Commit graph

1579 commits

Author SHA1 Message Date
Bill Burke
28a5e61dff role mappers and testing 2015-03-09 21:03:35 -04:00
Bill Burke
5cf64546c8 Merge remote-tracking branch 'upstream/master' 2015-03-09 09:05:53 -04:00
Bill Burke
cdf22669f4 test oidc mappers 2015-03-09 09:05:39 -04:00
Bill Burke
d4468913dd hardcoded saml mappers 2015-03-09 07:55:20 -04:00
Stian Thorgersen
452931bfb8 Simplified setting to/from dates 2015-03-09 11:47:08 +01:00
girirajsharma
d2188a3f55 Fixed Event Viewer pagination, date filter and added testcases. 2015-03-09 11:47:08 +01:00
girirajsharma
ce33ce2485 [KEYCLOAK-1050] - Improve filtering in Event viewer in admin app. 2015-03-09 11:47:08 +01:00
Bill Burke
5c6c30fef4 saml role list mapper 2015-03-07 19:47:34 -05:00
Bill Burke
1de285b724 mappers 2015-03-06 18:42:20 -05:00
Bill Burke
4a4158a4e4 test saml attributes 2015-03-06 18:29:36 -05:00
mposolda
db07d79009 KEYCLOAK-1066 Kerberos credential delegation support 2015-03-06 12:59:29 +01:00
Stian Thorgersen
1f5fedb0b0 Module provider loader 2015-03-06 05:30:17 +01:00
Bill Burke
db2c01caa9 more mappers 2015-03-05 19:55:53 -05:00
Bill Burke
98831ec05a fix other claims in IDToken 2015-03-04 20:27:06 -05:00
Bill Burke
453ef808cc ID token mapping 2015-03-04 18:39:10 -05:00
Bill Burke
94980fff29 merge conflicts 2015-03-04 17:27:44 -05:00
Bill Burke
33520e9fec reg/account custom attributes 2015-03-04 17:25:50 -05:00
Stian Thorgersen
6c7f35c509 KEYCLOAK-1014 Don't redirect to app after reset password or verify email if new browser session 2015-03-04 13:39:11 +01:00
Stian Thorgersen
f907a749aa KEYCLOAK-1015 Allow configuring login timeout separate to login actions 2015-03-04 08:45:01 +01:00
Bill Burke
396e0c6171 refactor mappers 2015-03-03 20:38:28 -05:00
Bill Burke
608185f06a boolean mapper property types 2015-03-03 12:00:40 -05:00
Bill Burke
753feae49e fixes 2015-03-02 21:39:43 -05:00
mposolda
58a7e549b2 Fix mongo to pass with testsuite 2015-03-02 12:07:31 +01:00
Bill Burke
4361ce1d42 mapper refactoring 2015-02-28 19:48:50 -05:00
Bill Burke
2da925505e saml attribute mappers 2015-02-28 11:17:06 -05:00
Bill Burke
07b038e126 add mapper category and help text 2015-02-27 18:21:42 -05:00
Bill Burke
8533d49dfb Merge remote-tracking branch 'upstream/master' 2015-02-27 17:28:09 -05:00
Bill Burke
1c6e90c4ef protocol mapper ui 2015-02-27 17:21:02 -05:00
pedroigor
b45d6b896a [KEYCLOAK-883] - Configuration option to disable token retrieval from applications. 2015-02-27 02:13:27 -03:00
pedroigor
17653e7e74 [KEYCLOAK-883] - Reverting change that redirects to error page when federating identities.. 2015-02-26 15:27:32 -03:00
pedroigor
8f263a43e3 [KEYCLOAK-883] - Examples config and logging changes. 2015-02-26 12:34:33 -03:00
pedroigor
6e38964838 [KEYCLOAK-883] - Minor changes to the configuration of identity providers for clients. 2015-02-25 21:00:49 -03:00
Bill Burke
430daf4c39 Merge remote-tracking branch 'upstream/master' 2015-02-25 11:35:04 -05:00
Bill Burke
9f759ed77c rest interface for claim mapping 2015-02-25 11:34:51 -05:00
Stian Thorgersen
195a5dffdc Merge pull request #995 from stianst/master
KEYCLOAK-1017 Add server version to cached resources to prevent problems...
2015-02-25 16:15:11 +01:00
pedroigor
128cd98ce2 [KEYCLOAK-1036] - Revert. 2015-02-25 11:21:56 -03:00
Stian Thorgersen
5a10bbc8ca KEYCLOAK-1017 Add server version to cached resources to prevent problems with browser cache 2015-02-25 15:03:01 +01:00
Stian Thorgersen
b6a512b494 KEYCLOAK-934 Extract dependencies into modules 2015-02-25 12:05:48 +01:00
Bill Burke
c20ad93807 claim mappings next phase 2015-02-24 19:37:07 -05:00
Bill Burke
100dbd5fd7 ProviderFactory.postInit() 2015-02-23 12:11:48 -05:00
Bill Burke
d06b7a47ac Merge remote-tracking branch 'upstream/master' 2015-02-23 11:39:39 -05:00
Bill Burke
1dde3e1459 provider events 2015-02-23 11:39:24 -05:00
mposolda
9f8b59dfb6 Kerberos/LDAP fixes 2015-02-23 14:07:55 +01:00
mposolda
9dd5ecd464 Kerberos automated test 2015-02-23 13:13:34 +01:00
Bill Burke
69582ee3be more claims work 2015-02-21 10:26:55 -05:00
Bill Burke
42ffe21f91 Merge remote-tracking branch 'upstream/master' 2015-02-20 09:23:18 -05:00
Bill Burke
20f12ea960 changes 2015-02-20 09:22:49 -05:00
mposolda
d8024b0c6c Kerberos refactored to be federation provider. Support for Kerberos and LDAP. Username/password authentication support with kerberos credentials.
First step - KerberosFederationProvider

Finished KerberosFederationProvider. Added support for username/password authentication with kerberos credentials

Added Kerberos UI to LDAPFederationProvider

Fixes
2015-02-18 17:19:15 +01:00
mposolda
5da05aa62a LDAP testing improvements. Support for embedded Kerberos server in testsuite 2015-02-16 11:50:28 +01:00
mposolda
3ef243dd42 Add authenticateByDefault flag to IdentityProviderModel 2015-02-13 10:08:51 +01:00
pedroigor
b0fb737de3 [KEYCLOAK-883] - Code cleanup and refactoring. 2015-02-13 01:27:11 -02:00
mposolda
534187f4d7 KEYCLOAK-1037 Bad error message on login form in case of expired code 2015-02-11 18:48:32 +01:00
mposolda
03d607b022 Fix showing federation links of users in admin console 2015-02-11 13:03:31 +01:00
mposolda
4b637036ac Display error page if kerberos token is unavailable 2015-02-11 12:25:20 +01:00
Bill Burke
40f2fb91bc Merge pull request #960 from girirajsharma/master
Updated BC provider versions and deprecated CertificateUtil methods.
2015-02-10 17:55:45 -05:00
mposolda
f582250b31 KEYCLOAK-1036 Don't allow registration through identity brokering in case that realm registration is disabled 2015-02-10 16:57:07 +01:00
girirajsharma
c3d7ef8066 Updated BC provider versions and deprecated CertificateUtil methods. 2015-02-10 18:44:54 +05:30
mposolda
90496f62ac KEYCLOAK-1035 Brokered identity linked by account management may not be recognized during login 2015-02-10 13:54:45 +01:00
mposolda
d523d7f202 Ensure timestamp on clientSession is updated in AccountService when linking identity broker 2015-02-10 09:49:44 +01:00
pedroigor
ff1f10d7a7 [KEYCLOAK-883] - Refactoring to services endpoints and exposing them through admin client. 2015-02-09 21:30:21 -02:00
pedroigor
cb72fa4788 [KEYCLOAK-883] - Idp hint should be processed firts. 2015-02-08 22:01:30 -02:00
pedroigor
1e13254598 [KEYCLOAK-992] - Initial code for examples. Fixing cors when retreiving tokens. 2015-02-08 03:27:57 -02:00
pedroigor
4b1ba704ec [KEYCLOAK-992] - Token retrieval from brokered idps. 2015-02-06 22:23:34 -02:00
mposolda
8b4e724aeb KEYCLOAK-1025 Skip automatic logout from KC admin console for non-authorized users 2015-02-06 18:13:17 +01:00
pedroigor
99a457c5c1 [KEYCLOAK-996] - Allow application to select provider. 2015-01-30 14:02:53 -02:00
girirajsharma
2d6e1048ef Fixed adding right CORS headers to actual and preflight CORS requests. 2015-01-30 13:57:27 +05:30
Pedro Igor
f013796324 Merge pull request #938 from pedroigor/KEYCLOAK-883
[KEYCLOAK-883] - Initial tests for SAML brokering.
2015-01-29 09:11:39 -02:00
pedroigor
1960c608cd [KEYCLOAK-883] - Initial tests for SAML brokering. 2015-01-29 00:04:02 -02:00
Bill Burke
fd20a25100 Merge remote-tracking branch 'upstream/master' 2015-01-28 17:09:59 -05:00
Bill Burke
ea3bba98aa saml frontchannel logout 2015-01-28 17:09:13 -05:00
Stian Thorgersen
6ecd9fbde7 Merge pull request #936 from stianst/master
Provider loaders
2015-01-28 11:51:05 +01:00
Stian Thorgersen
67ba1de56f KEYCLOAK-999 Load providers from file-system 2015-01-28 09:15:07 +01:00
pedroigor
2065815627 [KEYCLOAK-883] - Model tests. 2015-01-27 23:53:56 -02:00
pedroigor
c2ba2a70ce [KEYCLOAK-997] - Redirect directly to provider if password login is disabled and there's only one provider. 2015-01-23 18:20:19 -02:00
pedroigor
b9a7594113 [KEYCLOAK-883] - More SAML configuration. Using SAML builders to create AuthnRequest. 2015-01-21 23:40:20 -02:00
Stian Thorgersen
f31bece1b9 KEYCLOAK-980 Password reset is possible with expired link 2015-01-21 13:11:06 +01:00
Stian Thorgersen
e7a792f922 KEYCLOAK-983 Fix login after reset-password 2015-01-21 12:28:30 +01:00
Bill Burke
8b6a3ad8e4 Merge remote-tracking branch 'upstream/master' 2015-01-16 18:58:01 -05:00
Bill Burke
a0ba6d2c16 saml redirect logout 1st step 2015-01-16 18:57:33 -05:00
Bill Burke
ef2698936b Merge pull request #919 from pedroigor/KEYCLOAK-884
[KEYCLOAK-884] - OpenID Connect UserInfo Endpoint.
