libre.sh/keycloak-scim
2
0
Fork 0
Code Issues 14 Pull requests Releases Packages Activity Actions
12113 commits 4 branches 5 tags 480 MiB
Commit graph

2250 commits

Author SHA1 Message Date
Hynek Mlnarik
7ff18ca14b KEYCLOAK-7331 Fix NPE when SAML Issuer not set in AuthnRequest 2018-06-06 16:21:18 +02:00
Hynek Mlnarik
5a241392cf KEYCLOAK-7094 Support redirect to external logout page 2018-06-05 14:51:18 +02:00
Takashi Norimatsu
c586c63533 KEYCLOAK-6771 Holder of Key mechanism 
OAuth 2.0 Mutual TLS Client Authentication and Certificate Bound Access
Tokens
 2018-06-05 08:18:29 +02:00
Pedro Igor
f8919f8baa
Merge pull request #5211 from pedroigor/KEYCLOAK-7367 
[KEYCLOAK-7367] - User-Managed Policy Provider
 2018-06-04 09:35:13 -03:00
Pavel Drozd
6c3e6bc90c KEYCLOAK-7476 - sshLoginTest - changed command result 2018-06-01 10:35:38 +02:00
Jared Blashka
65c39763eb KEYCLOAK-7356 Code to Token flow fails if initial redirect_uri contains a session_state parameter 2018-05-31 08:53:11 +02:00
Martin Kanis
f429469fc8 KEYCLOAK-5270 Realm cookie path for IE<=11 users (#5106) 2018-05-31 08:44:34 +02:00
Takashi Norimatsu
eb97151476 KEYCLOAK-7451 OAuth Authorization Server Metadata for Proof Key for Code Exchange 2018-05-28 22:15:43 +02:00
Pedro Igor
2b6597e9f1 [KEYCLOAK-7367] - User-Managed Policy Provider 2018-05-25 16:18:15 -03:00
Pedro Igor
21d139c6c2
Merge pull request #5173 from pedroigor/KEYCLOAK-7148 
[KEYCLOAK-7148] - Associate sub resources to a parent resource
 2018-05-17 16:51:55 -03:00
vramik
39b6bf62ba KEYCLOAK-6991 fixed ExportImportTest not to affect other tests (PermissionsTest, RealmTest) on auth-server-undertow 2018-05-17 11:07:29 +02:00
Pedro Igor
1634bef28a
Merge pull request #5194 from pedroigor/KEYCLOAK-7322 
[KEYCLOAK-7322] - NPE when removing group from representation
 2018-05-15 06:05:54 -03:00
pedroigor
88f21eae87 [KEYCLOAK-7322] - NPW when removing group from representation 2018-05-08 14:03:33 -03:00
Bill Burke
1258923a0d
Merge pull request #5188 from patriot1burke/keycloak-7304 
KEYCLOAK-7304
 2018-05-08 07:31:05 -04:00
mhajas
3ced81a2c2 KEYCLOAK-7315 Fix issues in JavascriptAdapter tests (#5193) 
more in issue KEYCLOAK-7315
 2018-05-07 14:47:56 -04:00
Pedro Igor
e84acd9898
Merge pull request #5177 from pedroigor/KEYCLOAK-7206 
[KEYCLOAK-7206] - Search by user id on admin console
 2018-05-04 09:11:49 -03:00
Bill Burke
fdc6fc59b8 KEYCLOAK-7304 2018-05-03 12:14:30 -04:00
pedroigor
7ebcc69cb9 [KEYCLOAK-7148] - Associate sub resources to a parent resource 2018-05-02 13:04:11 -03:00
Martin Kanis
9505925363 Revert "KEYCLOAK-5270 Realm cookie path for IE<=11 users (#5106)" (#5183) 
This reverts commit a67da7bc59.
 2018-05-02 09:31:42 +02:00
mhajas
6e123bcea2 KEYCLOAK-6847 Fix OIDC adapter tests 2018-05-02 09:28:26 +02:00
pedroigor
ddceaaf3d5 [KEYCLOAK-7206] - Search by user id on admin console 2018-04-30 11:44:33 -03:00
vmuzikar
5ec50461ee KEYCLOAK-7101 Fix DockerClientTest 2018-04-27 15:02:10 +02:00
Pedro Igor
e960642399
Merge pull request #5144 from pedroigor/KEYCLOAK-4903 
[KEYCLOAK-4903] - Pushed Claims
 2018-04-26 15:59:13 -03:00
pedroigor
035ebc881a [KEYCLOAK-4903] - Claim Information point Provider SPI and configuration 2018-04-25 10:16:41 -03:00
vramik
8b5fd2b4ac KEYCLOAK-7091 fuse7 testsuite 2018-04-25 14:35:56 +02:00
pedroigor
e813fcd9c8 [KEYCLOAK-4903] - Pushing claims when obtaining a permission ticket 2018-04-24 19:47:28 -03:00
mposolda
634e7170e3 KEYCLOAK-7158 RestartLoginCookie throws error when KC_RESTART cookie created by Keycloak 1.9 2018-04-23 21:56:13 +02:00
Stan Silvert
b6a0303a4c
KEYCLOAK-7196: Add kc_locale to keycloak.js (#5165) 
* KEYCLOAK-7196: Add kc_locale to keycloak.js

* Update keycloak.d.ts
 2018-04-23 11:45:32 -04:00
pedroigor
c3d297dd05 [KEYCLOAK-7162] - Expose WWW-Authenticate Header when using CORS 2018-04-23 08:46:54 +02:00
mhajas
a1e7351072 KEYCLOAK-6815 Use htmlunit as default browser for adapter tests 2018-04-19 15:01:14 +02:00
Martin Kanis
7efa45126c KEYCLOAK-6991 NPE when importing realm from file 2018-04-19 14:26:50 +02:00
wyvie
4ddff9ee16 [KEYCLOAK-7017] fixed ActionTokenCrossDCTest failures 
Test was failing because of change of login page design. Element which
contained title headers was moved from header title to another element.
Was not fixed upon initial commit (ca15db) because test's only turned on
by profile.
 2018-04-17 16:14:10 +02:00
Vlastimil Eliáš
c1311e4619 KEYCLOAK-6849 - LinkedIn social login provider updated to new LinkedIn OAuth2 endpoint (#5125) 
* KEYCLOAK-6849 - LinkedIn social login provider updated to new LinkedIn
OAuth2 endpoint

* KEYCLOAK-6849 - LinkedIn social login provider test updated

* KEYCLOAK-6849 - LinkedIn social login provider test updated to
conditionally handle consent page when shown only

* Simplify the LinkedIn app authorization

This reverts commit c12359e7a13d9ff231fe2e25cddba66ad679a9cd.
 2018-04-13 08:09:27 +02:00
vramik
9a94004fc9 KEYCLOAK-7137 Polish testsuite a bit 2018-04-12 16:46:59 +02:00
mhajas
b78f0aa9db KEYCLOAK-6806 Wait for query error to appear in query response mode test (#5130) 2018-04-10 09:58:23 +02:00
Hugo Guerrero
fac3118b0a KEYCLOAK-6448 - implement instagram social broker (#4963) 
* KEYCLOAK-6448 - implement instagram social broker

* Instagram SocialLogin Tests
 2018-04-09 17:30:27 +02:00
Martin Kanis
a67da7bc59 KEYCLOAK-5270 Realm cookie path for IE<=11 users (#5106) 2018-04-06 09:26:29 +02:00
wyvie
943bd9e48e [KEYCLOAK-6808] fix for the WildflyConsoleProtectionTest 
Access Control is not an 'a' tag, but rather 'span'
Also two tests do not behave correctly with a same
Before annotated initialization, so reduce number
of tests to one, which calls the other one
 2018-04-06 07:28:29 +02:00
Pedro Igor
e1f5245145
Merge pull request #5120 from pedroigor/KEYCLOAK-7029 
[KEYCLOAK-7029] - Configuration of cache policies for cached resources/path
 2018-04-05 09:33:23 -03:00
wyvie
b3513e3203 [KEYCLOAK-6872] fixed account link test 2018-04-05 10:53:00 +02:00
Bill Burke
ffd9d957f4
Merge pull request #5123 from patriot1burke/kcadm-token 
KEYCLOAK-7044 KEYCLOAK-7046
 2018-04-04 17:22:17 -04:00
Stefan Guilhen
87abe5e648 [KEYCLOAK-6853] Make TimePolicyProvider use the kc.date.time_date contextual attribute when evaluating policies 2018-04-04 14:37:03 -03:00
mhajas
b3b81d6a76 KEYCLOAK-6806 timeSkew tolerance in tests (#5110) 2018-04-04 11:19:18 +02:00
Bill Burke
8a5428808e KEYCLOAK-7044 KEYCLOAK-7046 2018-04-03 21:29:31 -04:00
pedroigor
a939c45d58 [KEYCLOAK-7029] - Configuration of cache policies for cached resources/path 2018-04-03 16:44:27 -03:00
Bill Burke
0b2fe75828
Merge pull request #5115 from patriot1burke/kcinit-browser 
KEYCLOAK-7004 KEYCLOAK-7003 KEYCLOAK-6999 KEYCLOAK-7033
 2018-04-03 10:31:30 -04:00
pedroigor
5c52da80c6 [KEYCLOAK-7028] - Propagating AuthorizationContext when enforcement-mode is disable for a path 2018-04-02 11:10:43 -03:00
Bill Burke
4078e84fb6 server driven success page 2018-03-31 10:16:44 -04:00
Bill Burke
06f32a47ec fake browser tests 2018-03-30 08:24:30 -04:00
Bill Burke
f4a5e49b63 initial 2018-03-29 17:14:36 -04:00
Pedro Igor
5cae1bb134
Merge pull request #5093 from pedroigor/KEYCLOAK-4102 
[KEYCLOAK-4102] - Support lazy load paths
 2018-03-29 09:16:34 -03:00
Bill Burke
8d3dc790df
Merge pull request #5087 from patriot1burke/kcinit 
KEYCLOAK-6813
 2018-03-28 17:35:33 -04:00
Bill Burke
f5bacb79c1 review changes 2018-03-28 16:45:52 -04:00
pedroigor
4a425c2674 [KEYCLOAK-4102] - Support lazy loading of paths via policy enforcer config 2018-03-28 09:23:59 -03:00
Bill Burke
c38b6d585e KEYCLOAK-528 (#5103) 2018-03-28 11:15:37 +02:00
Bill Burke
ad5f3fefc5 Merge remote-tracking branch 'upstream/master' into kcinit 2018-03-27 16:38:35 -04:00
Pedro Igor
ffeb0420bf
Merge pull request #5079 from pedroigor/KEYCLOAK-6529 
[KEYCLOAK-6529] - Resource Attributes
 2018-03-27 09:30:38 -03:00
mhajas
a63bb44ba2 KEYCLOAK-3164 Migrate SAML ECP tests to integration-arquillian 2018-03-27 12:07:07 +02:00
Pavel Drozd
92aba77cc1
Merge pull request #5094 from vmuzikar/fix-stackoverflow 
KEYCLOAK-6510 Fix StackOverflow social login test
 2018-03-26 08:22:32 +02:00
Bill Burke
39f93dfa33 fix providers test 2018-03-21 10:01:40 -04:00
June Zhang
ca15db81bb KEYCLOAK-6262 Incorporate new visual design from PatternFly (#4983) 
* KEYCLOAK-6262 Incorporate new visual design from PatternFly

Update the username or email

Fix narrow/wide in template.ftl

minor style update

Add the Realm HTML name and image

Config OTP and Update Password
Not display the locale selector if there is less than 1 locale.

Fix margins/paddings on config otp screens

Fix title

Upgraded to PatternFly 3.41.6

Added RCUE and updated RH-SSO login theme

Refine the RCUE padding issue

Fix tests

Fix Keycloak background

Fix

* fix the overflowing issue

* Fix Console UI Tests to reflect the new login page

* Fix the different style of the IdP buttons
Fix the IE placeholder issue - add label

* Removed placeholder on login and reset pass. Fixed Keycloak background on wide screens.

* fixed the stackoverflow issues
fixed the width in the tablets
 2018-03-21 10:47:33 +01:00
Bill Burke
f000cedcbb Merge remote-tracking branch 'upstream/master' into kcinit 2018-03-20 16:49:43 -04:00
Bill Burke
681e3d751e golang integration 2018-03-20 16:42:35 -04:00
Bill Burke
8926837a3e tests 2018-03-19 16:47:13 -04:00
Stefan Guilhen
35b9fe043c [KEYCLOAK-6543] Remove the authz examples from the Keycloak codebase. 2018-03-19 17:00:02 -03:00
Áron Bustya
82ba2b1b0d remove changes from standard OIDC client registration, move constants 2018-03-19 19:31:22 +01:00
Áron Bustya
57f57f5c75 set request object mandatory for client, restrict delivery mode 
handle new attribute in client representation


