Commit graph

11904 commits

Author SHA1 Message Date
Hynek Mlnarik
9eb2e1d845 KEYCLOAK-11028 Use pessimistic locks to prevent DB deadlock when deleting objects 2019-09-09 10:57:49 +02:00
Stefan Guilhen
60205845a8 [KEYCLOAK-7264] Add a RoleMappingsProvider SPI to allow for the configuration of custom role mappers in the SAML adapters.
- Provides a default implementation based on mappings loaded from a properties file.
 - Role mappers can also be configured in the keycloak-saml susbsytem.
2019-09-09 05:24:25 -03:00
rmartinc
a726e625e9 KEYCLOAK-10782: Credentials tab on clients can only be displayed with view-realm 2019-09-06 16:45:08 -03:00
k-tamura
f2ab8d97c0 KEYCLOAK-10677 Fix incorrect tooltip texts 2019-09-06 15:30:25 -04:00
jferrer
97fccd6d50 KEYCLOAK-10910 login function now uses promise type specified in init 2019-09-06 15:24:31 -04:00
Martin Kanis
b1be6c2bdd KEYCLOAK-11247 Use the transcription object for Identity providers password 2019-09-06 15:29:11 +02:00
Cédric Couralet
aadd5331bc [KEYCLOAK-11219] log an explicit error message when state is null 2019-09-06 10:59:28 +02:00
Stan Silvert
71e6fc2b30 KEYCLOAK-11189: Fix locale dropdown 2019-09-05 16:18:41 -03:00
Stan Silvert
a43af40228 KEYCLOAK-10739: Device Activity UI 2019-09-05 12:22:05 -03:00
Pedro Igor
a1d8850373 [KEYCLOAK-7416] - Device Activity 2019-09-05 11:43:27 -03:00
Sebastian Laskawiec
69d6613ab6 KEYCLOAK-10169 OpenShift 4 Identity Provider 2019-09-05 16:33:59 +02:00
vmuzikar
2f9d875840 KEYCLOAK-11286 Fix tests in "other" module 2019-09-05 16:29:09 +02:00
vramik
ca6fbac599 KEYCLOAK-11150 testsuite dependency with auth-server-remote 2019-09-05 08:34:22 +02:00
Stefan Guilhen
bb9c811a65 [KEYCLOAK-10935] Add a vault transcriber implementation that can be obtained from the session.
- automatically parses ${vault.<KEY>} expressions to obtain the key that contains the secret in the vault.
 - enchances the capabilities of the VaultProvider by offering methods to convert the raw secrets into other types.
2019-09-04 22:34:08 +02:00
mposolda
3a19db0c9d KEYCLOAK-10921 Fix unstable RefreshTokenTest 2019-09-04 05:54:26 -03:00
Hynek Mlnarik
3fbfc6c7e6 KEYCLOAK-11179 Update .installation directory permissions for distribution 2019-09-03 13:53:58 +02:00
Martin Bartos RH
a0ba6e593e [KEYCLOAK-11024] RulesPolicyManagementTest failing with auth-server-undertow in universal pipeline 2019-09-02 11:58:30 +02:00
Kohei Tamura
6ae0773e09 KEYCLOAK-11006 Add method to log catched exception 2019-09-02 10:11:20 +02:00
Jon Koops
c902896ab6 KEYCLOAK-11196 Document the type for the useNonce option 2019-08-30 14:34:20 -04:00
Jon Koops
2d465df94d KEYCLOAK-11194 Remove dead code from JavaScript adapter 2019-08-30 14:32:54 -04:00
Stian Thorgersen
b884611830
Update README.md 2019-08-30 12:51:29 +02:00
mposolda
3e4fbb5ece KEYCLOAK-11122 Configure surefire to run test classes in alphabetical order 2019-08-29 06:31:42 -03:00
Stan Silvert
01255da0f0 KEYCLOAK-11167: Create Continue/Cancel modal 2019-08-21 17:27:40 -03:00
Sebastian Laskawiec
3afbdd3ea3 KEYCLOAK-10934 PlainTextVaultProvider 2019-08-20 21:46:47 +02:00
Niko Köbler
49e9cd759b KEYCLOAK-10734 Let the check-sso feature do the check in hidden iframe 2019-08-20 15:41:09 -03:00
vmuzikar
b3004482fb KEYCLOAK-10235 Fix ClientClientScopes Admin Console test 2019-08-20 14:10:21 -03:00
Pedro Igor
e12c245355 [KEYCLOAK-10779] - CSRF check to My Resources
(cherry picked from commit dbaba6f1b8c043da4a37c906dc0d1700956a0869)
2019-08-20 06:35:00 -03:00
Hynek Mlnarik
97811fdd51 KEYCLOAK-10786 Check signature presence in SAML broker
(cherry picked from commit ba9f73aaff22eb34c7dec16f4b76d36d855d569b)
2019-08-20 06:35:00 -03:00
Leon Graser
0ce10a3249 [KEYCLOAK-10653] Manage Consent via the Account API 2019-08-20 06:24:44 -03:00
Pedro Igor
3f2a38936c [KEYCLOAK-11154] - Unstable Photoz Adapter Tests 2019-08-19 16:04:24 -03:00
mhajas
78ee5adfe8 KEYCLOAK-10034 Replace pause with waitForPageToLoad 2019-08-19 10:18:15 +02:00
Tomas Kyjovsky
fe18e93ba4 KEYCLOAK-10904 ExportImportTest unstable
- adding an exception for realm-management clients into the client confidentiality check
- fixing some performance test datasets to only enable authz for confidential clients
2019-08-16 16:08:08 -03:00
Nemanja Hiršl
411ea331f6 KEYCLOAK-10785 X.509 Authenticator - Update user identity source mappers
Update user identity sources and the way how X.509 certificates are mapped to the user to:
1. Include "Serial number + Issuer DN" as described in RFC 5280
2. Include "Certificate's SHA256-Thumbprint"
3. Exclude "Issuer DN"
4. Exclude "Issuer Email"

