Commit graph

698 commits

Author SHA1 Message Date
Stian Thorgersen
0ca117b8e9 KEYCLOAK-2865 Extend coverage of client admin endpoints 2016-05-06 08:08:52 +02:00
Marko Strukelj
f337085ed0 KEYCLOAK-2869 IdentityProvidersResource/IdentityProviderResource 2016-05-05 17:04:45 +02:00
Stian Thorgersen
2355db57da KEYCLOAK-2880 Permissions tests for admin endpoints 2016-05-04 08:25:05 +02:00
Stian Thorgersen
95724e36f3 KEYCLOAK-2871 Extend coverage on RealmAdminResource 2016-04-27 10:29:24 +02:00
mposolda
e0aedfb93d KEYCLOAK-2878 UserFederation mapper testing 2016-04-22 14:03:42 +02:00
mposolda
afcdce6b71 Simplified calling of AuthenticationManagementResource.getExecutions() 2016-04-21 23:11:25 +02:00
mposolda
f6a718f10a KEYCLOAK-2878 Testing of UserFederation admin REST endpoints 2016-04-21 23:11:14 +02:00
Stian Thorgersen
34d5e85316 KEYCLOAK-2873 / KEYCLOAK-2875 Test RoleContainerResource 2016-04-21 10:58:46 +02:00
Stian Thorgersen
4f5b71d81a KEYCLOAK-2872 Test RoleByIdResource 2016-04-21 07:09:25 +02:00
Stian Thorgersen
86dfcecef6 KEYCLOAK-2861 Test AttackDetectionResource 2016-04-20 16:21:57 +02:00
Stian Thorgersen
f64ffcbefe KEYCLOAK-2818
Fix poms not updated by versions plugin
2016-04-14 08:16:07 +02:00
mposolda
3c3bbdbbdb KEYCLOAK-2809 NPE when removing role, which is in scope of some ClientTemplate 2016-04-13 11:49:29 +02:00
mposolda
e4f75409c9 KEYCLOAK-2802 NPE during identity broker cancelled from account mgmt 2016-04-11 23:31:24 +02:00
mposolda
98ad9b7e7c KEYCLOAK-2801 Redirected to login theme error page after failed social linking from account management 2016-04-11 23:30:18 +02:00
Guus der Kinderen
38670df49a
KEYCLOAK-2785: Admin client should be able to delete a user.
The delete user service should be exposed in the admin client.
2016-04-08 16:34:46 +02:00
Konstantin Gribov
974c5615af Revert accidentally removed ResteasyClient configuration in admin
Fixes accidentally removed in PR #2449 ResteasyClient pool size parameter in
`org.keycloak.admin.client.Keycloak`.
2016-04-07 20:24:57 +03:00
Stian Thorgersen
e8932bbea0 Merge pull request #2449 from grossws/KEYCLOAK-2236
KEYCLOAK-2236 add service account support to keycloak-admin-client
2016-04-07 15:45:10 +02:00
Konstantin Gribov
96424536a7 Add service account support to Keycloak admin client
Added grant_type=client_credentials support to keycloak-admin-client
so `keycloak-admin-client` can be used with service client account.

Fixes #KEYCLOAK-2236
2016-04-07 15:24:07 +03:00
Guus der Kinderen
be578684b9
KEYCLOAK-2767: Should return a primitive if possible.
A JSON primitive is valid JSON. There is no need to construct a JSON object
just for the sake of being JSON complient. This keeps things nice and simple.
2016-04-07 13:19:29 +02:00
Stian Thorgersen
6dc1194247 Merge pull request #2508 from guusdk/KEYCLOAK-2731
KEYCLOAK-2731: Improve thread safety of TokenManager
2016-04-07 07:36:22 +02:00
Stian Thorgersen
a7c956bf10 Merge pull request #2505 from guusdk/KEYCLOAK-2746
KEYCLOAK-2746: By default, allow for concurrent usage
2016-04-07 07:35:39 +02:00
Stian Thorgersen
0907feb508 Merge pull request #2446 from guusdk/KEYCLOAK-2726
KEYCLOAK-2726: Invalidate token upon failure
2016-04-07 07:24:03 +02:00
Stian Thorgersen
30e2709bd0 Merge pull request #2443 from guusdk/KEYCLOAK-2721
KEYCLOAK-2721: Do not recreate TokenService proxy
2016-04-07 07:20:46 +02:00
Guus der Kinderen
804dd13abd KEYCLOAK-2731: Improve thread safety of TokenManager
This commit guards access to the non-final fields of TokenManager by its intrinsic lock.
