Bill Burke
bdc57d57c1
Merge pull request #3008 from patriot1burke/master
...
new User Fed SPI initial iteration
2016-07-07 14:56:38 -04:00
Hiroyuki Wada
930b0d9ad7
KEYCLOAK-3278 Add support for any encoding property file in theme
2016-07-08 02:58:48 +09:00
mposolda
a7c9e71490
KEYCLOAK-3218 Support for max_age OIDC authRequest parameter and support for auth_time in IDToken
2016-07-07 17:04:32 +02:00
Bill Burke
0040d3fc3b
Merge remote-tracking branch 'upstream/master'
2016-07-07 10:35:45 -04:00
Bill Burke
7e5a5f79cf
fixes for new user fed spi
2016-07-07 10:35:35 -04:00
Marek Posolda
7a161cc8bb
Merge pull request #3005 from mposolda/KEYCLOAK-3217
...
KEYCLOAK-3217 UserInfo endpoint wasn't accessible by POST request sec…
2016-07-07 13:49:43 +02:00
Marek Posolda
c5e8a010dc
Merge pull request #3004 from mposolda/KEYCLOAK-3147
...
KEYCLOAK-3147 Don't allow authRequest without redirect_uri parameter
2016-07-07 13:49:34 +02:00
mposolda
56e09bf189
KEYCLOAK-3147 Don't allow authRequest without redirect_uri parameter
2016-07-07 12:46:36 +02:00
mposolda
7aafbcd5d9
KEYCLOAK-3217 UserInfo endpoint wasn't accessible by POST request secured with Bearer header
2016-07-07 12:28:25 +02:00
Pedro Igor
5ef65e837c
[KEYCLOAK-3249] - AuthorizationContext.hasScopePermission() gives NPE
2016-07-06 09:39:56 -03:00
Stan Silvert
a231c1b31b
RHSSO-296: Required Action "Configure Totp" should be "Configure OTP"
2016-07-05 15:07:52 -04:00
Ton Swieb
fed7339558
KEYCLOAK-3265 Support writing a NameIDType AttributeValue
2016-07-05 14:54:38 +02:00
Stian Thorgersen
7cfee80e58
KEYCLOAK-3189 KEYCLOAK-3190 Add kid and typ to JWT header
2016-07-05 08:26:26 +02:00
Stian Thorgersen
435cdb6180
Merge pull request #2994 from wadahiro/KEYCLOAK-3259
...
KEYCLOAK-3259 Specify UTF-8 encoding for freemarker template files
2016-07-04 19:25:03 +02:00
Hiroyuki Wada
00cb0a798a
KEYCLOAK-3259 Specify UTF-8 encoding for freemarker template files
2016-07-04 19:46:00 +09:00
Stan Silvert
d90a708ceb
RHSSO-274: "Undefined" as auth flow execution
2016-07-01 10:25:14 -04:00
Stian Thorgersen
fa312fb3db
Merge pull request #2979 from cainj13/localeNpeFix
...
make locale retrieval null-safe
2016-07-01 12:33:36 +02:00
Thomas Darimont
ce7e7ef1d7
KEYCLOAK-3234 Allow restricting claim mapper for userinfo endpoint
...
Client mappers can now be configured to be limited to the
userinfo endpoint. This allows to keep access-tokens lean
while providing extended user information on demand via the
userinfo endpoint.
2016-07-01 11:35:19 +02:00
Bill Burke
a19469aba5
Merge remote-tracking branch 'upstream/master'
2016-06-30 17:18:17 -04:00
Bill Burke
b224917fc5
bump version
2016-06-30 17:17:53 -04:00
Bill Burke
3f1eecc4be
Merge remote-tracking branch 'upstream/master'
2016-06-30 16:47:55 -04:00
Bill Burke
3ba3be877e
fixes
2016-06-30 16:47:49 -04:00
Pedro Igor
01f3dddd91
Adding a column to list policies associated with a permission.
2016-06-30 10:26:05 -03:00
Pedro Igor
afa9471c7c
[KEYCLOAK-3128] - Admin Client Authorization Endpoints
2016-06-30 10:26:05 -03:00
Bill Burke
a9f6948d74
Merge remote-tracking branch 'upstream/master'
2016-06-29 15:37:32 -04:00
Bill Burke
f51098c50b
user fed refactor
2016-06-29 15:37:22 -04:00
Pedro Igor
8b0bf503c3
[KEYCLOAK-3172] - Migrating older versions with authorization services.
