Commit graph

1820 commits

Author SHA1 Message Date
Hynek Mlnarik
dad12635f6 KEYCLOAK-9014 Fix displayed applications 2018-12-10 09:59:46 +01:00
Pedro Igor
8204509b0c [KEYCLOAK-8980] - ElytronAccount not serializable 2018-12-10 08:55:00 +01:00
mposolda
88141320ac KEYCLOAK-9002 StackOverflowError when reading LDAP-backed users via REST API 2018-12-07 12:25:05 +01:00
vramik
6616e4a011 KEYCLOAK-8660 fix package name of Album class 2018-12-06 19:13:38 +01:00
Pedro Igor
0c39eda8d2 [KECLOAK-8237] - Openshift Client Storage 2018-12-06 10:57:53 -02:00
Martin Bartos RH
99a5656f0f [KEYCLOAK-8389] Migrate ModelClass: UserSessionInitializerTest 2018-12-06 12:43:11 +01:00
vmuzikar
3e48fa1dbc KEYCLOAK-9023 Add support for Java 11 to the testsuite 2018-12-06 11:47:00 +01:00
Pedro Igor
e798c3bca2 [KEYCLOAK-8901] - Identity Provider : UserInfo response as JWT Token not supported 2018-12-05 09:28:12 -02:00
Hynek Mlnarik
00e0ba8633 KEYCLOAK-8940 Stabilize SessionsPreloadCrossDCTest.loginFailuresPreloadTest 2018-12-04 14:27:57 +01:00
vramik
4b50fdb404 KEYCLOAK-8955 adapter installation fails on windows - edit logging 2018-12-04 13:50:55 +01:00
Pedro Igor
ed0b5d4df1 [KEYCLOAK-8857] - Provide utility to create AuthzClient from InputStream 2018-12-03 11:14:43 -02:00
vramik
1b8dc04459 KEYCLOAK-8817 skip EntitlementAPITest.testOfflineRequestingPartyToken for auth-server-undertow 2018-11-29 13:38:26 +01:00
Pedro Igor
4355c89b9d [KEYCLOAK-7365] - No need to check roles when refreshing tokens 2018-11-29 08:51:25 -02:00
rmartinc
1b37394276 KEYCLOAK-7242: LDAPS not working with truststore SPI and connection timeout 2018-11-29 11:21:46 +01:00
Sebastian Laskawiec
4fbbaf18aa KEYCLOAK-8830 Stabilize ExportImportTest 2018-11-29 10:33:00 +01:00
Tomasz Prętki
2b9b1ba45f [KEYCLOAK-8823] - PathMatcher doesn't prefer overloaded templated resources 2018-11-28 11:39:11 -02:00
Stefan Guilhen
311e848460 KEYCLOAK-8504 Ensure the authenticationFlowBindingOverrides client configuration references a valid authentication flow id when a realm is imported 2018-11-23 22:09:14 +01:00
Pedro Igor
91637120ee [KEYCLOAK-5052] - LDAP group names containing / in the name violates SIBILING_NAME constraint in db 2018-11-23 08:48:08 -02:00
Hynek Mlnarik
d90a5d1367 KEYCLOAK-8594 Fix missing option to Base64 encoder 2018-11-22 21:48:00 +01:00
Hynek Mlnarik
d395043fc7 KEYCLOAK-8707 Fix client template to scope migration 2018-11-22 15:07:47 +01:00
mposolda
6e93ca36af KEYCLOAK-8519 OIDCScopeTest.testClientDisplayedOnConsentScreenWithEmptyConsentText failing on Oracle 2018-11-22 09:30:01 +01:00
vramik
2d727fc54c KEYCLOAK-8909 fix KcOidcBrokerLogoutTest for product 2018-11-22 09:28:37 +01:00
mposolda
6db1f60e27 KEYCLOAK-7774 KEYCLOAK-8438 Errors when SSO authenticating to same client multiple times concurrently in more browser tabs 2018-11-21 21:51:32 +01:00
Stefan Guilhen
8af1ca8fc3 KEYCLOAK-8414 use the clientId when the ClientScopeModel is an instance of ClientModel 2018-11-20 15:08:10 +01:00
vramik
55f90ff09f KEYCLOAK-8837 Adapt TS to be able to test migration from 7.2.5.GA (instead from 7.2.0.GA) 2018-11-19 18:06:33 +01:00
Stian Thorgersen
f3bf1456ab
KEYCLOAK-8781 Mark OpenShift integration as preview. Fix issue in Profile where preview features was not enabled in preview mode. (#5738) 2018-11-19 17:32:21 +01:00
Hynek Mlnarik
548950ed8e KEYCLOAK-8756 Consider also required actions of AuthenticationSession 2018-11-19 16:04:43 +01:00
Marek Posolda
f67d6f9660 KEYCLOAK-8482 Access token should never contain azp as an audience (#5719) 2018-11-19 14:38:41 +01:00
Stian Thorgersen
3756cf629b
KEYCLOAK-7081 Fixes for manual/qr mode switches on login config otp page (#5717) 2018-11-19 14:32:28 +01:00
Takashi Norimatsu
0793234c19 KEYCLOAK-8460 Request Object Signature Verification Other Than RS256 (#5603)
* KEYCLOAK-8460 Request Object Signature Verification Other Than RS256