Add an option to represent serial number in hexadecimal format.

Documentation PR created: https://github.com/keycloak/keycloak-documentation/pull/714
KEYCLOAK-10785 - Documentation for new user identity source mappers
2019-08-16 11:35:50 -03:00
Martin Kanis
75d2ec8ff6 KEYCLOAK-11012 Unable to install EAP6 adapter 2019-08-16 12:44:50 +02:00
Valeran86
b0d0d3e579 [KEYCLOAK-10849] - KeycloakRole equals only with itself
I use Keycloak Spring Adapter (KSA) to secure existing application. Today I realized that some functions didn't work anymore because of security checking like this:
```
GrantedAuthority adminRole = new MySpecialGrantedAuthority( "superadmin" );
for ( GrantedAuthority role : userRoles ) {
        if ( role.equals( adminRole ) ) {
          return true;
        }
      }
```
In this example, when I use KSA authorization fails.
I believe, that more preferable in `KeycloakRole` use this implementation of `equals` method.
2019-08-16 05:20:03 -03:00
Bruno Oliveira da Silva
dd19c687fa [KEYCLOAK-11079] CrossDC server tests broken on Travis
- Only run crossdc-server tests if the event type is a cron job
- Fix for string comparison on Travis script
This change is not the definitive solution, but allows us to
stabilize
    the tests on master branch
2019-08-15 15:06:05 -03:00
Bruno Oliveira da Silva
1454d73c35 Revert "[KEYCLOAK-11079] CrossDC server tests broken on Travis"
This reverts commit c158105e2e.
2019-08-15 15:06:05 -03:00
Takashi Norimatsu
8225157a1c KEYCLOAK-6768 Signed and Encrypted ID Token Support 2019-08-15 15:57:35 +02:00
Bruno Oliveira da Silva
c158105e2e [KEYCLOAK-11079] CrossDC server tests broken on Travis
- Only run crossdc-server tests if the event type is a cron job

This change is not the definitive solution, but allows us to stabilize
the tests on master branch
2019-08-15 10:51:00 -03:00
mposolda
67df6d03af KEYCLOAK-10449 KEYCLOAK-10550 Fix manual DB migration test with MSSQL 2019-08-15 14:19:27 +02:00
Martin Bartos RH
925864530a KEYCLOAK-10457 Merge preview features test: SocialLoginTest 2019-08-14 22:09:59 +02:00
Bruno Oliveira da Silva
5d44c7938a Travis improvements
- Cache dependencies
  - Use JBoss repositories to download Maven dependencies
2019-08-13 11:49:25 -03:00
Hynek Mlnarik
d2da206d6b KEYCLOAK-10933 Interfaces for vault SPI 2019-08-13 08:50:29 +02:00
Peter Skopek
71eed3af06 KEYCLOAK-10792 MigrationTest fails in pipeline: fix log file checker to start from the right position after server restart 2019-08-12 15:41:56 +02:00
Tobias Friedrich
9fb9197b53 [KEYCLOAK-11023] Set version to 8.0.0-SNAPSHOT 2019-08-09 11:28:11 -03:00
Grzegorz Grzybek
f8ee7cc0f6 [KEYCLOAK-10918] For Fuse itests, update org.apache.karaf.management PID before restarting hawtio 2019-08-08 10:52:55 +02:00
Stan Silvert
e2cac64c2c KEYCLOAK-10966: Integrate App-initiated actions in new acct console 2019-08-07 14:42:12 -03:00
Hynek Mlnarik
e6fc9663f5 KEYCLOAK-11004 Run authz tests conditionally 2019-08-07 10:14:39 -03:00
Martin Bartos RH
9d67e92117 [KEYCLOAK-10465] Merge preview features test: OpenShiftTokenReviewEndpoint 2019-08-06 12:57:33 +02:00
Hynek Mlnarik
9bca5c9968 KEYCLOAK-10964 Remove realm reimport in SAMLServletAdapterTest 2019-08-05 09:35:04 +02:00