2016-06-29 12:07:49 -03:00
Josh Cain
ec402f759b
make locale retrieval null-safe
2016-06-28 13:25:48 -05:00
Stian Thorgersen
2e2f34d94e
Merge pull request #2957 from pedroigor/authz-changes
...
Changes to authz examples and some minor improvements
2016-06-23 07:49:47 +02:00
Pedro Igor
074a312fe5
Renaming authorization attributes.
2016-06-22 17:20:50 -03:00
Pedro Igor
f48288865b
[KEYCLOAK-3156] - Missing CORS when responding with denies
2016-06-22 14:39:07 -03:00
Pedro Igor
905421a292
[KEYCLOAK-3152] - Keycloak Authorization JS Adapter
2016-06-22 14:28:02 -03:00
mposolda
f7a2ad021e
KEYCLOAK-3141 Fix DB2 and some other DB issues
2016-06-22 17:06:55 +02:00
mposolda
5c731b4d14
KEYCLOAK-3149 DB update triggered before DBLock is retrieved
2016-06-21 17:14:25 +02:00
Pedro Igor
8402cedd82
Merge pull request #2946 from pedroigor/KEYCLOAK-3130
...
[KEYCLOAK-3130] - Permission checks to authorization admin endpoints
2016-06-21 10:50:29 -03:00
Erik Mulder
f4ead484de
KEYCLOAK-2474 Possibility to add custom SPI and extend the data model
2016-06-20 10:56:33 +02:00
Pedro Igor
dd279dd0fd
[KEYCLOAK-3130] - Permission checks to authorization admin endpoints
2016-06-17 15:27:42 -03:00
Stian Thorgersen
3c0f7e2ee2
Merge pull request #2617 from pedroigor/KEYCLOAK-2753
...
[KEYCLOAK-2753] - Fine-grained Authorization Services
2016-06-17 13:40:15 +02:00
Pedro Igor
086c29112a
[KEYCLOAK-2753] - Fine-grained Authorization Services
2016-06-17 02:07:34 -03:00
Stian Thorgersen
e538394e60
KEYCLOAK-3091 Change brute force to use userId
2016-06-13 15:30:13 +02:00
mposolda
1510ac5eb4
KEYCLOAK-3105 Can't access single realm with the admin user from master realm
2016-06-13 12:09:11 +02:00
Stian Thorgersen
1c694b4795
Merge pull request #2921 from thomasdarimont/issue/KEYCLOAK-3054-fix-npe-on-unknown-protocol-adjustment
...
KEYCLOAK-3054: Use string format for log message
2016-06-08 07:08:05 +02:00
Stian Thorgersen
819c42dad2
Merge pull request #2918 from chameleon82/issue/KEYCLOAK-3089-email-subject-internationalization
...
KEYCLOAK-3089 Change email subject encoding to utf-8/base64
2016-06-08 07:07:37 +02:00
Некрасов Александр Сергеевич
7bdccc21b2
KEYCLOAK-3089 Change email subject encoding to utf-8
2016-06-08 09:10:39 +06:00
Thomas Darimont
a9f461bfd1
KEYCLOAK-3054: Use string format for log message
...
Need to use log.debugf(..) to correctly resolve the %s placeholder.
2016-06-07 21:56:04 +02:00
Thomas Darimont
67a63a806e
KEYCLOAK-3054: Fix potential NPE in RealmsResource
...
Prior to PR .well-known Endpoint threw NPE with if unknown
Protocol was provided.
2016-06-07 08:29:23 +02:00
Некрасов Александр Сергеевич
5474496867
KEYCLOAK-3089 Change email subject encoding to utf-8/base64
2016-06-07 09:11:46 +06:00
Bill Burke
4c9a0b45d4
Merge pull request #2229 from thomasdarimont/issue/KEYCLOAK-2489-script-based-authenticator-definitions
...
KEYCLOAK-2489 - Add support for Script-based AuthenticationExecution definitions.
2016-06-05 11:12:05 -04:00
Bill Burke
b3f3449e39
Merge pull request #2810 from thomasdarimont/issue/KEYCLOAK-2974-handle-ModelException-in-UsersResource
...
KEYCLOAK-2974: Handle ModelException in UsersResource
2016-06-05 11:06:32 -04:00
Thomas Darimont
a2d1c8313d
KEYCLOAK-3081: Add client mapper to map user roles to token
...
Introduced two new client protocol mappers to propagate assigned user client / realm roles to a JWT ID/Access Token.
Each protocol mapper supports to use a prefix string that is prepended to each role name.
The client role protocol mapper can specify from which client the roles should be considered.
Composite Roles are resolved recursively.
