Commit graph

13848 commits

Author SHA1 Message Date
Sven-Torben Janus
82d3251ab4 Remove *-imports 2020-05-12 20:50:18 +02:00
Sven-Torben Janus
fcb0e450a0 KEYCLOAK-13817 Return local user from LDAPStorageProvider 2020-05-12 20:50:18 +02:00
Sven-Torben Janus
fed34929ae KEYCLOAK-13817 Fix X509 auth fails
when attribute value is always read from LDAP and import is enabled

When userattribute value is always read from LDAP, then the value is not
available in the local store. Therfore, KC will not find a user by that
attribute in the local store. When querying the LDAP storage
provider, the user will be found. However, when it is also available in
the local store (though without the attribute) it will not get imported
and therefore not returned with the result set of the LDAP storage
provider. Hence, the user will not be found at all.

This change adds the user to the result set of the LDAP user stoage
provider, iff the attribute user by the search is set to always read
value from LDAP.
2020-05-12 20:50:18 +02:00
Yoshiyuki Tabata
f7d00fc2e9 KEYCLOAK-13844 "exp" claim should not be "0" when using offline token 2020-05-12 16:14:37 +02:00
Michael Cooney
3291161954 KEYCLOAK-13818: Addressing performance issues with adding client scopes during realm creation. Removing redundant lookups by passing all scopes that need to be created at once. 2020-05-12 15:59:42 +02:00
stianst
49db2c13a5 KEYCLOAK-8141 Fix issue where attribute values are duplicated if updates to user are done in parallell 2020-05-12 09:06:44 +02:00
stianst
73aff6d60e KEYCLOAK-14117 Exclude rcue module in community 2020-05-12 08:58:11 +02:00
Neon Ngo
141eeb1f49 KEYCLOAK-13939 Remove unused mixed-case themes/.../rcue/.../git-Logo.svg 2020-05-11 12:06:07 +02:00
spurreiter
6332ed42c0 KEYCLOAK-13940 remove duplicated urlsafe decoding 2020-05-08 15:18:56 +02:00
Pedro Igor
44c49d69a7 [KEYCLOAK-13071] - AuthorizationTokenService swallows Exceptions thrown by KeycloakIdentity 2020-05-08 09:21:37 +02:00
vmuzikar
098ec91dd2 KEYCLOAK-12045 Improve UX for the Credentials tab in Admin Console 2020-05-07 14:14:54 -04:00
Charles-Eric Giraud
3ebfdb59ab [KEYCLOAK-13854] Fixing client role creation with configure permission 2020-05-07 16:41:19 +02:00
Martin Kanis
157afd7bb1 KEYCLOAK-14081 Upgrade to Wildfly 19.1.0 2020-05-07 15:00:46 +02:00
Takashi Norimatsu
3716bd96ad KEYCLOAK-14093 Specify Signature Algorithm in Signed JWT with Client Secret 2020-05-07 11:28:39 +02:00
Pedro Igor
c4a6f0830e [KEYCLOAK-14076] - Authorization context not always considering scope when checking permission 2020-05-07 08:48:07 +02:00
Agniswar Mandal
8646d0668a KEYCLOAK-14072 docker-compose.yaml file generated creates an invalid urls
* Updated Invalid URLs

The docker-compose.yaml file generated creates an invalid url for REGISTRY_AUTH_TOKEN_REALM and REGISTRY_AUTH_TOKEN_ISSUER. Fixed

* KEYCLOAK-14072 JIRA#14072

Test coverage fix for the the JIRA#14072
2020-05-07 08:40:52 +02:00
vramik
4a70494285 KEYCLOAK-14086 Outdated wildfly deprecated version 2020-05-07 08:39:18 +02:00
Stan Silvert
deead471a9 KEYCLOAK-12852: Internal query params not removed after AIA 2020-05-06 16:07:21 -03:00
Pedro Igor
19ab9ba53d [KEYCLOAK-13829] - DML for DELETE is executed even though attribute does not exist 2020-05-06 14:04:06 +02:00
stianst
2be61246f4 KEYCLOAK-14057 Fix resource not found error when creating policy 2020-05-06 11:08:29 +02:00
Takashi Norimatsu
0d0617d44a KEYCLOAK-13720 Specify Signature Algorithm in Signed JWT Client Authentication 2020-05-05 17:43:00 +02:00
rmartinc
f0852fd362 KEYCLOAK-13823: "Dir" Full export/import: On import, service account roles and authorization info are not imported 2020-05-05 17:05:56 +02:00
stianst
7c97c25ede KEYCLOAK-14060 Update links to user ml 2020-05-05 13:50:49 +02:00
Stian Thorgersen
4d64a08129 Update README.md 2020-05-05 12:09:44 +02:00
Stian Thorgersen
c1be9adcde Create SECURITY.md 2020-05-05 12:09:44 +02:00
Vanrar68
85feda3beb KEYCLOAK-13998 ConditionalRoleAuthenticator doesn't work with composite roles 2020-05-05 08:39:04 +02:00
Johann Schmitz
600fd83078 Remove impersonation button on user detail page if feature is disabled
The impersonation button in the user list is already removed when the impersonation feature is disabled. Remove the button from the detail page too.
2020-05-04 15:10:53 -04:00
Erik Jan de Wit
1f462a2ae2 KEYCLOAK-12916 add name or username in toolbar
Update testsuite/integration-arquillian/tests/other/base-ui/src/test/java/org/keycloak/testsuite/ui/account2/page/fragment/LoggedInPageHeader.java

