:25:56 +01:00
Pedro Igor
e452165c4a Merge pull request #941 from pedroigor/KEYCLOAK-996
[KEYCLOAK-996] - Allow application to select provider.
2015-01-30 14:28:50 -02:00
pedroigor
99a457c5c1 [KEYCLOAK-996] - Allow application to select provider. 2015-01-30 14:02:53 -02:00
Stian Thorgersen
4dfb4a91ea KEYCLOAK-1018 Update JS adapter to use protocol/openid-connect urls 2015-01-30 14:29:58 +01:00
Stian Thorgersen
e2998a09b6 KEYCLOAK-1019 Fix to keycloak.js if auth-server-url ends with '/' 2015-01-30 10:02:27 +01:00
Stian Thorgersen
eb695f12f7 KEYCLOAK-1000 Module provider loader 2015-01-28 11:26:46 +01:00
mposolda
ee4fbca868 Improve OOTB experience for ssh and jmx authentication in fuse 2015-01-23 20:57:40 +01:00
mposolda
efb6ec8099 Added docs and example for SSH and JMX authentication on fuse 2015-01-21 13:43:38 +01:00
mposolda
715482e371 Have fuse example working on newest fuse 6.2. Refactoring of ServletReregistrationService to work on fuse 6.1, 6.2 and karaf 3.0.2 2015-01-20 21:45:08 +01:00
Stian Thorgersen
c8d879a82d KEYCLOAK-977 Use reflection to find constructor for JBossGenericPrincipal to support EAP 6.4 2015-01-20 13:24:58 +01:00
Bill Burke
42bdb7731d Merge pull request #916 from jimmidyson/spring-boot-integration
Spring boot adapter
2015-01-16 19:01:04 -05:00
Bill Burke
ef2698936b Merge pull request #919 from pedroigor/KEYCLOAK-884
[KEYCLOAK-884] - OpenID Connect UserInfo Endpoint.
2015-01-16 14:28:30 -05:00
pedroigor
4f432775ed [KEYCLOAK-884] - OpenID Connect UserInfo Endpoint. 2015-01-16 15:45:27 -02:00
mposolda
2e04ac549e Make it easier to run demo on different host then auth-server 2015-01-16 18:02:23 +01:00
Jimmi Dyson
81849ae631 Configure resource constraints via Spring Boot properties 2015-01-16 12:43:47 +00:00
Jimmi Dyson
a5246b8075 Working external configuration through Spring Boot application.properties 2015-01-16 12:42:59 +00:00
Jimmi Dyson
273e945850 First stab - now just to make it configurable 2015-01-16 12:42:54 +00:00
Stian Thorgersen
bf6c46da1c KEYCLOAK-962 Changed access token request to use redirect_uri from initial request instead of the resolved redirect_uri 2015-01-16 11:01:03 +01:00
mposolda
522e24017c Rebase with master 2015-01-15 20:29:34 +01:00
mposolda
7faee110d5 KEYCLOAK-853 Documentation for login modules 2015-01-15 19:03:11 +01:00
mposolda
d928c26e27 KEYCLOAK-539 Fuse adapter. OSGI bundling. OSGI headers in keycloak adapter maven artifacts. Rename package in jetty-core 2015-01-15 19:02:45 +01:00
Stian Thorgersen
c3c6d4cbba Add redirect_uri to access token request in keycloak.js 2015-01-14 15:18:22 +01:00
pedroigor
fa2533ed11 [KEYCLOAK-883] - Initial changes. 2015-01-13 00:58:19 -02:00
Stian Thorgersen
959933a227 Version bump 2015-01-12 10:35:50 +01:00
Michael Gerber
9c484b9938 add test 2015-01-09 14:03:36 +01:00
Michael Gerber
7ce1502bc5 pass login_hint parameter to the keycloak login page 2015-01-09 11:58:44 +01:00
mposolda
e62858cefd KEYCLOAK-900 Fix resolving of current hostname 2015-01-08 11:09:11 +01:00
Stian Thorgersen
526e25abc7 Fixes for commons-io dep issues in KeycloakServer 2015-01-08 09:53:43 +01:00
Stian Thorgersen
b7dae5c88f Fixes for regression introduced by KEYCLOAK-923 2015-01-07 14:54:18 +01:00
Stian Thorgersen