Background:
Some OpenID Connect integrations like mod_auth_openidc don't support analyzing deeply nested or encoded structures.
In those scenarios it is helpful to be able to define custom client protocol mappers that allow to propagate a users's roles as a flat structure
(e.g. comma separated list) as a top-level (ID/Access) Token attribute that can easily be matched with a regex.
In order to differentiate between client specific roles and realm roles it is possible to configure
both separately to be able to use the same role names with different contexts rendered as separate token attributes.
2016-06-03 15:52:58 +02:00
Stian Thorgersen
8fab2f0718
KEYCLOAK-3066
...
Uploaded Realm Certificate is not validated
2016-06-01 15:12:21 +02:00
Stian Thorgersen
2343e517c9
Merge pull request #2891 from pedroigor/KEYCLOAK-2894
...
[KEYCLOAK-2894] - Fixing saml signature validation
2016-05-26 16:57:13 +02:00
Pedro Igor
60f954a497
[KEYCLOAK-2894] - Fixing saml signature validation
2016-05-26 10:48:30 -03:00
mposolda
882dbc3f25
KEYCLOAK-3006 Fix admin event inconsistencies related to roles (points 1,3,4,15,16 from JIRA)
2016-05-25 23:18:01 +02:00
mposolda
022be3aee5
KEYCLOAK-3006 Fix admin event inconsistencies (points 2,5-14 from JIRA)
2016-05-25 23:17:47 +02:00
Thomas Darimont
5f73c338d8
KEYCLOAK-2947: Include group representation for GroupMembership changes in AdminEvents
...
We now include the full group representation in AdminEvents
for Group Membership changes.
This enables EventListener to propagate potential role / attribute
chnages based on the removal / addition of the group.
2016-05-25 23:17:35 +02:00
mposolda
f58936025f
KEYCLOAK-3003 Support for admin events in AuthenticationManagementResource
2016-05-25 23:17:24 +02:00
Stian Thorgersen
fa3a2aafec
KEYCLOAK-3034 NullPointerException when log in via Twitter
2016-05-25 08:10:55 +02:00
Stian Thorgersen
477c0872b0
KEYCLOAK-3020
...
Increase default password hashing intervals to 20K
2016-05-23 11:20:31 +02:00
Stian Thorgersen
d43b230b93
KEYCLOAK-2880 Refactor PermissionTest to not require Java8
2016-05-09 07:25:03 +02:00
mposolda
bea2678e85
KEYCLOAK-2862 AuthenticationManagementResource tests
2016-05-06 20:19:58 +02:00
Thomas Darimont
146a26e714
KEYCLOAK-2974: Handle ModelException in UsersResource
...
We now handle ModelExceptions thrown while creating and updating
a new User by rolling back the transaction and presenting
an error message with a HTTP 409 (conflict) code.
Previously only ModelDuplicateExceptions were handled and
ModelExceptions, e.g. due to a failed database operation
lead to a HTTP 500 server error.
2016-05-06 20:17:22 +02:00
Stian Thorgersen
0ca117b8e9
KEYCLOAK-2865 Extend coverage of client admin endpoints
2016-05-06 08:08:52 +02:00
Stian Thorgersen
1cc4cc30a6
KEYCLOAK-2549 Re-create master admin client if master realm is overwritten on import
2016-05-05 07:19:32 +02:00
Stian Thorgersen
2355db57da
KEYCLOAK-2880 Permissions tests for admin endpoints
2016-05-04 08:25:05 +02:00
Thomas Darimont
c8d47926b8
KEYCLOAK-2489 - Add support for Script-based AuthenticationExecution definitions.
...
This is a POC for script based authenticator support.
Introduced a ScriptBasedAuthenticator that is bootstraped via a
ScriptBasedAuthenticatorFactory can be execute a configured script
against a provided execution context.
Added an alias property to the AuthFlowExecutionRepresentation in order
to be able to differentiate multiple instances of an Authenticator
within the same AuthFlow.
For convenience editing the AngularJS bindings for the ACE editor were
added for fancy script editing - this needs to be cut down a bit wrt to
themes and supported scripts - e.g. we probably don't expect users to write
authenticator scripts in Cobol...
Removed currently not needed ACE sytax highlighting and themes.
Scripting is now available to all keycloak components that have access to the KeycloakSession.
Introduced new Scripting SPI for configurable scripting providers.
2016-04-27 14:37:13 +02:00
Thomas Darimont
27ef919d07
KEYCLOAK-2924: Fire AdminEvents on user group membership changes.
...
We now fire AdminEvents if a user joins or leaves a group.