2016-04-05 15:01:37 +02:00
Guus der Kinderen
120b880427 KEYCLOAK-2746: By default, allow for concurrent usage
The nature of Keycloak makes it very plausible that it is used in
a concurrent setting. With that in mind, it would make sense to,
by default, allow for more than one concurrent Resteasy connection
in the admin client code.
2016-04-05 11:34:02 +02:00
Stian Thorgersen
48551d362a KEYCLOAK-2704
User count missing in REST admin endpoint
2016-04-05 07:48:20 +02:00
Bill Burke
545fb8b849 KEYCLOAK-2716 2016-03-30 18:15:11 -04:00
Guus der Kinderen
ad7a6c4854 KEYCLOAK-2726: Invalidate token upon failure
When a token managed by TokenManager is known to be invalid, it should no
longer be used. This commit adds a response listener to the only filter
using TokenManager, which causes, upon authentication failure, to
invalidate the token that was used.
2016-03-30 15:33:58 +02:00
Guus der Kinderen
89158c9dcf KEYCLOAK-2721: Do not recreate TokenService proxy
By re-using the service proxy, classloading issues can be prevented.
2016-03-29 11:11:35 +02:00
Stian Thorgersen
28fe13a800 Next is 2.0.0.CR1 2016-03-10 08:13:00 +01:00
Stian Thorgersen
d722e53108 Next is 1.9.2.Final 2016-03-10 07:28:27 +01:00
Stian Thorgersen
56c3d53a24 Merge pull request #2324 from ssilvert/client-tests
KEYCLOAK-2535: ClientResource endpoint tests
2016-03-07 06:13:55 +01:00
Bruno Oliveira
4a027d97b0 Client registration won't compile without these changes 2016-03-04 12:46:57 -03:00
Stan Silvert
2c79456e72 KEYCLOAK-2535: ClientResource endpoint tests 2016-03-04 07:41:24 -05:00
Stian Thorgersen
24328fdc47 KEYCLOAK-2555 ForbiddenException when importing test realm or creating test user 2016-02-29 10:09:06 +01:00
Stan Silvert
3383b044b2 KEYCLOAK-2316: Sync admin client with endpoints for Client. First commit. 2016-02-23 13:29:12 -05:00
Stian Thorgersen
a1d9753ec2 Next is 1.9.1.Final-SNAPSHOT 2016-02-23 08:48:26 +01:00
Stian Thorgersen
4fd97091ff Version bump to 2.0.0.CR1-SNAPSHOT 2016-02-22 11:36:56 +01:00
Stian Thorgersen
7841c5f07b Merge pull request #2232 from abstractj/cli-registration-parent
Fixes the parent for Keycloak client registration cli module
2016-02-17 07:45:15 +00:00
Bruno Oliveira
f3752f804f Fixes the parent for Keycloak client registration cli module 2016-02-16 15:33:49 -02:00
Stan Silvert
17e09a557b Fix conflict. 2016-02-11 15:38:58 -05:00
Stan Silvert
dd9cf3be39 KEYCLOAK-2481: Create admin client endpoint for partial endpoint + tests 2016-02-11 15:26:52 -05:00
Marko Strukelj
dadb470609 KEYCLOAK-1967 Add support for authentication flows into admin-rest-client 2016-02-11 12:18:01 +01:00
Stian Thorgersen
77912b2117 KEYCLOAK-2475
Move client registration endpoints
2016-02-10 14:23:04 +01:00
Stan Silvert
e89f511465 KEYCLOAK-1976: Add support for events into admin-rest-client. Also,
arquillian tests for events.