add to UI
 2018-03-19 19:31:22 +01:00
pedroigor
08896ee9c9 [KEYCLOAK-6529] - Resource Attributes 2018-03-19 13:21:39 -03:00
Pedro Igor
917ba90f2c
Merge pull request #5077 from pedroigor/KEYCLOAK-6628 
[KEYCLOAK-6628] - Expose methods to query roles, groups, and attributes of users in Evaluation API
 2018-03-19 08:54:12 -03:00
Bill Burke
4bba11cd94 kcinit 2018-03-16 12:11:57 -04:00
mhajas
3826f6fae2 KEYCLOAK-3161 KEYCLOAK-3165 Migrate SAML tests from old testsuite to integration-arquillian 2018-03-15 18:15:44 +01:00
pedroigor
711bf244ed [KEYCLOAK-6628] - Expose methods to query roles, groups, and attributes of users in Evaluation API 2018-03-15 14:02:15 -03:00
Douglas Palmer
fed1b62c5d [KEYCLOAK-6301] Remove service account when it is disabled from the client 2018-03-14 15:09:42 +01:00
Takashi Norimatsu
e72756d01a KEYCLOAK-6700 Financial API Read and Write API Security Profile : state hash value (s_hash) to protect state parameter 2018-03-13 16:40:34 +01:00
Pedro Igor
871ecf83fb
Merge pull request #5071 from vramik/KEYCLOAK-6644-stabilize-PhotozExampleAdapterTest 
KEYCLOAK-6644 PhotozExampleAdapterTest is not stable
 2018-03-13 09:03:57 -03:00
vmuzikar
daaa35bc37 KEYCLOAK-6831 Fix Microsoft Social Login test 2018-03-13 10:19:27 +01:00
vramik
9d10ccef70 KEYCLOAK-6644 PhotozExampleAdapterTest is not stable 2018-03-13 09:53:17 +01:00
Pedro Igor
2aa71d1737
Merge pull request #5051 from pedroigor/KEYCLOAK-6787 
[KEYCLOAK-6787] - Wrong validation of resources with same name and different owners
 2018-03-12 11:41:49 -03:00
Pedro Igor
b9b1102b74
Merge pull request #5004 from pedroigor/KEYCLOAK-6623 
[KEYCLOAK-6623] - Policy enforcer gets confused with similar paths ending with wildcards
 2018-03-12 09:59:05 -03:00
Pedro Igor
f824582aac
Merge pull request #5009 from pedroigor/KEYCLOAK-6116 
[KEYCLOAK-6116] - Get email attribute from 'subject alternative name' using X509 certificate
 2018-03-12 09:58:02 -03:00
pedroigor
199f289ee3 [KEYCLOAK-6623] - Adding test 2018-03-09 16:39:33 -03:00
Hynek Mlnarik
190771ddf1 KEYCLOAK-6783 Add authentication into cross-dc testing 2018-03-09 15:08:55 +01:00
pedroigor
62b70b561e [KEYCLOAK-6116] - Removing references to phantomjs.cli.args 2018-03-09 10:56:35 -03:00
pedroigor
1f13427dee [KEYCLOAK-6116] - Enabling tests for both jboss servers 2018-03-09 10:56:35 -03:00
pedroigor
6aee573e2e [KEYCLOAK-6116] - Tests for X509 Subject Alternative Name Extension 2018-03-09 10:56:35 -03:00
vmuzikar
d66c33a8b9 KEYCLOAK-6793 Support custom Chrome binary in Arquillian testsuite 2018-03-07 10:38:12 +01:00
wyvie
c27ffbda8b [KEYCLOAK-6643] server version now retreived from server info web page 2018-03-06 10:49:09 +01:00
vmuzikar
502fc62967 KEYCLOAK-6797 Fix Social Login test 2018-03-06 10:19:10 +01:00
Bill Burke
4b6b45cf43 KEYCLOAK-6026 2018-03-05 11:57:05 -05:00
Pedro Igor
1b06194455
Merge pull request #5050 from TeliaSoneraNorge/KEYCLOAK-6659 
Add pairwise sub support to authorization services
 2018-03-02 14:44:28 -03:00
Martin Hardselius
8549bd70b7 Add pairwise sub support to authorization services 
Identity token verification will now fetch the user from the session
state instead of relying on the sub provided in the token. Also done in
KeycloakIdentity.

Resolves: KEYCLOAK-6659
 2018-03-02 13:08:27 +01:00
vramik
569f26776e KEYCLOAK-5060 KEYCLOAK-3157 migrated Adapter package from old testsuite 2018-03-02 10:56:26 +01:00
pedroigor
1e1de85685 [KEYCLOAK-6787] - Wrong validation of resources with same name and different owners 2018-03-01 16:50:05 -03:00
pedroigor
b0200d462d [KEYCLOAK-6621] - Removing unnecessary code to process scopes from typed resources 2018-02-28 16:33:45 -03:00
vmuzikar
028e78f46b KEYCLOAK-6772 Fix SessionsPreloadCrossDCTest 2018-02-28 20:14:50 +01:00
Hynek Mlnarik
9ca7b22cec KEYCLOAK-6777 Fix AccountPageTest 2018-02-28 16:28:48 +01:00
Hynek Mlnarik
1b45ab2601 KEYCLOAK-6773 XML vulnerability test 2018-02-28 15:05:07 +01:00
Pedro Igor
91bdc4bde2 [KEYCLOAK-3169] - UMA 2.0 (#4368) 
* [KEYCLOAK-3169] - UMA 2.0 Support

* [KEYCLOAK-3169] - Changes to account service and more tests

* [KEYCLOAK-3169] - Code cleanup and tests

* [KEYCLOAK-3169] - Changes to account service and tests

* [KEYCLOAK-3169] - Changes to account service and tests

* [KEYCLOAK-3169] - More tests

* [KEYCLOAK-3169] - Changes to adapter configuration

* [KEYCLOAK-3169] - Reviewing UMA specs and more tests

* [KEYCLOAK-3169] - Reviewing UMA specs and more tests

* [KEYCLOAK-3169] - Changes to UMA Grant Type and refactoring

* [KEYCLOAK-3169] - Refresh tokens for RPT responses and tests

* [KEYCLOAK-3169] - Changes to account my resources and policy enforcers

* [KEYCLOAK-3169] - Realm settings flag to enable/disable user-managed access in account mgmt console

* [KEYCLOAK-3169] - More changes to my resource pages in account mgmt console

* [KEYCLOAK-3169] - Need to enable user-managed on realm to run tests

* [KEYCLOAK-3169] - Removing more UMA 1.0 related code

* [KEYCLOAK-3169] - Only submit requests if ticket exists

* [KEYCLOAK-3169] - Returning UMA 401 response when not authenticated

* [KEYCLOAK-3169] - Removing unused code

* [KEYCLOAK-3169] - Removing unused code

* [KEYCLOAK-3169] - 403 response in case ticket is not created

* [KEYCLOAK-3169] - Fixing AbstractPhotozExampleAdapterTest#testClientRoleRepresentingUserConsent

* [KEYCLOAK-3169] - 403 status code only returned for non-bearer clients
 2018-02-28 08:53:10 +01:00
mhajas
e52380915b KEYCLOAK-4817 Fix instability 2018-02-27 14:35:52 +01:00
vmuzikar
08bf19d4aa KEYCLOAK-6694 Revamp OpenShift Social Login test 2018-02-27 12:28:42 +01:00
Hynek Mlnarik
1f20c03afa KEYCLOAK-6470 Refactor SAML adapter parsers 2018-02-27 09:37:29 +01:00
vmuzikar
d70e4740fc KEYCLOAK-6693 Support external truststore in testsuite 2018-02-27 07:45:21 +01:00
Bill Burke
aa089980ce
Merge pull request #4942 from mstruk/KEYCLOAK-5807 
KEYCLOAK-5807 Intermittent failures in UserStorageTest
 2018-02-26 12:14:38 -05:00
mhajas
fe1c447d9a KEYCLOAK-6546 Run filter test on WebLogic and WebSphere 2018-02-26 15:47:13 +01:00
Hynek Mlnarik
bde9210fa3 KEYCLOAK-6692 Fix LogoutTest on Oracle 2018-02-26 15:45:55 +01:00
mhajas
e2ad59a74d KEYCLOAK-4816 KEYCLOAK-4817 Move javascript tests to base testsuite and (#4964) 
* KEYCLOAK-4816 KEYCLOAK-4817 Move javascript tests to base testsuite and
use JavascriptExecutor

* Use PhantomJS 2.1.1 instead of 1.9.8 in Travis CI
 2018-02-26 10:49:05 +01:00
Hynek Mlnarik
e7cdb8ad54 KEYCLOAK-6473 KEYCLOAK-6472 SAML parser refactor + protocol parsers 2018-02-23 08:16:14 +01:00
pedroigor
8112c5d3f2 [KEYCLOAK-6492] - Migrate authorization package from old testsuite 2018-02-22 09:05:40 +01:00
Erlend Hamnaberg
208ecbc3f7 KEYCLOAK-6676: Fix NPE if the redirect_uri parameter is missing 2018-02-21 19:44:22 +01:00
pedroigor
61d5425fdf [KEYCLOAK-6321] - Tests 2018-02-21 19:41:44 +01:00
Bruno Oliveira
f351db608e [KEYCLOAK-6334] Minor typo: "read only" should be "read-only" 2018-02-20 20:18:16 +01:00
mposolda
fc463ae50b KEYCLOAK-6617 Offline token logout did not invalidate user session 2018-02-19 08:49:05 +01:00
cgol
86a8addf49 KEYCLOAK-6615 Remove offline session from database on offline token logout 
remove offline token from database on offline session logout
 2018-02-19 08:49:05 +01:00
stianst
9b63cd35f0 KEYCLOAK-6431 2018-02-13 19:38:46 +01:00
Bill Burke
5d5373454c
Merge pull request #4991 from patriot1burke/challenge-support 
KEYCLOAK-6355
 2018-02-13 09:38:45 -05:00
Bill Burke
d6788a0839 finish 2018-02-10 13:38:39 -05:00
mhajas
2b65adc15f KEYCLOAK-6309 Fix tests 
Add trustore to war even if ssl is not enabled because HttpClient is configured with truststore
 2018-02-09 10:24:58 +01:00
Bruno Oliveira
b91998a0d8 [KEYCLOAK-6111] 'Override User-Initiated Action Lifespan' admin GUI can break realm configuration 2018-02-09 06:36:23 -02:00
stianst
505cf5b251 KEYCLOAK-6519 Theme resource provider 2018-02-09 08:28:59 +01:00
Hynek Mlnarik
c07b60d527 KEYCLOAK-6474 Fix NPE on SAML logout 2018-02-07 08:05:36 +01:00
Hynek Mlnarik
b3766576d7 KEYCLOAK-6146 Simplify test via RealmCreator 2018-02-06 09:28:07 +01:00
vmuzikar
c8c86d2bad KEYCLOAK-6510 Fix StackOverflow social login test 2018-02-05 17:16:33 +01:00
Marko Strukelj
62a9d4ea91 KEYCLOAK-5807 Under daily eviction policy user entries not returned from cache when they should 2018-02-02 19:27:23 +01:00
vmuzikar
340afb2a50 KEYCLOAK-6450 Stabilize WelcomePageTest 2018-02-02 13:08:52 +01:00
vmuzikar
46ebff2163 KEYCLOAK-6331 Fix and stabilize Console UI tests 2018-02-02 11:58:47 +01:00
Pavel Drozd
9382439a05
Merge pull request #4944 from mhajas/KEYCLOAK-4751 
KEYCLOAK-4751 Fix tests on EAP6 and add test for EAP7
 2018-02-02 11:13:07 +01:00
vramik
019c3c9ef9 KEYCLOAK-6146 realm import fails when password policy is specified 2018-02-02 08:30:06 +01:00
Thomas Darimont
77334af34e KEYCLOAK-6222 Check syntax for errors on ScriptBasedOIDCProtocolMapper validation 
We now explicitly check for syntax errors
during validation of ScriptBasedOIDCProtocolMappers.
 2018-02-02 08:28:27 +01:00
Bill Burke
8f09efab9d
Merge pull request #4949 from patriot1burke/client-storage-spi 
KEYCLOAK-6228
 2018-02-01 08:59:02 -05:00
mhajas
c34db4cf01 KEYCLOAK-6309 Configure HTTPClient in keycloak-saml.xml 2018-02-01 09:59:08 +01:00
Bill Burke
126dd70efc client stat improvement 2018-01-31 13:05:13 -05:00
Vlastimil Elias
a5f675d693 KEYCLOAK-4937 - convert time units in emails into human-friendly format 2018-01-30 06:38:57 +01:00
Bill Burke
4a044fe867 add ofline token test 2018-01-29 17:08:13 -05:00
Bill Burke
0fc7fa557d fix caching 2018-01-29 16:26:51 -05:00
Bill Burke
79f9de9de4 Merge remote-tracking branch 'upstream/master' into client-storage-spi 2018-01-29 12:28:26 -05:00
Bill Burke
4bf23cc83a caching 2018-01-29 12:28:17 -05:00
mhajas
2a2f255640 KEYCLOAK-4793 Fix authorization services maven scanner properties in base testsuite for product 2018-01-29 09:18:20 +01:00
Bill Burke
1d8e38f0c6 admin console 2018-01-27 13:05:02 -05:00
Bill Burke
dd4c0d448c Merge remote-tracking branch 'upstream/master' into client-storage-spi 2018-01-27 09:47:41 -05:00
Bill Burke
6b84b9b4b6 done 1st iteration 2018-01-27 09:47:16 -05:00
mhajas
8ac7d1deca KEYCLOAK-4751 Fix tests on EAP6 and add test for EAP7 2018-01-26 11:25:33 +01:00
Takashi Norimatsu
502627f590 KEYCLOAK-5811 Client Authentication by JWS Client Assertion in client secret 2018-01-26 10:59:40 +01:00
vmuzikar
806b554fb2 Social login test for GitHub with private email 2018-01-25 20:56:24 +01:00
vramik
b0fbe5c8ba KEYCLOAK-6300 List of group members is not sorted alphabetically 2018-01-25 20:21:03 +01:00
Bill Burke
7c66f76858
Merge pull request #4932 from patriot1burke/per-client-flow 
KEYCLOAK-6335
 2018-01-25 09:55:11 -05:00
Douglas Palmer
42759be6ff [KEYCLOAK-6143] Remove Hmac prefix from algorithms in the OTP manual config pages 2018-01-25 07:10:30 +01:00
Douglas Palmer
0f1644e612 [KEYCLOAK-6142] Updated OTP manual config pages to reflect HOTP 2018-01-25 07:09:24 +01:00
Bill Burke
4bfb62d7f4 marek suggested fixes 2018-01-24 09:32:38 -05:00
mposolda
6369c26671 KEYCLOAK-6286 Adding 'Exclude Session State From Authentication Response' switch to fix backwards compatibility with Keycloak 2.X adapters 2018-01-24 11:35:13 +01:00
Thomas Recloux
71e0b00600 KEYCLOAK-5857 Supports PBKDF2 hashes with different key size 
The original use case is to support imported credentials with a different key size without
implementing a totally new PasswordHashProvider
 2018-01-24 09:02:37 +01:00
Bill Burke
be65c14a6a fix provider test 2018-01-23 13:03:45 -05:00
Bill Burke
7b2e72d395 Merge remote-tracking branch 'upstream/master' into per-client-flow 2018-01-23 12:10:11 -05:00
Bill Burke
a9297df89c KEYCLOAK-6335 2018-01-23 12:09:49 -05:00
Hynek Mlnarik
4ba72e2d2d KEYCLOAK-5976 Fix client setting in brokered IdP-initiated scenario 2018-01-23 09:34:11 +01:00
stianst
f762173eb0 KEYCLOAK-3370 Add option to override theme in client template and client 2018-01-18 09:14:13 +01:00
Thomas Darimont
bae4d4c673 KEYCLOAK-5791 Allow multi-valued ScriptBasedOIDCProtocolMapper 
We now support multi-valued attribute values for the
`ScriptBasedOIDCProtocolMapper`.
Previously the `ScriptBasedOIDCProtocolMapper` only supported
single valued output. If a script returned a list of
output values then only the first value was emitted to the token.

