Commit graph

2818 commits

Author SHA1 Message Date
Pedro Igor
709cbfd4b7 [KEYCLOAK-10705] - Return full resource representation when querying policies by id 2020-01-09 10:00:24 +01:00
vmuzikar
8e0e972957 KEYCLOAK-12626 Fix compilation errors in Admin Console tests 2020-01-07 11:56:14 -05:00
vramik
419d9c6351 KEYCLOAK-11597 Remote testing changes + possibility to exclude tests for specific auth server
Co-Authored-By: <mhajas@redhat.com>
2020-01-06 14:29:36 +01:00
Thomas Darimont
1a7aeb9b20 KEYCLOAK-8249 Improve extraction of Bearer tokens from Authorization headers (#6624)
We now provide a simple way to extract the Bearer token string from
Authorization header with a null fallback.

This allows us to have more fine grained error handling for the
various endpoints.
2020-01-06 13:58:52 +01:00
mhajas
28b01bc34d KEYCLOAK-12609 Fix integer overflow for SAML XMLTimeUtil add method parameters 2020-01-06 13:53:16 +01:00
Yoshiyuki Tabata
e96725127f KEYCLOAK-12165 Fix UserSessionProviderTest to work correctly (#6513) 2020-01-02 17:57:14 +01:00
Marek Posolda
fa453e9c0c
KEYCLOAK-12278 Default first broker login flow is broken after migration (#6556) 2020-01-02 17:53:56 +01:00
Pedro Igor
56d53b191a [KEYCLOAK-8779] - Fixing PartialImportTest 2019-12-28 06:24:19 -03:00
rmartinc
401d36b446 KEYCLOAK-8779: Partial export and import to an existing realm is breaking clients with service accounts 2019-12-27 15:59:38 -03:00
Thomas Darimont
0219d62f09 KEYCLOAK-6867 UserInfoEndpoint should return WWW-Authenticate header for Invalid tokens
As required by the OIDC spec (1) we now return a proper WWW-Authenticate
response header if the given token is invalid.

1) https://openid.net/specs/openid-connect-core-1_0.html#UserInfoError
2019-12-23 07:42:06 -03:00
Pedro Igor
946088d48d [KEYCLOAK-12109] - Resolving authz discovery url using KeycloakUriBuilder 2019-12-19 14:18:21 +01:00
Pedro Igor
3bd193acd7 [KEYCLOAK-12412] - Policy enforcer should consider charset when comparing the content-type of the request 2019-12-19 14:14:33 +01:00
Stefan Guilhen
9f69386a53 [KEYCLOAK-11707] Add support for Elytron credential store vault
- Adds the elytron-cs-keystore provider that reads secrets from a keystore-backed elytron credential store
 - Introduces an abstract provider and factory that unifies code that is common to the existing implementations
 - Introduces a VaultKeyResolver interface to allow the creation of different algorithms to combine the realm
   and key names when constructing the vault entry id
 - Introduces a keyResolvers property to the existing implementation via superclass that allows for the
   configuration of one or more VaultKeyResolvers, creating a fallback mechanism in which different key formats
   are tried in the order they were declared when retrieving a secret from the vault
 - Adds more tests for the files-plaintext provider using the new key resolvers
 - Adds a VaultTestExecutionDecider to skip the elytron-cs-keystore tests when running in Undertow. This is
   needed because the new provider is available only as a Wildfly extension
2019-12-18 11:54:06 +01:00
harture
26458125cb [KEYCLOAK-12254] Fix re-evaluation of conditional flow (#6558) 2019-12-18 08:45:11 +01:00
Douglas Palmer
106e6e15a9 [KEYCLOAK-11859] Added option to always display a client in the accounts console 2019-12-17 17:12:49 -03:00
vramik
c3d80651bf KEYCLOAK-12473 Add possibility to specify length of event detail when storing to database 2019-12-17 17:15:50 +01:00
vmuzikar
4c17fa8664 KEYCLOAK-12104 UI tests for Linked Accounts Page 2019-12-16 16:06:03 -03:00
vmuzikar
4f7b56d227 KEYCLOAK-12106 UI tests for Device Activity page 2019-12-16 14:26:58 -03:00
Erik Jan de Wit
af0f43b769 KEYCLOAK-11496 detect session timeout 2019-12-13 15:22:32 -05:00
Douglas Palmer
af0594b58d [KEYCLOAK-12463] Fixed missing consents 2019-12-12 17:27:54 -03:00
Douglas Palmer
f9fa5b551d [KEYCLOAK-5628] Added application endpoint 2019-12-11 13:06:04 -03:00
Cas Eliëns
66f5d1259f Fix typo 2019-12-11 16:18:59 +01:00
Martin Bartoš
2cf6483cdf [KEYCLOAK-12044] Fix messages in the UsernameForm (#6548) 2019-12-11 10:59:46 +01:00
mposolda
0f3e0f4d4e KEYCLOAK-12432 Compilation error in latest master in LDAPHardcodedAttributeTest 2019-12-10 18:01:11 -03:00
Cédric Couralet
bde94f2f08 KEYCLOAK-11770 add an hardcoded attribute mapper (#6396)
Signed-off-by: Cédric Couralet <cedric.couralet@insee.fr>
2019-12-10 12:57:46 +01:00
Denis Richtárik
48bddc37ae KEYCLOAK-12011 Remove cancel button from OTP form (#6511)
* KEYCLOAK-12011 Remove cancel button from OTP form