2015-01-16 14:28:30 -05:00
pedroigor
4f432775ed [KEYCLOAK-884] - OpenID Connect UserInfo Endpoint. 2015-01-16 15:45:27 -02:00
mposolda
e4a8ced8b0 KEYCLOAK-974 ServerVersionResource doesn't handle cors requests 2015-01-16 12:57:08 +01:00
Stian Thorgersen
8828d6e2f1 KEYCLOAK-965 NPE in TokenManager.verifyAccess if application is deleted 2015-01-16 11:25:05 +01:00
Stian Thorgersen
bf6c46da1c KEYCLOAK-962 Changed access token request to use redirect_uri from initial request instead of the resolved redirect_uri 2015-01-16 11:01:03 +01:00
Stian Thorgersen
29b8c2c924 KEYCLOAK-949 Disabled user with wrong credentials receive wrong error message 2015-01-14 10:10:53 +01:00
Stian Thorgersen
abd5967be3 KEYCLOAK-957 Access Token Request does not verify redirect_uri 2015-01-14 09:59:21 +01:00
Michael Gerber
3be74cda30 check if email is null 2015-01-14 09:18:05 +01:00
pedroigor
fa2533ed11 [KEYCLOAK-883] - Initial changes. 2015-01-13 00:58:19 -02:00
Stian Thorgersen
959933a227 Version bump 2015-01-12 10:35:50 +01:00
mposolda
fff8ae9f8a KEYCLOAK-942 Incorrect condition in ResourceAdminManager could cause global logout 2015-01-08 11:09:11 +01:00
pedroigor
c4892428ae [KEYCLOAK-928] - Validate duplicated emails when updating profile. 2015-01-07 11:09:40 -02:00
Michael Gerber
181c1c8b5b add error event if mail can not be send 2015-01-06 13:02:27 +01:00
Stian Thorgersen
45a1f4361e Add test 2015-01-05 14:34:08 +01:00
Stian Thorgersen
39daeca09c Merge branch 'reset-password' of https://github.com/gerbermichi/keycloak into gerbermichi-reset-password 2015-01-05 14:26:51 +01:00
gerbermichi
0c73e67372 a disabled user should not receive an email to reset the password 2015-01-05 14:07:03 +01:00
Stian Thorgersen
628437c146 KEYCLOAK-760 OAuth2 refresh token expiration date 2015-01-05 10:50:50 +01:00
Michael Gerber
019bb558d1 reset-password-email with redirect_uri and client_id 2015-01-02 14:10:44 +01:00
Michael Gerber
53e18b3ebe fix reset-password-email 2015-01-02 12:52:21 +01:00
Stian Thorgersen
f97b71c207 KEYCLOAK-903
No client session for direct grant
2014-12-30 13:28:08 +01:00
Stian Thorgersen
a367473386 KEYCLOAK-902 State should not be required 2014-12-30 10:38:08 +01:00
Stian Thorgersen
e174802b0d KEYCLOAK-825
Log out user sessions on password reset
2014-12-17 14:54:33 +01:00
Stian Thorgersen
6cf42db584 KEYCLOAK-891 Create server info page on admin console 2014-12-17 13:21:31 +01:00
gerbermichi
2186fe32a9 Bugfix: Can not read keycloak-server.json if the path contains a space
https://issues.jboss.org/browse/KEYCLOAK-892
2014-12-17 12:32:06 +01:00
Bill Burke
6c04e26376 bump 2014-12-05 21:09:38 -05:00
Bill Burke
c0059a875b bump version 2014-12-05 19:03:13 -05:00
apenders
f3adf02eea Added CORS preflight support for realms/<realm>/tokens/refresh 2014-12-02 15:33:15 -07:00
Stian Thorgersen
a843e31c12 KEYCLOAK-862 Use HmacSHA256 for code signatures 2014-11-27 10:02:08 +01:00
Bill Burke
46983d68f3 move ServerCookie to core 2014-11-14 09:20:03 -05:00
mposolda
a94ab5883d KEYCLOAK-835 Move AdapterConstants to different package 2014-11-10 22:16:20 +01:00
Marek Posolda
c0f377c8c7 Merge pull request #841 from jpkrohling/JPK-KEYCLOAK-821
KEYCLOAK-821 - Support for comma-separated list of file names to import.
2014-11-06 20:32:31 +01:00
Juraci Paixão Kröhling
cd0ad70952 KEYCLOAK-821 - Support for comma-separated list of file names to import. 2014-11-05 17:04:17 +01:00
Stian Thorgersen
e7625c2bb1 KEYCLOAK-820 Don't expose realm private key through admin endpoints 2014-11-05 15:34:56 +01:00
Bill Burke
9c175bfb5d Merge remote-tracking branch 'upstream/master' 2014-11-04 15:55:47 -05:00
Bill Burke
ede59a4441 fix jax-doclets 2014-11-04 15:55:33 -05:00
Stian Thorgersen
7327423a03 Fix ResetPasswordTest 2014-11-04 13:05:50 +01:00
Stian Thorgersen
0f8c073354 Version bump 2014-11-04 09:01:06 +01:00
Stian Thorgersen
bb2de4dc59 KEYCLOAK-787 Clicking back to login after sending password reset email fails 2014-10-31 13:59:56 +01:00
Stian Thorgersen
9b0d5acb50 KEYCLOAK-704 KEYCLOAK-768 Improvements to access code generation 2014-10-31 12:45:03 +01:00
Stian Thorgersen
8adad9dddf KEYCLOAK-806
Increase defaults for 'SSO Session Idle Timeout'
2014-10-31 09:41:21 +01:00
Bill Burke
cf747dac22 remove info logging 2014-10-30 09:53:06 -04:00
Bill Burke
0183ac43bc aud should be client-id, issuer should be realm 2014-10-29 15:56:25 -04:00
Stian Thorgersen
6e4785e74c KEYCLOAK-777 No login event for social login 2014-10-28 19:56:41 +01:00
Bill Burke
12e2a4698d idp descriptor 2014-10-28 12:49:31 -04:00
Bill Burke
e3609cc85b app importer 2014-10-28 11:54:58 -04:00
Bill Burke
971f0f5c16 publish protocol support 2014-10-24 11:25:04 -04:00
Bill Burke
1be070e34d cleanup 2014-10-24 11:00:34 -04:00
Bill Burke
ce76270ad8 saml key refactor 2014-10-24 10:58:32 -04:00
mposolda
f3da9760a3 Send node registration at 1st request instead of deployment startup. Bugfixing 2014-10-21 23:15:21 +02:00
Bill Burke
668497df4d upload keys 2014-10-21 16:33:17 -04:00
mposolda
01c705b4d3 KEYCLOAK-759 Added adapter clustering to admin console 2014-10-21 12:32:53 +02:00
Stian Thorgersen
dd4b2f811b KEYCLOAK-710 Ignore missing roles in access-code 2014-10-21 11:15:35 +02:00
Stian Thorgersen
6b2a4229e3 KEYCLOAK-700 Check path is valid in account/login-redirect 2014-10-21 09:57:56 +02:00
Stian Thorgersen
63b41e2548 KEYCLOAK-703 Check valid origin is passed to login-status-iframe 2014-10-21 09:57:56 +02:00
Stian Thorgersen
ed895ce02d KEYCLOAK-699 Set maximum size of qr-code 2014-10-21 09:57:56 +02:00
mposolda
7d8f265789 KEYCLOAK-759 dynamic registration of managementUrls in cluster 2014-10-17 21:51:46 +02:00
Bill Burke
8fbc8fc736 Merge remote-tracking branch 'upstream/master' 2014-10-14 18:39:08 -04:00
Bill Burke
7760887ac1 app cert support, bug fixes 2014-10-14 18:38:48 -04:00
Stian Thorgersen
106a0cb48d KEYCLOAK-755 Support env variables in keycloak-server.json 2014-10-14 15:06:18 +02:00
Stian Thorgersen
1021e8af5c KEYCLOAK-753 Add 'username:' prefix to remember me cookie to prevent issue with old cookie 2014-10-14 13:44:03 +02:00
Stian Thorgersen
4d401224de KEYCLOAK-746 Allow linking to account from external provider 2014-10-13 10:48:45 +02:00
Bill Burke
4d007c776a generate/store realm certificate 2014-10-11 10:49:04 -04:00
Bill Burke
deffa9b4e1 oauth id in admin console 2014-10-10 16:55:57 -04:00
Bill Burke
0ace5cd746 merge conflicts 2014-10-09 18:26:14 -04:00
Bill Burke
94da99bf10 use app id in admin console urls 2014-10-09 18:22:02 -04:00
mposolda
9954d68a1f KEYCLOAK-748 cluster-aware logout for non-distributable apps 2014-10-09 21:33:07 +02:00
mposolda
ac8b43358d Reduce logging 2014-10-08 23:28:02 +02:00
mposolda
7e7406ddb7 KEYCLOAK-743 Stateless session mgmt. Drop statistics for adapters. 2014-10-08 22:18:10 +02:00
Bill Burke
a1d1877751 ClientModel attributes and protocol 2014-10-08 10:54:13 -04:00
Bill Burke
5f1e6f3a23 merge 2014-10-07 18:17:44 -04:00
Bill Burke
6d5ab0f66b saml backchannel logout 2014-10-07 18:06:02 -04:00
Bill Burke
e01424b815 Merge pull request #741 from patriot1burke/master
saml basic
2014-10-04 22:15:56 -04:00
Bill Burke
e3a3933390 saml basic 2014-10-04 21:27:48 -04:00
Stian Thorgersen
0d5be568f8 KEYCLOAK-722 Refreshing token throws RuntimeException if realm keys have changed 2014-10-03 13:23:21 +02:00
Stian Thorgersen
d6f030a05a KEYCLOAK-662 NPE when using direct grant API with email as username 2014-10-03 12:10:52 +02:00
mposolda
e6121f301f KEYCLOAK-732 AuthenticationManager.logout should logout just current userSession 2014-10-02 22:52:44 +02:00
mposolda
72b5632cfe KEYCLOAK-731 Support for replacing configuration of Java adapters with system properties 2014-10-02 19:15:37 +02:00
mposolda
95521e8a95 KEYCLOAK-709 ResourceAdminManager.logoutApplication shouldn't immediatelly fail with RuntimeException 2014-10-01 23:20:49 +02:00
Bill Burke
6cf62a2768 move pre-auth 2014-10-01 14:57:52 -04:00
Bill Burke
cbc383d494 finish protocol refactoring 2014-10-01 14:19:59 -04:00
Bill Burke
546d45b009 protocol abstraction 2014-10-01 10:38:42 -04:00
Bill Burke
4b399fe05a login protocol abstraction 2014-10-01 10:01:42 -04:00
Bill Burke
e32f73880f Merge remote-tracking branch 'upstream/master' 2014-09-30 15:58:39 -04:00
Bill Burke
63b65c933b token service refactoring 2014-09-30 15:58:20 -04:00
Stian Thorgersen
1d4e842cc0 Fixes to Mongo user session provider 2014-09-30 14:24:49 +02:00
Stian Thorgersen
99c73a9cc7 Clustering support 2014-09-30 09:40:20 +02:00
Bill Burke
fc867e59ea action url refactor 2014-09-29 16:57:58 -04:00
Bill Burke
75a3093dda login refactor phase 2, still more to do 2014-09-29 16:15:33 -04:00
Bill Burke
67f10bee24 Merge remote-tracking branch 'upstream/master' 2014-09-29 09:56:37 -04:00