By default multi-valued is set to `false` / `off`.
 2018-01-11 08:52:24 +01:00
mhajas
a77be7eb7b KEYCLOAK-5503 Remove redirecting to error page for AutodetectBearerOnly client 2018-01-09 16:34:18 +01:00
Hynek Mlnarik
b5fc6045fd KEYCLOAK-6106 Put dotless ids first in identity broker state 2018-01-02 21:31:49 +01:00
stianst
d8c0cc447f KEYCLOAK-6090 Add missing cors headers with invalid username/password and resource owner grant 2018-01-02 15:15:15 +01:00
Marko Strukelj
23d0afbfd8 KEYCLOAK-6058 Partial import should ignore built-in clients 2017-12-21 13:52:58 +01:00
stianst
f0c5752ef9 KEYCLOAK-5443 Fix update user account when both email as username and edit username are enabled 2017-12-20 14:40:03 +01:00
Martin Kanis
351dbffaf2 KEYCLOAK-5172 Set oidc as default protocol to clients 2017-12-20 13:38:12 +01:00
Bruno Oliveira
811cd3a04a KEYCLOAK-6011 2017-12-20 13:37:11 +01:00
stianst
e96c6a4bcb KEYCLOAK-6068 Fix preflight request on admin endpoints 2017-12-20 10:19:34 +01:00
mposolda
5a66f577eb KEYCLOAK-5982 Fix NPEs when client 'account' was renamed/removed 2017-12-18 21:47:17 +01:00
stianst
27b5e1aae2 KEYCLOAK-6050 Fix export doesn't export internal realm rep 2017-12-18 13:15:42 +01:00
stianst
b303acaaba KEYCLOAK-2120 Added manual setup page for OTP 2017-12-18 11:20:20 +01:00
Bill Burke
b5ae7e836d smaller times 2017-12-16 13:18:41 -05:00
Bill Burke
a27097e9ef reset defaults 2017-12-16 11:28:15 -05:00
Bill Burke
003f27e9bd fix more 2017-12-16 08:31:33 -05:00
Bill Burke
76cccc3f2b fix more 2017-12-16 08:29:58 -05:00
Bill Burke
80be4c9dbc fix more 2017-12-16 07:12:32 -05:00
Bill Burke
1eec2747ef fix stupidity 2017-12-15 15:31:14 -05:00
Bill Burke
7cb39c2dfc KEYCLOAK-5420 2017-12-15 12:16:24 -05:00
stianst
a8943fb323 KEYCLOAK-6043 Use same urls for get and posts in account 2017-12-15 08:31:04 +01:00
Bruno Oliveira
1a541889f4 [KEYCLOAK-6015] replyTo can be empty string in DB 2017-12-15 07:01:15 +01:00
stianst
b672229efc KEYCLOAK-6032 Fix error page when internationalization is enabled 2017-12-15 06:32:00 +01:00
Hynek Mlnarik
2a2e6c839b KEYCLOAK-5635 2017-12-13 21:07:46 +01:00
stianst
f939818252 KEYCLOAK-5907 Use client manager to delete clients in client registration services 2017-12-12 14:25:05 +01:00
mposolda
b8416dfa3e KEYCLOAK-5981 Test Impersonation works when authenticationSession exists 2017-12-12 09:43:34 +01:00
mposolda
63efee6e15 KEYCLOAK-5938 Authentication sessions: Support for logins of multiple tabs of same client 2017-12-12 08:01:02 +01:00
Pavel Drozd
047fdb55a2
Merge pull request #4803 from mhajas/KEYCLOAK-5896 
KEYCLOAK-5896 Run localization test only in community
 2017-12-12 00:09:02 +01:00
Pavel Drozd
be36f5358c
Merge pull request #4802 from mhajas/KEYCLOAK-5986 
KEYCLOAK-5986 Fix token javacsript tests
 2017-12-12 00:07:16 +01:00
stianst
dac6c6bd7e KEYCLOAK-6000 Fix output in execute actions email 2017-12-11 14:24:37 +01:00
Bill Burke
c9b218db71
Merge pull request #4823 from patriot1burke/master 
KEYCLOAK-5724
 2017-12-08 20:03:05 -05:00
Bill Burke
7c031505e2 add test 2017-12-08 17:38:00 -05:00
Hynek Mlnarik
00fb36437d KEYCLOAK-5861 Remove AUTH_SESSION_ID when END_AFTER_REQUIRED_ACTIONS set 2017-12-08 09:52:14 +01:00
Hynek Mlnarik
4a012b73ea KEYCLOAK-4998 Fix NPE in AttributeToRoleMapper 2017-12-08 09:21:21 +01:00
Pavel Drozd
e567dcb888
Merge pull request #4809 from vramik/KEYCLOAK-4641 
KEYCLOAK-4641 migrate remaining Adapter tests from old testsuite
 2017-12-07 11:06:47 +01:00
stianst
c055ffb083 KEYCLOAK-4215 Consider session expiration when setting token timeouts 2017-12-07 10:45:02 +01:00
stianst
cccddebfd0 KEYCLOAK-5984 Fix error message in client initiated 2017-12-06 19:46:11 +01:00
vramik
5a8ff72cb6 KEYCLOAK-4641 migrate remaining Adapter tests from old testsuite 2017-12-06 15:12:37 +01:00
mposolda
8a0fa521c4 KEYCLOAK-5915 Support for sticky sessions managed by loadbalancer. Support for KeyAffinityService 2017-12-06 13:06:54 +01:00
mhajas
09348b2aff KEYCLOAK-5896 Run localization test only in community 2017-12-06 10:09:46 +01:00
mhajas
896e216f99 KEYCLOAK-5986 Fix token javacsript tests 2017-12-06 10:08:32 +01:00
mposolda
6c34b4c418 KEYCLOAK-5914 Periodic clean of detached client sessions 2017-12-05 08:25:30 +01:00
stianst
c3d9f4704e KEYCLOAK-5946 Make sure wildcard origin is never returned 2017-12-04 19:55:34 +01:00
stianst
4541acc628 KEYCLOAK-5176 Strip headers from PEM when uploading to client 2017-12-04 19:54:15 +01:00
mposolda
ff6fcd30d9 KEYCLOAK-4478 OIDC auth response lacks session_state in some cases 2017-12-04 16:13:22 +01:00
mposolda
7b03eed9c8 KEYCLOAK-5797 Refactoring authenticationSessions to support login in multiple browser tabs with different clients 2017-11-30 12:56:45 +01:00
Peter Nalyvayko
b8e5fd2b99 KC-4335: working on adding a reverse proxy support to allow X.509 client certificate authentication when running keycloak behind a reverse proxy 
KC-4335: reverse proxy => a swtich to change a type of reverse proxy when running the X509 integration tests; changes to the names of the reverse proxy providers

KC-4335: updated the migration scripts to add x509 spi to standalone and domain configurations; removed the HAproxy and apache x509 spi configuration
 2017-11-30 11:00:32 +01:00
pedroigor
674fb31a2c [KEYCLOAK-5660] - Rest API User count returns wrong value 2017-11-30 10:45:54 +01:00
Bruno Oliveira
6a528a3ee6 [KEYCLOAK-2645] Reset password page says 'You need to change your password to activate your account.' 2017-11-30 10:37:21 +01:00
stianst
2be78a0239 KEYCLOAK-5924 Add error handler for uncaught errors 2017-11-30 10:33:13 +01:00
Pavel Drozd
4408cdb5c7
Merge pull request #4756 from tkyjovsk/KEYCLOAK-5922 
KEYCLOAK-5922 Cluster tests don't work with non-undertow server
 2017-11-30 09:24:39 +01:00
Bruno Oliveira
af66c5dbd2 [KEYCLOAK-5483] X.509 Auth - log in attempt is not sometimes logged in the Login Events 2017-11-29 20:08:22 +01:00
Tomas Kyjovsky
4240295af9 KEYCLOAK-5922 Cluster tests don't work with non-undertow server 2017-11-28 17:35:13 +01:00
Bill Burke
0a8995efc7
Merge pull request #4747 from mstruk/KEYCLOAK-5741 
KEYCLOAK-5741 [Admin CLI] Fix instructions in build-in help
 2017-11-28 08:57:29 -05:00
Bill Burke
c398f6619f
Merge pull request #4748 from mstruk/KEYCLOAK-5762 
KEYCLOAK-5762 [Client Registration CLI] Fix instructions in built-in help
 2017-11-28 08:57:15 -05:00
Stian Thorgersen
cf485c3fc9 KEYCLOAK-5308 Fix updating protocol mappers on Oracle 2017-11-27 19:46:12 +01:00
Stian Thorgersen
5666bfe88b KEYCLOAK-4962 Fix updating mappers for identity providers on Oracle 2017-11-27 19:46:12 +01:00
Marko Strukelj
c35c6e6ab7 KEYCLOAK-5762 [Client Registration CLI] Fix instructions in built-in help 2017-11-27 17:00:48 +01:00
Marko Strukelj
0e2332196d KEYCLOAK-5741 [Admin CLI] Fix instructions in build-in help 2017-11-27 16:12:00 +01:00
Pavel Drozd
a8bcdfb401
Merge pull request #4735 from vmuzikar/fix-ui 
KEYCLOAK-5816, KEYCLOAK-5815 UI tests fixes
 2017-11-27 15:12:35 +01:00
Bruno Oliveira
9d35891e7d [KEYCLOAK-5467] X.509 Auth - missing internationalization support 2017-11-27 13:44:38 +01:00
Bruno Oliveira
00677a6b92 [KEYCLOAK-5898] X.509 Auth - add tests for CRL with direct grant 2017-11-27 13:43:37 +01:00
Bruno Oliveira
697caaa805 [KEYCLOAK-4683] Add key usage tests for X.509 Authentication 
These tests cover the scenarios already available at our certificates:
* Key Usage with the flag critical
* Extended Key Usage without the flag critical
 2017-11-27 13:42:57 +01:00
Marek Posolda
dd6502013e
Merge pull request #4734 from rmartinc/ui_locales 
KEYCLOAK-5896: Parameter "ui_locales" not redirected to login page in java adapters
 2017-11-24 10:59:26 +01:00
rmartinc
ecbf6e5386 KEYCLOAK-5896: adding a test for the ui_locales change. 2017-11-24 08:21:37 +01:00
pedroigor
2721e6a5e4 [KEYCLOAK-5770] - Logout event test 2017-11-23 21:08:07 +01:00
mposolda
6d91ab674b KEYCLOAK-5895 CrossDC: NotSerializableException when opening sessions tab in admin console 2017-11-23 20:03:12 +01:00
vmuzikar
6f4ab8870e KEYCLOAK-5816, KEYCLOAK-5815 UI tests fixes 2017-11-23 13:51:38 +01:00
Pavel Drozd
94ba85c210
Merge pull request #4720 from vramik/KEYCLOAK-5872 
KEYCLOAK-5872 add preview assumption to InvalidationCrossDCTest.authz…
 2017-11-23 07:42:31 +01:00
Bill Burke
2117db5e6d
Merge pull request #4730 from patriot1burke/master 
KEYCLOAK-4715
 2017-11-22 12:45:23 -05:00
Bill Burke
116bfb05c2 fix 2017-11-22 11:55:10 -05:00
Bill Burke
aee6d16f58 fix more stupidity 2017-11-22 10:22:47 -05:00
Bill Burke
ae29e36e1f fix my stupidity 2017-11-22 08:19:30 -05:00
mposolda
bd1072d2eb KEYCLOAK-5747 Ensure refreshToken doesn't need to send request to the other DC. Other fixes and polishing 2017-11-22 11:55:12 +01:00
Bill Burke
75d517a1e8 cleanup test 2017-11-21 21:49:51 -05:00
Bill Burke
8993ca08ad KEYCLOAK-4715 2017-11-21 17:46:48 -05:00
vmuzikar
7fd237b40b KEYCLOAK-5879 Fix SocialLoginTest with -Pauth-server-wildfly 2017-11-21 11:12:21 +01:00
Bill Burke
06762ba13d KEYCLOAK-5878 2017-11-20 17:03:28 -05:00
vramik
37b625fd99 KEYCLOAK-5872 add preview assumption to InvalidationCrossDCTest.authzResourceInvalidationTest 2017-11-20 11:30:44 +01:00
Bruno Oliveira
641069d4fd [KEYCLOAK-5866] MigrationTest fails for extracting realm keys 2017-11-16 19:44:09 +01:00
Bruno Oliveira
07aa718cb9 [KEYCLOAK-5379] MigrationTest fails for migration to 3.3.0 2017-11-16 07:22:57 +01:00
Pedro Igor
f96c3312e2 [KEYCLOAK-5841] - Test 2017-11-16 07:03:08 +01:00
Hynek Mlnařík
393fae74b3
Merge pull request #4693 from hmlnarik/KEYCLOAK-5349-JS-client-breaks-login-session 
KEYCLOAK-5349 User session count in IdP-initiated flow tests
 2017-11-15 12:35:19 +01:00
Hynek Mlnarik
a2f6c16764 KEYCLOAK-5349 User session count in IdP-initiated flow tests 2017-11-15 11:41:45 +01:00
Pedro Igor
63a01b1e1f
Merge pull request #4689 from pedroigor/KEYCLOAK-5844 
[KEYCLOAK-5844] - Refreshing PAT instead of obtaining a new one every time
 2017-11-14 18:25:24 -02:00
Pedro Igor
fdb618219f [KEYCLOAK-5844] - Refreshing PAT instead of obtaining a new one every time 2017-11-14 11:24:45 -02:00
Stian Thorgersen
89f4b87038 KEYCLOAK-5567 Set correct status code on login error pages 2017-11-14 12:33:29 +01:00
Bruno Oliveira
03d0488335 [KEYCLOAK-2052] Allows independently set timeouts for e-mail verification link and rest e.g. forgot password link 
Co-authored-by: Hynek Mlnarik <hmlnarik@redhat.com>
 2017-11-13 19:57:04 -02:00
Stian Thorgersen
925d5e1dea KEYCLOAK-3173 enable logout offline refresh token using OIDC logout endpoint 2017-11-13 18:23:39 +01:00
Stian Thorgersen
d30bf938ee KEYCLOAK-5821 Fix basic auth tests with embedded Undertow 2017-11-13 16:34:25 +01:00
Pavel Drozd
af97a84108
Merge pull request #4635 from vmuzikar/fix-x509 
KEYCLOAK-5720 Fix X.509 tests
 2017-11-13 11:56:16 +01:00
Stian Thorgersen
4295f4ec31 KEYCLOAK-1886 Added cors headers to errors in token endpoint 2017-11-10 12:01:21 +01:00
mposolda
b033ce0669 KEYCLOAK-5371 SessionExpirationCrossDCTest - improve stability. Remove checks for counts of sent messages 2017-11-09 22:18:47 +01:00
mposolda
a98f085be6 KEYCLOAK-5618 Fix SessionsPreloadCrossDCTest. Update HOW-TO-RUN docs. Ensure it's executed in travis. 2017-11-09 17:39:04 +01:00
Marko Strukelj
dae0fafc8a KEYCLOAK-5040 ProfileAssume needs to use server info endpoint 2017-11-09 14:19:06 +01:00
Bruno Oliveira
26e253f4a5 [KEYCLOAK-5284] 2017-11-09 13:45:06 +01:00
Marko Strukelj
2854a2006e KEYCLOAK-5810 ClientTokenExchangeTest failures with -Pproduct profile 2017-11-09 13:44:10 +01:00
vmuzikar
2c2a332f80 KEYCLOAK-5332 Fix GitLab social test 2017-11-09 07:19:01 +01:00
mposolda
62a1c187a2 KEYCLOAK-5716 KEYCLOAK-5738 Avoid infinispan deadlock. Ensure code-to-token works correctly in cross-dc 2017-11-07 09:01:59 +01:00
Hynek Mlnarik
fe2f65daac KEYCLOAK-5581 Fix SAML identity broker context serialization 2017-11-03 21:09:18 +01:00
vmuzikar
ef8adc15f4 KEYCLOAK-5720 Fix X.509 tests 2017-11-03 17:09:46 +01:00
Pedro Igor
3716fa44ac [KEYCLOAK-5728] - Permission Claims support 2017-10-27 12:40:30 -02:00
Hynek Mlnařík
248da4687a Merge pull request #4610 from hmlnarik/KEYCLOAK-5745-Extract-client-sessions-from-user-sessions 
KEYCLOAK-5745 Separate user and client sessions in infinispan
 2017-10-26 13:09:06 +02:00
Hynek Mlnarik
75c354fd94 KEYCLOAK-5745 Separate user and client sessions in infinispan 2017-10-26 10:39:41 +02:00
Bill Burke
903a4dd849 Merge pull request #4612 from patriot1burke/master 
KEYCLOAK-5273
 2017-10-25 13:54:32 -04:00
Bill Burke
de6eab6d5d fix 2017-10-25 13:00:58 -04:00
Bill Burke
8c1a3253fb KEYCLOAK-5273 2017-10-25 10:31:11 -04:00
Bruno Oliveira da Silva
375e01a074 KEYCLOAK-5278 (#4606) 2017-10-25 15:27:24 +02:00
Bill Burke
50ccb5e5f6 Merge pull request #4591 from abstractj/KEYCLOAK-5717 
KEYCLOAK-5717
 2017-10-24 17:38:28 -04:00
Pedro Igor
1840cc54e4 Merge pull request #4601 from pedroigor/KEYCLOAK-5726 
[KEYCLOAK-5726] - Support define enforcement mode for scopes on the adapter config
 2017-10-24 12:51:52 -02:00
Pedro Igor
80e9b08bb6 [KEYCLOAK-5726] - Tests for scopes-enforcement-mode ALL and ANY 2017-10-24 11:37:41 -02:00
Bruno Oliveira
4d762159ef KEYCLOAK-5717 2017-10-24 10:55:02 -02:00
Hynek Mlnařík
8e0cc2a5ea Merge pull request #4605 from mposolda/master 
KEYCLOAK-5710 Change cache-server to use backups based caches
 2017-10-24 14:40:01 +02:00
Pedro Igor
a6e1413d58 [KEYCLOAK-5726] - Support define enforcement mode for scopes on the adapter configuration 2017-10-24 10:39:54 -02:00
Pavel Drozd
a4ec32ba66 Merge pull request #4602 from vramik/KEYCLOAK-5244 
KEYCLOAK-5244 fix PasswordPolicyTest.testBlacklistPasswordPolicyWithT…
 2017-10-24 14:17:35 +02:00
mposolda
9a19e95b60 KEYCLOAK-5710 Change cache-server to use backups based caches 2017-10-24 11:52:08 +02:00
Stan Silvert
9083e5fe5c KEYCLOAK-5298: Enable autoescaping in Freemarker (#4561) 
* KEYCLOAK-5298: Enable autoescaping in Freemarker

