Marek Posolda
a6d4316084
KEYCLOAK-14209 Client policies admin console support. Changing of format of JSON for client policies and profiles. Remove support for default policies ( #7969 )
...
* KEYCLOAK-14209 KEYCLOAK-17988 Client policies admin console support. Changing of format of JSON for client policies and profiles. Refactoring based on feedback and remove builtin policies
2021-05-12 16:19:55 +02:00
Takashi Norimatsu
355a5d65fb
KEYCLOAK-18052 Client Policies : Revise SecureRequestObjectExecutor to have an option for checking nbf claim
2021-05-11 14:29:33 +02:00
rmartinc
2539bd9ed3
[KEYCLOAK-17903] idp metadata describing one entity MUST have EntityDescriptor root element
2021-05-11 13:02:13 +02:00
Takashi Norimatsu
5dced05591
KEYCLOAK-18050 Client Policies : Rename "secure-redirecturi-enforce-executor" to indicate what this executor does
2021-05-11 07:42:18 +02:00
Pedro Igor
6397671c88
[KEYCLOAK-17885] - Delete user-managed policies when removing groups
2021-05-10 16:33:23 -03:00
Takashi Norimatsu
b4e4e75743
KEYCLOAK-17928 Determine public client based on token_endpoint_auth_method during OIDC dynamic client registration
2021-05-10 08:24:18 +02:00
Takashi Norimatsu
624d300a55
KEYCLOAK-17938 Not possible to create client in the admin console when client policy with "secure-redirecturi-enforce-executor" condition is used
2021-05-07 17:52:09 +02:00
Takashi Norimatsu
b38b1eb782
KEYCLOAK-17895 SecureSigningAlgorithmEnforceExecutor: Ability to auto-configure default algorithm
2021-05-07 12:37:39 +02:00
Takashi Norimatsu
faab3183e0
KEYCLOAK-18034 Enforce SecureSigningAlgorithmForSignedJwtEnforceExecutor to private-key-jwt clients regardless their option
2021-05-07 12:26:46 +02:00
keycloak-bot
4b44f7d566
Set version to 14.0.0-SNAPSHOT
2021-05-06 14:55:01 +02:00
Hynek Mlnarik
98a88e3e8b
KEYCLOAK-17991 Introduce preview feature for map storage
2021-05-06 11:38:41 +02:00
Hynek Mlnarik
6d97a573e6
KEYCLOAK-17696 Make MapStorageFactory amphibian
2021-05-06 11:38:41 +02:00
Takashi Norimatsu
0a4fdc64f3
KEYCLOAK-17929 SecureSigningAlgorithmForSignedJwtEnforceExecutor polishing for FAPI
2021-05-06 08:41:05 +02:00
Takashi Norimatsu
b78d151a23
KEYCLOAK-16808 Client Policy : Implement existing ConsentRequiredClientRegistrationPolicy as Client Policies' executor
...
Co-authored-by: Andrii Murashkin <amu@adorsys.com.ua>
2021-05-06 08:36:34 +02:00
Peter Skopek
b2ed99c70d
KEYCLOAK-16928 Fix typo in authenticatorFlow representation
2021-05-06 08:33:19 +02:00
mposolda
20fc430be0
KEYCLOAK-17874 Server cannot be started with oracle19cRAC
2021-05-05 13:12:07 +02:00
Václav Muzikář
57fca2a34f
KEYCLOAK-15170 Reset password link is not invalidated if email address is changed
2021-05-05 08:45:47 +02:00
Martin Bartoš
c2c1b482ea
KEYCLOAK-17734 LifespanAdapterTest fails due to header check
2021-05-04 12:36:33 +02:00
Christoph Leistert
61bdc92ad9
KEYCLOAK-17387: 403 response on localization endpoint for cross realm users
...