* Remove back button
2019-12-09 19:23:26 +01:00
Dmitry Telegin
e2144d6aec KEYCLOAK-12175 - Platform SPI 2019-12-09 09:55:04 +01:00
stianst
30e024a3c9 KEYCLOAK-12167 Remove need for Arquillian deployment to load test classes 2019-12-06 12:46:08 +01:00
Yoshiyuki Tabata
b2664c7ef9 KEYCLOAK-12094 "client-session-stats" not search null client information (#6554) 2019-12-06 10:37:25 +01:00
Martin Bartoš
e405ce6e97 [KEYCLOAK-11824] Fix bug with only one value of the authentication model execution requirement (#6570) 2019-12-05 18:28:00 +01:00
Cristian Schuszter
5c7ce775cf KEYCLOAK-11472 Pagination support for clients
Co-authored-by: stianst <stianst@gmail.com>
2019-12-05 08:17:17 +01:00
vmuzikar
072cd9f93f KEYCLOAK-12329 Fix linking accounts in the new Account Console 2019-12-03 18:49:40 -03:00
Martin Kanis
73d1a26040 KEYCLOAK-11773 Front-channel logout with identity brokering does not work after browser restart 2019-12-03 08:17:54 +01:00
vmuzikar
f426643225 KEYCLOAK-11744 KEYCLOAK-11271 New Account Console testsuite 2019-11-28 08:32:48 -03:00
Tomas Kyjovsky
61eb569ae5 KEYCLOAK-11921 Reset password (#6505) 2019-11-28 09:38:11 +01:00
Jan Lieskovsky
9a5fda5ec9 [KEYCLOAK-11748] Add multiple OTP tokens configured Direct Access Grant test (#6546)
Add a Direct Access Grant test to verify, when the user has multiple OTP
authenticators configured, they can properly login using the 1-th one of
them (IOW the 1-th OTP token is the preferred credential)