2b1ae89608 KEYCLOAK-933 expose-token setting not working - empty string returned instead of token 2015-01-07 12:58:42 +01:00
Bill Burke
2a7fc53300 Merge pull request #908 from patriot1burke/master
fix cached principal adapter
2015-01-06 15:57:56 -05:00
Bill Burke
0f4953dcd2 fix cached principal adapter 2015-01-06 13:47:02 -05:00
mposolda
c7b0c4fb05 KEYCLOAK-929 Don't remove principal on session passivation 2015-01-06 19:44:07 +01:00
Stian Thorgersen
74ba508e4a KEYCLOAK-918 Reverse proxy triggers NPE in undertow adapter 2015-01-06 10:14:57 +01:00
Stian Thorgersen
992455e273 KEYCLOAK-923 Login redirect should support query param in keycloak.js 2015-01-06 09:56:03 +01:00
Stian Thorgersen
f97b71c207 KEYCLOAK-903
No client session for direct grant
2014-12-30 13:28:08 +01:00
Bill Burke
ec9ce6ef2f error page adapter support 2014-12-23 16:33:08 -05:00
Bill Burke
8a1b7e39af RESTEASY-901 2014-12-22 15:59:25 -05:00
Michael Gerber
512a68c5fa Not required authentication bugfix 2014-12-20 14:12:35 +01:00
gerbermichi
1eaafcd3d9 bugfix for excluded post rest services 2014-12-19 16:55:46 +01:00
Bill Burke
28a56289d9 Merge pull request #897 from patriot1burke/master
saved requests
2014-12-17 22:29:46 -05:00
Bill Burke
08be04b337 saved requests 2014-12-17 22:29:18 -05:00
Stan Silvert
0082892f7c KEYCLOAK-880 Fix use of ${..} props in subsystem XML 2014-12-17 15:40:02 -05:00
Stian Thorgersen
ee62f5b1a1 Merge pull request #891 from nilspreusker/ie9-compatibility
IE9 Compatibility
2014-12-17 10:56:14 +01:00
Bill Burke
17a8a92bb3 common eap code 2014-12-16 12:26:56 -05:00
Nils Preusker
ce1fd8eedc using JSON.stringify(...) and JSON.parse(...)
see
http://lists.jboss.org/pipermail/keycloak-user/2014-December/thread.html
#1355
2014-12-16 16:14:13 +01:00
Bill Burke
6c04e26376 bump 2014-12-05 21:09:38 -05:00
Bill Burke
c0059a875b bump version 2014-12-05 19:03:13 -05:00
Stan Silvert
952436f129 Restore old AS7 subystem. 2014-12-04 14:53:50 -05:00
Bill Burke
82c3e4c1bc adapter testsuite port and adapter fixes 2014-12-02 14:38:33 -05:00
objectiser
8e01f8ecf1 KEYCLOAK-861 Support basic authentication against user credentials managed by KeyCloak. 2014-12-01 11:43:19 +00:00
mposolda
c5d000cefc Allow login modules to be more flexible 2014-11-28 20:06:18 +01:00
Stian Thorgersen
6b3e7c76bd Merge pull request #870 from ssilvert/eap-subsys
KEYCLOAK-856 Merge WildFly and EAP subsystems
2014-11-27 10:02:01 +01:00
Bill Burke
e14c5adf55 Merge remote-tracking branch 'upstream/master' 2014-11-24 19:16:34 -05:00
Bill Burke
d0856e024f proxy distro 2014-11-24 18:12:17 -05:00
Stan Silvert
d53b01eb2b KEYCLOAK-856 Rename wildfly-subsystem to keycloak-subsystem 2014-11-24 16:52:16 -05:00
mposolda
2a78d0d4d0 KEYCLOAK-859 Added DirectAccessGrantsLoginModule 2014-11-24 18:56:51 +01:00
Stan Silvert
34e18c176d KEYCLOAK-856 Remove EAP subsystem 2014-11-23 09:35:19 -05:00
Bill Burke
4bad1fea86 Merge remote-tracking branch 'upstream/master' 2014-11-21 18:45:02 -05:00
Bill Burke
bc6e7c249b proxy config 2 2014-11-21 18:44:39 -05:00
mposolda
f1378a6092 KEYCLOAK-858 avoid creating inner DeploymentDelegate for each request 2014-11-21 23:49:29 +01:00
mposolda
829f9f4386 KEYCLOAK-857 add getter/setter for principalAttribute to AdapterDeploymentContext 2014-11-21 22:51:22 +01:00
Stan Silvert