Bill Burke
524b423733 ClientSession everywhere refactor phase1 2014-09-26 17:44:33 -04:00
Stian Thorgersen
f2e97ff9d6 Add test to add/remove attributes to user through admin endpoints 2014-09-25 19:35:57 +02:00
Bill Burke
66d58476d0 refactor security page flow 2014-09-23 11:05:10 -04:00
Bill Burke
bf42227224 remove junk 2014-09-22 16:35:22 -04:00
Bill Burke
99a6713e6f clientsession notes 2014-09-22 16:34:42 -04:00
Bill Burke
0b8b31a3ea KEYCLOAK-705 2014-09-19 10:00:47 -04:00
Stian Thorgersen
dcb5717154 KEYCLOAK-696 Display Keycloak version in admin console 2014-09-18 13:24:03 +02:00
mposolda
89471b7db1 KEYCLOAK-695 Let KEYCLOAK_REMEMBER_ME cookie to be valid for 1 year 2014-09-18 11:03:44 +02:00
mposolda
1049bca433 Prefill login form just if rememberMe enabled for the realm 2014-09-17 08:54:29 +02:00
mposolda
5352872b4b Use KEYCLOAK_REMEMBER_ME as hint to prefill login form. Change lifespan of KEYCLOAK_IDENTITY to maxSsoSessionLifespan 2014-09-16 22:09:27 +02:00
mposolda
1be2bff95f Typo 2014-09-12 16:57:02 +02:00
Stian Thorgersen
811cfd52c9 KEYCLOAK-657 Set cache-control for keycloak.js and login-iframe 2014-09-12 13:46:56 +02:00
Stian Thorgersen
7c15a70f53 Fixes to KEYCLOAK-682 2014-09-12 12:26:52 +02:00
Stian Thorgersen
5d141d4d8a KEYCLOAK-682 Only send logout admin action to clients associated with user session 2014-09-12 11:47:11 +02:00
Stian Thorgersen
423dc1b8a7 Change version schema to match JBoss 2014-09-12 09:35:08 +02:00
mposolda
6f173d4554 KEYCLOAK-678 Preserve form values in account mgmt after error 2014-09-11 20:54:48 +02:00
mposolda
649a40f58c KEYCLOAK-676 Validate email address format during registration or account mgmt 2014-09-11 20:05:00 +02:00
Stian Thorgersen
b23463a1d2 KEYCLOAK-653 Add theme support to welcome-pages 2014-09-11 15:58:29 +02:00
Stian Thorgersen
280cbf2174 KEYCLOAK-680 Add/remove social-links through admin api 2014-09-11 12:09:55 +02:00
Stian Thorgersen
5dea07793b Version bump 2014-09-11 09:27:58 +02:00
mposolda
aa7bbeb11b Support for cors in PublicRealmResource 2014-09-10 13:05:53 +02:00
mposolda
52920119bd Ensure that ServerInfo request is authorized and add CORS support to it 2014-09-10 10:42:05 +02:00
Stian Thorgersen
557de7690e Fix CRSF protection on Chrome, and add check if 'Referer' header 2014-09-10 10:32:56 +02:00
Bill Burke
3f539c6d5c version bump 2014-09-09 13:34:56 -04:00
Bill Burke
e3e32982a0 change CSRF to random value 2014-09-09 13:27:34 -04:00
Bill Burke
ac29db51e5 nolog CORS exception 2014-09-09 12:51:55 -04:00
Bill Burke
d0a3a04d34 CSRF 2014-09-09 12:06:48 -04:00
Stian Thorgersen
3530fa6259 KEYCLOAK-666 Update session last refreshed on every token refresh 2014-09-09 11:01:24 +02:00
Stian Thorgersen
8c8c44e50f KEYCLOAK-658 Fix searching for users 2014-09-02 10:01:44 +02:00
Stian Thorgersen
05a1fc1ded Version bump 2014-09-01 10:17:00 +02:00
Stian Thorgersen
31b0f5543f Fixes 2014-08-29 17:11:18 +02:00
Stian Thorgersen
39c0be5d99 KEYCLOAK-652
Social user can't set password
2014-08-29 16:51:10 +02:00
Stian Thorgersen
b9d0f64f74 Added password token to use inplace of plain-text password for totp 2014-08-28 13:51:55 +02:00
Stian Thorgersen
55d614fce8 Reduce log in UserFederationResource 2014-08-28 11:26:55 +02:00
Stian Thorgersen
3bfe3d256e Rename audit to events 2014-08-28 10:56:37 +02:00
mposolda
fb18004c1d KEYCLOAK-643 Handle flows with adding user with existing username or email in federation providers 2014-08-27 12:19:23 +02:00
Stian Thorgersen
55bd889a0f KEYCLOAK-531 Reduce info level logging 2014-08-27 11:17:24 +02:00
mposolda
b3b480c25f Display proper error message if LDAP-linked user couldn't be deleted due to read-only mode 2014-08-26 19:10:48 +02:00
mposolda
fd9d2ba4d5 Handle exceptions and UI errors when user is read only. Some sync issues 2014-08-26 12:54:05 +02:00
mposolda
6c7d0f27a7 More tooltips for LDAP and generic federation. Minor fixes 2014-08-25 16:28:52 +02:00
Bill Burke
e99afec7ec import console from export 2014-08-21 17:17:09 -04:00
Bill Burke
7c8edb5d11 bump pom 2014-08-21 10:46:49 -04:00
Bill Burke
e5d5276135 race 2014-08-20 14:50:28 -04:00
Bill Burke
5dd84f1d9a fix AccountService referrer problems 2014-08-20 14:20:59 -04:00
Bill Burke
47f361a4ab nocache for fed provider list 2014-08-20 11:29:45 -04:00
Bill Burke
6e7924da76 demo fixes 2014-08-20 11:08:40 -04:00
Bill Burke
c38abb2cfe ? 2014-08-18 18:52:51 -04:00
Bill Burke
faf18dfdfd fix cookie parsing problem 2014-08-18 18:36:36 -04:00
Bill Burke
2dc32fb8c9 fix menu error 2014-08-18 18:06:23 -04:00
Bill Burke
c86a6ba3f3 fix admin reset email 2014-08-15 11:46:38 -04:00
Bill Burke
5dca2a3588 expanded token service coverage 2014-08-14 21:01:05 -04:00
Bill Burke
cfee00d4c5 fix relative uri problem 2014-08-14 11:01:04 -04:00
Bill Burke
29691a3167 Merge pull request #626 from patriot1burke/master
more tooltips, change password
2014-08-13 12:17:48 -04:00
Bill Burke
edf73af508 change password 2014-08-13 10:35:49 -04:00
mposolda
4bac0474c6 Sync UI for generic providers 2014-08-12 18:12:28 +02:00
mposolda
f0b66a2241 Admin console UI for sync of users from LDAP. Sync fixes 2014-08-12 18:12:27 +02:00
Bill Burke
abb1647672 Merge pull request #619 from patriot1burke/master
fix logout
2014-08-12 10:06:44 -04:00
Bill Burke
114c1b95fa fix logout 2014-08-12 10:06:19 -04:00
Stian Thorgersen
f95418dfc9 KEYCLOAK-592 Display login form with error message if trying to login with social provider where email already exists 2014-08-12 12:06:13 +01:00
Bill Burke
7c97e02715 X-Frame-Options, Content-Security-Policy 2014-08-11 17:45:01 -04:00
Stian Thorgersen
3f83538fc1 Merge pull request #612 from stianst/master
KEYCLOAK-616 Not require registration to add a new social user
2014-08-11 15:35:54 +01:00
Stian Thorgersen
3040f4e89f KEYCLOAK-616 Not require registration to add a new social user 2014-08-11 15:34:57 +01:00
mposolda
8ba7559cac Fix transaction handling in KeycloakModelUtils.runJobInTransaction. Start sync tasks for configured federation providers at startup 2014-08-11 13:51:44 +02:00
mposolda
d699404ce7 Support for periodic users sync 2014-08-10 23:23:50 +02:00
mposolda
5cb6c4e77c Improve TimerSPI to support cancelling of previously scheduled tasks 2014-08-10 23:17:39 +02:00
Bill Burke
48f7efc97f @NoCache where appropriate 2014-08-10 12:28:43 -04:00
Bill Burke
9aa6b4cbfa optimize imports 2014-08-10 12:17:45 -04:00
Bill Burke
dc4e8603d7 change logout behavior 2014-08-08 18:33:37 -04:00
Bill Burke
32a19563a5 KEYCLOAK-547 2014-08-06 19:15:52 -04:00
Bill Burke
aff32f69bb version 2014-08-06 15:44:50 -04:00
Bill Burke
e04af84ac0 bump version 2014-08-06 09:00:23 -04:00
Bill Burke
905061e2b7 bump version 2014-08-05 20:52:50 -04:00
Bill Burke
5b5fea347a improved oauth login/grant 2014-08-05 19:36:19 -04:00
Bill Burke
19e1ddff1d logging 2014-08-05 16:04:13 -04:00
Bill Burke
ea0ceeb65d Merge pull request #589 from patriot1burke/master
app full scope
2014-08-04 16:26:51 -04:00
Bill Burke
a497c69758 relative logout 2014-08-04 16:17:35 -04:00
Bill Burke
731d75c756 app full scope by default 2014-08-04 16:04:10 -04:00
mposolda
5edb84ccfb Ensure that displayName is persisted. Add 'user' to ActiveDirectory classes 2014-08-04 16:42:48 +02:00
Bill Burke
60a564dcfd fix fed example 2014-08-03 10:53:37 -04:00
Bill Burke
101a72cd65 remove AuthenticationProvider/Link 2014-08-01 18:03:48 -04:00
Bill Burke
d1c5c55a61 switch to a get 2014-08-01 13:28:17 -04:00
Bill Burke
bdc31d9459 Merge remote-tracking branch 'upstream/master' 2014-08-01 13:18:46 -04:00
Bill Burke
f08c42a37e token validation 2014-08-01 13:18:32 -04:00
Stian Thorgersen
6cbeeb1b1a KEYCLOAK-591 Require SSL for all external requests by default 2014-08-01 13:52:04 +01:00
Bill Burke
705da88daa fix cache setup 2014-07-31 14:05:23 -04:00
Bill Burke
94c06f3f5d fed ui 2014-07-31 13:13:48 -04:00
Bill Burke
b72a7db6fe federation display name 2014-07-31 10:51:04 -04:00
Bill Burke
d0dc75c06f federation ui 2014-07-30 22:52:39 -04:00
Stian Thorgersen
fa01d53f9e KEYCLOAK-545 Stop NPE if no client_secret is specified or bearer-only application is used for grants/access 2014-07-30 16:41:07 +01:00
Stian Thorgersen
50bc53d673 KEYCLOAK-562 Cache theme instances 2014-07-30 16:06:08 +01:00
Stian Thorgersen
fcc4781e3a Updated admin endpoints and console to use oauth client name/clientId to retrieve a oauth client 2014-07-30 14:10:25 +01:00
Stian Thorgersen
614c718304 KEYCLOAK-581 Add login_hint query param to login 2014-07-30 13:43:46 +01:00
Stian Thorgersen
02a59812e6 Added ClientSessionModel to UserSessionProvider 2014-07-29 16:10:41 +01:00
Stian Thorgersen
7f4849e165 Merge pull request #560 from stianst/demo-non-localhost
KEYCLOAK-579 Use relative urls in examples