2016-02-05 18:45:25 -05:00
Stian Thorgersen
579ab56a5a Bump version to 1.9.0.Final-SNAPSHOT 2016-02-04 15:55:11 +01:00
Stian Thorgersen
c7a8742a36 KEYCLOAK-1524
Source code headers
2016-02-03 11:20:22 +01:00
Stian Thorgersen
59c7cfcc97 KEYCLOAK-2312 Move client-registration libs into integration 2016-01-21 09:06:23 +01:00
Bill Burke
d9487a8745 social broker reorg 2016-01-20 16:46:38 -05:00
Stian Thorgersen
73db7a0ea9 KEYCLOAK-2323 Revert changes 2016-01-20 14:34:59 +01:00
Stian Thorgersen
ded919c0a6 Merge pull request #2033 from ahus1/ahus1_location_fragment_lost_on_logout
Handle URL fragments when redirect from logout / KEYCLOAK-2323
2016-01-18 09:52:37 +01:00
Stian Thorgersen
504218470b Merge pull request #2032 from ahus1/ahus1_timeskew_for_init
set timeSkew when passing tokens to init()
2016-01-15 16:38:38 +01:00
Alexander Schwartz
b7ac2548f1 Handle URL fragments when redirect from logout / KEYCLOAK-2323 2016-01-14 23:06:16 +01:00
Alexander Schwartz
9b8c80e83f set timeSkew when passing tokens to init(), also allow timeSkew to be passed as a parameter / KEYCLOAK-2322 2016-01-14 22:37:29 +01:00
Stian Thorgersen
435980d776 KEYCLOAK-1809
Upgrade jackson to version 2.x
2016-01-14 16:34:30 +01:00
Stian Thorgersen
ddb41e2c58 Merge pull request #2017 from mposolda/master
KEYCLOAK-2270 Use sub instead of iss for clientId in JWTClientAuthent…
2016-01-13 11:10:09 +01:00
mposolda
4642876323 KEYCLOAK-2270 Use sub instead of iss for clientId in JWTClientAuthenticator 2016-01-13 10:12:20 +01:00
Stian Thorgersen
0193c696ab Version bump 2016-01-13 09:20:38 +01:00
Bill Burke
f7ac5fae2a Merge pull request #1945 from raehalme/KEYCLOAK-1579
KEYCLOAK-1579: Replaced AdapterDeploymentContextBean with AdapterDeploymentContextFactoryBean
2016-01-04 17:15:25 -05:00
Bill Burke
d939b6a431 template scope 2015-12-18 17:15:27 -05:00
Thomas Raehalme
566a58b5d8 Replaced AdapterDeploymentContextBean with AdapterDeploymentContextFactoryBean and added support for KeycloakConfigResolver. 2015-12-15 11:53:10 +02:00
Bill Burke
96e1813b34 client templates backend 2015-12-11 10:31:42 -05:00
Stian Thorgersen
34c3ffaae1 Ported AdminApiTest to use admin client 2015-12-03 08:24:23 +01:00
Stian Thorgersen
ff806eae08 Version bump 2015-12-01 19:54:28 +01:00
Stian Thorgersen
2c5510284d Merge pull request #1891 from mstruk/wildfly-modules-rename
KEYCLOAK-2099 WildFly 10 adapter subsystem
2015-11-30 09:48:15 +01:00
mposolda
57b60797ce KEYCLOAK-1129 Implicit flow: more work 2015-11-28 00:15:41 +01:00
mposolda
ef80b64d1c KEYCLOAK-1129 Implicit flow and Hybrid flow support 2015-11-27 22:28:38 +01:00
Marko Strukelj
373fc23fc0 KEYCLOAK-2099 WildFly 10 adapter subsystem 2015-11-27 20:46:20 +01:00
Stian Thorgersen
c83e3bd2d1 KEYCLOAK-2106 HTTP 500 for unparsable refresh tokens 2015-11-27 08:59:23 +01:00
Bill Burke
d6e2bccb16 Merge pull request #1840 from velias/KEYCLOAK-2075
KEYCLOAK-2075 KEYCLOAK-2107 - support for SAML IsPassive mode
2015-11-25 10:35:00 -05:00
Bill Burke
0c8f3f734d Merge pull request #1855 from Smartling/KEYCLOAK-1391
KEYCLOAK-1391: Return an HTTP 401 for API requests
2015-11-25 08:57:05 -05:00
Vlastimil Elias
e3060e5e58 rebased to latest master 2015-11-25 13:46:29 +01:00
Vlastimil Elias
18fa03bf97 KEYCLOAK-2107 - support IsPassive mode in SAML SP adapter library
KEYCLOAK-2075 - added integration tests for both server and adapter side
2015-11-25 08:39:55 +01:00
Stian Thorgersen
3685a185d4 Merge pull request #1859 from stianst/reset-pass
KEYCLOAK-1758 add-user script
2015-11-25 06:56:35 +01:00
Bill Burke
ff63c5552a sendError() handling' 2015-11-24 16:48:24 -05:00
Stian Thorgersen
cfc28b861b KEYCLOAK-1758 add-user script 2015-11-24 21:54:58 +01:00
Scott Rossillo
f1c3295cec KEYCLOAK-1391: Return an HTTP 401 for API requests
Non browser HTTP requests shouldn't redirect to the Keycloak login
page. Instead, return an HTTP 401 with a proper WWW-Authenticate
header.