- add ForbiddenPage class for the assertion at the selenium test
- add assertion to selenium test
- GET requests for localization texts require at least one role for the realm
- Make GET requests for localization texts public, to display the admin UI correctly, even if the role view-realm is missing
2021-05-03 13:29:11 -03:00
Václav Muzikář
315b9e3c29
KEYCLOAK-17835 Account Permanent Lockout and login error messages
2021-05-03 09:39:34 +02:00
Takashi Norimatsu
65c48a4183
KEYCLOAK-12137 OpenID Connect Client Initiated Backchannel Authentication (CIBA) ( #7679 )
...
* KEYCLOAK-12137 OpenID Connect Client Initiated Backchannel Authentication (CIBA)
Co-authored-by: Andrii Murashkin <amu@adorsys.com.ua>
Co-authored-by: Christophe Lannoy <c4r1570p4e@gmail.com>
Co-authored-by: Pedro Igor <pigor.craveiro@gmail.com>
Co-authored-by: mposolda <mposolda@gmail.com>
2021-04-29 15:56:39 +02:00
Jan Lieskovsky
6df5ba0f1c
[KEYCLOAK-17227] Wildfly 23 upgrade
...
Base fixes:
* [KEYCLOAK-17228] Upgrade Keycloak to Wildfly 23.0.0.Final / Wildfly Core 15.0.0.Final
Other (related) fixes:
* [KEYCLOAK-17477] Update org.wildfly.common to 1.5.4.Final
* [KEYCLOAK-17478] Update wildfly-galleon-maven-plugin to 5.1.0.Final
* [KEYCLOAK-17479] Keycloak Galleon Feature Pack: Adapter fails to build on top of Wildfly 23
* [KEYCLOAK-17482] Sync Wildfly 23 model changes to Keycloak
* [KEYCLOAK-17508] Apply workaround for WFCORE-5335
* [KEYCLOAK-17231] Update org.keycloak.testsuite.metrics.MetricsRestServiceTest
to work with org.wildfly.extension.health
* [KEYCLOAK-17585] Fix Quarkus startup failure post applying Wildfly 23 upgrade changes
* [KEYCLOAK-17583] Fix ConfigMigrationTest post applying Wildfly 23 model changes
* [KEYCLOAK-17584] Fix ActionTokenCrossDCTest#sendResetPasswordEmailSuccessWorksInCrossDc
test failure post applying Wildfly 23 upgrade changes
Signed-off-by: Jan Lieskovsky <jlieskov@redhat.com>
2021-04-29 12:36:03 +02:00
vramik
de79493294
KEYCLOAK-17896 Add maven profile for map storage
2021-04-28 21:05:42 +02:00
vramik
162043beec
KEYCLOAK-17615 Move database initialization from KeycloakApplication to JpaConnectionProviderFactory
2021-04-28 13:43:48 +02:00
Martin Kanis
515bfb5064
KEYCLOAK-16378 User / client session map store
...
Co-authored-by: Martin Kanis <mkanis@redhat.com>
Co-authored-by: Hynek Mlnarik <hmlnarik@redhat.com>
2021-04-28 09:09:15 +02:00
Yoshiyuki Tabata
45202bd49a
KEYCLOAK-17637 Client Scope Policy for authorization service
2021-04-26 08:58:33 -03:00
Ayat Bouchouareb
8255cba930
KEYCLOAK-17612- Invalid SAML Response : Invalid Destination
2021-04-26 11:15:28 +02:00
Pedro Igor
068a1811f2
[KEYCLOAK-17452] - Removing policies created from a user-managed policy
2021-04-21 11:30:57 -03:00
Pedro Igor
228de42859
[KEYCLOAK-17598] - Changing root path check when resolving resource by uri
2021-04-21 11:30:07 -03:00
Takashi Norimatsu
190b60c5cd
KEYCLOAK-17827 Client Policy - Condition : Client - Client Host : Removing Option
2021-04-21 15:16:00 +02:00
i7a7467
ada7f37430
KEYCLOAK-16918 Set custom user attribute to Name ID Format for a SAML client
...
https://issues.redhat.com/browse/KEYCLOAK-16918
Co-authored-by: Michal Hajas <mhajas@redhat.com>
2021-04-20 10:29:17 +02:00
Martin Bartoš
ca019c36e8
KEYCLOAK-17457 Failed OfflineServletsAdapterTest
2021-04-19 16:58:38 -03:00
AlistairDoswald
8b3e77bf81
KEYCLOAK-9992 Support for ARTIFACT binding in server to client communication
...