also support client signed signature verification by refactored token
verification mechanism

* KEYCLOAK-8460 Request Object Signature Verification Other Than RS256

incorporate feedbacks and refactor client public key loading mechanism

* KEYCLOAK-8460 Request Object Signature Verification Other Than RS256

unsigned request object not allowed

* KEYCLOAK-8460 Request Object Signature Verification Other Than RS256

revert to re-support "none"
2018-11-19 14:28:32 +01:00
Hynek Mlnarik
461dae20de KEYCLOAK-8731 Ensure password history is kept in line with password policy 2018-11-19 12:48:51 +01:00
mposolda
0533782d90 KEYCLOAK-7275 KEYCLOAK-5479 Faster offline sessions preloading at startup. Track lastSessionRefresh timestamps more properly by support bulk update to DB 2018-11-16 14:23:28 +01:00
Leon Graser
85f11873c3 KEYCLOAK-8613 Group Membership Pagination 2018-11-15 17:54:07 +01:00
Thomas Darimont
cf57a1bc4b KEYCLOAK-1267 Add dedicated SSO timeouts for Remember-Me
Previously remember-me sessions where tied to the SSO max session
timeout which could lead to unexpected early session timeouts.
We now allow SSO timeouts to be configured separately for sessions
with enabled remember-me. This enables users to opt-in for longer
session timeouts.

SSO session timeouts for remember-me can now be configured in the
tokens tab in the realm admin console. This new configuration is
optional and will tipically host values larger than the regular
max SSO timeouts. If no value is specified for remember-me timeouts
then the regular max SSO timeouts will be used.