Co-Authored-By: Václav Muzikář <vaclav@muzikari.cz>

Moved concatenation to messages_en.properties

fix: renamed loggedInUser to landingLoggedInUser

for the welcome page

moved `loggedInUserName` to WelcomePageScrips
2020-05-04 14:58:27 -04:00
Martin Bartos
7ebdca48d3 [KEYCLOAK-13572] Doesn't observe After events due to assume check 2020-05-04 17:31:44 +02:00
Michael Riedmann
66c7ec6b08 [KEYCLOAK-13995] added test for clientUpdate with ProtocolMappers 2020-05-04 17:13:57 +02:00
Michael Riedmann
b3a88d6509 [KEYCLOAK-13995] fixed ClientMappers update capabilities of Admin REST API endpoint. 2020-05-04 17:13:57 +02:00
stianst
48b1b2b7de KEYCLOAK-14043 Fixes for authz due to security header spi changes 2020-05-04 14:11:01 +02:00
Erik Jan de Wit
5102e26865 KEYCLOAK-12987 "Sign In" instead of "Log In" 2020-05-04 07:34:22 -04:00
Erik Jan de Wit
435815249b KEYCLOAK-12783 changed to base account url for new console 2020-05-04 07:16:15 -04:00
Hynek Mlnarik
32f13016fa KEYCLOAK-12874 Align Destination field existence check with spec 2020-05-04 09:19:44 +02:00
Erik Jan de Wit
b19b3a40ad KEYCLOAK-14004 fixed the test 2020-04-30 12:47:18 -04:00
cc
8876294a72 [KEYCLOAK-13964] exported realm should include keycloak version, not Project/product version
The exported realm json file includes a field named "KeycloakVersion", which is assigned
Version.Version. In community edition, Version.Version is identical to Version.KeycloakVersion.
If we rebrand product based on keycloak project, Version.Version will be Product version, while
keycloak codes expect exported realm file including KeycloakVersion for normal migrating.

For RHSSO product, there are somes codes in class MigrationModelManager for converting the right
KeycloakVersion.

From semantic point, a field named "KeycloakVersion" should be assigned variable named "KeycloakVersion".
2020-04-30 12:41:40 +02:00
Martin Kanis
aa309b96a8 KEYCLOAK-13682 NPE when refreshing token after enabling consent 2020-04-30 08:46:21 +02:00
mposolda
a878bec60f KEYCLOAK-14007 Missing RHSSO 7.4 version in MigrationModelManager 2020-04-30 08:38:40 +02:00
stianst
a77c35ea8f KEYCLOAK-14009 Add fix for token revocation endpoint 2020-04-29 17:22:25 +02:00
keycloak-bot
ae20b7d3cd Set version to 11.0.0-SNAPSHOT 2020-04-29 12:57:55 +02:00
Pedro Igor
2e54ebda76 [KEYCLOAK-13579] - Ignore exceptions when shutting down loopback server 2020-04-29 12:33:35 +02:00
Pedro Igor
601bf8d63e [KEYCLOAK-12735] - Improving queries and cache for authz 2020-04-29 03:58:03 +02:00
Yoshiyuki Tabata
874642fe9e KEYCLOAK-12406 Add "Client Session Max" and "Client Session Idle" for OIDC 2020-04-28 15:34:25 +02:00
stianst
5b017e930d KEYCLOAK-13128 Security Headers SPI and response filter 2020-04-28 15:28:24 +02:00
Yoshiyuki Tabata
b40c12c712 KEYCLOAK-5325 Provide OAuth token revocation capability 2020-04-28 15:25:22 +02:00
stianst
06d8a0a4c4 KEYCLOAK-13929 Fix path to text-security.css 2020-04-28 09:50:00 -03:00
Martin Kanis
be28bfee1d KEYCLOAK-13636 Missing wildfly-dist in EAP 7.4.0.CD19 build 2020-04-28 08:55:42 -03:00
Martin Kanis
04b5836271 KEYCLOAK-13971 Upgrade to EAP 7.4.0.CD19 2020-04-28 08:55:42 -03:00
Erik Jan de Wit
5bb4ee5375 KEYCLOAK-13976 limit field lenght 2020-04-27 16:11:12 -04:00