* Fix several of the failing tests.

* Fix broken tests in integration-deprecated

* Fix last failing test.
 2017-10-23 12:03:00 -04:00
Stian Thorgersen
9b75b603e3 KEYCLOAK-5234 (#4585) 2017-10-23 16:13:22 +02:00
vramik
a3a1761eb7 KEYCLOAK-5244 fix PasswordPolicyTest.testBlacklistPasswordPolicyWithTestBlacklist on Wildfly 2017-10-23 12:11:36 +02:00
Bill Burke
73ba06b26b Merge pull request #4590 from patriot1burke/master 
KEYCLOAK-5698
 2017-10-20 14:58:07 -04:00
Bill Burke
92245e3fc8 fixes 2017-10-20 09:55:37 -04:00
Hynek Mlnarik
3248557897 KEYCLOAK-5707 Have travis run cross-dc tests when appropriate 2017-10-19 13:29:26 +02:00
Stian Thorgersen
d9ffc4fa21 KEYCLOAK-5225 (#4577) 
KEYCLOAK-5225 fix test

Fix
 2017-10-19 08:23:16 +02:00
Stian Thorgersen
fea4c54adc KEYCLOAK-5280 (#4576) 2017-10-19 08:02:23 +02:00
Pedro Igor
cedc095a9c [KEYCLOAK-4550] - Test invalid configuration for user policy 2017-10-18 18:42:55 -02:00
Thomas Darimont
3103e0fd0a KEYCLOAK-5244 Add BlacklistPasswordPolicyProvider (#4370) 
* KEYCLOAK-5244 Add BlacklistPasswordPolicyProvider

This introduces a new PasswordPolicy which can refer to
a named predefined password-blacklist to avoid users
choosing too easy to guess passwords.

The BlacklistPasswordPolicyProvider supports built-in as
well as custom blacklists.
built-in blacklists use the form `default/filename`
and custom ones `custom/filename`, where filename
is the name of the found blacklist-filename.

I'd propose to use some of the freely available password blacklists
from the [SecLists](https://github.com/danielmiessler/SecLists/tree/master/Passwords) project.

For testing purposes one can download the password blacklist
```
wget -O 10_million_password_list_top_1000000.txt https://github.com/danielmiessler/SecLists/blob/master/Passwords/10_million_password_list_top_1000000.txt?raw=true
```
to /data/keycloak/blacklists/

Custom password policies can be configured with the SPI
configuration mechanism via jboss-cli:
```
/subsystem=keycloak-server/spi=password-policy:add()
/subsystem=keycloak-server/spi=password-policy/provider=passwordBlacklist:add(enabled=true)
/subsystem=keycloak-server/spi=password-policy/provider=passwordBlacklist:write-attribute(name=properties.blacklistsFolderUri, value=file:///data/keycloak/blacklists/)
```

Password blacklist is stored in a TreeSet.

* KEYCLOAK-5244 Encode PasswordBlacklist as a BloomFilter

We now use a dynamically sized BloomFilter with a
false positive probability of 1% as a backing store
for PasswordBlacklists.

BloomFilter implementation is provided by google-guava
which is available in wildfly.

Password blacklist files are now resolved against
the ${jboss.server.data.dir}/password-blacklists.

This can be overridden via system property, or SPI config.
See JavaDoc of BlacklistPasswordPolicyProviderFactory for details.

Revised implementation to be more extensible, e.g. it could be
possible to use other stores like databases etc.

Moved FileSystem specific methods to FileBasesPasswordBlacklistPolicy.

The PasswordBlacklistProvider uses the guava version 20.0
shipped with wildfly. Unfortunately the arquillian testsuite
transitively depends on guava 23.0 via the selenium-3.5.1
dependency. Hence we need to use version 23.0 for tests but 20.0
for the policy provider to avoid NoClassDefFoundErrors in the
server-dist.

Configure password blacklist folder for tests

* KEYCLOAK-5244 Configure jboss.server.data.dir for test servers

* KEYCLOAK-5244 Translate blacklisted message in base/login
 2017-10-17 20:41:44 +02:00
Hynek Mlnarik
056ba75a72 KEYCLOAK-5656 Use standard infinispan remote-store 2017-10-16 21:49:42 +02:00
Bill Burke
31dccc9a5e Merge pull request #4509 from TeliaSoneraNorge/KEYCLOAK-5032 
KEYCLOAK-5032 Forward request parameters to another IdP
 2017-10-13 18:47:05 -04:00
Bill Burke
c66ce3a209 Merge pull request #4559 from micedre/KEYCLOAK-4052bis 
KEYCLOAK-4052 - add an option to validate Password Policy for ldap user storage
 2017-10-13 18:44:57 -04:00
Bill Burke
46d3ed7832 Merge remote-tracking branch 'upstream/master' 2017-10-13 17:00:57 -04:00
Bill Burke
d9af93850c KEYCLOAK-5683, KEYCLOAK-5684, KEYCLOAK-5682, KEYCLOAK-5612, KEYCLOAK-5611 2017-10-13 16:51:56 -04:00
Cédric Couralet
656fc5d7c0 KEYCLOAK-4052 - add an option to validate Password Policy for ldap user storage 2017-10-13 13:54:50 +02:00
mposolda
1874820008 KEYCLOAK-5371 Fix ConcurrentLoginCrossDCTest.concurrentLoginWithRandomDcFailures 2017-10-11 13:02:55 +02:00
mposolda
f5ff24ccdb KEYCLOAK-5371 Fix SessionExpirationCrossDCTest, Added ExecutorsProvider. Debug support for cache-servers in tests 2017-10-10 22:30:44 +02:00
Bill Burke
b0464f1751 Merge remote-tracking branch 'upstream/master' 2017-10-10 09:10:04 -04:00
Bill Burke
5bd4ea30ad rev 2017-10-10 09:09:51 -04:00
Marek Posolda
d336667972 Merge pull request #4527 from Hitachi/master 
OIDC Financial API Read Only Profile : scope MUST be returned in the response from Token Endpoint
 2017-10-10 11:37:45 +02:00
Carl Kristian Eriksen
50dd07217d KEYCLOAK-5032 Forward request parameters to another IdP 
Forwarding of prompt and acr_values, if provided in the authorization request.
If prompt is set in the configuration for the identity provider, the configuration overrules the request parameter.
 2017-10-09 16:15:27 +02:00
Marek Posolda
c6483f8b1e Merge pull request #4523 from abustya/master 
KEYCLOAK-5616 Processing of claims parameter
 2017-10-09 11:14:23 +02:00
Bill Burke
c8516c2349 support social external exchange 2017-10-06 16:44:26 -04:00
Hynek Mlnařík
00ddf03ad3 Merge pull request #4538 from vramik/KEYCLOAK-5586 
KEYCLOAK-5586 increase startup timeout for jboss containers
 2017-10-06 10:46:49 +02:00
vramik
940715a975 KEYCLOAK-5586 increase startup timeout for jboss containers 2017-10-06 10:06:26 +02:00
Pavel Drozd
945404be24 Merge pull request #4532 from vmuzikar/fix-twitter-test 
KEYCLOAK-5632 Fix Twitter social test
 2017-10-05 13:30:02 +02:00
Stian Thorgersen
698483ee17 Missing test (#4537) 2017-10-05 13:27:15 +02:00
Vaclav Muzikar
eab047c130 KEYCLOAK-5632 Fix Twitter social test 2017-10-04 15:29:28 +02:00
mposolda
bca4c35708 KEYCLOAK-5371 Fix ActionTokenCrossDCTest and BruteForceCrossDCTest 2017-10-04 13:25:45 +02:00
Pavel Drozd
98c63bc195 Merge pull request #4502 from mhajas/KEYCLOAK-5555 
KEYCLOAK-5555 Use driver from function argument for URL Asserts
 2017-10-04 08:00:45 +02:00
Takashi Norimatsu
6f6a467c7b OIDC Financial API Read Only Profile : scope MUST be returned in the 
response from Token Endpoint
 2017-10-04 12:59:49 +09:00
Áron Bustya
c2ffaa0777 Merge remote-tracking branch 'keycloak/master' 2017-10-03 14:53:40 +02:00
Áron Bustya
632414cc92 process claims parameter 
also support parsing from request object
 2017-10-03 14:51:46 +02:00
vramik
f806d4a5d6 KEYCLOAK-5586 Add support for testing cross dc tests on jboss-based containers 2017-10-03 14:01:45 +02:00
Bruno Oliveira da Silva
da72968085 KEYCLOAK-4401: Wrong message when a temporarily disabled user requests password reset (#4506) 2017-10-03 06:28:34 +02:00
Marek Posolda
faa5ec5125 Merge pull request #4520 from mposolda/master 
KEYCLOAK-5440 RestartLoginCookie field 'cs' not marked ignorable
 2017-10-02 20:03:34 +02:00
filipelautert
c4cc752e18 Fixing tests for Oracle (#4481) 2017-10-02 14:59:33 +02:00
mposolda
4a7013d550 KEYCLOAK-5440 RestartLoginCookie field 'cs' not marked ignorable 2017-10-02 14:19:27 +02:00
Bruno Oliveira da Silva
bb0bccc3c0 [KEYCLOAK-5486] Test email connection feature does not work the second time (#4517) 2017-10-02 13:14:50 +02:00
mposolda
7d641baf4e KEYCLOAK-5570 Added InvalidationCrossDCTest 2017-09-29 19:36:40 +02:00
Marek Posolda
13fe9e7cf8 Merge pull request #4510 from glavoie/KEYCLOAK-3303 
KEYCLOAK-3303: Allow reuse of refresh tokens.
 2017-09-29 17:07:45 +02:00
mposolda
3b6e1f4e93 KEYCLOAK-5007 Used single-use cache for tracke OAuth code. OAuth code changed to be encrypted and signed JWT 2017-09-29 13:20:22 +02:00
Gabriel Lavoie
134daeac7f KEYCLOAK-3303: Allow reuse of refresh tokens. 
- Configurable max reuse count.
 2017-09-28 15:30:40 -04:00
mhajas
01187901ea KEYCLOAK-5555 Use driver from function argument for URL Asserts 2017-09-27 10:09:46 +02:00
Bill Burke
fd025ae76b Merge pull request #4209 from guitaro/feature/group-search-and-pagination 
[KEYCLOAK-2538] - groups pagination and group search
 2017-09-23 20:52:19 -04:00
Bill Burke
9034708c99 Merge pull request #4474 from hmlnarik/KEYCLOAK-5254-NPE-in-SAMLIdentityProvider 
KEYCLOAK-5254 Fix NPE - NameID format is optional
 2017-09-23 20:39:50 -04:00
Bill Burke
537081ec9d Merge pull request #4494 from patriot1burke/master 
KEYCLOAK-5516
 2017-09-22 16:38:13 -04:00
Bill Burke
3020a04a8b Merge pull request #4490 from Fiercely/master 
Keycloak 2035
 2017-09-22 16:13:22 -04:00
Thomas Darimont
236b2b9273 KEYCLOAK-3599 Add Script based OIDC ProtocolMapper 2017-09-22 21:24:20 +02:00
Bill Burke
9d452b4bc3 Merge remote-tracking branch 'upstream/master' 2017-09-22 11:48:41 -04:00
Bill Burke
eb4f7f3b21 KEYCLOAK-5516 2017-09-22 11:48:30 -04:00
howcroft
e78bf5f876 Keycloak 2035 
This PR adds:
* an endpoint to Role that lists users with the Role
* a tab "Users in Role" in Admin console Role page
* it is applicable to Realm and Client Roles
* Extends UserQueryProvider with default methods (throwing Runtime Exception if not overriden)
* Testing in base testsuite and Console
 2017-09-22 15:05:49 +01:00
Bill Burke
15ddb2009d Merge pull request #4475 from mstruk/KEYCLOAK-5328 
KEYCLOAK-5328 Documentation issue for kcadm.sh set-password command
 2017-09-21 21:50:16 -04:00
Bill Burke
8ace0e68c3 KEYCLOAK-910 KEYCLOAK-5455 2017-09-21 17:15:18 -04:00
Bill Burke
ab58052a4c Merge pull request #4482 from patriot1burke/master 
KEYCLOAK-5491 KEYCLOAK-5492 KEYCLOAK-5490
 2017-09-19 14:01:40 -04:00
Pavel Drozd
c67a1d0469 Merge pull request #4483 from vmuzikar/KEYCLOAK-5495 
KEYCLOAK-5495 Update Arquillian Drone to 2.4.2
 2017-09-19 16:34:16 +02:00
Marko Strukelj
87cad0d84b KEYCLOAK-5328 Documentation issue for kcadm.sh set-password command 2017-09-18 20:01:31 +02:00
mposolda
ca92bcbf7f KEYCLOAK-5480 Cross-DC setup: Remote cache stores are connecting to Infinispan servers in both datacenters 2017-09-18 18:04:04 +02:00
Marek Posolda
fa35249afd Merge pull request #4480 from TeliaSoneraNorge/KEYCLOAK-5494 
Fix introspection error for pairwise access tokens
 2017-09-18 16:44:24 +02:00
Pedro Igor
e8ef050093 Merge pull request #4471 from pedroigor/KEYCLOAK-5095 
[KEYCLOAK-5095] - RPT should contain the RS as audience
 2017-09-18 09:32:47 -03:00
Martin Hardselius
6b687c4318 Fix offline validation errors 
Refactored token validation method to run user checks only if the user
session is valid.
 2017-09-18 11:26:57 +02:00
Vaclav Muzikar
b4aae198fc KEYCLOAK-5495 Update Arquillian Drone to 2.4.2 2017-09-18 09:52:45 +02:00
Bill Burke
2276279434 fix 2017-09-15 17:46:42 -04:00
Bill Burke
5a22b360f1 resolve conflicts 2017-09-15 16:37:35 -04:00
Bill Burke
f927ee7b4e KEYCLOAK-5491 KEYCLOAK-5492 2017-09-15 16:30:45 -04:00
Pavel Drozd
42bb09fa31 Merge pull request #4463 from vmuzikar/fix-socialtests 
KEYCLOAK-5437 Fix Facebook social login test
 2017-09-15 13:37:16 +02:00
Pavel Drozd
34b8c58c0f Merge pull request #4459 from mhajas/KEYCLOAK-5320 
KEYCLOAK-5320 Configure SSL using creaper
 2017-09-15 13:35:14 +02:00
Bill Burke
3e6adbc904 KEYCLOAK-5490 (#4477) 2017-09-15 11:36:48 +02:00
Martin Hardselius
a4315f4076 Fix introspection error for pairwise access tokens 
When access tokens containing a pairwise sub are introspected, user
related checks are using that sub to fetch the UserModel instead of
fetching the user from the UserSession. No corresponding user is found
(or possibly even another user) and the token is reported inactive.