2014-07-28 10:48:30 +01:00
Stian Thorgersen
628c7dd92a KEYCLOAK-579 Use relative urls in examples 2014-07-28 10:41:21 +01:00
Bill Burke
3bb0842eae federation iteration 2 2014-07-25 21:05:45 -04:00
Stian Thorgersen
614bee3061 KEYCLOAK-570 Add use-resource-role-mappings to WildFly installation 2014-07-25 11:53:10 +01:00
Bill Burke
1b14444eba rename FederationProvider to UserFederationProvider 2014-07-24 11:11:21 -04:00
Stian Thorgersen
511cc483cb Moved audit/tests and model/tests to testsuite 2014-07-24 13:49:15 +01:00
Bill Burke
43d08f2d05 federation iteration 1 complete 2014-07-23 17:05:49 -04:00
Bill Burke
171e9b1ce9 Merge remote-tracking branch 'upstream/master' 2014-07-23 15:10:48 -04:00
Bill Burke
eec582e704 merge 2014-07-23 15:10:36 -04:00
Stian Thorgersen
d6f5bf6cde Moved rememberMe, usernameUsed fields from AccessCode to UserSessions. Change AccessCode to have a single action instead of a list of required actions, also used action for codes that needs user to grant permissions first. Finally removed expiration time on access code and use timestamp directly 2014-07-23 15:58:09 +01:00
Bill Burke
f1d72d0b6d fed 2 2014-07-23 10:42:18 -04:00
Bill Burke
148d494905 federation iteration 2014-07-23 10:21:25 -04:00
Stian Thorgersen
b196d0dded Remove access token from access code, and create token when code is exchanged for token 2014-07-22 09:37:21 +01:00
Bill Burke
f275ecf6d5 cache settings 2014-07-18 11:30:10 -04:00
mposolda
3dff4afe83 Export/import improvements and fixes 2014-07-17 21:31:33 +02:00
Stian Thorgersen
c21be01e97 Merge pull request #529 from stianst/master
KEYCLOAK-435 Added pagination support for users
2014-07-16 18:04:36 +01:00
Stian Thorgersen
72d240a57e KEYCLOAK-435 Added pagination support for users 2014-07-16 17:54:11 +01:00
Bill Burke
8fbfba907b Merge remote-tracking branch 'upstream/master' 2014-07-16 12:05:31 -04:00
Bill Burke
f342a8c7a3 move credential validation to UserProvider 2014-07-16 12:05:15 -04:00
Stian Thorgersen
e0ec121012 KEYCLOAK-559 If session iframe is enabled, check this before doing a login if onload is check-sso 2014-07-16 10:47:42 +01:00
Bill Burke
a5593469ae rename ModelProvider->RealmProvider 2014-07-15 15:44:50 -04:00
Bill Burke
484a4c1454 user provider refactor complete 2014-07-15 15:25:06 -04:00
Bill Burke
ff86bdc35f userprovider split 2014-07-15 12:11:12 -04:00
mposolda
c14840a4c0 More cleanup after rebase 2014-07-15 14:44:38 +02:00
mposolda
24a492ffe0 Export/import refactoring to use same representation as admin endpoints 2014-07-15 05:35:24 +02:00
Bill Burke
d2c27daa16 changes 2014-07-14 11:31:25 -04:00
Stian Thorgersen
3f68180ee7 KEYCLOAK-512 Pagination support for sessions 2014-07-14 11:49:59 +01:00
Stian Thorgersen
d625fb014c Added JPA connection provider and added basic support for multiple transactions to KeycloakSession 2014-07-14 10:10:03 +01:00
Bill Burke
626cecba95 enlist 2014-07-11 19:43:37 -04:00
Bill Burke
5f5316fbdc session transaction 2014-07-11 19:29:11 -04:00
Stian Thorgersen
86671a2354 Started UserSessionProvider 2014-07-10 16:48:25 +01:00
Stian Thorgersen
7491b1c369 KEYCLOAK-553 Added minified keycloak.js 2014-07-09 12:23:29 +01:00
Stian Thorgersen
ad6d52cb0f Removed model methods from KeycloakSession 2014-07-08 15:27:42 +01:00
Stian Thorgersen
8dc293f629 Removed removeAllData from model 2014-07-08 15:27:42 +01:00
Stian Thorgersen
621cae61b6 Added hybrid model provider with jpa stores 2014-07-08 12:04:09 +01:00
mposolda
ffc30b4c03 Changes in representations - adding role mappings under user representation 2014-07-07 22:48:53 +02:00
Stian Thorgersen
38857cf2e6 Remove notBefore from users 2014-07-07 16:23:53 +01:00
Stian Thorgersen
099743d448 Rename loginName to username 2014-07-07 15:56:21 +01:00
Stian Thorgersen
270d6108ca KEYCLOAK-501 Check if old session for browser exists and delete before creating a new 2014-06-27 12:55:33 +01:00
Stian Thorgersen
26eac398e0 KEYCLOAK-541 Create session after resetting password through email 2014-06-27 12:20:32 +01:00
Stian Thorgersen
34a1923d18 Refactor to prepar for splitting model 2014-06-27 09:39:06 +01:00
mposolda
b1cfab34fd Support for test of LDAP connection and authentication 2014-06-24 10:03:14 +02:00
mposolda
aea4fd8e30 Upgrade to picketlink 2.6.0.CR5. Support for sync whole UserModel into AuthenticationProvider 2014-06-23 15:29:00 +02:00
Stian Thorgersen
d73d2e0788 Started test tools module 2014-06-23 11:37:03 +01:00
Bill Burke
d21a19925b stateless access codes 2014-06-20 10:37:27 -04:00
Stian Thorgersen
df2305eb02 Bumped version to 1.0-beta-4-SNAPSHOT 2014-06-19 10:19:10 +01:00
mposolda
5d8c803da6 Remove duplicite dependency declarations to remove maven warnings 2014-06-18 10:31:56 +02:00
Stian Thorgersen
469d044254 KEYCLOAK-532 2014-06-17 14:07:07 +01:00
Bill Burke
1eafb01c8d keycloak-521 2014-06-16 11:59:27 -04:00
Bill Burke
cbea141a54 cache impl 2014-06-13 17:17:45 -04:00
Bill Burke
2ae2067841 refactor for caching again 2014-06-12 11:11:14 -04:00
Bill Burke
0dd06e3343 model refactor for caching 2014-06-10 18:50:08 -04:00
Bill Burke
2f3c8bf079 cache refactor 2014-06-06 15:12:58 -04:00
Stian Thorgersen
5f6687ec62 KEYCLOAK-244 Social should be stateless 2014-06-05 10:09:17 +01:00
Bill Burke
9410adf9ce fix deadlocks 2014-06-02 21:33:43 -04:00
Bill Burke
d5b34a0b41 bump version again 2014-06-02 13:12:04 -04:00
Bill Burke
0fcf80dd6e bump version 2014-06-02 12:21:58 -04:00
Stian Thorgersen
5dafad71ac Set cache-control on static resources from themes 2014-05-30 16:59:25 +01:00
Stian Thorgersen
2025d314ec Bump version to 1.0.beta2-SNAPSHOT 2014-05-30 08:52:03 +01:00
Bill Burke
2ae3775841 bump version 2014-05-29 12:12:33 -04:00
Stian Thorgersen
24ac6cbbac Fix themes displayed multiple times in admin console 2014-05-29 10:28:05 +01:00
Stian Thorgersen
dd30a35e1e Disable session iframe in Corodova 2014-05-28 17:29:13 +01:00
Stian Thorgersen
9261c1608f Fix missing @Path in admin console 2014-05-27 13:40:32 +01:00
Bill Burke
3545ac130b jax-doclet 2014-05-26 20:50:42 -04:00
Bill Burke
199c786e22 jaxrs-doclet support 2014-05-26 20:41:33 -04:00
Bill Burke
1f8b2d4c7b stuff 2014-05-26 12:49:56 -04:00
Bill Burke
ab2932f75e effective roles to oauth 2014-05-23 19:01:09 -04:00
Bill Burke
e4232c73c6 admin rest api example 2014-05-23 18:20:55 -04:00
Bill Burke
54cc095ff5 admin cors support 2014-05-23 16:02:14 -04:00
Bill Burke
236f3ab768 admin cors 2014-05-23 09:37:07 -04:00
Stian Thorgersen
37099f3177 KEYCLOAK-494
Session state iframe uses first redirect uri for a client
2014-05-22 17:51:51 +01:00
Bill Burke
0d9e14d4c7 Merge remote-tracking branch 'upstream/master' 2014-05-21 10:56:21 -04:00
Stian Thorgersen
73f59417bd Remove index.html from redirect on '/auth/admin/' 2014-05-21 12:47:07 +01:00
Stian Thorgersen
6814230193 Fix NPE in account service 2014-05-21 12:13:00 +01:00
Stian Thorgersen
d68131ac00 KEYCLOAK-475
Log is shown in menu when audit is disabled for realm
2014-05-21 12:05:32 +01:00
Stian Thorgersen
952f098440 KEYCLOAK-483
Remove 'index.html' from console url
2014-05-21 11:16:48 +01:00
Stian Thorgersen
f08477ea66 Run import before creating default realm 2014-05-21 11:16:47 +01:00
Stian Thorgersen
eb47d43497 For installed app urn redirect to a page instead of returning the html, this is to prevent NPE if page is refreshed 2014-05-21 10:32:03 +01:00
Stian Thorgersen
59440840fe Read keycloak-sever.json from <JBOSS_HOME>/standalone/configuration if it exists 2014-05-21 09:35:01 +01:00
Bill Burke
ae3c4e8459 default web origin is redirect uris 2014-05-20 17:40:45 -04:00
Bill Burke
8e79f550b0 Merge remote-tracking branch 'upstream/master' 2014-05-20 16:49:28 -04:00
Bill Burke
0137918701 urn 2014-05-20 16:49:25 -04:00
Bill Burke
79828ddc78 Merge pull request #409 from patriot1burke/master
fix urn redirect uri
2014-05-20 16:15:40 -04:00
Bill Burke
fcca9dd90a fix urn redirect uri 2014-05-20 16:15:13 -04:00
Stian Thorgersen
b09e2f697e Email audit listener 2014-05-20 17:04:17 +01:00
Bill Burke
b3dd349342 check redirect uri exists in token service 2014-05-20 11:38:35 -04:00
Bill Burke
57f0ea0638 Merge remote-tracking branch 'upstream/master' 2014-05-20 09:27:18 -04:00
Bill Burke
f723ac79d1 redirect not required with bearer only 2014-05-20 09:19:04 -04:00
Stian Thorgersen
cc97265c06 Add realm option to enable/disable Resource Owner Password Credentials Grant 2014-05-20 11:32:22 +01:00
Stian Thorgersen
8d1149dc07 Add email theme config for realm 2014-05-20 11:00:43 +01:00
Bill Burke
a53206995a stuff 2014-05-19 15:08:38 -04:00
Bill Burke
11c23a7945 require redirect 2014-05-19 14:44:36 -04:00
Stian Thorgersen
a3d08e7191 Added theme support to emails 2014-05-19 17:34:58 +01:00
Bill Burke
7e8b16f975 acct svc + sessions 2014-05-19 17:34:48 +01:00