This information can be used to deduce potential role changes
in custom event listeners.
2016-04-27 11:17:23 +02:00
mposolda
c7335fa242
KEYCLOAK-2903 Fix WelcomeResource to not allow requests forwarded from proxy/loadbalancer
2016-04-26 12:03:43 +02:00
Marek Posolda
5f16f0ede8
Merge pull request #2732 from mposolda/master
...
KEYCLOAK-2900
2016-04-25 15:00:09 +02:00
mposolda
fa8b272e76
KEYCLOAK-2900
2016-04-25 13:20:29 +02:00
Bruno Oliveira
1cc4ca2e71
RHSSO-130: AccessTokenTest migration
2016-04-22 16:30:57 -03:00
mposolda
e0aedfb93d
KEYCLOAK-2878 UserFederation mapper testing
2016-04-22 14:03:42 +02:00
mposolda
f6a718f10a
KEYCLOAK-2878 Testing of UserFederation admin REST endpoints
2016-04-21 23:11:14 +02:00
Stian Thorgersen
756cc0dca0
KEYCLOAK-2866 KEYCLOAK-2874 Test role mapping resource
2016-04-21 14:21:27 +02:00
Stian Thorgersen
4f5b71d81a
KEYCLOAK-2872 Test RoleByIdResource
2016-04-21 07:09:25 +02:00
Stian Thorgersen
b6257e66b3
Merge pull request #2679 from pedroigor/KEYCLOAK-2835
...
[KEYCLOAK-2835] - Adding SOAP binding to the list of supported SingleSignOnService.
2016-04-20 20:13:49 +02:00
mposolda
a341889d2c
KEYCLOAK-2842 Not possible to add new execution under registration flow
2016-04-20 18:39:11 +02:00
Pedro Igor
81e4f4b351
[KEYCLOAK-2835] - Adding SOAP binding to the list of supported SingleSignOnService.
2016-04-20 08:48:59 -03:00
mposolda
afc8179cf8
KEYCLOAK-2846 export/import of clientTemplate scopes
2016-04-20 13:30:01 +02:00
mposolda
919a3791ea
KEYCLOAK-2844 Unexpected error when trying to remove clientTemplate in use
2016-04-20 13:25:13 +02:00
Stian Thorgersen
04d76b0052
KEYCLOAK-2491 Fix permissions in admin console to match permissions in admin endpoints
2016-04-20 09:57:57 +02:00
Stian Thorgersen
f71273a1f9
KEYCLOAK-2832
...
Authentication failure logs at ERROR level
2016-04-20 07:32:07 +02:00
Stian Thorgersen
5606160e70
KEYCLOAK-2828 Refactor contribution and add tests
2016-04-19 13:09:00 +02:00
Thomas Raehalme
cd1094c3ad
KEYCLOAK-2828: LoginStatusIframeEndpoint now sets the P3P header.
...
IE requires a P3P header to be present in <iframe /> response. Otherwise
cookies are forbidden. The value of the header does not seem to matter.
2016-04-19 10:24:28 +02:00
Bill Burke
600f429abb
KEYCLOAK-2740
2016-04-15 16:49:06 -04:00
Stian Thorgersen
6a428c8ee7
KEYCLOAK-2810 Added robots.txt and robots meta header
2016-04-13 11:22:57 +02:00
Bill Burke
515ed226be
Merge remote-tracking branch 'upstream/master'
2016-04-12 15:19:58 -04:00
Bill Burke
cca91dd175
public/private
2016-04-12 15:19:46 -04:00
Stian Thorgersen
1c2eafeb80
KEYCLOAK-2807 Fix server info providers page
2016-04-12 15:38:52 +02:00
Stian Thorgersen
538e49117f
KEYCLOAK-2799 Show error for identity brokering login if user is disabled
2016-04-12 13:14:42 +02:00
Stian Thorgersen
fcf7b28b8f
Merge pull request #2583 from stianst/KEYCLOAK-2803
...