f537661341 KEYCLOAK-856 Merge WildFly and EAP subsystems 2014-11-21 13:33:14 -05:00
Bill Burke
21279fc9ed proxy 2014-11-20 21:48:59 -05:00
Stian Thorgersen
ed1073ca92 KEYCLOAK-791 Denial of Service by invalid character injection 2014-11-18 14:58:20 +01:00
Bill Burke
7244e2f173 Merge pull request #859 from patriot1burke/master
tomcat6
2014-11-15 12:00:18 -05:00
Bill Burke
5be045c42b tomcat6 2014-11-15 11:59:33 -05:00
mposolda
b08930961f Fixes to login module 2014-11-14 21:06:07 +01:00
mposolda
68bff44b2e KEYCLOAK-853 Added jaas login module BearerTokenLoginModule 2014-11-14 13:40:12 +01:00
Bill Burke
e2045907d4 tomcat8 2014-11-12 18:56:18 -05:00
Stan Silvert
67c0182a49 KEYCLOAK-839 Auth Server overlay enhancements 2014-11-12 13:39:39 -05:00
Stan Silvert
c85a31be7f KEYCLOAK-839 Auth Server overlay enhancements 2014-11-12 13:39:38 -05:00
Bill Burke
3b6f10913c merge 2014-11-10 17:09:00 -05:00
Bill Burke
3fbffc9d7d jetty 8 2014-11-10 16:59:31 -05:00
mposolda
07fd8ae9d7 KEYCLOAK-836 Added OsgiJaxrsBearerTokenFilterImpl to be used in fuse 2014-11-10 22:16:20 +01:00
mposolda
a94ab5883d KEYCLOAK-835 Move AdapterConstants to different package 2014-11-10 22:16:20 +01:00
mposolda
d1e819cef1 KEYCLOAK-836 Refactoring of JaxrsBearerTokenFilter to work with both resteasy and Apache CXF. Added test 2014-11-10 22:16:14 +01:00
Bill Burke
b0a5161e6b final jetty stuff 2014-11-07 21:10:15 -05:00
Bill Burke
3805510e20 more jetty adapter 2014-11-07 18:34:53 -05:00
Bill Burke
31050e0580 Merge pull request #811 from ssilvert/deploy-auth-in-subsys
KEYCLOAK-795 Move Auth Server into Keycloak Subsystem
2014-11-06 17:57:19 -05:00
Bill Burke
cd25d7019b jetty adapter 2014-11-06 17:27:31 -05:00
Stan Silvert
3f75ebf029 KEYCLOAK-795 Move Auth Server into Keycloak Subsystem 2014-11-05 08:31:07 -05:00
Stan Silvert
f9215e961d Incremental commit because I haven't done one in awhile. 2014-11-05 08:31:06 -05:00
Stan Silvert
4776582a6a Old experiment with keycloak-server.json embedded into standalone.xml 2014-11-05 08:31:05 -05:00
Bill Burke
9c175bfb5d Merge remote-tracking branch 'upstream/master' 2014-11-04 15:55:47 -05:00
Bill Burke
ede59a4441 fix jax-doclets 2014-11-04 15:55:33 -05:00
Stian Thorgersen
1797f7e704 KEYCLOAK-814 Admin Client Example 2014-11-04 10:33:42 +01:00
Stian Thorgersen
0f8c073354 Version bump 2014-11-04 09:01:06 +01:00
mposolda
229391d48b Fix servlet logout on wildfly/undertow 2014-11-03 12:59:40 +01:00
Bill Burke
9c7e297118 principal token attribute mapping 2014-10-31 16:40:07 -04:00
Bill Burke
f209476a1b merged 2014-10-31 10:45:35 -04:00
Bill Burke
bd08643f6c Merge remote-tracking branch 'upstream/master' 2014-10-31 10:29:13 -04:00
Bill Burke
a9770073b2 logout ffixes 2014-10-31 10:29:06 -04:00
mposolda
82af7cbfa2 Fix multi-tenancy on EAP63/AS7 2014-10-31 13:17:35 +01:00
mposolda
44d4f6eb95 Remove redundant realm property from KeycloakSecurityContext 2014-10-31 13:17:35 +01:00
Juraci Paixão Kröhling
8e764e642f KEYCLOAK-779
Adapter multi-tenancy support
2014-10-30 16:54:26 +01:00
Bill Burke
cf747dac22 remove info logging 2014-10-30 09:53:06 -04:00
Bill Burke
d289fa7402 Merge remote-tracking branch 'upstream/master' 2014-10-29 11:42:36 -04:00
Bill Burke
5831cffc19 add logging to pom 2014-10-29 11:42:24 -04:00
Juraci Paixão Kröhling