2015-11-23 10:46:14 -05:00
Bill Burke
ac1baa059f Merge pull request #1797 from raehalme/KEYCLOAK-2041
KEYCLOAK-2041 Use sendError instead of setStatus to report errors
2015-11-20 11:50:37 -05:00
Bill Burke
98958a2bc4 default groups 2015-11-18 19:40:30 -05:00
Bill Burke
6989589e72 Merge remote-tracking branch 'upstream/master' 2015-11-18 15:24:45 -05:00
Bill Burke
41331111da resolve conflicts 2015-11-18 09:39:19 -05:00
Bill Burke
bff334d365 group token/assertion and tests 2015-11-18 09:36:47 -05:00
Stian Thorgersen
764c20d748 KEYCLOAK-2085 Initial access tokens for client registration 2015-11-18 10:33:24 +01:00
Stian Thorgersen
1df741a307 Merge pull request #1826 from lkubik/changeAllJettyToProvided
KEYCLOAK-2081
2015-11-16 20:23:31 +01:00
Lukas Kubik
13a52c1bb2 KEYCLOAK-2081
Change scope of jetty dependencies to provided
2015-11-13 15:43:11 +01:00
Thomas Darimont
c4416a25e0 KEYCLOAK-2068 - Fix Potential NPE when using Servlet-Filter Adapter.
When using the `org.keycloak.adapters.servlet.KeycloakOIDCFilter` a `NullPointerException`
can be thrown in the `org.keycloak.adapters.servlet.FilterSessionStore` within the `getParam`
method of the generated wrapper in `buildWrapper` when the `content-type` is not set.
Since the `content-type` is only used to parse the body. We just check whether the `body`
is `null` and if so avoid touching the `content-type` which prevents the NPE.

If the `body` is null we return an empty `MultivaluedHashMap` for the parameters.
2015-11-13 00:14:34 +01:00
Bruno Oliveira
9203971809 KEYCLOAK-2064: Update pax-web to make use of SecureRandom 2015-11-12 09:46:45 -02:00
Stian Thorgersen
64baa28301 Merge pull request #1810 from lkubik/updateJettyScope
Change scope of jetty dependencies in jetty-adapter-spi
2015-11-12 09:23:44 +01:00
Stian Thorgersen
1891019067 Merge pull request #1802 from equinux/pr/fix-js-parameter-encoding
Fix parameter encoding in JS adapter
2015-11-12 09:19:21 +01:00
Bill Burke
33ac048c8c resolve conflicts 2015-11-11 18:06:39 -05:00
Lukas Kubik
825a68c6c9 Change scope of jetty dependencies in jetty-adapter-spi. 2015-11-11 17:01:46 +01:00
Lukas Kubik
1f75f85a20 Unify jetty version in keycloak-jetty-adapter-spi with other versions 2015-11-11 13:58:22 +01:00
Dominique d'Argent
7ef747e7c4 Fix parameter encoding in JS adapter
- fixes https://issues.jboss.org/browse/KEYCLOAK-2047
- relates to keycloak/keycloak-js-bower#7
2015-11-10 11:20:06 +01:00
Thomas Raehalme
68edf9ce48 Errors are now reported using sendError instead of setStatus.
