We now wrap the result of a role-selection in an JS array and
use the config value as is for rendering, instead of extracting
the first component (which was the first char, since the value
is a string).
Previously any mapper that used role selection could not be
used due to `LDAPMapperCreateCtrl` generating invalid config structures.
Since the component configuration is represented via
org.keycloak.representations.idm.ComponentRepresentation whose
`config` property is a `MultivaluedHashMap`
config values needs to be passed as an Array. However the
LDAPMapperCreateCtrl in (users.js) only passed the role as a String.
Signed-off-by: Thomas Darimont <thomas.darimont@googlemail.com>
* KEYCLOAK-8460 Request Object Signature Verification Other Than RS256
also support client signed signature verification by refactored token
verification mechanism
* KEYCLOAK-8460 Request Object Signature Verification Other Than RS256
incorporate feedbacks and refactor client public key loading mechanism
* KEYCLOAK-8460 Request Object Signature Verification Other Than RS256
unsigned request object not allowed
* KEYCLOAK-8460 Request Object Signature Verification Other Than RS256
revert to re-support "none"
Previously remember-me sessions where tied to the SSO max session
timeout which could lead to unexpected early session timeouts.
We now allow SSO timeouts to be configured separately for sessions
with enabled remember-me. This enables users to opt-in for longer
session timeouts.
SSO session timeouts for remember-me can now be configured in the
tokens tab in the realm admin console. This new configuration is
optional and will tipically host values larger than the regular
max SSO timeouts. If no value is specified for remember-me timeouts
then the regular max SSO timeouts will be used.
Work based on PR https://github.com/keycloak/keycloak/pull/3161 by
Thomas Darimont <thomas.darimont@gmail.com>