Signed-off-by: Jan Lieskovsky <jlieskov@redhat.com>
2019-11-28 09:34:53 +01:00
harture
129c689855 [KEYCLOAK-12253] Fix conditional authenticators are evaluated even if they are disabled (#6553) 2019-11-28 09:30:31 +01:00
Martin Kanis
685d49c693 KEYCLOAK-11967 Violation of UNIQUE KEY constraint SIBLING_NAMES (#6485) 2019-11-26 16:00:50 +01:00
rmartinc
82ef5b7927 KEYCLOAK-12000: Allow overriding time lifespans on a SAML client 2019-11-26 10:02:34 +01:00
Pedro Igor
cee884e4a7 [KEYCLOAK-8406] - Remove Drools/Rules Policy 2019-11-22 15:38:51 +01:00
Dmitry Telegin
79074aa380 KEYCLOAK-12162 Modularize config backends (#6499)
* KEYCLOAK-12162 - Modularize configuration backends

* - Use JsonSerialization
- simplify backend selection (no fallbacks)

* Remove unused org.wildfly.core:wildfly-controller dependency
2019-11-22 15:23:04 +01:00
stianst
623f347263 KEYCLOAK-12051 Exclude com.beaust:jcommander dependency from com.google.zxing:javase 2019-11-22 07:43:34 -03:00
Martin Kanis
3c3667d81e KEYCLOAK-12062 AccountLinkSpringBootTest is failing 2019-11-22 11:17:51 +01:00
Yoshiyuki Tabata
0a9d058b81 KEYCLOAK-12150 change error response from invalid_request to unsupported_grant_type 2019-11-22 11:11:07 +01:00
Yoshiyuki Tabata
a36cfee84b KEYCLOAK-12149 change error response from invalid_grant to unauthorized_client 2019-11-22 11:10:16 +01:00
Yoshiyuki Tabata
4117710379 KEYCLOAK-12019 change error response from unsupported_response_type to unauthorized_client 2019-11-22 11:03:02 +01:00
Martin Kanis
50ec24557e KEYCLOAK-12117 X509BrowserLoginTest failing in pipeline 2019-11-21 11:35:10 +01:00
stianst
3731e36ece KEYCLOAK-12069 Add account-console client for new account console 2019-11-20 08:48:40 -05:00
Ramon Spahr
0f00e23f96 KEYCLOAK-10977 Allow disabling Kerberos athentication with LDAP federation provider (#6422) 2019-11-18 14:12:26 +01:00
keycloak-bot
76aa199fee Set version to 9.0.0-SNAPSHOT 2019-11-15 20:43:21 +01:00
Stefan Guilhen
9a7c1a91a5 KEYCLOAK-10780 Stop creating placeholder e-mails for service accounts (#228) 2019-11-15 15:08:29 +01:00
k-tamura
43e2370f21 KEYCLOAK-11772 Fix temporary credential property to work correctly 2019-11-15 08:48:12 +01:00
vramik
af5df1e535 KEYCLOAK-11808 Add support for MySQL8, update supported database versions 2019-11-15 08:43:48 +01:00
stianst
3a36569e20 KEYCLOAK-9129 Don't expose Keycloak version in resource paths 2019-11-15 08:21:28 +01:00
AlistairDoswald
4553234f64 KEYCLOAK-11745 Multi-factor authentication (#6459)
Co-authored-by: Christophe Frattino <christophe.frattino@elca.ch>
Co-authored-by: Francis PEROT <francis.perot@elca.ch>
Co-authored-by: rpo <harture414@gmail.com>
Co-authored-by: mposolda <mposolda@gmail.com>
Co-authored-by: Jan Lieskovsky <jlieskov@redhat.com>
Co-authored-by: Denis <drichtar@redhat.com>
Co-authored-by: Tomas Kyjovsky <tkyjovsk@redhat.com>
2019-11-14 14:45:05 +01:00
Andy Munro
e7e49c13d5 KEYCLOAK-11413 Update UI messages
Co-authored-by: stianst <stianst@gmail.com>