Bill Burke
dc7923c436 fix brute shutdown 2014-05-19 10:33:49 -04:00
Bill Burke
c2bf6c3822 Merge remote-tracking branch 'upstream/master' 2014-05-17 14:24:37 -04:00
Bill Burke
ab8de6ba25 client user-session association 2014-05-17 14:24:32 -04:00
Stian Thorgersen
855269f35d Added 'keycloak-server.json' for configuring the server
Added SPI interface to detect SPI's
Converted Model to SPI/Provider to be loaded through ProviderSessionFactory
2014-05-16 17:33:22 +01:00
Stian Thorgersen
a3ed02ea16 Merge pull request #391 from jeroenr/master
CORS improvements and clean up
2014-05-16 16:06:43 +01:00
Jeroen Rosenberg
84f13eadc1 * Possibility to add exposed headers
* Default allow headers
* Fix warnings, unused import, redundancies
2014-05-16 16:39:17 +02:00
Jeroen Rosenberg
cedf43c084 Refactored joining of allowed headers to be more efficient 2014-05-16 14:28:49 +02:00
Jeroen Rosenberg
4c281a39bb Unused import 2014-05-16 14:10:13 +02:00
Jeroen Rosenberg
5533357c46 Added HEAD as default allowed method for Cors 2014-05-16 14:09:50 +02:00
Bill Burke
67e3e60f28 test sso idle, logout on idle 2014-05-15 23:10:14 -04:00
Bill Burke
bc2360e985 sso session idle and max lifespan 2014-05-15 17:25:57 -04:00
Bill Burke
27efd3c0a4 ssoSessionIdleTimeout refactor 2014-05-15 13:53:28 -04:00
Bill Burke
26f6da10dd Merge pull request #385 from patriot1burke/master
Improved role and scope mapping screens
2014-05-14 14:50:52 -04:00
Bill Burke
7ba8e09aef improved scope screen 2014-05-14 14:50:11 -04:00
Stian Thorgersen
7bea4af6c9 Redirect to login page if logged out and submitting forms in acct mngmt 2014-05-14 17:46:30 +01:00
Bill Burke
0e0dfb60e0 composite role mapping listing 2014-05-14 10:37:50 -04:00
Stian Thorgersen
f4f9b1e323 KEYCLOAK-431 View open sessions, and logout all sessions, through account management 2014-05-14 11:56:28 +01:00
Bill Burke
639b7c5610 fix IE problems 2014-05-13 22:33:46 -04:00
Bill Burke
b30809d681 httponly, ie keycloak.js fix 2014-05-13 22:06:32 -04:00
Bill Burke
e8f8829a76 cors example 2014-05-13 17:17:27 -04:00
Bill Burke
ea672e36ae rename realm management app 2014-05-12 19:28:34 -04:00
Bill Burke
1e1991e285 per-realm admin 2014-05-12 10:12:31 -04:00
Bill Burke
1194e40ef2 iframe check login 2014-05-10 11:23:44 -04:00
Stian Thorgersen
624fcf6197 KEYCLOAK-421 Set realm admin apps to bearer-only 2014-05-09 12:03:39 +01:00
Stian Thorgersen
6f0b12174c KEYCLOAK-432 Added user sessions 2014-05-09 11:52:45 +01:00
Bill Burke
d957cc4883 Merge remote-tracking branch 'upstream/master' 2014-05-08 20:03:20 -04:00
Bill Burke
2d949b63b5 keycloak.js login for admin 2014-05-08 19:55:57 -04:00
mposolda
c51011acef KEYCLOAK-354 Possibility for admin to see social links of some user in admin console 2014-05-07 17:28:13 +02:00
mposolda
6b1e0401ba KEYCLOAK-361 it shouldn't be possible to remove last social link if user don't have password 2014-05-07 17:28:13 +02:00
Bruno Oliveira
334b981741 notBefore wasn't being assigned 2014-05-07 08:10:03 -03:00
Bill Burke
5edf05d569 Merge pull request #366 from mposolda/export-import-rebased
Full export-import implemented. Remove dependency of mongo on picketlink...
2014-05-06 21:17:51 -04:00
Bill Burke
f987d331b7 /rest removal and pom fixes 2014-05-06 20:43:01 -04:00
Bill Burke
64f591769a remove /rest from RealmsResource 2014-05-06 20:21:49 -04:00
mposolda
0801c9c120 Full export-import implemented. Remove dependency of mongo on picketlink-common 2014-05-06 22:15:57 +02:00
Stian Thorgersen
1d760388de KEYCLOAK-441 Remove org.json 2014-05-06 12:32:29 +01:00
Bill Burke
e7c64b7812 adatper deployment context fixes, picketlink abstraction 2014-05-05 18:20:52 -04:00
Bill Burke
7ff2c77a82 relative uri tests and fixes 2014-05-02 12:30:08 -04:00
Bill Burke
e5e43173bc relative redirect uris 2014-05-02 10:58:29 -04:00
Bill Burke
2576975988 fix mimetype 2014-04-30 14:25:23 -04:00
Bill Burke
8c5ae9d052 fix mimetype 2014-04-30 14:24:37 -04:00
Stian Thorgersen
38e6bde07e KEYCLOAK-415 Make sure query params are included when navigating in acct mngmt 2014-04-30 11:03:13 +01:00
Stian Thorgersen
9811aaeecc KEYCLOAK-333 Removed use of RestEasy's Logger 2014-04-30 10:13:53 +01:00
Stian Thorgersen
316431c4d1 Ensure role name unique within realm/app 2014-04-30 09:50:29 +01:00
Stian Thorgersen
646e762cbe Ensure user loginName and email unique within realm 2014-04-29 17:15:28 +01:00
Stian Thorgersen
1d94649b96 Ensure application and client names are unique within realm 2014-04-29 12:03:09 +01:00
Stian Thorgersen
364998b34b Enforce that realm name is unique in model 2014-04-29 10:43:27 +01:00
Bill Burke
62f8811a46 Merge remote-tracking branch 'upstream/master'
Conflicts:
	bundled-war-example/src/main/java/org/keycloak/server/KeycloakServerApplication.java
	bundled-war-example/src/main/webapp/WEB-INF/web.xml
2014-04-28 18:04:50 -04:00
Bill Burke
2d1dc4a874 application refactor 2014-04-28 17:34:06 -04:00
Stian Thorgersen
c06009d5fb KEYCLOAK-430 Fix bundled war example 2014-04-28 13:36:34 +01:00
Stian Thorgersen
3d02fd5d0e KEYCLOAK-429 Remove role from composite roles when deleted 2014-04-28 12:55:04 +01:00
Stian Thorgersen
292089cee8 Ensure Realm names are unique 2014-04-25 17:02:03 +01:00
Stian Thorgersen
f64f55a4c6 KEYCLOAK-347 Link realm and realm-permissions application 2014-04-25 15:32:28 +01:00
Stian Thorgersen
b8dfac391a KEYCLOAK-385 Add CORS support to refresh token 2014-04-25 14:09:39 +01:00
Stian Thorgersen
d6e5e376bf Theme support for admin 2014-04-25 13:58:58 +01:00
Bill Burke
541e865fe8 brute force fixes 2014-04-23 17:55:13 -04:00
Bill Burke
54abfb670c brute force settings 2014-04-15 11:37:27 -04:00
Bill Burke
2b8d2288fb more brute force detection 2014-04-14 18:58:45 -04:00
Bill Burke
272806a3f3 app/keycloak self bootstrapping bundle 2014-04-11 13:24:07 -04:00
Bill Burke
cc982cf246 workarounds for resteasy 2.3.7 bugs 2014-04-11 10:33:53 -04:00
Bill Burke
b41c45d40a remove transitive dependencies 2014-04-10 11:29:47 -04:00
Bill Burke
ecaa0d1401 use resteasy 2.3.7 2014-04-10 05:21:07 -04:00
Bill Burke
cdc35d99bc cleanup 2014-04-09 22:34:36 -04:00
Stian Thorgersen
eb3e69d5d7 Updated audit timer 2014-04-09 06:40:15 +01:00
mposolda
5aefe52ccc Refactoring of Authentication SPI and Picketlink to use ProviderSessions
Refactoring of ProviderSessionFactory to support dependencies between components
Calling lifecycle methods
Removing KeycloakRegistry
2014-04-09 00:34:01 +02:00
mposolda
c8c4cfbaae Restructure of authentication module and packages 2014-04-09 00:06:04 +02:00
Stian Thorgersen
7f0cf3eda8 Allow clearing audit events through admin console, and added timer to clear expired events 2014-04-08 11:32:20 +01:00
Stian Thorgersen
8ca46fa35d Audit configurable through admin console 2014-04-07 17:58:52 +01:00
Stian Thorgersen
948960f33f Allow changing base url for Keycloak 2014-04-07 10:54:27 +01:00
mposolda
58083fbb96 Hide password tab in acct management if passwordUpdate not supported 2014-04-04 23:47:12 +02:00
mposolda
ad068a300b Basic support for registration of new users in AuthenticationProvider 2014-04-04 19:53:02 +02:00
Stian Thorgersen
216e24864a Merge branch 'ldap' of https://github.com/mposolda/keycloak into mposolda-ldap
Conflicts:
	admin-ui/src/main/resources/META-INF/resources/admin/js/app.js
	admin-ui/src/main/resources/META-INF/resources/admin/js/controllers/realm.js
2014-04-04 15:29:03 +01:00
Stian Thorgersen
88ddc8ebca Added audit to admin console 2014-04-04 15:16:08 +01:00
mposolda
2aac603fad Added configuration of authentication providers into admin console 2014-04-04 13:20:12 +02:00
Stian Thorgersen
8caf3fa83a Added details to log view in acct mngmt 2014-04-04 11:01:18 +01:00
Stian Thorgersen
3433227fa7 Added audit log to account mngmt 2014-04-03 16:27:31 +01:00
Stian Thorgersen
e6067c915d Added ProviderSession to requests 2014-04-03 16:27:31 +01:00
Bill Burke
126b444d77 brute force merge 2014-04-02 20:26:33 -04:00
Bill Burke
d58870545f brute force protection 2014-04-02 20:09:14 -04:00
Bill Burke
231e8895a5 Merge pull request #309 from vibe13/master
Cleaning of pom.xml files
2014-04-02 11:39:04 -04:00
mposolda
25bf6d63b4 Refactoring of AuthenticationProvider SPI 2014-04-02 17:27:07 +02:00
mposolda
05cd8a82e5 Storing default AuthenticationProvider at the realm creation time 2014-04-02 17:17:33 +02:00
Stian Thorgersen
225307e855 KEYCLOAK-389 Added AuditListener SPI
KEYCLOAK-390 Added JBoss Logging AuditListener
KEYCLOAK-391 Audit Token events
2014-03-31 17:35:14 +01:00
Andrea Vibelli
84f1e1b56e Extraction into properties of maven-compiler-plugin source and target 2014-03-31 11:17:16 +02:00
Andrea Vibelli
37fdc50fb4 Remove warnings about no schema definition in pom.xml files 2014-03-31 10:44:22 +02:00