Resolves: KEYCLOAK-5494
 2017-09-15 10:31:47 +02:00
Bill Burke
affeadf4f3 KEYCLOAK-5490 2017-09-14 21:16:50 -04:00
Hynek Mlnarik
9098105a64 KEYCLOAK-5254 Fix NPE - NameID format is optional 2017-09-14 14:59:05 +02:00
Levente NAGY
d18aa44fb4 Merge branch 'feature/group-search-and-pagination' of https://github.com/guitaro/keycloak into feature/group-search-and-pagination 2017-09-13 16:48:24 +02:00
Levente NAGY
e907da77d7 KEYCLOAK 2538 - UI group pagination - Remove junit mocked TUs, add arquillian Tests, delete mockito from poms, fix groups sorting when get result from cache 2017-09-13 16:45:45 +02:00
Pedro Igor
8b2d47dd71 [KEYCLOAK-5095] - Adding tests 2017-09-13 10:37:52 -03:00
Hisanobu Okuda
b7af96aa4d KEYCLOAK-5315 Conditional OTP enforcement does not work (#4399) 2017-09-13 06:58:59 +02:00
Martin Kanis
550e5f752a KEYCLOAK-5146 TokenEndpoint returns wrong methods for preflight requests (#4455) 2017-09-13 06:23:11 +02:00
Pedro Igor
90db6654d3 Merge pull request #4451 from glavoie/KEYCLOAK-4858-ResourceServer 
KEYCLOAK-4858: Slow query performance for client with large data volume
 2017-09-12 15:54:16 -03:00
Petter Lysne
7f8b5e032a feat: added PayPal IDP (#4449) 2017-09-12 11:57:59 +02:00
Hynek Mlnarik
24e9cbb292 KEYCLOAK-4899 Replace updates to user session with temporary auth session 2017-09-11 21:43:49 +02:00
Pavel Drozd
9032889c15 Merge pull request #4465 from vramik/KEYCLOAK-4793 
KEYCLOAK-4793 add kie.maven.settings.custom property to tests
 2017-09-11 11:55:13 +02:00
vramik
a33007afb6 KEYCLOAK-4793 add kie.maven.settings.custom property to tests 2017-09-11 11:15:38 +02:00
Vaclav Muzikar
473aefacec KEYCLOAK-5437 Fix Facebook social login test 2017-09-08 15:44:15 +02:00
mhajas
330cb022eb KEYCLOAK-5320 Configure SSL using creaper 2017-09-08 13:19:48 +02:00
vramik
0a5de1239f KEYCLOAK-5414 fix AccountRestServiceTest on undertow (#4460) 2017-09-07 09:30:20 +02:00
Gabriel Lavoie
c1664478d9 KEYCLOAK-4858: Slow query performance for client with large data volume 
- Changing RESOURCE_SERVER PK to the client ID.
- Changing FK on children of RESOURCE_SERVER.
- Use direct fetch of ResourceServer through ID/PK to avoid a lot of implicit Hibernate flush.
 2017-09-06 09:55:53 -03:00
mposolda
fe43c26829 KEYCLOAK-5248 auth_time is not updated when reauthentication is requested with 'login=prompt' 2017-09-05 12:22:30 +02:00
mposolda
30d8a7503b KEYCLOAK-5326 Test that userSession is still the same after prompt=login 2017-09-05 12:22:30 +02:00
Pedro Igor
fa6d5f0ee2 [KEYCLOAK-4653] - Identity.hasClientRole(String) and Identity.hasRole(String) break role namespaces and should be removed 2017-09-01 16:08:34 -03:00
filipelautert
e055589448 [KEYCLOAK-4778] Fix for Oracle null value when having an empty String as attribute value (#4406) 
* Add client.name as a second parameter to the title expressions in login template

* Fixing tooltip.

* pt_BR localization for admin screens.

* Reverting login.ftl

* Added all tooltip messages - even the ones not translated.
Translated around 150 messages todas.

* More translations.

* Fixing wrong edit.

* [KEYCLOAK-4778] Null check on Attribute value. This value can be null when retrieved from an Oracle database.

* [KEYCLOAK-4778] Create unit tests for empty and null values.

* [KEYCLOAK-4778] Move empty and null attributes tests to a separated test method; change tests to empty or null Strings.

* [KEYCLOAK-4778] Check if value is null and set it as empty array. In the former code if null was received it would generate an array with 1 string element ["null"]. Also if we set value as null instead of ArrayList, later when the rest call is executed it will generate the same incorrect array again.