KEYCLOAK-2803 Fix failure to add execution to client flow
2016-04-12 13:05:05 +02:00
Stian Thorgersen
350a9cd997
KEYCLOAK-2803 Fix failure to add execution to client flow
2016-04-12 08:04:15 +02:00
Stian Thorgersen
bd2238dbb8
KEYCLOAK-2770 Close mail transport after sending message
2016-04-12 07:06:52 +02:00
mposolda
e4f75409c9
KEYCLOAK-2802 NPE during identity broker cancelled from account mgmt
2016-04-11 23:31:24 +02:00
mposolda
98ad9b7e7c
KEYCLOAK-2801 Redirected to login theme error page after failed social linking from account management
2016-04-11 23:30:18 +02:00
mposolda
3e9ba71baa
KEYCLOAK-2769 Better error handling of expired code in IdentityBrokerService
2016-04-11 18:20:26 +02:00
mposolda
ee9c87877f
KEYCLOAK-2769 Fix NPE during 'Identity Broker cancelled' and instead show keycloak 'we are sorry' page
2016-04-08 19:07:06 +02:00
mposolda
90fc721315
KEYCLOAK-2614 Refactor database lock to use 'SELECT FOR UPDATE' pessimistic locking
2016-04-08 12:20:54 +02:00
Stian Thorgersen
8ea057a122
KEYCLOAK-2683 Remove QRCodeResource and embed QR code in image
2016-04-08 09:00:57 +02:00
Stian Thorgersen
c1a8e692d0
Merge pull request #2538 from stianst/KEYCLOAK-2751
...
KEYCLOAK-2751
2016-04-07 16:27:11 +02:00
Stian Thorgersen
b6d861fea6
KEYCLOAK-2751
...
Separate HTTP status codes for REST API errors
2016-04-07 15:39:12 +02:00
Guus der Kinderen
be578684b9
KEYCLOAK-2767: Should return a primitive if possible.
...
A JSON primitive is valid JSON. There is no need to construct a JSON object
just for the sake of being JSON complient. This keeps things nice and simple.
2016-04-07 13:19:29 +02:00
Stian Thorgersen
2694e003c4
KEYCLOAK-2759 Fix error message when renaming realm to name that exists
2016-04-07 06:00:31 +02:00
Stian Thorgersen
8de8446cb5
Merge pull request #2520 from stianst/KEYCLOAK-2756
...
KEYCLOAK-2756
2016-04-06 19:25:53 +02:00
Stian Thorgersen
6ccf3549ad
KEYCLOAK-2756
...
Renaming a realm breaks down the Clients
2016-04-06 15:18:49 +02:00
mposolda
72371e5d76
KEYCLOAK-1982 Some builtin objects might be missing when import JSON exported from old versions
2016-04-06 11:43:58 +02:00
Stian Thorgersen
0c829cd605
KEYCLOAK-2262 Refactor realm resource provider, remove admin resource provider and added example
2016-04-06 10:24:30 +02:00
Pedro Igor
e876a3c988
[KEYCLOAK-2262] - New SPIs to extend both Realm and Admin RESTful APIs
2016-04-06 09:43:24 +02:00
Stian Thorgersen
a4335c3eb8
Merge pull request #2502 from velias/KEYCLOAK-2670-master
...
KEYCLOAK-2670 for master - client app is able to push additional HTTP GET
2016-04-05 11:20:06 +02:00
Stian Thorgersen
3e9ae7aa82
Merge pull request #2498 from stianst/KEYCLOAK-2722
...
KEYCLOAK-2722 Check user session in token introspection endpoint
2016-04-05 11:18:32 +02:00
Vlastimil Elias
21a2a47172
KEYCLOAK-2670 - client app is able to push additional HTTP GET
...
parameters in initial OpenID auth request for use in Auth flows
2016-04-05 10:41:28 +02:00
Stian Thorgersen
55c5e9a381
KEYCLOAK-2722 Check user session in token introspection endpoint
2016-04-05 09:31:39 +02:00
Stian Thorgersen
48551d362a
KEYCLOAK-2704
...
User count missing in REST admin endpoint
2016-04-05 07:48:20 +02:00
Stian Thorgersen
ff73e1a36a
KEYCLOAK-2651
...
No CSRF protection or general security headers on welcome page
2016-04-04 09:07:21 +02:00
mposolda
a4d9aaf916
KEYCLOAK-2613 Add version to RealmRepresentation in JSON exports
2016-04-01 16:04:58 +02:00
mposolda
f83b67cdf5
KEYCLOAK-2413 Very slow export/import of realms with large users count
2016-04-01 16:04:48 +02:00
Bill Burke
d1552cd6e8
resolve conflict
2016-03-30 18:23:40 -04:00
Bill Burke
545fb8b849
KEYCLOAK-2716
2016-03-30 18:15:11 -04:00
Bill Burke
e4fcaad243
Merge pull request #2450 from patriot1burke/master
...
KEYCLOAK-2691
2016-03-30 15:46:34 -04:00
Bill Burke
020d090aee
Merge pull request #2430 from mstruk/assert-events
...