Work based on PR https://github.com/keycloak/keycloak/pull/3161 by
Thomas Darimont <thomas.darimont@gmail.com>
2018-11-15 06:11:22 +01:00
Hynek Mlnarik
c3778e66db KEYCLOAK-8260 Improve SAML conditions handling 2018-11-14 20:09:22 +01:00
Martin Kanis
6a23eb19f5 KEYCLOAK-8166 2018-11-14 20:09:22 +01:00
Martin Kanis
72b23c1357 KEYCLOAK-8160 2018-11-14 20:09:22 +01:00
Martin Kanis
0cb6053699 KEYCLOAK-8125 2018-11-14 20:09:22 +01:00
vramik
6564cebc0f KEYCLOAK-7707 2018-11-14 20:09:22 +01:00
Bruno Oliveira da Silva
a957e118e6 Redirect URLs are not normalized 2018-11-14 20:09:22 +01:00
mposolda
0897d969b1 KEYCLOAK-7340 2018-11-14 20:09:22 +01:00
mposolda
1b5a83c4f1 KEYCLOAK-6980 Check if client_assertion was already used during signed JWT client authentication 2018-11-14 20:09:22 +01:00
Martin Bartos RH
f090b39e85 [KEYCLOAK-8411] Migrate ModelClass: ClientModelTest 2018-11-14 19:15:45 +01:00
mhajas
602a6e201d KEYCLOAK-8660 Workaround photoz tests on EAP6 2018-11-13 15:57:46 +01:00
Hynek Mlnarik
7703d81389 KEYCLOAK-7421 Support SAML cluster logout for Elytron SAML adapter 2018-11-09 21:06:50 +01:00
Pedro Igor
cd96d6cc35 [KEYCLOAK-8694] - Mark Drools policy as tech preview 2018-11-09 11:08:49 -02:00
mhajas
6d04247947 KEYCLOAK-8047 Make Photoz tests great: run them on undertow + make them
stable
2018-11-09 12:45:38 +01:00
vramik
560d76b7ee KEYCLOAK-6748 undertow saml adapter tests 2018-11-06 21:17:07 +01:00
Pedro Igor
bce2aee144 [KEYCLOAK-8646] - Error deleting policies when admin events are enabled 2018-11-06 11:27:32 -02:00
rmartinc
cbe59f03b7 KEYCLOAK-8708: Provide aggregation of group attributes for mappers 2018-11-06 13:42:38 +01:00
Torbjørn Skyberg Knutsen
36b0d8b80e KEYCLOAK-7166 Added the possibility of not logging out of remote idp on browser logout, by passing a query param containing the id of the identity provider 2018-11-06 13:39:19 +01:00
scranen
5880efe775 KEYCLOAK-4342 Make naming consistent 2018-11-06 10:28:06 -02:00
scranen
0c6b20e862 [KEYCLOAK-4342] Make adapter state cookie path configurable 2018-11-06 10:28:06 -02:00
Pedro Igor
327991bd73 [KEYCLOAK-8716] - Issue with caching resolved roles in KeycloakSession 2018-11-06 10:27:04 -02:00
vramik
b2aa324ee4 KEYCLOAK-8631 skip AddUserTest on app-server-undertow 2018-10-31 18:08:42 +01:00
vramik
76e4253a21 KEYCLOAK-8670 remove support for migration.mode=import as there are separate tests 2018-10-31 18:07:20 +01:00
mposolda
ffcd8e09e7 KEYCLOAK-8175 Possibility of clientScope not being used if user doesn't have a role 2018-10-31 18:04:41 +01:00
mposolda
cfeb56e18a KEYCLOAK-8641 Remove aud from the authorization tickets 2018-10-31 13:31:26 +01:00
mposolda
9652748ba9 KEYCLOAK-8484 Remove audience client scope template 2018-10-31 11:11:02 +01:00
Pedro Igor
f6943296c7 [KEYCLOAK-8489] - RPT request: Authorized Party's protocol mappers are being applied instead of the Audience's ones 2018-10-26 09:40:32 -03:00
vramik
4d2300f17e KEYCLOAK-8664 KEYCLOAK-8665 KEYCLOAK-8666 fix assertions in testsuite 2018-10-25 21:42:01 +02:00
vramik
f449b8b454 KEYCLOAK-8637 Add support for OIDC multitenancy adapter test for jboss based containers 2018-10-25 20:45:45 +02:00
Graser Leon
9ef4c7fffd KEYCLOAK-8377 Role Attributes 2018-10-24 22:04:28 +02:00
Pedro Igor
460cdf4508 [KEYCLOAK-8617] - Permission cache not handling decisions from negative policies correctly 2018-10-24 15:03:22 -03:00
mposolda
c36b577566 KEYCLOAK-8483 Remove application from the aud claim of accessToken and refreshToken 2018-10-23 13:52:09 +02:00
Pedro Igor
6f8f8e6a28 [KEYCLOAK-8449] - Option to automatically map HTTP verbs to scopes when configuring the policy enforcer 2018-10-23 08:40:54 -03:00
vramik
7a96911a83 KEYCLOAK-8300 KEYCLOAK-8301 Wildfly 14 upgrade
Co-authored-by: Marek Posolda <mposolda@redhat.com>
2018-10-17 20:01:07 +02:00
MICHEL Arnault (UA 2118)
ab8789739f [KEYCLOAK-8580] Add Nginx certificate lookup provider 2018-10-16 07:53:18 +02:00
mposolda