e43dd0ad19 Changed name for adapter-core maven module 2014-10-29 10:18:49 +01:00
Bill Burke
e5934e9d54 saml docs 2014-10-28 12:16:54 -04:00
Bill Burke
cb110d095f conflict 2014-10-28 11:55:52 -04:00
mposolda
c6fc44bcc2 Minor fixes and javadoc 2014-10-27 22:02:09 +01:00
mposolda
a538e25b9d KEYCLOAK-702 - Added AdapterTokenStore spi. Possibility to save account info to cookie as alternative to http session 2014-10-27 16:20:01 +01:00
Bill Burke
ce76270ad8 saml key refactor 2014-10-24 10:58:32 -04:00
mposolda
5bfb0e73ac Rewrite NodeRegistrationManagement to better suit multi-tenant usecase 2014-10-22 17:11:05 +02:00
mposolda
f3da9760a3 Send node registration at 1st request instead of deployment startup. Bugfixing 2014-10-21 23:15:21 +02:00
Stian Thorgersen
dec82ddf68 Merge pull request #787 from stianst/master
KEYCLOAK-711 HttpServletReqest.logout() does not work with relative URI
2014-10-21 12:42:34 +02:00
Stian Thorgersen
2c218c9aa0 KEYCLOAK-711 HttpServletReqest.logout() does not work with relative URI 2014-10-21 12:36:20 +02:00
mposolda
01c705b4d3 KEYCLOAK-759 Added adapter clustering to admin console 2014-10-21 12:32:53 +02:00
mposolda
7d8f265789 KEYCLOAK-759 dynamic registration of managementUrls in cluster 2014-10-17 21:51:46 +02:00
mposolda
9954d68a1f KEYCLOAK-748 cluster-aware logout for non-distributable apps 2014-10-09 21:33:07 +02:00
mposolda
ac8b43358d Reduce logging 2014-10-08 23:28:02 +02:00
mposolda
1e33931f23 KEYCLOAK-741 Failure to refresh token should invalidate http session 2014-10-08 22:18:11 +02:00
mposolda
7e7406ddb7 KEYCLOAK-743 Stateless session mgmt. Drop statistics for adapters. 2014-10-08 22:18:10 +02:00
mposolda
84e1ace539 KEYCLOAK-742 Added always-refresh-token option to adapters 2014-10-08 22:18:10 +02:00
mposolda
59bf7e524f Change method signature 2014-10-05 20:07:54 +02:00
mposolda
10e618dee9 Workaround for WFLY-3345 so logout can work for 'distributable' applications 2014-10-03 11:26:34 +02:00
mposolda
50f148cd7c Use one option "auth-server-url-for-backend-requests" instead of 3 options 2014-10-02 19:16:04 +02:00
mposolda
72b5632cfe KEYCLOAK-731 Support for replacing configuration of Java adapters with system properties 2014-10-02 19:15:37 +02:00
Bill Burke
6cf62a2768 move pre-auth 2014-10-01 14:57:52 -04:00
Bill Burke
71216bf2c9 merge 2014-10-01 14:21:23 -04:00
mposolda
d7bcd41909 Ensure that KeycloakUndertowAccount and referenced classes can be serialized in session 2014-10-01 19:08:41 +02:00
Bill Burke
4b399fe05a login protocol abstraction 2014-10-01 10:01:42 -04:00
mposolda
80a9a8984a Cleanup. Support to use-hostname-for-local-requests added to Demo examples 2014-09-30 17:37:36 +02:00
mposolda
18fe808ce0 KEYCLOAK-720 Support for relative URI resolved by hostname in wildfly adapter 2014-09-30 17:37:36 +02:00
mposolda
337b03fc62 KEYCLOAK-720 added support for oauth clients 2014-09-30 17:37:36 +02:00
Stian Thorgersen
f026772c87 KEYCLOAK-725 Add realm update to the Admin Client 2014-09-30 15:43:18 +02:00
Stian Thorgersen
423dc1b8a7 Change version schema to match JBoss 2014-09-12 09:35:08 +02:00
Stian Thorgersen
280cbf2174 KEYCLOAK-680 Add/remove social-links through admin api 2014-09-11 12:09:55 +02:00
Stian Thorgersen
5dea07793b Version bump 2014-09-11 09:27:58 +02:00