Thomas Darimont
af892d469c
KEYCLOAK-18880 TimeBasedOTP should use look-around to mitigate clock skew
...
Add test case
2021-09-01 10:45:50 +02:00
Thomas Darimont
5898f9c390
KEYCLOAK-18880 TimeBasedOTP should use look-around to mitigate clock skew
...
Previously the TimeBasedOTP only looked behind to mitigate clock skew.
We now look around (look ahead + look behind) to better accommodate clock skew.
2021-09-01 10:45:50 +02:00
Braxton Plaxco
1c2752300b
KEYCLOAK-19155: Add a .gitleaks.toml
...
Help ignore false positives during internal code scans
~ B'ezrat Hashem ~
2021-08-31 20:21:28 +02:00
Thomas Darimont
e217e9a175
KEYCLOAK-18818 Add CORS preflight handler to token revocation endpoint
2021-08-31 10:07:32 +02:00
Bruno Oliveira da Silva
c8bee9fac4
[KEYCLOAK-19130] Remove snyk workflow from the Keycloak repository
2021-08-30 09:31:09 +02:00
vramik
5fe675b612
KEYCLOAK-18841 prevent deletion of default role using RoleContainerResource
2021-08-20 12:02:07 +02:00
Martin Bartos
18cef60bbd
KEYCLOAK-19037 Problems with validation of Email field that contains uppercase character
2021-08-19 11:13:42 +02:00
bohmber
ba946b54f7
KEYCLOAK-19021
...
LDAPOperationManager.getFilterById is causing additional call to AD
2021-08-19 09:25:33 +02:00
Thomas Darimont
f9b4e47851
KEYCLOAK-19036 Avoid infinite loop during LDAP sync with OpenLDAP and olcSizeLimit
...
Signed-off-by: Thomas Darimont <thomas.darimont@googlemail.com>
2021-08-18 17:42:13 +02:00
mposolda
418d1e3471
KEYCLOAK-19039 Sync UPDATE_PASSWORD required action to only to MSAD with WRITABLE edit mode. Add tests for MSAD mapper
2021-08-18 17:39:19 +02:00
Thomas Darimont
a7fd1bc3a9
KEYCLOAK-18954 Add test for user consent retrieval with offline access consents
...
Signed-off-by: Thomas Darimont <thomas.darimont@googlemail.com>
2021-08-18 10:39:44 +02:00
Thomas Darimont
f16eb4d8b9
KEYCLOAK-18954 Refactor user consent list retrieval to avoid ConcurrentModificationException
...
This avoids a ConcurrentModificationException to be thrown in UserResource.getConsents()
calls that got introduced in 4e8b18f560
by filtering
the resulting stream explicitly instead of removing items from the collection
that we iterate over, which triggered the CME in the first place.
Signed-off-by: Thomas Darimont <thomas.darimont@googlemail.com>
2021-08-18 10:39:44 +02:00
wuweixin
6431afe360
KEYCLOAK-18974 BitbucketIdentityProvider IdentityBrokerException message
...
github => bitbucket
2021-08-18 10:32:07 +02:00
rmartinc
5ff6ff57a8
[KEYCLOAK-18535] KeycloakSanitizerMethod causes java.lang.IndexOutOfBoundsException when there is more then one href in a sanitized message
2021-08-18 10:19:22 +02:00
Bruno Oliveira da Silva
9e9e716369
Create snyk.yml
2021-08-17 20:10:37 -03:00
mposolda
3e0f8aed30
KEYCLOAK-19038 Reload user after being updated
2021-08-17 19:28:18 +02:00
Vlastimil Elias
afa6e31d36
[KEYCLOAK-19006] User Profile: Patched handling of the "whitespace-only"
...
texts in pattern and length validators
2021-08-10 08:43:58 -03:00
bal1imb
269b661b8a
KEYCLOAK-16633 Prevent deletion of internal clients.
2021-08-09 11:45:03 -03:00
laskasn
62f222291c
KEYCLOAK-18491 - Fixing the distribution/server-dist build problem
2021-08-05 19:43:14 +02:00
Martin Kanis
6886bd6651
KEYCLOAK-18941 ExecutionException when computed future - InfinispanCacheInitializer
2021-08-05 18:28:27 +02:00
Martin Kanis
b42f765c2a
KEYCLOAK-18982 Token OIDC introspection endpoint should not update any of the timestamps
2021-08-05 18:21:16 +02:00
Denis Richtarik
c49c7d0ffc
KEYCLOAK-18970 Update licenses for Keycloak 15 and RH-SSO 7.5.0
2021-08-05 17:22:10 +02:00
Simen Heggestøyl
624a9a3ed7
KEYCLOAK-18509 Fix permission error when deleting client
2021-08-05 11:55:24 -03:00
Yoshiyuki Tabata
b31b60fffe
KEYCLOAK-18341 Support JWKS OAuth2 Client Metadata in the "by value" key loading method
2021-08-05 16:52:55 +02:00
Martin Bartoš
3c19fae88b
KEYCLOAK-18964 MetricsRestServiceTest contains wrong health check message
2021-08-05 16:01:01 +02:00
Hynek Mlnarik
2acb43a627
KEYCLOAK-18617 Fix index on client attributes
2021-08-05 15:35:55 +02:00
Sebastian Rose
5d9d749fbd
KEYCLOAK-18380 Fix Groups search by name returns unwanted groups
...