This change was made to enable the use of error pages defined in web.xml.
2015-11-06 10:53:18 +02:00
Thomas Raehalme
7b7fbd3257 Added sendError(int) to HttpFacade.Response. 2015-11-06 10:47:08 +02:00
Bill Burke
151c56a304 conflicts 2015-11-02 11:21:10 -05:00
Bill Burke
d896800ec6 groups initial 2015-10-29 16:33:02 -04:00
agolPl
9755d79879 extract keycloak configuration file name 2015-10-25 00:26:18 +02:00
Ramiro Sánchez
ebd02a1a7f Changed query parameter from kc_locale to ui_locales as suggested by stianst 2015-10-23 14:21:59 +02:00
Ramiro Sánchez
a5dc91f9a6 Added support to indicate desired locale on login 2015-10-23 12:23:24 +02:00
Stian Thorgersen
3f8312427a Version bump 2015-10-19 16:15:29 +02:00
mposolda
4587fd23b6 KEYCLOAK-1929 Change package names. Fix Fuse demo 2015-10-16 16:30:42 +02:00
Bill Burke
235ffb2ff6 KEYCLOAK-1960 2015-10-15 18:56:56 -04:00
Bill Burke
181fdeb0d0 KEYCLOAK-1960 2015-10-15 18:54:57 -04:00
Bill Burke
0ad29c9737 node registration 2015-10-09 18:11:38 -04:00
Bill Burke
9ced56d8d7 saml and oidc filters 2015-10-09 18:07:50 -04:00
Bill Burke
d39aee0a72 Merge remote-tracking branch 'upstream/master' 2015-10-08 16:19:56 -04:00
Bill Burke
7c600e2f4b SAML SP Filter 2015-10-08 16:19:43 -04:00
Stian Thorgersen
7fec1677ee Merge pull request #1679 from lkrzyzanek/KEYCLOAK-1904
Add 'register' and 'createRegisterUrl' methods to Javascript Adapter API
2015-10-08 11:51:18 +02:00
Libor Krzyzanek
f29aff4bed Add 'register' and 'createRegisterUrl' methods to Javascript Adapter API. fixes #KEYCLOAK-1904 2015-10-07 13:53:25 +02:00
Stian Thorgersen
9c0c8e37b6 Merge pull request #1676 from Smartling/KEYCLOAK-1901
KEYCLOAK-1901: Add a Keycloak client builder
2015-10-07 09:06:19 +02:00
Stian Thorgersen
7a3b4823b0 Merge pull request #1662 from Smartling/KEYCLOAK-1892
WrappedHttpServletRequest may throw an exception returning cookies
2015-10-06 14:58:54 +02:00
Scott Rossillo
332e3f6099 KEYCLOAK-1901: Add a Keycloak client builder
Adds support for creating a Keycloak client using the builder
pattern and supports customizing the underlying ResteasyClient
used for connecting to the Keycloak server.
2015-10-05 14:56:38 -04:00
mposolda
7816f053a6 KEYCLOAK-1856 KEYCLOAK-1860 Fix onoffswitchvalue directive 2015-10-02 11:09:54 +02:00
Bill Burke
75343986b0 keycloak-common 2015-10-01 14:27:51 -04:00
Scott Rossillo
05bd51ac1c WrappedHttpServletRequest may throw an exception returning cookies
HttpServletRequest.getCookies() may return null
2015-09-30 14:31:15 -04:00
Stian Thorgersen
55deedd3b8 KEYCLOAK-1868 Import clients through admin console
KEYCLOAK-1869 Add root url to clients that should be used to resolve relative urls
2015-09-29 12:16:05 +02:00
Bill Burke
0a42a28eeb Merge remote-tracking branch 'upstream/master' 2015-09-25 15:12:34 -04:00
Bill Burke
88355d7eb4 tomcat6 adapter 2015-09-25 15:12:14 -04:00
Stian Thorgersen
75c0d5089f KEYCLOAK-1878
Add Base64 to Keycloak core
2015-09-25 07:02:25 +02:00
Bill Burke
791a740f32 Merge remote-tracking branch 'upstream/master' 2015-09-24 12:05:24 -04:00
Bill Burke
546cdd7d8f fix modules for refactor 2015-09-24 12:05:12 -04:00