60a8267576 KEYCLOAK-8530 KEYCLOAK-8531 Fix MigrationTest and migration from 2.5.5.Final and 3.4.3.Final 2018-10-15 16:38:24 +02:00
stianst
5f0424fb11 KEYCLOAK-8310 Change scheme option to alwaysHttps option 2018-10-15 14:00:00 +02:00
Stefan Guilhen
68a54abb09 KEYCLOAK-6757 Update MicrosoftIdentityProvider to use the Microsoft Graph endpoints 2018-10-15 12:46:15 +02:00
Martin Bartos RH
102628dc59 [KEYCLOAK-4935] Migrate AddUserTest from old testsuite 2018-10-15 08:14:34 +02:00
stianst
11374a2707 KEYCLOAK-8556 Improvements to profile 2018-10-12 12:26:37 +02:00
mposolda
4483677cdd KEYCLOAK-8529 Fix most of adapter tests on EAP6 2018-10-12 12:01:33 +02:00
mposolda
f254675a5e KEYCLOAK-8568 DemoServletsAdapterTest.testVersion is unstable on travis 2018-10-12 09:27:37 +02:00
Leon Graser
066bef744f KEYCLOAK-6658 Fine Grain Permissions via Java Client
Signed-off-by: Leon Graser <leon.graser@bosch-si.com>
2018-10-11 09:44:57 -03:00
Moritz Becker
fbe3445c48 fix KEYCLOAK-8513 remove data dependency between testUpdateProfile and testGetProfile in org.keycloak.testsuite.account.AccountRestServiceTest 2018-10-11 08:08:51 +02:00
mposolda
5b51c000af KEYCLOAK-8481 Don't include empty resource_access in access token 2018-10-11 08:04:07 +02:00
rmartinc
0a6f43c1a1 KEYCLOAK-8490: Direct grants returns invalid credentials when user has pending actions 2018-10-10 20:18:20 +02:00
Pedro Igor
79ca722b49 [KEYCLOAK-7605] - Make sure Evaluation API is read-only 2018-10-09 08:09:29 -03:00
mposolda
3ca386f223 KEYCLOAK-8148 Duplication of listed roles assigned through groups in userinfo endpoint 2018-10-08 22:18:06 +02:00
Pedro Igor
8e57cee30f [KEYCLOAK-8445] - Owner not granted with permissions when using only scope-based permissions 2018-10-08 09:57:21 -03:00
Hynek Mlnarik
531ee3a1be KEYCLOAK-8494 Use c3p0 connection pool in testsuite 2018-10-08 14:24:56 +02:00
Mark True
28b6e4dd5b cleaning up to do PR 2018-10-08 09:16:53 +02:00
Moritz Becker
f17b5f0f49 fix KEYCLOAK-7572 consistently perform duplicate user checks during account update only if email changes
Fix test
2018-10-05 09:35:05 +02:00
stianst
86a2f28561 KEYCLOAK-8310 Add support to set fixed scheme on fixed hostname provider 2018-10-05 09:34:17 +02:00
mposolda
0d9b1e73b8 KEYCLOAK-7855 Cannot reset Client Consent Screen Text 2018-10-04 21:00:48 +02:00
Hynek Mlnarik
211774ccbc KEYCLOAK-7810 Fix NPE in Elytron SAML adapter 2018-10-04 14:38:45 +02:00
mposolda
2a4cee6044 KEYCLOAK-6884 KEYCLOAK-3454 KEYCLOAK-8298 Default 'roles' and 'web-origins' client scopes. Add roles and allowed-origins to the token through protocol mappers 2018-10-04 12:00:38 +02:00
Stan Silvert
dba513c921 KEYCLOAK-8419: Make most act mgt APIs only active in preview mode 2018-10-02 16:32:56 -04:00
Pedro Igor
b4b3527df7 [KEYCLOAK-7950] - Fixes user pagination when using filtering users members of groups 2018-10-02 15:44:23 -03:00
Martin Kanis
efe6a38648 KEYCLOAK-6718 Auth Flow does not Check Client Protocol 2018-09-26 21:00:02 +02:00
Pedro Igor
43f5983613 [KEYCLOAK-8289] - Remove authorization services from product preview profile 2018-09-26 18:27:27 +02:00
Pedro Igor
df311b60b4 [KEYCLOAK-8168] - PEP is resolving claims twice under certain circumstances 2018-09-25 11:47:50 -03:00
Takashi Norimatsu
340c8e8426 KEYCLOAK-8327 Token Introspect Test for Refresh Token Mistake 2018-09-21 11:38:04 +02:00
mposolda
3777dc45d0 KEYCLOAK-3058 Support for validation of "aud" in adapters through verify-token-audience configuration switch 2018-09-21 11:17:05 +02:00
Douglas Palmer
b748e269ec [KEYCLOAK-7435] Added code to delete a specific session and tests for session deletion 2018-09-20 15:57:58 +02:00
vmuzikar
4268dd1777 KEYCLOAK-7742,KEYCLOAK-6332 Switch Admin Console UI tests to GeckoDriver 2018-09-20 10:32:59 +02:00
vramik
24b7d080af KEYCLOAK-8268 unify fuse70 and fuse71 modules into fuse7x module 2018-09-20 10:27:17 +02:00
Pedro Igor
6b0bc0b3be [KEYCLOAK-8308] - Deprecate token_introspection_endpoint claim from OIDC discovery document 2018-09-19 09:46:50 -03:00