KEYCLOAK-2589 KEYCLOAK-2607 KEYCLOAK-2597 Port AssertEvents to integration-arquillian
2016-03-30 15:16:25 -04:00
Bill Burke
2cc3588be5
Merge remote-tracking branch 'upstream/master'
2016-03-30 15:07:35 -04:00
Bill Burke
12bf4b498e
KEYCLOAK-2691
2016-03-30 15:07:24 -04:00
Stan Silvert
0f52768064
KEYCLOAK-2619: Partial Import doesn't support groups
2016-03-28 14:26:34 -04:00
Bill Burke
1dd4bdf0b7
KEYCLOAK-2718
2016-03-28 11:13:02 -04:00
Bill Burke
b253fe9532
Merge remote-tracking branch 'upstream/master'
2016-03-24 15:57:01 -04:00
Bill Burke
e2436c4722
KEYCLOAK-2624
2016-03-24 15:56:40 -04:00
Marko Strukelj
76a4db5d54
KEYCLOAK-2597 Invalid children group location header response
2016-03-24 17:13:00 +01:00
mposolda
c9545e16f7
KEYCLOAK-2713 Fix error at startup
2016-03-24 15:30:53 +01:00
Bill Burke
6030a65d1b
KEYCLOAK-2543
2016-03-24 08:49:08 -04:00
mposolda
16ec76e864
KEYCLOAK-2712 Default required actions not added when user created through admin console
2016-03-24 11:11:35 +01:00
mposolda
7ffd6dc7a7
KEYCLOAK-2696 Unexpected error when trying to delete role mappings from read-only LDAP role mapper
2016-03-22 13:03:49 +01:00
Stian Thorgersen
2c9172f707
Merge pull request #2399 from stianst/KEYCLOAK-2469
...
Keycloak 2469
2016-03-22 08:09:59 +01:00
mposolda
4193856fbb
KEYCLOAK-2687 ZIPException during import big number of users
2016-03-22 07:04:54 +01:00
Stian Thorgersen
ce717fa20e
KEYCLOAK-2469 Minor changes
2016-03-21 15:45:53 +01:00
Stian Thorgersen
204d226267
Merge branch 'issue/KEYCLOAK-2469' of https://github.com/thomasdarimont/keycloak into thomasdarimont-issue/KEYCLOAK-2469
2016-03-21 15:30:48 +01:00
Thomas Darimont
3e6b6507f4
KEYCLOAK-2664 - QRCodeResource should prohibit caching of the generated image
...
Added cache-control headers to avoid caching for generated
QRCode images.
Adjusted CacheControlUtil#noCache() to avoid caching more aggressively.
2016-03-18 12:18:07 +01:00
mposolda
85ccd64e01
KEYCLOAK-2643 Added write-only property to LDAP full-name attribute mapper
2016-03-11 22:32:55 +01:00
mposolda
73c3534e7a
KEYCLOAK-2629 LDAP Federation provider - input fields validation
2016-03-11 22:32:45 +01:00
Stian Thorgersen
7342261dbe
KEYCLOAK-2593 Character set missing from responses and no content sniffing defense in place
2016-03-11 15:31:15 +01:00
Stian Thorgersen
b3bb68aed7
Merge pull request #2364 from stianst/KEYCLOAK-2637
...
KEYCLOAK-2637
2016-03-11 13:00:54 +01:00
Stian Thorgersen
bdfc9b8efc
KEYCLOAK-2637
...
ModelExceptionMapper uses AdminMessagesProvider which loads messages outside of themes
2016-03-11 12:08:28 +01:00
mposolda
25f965aa2e
KEYCLOAK-2628 protected method to IdpCreateUserIfUniqueAuthenticator after user is registered
2016-03-11 10:05:41 +01:00
Thomas Darimont
41358eea4d
KEYCLOAK-2469 - Introduced new redirect endpoint for clients.
...
Previously one had to configure hardcoded urls to link from one client
application to others since keycloak didn't provide a way to get the
actual client URL by providing clientId and realm information.
We now support a new endpoint with the path {realm}/clients/{client_id}/redirect
that responds to GET requests with a 307 (temporary redirect) with the
configured client URL. This allows to refer to any client just by the
realmName and clientId and let Keycloak redirect to the actual client
application.
Add documentation for new redirect endpoint.