* [KEYCLOAK-4778] Tests clean up.
 2017-08-31 06:09:41 +02:00
Wim Vandenhaute
924b4f651a KEYCLOAK-5186 createUser: set federationLink (#4316) 2017-08-31 06:07:43 +02:00
Hynek Mlnařík
e36b94d905 KEYCLOAK-5318 Verify signature on raw query parameters (#4445) 2017-08-31 05:46:26 +02:00
vramik
8bfab22417 KEYCLOAK-5049 add explicit removal of groups (#4416) 2017-08-30 08:16:00 +02:00
Stian Thorgersen
dcfa4aca8c KEYCLOAK-943 Started account rest service. Profile and sessions completed. (#4439) 2017-08-29 20:12:09 +02:00
Hynek Mlnařík
0caf93dfd9 KEYCLOAK-5336 Count on IPv6 address in tests (#4433) 2017-08-28 15:39:44 +02:00
Hynek Mlnarik
794c508b10 KEYCLOAK-4995 Support for distributed SAML logout in cross DC 2017-08-28 13:15:11 +02:00
Hynek Mlnarik
a2ccf4efa3 KEYCLOAK-5300 Fix Wildfly 10 SAML cluster tests 2017-08-28 13:15:11 +02:00
Pavel Drozd
53fe96db78 Merge pull request #4403 from mhajas/KEYCLOAK-5313 
KEYCLOAK-5313 Assume preview profile for InstallationTests
 2017-08-28 10:28:13 +02:00
Pavel Drozd
a76e4434fa KEYCLOAK-5340 - Testsuite compilation error - waitForPageToLoad without driver param 2017-08-28 09:14:45 +02:00
Pavel Drozd
e3a61c580e Merge pull request #4414 from vmuzikar/KEYCLOAK-5229-dep-update 
KEYCLOAK-5229 Update testsuite dependencies
 2017-08-28 08:07:25 +02:00
Hynek Mlnařík
9ee8f72be9 \KEYCLOAK-5335 Destination attr in SAML requests is optional (#4424) 2017-08-28 08:06:48 +02:00
Bruno Oliveira da Silva
859cd30c3a Include frame-ancestors for CSP 2 (#4413) 
Signed-off-by: Bruno Oliveira <bruno@abstractj.org>
 2017-08-28 06:46:03 +02:00
Pavel Drozd
9b858907ec Merge pull request #4402 from mhajas/KEYCLOAK-5312 
KEYCLOAK-5312 Add preview profile assumption to authz tests
 2017-08-25 11:25:00 +02:00
Stian Thorgersen
d58c6ad4e0 [KEYCLOAK-4900] Pass login_hint parameter to idp & review (#4421) 2017-08-25 10:14:38 +02:00
Bill Burke
6696c44dc0 Merge remote-tracking branch 'upstream/master' 2017-08-24 15:19:48 -04:00
Bill Burke
7a57723c01 more token exchange 2017-08-24 15:19:38 -04:00
mhajas
8bb473147c KEYCLOAK-5312 Add preview profile assumption 2017-08-24 11:45:09 +02:00
mhajas
543f61048f KEYCLOAK-5313 Assume preview profile for Authz test 2017-08-24 10:20:27 +02:00
Vaclav Muzikar
da9a88c45c KEYCLOAK-5229 Update testsuite dependencies 2017-08-23 15:36:29 +02:00
Pedro Igor
8e5752c9db Merge pull request #4388 from pedroigor/KEYCLOAK-5015-elytron-adapter 
[KEYCLOAK-5015] - Updating Elytron Adapters
 2017-08-23 08:55:25 -03:00
mposolda
fe5891fbdb KEYCLOAK-5293 Add notBefore to user 2017-08-23 08:58:26 +02:00
Pedro Igor
287a86938e [KEYCLOAK-5015] - HAL integration tests 2017-08-22 18:01:19 -03:00
Pavel Drozd
8d3384666a Merge pull request #4401 from mhajas/KEYCLOAK-5265 
KEYCLOAK-5265 Set localization tests to community profile only
 2017-08-22 09:01:33 +02:00
Pavel Drozd
2ae812420d Merge pull request #4396 from mhajas/KEYCLOAK-5311 
KEYCLOAK-5311 Fix authorization tests
 2017-08-22 09:00:23 +02:00
Pavel Drozd
bb10dc8c02 Merge pull request #4395 from mhajas/KEYCLOAK-4393 
KEYCLOAK-4393 Remove example tests
 2017-08-22 08:59:20 +02:00
Stian Thorgersen
20ac70d3fd KEYCLOAK-5119 (#4400) 2017-08-22 08:07:36 +02:00
mhajas
7f7c0bac1e KEYCLOAK-5265 Set localization tests to community profile only 2017-08-21 13:10:45 +02:00
mhajas
d58499acfb KEYCLOAK-5311 Fix authorization tests 2017-08-18 09:22:50 +02:00
mhajas
0c21b8c3a6 KEYCLOAK-4393 Remove example tests 2017-08-18 09:11:53 +02:00
mposolda
089514d8a6 KEYCLOAK-4634 Cross-dc support for UserLoginFailures 2017-08-17 10:22:12 +02:00
Stian Thorgersen
6119572934 KEYCLOAK-5282 (#4389) 2017-08-17 09:22:23 +02:00
mposolda
c4bb29b4bb KEYCLOAK-4187 SessionExpirationCrossDCTest - added tests for user logout and removal 2017-08-14 11:19:07 +02:00
mposolda
3aae4d22f6 KEYCLOAK-4630 Testing that refresh with offline token works 2017-08-11 19:37:25 +02:00
mposolda
868e76fcf3 KEYCLOAK-4630 Added SessionsPreloadCrossDCTest for test preloading sessions and offline sessions. Support for manual.mode to control manually lifecycle of all servers. 2017-08-11 17:44:00 +02:00
mposolda
0f7440d344 KEYCLOAK-4187 Fixes and tests related to sessions expiration and bulk removal in cross-dc environment 2017-08-10 08:29:59 +02:00
Pavel Drozd
9f6d9f7403 Merge pull request #4376 from pdrozd/KEYCLOAK-5267 
KEYCLOAK-5267 Fuse tests - added timeouts for closing ssh channel
 2017-08-09 21:48:36 +02:00
Bill Burke
3470b1839d Merge remote-tracking branch 'upstream/master' 2017-08-09 10:25:25 -04:00
Bill Burke
2fa55550f3 token exchange permissions 2017-08-09 10:04:14 -04:00
Pavel Drozd
6bdc49048a KEYCLOAK-5267 Fuse tests - added timeouts for closing ssh channel 2017-08-09 13:39:04 +02:00
mposolda
a72c297d5d KEYCLOAK-4187 Fix LoginCrossDCTest 2017-08-08 14:02:48 +02:00
Hynek Mlnarik
52de3fff06 KEYCLOAK-4189 Fix tests 2017-08-08 10:11:51 +02:00
Hynek Mlnarik
afc972278c KEYCLOAK-4694 2017-08-08 10:11:51 +02:00
Hynek Mlnarik
9ca72dc5c6 KEYCLOAK-4189 Improve logging and concurrency/cross-DC testing 2017-08-08 10:11:51 +02:00
mposolda
251b41a7ac KEYCLOAK-4187 Fix LastSessionRefreshCrossDCTest and ConcurrentLoginCrossDCTest 2017-08-07 11:55:49 +02:00
Bill Burke
2365445a3e Merge pull request #4360 from hmlnarik/KEYCLOAK-4189-Update-ConcurrencyTest-null 
KEYCLOAK-4189 Update ConcurrencyTest
 2017-08-02 19:47:55 -04:00
Bill Burke
3b5ca2bac0 Merge pull request #4366 from hmlnarik/KEYCLOAK-4694-null 
KEYCLOAK-4694
 2017-08-02 19:47:34 -04:00
Hynek Mlnarik
4583a45e78 KEYCLOAK-4694 2017-08-01 09:57:12 +02:00
Bill Burke
8c93fdfb62 fix test 2017-07-31 13:01:23 -04:00
Bill Burke
56bb37a9cf Merge remote-tracking branch 'upstream/master' 2017-07-31 10:53:24 -04:00
Pavel Drozd
d761085318 Merge pull request #4353 from vramik/was 
KEYCLOAK-5243 was-wls support
 2017-07-31 13:26:04 +02:00
Pavel Drozd
070bb9bf6a Merge pull request #4318 from mhajas/KEYCLOAK-3297 
KEYCLOAK-3297 Add test for Access-Control-Expose-Headers
 2017-07-31 12:59:32 +02:00
Bill Burke
6b991b850e change role name 2017-07-28 16:20:23 -04:00
Bill Burke
852e9274d4 Merge remote-tracking branch 'upstream/master' 2017-07-28 16:15:53 -04:00
Bill Burke
db9b1bcb21 token exchange 2017-07-28 16:15:39 -04:00
Hynek Mlnarik
a955364f0e KEYCLOAK-4189 Update ConcurrencyTest 2017-07-28 13:00:14 +02:00
mposolda
07e2136b3b KEYCLOAK-4187 Added UserSession support for cross-dc 2017-07-27 22:32:58 +02:00
vramik
9fa50bded5 was-wls changes 2017-07-27 10:24:34 +02:00
Marek Posolda
dd6a7b23c3 Merge pull request #4350 from hmlnarik/KEYCLOAK-4446-Failed-to-process-response-when-reject-consent-with-turned-on-encryption 
KEYCLOAK-4446 Do not encrypt SAML status messages
 2017-07-26 15:31:54 +02:00
Hynek Mlnarik
3c537f5f28 KEYCLOAK-4446 Do not encrypt SAML status messages 
SAML status messages are not encryptable per Chapter 6 of
saml-core-2.0-os.pdf. Only assertions, attributes, base ID and name ID
can be encrypted.
 2017-07-26 11:22:56 +02:00
Hynek Mlnarik
8d81a4a2e4 KEYCLOAK-5236 2017-07-26 11:22:05 +02:00
Hynek Mlnarik
c7046b6325 KEYCLOAK-4189 Preparation for cross-DC SAML testing 2017-07-25 09:44:36 +02:00
Bill Burke
11ff5a05e9 KEYCLOAK-5205 2017-07-18 11:03:01 -04:00
Bill Burke
7406a095b9 Merge remote-tracking branch 'upstream/master' 2017-07-17 17:56:09 -04:00
Bill Burke
876edc0186 ... 2017-07-17 17:55:59 -04:00
Bill Burke
b10e7b8c31 Merge pull request #4323 from patriot1burke/master 
KEYCLOAK-5152
 2017-07-14 15:35:48 -04:00
Bill Burke
f68754290f KEYCLOAK-5152 2017-07-14 14:14:38 -04:00
Stian Thorgersen
badba7adaf KEYCLOAK-5143 Run auth-server-wildfly profile on Travis (#4317) 2017-07-14 07:01:54 +02:00
Bill Burke
b0a33c9765 KEYCLOAK-5155 2017-07-13 14:51:27 -04:00
mhajas
b86079c589 KEYCLOAK-3297 Add test for Access-Control-Expose-Headers 2017-07-13 14:40:43 +02:00
mposolda
3fca731395 KEYCLOAK-5136 Improve browser refresh button after switch to different flow 2017-07-11 13:03:18 +02:00
Marek Posolda
d2274fa49f Merge pull request #4311 from mposolda/master 
KEYCLOAK-5061 Process correct initial flow when action expired
 2017-07-11 07:23:07 +02:00
Pedro Igor
7e7d67464e Merge pull request #4308 from pedroigor/KEYCLOAK-5140 
[KEYCLOAK-5140] - GroupPolicyManagementTest fails with mssql and oracle
 2017-07-10 18:04:19 -03:00
mposolda
936efe872a KEYCLOAK-5061 Process correct initial flow when action expired 2017-07-10 22:52:54 +02:00
mposolda
7be2c55f61 KEYCLOAK-5061 Better error messages when action expired 2017-07-10 19:50:28 +02:00
Pedro Igor
dac381058c [KEYCLOAK-5140] - GroupPolicyManagementTest fails with mssql and oracle 2017-07-10 11:54:58 -03:00
Marek Posolda
48eaebf1c3 Merge pull request #4293 from TeliaSoneraNorge/KEYCLOAK-5139 
KEYCLOAK-5139 refresh token does not work with pairwise subject ident…
 2017-07-10 11:21:34 +02:00
Martin Hardselius
5b2e390f57 Update refresh token test for deleted user 
Instead of disabling the user under test, the test will now correctly
delete the user under test.
 2017-07-10 10:20:41 +02:00
Pavel Drozd
50424b2ad3 Merge pull request #4284 from vramik/KEYCLOAK-5133 
KEYCLOAK-5133 Fix FineGrainAdminUnitTest when impersonation is disabled
 2017-07-10 08:04:23 +02:00
Pedro Igor
65251748c7 [KEYCLOAK-5148] - Create authorization settings when creating a new client using a config file 2017-07-05 18:19:00 -03:00
Pedro Igor
4b7c61111c Merge pull request #4288 from pedroigor/KEYCLOAK-5135 
[KEYCLOAK-5135] - Wrong comparison when checking for duplicate resources during creation
 2017-07-05 08:22:23 -03:00
Martin Hardselius
8cb8678525 KEYCLOAK-5139 refresh token does not work with pairwise subject identifiers 2017-07-05 12:32:43 +02:00
Stian Thorgersen
c95aace6e0 KEYCLOAK-5141 Return '*' in Cors requests when '*' is in list of permitted origins. Stop caching well-known information as it can change. (#4290) 2017-07-05 09:25:21 +02:00
Stian Thorgersen
eba8dac47d KEYCLOAK-4536 Add test to check behavior with file redirect URI (#4291) 2017-07-05 09:08:13 +02:00
Pedro Igor
e1622006c3 [KEYCLOAK-5135] - More tests for resource mgmt 2017-07-04 16:45:06 -03:00
Stian Thorgersen
9a9f4137e5 KEYCLOAK-4556 KEYCLOAK-5022 Only cache keycloak.js and iframe if specific version is requested (#4289) 2017-07-04 21:18:34 +02:00
Stan Silvert
32b16717a7 KEYCLOAK-4234: Link to app in acct mgt doesn't use root url (#4285) 
* KEYCLOAK-4234: Link to app in acct mgt not use root url