Signed-off-by: Thomas Darimont <thomas.darimont@googlemail.com>
Signed-off-by: Thomas Darimont <thomas.darimont@googlemail.com>
2021-08-05 11:43:56 +02:00
Sebastian Rose
565251d5a6
KEYCLOAK-18380 Fix Groups search by name returns unwanted groups, cleanup test, skip tests on map storage provider feature
2021-08-05 11:43:56 +02:00
Thomas Darimont
17da3ee8d9
KEYCLOAK-18380 Fix Groups search by name returns unwanted groups
...
Previously the group search did not apply a given search query as filter
for groups along the group path.
We now filter the found groups with the given group search query if present.
2021-08-05 11:43:56 +02:00
Yoshiyuki Tabata
bd55694903
fix README.md of quarkus
2021-08-04 20:16:06 -03:00
mposolda
b1d39aa136
KEYCLOAK-18949 DirectGrant login should fail if authenticationSession contains some required actions
2021-08-04 08:50:27 +02:00
Yang Xie
d8cb279bc4
KEYCLOAK-17693 add config for loading custom IdMapper class
2021-08-03 17:44:47 +02:00
carlChen
a0b01b6ef4
KEYCLOAK-16703 The username returned by token introspect endpoint is null when remove or modify username mapper
2021-08-03 17:38:37 +02:00
Florian Ritterhoff
65480cb5a1
Prevent security flaw using passwordless authentication
...
If you register without an password or delete your last token your account can be hijacked. This is can be done by simply trying to login in that moment where the account is without a token. You get the "normal" registration dialog and can capture the complete account.
2021-08-03 10:49:45 -03:00
cturkalj
b4536a394a
Missing null check for session.userCache() added
...
NPE when existing user from LDAP is found (same LDAP_ID, but with changed username) and session.userCache() is null.
2021-08-03 13:40:02 +02:00
cedric guindon
1ad34c6ab0
[KEYCLOAK-18498] French i18n contains wrong param
2021-08-03 12:37:13 +02:00
Sebastian Kanzow
4e8e4592ca
[KEYCLOAK-18419] Support SAML 2.0 Encrypted IDs in Assertion
2021-08-03 11:55:36 +02:00
Sanket Bhalerao
443bd4a1ba
KEYCLOAK-15595: update keycloak js for KEYCLOAK-15595
...
while working on cordova+angular+ios the keycloak logout is not working. as the user clicks logout the user can again see the app instead of the inappbrowser page for login.
with clearcache=yes in the inappbrowser open the issue appears no more.
2021-08-02 10:56:25 -03:00
laskasn
f265d1d662
KEYCLOAK-18933
2021-08-02 15:27:08 +02:00
keycloak-bot
262ec3d031
Set version to 16.0.0-SNAPSHOT
2021-07-30 14:56:10 +02:00
Peter Skopek
3ed20e2878
KEYCLOAK-18597 Product distribution ZIP does not include rh-sso-7.5 folder
2021-07-30 12:33:14 +02:00
Pedro Igor
afb0b16e43
[KEYCLOAK-18922] - Ignore empty values for internal attributes not set to user
2021-07-30 12:30:43 +02:00
Hynek Mlnarik
0cdce1340d
KEYCLOAK-18680 Always close result stream
2021-07-30 09:40:39 +02:00
Sebastian Kanzow
a412bb7b99
[KEYCLOAK-18417] Skip SAML 2.0 AttributeValue with user-defined xsi types
2021-07-30 08:48:25 +02:00
Miklín Vojtěch
e44a7af0e4
KEYCLOAK-18913 Update messages_cs.properties
...
Czech translations for base login theme:
themes/src/main/resources-community/theme/base/login/messages/messages_cs.properties
Co-Authored-By: dklika <78177642+dklika@users.noreply.github.com>
Co-Authored-By: Hynek Mlnařík <hmlnarik@users.noreply.github.com>
2021-07-29 21:18:41 +02:00
Martin Bartoš
56888911b0
KEYCLOAK-18691 CIBATest.testTokenRequestAfterIntervalButNotYetAuthenticated wrong expiration
2021-07-29 17:01:51 +02:00
Stefan Guilhen
9e676fce7e
[KEYCLOAK-18559] Fix SAML adapters so they allow unescaped characters in URIs
...
- Makes adapters bahavior consistent with containers that allow unescaped characters in URIs
2021-07-29 12:11:32 +02:00
Pedro Igor
ff70e2e04b
[KEYCLOAK-18916] - Do not consider empty values when checking read-only attributes
2021-07-29 08:46:16 +02:00
Vlastimil Elias
32f2f095fe
KEYCLOAK-7724 User Profile default validations
2021-07-29 08:42:37 +02:00
mposolda
4dacbb9e0b
KEYCLOAK-16996 User not able to revoke his offline token for directGrant clients
2021-07-29 08:04:16 +02:00