2016-03-10 23:45:22 +01:00
Stian Thorgersen
28fe13a800
Next is 2.0.0.CR1
2016-03-10 08:13:00 +01:00
Stian Thorgersen
d722e53108
Next is 1.9.2.Final
2016-03-10 07:28:27 +01:00
Stian Thorgersen
dc1d0e7f44
KEYCLOAK-2596 Fix import with dir and ignore existing
2016-03-08 08:55:10 +01:00
mposolda
ebb61c104b
KEYCLOAK-2529 More proper handling of DB errors during migration
2016-03-07 15:19:12 +01:00
mposolda
8da768a514
KEYCLOAK-2529 Concurrent startup by more cluster nodes at the same time. Added DBLockProvider
2016-03-07 10:34:30 +01:00
Stian Thorgersen
56c3d53a24
Merge pull request #2324 from ssilvert/client-tests
...
KEYCLOAK-2535: ClientResource endpoint tests
2016-03-07 06:13:55 +01:00
Stian Thorgersen
4f047565fb
Merge pull request #2326 from stianst/KEYCLOAK-2592
...
Keycloak 2592
2016-03-07 06:12:17 +01:00
Stan Silvert
f65a053182
Make imports in ServerInfoAdminResource explicitly point to the new
...
packages.
2016-03-04 11:17:12 -05:00
Bill Burke
4be6dc2f0c
cleanup cache
2016-03-04 10:30:48 -05:00
Stian Thorgersen
57b6ddbace
KEYCLOAK-2592 Set secure on OAuth_Token_Request_State cookie
2016-03-04 14:22:48 +01:00
Stian Thorgersen
bf38ec040f
KEYCLOAK-2592 Set http-only on OAuth_Token_Request_State cookie
2016-03-04 13:43:00 +01:00
Stan Silvert
2c79456e72
KEYCLOAK-2535: ClientResource endpoint tests
2016-03-04 07:41:24 -05:00
Bruno Oliveira
8d6f71e7d1
KEYCLOAK-2585: Changes on Brute force messages
2016-03-03 10:11:03 -03:00
Marek Posolda
002074bb30
Merge pull request #2320 from mposolda/master
...
KEYCLOAK-2523 Fix concurrency tests with all databases by track trans…
2016-03-03 12:34:29 +01:00
Stian Thorgersen
375d4e9e83
Merge pull request #2321 from stianst/KEYCLOAK-2547
...
KEYCLOAK-2547 NPE in TokenEndpoint and InfinispanUserSessionProvider
2016-03-03 12:06:40 +01:00
mposolda
a258dd51ee
KEYCLOAK-2523 Fix concurrency tests with all databases by track transaction startup revision
2016-03-03 11:21:26 +01:00
Stian Thorgersen
b4239c40c1
KEYCLOAK-2547 NPE in TokenEndpoint and InfinispanUserSessionProvider
2016-03-03 10:45:05 +01:00
Stian Thorgersen
b6118a6705
Merge pull request #2319 from stianst/KEYCLOAK-2580
...
KEYCLOAK-2580 Failed to create execution flow
2016-03-03 10:33:42 +01:00
Stian Thorgersen
2d42ad9993
KEYCLOAK-2580 Failed to create execution flow
2016-03-03 09:18:48 +01:00
Stian Thorgersen
2edb7f6831
KEYCLOAK-2577 Rollback session in KeycloakSessionServletFilter if not committed by KeycloakTransactionCommitter
2016-03-03 08:59:19 +01:00
Stian Thorgersen
13b6c6f507
KEYCLOAK-2576 KEYCLOAK-2576
...
Changing locale on login screen doesn't affect current user
2016-03-03 07:06:10 +01:00
mposolda
0768bcc452
KEYCLOAK-2542 User can't set password for account created over social login if UserFedarationProvider used
2016-03-01 10:13:21 +01:00
mposolda
e2558ca827
KEYCLOAK-1928 Fix Saml with IBM JDK
2016-02-29 17:32:33 +01:00
Stian Thorgersen
ccfae82b77
KEYCLOAK-1040
...
Allow import of realm keys (like we do for SAML)
2016-02-29 09:35:08 +01:00
mposolda
e7a5b88b2d
KEYCLOAK-2561 Fix issues with blank password
2016-02-26 18:14:37 +01:00
Stian Thorgersen
ca81f3f18d
Merge pull request #2275 from stianst/KEYCLOAK-2511
...
KEYCLOAK-2511 Rename session-state in access token response to sessio…
2016-02-25 12:03:37 +01:00
Stian Thorgersen
6df72d67c5
Merge pull request #2274 from stianst/KEYCLOAK-2500
...