mposolda
77a44751a6 KEYCLOAK-388 - Auth SPI should be able to differentiate between the INVALID_USERNAME and INVALID_CREDENTIALS 2014-03-26 09:49:47 +01:00
mposolda
ab02dea902 Fixes in AuthenticationProvider. Fixing testsuite 2014-03-25 15:05:08 +01:00
mposolda
793f69d4b6 Authentication SPI. Implementations based on Picketlink+LDAP, model and external model (other realm). Added KeycloakRegistry 2014-03-24 23:11:11 +01:00
Stian Thorgersen
702ae0307e Fixes to account referrer to allow configurable referrer uri based on app redirect uri 2014-03-19 16:52:41 +00:00
Stian Thorgersen
331ab71427 KEYCLOAK-380 Added OAuth2Constants 2014-03-15 10:43:52 +00:00
Stian Thorgersen
f9aaa16cfe KEYCLOAK-378 KEYCLOAK-379 KEYCLOAK-381 Fix refresh token if token contains app roles. Changed long time fields in AccessCode and AccessToken to int 2014-03-15 10:15:10 +00:00
Bill Burke
7763da1273 bump version to beta-1 snapshot 2014-03-13 11:24:38 -04:00
Bill Burke
1c6b867079 bump version 2014-03-13 10:58:22 -04:00
Bill Burke
08769a2daa NPE in create user 2014-03-13 10:56:09 -04:00
Stian Thorgersen
ee5cab04e0 Set next version 2014-03-13 09:10:42 +00:00
Bill Burke
3ff8d0fd1f bump version 2014-03-12 16:48:12 -04:00
Bill Burke
52018b1f81 revoke on logoutAll 2014-03-12 15:57:43 -04:00
Bill Burke
e48cc006f6 Merge remote-tracking branch 'upstream/master' 2014-03-12 10:17:24 -04:00
Bill Burke
accb56be7f user import fix 2014-03-12 10:17:09 -04:00
Stian Thorgersen
a1f10ef54b Merge pull request #285 from stianst/master
Add user friendly username for social links. Show access denied if social login is cancelled
2014-03-12 13:52:28 +00:00
Stian Thorgersen
0214827492 KEYCLOAK-364 Show access denied if social login is cancelled 2014-03-12 09:21:11 +00:00
Stian Thorgersen
6dc156712e KEYCLOAK-359 Add user friendly username for social links 2014-03-12 08:52:47 +00:00
Bill Burke
e836371887 security context propagation 2014-03-11 17:40:53 -04:00
mposolda
3d0d130622 KEYCLOAK-26 Linking social providers to existing account 2014-03-10 11:31:59 +01:00
Bill Burke
2b01de5ecf remove transaction 2014-03-07 08:35:41 -05:00
Bill Burke
dd292c1d52 remove scope support for now part 2 2014-03-06 10:26:46 -05:00
Bill Burke
801ef3281a remove scope support for now 2014-03-06 09:59:27 -05:00
Bill Burke
8f29bf0a5a client type selection 2014-03-06 09:48:52 -05:00
Bill Burke
599faa3cb5 public clients 2014-03-05 20:26:27 -05:00
Stian Thorgersen
60bb05e6ca Added Config to centralize system properties used to configure KC 2014-03-05 15:20:53 +00:00
Stian Thorgersen
0219aa1e4c Added support for any port with http://localhost redirect uri 2014-03-05 12:54:57 +00:00
Bill Burke
d6bd02ea7d session mgmt 2014-03-04 22:25:33 -05:00
Bill Burke
7699dd2701 Merge remote-tracking branch 'upstream/master' 2014-03-04 15:52:40 -05:00
Bill Burke
2d86b29b6c session stats 2014-03-04 15:52:27 -05:00
Stian Thorgersen
77259320cf Fix js for cors requests 2014-03-04 15:27:13 +00:00
Bill Burke
06288fa07b revocation app level 2014-03-03 17:10:15 -05:00
Bill Burke
01154f18dd Merge remote-tracking branch 'upstream/master' 2014-03-03 15:50:21 -05:00
Bill Burke
716972347d revocation 2014-03-03 15:50:10 -05:00
Stian Thorgersen
87aaaf0b06 Started support for installed applications 2014-03-03 12:58:16 +00:00
Bill Burke
8126110312 refactor getRoleById 2014-03-02 20:28:58 -05:00
Bill Burke
c8023c6651 revocation next phase: undertow complete 2014-03-02 17:32:25 -05:00
Bill Burke
7b30cc59b8 revocation phase 1 2014-02-28 19:47:05 -05:00
Bill Burke
0d309d058c add claims to grant page 2014-02-28 10:45:12 -05:00
Bill Burke
11559cba50 public realm info update 2014-02-28 09:52:53 -05:00
Bill Burke
4dc4c56921 fix NPE 2014-02-28 09:19:26 -05:00
Bill Burke
3fc273070e remove clientmodel.agent phase1 2014-02-27 13:55:04 -05:00
Bill Burke
f8da693fd0 move secret to clientmodel 2014-02-27 10:59:47 -05:00
Stian Thorgersen
32b7c464c7 Added create-realm role 2014-02-27 11:07:48 +00:00
Stian Thorgersen
b3375d4279 Fixed permissions not updated when realm is imported 2014-02-27 10:23:27 +00:00
Bill Burke
42d30a5a70 rename scope rep username to client 2014-02-26 22:23:04 -05:00
Bill Burke
48d39bf977 Use ClientModel wherever possible 2014-02-26 22:04:57 -05:00
Bill Burke
c02d532001 refactor model 2014-02-26 19:25:42 -05:00
Bill Burke
0f67feb9dd IDToken setup 2014-02-26 19:04:42 -05:00
Bill Burke
8613452f4f Merge remote-tracking branch 'upstream/master' 2014-02-26 15:29:31 -05:00
Bill Burke
b249809d2e claims backend 2014-02-26 15:29:17 -05:00
Stian Thorgersen
ae1b98e38f Added view roles, including updating console to make forms read-only 2014-02-26 17:38:42 +00:00
Stian Thorgersen
9a73936002 KEYCLOAK-292 Fine-grained admin control 2014-02-25 12:53:36 +00:00
Bill Burke
64065a4573 javascript refresh token 2014-02-24 19:58:54 -05:00
Bill Burke
166e00f2e8 remember me 2014-02-23 11:30:32 -05:00
Bill Burke
01ddafa83a central login timeouts, rememberme framework 2014-02-22 21:52:29 -05:00
Bill Burke
3e88cb3b76 logout 2014-02-22 20:40:06 -05:00
Bill Burke
273e706a42 undertow refresh token support 2014-02-22 17:24:04 -05:00
Bill Burke
0a9b82a6f4 refresh tokens server side 2014-02-21 17:36:39 -05:00
Bill Burke
97dd7470ce rename tokenLifespan to accessTokenLifespan 2014-02-21 12:12:54 -05:00
Bill Burke
e583dc60ae Merge remote-tracking branch 'upstream/master' 2014-02-21 12:02:36 -05:00
Bill Burke
9607acdb6a refactor token creation 2014-02-21 12:02:24 -05:00
Stian Thorgersen
05bd92d765 KEYCLOAK-286 Allow login with username or email. KEYCLOAK-287 Remove recover username as we now support login with email 2014-02-21 15:25:55 +00:00
Bill Burke
9442601e42 rename some classes 2014-02-21 10:16:12 -05:00
Stian Thorgersen
9ce8e16063 KEYCLOAK-284 Subject in token is now user id instead of username 2014-02-21 09:48:43 +00:00
Bill Burke
6794166b58 tokens/access/codes now uses basic auth 2014-02-20 17:19:51 -05:00
Bill Burke
00043423c2 alpha 3 version bump 2014-02-19 23:22:34 -05:00
Bill Burke
27f61a9f86 bump version 2014-02-19 21:01:42 -05:00
Stian Thorgersen
e9750c3d70 KEYCLOAK-298 If admin or accnt mngmt cookies are invalid, the identity cookie was expired by mistake 2014-02-19 11:12:59 +00:00
Stian Thorgersen
325919e24a KEYCLOAK-297 Fixed invalid state param when loggin to admin acct mngmt 2014-02-17 15:14:11 +00:00
Bill Burke
81a90232d6 Merge pull request #213 from patriot1burke/master
oauth client generates secret
2014-02-14 17:46:09 -05:00
Bill Burke
b518fa2f4b oauth client generates secret 2014-02-14 17:45:46 -05:00
Stian Thorgersen
01bb835285 Updated login forms to use Patternfly styles 2014-02-14 17:38:04 +00:00
Bill Burke
0cdd5e857e use secrets 2014-02-13 18:36:41 -05:00
mposolda
b9ff73d61c Moved model unit tests from services to model/tests . Mongo profile in testsuite 2014-02-11 18:26:50 +01:00
mposolda
b3f1032f96 Mongo: Refactoring. All unit tests and testsuite are passing with Mongo. 2014-02-11 18:25:57 +01:00
mposolda
81ff7b0c6d Refactoring Mongo model. All unit tests passing with mongo 2014-02-11 15:23:30 +01:00
Stian Thorgersen
a89a1d524c KEYCLOAK-288 Check if totp setup or email verification is required on social login 2014-02-07 16:13:53 +00:00
Bill Burke
127ee40f23 Merge pull request #194 from patriot1burke/master
composite switch
2014-02-05 10:28:41 -05:00
Bill Burke
cce8814254 composite switch 2014-02-05 10:28:11 -05:00
Stian Thorgersen
722f7c8840 KEYCLOAK-272 Improved user credential management, including option to send user password reset email from admin console 2014-02-05 14:43:48 +00:00
Stian Thorgersen
457853aa28 KEYCLOAK-233 Add referrer query parm to manage app link in admin console to display back to app link 2014-02-05 11:31:18 +00:00
Stian Thorgersen
8b5fbe92d6 Added GitHub provider. Simplified FaceBook provider 2014-02-05 10:55:52 +00:00
Bill Burke
d2ad6349ba remove setComposite 2014-02-04 18:41:36 -05:00
Bill Burke
7c190e40ee fix demo 2014-02-04 12:02:09 -05:00
Bill Burke
4e66a3bf81 Merge remote-tracking branch 'upstream/master' 2014-02-04 10:09:25 -05:00
Bill Burke
92091d9474 composite tests 2014-02-04 10:09:09 -05:00
Stian Thorgersen
4c22a8c92b Renamed login forms provider classes 2014-02-04 14:45:11 +00:00
Stian Thorgersen
97897cab1d KEYCLOAK-15 Customize login and registration forms 2014-02-04 11:45:24 +00:00
Stian Thorgersen
38b7dcdf7d Fixes to persistence.xml for distribution 2014-02-04 11:44:02 +00:00
Bill Burke
8505cc612a composite representations 2014-02-03 17:21:56 -05:00
Bill Burke
e222240282 composite UI 2014-01-31 21:39:54 -05:00
Bill Burke
1543963c9f composite tests 2014-01-30 20:31:44 -05:00
Bill Burke
6a5994c3e2 composite roles 2 2014-01-29 23:28:08 -05:00
Bill Burke