Made a couple more spelling corrections.
2019-11-14 12:31:05 +01:00
Martin Kanis
25511d4dbf KEYCLOAK-9651 Wrong ECDSA signature R and S encoding 2019-11-13 15:32:51 +01:00
sarveshtamba
0525fb43b9 Update pom.xml 2019-11-11 11:16:07 -03:00
stianst
b8881b8ea0 KEYCLOAK-11728 New default hostname provider
Co-authored-by: Hynek Mlnarik <hmlnarik@redhat.com>
2019-11-11 12:25:44 +01:00
Patrick Teubner
b3d87b52c2 KEYCLOAK-11888 Fix inconsistent pagination of groups by ordering the results of 'getTopLevelGroupIds' query 2019-11-11 09:22:51 +01:00
stianst
062841a059 KEYCLOAK-11898 Refactor AIA implementation 2019-11-08 16:03:07 -03:00
Martin Bartoš
bf8184221a KEYCLOAK-11838: Fixed unstable RefreshTokenTest (#6455) 2019-11-08 08:53:23 +01:00
Pedro Igor
28b41623eb [KEYCLOAK-11929] - Aggregated Policy Console tests failing due to upload_scripts feature 2019-11-08 08:16:59 +01:00
vramik
701ba1a408 KEYCLOAK-11891 Update How-TO-RUN file with instruction regarding remote server testing 2019-11-07 14:08:07 +01:00
mhajas
b74f69c5ac KEYCLOAK-11779 Make feature controller which takes care of enabling/disabling features including restarting container if needed 2019-11-07 09:35:11 +01:00
vmuzikar
b13fa2d16a KEYCLOAK-11602 Add token exchange test to OpenShift 3 social login test 2019-11-06 06:49:10 -03:00
vmuzikar
bf5cca52a4 KEYCLOAK-11675 Fix unstable Google Social Login test 2019-11-06 06:49:10 -03:00
Stan Silvert
041229f9ca KEYCLOAK-7429: Linked Accounts REST API 2019-11-05 16:03:21 -05:00
Peter Skopek
d0386dab85 KEYCLOAK-8785 remove k_version endpoint (#6428) 2019-11-05 11:35:55 +01:00
Douglas Palmer
a32c8c5190 [KEYCLOAK-11185] Fixed build with JDK 11 2019-11-04 10:56:07 -03:00
Martin Bartoš
e3d755fe9d KEYCLOAK-11729: ExtendingThemeTest is failing with auth-server-wildfly (#6410) 2019-11-04 11:27:03 +01:00
mhajas
e3fdfeb040 KEYCLOAK-11706 Add tests for spring version 2.2.0 2019-10-31 10:19:51 +01:00
Martin Kanis
25689d2a07 KEYCLOAK-9985 Removal of org.apache.commons in WildFly affects distribution 2019-10-29 23:13:44 +01:00
Benjamin Bentmann
d6f56e58c1 KEYCLOAK-11806 Fix SAML adapter to not fail upon receiving a login response without the optional Destination attribute 2019-10-29 23:12:15 +01:00
pkokush
ff551c5545 KEYCLOAK-10307: check password history length in password verification (#6058) 2019-10-24 21:33:21 +02:00
Takashi Norimatsu
1905260eac KEYCLOAK-11251 ES256 or PS256 support for Client Authentication by Signed JWT (#6414) 2019-10-24 17:58:54 +02:00
Hynek Mlnarik
783545572a KEYCLOAK-11684 Add support to display passwords in password fields
Add UI tests for KEYCLOAK-11684

Co-authored-by: stianst <stianst@gmail.com>
Co-authored-by: vmuzikar <vmuzikar@redhat.com>
2019-10-23 15:30:11 +02:00
mposolda
0cb8730df8 KEYCLOAK-11474 Fix LDAPGroupMapper tests with MySQL and MariaDB 2019-10-23 14:55:33 +02:00
Hynek Mlnarik
f0685cc246 KEYCLOAK-11739 Ensure unique / PK constraint in JPA is on par with Liquibase 2019-10-23 14:53:17 +02:00
Pedro Igor
bb4ff55229 [KEYCLOAK-10868] - Deploy JavaScript code directly to Keycloak server
Conflicts:
	testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/example/authorization/AbstractPhotozExampleAdapterTest.java