* Add tests.
 2017-07-04 07:01:58 +02:00
vramik
41011a95e1 KEYCLOAK-5133 Fix FineGrainAdminUnitTest when impersonation is disabled 2017-07-03 11:49:46 +02:00
Bill Burke
999dff353c Merge remote-tracking branch 'upstream/master' 2017-06-29 17:37:45 -04:00
Bill Burke
f5389b0e17 don't clean up properly 2017-06-29 17:36:45 -04:00
vramik
6ba3687b76 KEYCLOAK-5114 Fix UsersTest on auth-server-wildfly (#4271) 2017-06-29 14:39:59 +02:00
Stian Thorgersen
620bea3553 Merge pull request #4270 from stianst/KEYCLOAK-5107 
KEYCLOAK-5107 Fix FineGrainAdminUnitTest and IllegalAdminUpgradeTest …
 2017-06-29 08:54:59 +02:00
Stian Thorgersen
c9bc321d2a Merge pull request #4269 from stianst/dockerdockerdocker 
KEYCLOAK-3592 Docker auth implementation
 2017-06-29 07:23:47 +02:00
Stian Thorgersen
74fe9249d5 Merge pull request #4216 from machielg/master 
KEYCLOAK-5026 Store credentials
 2017-06-29 06:52:16 +02:00
Stian Thorgersen
9f814c6cf1 KEYCLOAK-5107 Fix FineGrainAdminUnitTest and IllegalAdminUpgradeTest on auth-server-wildfly 2017-06-29 06:46:21 +02:00
Josh Cain
89fcddd605 KEYCLOAK-3592 Docker auth implementation 2017-06-29 06:37:34 +02:00
Hynek Mlnarik
5e16a32f86 KEYCLOAK-5106 Fix BasicSamlTest on auth-server-wildfly 2017-06-28 20:47:43 +02:00
Stian Thorgersen
e964b156cc Merge pull request #4264 from stianst/KEYCLOAK-5074 
KEYCLOAK-5074 Allow updating client secret through client registratio…
 2017-06-28 11:40:04 +02:00
Stian Thorgersen
ce4506f367 Merge pull request #4261 from hmlnarik/KEYCLOAK-4377-null 
KEYCLOAK-4377
 2017-06-28 08:21:20 +02:00
Stian Thorgersen
1220d7f898 KEYCLOAK-5074 Allow updating client secret through client registration service 2017-06-28 08:11:51 +02:00
Hynek Mlnarik
a3ccac2012 KEYCLOAK-4377 2017-06-27 14:34:47 +02:00
Pavel Drozd
947254e14f Merge pull request #4222 from vmuzikar/KEYCLOAK-5055 
KEYCLOAK-4787, KEYCLOAK-5055 Stabilize UI tests
 2017-06-27 11:42:21 +02:00
Stian Thorgersen
4be0e36306 Merge pull request #4208 from ASzc/KEYCLOAK-4758 
KEYCLOAK-4758
 2017-06-27 11:35:43 +02:00
Stian Thorgersen
56c5996aff Merge pull request #4259 from stianst/abstractj-KEYCLOAK-4444 
KEYCLOAK-4444
 2017-06-27 10:44:30 +02:00
Machiel Groeneveld
7849191ec7 Merge branch 'master' into master 2017-06-27 10:27:07 +02:00
Bruno Oliveira
361ab1c988 [KEYCLOAK-4444] Allow sending test email 2017-06-27 08:38:36 +02:00
Stian Thorgersen
b4d39ca061 KEYCLOAK-4984 Don't update client registration access token on read 2017-06-27 08:29:03 +02:00
Bill Burke
b771960e21 fix log file 2017-06-26 12:36:43 -04:00
Bill Burke
bc05560d4d Merge remote-tracking branch 'upstream/master' 2017-06-26 11:41:12 -04:00
Bill Burke
3855b5c0a3 admin console work 2017-06-26 11:40:56 -04:00
Bill Burke
28b3ef9aa9 admin console work 2017-06-26 11:40:32 -04:00
Bill Burke
22987bb90b Merge pull request #4250 from mposolda/RHSSO-1027 
KEYCLOAK-5085 Easy fix to just handle the exception
 2017-06-26 10:04:02 -04:00
Hynek Mlnarik
955cbc76d7 KEYCLOAK-5030 Change action tokens cache type to distributed 2017-06-26 10:11:53 +02:00
Bill Burke
f1807aead4 impersonate 2017-06-25 11:28:37 -04:00
mposolda
756d996a4a KEYCLOAK-5085 RHSSO-1027 Fix to handle the exception thrown from alternative flow 2017-06-23 19:13:43 +02:00
Bill Burke
3ee86fedc7 Merge remote-tracking branch 'upstream/master' 2017-06-23 09:57:35 -04:00
Bill Burke
39dea4b078 restricting admin role mapping 2017-06-22 16:51:46 -04:00
Pavel Drozd
58e5f41415 Merge pull request #4210 from vramik/KEYCLOAK-4983 
KEYCLOAK-4983 export authorization test with multiple roles
 2017-06-22 09:36:26 +02:00
Pavel Drozd
a7fbcaaef4 Merge pull request #4211 from vramik/KEYCLOAK-5027 
KEYCLOAK-5027 Add possibility to attach debugger to jboss based servers
 2017-06-22 09:34:58 +02:00
Stian Thorgersen
6f731dfee9 Merge pull request #4118 from skjolber/feature/KEYCLOAK-3056-verify-signature-2 
Some adjustments for KEYCLOAK-3056 / PR #3893
 2017-06-22 08:44:32 +02:00
Marek Posolda
ab7a0c2252 Merge pull request #4248 from mposolda/client-initial-access-db 
KEYCLOAK-4631 Move ClientInitialAccessModel from userSession model to…
 2017-06-22 06:27:25 +02:00
Bill Burke
d08ddade2e merge 2017-06-21 17:43:54 -04:00
Bill Burke
52e40922bc removal 2017-06-21 17:42:57 -04:00
Bill Burke
f1132ffabe Merge pull request #4175 from mrezai/fix-pkce-s256-code-challenge 
KEYCLOAK-4956: Fix incorrect PKCE S256 code challenge generation
 2017-06-21 17:04:31 -04:00
Bill Burke
8c82201add Merge pull request #4224 from pedroigor/KEYCLOAK-3168 
[KEYCLOAK-3168] - Group-Based Access Control
 2017-06-21 17:03:34 -04:00
mposolda
fc61a4e89f KEYCLOAK-4631 Move ClientInitialAccessModel from userSession model to realm model 2017-06-21 22:14:20 +02:00
Hynek Mlnarik
bf43ccf6c1 KEYCLOAK-4993 Fix intermittent failures in ComponentsTest testConcurrencyWithChildren 
... and seems that the KEYCLOAK-5020 as well
 2017-06-21 15:19:23 +02:00
Marek Posolda
be5291f710 Merge pull request #4242 from mposolda/master 
KEYCLOAK-4438 Disable kerberos flow when provider removed
 2017-06-21 11:54:50 +02:00
Marek Posolda
3fd6fc250d Merge pull request #4240 from hmlnarik/KEYCLOAK-4189-Cross-DC-testing 
KEYCLOAK-4189 Infinispan cache and channel statistics for Cross-DC testing
 2017-06-21 10:22:43 +02:00
mposolda
e91dd011c5 KEYCLOAK-4438 Disable kerberos flow when provider removed 2017-06-21 09:38:20 +02:00
mposolda
32cf8b7cad KEYCLOAK-3316 Fixes for OAuth2 requests without 'scope=openid' 2017-06-20 17:17:43 +02:00
Hynek Mlnarik
2e2d15be9f KEYCLOAK-4189 Infinispan cache and channel statistics for Cross-DC-testing 2017-06-20 12:48:08 +02:00
mposolda
f363dbcad0 KEYCLOAK-4327 Switching language on User consent gives error 2017-06-20 09:21:41 +02:00
Bill Burke
57cb46148f tests 2017-06-19 11:21:59 -04:00
Bill Burke
a994af9010 remove scope 2017-06-16 11:26:43 -04:00
Pedro Igor
5028c05cc2 [KEYCLOAK-3168] - Export and import tests 2017-06-14 09:33:59 -03:00
Martin Hardselius
60942346f3 KEYCLOAK-4924: pairwise clients get duplicate subs in tokens 2017-06-14 10:47:40 +02:00
vramik
97509ebf89 KEYCLOAK-4983 export authorization test with multiple roles 2017-06-14 10:38:47 +02:00
Pedro Igor
169280b6a1 [KEYCLOAK-3168] - Group-Based Access Control 2017-06-13 19:05:44 -03:00
Vaclav Muzikar
35857bf649 KEYCLOAK-5055 Stabilize UI tests 2017-06-13 11:24:45 +02:00
Hynek Mlnarik
a0f3a6469f KEYCLOAK-4189 - Cross DC testing 2017-06-12 11:14:28 +02:00
Pedro Igor
fd8a3dccaf Merge pull request #4214 from pedroigor/KEYCLOAK-4904 
[KEYCLOAK-4904] - Authorization Audit - Part 1
 2017-06-09 17:17:30 -03:00
Pedro Igor
f12cef2c86 [KEYCLOAK-4904] - Authorization Audit - Part 1 2017-06-09 13:31:06 -03:00
Machiel Keizer-Groeneveld
80f8815b9a KEYCLOAK-5026 Store credentials 
Credentials are stored with user creation if they are present in the UserRepresentation.
 2017-06-09 09:32:33 +02:00
Stian Thorgersen
6cccd66162 Merge pull request #4192 from hokuda/KEYCLOAK-4980 
KEYCLOAK-4980 SAML adapter should return 403 when unauthenticated Aja…
 2017-06-09 04:40:26 +02:00
Hisanobu Okuda
9135ba7c40 KEYCLOAK-4980 SAML adapter should return 401 when unauthenticated Ajax client accesses 2017-06-08 23:36:25 +09:00
Bill Burke
94528976d4 console work 2017-06-07 16:29:43 -04:00
vramik
7381ec456a KEYCLOAK-5027 Add possibility to attach debugger to jboss based servers 2017-06-07 14:35:33 +02:00
Bill Burke
536a57a514 ui for permission reference 2017-06-05 19:52:51 -04:00
Alex Szczuczko
5d88c2b8be KEYCLOAK-4758 Update Encode class using latest resteasy. Use encodeQueryParamAsIs instead of encodeQueryParam when encoding key=value pairs for URI query sections. Also fix a few callers who were relying on the bad behaviour of queryParam. 2017-06-05 16:24:38 -06:00
Pedro Igor
9be9e30ad6 Merge pull request #4206 from pedroigor/KEYCLOAK-4983 
[KEYCLOAK-4983] - Authz settings export of role base policy generates json where are just role-names
 2017-06-05 16:19:58 -03:00
Pedro Igor
23887f4031 Fixing tests and more client policy tests 2017-06-05 11:26:33 -03:00
Pedro Igor
3760f2753b [KEYCLOAK-4983] - Authz settings export of role base policy generates json where are just role-names 2017-06-02 20:09:33 -03:00
Pedro Igor
d0f505455d [KEYCLOAK-4991] - Allow clients to limit the number of permission in a RPT when using entitlements 2017-06-02 19:06:40 -03:00
Bill Burke
a41d282e92 client permission tests 2017-06-02 15:49:20 -04:00
Thomas Skjølberg
241c58dd61 Add unit tests related to signatures, check that a signature is present when want assertion signing. 2017-06-02 15:36:52 +02:00
Bill Burke
b9f7a43a72 group permissions 2017-06-01 20:16:35 -04:00
Pedro Igor
dcd1a68d95 [KEYCLOAK-4992] - Allow clients to exclude resource_set_name from RPT 2017-05-31 19:33:34 -03:00
Pavel Drozd
a52a1f4618 Merge pull request #4196 from vramik/KEYCLOAK-4481 
KEYCLOAK-4481 some authz export tests
 2017-05-30 16:56:54 +02:00
Stian Thorgersen
a6e4245185 Merge pull request #4194 from stianst/KEYCLOAK-4888 
KEYCLOAK-4888
 2017-05-30 14:49:22 +02:00
vramik
8f1938c28d KEYCLOAK-4481 Role based permission test 2017-05-30 13:10:09 +02:00
Stian Thorgersen
8c53c5a90e KEYCLOAK-4888 
Change default hashing provider for realm
 2017-05-30 09:54:05 +02:00
Thomas Darimont
7d0b461683 KEYCLOAK-4975 Use authenticationSession binding name in ScriptBasedAuthenticator 
We now use authenticationSession instead of clientSession to reflect
the renaming of ClientSessionModel to AuthenticationSessionModel.