bb5991239b composite roles 2014-01-29 20:19:32 -05:00
Stian Thorgersen
06c3a6ea30 KEYCLOAK-271 Check password policy when recovering password through email 2014-01-24 14:48:58 +00:00
Stian Thorgersen
4cb98a3aa4 Set version to 1.0-alpha-2-SNAPSHOT 2014-01-24 09:34:54 +00:00
Bill Burke
c77a6dfc40 dist 2014-01-22 19:18:00 -05:00
Bill Burke
cbd1e0aad5 error screen 2014-01-21 13:05:56 -05:00
Stian Thorgersen
e92980b776 Simplified check for ssl, since x-forward is sorted by Undertow 2014-01-20 19:31:02 +00:00
Stian Thorgersen
070c0ddba4 Renamed registration to default roles, add default roles to all users when they are created 2014-01-17 10:03:13 +00:00
Stian Thorgersen
c5366f1c81 KEYCLOAK-264 Remove option to enable/disable acct mngmt 2014-01-17 09:30:56 +00:00
Stian Thorgersen
dcfb83b0f2 KEYCLOAK-64 KEYCLOAK-246 Updated social to use update profile required action instead of registration form. Fixed Google provider 2014-01-16 12:52:46 +00:00
Bill Burke
b162190c7f remove cookieLoginAllowed 2014-01-15 20:31:01 -05:00
Bill Burke
894c28c64f role name instead of id 2014-01-15 19:39:21 -05:00
Bill Burke
ed0d33126c use app name instead of id 2014-01-15 16:57:12 -05:00
Bill Burke
6326d5d2b5 auth-server-url and Realm/App name changes 2014-01-15 10:02:56 -05:00
Bill Burke
cb391eb89a finish using realm name instead of id 2014-01-14 16:13:52 -05:00
Bill Burke
2dbd7cfa02 realm name for url param 2014-01-14 13:03:13 -05:00
Bill Burke
4825974edc realm name in url 2014-01-13 23:38:00 -05:00
Bill Burke
62cc002396 constants 2014-01-13 19:42:34 -05:00
Bill Burke
39b61728d6 change uri scheme 2014-01-13 17:07:36 -05:00
Stian Thorgersen
739866de0c KEYCLOAK-255 Added tmp redirect to admin/index.html as work-around to WildFly issue 2014-01-13 11:27:02 +00:00
Stian Thorgersen
6647ddb66e KEYCLOAK-252 Show error page (or 406) if realm requires https and http is used 2014-01-10 17:04:52 +00:00
Stian Thorgersen
0a57ba026b KEYCLOAK-180 Renamed JWT prn to sub 2014-01-10 10:22:58 +00:00
Stian Thorgersen
f14931d234 KEYCLOAK-251 Added installation page for oauth clients to admin console 2014-01-10 10:17:39 +00:00
Bill Burke
a1b7297f25 wildfly deployment structure.xml 2014-01-02 16:24:04 -05:00
Bill Burke
30cb9df307 undertow logout 2013-12-19 18:32:47 -05:00
Bill Burke
834baf0e27 refactor admin actions 2013-12-19 15:22:15 -05:00
Bill Burke
cbf46720c7 installation text 2013-12-17 18:16:17 -05:00
Bill Burke
6380dc3d1b refactor out resteasy from adapters 2013-12-17 12:07:02 -05:00
Bill Burke
d22b6f8df7 factor out jwt/jose/jws 2013-12-16 11:19:46 -05:00
Stian Thorgersen
fbe8c5cdec Added SocialLoader to social core 2013-12-11 14:24:18 +00:00
Stian Thorgersen
00a7d88dee Replaced javax.imageio.spi.ServiceRegistry with java.util.ServiceLoader 2013-12-11 14:24:18 +00:00
mposolda
8e3e99f392 KEYCLOAK-225 NPe after login when 'Verify email' is enabled but SMTP is not configured 2013-12-10 16:30:12 +01:00
mposolda
bec267237a KEYCLOAK-226 Display header To in email message sent from Keycloak 2013-12-10 16:05:13 +01:00
Stian Thorgersen
53e61326c1 Set status code to internal server error on error pages 2013-12-07 16:00:13 +00:00
Stian Thorgersen
145eab98d8 KEYCLOAK-221 Don't require username to recover password 2013-12-07 13:34:31 +00:00
Stian Thorgersen
cd8c8d52e8 KEYCLOAK-217 Add option to recover username 2013-12-07 13:18:06 +00:00
Stian Thorgersen
0dad786b35 KEYCLOAK-220 Fix login to realm with space in id, KEYCLOAK-199 Add account management to admin realm 2013-12-07 11:35:32 +00:00
Stian Thorgersen
43da684a91 KEYCLOAK-218 Show error page if failed to send email 2013-12-07 11:00:45 +00:00
Bill Burke
c63abbdf3e Merge remote-tracking branch 'upstream/master' 2013-12-06 17:28:51 -05:00
Bill Burke
edba13e596 realm upload 2013-12-06 17:28:32 -05:00
Stian Thorgersen
c514e6c152 KEYCLOAK-197 Fix search for users returns users for all realms 2013-12-06 19:22:55 +00:00
Stian Thorgersen
a423c38e42 KEYCLOAK-214 view all users in a realm through admin console 2013-12-06 19:09:03 +00:00
Bill Burke
d86dec6561 version bump to SNAPSHOT 2013-12-06 09:45:08 -05:00
Bill Burke
4909316d59 pom version bump 2013-12-06 08:40:35 -05:00
Stian Thorgersen
493d281dc4 KEYCLOAK-193 Prevent creating multiple apps in a realm with the same name 2013-12-05 13:22:15 +00:00
Stian Thorgersen
f133ecfcf7 KEYCLOAK-192 Set realm id to name if not specified 2013-12-05 13:22:15 +00:00
Stian Thorgersen
eea812dfda KEYCLOAK-190 KEYCLOAK-191 Fixed redirect uri's 2013-12-04 19:04:19 +00:00
Stian Thorgersen
a7b653de28 KEYCLOAK-185 Added cancel button to login form 2013-12-03 15:11:18 +00:00
Stian Thorgersen
7f499b2833 KEYCLOAK-186 Password policies 2013-12-03 12:53:26 +00:00
Stian Thorgersen
85eeb415e1 KEYCLOAK-181
Link back to application from account management pages
2013-11-28 13:48:30 +00:00
Bill Burke
799df520b8 realm import changes 2013-11-27 17:02:12 -05:00
Bill Burke
3a9f9d73c2 Merge remote-tracking branch 'upstream/master' 2013-11-26 15:40:24 -05:00
Bill Burke
f79739f73e oauth client 2013-11-26 15:39:57 -05:00
Stian Thorgersen
c6f4e21b84 KEYCLOAK-153
Realm installation page
2013-11-26 17:28:00 +00:00
Stian Thorgersen
f933ffba3f User search returned users for all realms 2013-11-26 13:53:57 +00:00
Stian Thorgersen
52c7ae057a Delete realm 2013-11-25 15:38:25 +00:00
Stian Thorgersen
fad194fc8f Improved error handling in admin console. Delete roles through admin console. 2013-11-25 13:46:04 +00:00
vrockai
846c094ba2 KEYCLOAK-154 Added UI for user req actions 2013-11-20 16:46:25 +01:00
vrockai
ab7cc63084 KEYCLOAK-156 add new user properties to admin ui 2013-11-20 10:50:05 +01:00
Stian Thorgersen
42d7e430ce Fix adding all roles for an application to token, should be all roles associated with the user for that application 2013-11-18 14:16:37 +00:00
Stian Thorgersen
61e56c4cd8 Fix issue in Firefox if there's a space in the fragment on redirect 2013-11-16 12:29:04 +00:00
Stian Thorgersen
19d4b09626 KEYCLOAK-152 Re-generate realm's key pair 2013-11-16 12:21:15 +00:00
Stian Thorgersen
7a0ff0cb66 KEYCLOAK-159 2013-11-16 10:41:49 +00:00
Stian Thorgersen
219c0efbaf KEYCLOAK-105 2013-11-16 10:13:23 +00:00
Stian Thorgersen
fa710a923b KEYCLOAK-53 2013-11-16 09:14:22 +00:00
Stian Thorgersen
45424e5eba Removed '*' role 2013-11-15 16:38:44 +00:00
Stian Thorgersen
a923f44619 KEYCLOAK-100
UI: Delete User does not work
2013-11-15 16:38:28 +00:00
Stian Thorgersen
66f99d66d8 KEYCLOAK-124 2013-11-15 15:00:57 +00:00
Stian Thorgersen
9e73592381 NPE if trying to update user with no attributes 2013-11-15 15:00:43 +00:00
Stian Thorgersen
158d1740b8 KEYCLOAK-72 and KEYCLOAK-158 2013-11-15 11:03:25 +00:00
vrockai
10516a62ac KEYCLOAK-151 fix for account app lookup 2013-11-15 08:10:43 +01:00
Stian Thorgersen
5c541c5cf0 Fix - KEYCLOAK-99 UI: Users query should support wildcard 2013-11-14 17:38:23 +00:00
Stian Thorgersen
10f48a1bda Change dist to WildFly 1.0.0.Beta1 2013-11-14 16:16:08 +00:00
Stian Thorgersen
794976792a Removed empty include templates from forms, and use templates from theme directly 2013-11-12 15:26:26 +00:00
Stian Thorgersen
5916eaad13 Removed mongo dependencies from services 2013-11-12 15:19:55 +00:00
Stian Thorgersen
2e9a474eac Use service loader to load model provider 2013-11-12 11:49:03 +00:00
Stian Thorgersen
5b19e34f50 Fixed allowed methods for retrieving token with cors 2013-11-11 12:42:55 +00:00
Stian Thorgersen
fd2bfee7d9 Assign default roles to users when they register instead of directly to tokens 2013-11-08 17:51:44 +00:00
Bill Burke
2861ea0e96 nasty merge 2013-11-05 23:12:07 -05:00
Bill Burke
d04ca2c34f jpa backend 2013-11-05 21:26:33 -05:00
Stian Thorgersen
e857f2ed2a Ooops.... 2013-11-05 12:43:11 +00:00
Stian Thorgersen
7bbeddc2a3 Tweaked EmailSender, fixed SSL prop in console + added option for StartTLS 2013-11-05 10:58:33 +00:00
Stian Thorgersen
d083909136 Added support for default application roles. Added authz to account, user (or client if oauth) is required to have role manage-account to manage their account, this is a default role for the Account application. 2013-11-04 17:21:46 +00:00
Stian Thorgersen
c6f43baf0d Allow oauth clients to ask for permission to view user profile, and manage user account 2013-11-03 16:14:15 +00:00
Stian Thorgersen
7f691b463c KEYCLOAK-75 Retrieve user profile 2013-11-03 13:33:22 +00:00
Stian Thorgersen
85220ba054 Clean-up in social core 2013-11-01 16:41:16 +00:00
Stian Thorgersen
2ff46353bc Moved SocialRequestManager from social/core to services 2013-11-01 15:59:33 +00:00
Bill Burke
d6ee6aef9f adapter cors support 2013-10-30 08:28:23 -04:00
Bill Burke
0f03670c06 Merge remote-tracking branch 'upstream/master' 2013-10-25 18:04:35 -04:00
Bill Burke