Stian Thorgersen
4eaf893492 Merge pull request #1610 from raehalme/KEYCLOAK-1828
KEYCLOAK-1828 attemptAuthentication throws KeycloakAuthenticationException if authentication fails
2015-09-24 06:32:27 +02:00
Stian Thorgersen
0ba6ab198a Merge pull request #1611 from raehalme/KEYCLOAK-1829
KEYCLOAK-1829 unsuccessfulAuthentication now returns HTTP response status 401 instead of 403
2015-09-24 06:31:33 +02:00
Bill Burke
c14d3d7963 merge conflicts 2015-09-23 21:01:47 -04:00
Bill Burke
1e9c09d23a more complete 2015-09-23 17:54:16 -04:00
mposolda
7ec3f86efb KEYCLOAK-904 Offline tokens 2015-09-21 10:28:30 +02:00
mposolda
c11539cccb docs and javadoc fixes 2015-09-21 10:13:41 +02:00
Bill Burke
861a13501a merge 2015-09-17 14:25:16 -04:00
Bill Burke
0f24bd2ea4 merge 2015-09-17 14:06:33 -04:00
Bill Burke
cb8ca619ae saml sp 2015-09-17 14:00:57 -04:00
Tomas Kyjovsky
ac91deac96 Removed occurences of serialVersionUID from all classes. 2015-09-17 17:27:39 +02:00
Lukas Kubik
b7e49dc88d Unify jetty 8.1 artifacts version with fabric8-bom-1.2.0.redhat-133.pom 2015-09-16 17:14:29 +02:00
Stian Thorgersen
85df0b6a67 Merge pull request #1613 from raehalme/KEYCLOAK-1832
KEYCLOAK-1832 Added check for null authentication on the logout method
2015-09-16 13:34:51 +02:00
Thomas Raehalme
e0eac89e5a Added check for null authentication on the logout method. 2015-09-10 12:30:07 +03:00
Thomas Raehalme
90d34bfd06 unsuccessfulAuthentication now returns HTTP response status 401 instead of 403. 2015-09-09 18:31:25 +03:00
Thomas Raehalme
e58b5762f3 attemptAuthentication now throws KeycloakAuthenticationException if authentication fails.
Also authenticationFailureHandler is by default set to SimpleUrlAuthenticationFailureHandler
with default login url set to /sso/login.
2015-09-09 15:45:13 +03:00
Stian Thorgersen
3fd4d23bed Version bump 2015-09-09 11:27:21 +02:00
mposolda
149ef706dd KEYCLOAK-1824 ClientIdAndSecretCredentialsProvider not found when deploying Fuse examples 2015-09-08 22:55:43 +02:00
mposolda
050c65a520 KEYCLOAK-1811 Pluggable client authentication config through adapter subsystem 2015-09-07 23:30:08 +02:00
Bill Burke
be0c359160 adapter refactor 2015-09-07 10:27:57 -04:00
Bill Burke
3f792030d3 adapter refactor 2015-09-07 10:26:25 -04:00
Bill Burke
333ad0efac refactor adapters 2015-09-04 15:56:28 -04:00
Marko Strukelj
b0095154d1 KEYCLOAK-1779 NPE due to missing web.xml/jboss-web.xml
- improved code readability and npe fix
2015-09-04 14:18:57 +02:00
William DeCoste
e6745532ce KEYCLOAK-1779 2015-09-04 13:52:25 +02:00
Bill Burke
7d4b93e01e client session required actions 2015-09-02 16:30:16 -04:00
mposolda
be8394158f KEYCLOAK-1780 documentation + Generic client authentication screen 2015-09-01 13:17:14 +02:00
Bill Burke
7492ae2990 Merge pull request #1567 from patriot1burke/master
refactor recover password
2015-08-31 10:53:29 -04:00
Bill Burke
6edf890699 Merge pull request #1549 from ahus1/ahus1_jetty_contenttype
KEYCLOAK-1776 / JettySessionTokenStore sets content type on restoring form values
2015-08-31 10:34:16 -04:00
Bill Burke
22ebb81650 refactor recover password 2015-08-31 10:13:42 -04:00