KEYCLOAK-2500 Add cors headers to .well-known endpoints
2016-02-25 12:03:25 +01:00
Stian Thorgersen
3ca39801dc
KEYCLOAK-2511 Rename session-state in access token response to session_state
2016-02-25 10:14:12 +01:00
Stian Thorgersen
da8f2dc2ce
KEYCLOAK-2500 Add cors headers to .well-known endpoints
2016-02-25 10:05:46 +01:00
Stian Thorgersen
2fce06ffca
KEYCLOAK-2522 master realm admin can't use client registration api
2016-02-25 09:54:34 +01:00
Stian Thorgersen
a1d9753ec2
Next is 1.9.1.Final-SNAPSHOT
2016-02-23 08:48:26 +01:00
Stian Thorgersen
4fd97091ff
Version bump to 2.0.0.CR1-SNAPSHOT
2016-02-22 11:36:56 +01:00
mposolda
daca6d7062
KEYCLOAK-2505 Keystore configuration is not honored for LDAP over SSL connections
2016-02-19 18:02:39 +01:00
mposolda
a441be57ed
KEYCLOAK-2508 Possible NullPointerException during bigger load when removing UserSession
2016-02-19 11:49:30 +01:00
Bill Burke
fd49213cb9
KEYCLOAK-2477
2016-02-17 17:02:14 -05:00
Bill Burke
20348e5d0b
remove RealmModel.getClientNameMap()
2016-02-17 16:05:25 -05:00
mposolda
e237bcd383
KEYCLOAK-2412 wildfly configs and polishing
2016-02-17 13:10:51 +01:00
mposolda
1328531f31
KEYCLOAK-2412 Added ClusterProvider. Avoid concurrent federation sync execution by more cluster nodes at the same time.
...
Clustering - more progress
2016-02-17 11:02:42 +01:00
Stian Thorgersen
7f60e4f986
Merge pull request #2231 from stianst/master
...
KEYCLOAK-2493
2016-02-17 07:41:44 +00:00
Stian Thorgersen
5df540df8c
Merge pull request #2223 from ssilvert/partial-import-tests
...
KEYCLOAK-2481: Create admin client endpoint for partial import + tests
2016-02-17 07:39:03 +00:00
Stian Thorgersen
5bc3ee0e8c
KEYCLOAK-2493
...
Set default theme based on product name
2016-02-16 18:05:06 +01:00
Bill Burke
24da8288eb
Merge remote-tracking branch 'upstream/master'
2016-02-12 11:38:36 -05:00
Bill Burke
4ff1848681
javadoc
2016-02-12 11:38:12 -05:00
mposolda
969b8c153f
KEYCLOAK-1989 Refreshing offline tokens didn't work correctly in cluster with revokeRefreshToken enabled
2016-02-12 12:54:47 +01:00
Stan Silvert
dd9cf3be39
KEYCLOAK-2481: Create admin client endpoint for partial endpoint + tests
2016-02-11 15:26:52 -05:00
mposolda
6c39810ba7
KEYCLOAK-2436 Better defaults
2016-02-11 15:50:11 +01:00
Bill Burke
c2fa0e5c6d
Merge pull request #2214 from mposolda/master
...
KEYCLOAK-2463 Fix performance issue with just 2 default connections p…
2016-02-11 09:41:48 -05:00
Bill Burke
67ce3fdbd2
Merge pull request #2215 from patriot1burke/master
...
concurrency, some JPA cleanup too
2016-02-11 09:41:37 -05:00
Bill Burke
018c44ef2c
conflicts
2016-02-11 08:43:29 -05:00
Marko Strukelj
dadb470609
KEYCLOAK-1967 Add support for authentication flows into admin-rest-client
2016-02-11 12:18:01 +01:00
Stian Thorgersen
4ea586ebe6
Revert back to servlet 3.0
2016-02-11 09:09:39 +01:00
Bill Burke
fd212a2a2a
Merge remote-tracking branch 'upstream/master'
2016-02-10 14:09:43 -05:00
mposolda
aac274bbb3
KEYCLOAK-2463 Fix performance issue with just 2 default connections per route in Apache HTTP client
2016-02-10 18:07:11 +01:00
Stian Thorgersen
066d6bb230
Merge pull request #2211 from stianst/KEYCLOAK-2475
...
KEYCLOAK-2475
2016-02-10 14:52:22 +01:00
Stian Thorgersen
72ded04517
Merge pull request #2210 from stianst/KEYCLOAK-2466
...
KEYCLOAK-2466 Redirection back to account/password is broken
2016-02-10 14:44:54 +01:00
Stian Thorgersen
77912b2117
KEYCLOAK-2475
...
Move client registration endpoints
2016-02-10 14:23:04 +01:00
Stian Thorgersen
555236c3f0
KEYCLOAK-2466 Redirection back to account/password is broken
2016-02-10 14:02:33 +01:00