Note that this is a breaking change which needs to be mentioned in
the upgrade notes!
 2017-05-29 18:14:02 +02:00
Bill Burke
c3ea847b3e auth changes 2017-05-29 09:53:17 -04:00
Stian Thorgersen
684689d40d Merge pull request #3561 from glavoie/KEYCLOAK-3990 
KEYCLOAK-3990: Very slow use of NamedQueries.
 2017-05-29 09:39:39 +02:00
mposolda
c4f172afe7 KEYCLOAK-4977 Upgrade infinispan and undertow version to align with Wildfly 11.0.0.Alpha1 2017-05-26 14:29:30 +02:00
Hynek Mlnarik
e4fc8f083e KEYCLOAK-3990 Tests 2017-05-24 07:50:48 -04:00
mposolda
2b59db71a8 KEYCLOAK-3316 Remove the IDToken if scope=openid is not used 2017-05-24 09:23:14 +02:00
Stian Thorgersen
c442bcd8d3 Merge pull request #4174 from stianst/KEYCLOAK-4889 
KEYCLOAK-4889
 2017-05-23 14:26:15 +02:00
Stian Thorgersen
c00a64208a Merge pull request #4136 from frelibert/KEYCLOAK-4897 
KEYCLOAK-4897
 2017-05-23 14:10:34 +02:00
Pavel Drozd
06152d9883 Merge pull request #4165 from vmuzikar/google-fix 
KEYCLOAK-4944 Fix SocialLoginTest to reflect new Google Login screen
 2017-05-23 14:03:08 +02:00
Stian Thorgersen
ef29097679 Merge pull request #4172 from hmlnarik/KEYCLOAK-4813-Destination-Validation-should-ignore-whether-default-port-is-explicitly-specified 
KEYCLOAK-4813 Destination validation counts on port being not specified
 2017-05-23 13:59:36 +02:00
Pavel Drozd
0a869f56a7 Merge pull request #4146 from vramik/KEYCLOAK-4926 
KEYCLOAK-4926 exclude WelcomePageTest from migration scenario
 2017-05-23 13:59:26 +02:00
Stian Thorgersen
ff2d6941d0 Merge pull request #4140 from mstruk/RHSSO-978 
RHSSO-978 Cannot migrate event types using export/import
 2017-05-23 13:55:17 +02:00
Mohammad Rezai
acd78ee407 KEYCLOAK-4956: Fix incorrect PKCE S256 code challenge generation 2017-05-23 16:15:44 +04:30
Stian Thorgersen
130452f6c3 Merge pull request #4085 from mstruk/RHSSO-402 
RHSSO-402 need a way to dump configuration (including ldap provider config) to a file
 2017-05-23 13:29:32 +02:00
Stian Thorgersen
097a2267f5 KEYCLOAK-4889 
Improve error messages for password policies
 2017-05-23 13:18:06 +02:00
Hynek Mlnarik
f47283f61a KEYCLOAK-4813 Destination validation counts on port being not specified 2017-05-23 12:52:48 +02:00
mposolda
8adde64e2c KEYCLOAK-4016 Provide a Link to go Back to The Application on a Timeout 2017-05-23 09:08:58 +02:00
Daan de Wit
ef6b303bfe KEYCLOAK-4911 charset not specified by Java client registration API 2017-05-22 15:22:39 +02:00
Bill Burke
ab763e7c5b fixes after merge 2017-05-19 15:54:36 -04:00
Vaclav Muzikar
c2379dbe49 KEYCLOAK-4944 Fix SocialLoginTest to reflect new Google Login screen 2017-05-19 18:07:05 +02:00
Bill Burke
f114895cd2 for merge 2017-05-19 11:29:26 -04:00
vramik
f0386d9374 KEYCLOAK-4926 exclude WelcomePageTest from migration scenario 2017-05-19 13:30:01 +02:00
Marek Posolda
d80381ec0d Merge pull request #4139 from vramik/KEYCLOAK-4827 
KEYCLOAK-4827 Add tests for concurrent use of user session in cache
 2017-05-19 11:14:57 +02:00
Bill Burke
2cac8b1bb7 KEYCLOAK-4929 2017-05-18 16:53:31 -04:00
Bill Burke
c291748f43 KEYCLOAK-4929 2017-05-18 16:48:04 -04:00
Hynek Mlnarik
f9767ad6cd KEYCLOAK-4627 Additional tests for action tokens 2017-05-18 12:04:32 +02:00
Hynek Mlnarik
10c9e0f00f KEYCLOAK-4897 Tests for assertion-only signatures with encrypted assertions 2017-05-17 15:56:49 +02:00
Marko Strukelj
27b291c345 RHSSO-978 Cannot migrate event types using export/import 2017-05-16 18:52:58 +02:00
Marko Strukelj
7d0ca42c6c RHSSO-402 need a way to dump configuration (including ldap provider config) to a file 2017-05-15 12:13:58 +02:00
Bill Burke
954ef99f22 Merge remote-tracking branch 'upstream/master' 2017-05-12 10:10:29 -04:00
vramik
cc6a5419de KEYCLOAK-4827 Add tests for concurrent use of user session in cache 2017-05-12 14:14:14 +02:00
mposolda
7d8796e614 KEYCLOAK-4626 Support for sticky sessions with AUTH_SESSION_ID cookie. Clustering tests with embedded undertow. Last fixes. 2017-05-11 22:24:07 +02:00
Hynek Mlnarik
b8262a9f02 KEYCLOAK-4628 Single-use cache + its functionality incorporated into reset password token. Utilize single-use cache for relevant actions in execute-actions token 2017-05-11 22:16:26 +02:00
mposolda
db8b733610 KEYCLOAK-4626 Fix TrustStoreEmailTest and PolicyEvaluationCompositeRoleTest. Distribution update 2017-05-11 22:16:26 +02:00
Hynek Mlnarik
c431cc1b01 KEYCLOAK-4627 IdP email account verification + code cleanup. Fix for concurrent access to auth session notes 2017-05-11 22:16:26 +02:00
mposolda
168153c6e7 KEYCLOAK-4626 Authentication sessions - SAML, offline tokens, broker logout and other fixes 2017-05-11 22:16:26 +02:00
Hynek Mlnarik
47aaa5a636 KEYCLOAK-4627 reset credentials and admin e-mails use action tokens. E-mail verification via action tokens. 2017-05-11 22:16:26 +02:00
mposolda
e7272dc05a KEYCLOAK-4626 AuthenticationSessions - brokering works. Few other fixes and tests added 2017-05-11 22:16:26 +02:00
Hynek Mlnarik
b55b089355 KEYCLOAK-4627 Changes in TokenVerifier to include token in exceptions. Reset credentials uses checks to validate individual token aspects 2017-05-11 22:16:26 +02:00
mposolda
a9ec69e424 KEYCLOAK-4626: AuthenticationSessions - working login, registration, resetPassword flows 2017-05-11 22:16:26 +02:00
Hynek Mlnarik
19a41c8704 KEYCLOAK-4627 Refactor TokenVerifier to support more than just access token checks. Action tokens implementation with reset e-mail action converted to AT 2017-05-11 22:16:26 +02:00
mposolda
e4aba9e471 KEYCLOAK-4829 Access token from offline token falsely reported as inactive by token introspection 2017-05-11 21:17:04 +02:00
Stian Thorgersen
c3a2b3a6b6 KEYCLOAK-4523 PBKDF2WithHmacSHA256 and PBKDF2WithHmacSHA512 providers 2017-05-11 11:58:22 +02:00
Bill Burke
bfb4395b28 role and Users finished UI work 2017-05-10 15:25:04 -04:00
Bill Burke
46ec12c41c fixes 2017-05-10 14:19:10 -04:00
Pedro Igor
c0b08a27a2 Test for role policy evaluation 2017-05-09 15:27:19 -03:00
Bill Burke
a8a8ea4bcd Merge remote-tracking branch 'upstream/master' 2017-05-08 13:49:03 -04:00
Bill Burke
f760427c5c fine grain tests 2017-05-08 13:48:51 -04:00
Pavel Drozd
a8071356bb Merge pull request #4109 from mhajas/KEYCLOAK-4503 
KEYCLOAK-4503 Add test
 2017-05-05 13:06:50 +02:00
Pavel Drozd
ec5860d7f5 Merge pull request #4102 from mhajas/KEYCLOAK-4650 
KEYCLOAK-4650 Add cancel warning test
 2017-05-05 13:06:03 +02:00
Marc Heide
d5c643eaf9 KEYCLOAK-4521: consider offline sessions if no active user session was found for user info endpoint 2017-05-04 15:25:09 +02:00
mhajas
b33f7414da KEYCLOAK-4503 Add test 2017-05-03 08:51:26 +02:00
Bill Burke
c3b44e61d4 Merge remote-tracking branch 'upstream/master' 2017-05-01 14:51:07 -04:00
mhajas
618a8e7f90 KEYCLOAK-4650 Add cancel warning test 2017-04-28 14:18:01 +02:00
Eriksson Fabian
ca1152c3e5 KEYCLOAK-4204 Extend brute force protection with permanent lockout on failed attempts 
- Can still use temporary brute force protection.
- After X-1 failed login attempt, if the user successfully logs in his/her fail login count is reset.
 2017-04-28 09:02:10 +02:00
Pavel Drozd
7bcbc9a6af Merge pull request #4042 from daklassen/KEYCLOAK-2976 
KEYCLOAK-2976 Merge two "ClientTest" classes in integration-arquillian
 2017-04-27 17:16:58 +02:00
Pavel Drozd
51e4beccf4 Merge pull request #4076 from vramik/KEYCLOAK-4732 
KEYCLOAK-4732 fix for wildfly
 2017-04-27 08:06:55 +02:00
Bill Burke
c7bdb489ee Merge remote-tracking branch 'upstream/master' 2017-04-26 18:57:56 -04:00
Pedro Igor
389e2b42f1 Test for uma_authorization scope 2017-04-26 16:04:37 -03:00
Bill Burke
2276f99d54 Merge remote-tracking branch 'upstream/master' 2017-04-26 14:39:45 -04:00
Bill Burke
f67013bcb6 fix 2017-04-26 14:39:41 -04:00
Pedro Igor
b78cc63f0d Merge pull request #4084 from pedroigor/KEYCLOAK-4755 
[KEYCLOAK-4755] - Client UI Tests
 2017-04-26 13:29:00 -03:00
Pedro Igor
b84507507d Merge pull request #4079 from mhajas/KEYCLOAK-4769 
KEYCLOAK-4769 Add test for URI priority
 2017-04-26 12:20:53 -03:00
Pedro Igor
fbcfcfa088 [KEYCLOAK-4755] - Client UI Tests 2017-04-26 12:11:53 -03:00
Hynek Mlnarik
d7615d6a68 KEYCLOAK-2122 Configuration of AssertionConsumerServiceUrl in SAML adapter 2017-04-26 11:59:37 +02:00
mhajas
9c0e7cb4a5 KEYCLOAK-4769 Add test for URI priority 2017-04-26 08:32:40 +02:00
Pedro Igor
0ccb98a81f Merge pull request #4078 from pedroigor/KEYCLOAK-3135 
[KEYCLOAK-3135] - Rules UI Tests
 2017-04-25 18:04:09 -03:00
Pedro Igor
5b5cfb01b9 Merge pull request #4077 from pedroigor/KEYCLOAK-4792 
[KEYCLOAK-4792] - Client credentials provider support and making easier to obtain authz client
 2017-04-25 18:03:32 -03:00
Pedro Igor
b3131bf679 [KEYCLOAK-3135] - Rules UI Tests 2017-04-25 16:52:14 -03:00
Pedro Igor
79c9078caa [KEYCLOAK-4792] - Client credentials provider support and making easier to obtain authz client 2017-04-25 14:51:45 -03:00
vramik
a3c57f4326 KEYCLOAK-4732 fix for wildfly 2017-04-25 13:57:14 +02:00
Pedro Igor
ab58779d22 [KEYCLOAK-4732] - Need to run the test using the target testing realm 2017-04-25 08:34:39 -03:00
Pedro Igor
38ae6c981b Merge pull request #4068 from pedroigor/KEYCLOAK-3135 
[KEYCLOAK-3135] - Scope permission UI tests and reusable ui-select2 component
 2017-04-25 08:19:32 -03:00
Stian Thorgersen
d081f967ea Merge pull request #4067 from hmlnarik/KEYCLOAK-4779 
KEYCLOAK-4779 Fix NPE
 2017-04-25 10:31:00 +02:00
mposolda
b81891f89b KEYCLOAK-4271 Migration test for offline tokens - manual mode 2017-04-25 09:18:33 +02:00
Pedro Igor
49547ccfbc [KEYCLOAK-3135] - Scope permission UI tests and reusable ui-select2 component 2017-04-24 23:12:46 -03:00
Hynek Mlnarik
e8a65017fa KEYCLOAK-4779 Fix NPE 2017-04-24 23:09:27 +02:00
Pedro Igor
5e57e84384 Merge pull request #4054 from pedroigor/KEYCLOAK-3135 
[KEYCLOAK-3135] - More changes to Policy Management API
 2017-04-24 17:44:07 -03:00
Bill Burke
12cb295a35 Merge remote-tracking branch 'upstream/master' 2017-04-24 10:05:46 -04:00
Bill Burke
58868ca99f prototype 2017-04-24 10:05:39 -04:00
mposolda
d05a894831 KEYCLOAK-4326 KEYCLOAK-4588 Can't get granted consents if client template mappers were consented to 2017-04-24 15:44:38 +02:00
Pedro Igor
e0f753bcf5 [KEYCLOAK-3135] - More changes to Policy Management API 2017-04-24 07:34:08 -03:00
mposolda
1fd5af840b KEYCLOAK-4525 Deleting a client with existing sessions/offline_tokens leads to Internal Server Errors 2017-04-24 11:24:09 +02:00
Pavel Drozd
95fc8f79dd Merge pull request #4051 from mhajas/KEYCLOAK-4505 
KEYCLOAK-4505 Add test of clientSession for script based authenticator
 2017-04-21 13:50:29 +02:00
Pavel Drozd
f50e08d111 Merge pull request #4044 from vmuzikar/adapter-compat-upstream 
KEYCLOAK-4761 Support for Java adapter backward compatibility testing
 2017-04-21 13:49:17 +02:00
Pedro Igor
fa1b998802 Merge pull request #4050 from pedroigor/KEYCLOAK-4769 
[KEYCLOAK-4769] - Policy enforcer path matching tests
 2017-04-20 14:02:59 -03:00
Pedro Igor
df163d86e8 Merge pull request #4052 from pedroigor/KEYCLOAK-4754 
[KEYCLOAK-4754] - Unable to delete realm when using aggregated policies
 2017-04-20 13:23:09 -03:00
Pedro Igor
80a80512ea [KEYCLOAK-4769] - Policy enforcer path matching tests 2017-04-20 13:21:01 -03:00
mhajas
4f66919474 KEYCLOAK-4505 Add tests of clientSession for script based authenticator 2017-04-20 17:10:56 +02:00
Pedro Igor
bf69bc94bb [KEYCLOAK-4754] - Unable to delete realm when using aggregated policies 2017-04-20 12:10:52 -03:00
Pavel Drozd
585653b88e Merge pull request #4038 from vmuzikar/social-fix 
KEYCLOAK-4624 Fix, stabilize and revamp SocialLoginTest
 2017-04-20 13:13:29 +02:00
Vaclav Muzikar
c7a97cfd21 KEYCLOAK-4761 Prepare the testsuite for Java adapter backward compatibility testing 2017-04-19 13:51:24 +02:00
David Klassen
19a59429ae KEYCLOAK-2976 Merge two "ClientTest" classes in integration-arquillian 2017-04-19 13:25:30 +02:00
Stian Thorgersen
4f771ac51a Merge pull request #4027 from abacusresearch/KEYCLOAK-4729_update_german_translation 
KEYCLOAK-4729 Update German translations
 2017-04-18 15:13:39 +02:00
Vaclav Muzikar
32b62b2a70 KEYCLOAK-4624 Fix, stabilize and revamp SocialLoginTest 2017-04-13 13:41:30 +02:00
Pedro Igor
964693077a [KEYCLOAK-4751] - More tests 2017-04-12 18:25:38 -03:00
Pedro Igor
8e877a7f6c [KEYCLOAK-3135] - More tests 2017-04-12 14:34:27 -03:00
Pedro Igor
eec712a259 [KEYCLOAK-3135] - Role and user policies apis 2017-04-12 00:52:14 -03:00
Pedro Igor
54ebc1918c [KEYCLOAK-3135] - Using abstract policy representation when creating policies and updating tests 2017-04-12 00:52:13 -03:00
Pedro Igor
d60dcb4c62 [KEYCLOAK-3135] - Some more tests and making policy type rest api more generic 2017-04-12 00:52:13 -03:00
Pedro Igor
8e64bc3e4d Tests for new permission management rest api 2017-04-12 00:52:13 -03:00
Pedro Igor
cf1e8d1dd8 [KEYCLOAK-3135] - Tests and typos 2017-04-12 00:52:13 -03:00
Pavel Drozd
bfd76d7813 Merge pull request #3962 from mhajas/KEYCLOAK-4366 
KEYCLOAK-4366
 2017-04-10 08:44:52 +02:00
Dominik Langenegger
16430791bb KEYCLOAK-4729 Update German translations 2017-04-07 16:03:34 +02:00
Stian Thorgersen
83d0f313ce Merge pull request #4011 from mstruk/KEYCLOAK-4719 
KEYCLOAK-4719 CLI tests fail when run from within the IDE
 2017-04-07 09:17:19 +02:00
Bill Burke
3ce0c57e17 Merge pull request #3831 from Hitachi/master 
KEYCLOAK-2604 Proof Key for Code Exchange by OAuth Public Clients
 2017-04-06 15:36:08 -04:00
Bill Burke
c198f4ffa7 Merge pull request #4015 from patriot1burke/master 
KEYCLOAK-4727 KEYCLOAK-4652
 2017-04-06 15:27:49 -04:00
Bill Burke
26db0dd1fc Merge pull request #4016 from pedroigor/KEYCLOAK-4726 
[KEYCLOAK-4726] - Multiple role policies crash realm delete
 2017-04-06 13:21:53 -04:00
Pedro Igor
1f50421a54 [KEYCLOAK-4726] - Multiple role policies crash realm delete 2017-04-06 12:36:03 -03:00
Bill Burke
1b3549f828 oops 2017-04-06 10:49:48 -04:00
Bill Burke
201d2c6aac Merge remote-tracking branch 'upstream/master' 2017-04-06 10:44:43 -04:00
Bill Burke
31074c3c8d KEYCLOAK-4727 KEYCLOAK-4652 2017-04-06 10:44:33 -04:00
Stian Thorgersen
af4c74f1d9 Merge pull request #3718 from thomasdarimont/issue/KEYCLOAK-4163-improve-support-for-email-addresses 
KEYCLOAK-4163 Improve support for e-mail addresses
 2017-04-06 15:34:30 +02:00
Marko Strukelj
0269db0e85 KEYCLOAK-4719 CLI tests fail when run from within the IDE 2017-04-06 12:46:05 +02:00
Marek Posolda
ad1ca78034 Merge pull request #4002 from mposolda/master 
KEYCLOAK-4705 Running test from IDE should log INFO to the console
 2017-04-04 11:52:10 +02:00
Pavel Drozd
30b785c60d Merge pull request #3999 from vmuzikar/ie-fix 
KEYCLOAK-4351 Stabilize TermsAndConditions test in IE
 2017-04-04 10:48:22 +02:00
Pavel Drozd
b4c5eb8354 Merge pull request #3994 from vramik/KEYCLOAK-4534 
KEYCLOAK-4534 ClientInitiatedAccountLinkTest fails with auth-server-w…
 2017-04-04 10:47:36 +02:00
Pavel Drozd
91c3977d71 Merge pull request #3988 from mhajas/KEYCLOAK-3955 
KEYCLOAK-3955
 2017-04-04 10:46:12 +02:00
mposolda
457f183d46 KEYCLOAK-4705 Running test from IDE should log INFO to the console 2017-04-04 10:15:22 +02:00
Vaclav Muzikar
5e360cf919 KEYCLOAK-4351 Stabilize TermsAndConditions test in IE 2017-04-04 07:40:16 +02:00
vramik
ca6d8c9dbe KEYCLOAK-4534 ClientInitiatedAccountLinkTest fails with auth-server-wildlfy 2017-03-30 12:47:51 +02:00
mhajas
3bb587530b KEYCLOAK-3955 2017-03-28 16:05:44 +02:00
mhajas
bc05010ece Fix javascript adapter tests 2017-03-28 15:02:44 +02:00
Takashi Norimatsu
ef3aef9381 Merge branch 'master' into master 2017-03-28 16:21:40 +09:00
Vaclav Muzikar
66c13b4a72 KEYCLOAK-4613 Fix Console UI and Social Login tests 2017-03-27 15:25:24 +02:00
mhajas
36fc643bfb KEYCLOAK-4366 2017-03-27 11:22:01 +02:00
Pavel Drozd
ed67dcc712 Merge pull request #3975 from vmuzikar/KEYCLOAK-4660 
KEYCLOAK-4660 Add support for Chrome CLI switches to Arquillian Tests…
 2017-03-27 09:38:33 +02:00
Pavel Drozd
4aa996c2db Merge pull request #3959 from mhajas/KEYCLOAK-4141 
KEYCLOAK-4141 Added saml tests
 2017-03-27 09:36:41 +02:00
Bill Burke
71f0c01d4f Merge pull request #3980 from patriot1burke/master 
KEYCLOAK-4664 KEYCLOAK-4665
 2017-03-25 20:12:22 -04:00