(cherry picked from commit 338fe2ae47a1494e786030eb39f908c964ea76c4)
2019-10-22 10:34:24 +02:00
Pedro Igor
bad9e29c15 [KEYCLOAK-10870] - Deprecate support for JavaScript policy support from UMA policy endpoint
Conflicts:
	testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/authz/UserManagedPermissionServiceTest.java

(cherry picked from commit 13923a7683cb666d2842bc61429c23409c1493b6)
2019-10-22 10:34:24 +02:00
Jan Lieskovsky
f2e5f9dedd [KEYCLOAK-11717] Drop the public key credential related elements (#6407)
from the Edit Account screen of the Account console

Add a testcase for it

Signed-off-by: Jan Lieskovsky <jlieskov@redhat.com>
2019-10-21 19:54:39 +02:00
Martin Kanis
37304fdd7d KEYCLOAK-10728 Upgrade to WildFly 18 Final 2019-10-21 14:06:44 +02:00
Martin Reinhardt
5ad05c9317 [KEYCLOAK-6376] Directly create group 2019-10-21 10:41:04 +02:00
Martin Reinhardt
21a62a2670 [KEYCLOAK-6376] Reorganize imports and revert pom changes 2019-10-21 10:41:04 +02:00
Martin Reinhardt
28748ebf3f [KEYCLOAK-6376] Fix NPE and test setup 2019-10-21 10:41:04 +02:00
Martin Reinhardt
f18c8b9da5 [KEYCLOAK-6376] Switching to arquillian end2end tests 2019-10-21 10:41:04 +02:00
k-tamura
4a8065ec6b Add test method pointed out on review 2019-10-21 10:36:16 +02:00
Kohei Tamura
59ba874e1d KEYCLOAK-10945 Avoid lockout when clicking login twice 2019-10-21 10:36:16 +02:00
Pedro Igor
6acb87bd7a [KEYCLOAK-10822] - Prevent access to users from another realm 2019-10-21 10:32:50 +02:00
Martin Bartoš
ad9641722f KEYCLOAK-11613 Chrome Testing API (#6385) 2019-10-18 10:50:28 +02:00
stianst
31ed01a6de KEYCLOAK-11754 Prevent AbstractKeycloakTest from inititating backchannel logout on cleanup 2019-10-17 12:56:31 +02:00
mhajas
9cb2f1afdc KEYCLOAK-11530 Do not enable/disable vault before/after test method but before/after class 2019-10-17 09:55:06 +02:00
Pedro Igor
17785dac08 [KEYCLOAK-10714] - Add filtering support in My Resources endpoint by name 2019-10-16 16:26:55 +02:00
Tomas Kyjovsky
c2273e8f49 KEYCLOAK-11547 (#6341)
- Fixing `X509OCSPResponderTest.loginOKOnOCSPResponderRevocationCheckWithoutCA` test case on Windows
2019-10-15 15:56:29 +02:00
mposolda
f0a506a143 KEYCLOAK-11691 Broker tests re-structure 2019-10-14 11:38:09 +02:00
vramik
5c56a8493b KEYCLOAK-11568 Some properties are not propagated if specified via command line 2019-10-10 10:25:48 -03:00
mhajas
2f44c58a0d KEYCLOAK-11495 Change name of PlaintextVaultProvider to FilesPlaintextVaultProvider 2019-10-09 14:48:00 +02:00
Pedro Igor
f0fb48fb76 [KEYCLOAK-11326] - Refactoring to support different versions of resteasy 2019-10-09 12:01:34 +02:00
Pedro Igor
a2e98b57f4 [KEYCLOAK-11326] - Refactoring to use types from JAX-RS API 2019-10-09 12:01:34 +02:00