Co-authored-by: AlistairDoswald <alistair.doswald@elca.ch>
Co-authored-by: harture <harture414@gmail.com>
Co-authored-by: Michal Hajas <mhajas@redhat.com>
2021-04-16 12:15:59 +02:00
Michal Hajas
64ccbda5d5
KEYCLOAK-17323 Compute token expiration using Time.currentTime() instead of userSession.getStarted()
2021-04-14 12:58:45 +02:00
Martin Bartoš
b237c503ba
KEYCLOAK-16913 Fix failed FuseAdapterTest
2021-04-14 09:51:02 +02:00
Martin Bartoš
5a9068e732
KEYCLOAK-16401 Deny/Allow access in a conditional context
2021-04-09 12:04:45 +02:00
Michito Okai
d9ebbe4958
KEYCLOAK-17202 Restrict Issuance of Refresh tokens to specific clients
2021-04-08 11:51:25 +02:00
Takashi Norimatsu
8b0b657a8f
KEYCLOAK-17682 Client Policy - Executor : remove inner config class for executor without any config
2021-04-08 09:22:16 +02:00
Takashi Norimatsu
3221708499
KEYCLOAK-17667 Client Policy - Executor : Only Accept Confidential Client
2021-04-08 09:17:10 +02:00
Takashi Norimatsu
e9035bb7b3
KEYCLOAK-17681 Client Policy - Executor : Limiting available period of Request Object with its configuration
2021-04-08 09:12:20 +02:00
Daniel Fesenmeyer
a48d04bfe0
KEYCLOAK-16082 save attributes when role is created (with REST POST request)
...
- add missing mapping code to RoleContainerResource#createRole
- extend ClientRolesTest and RealmRolesTest to check that now the attributes are saved when a role is created
- remove no longer needed code which updated roles because attributes were not saved on creation
2021-04-07 14:08:49 -03:00
Lukas Hanusovsky
e0d660d815
KEYCLOAK-17311 - exclude for Remote testsuite
2021-04-07 13:37:38 +02:00
Lukas Hanusovsky
17b19b2e36
KEYCLOAK-17302 - exclude for Remote testsuite
2021-04-07 13:35:47 +02:00
Takashi Norimatsu
7b227ae47c
KEYCLOAK-17666 Client Policy - Executor : Limiting available period of Request Object
2021-04-07 08:36:26 +02:00
Takashi Norimatsu
42dec08f3c
KEYCLOAK-16805 Client Policy : Support New Admin REST API (Implementation) ( #7780 )
...
* KEYCLOAK-16805 Client Policy : Support New Admin REST API (Implementation)
* support tests using auth-server-quarkus
* Configuration changes for ClientPolicyExecutorProvider
* Change VALUE of table REALM_ATTRIBUTES to NCLOB
* add author tag
* incorporate all review comments
Co-authored-by: mposolda <mposolda@gmail.com>
2021-04-06 16:31:10 +02:00
vramik
d1ad905407
KEYCLOAK-17640 fix MultiVersionClusterTest.verifyFailureOn* tests
2021-04-06 12:55:26 +02:00
Miquel Simon
5f551e018d
KEYCLOAK-17310. Disabled test in remote environment. ( #7898 )
2021-04-06 09:03:04 +02:00
vramik
185075d373
KEYCLOAK-14552 Realm Map Store
2021-03-31 15:49:03 +02:00
Konstantinos Georgilakis
ec5c256562
KEYCLOAK-5657 Support for transient NameIDPolicy and AllowCreate in SAML IdP
2021-03-31 14:45:39 +02:00
rmartinc
0a0caa07d6
KEYCLOAK-17215 Slowness issue while hitting /auth/admin/realms/$REALM/clients?viewableOnly=true after DELETE a role
2021-03-31 12:57:17 +02:00