6e6dccd339 cors token modifications 2013-10-25 18:03:28 -04:00
vrockai
2f9aa14a7d KEYCLOAK-115 fixing message headers 2013-10-25 15:15:53 +01:00
vrockai
508a9a1e6b KEYCLOAK-115 add social provider config page 2013-10-25 15:14:19 +01:00
Stian Thorgersen
45b5f5afd5 Add setting realm.accessCodeLifespanUserAction in admin console 2013-10-25 12:39:25 +01:00
Stian Thorgersen
2bb3753289 Added prompt option to auth/login. If prompt='none' is specified the authentication form or grant forms will not be displayed, instead an error is returned 2013-10-24 10:54:00 +01:00
Stian Thorgersen
3ee6f02068 Fix for KEYCLOAK-116 2013-10-22 14:14:31 +01:00
Stian Thorgersen
bb3a82f932 KEYCLOAK-116
Use social provider settings from realm
2013-10-22 14:05:56 +01:00
Stian Thorgersen
6e3dd959eb KEYCLOAK-114 Use SMTP server settings from realm 2013-10-22 13:47:30 +01:00
Stian Thorgersen
a88dcace3d Added maps for social config and smtp server to realm 2013-10-22 13:47:30 +01:00
Bill Burke
158f85cb7a Merge remote-tracking branch 'upstream/master' 2013-10-21 14:49:56 -04:00
vrockai
f7d6c41304 KEYCLOAK-112 - fixing various forms UI related issues 2013-10-21 18:23:53 +02:00
Stian Thorgersen
115c0bdeca Converted QR servlet into JAX-RS resource 2013-10-21 11:50:29 +01:00
Stian Thorgersen
d79d299073 Made account management an optional feature on a realm, and added login and logout to account management pages 2013-10-19 16:24:58 +01:00
stianst
8de6224501 Merge pull request #78 from vrockai/KEYCLOAK-108
KEYCLOAK-108 add warning alerts to req action forms
2013-10-19 02:09:09 -07:00
Bill Burke
645cfa5beb Merge remote-tracking branch 'upstream/master' 2013-10-18 15:47:49 -04:00
Bill Burke
1d75b50acb cors 2013-10-18 15:47:33 -04:00
Stian Thorgersen
34fe0a751c Added cors support to TokenService.accessCodeToToken 2013-10-18 19:17:11 +01:00
Stian Thorgersen
1c90e16629 Added redirect uris to application 2013-10-18 19:17:11 +01:00
vrockai
89ca52e960 KEYCLOAK-108 add warning alerts to req action forms 2013-10-18 14:45:28 +02:00
Bill Burke
5851430983 Merge pull request #76 from patriot1burke/master
bootstrapping 2
2013-10-17 12:47:55 -07:00
Bill Burke
2a6b6ebef5 stuff 2013-10-17 13:53:46 -04:00
Stian Thorgersen
79c1230a9d Added redirect uris to application 2013-10-17 15:25:06 +01:00
Stian Thorgersen
1d5ef3d541 Added separate service to process required login actions - leaving AccountService for only user account management 2013-10-16 19:49:11 +01:00
Stian Thorgersen
77159861e8 Move required actions into separate service 2013-10-16 18:17:26 +01:00
vrockai
5ec74be39e KEYCLOAK-38 Adding OAuth Grant to forms 2013-10-16 19:04:02 +02:00
Bill Burke
ba082b0d6d Merge remote-tracking branch 'upstream/master' 2013-10-16 08:27:06 -04:00
Bill Burke
13c75c02e1 bootstrap 2013-10-16 08:26:33 -04:00
vrockai
71f3d00e31 KEYCLOAK-107 fix for login form error feedback issues 2013-10-16 14:02:36 +02:00
Bill Burke
fc92ead9be Merge remote-tracking branch 'upstream/master' 2013-10-14 09:59:28 -04:00
Bill Burke
5f7f4aeb30 merge 2013-10-14 09:59:19 -04:00
vrockai
23f2fb9125 KEYCLOAK-84 added totp test and better form feedback 2013-10-14 10:57:24 +02:00
vrockai
a0808ad224 KEYCLOAK-84 add totp remove button functionality 2013-10-14 10:57:24 +02:00
Stian Thorgersen
4af43fb63e Fix path for resources in formflows 2013-10-10 13:03:56 +01:00
mposolda
7b357fbfec Don't use keycloak-model-mongo model by default 2013-10-10 12:38:06 +02:00
mposolda
6ac643c45b Creating MongoDBSessionFactory in KeycloakApplication via reflection to avoid compile-time dependency on mongo module 2013-10-10 10:43:54 +02:00
mposolda
453e1c5cf7 Added ServletContextListener for start of embedded MongoDB at Keycloak deploy. Added PropertiesManager 2013-10-10 10:43:54 +02:00
mposolda
71cd9cffa4 Rebased MongoDB on top of latest master. Divide testsuite into integration and performance submodules 2013-10-10 10:43:54 +02:00
mposolda
ae4bd42ff7 Add support for TOTP in MongoDB 2013-10-10 10:28:36 +02:00
mposolda
86cf090909 Adapt MongoDB impl with latest changes on UserModel and RealmModel. Support for Enums in Converter SPI 2013-10-10 10:28:36 +02:00
mposolda
58d862819a Added performance tests to testsuite to compare Picketlink+JPA+MySQL with Mongo. 2013-10-10 10:28:36 +02:00
mposolda
68ed19f15d Support MongoDB in unit tests. Added parameterized test, so ImportTest and AdapterTest work with both picketlink and mongo 2013-10-10 10:28:35 +02:00
mposolda
4db738689f Mongo: Remove realmAdmins when realm is removed. Refactored Converters to support list of embedded objects 2013-10-10 10:28:35 +02:00
mposolda
be48672ba6 Added system properties to support switch between picketlink and mongo. Support for Mongo data objects without ID or @DBCollection 2013-10-10 10:28:35 +02:00
mposolda
5b8908c822 Added NoSQLQueryBuilder API. Support for persistence of all objects. All unit tests are passing and UI is working with MongoDB 2013-10-10 10:28:35 +02:00
mposolda
815e466d43 Adding TypeConverters. AdapterTest.test1CreateRealm() is passing for MongoDB 2013-10-10 10:28:35 +02:00
mposolda
0acc9e978a Added first version of NoSQL api and MongoDBImpl implementation 2013-10-10 10:28:35 +02:00
Bill Burke
7226a10abc mv admin ui to module 2013-10-09 19:39:56 -04:00
Bill Burke
e730b5a2aa Merge remote-tracking branch 'upstream/master' 2013-10-09 17:28:09 -04:00
Bill Burke
b58b2c760f scope mapping, oauth client 2013-10-09 17:27:45 -04:00
Stian Thorgersen
453834e807 Added utils for testing Keycloak - includes a quick and easy way to start keycloak, a mail server and a google authenticator simulator 2013-10-09 20:36:12 +01:00
Stian Thorgersen
5ccb557f7c KEYCLOAK-88
Reset expiration on AccessCode before sending to application
2013-10-09 17:05:18 +01:00
Bill Burke
a3945c85bc Merge pull request #57 from patriot1burke/master
app password
2013-10-06 15:42:08 -07:00
Bill Burke
7613df71c2 app password 2013-10-06 18:41:35 -04:00
vrockai
b1715c3725 KEYCLOAK-83 add error page 2013-10-03 17:44:05 +02:00
Bill Burke
a4e3431445 model module refactor 2013-10-02 09:54:26 -04:00
stianst
02d5d709ed Merge pull request #49 from vrockai/KEYCLOAK-74_2
KEYCLOAK-74 email verification fixes
2013-10-01 07:06:31 -07:00
vrockai
ee42b74c17 KEYCLOAK-74 email verification fixes 2013-10-01 15:48:46 +02:00
stianst
6071c9a724 Merge pull request #47 from vrockai/KEYCLOAK-74_2
KEYCLOAK-74 Adapting the Forget password forms to original design
2013-10-01 01:28:04 -07:00
vrockai
144f5f9cfd KEYCLOAK-74 Adapting the Forget password forms to original design 2013-09-30 19:10:23 +02:00
Bill Burke
4b24780038 Merge pull request #46 from patriot1burke/master
split up realm settings
2013-09-27 12:59:15 -07:00
Bill Burke
86a2617799 split up realm settings 2013-09-27 15:57:30 -04:00
vrockai
a6bc0ff447 KEYCLOAK-74 SaasServise fix 2013-09-27 16:09:33 +02:00
vrockai
32779d956a KEYCLOAK-74 name to 1st/last name in registration form 2013-09-27 15:55:13 +02:00
Stian Thorgersen
10ea1af8a5 Realm not updated after setting social enabled 2013-09-27 13:09:35 +01:00
Bill Burke
8559e599e1 Merge pull request #42 from patriot1burke/master
application role mappings
2013-09-26 16:43:52 -07:00
Bill Burke
40d9e7b6f7 application role mappings 2013-09-26 19:43:16 -04:00
Bill Burke
f07f4b35ba Merge pull request #41 from patriot1burke/master
application roles
2013-09-26 14:48:12 -07:00
Bill Burke
c8be9e01f8 application roles 2013-09-26 17:47:43 -04:00
Stian Thorgersen
b5a9cfc57e Removed Arquillian Drone and Graphene from testsuite 2013-09-26 14:12:25 +01:00
Bill Burke
2b947bd7f2 Merge pull request #40 from patriot1burke/master
role mappings
2013-09-26 06:08:56 -07:00
Bill Burke
aae3a0ffee role mappings 2013-09-26 09:08:15 -04:00
Bill Burke
195b06616f Merge pull request #38 from patriot1burke/master
role mapping
2013-09-25 07:44:26 -07:00
Bill Burke
27fe017b6c role mapping 2013-09-25 10:43:33 -04:00
Stian Thorgersen
5786087d7b Fix login and register for saas 2013-09-24 12:53:47 +01:00
Stian Thorgersen
85568f80b2 Added forms for login actions + some refactoring to required user actions 2013-09-23 15:26:09 +01:00
Stian Thorgersen
eaeed0b9dd Redirect to next required action if there are multiple actions 2013-09-21 12:51:33 +01:00
Stian Thorgersen
b541679ef3 No need to check if there are more required actions 2013-09-21 12:51:09 +01:00
Stian Thorgersen
d585f2f22f Removed unused import 2013-09-21 12:50:42 +01:00
Stian Thorgersen
72315bb9d7 Improvements to required user actions. Including adding support for required actions to AccessCodeEntry. Added test for temporary password. 2013-09-21 12:21:46 +01:00
Bill Burke
4422d9609b Merge pull request #37 from patriot1burke/master
roles
2013-09-20 17:18:21 -07:00
Bill Burke
fb2c2c91b7 roles 2013-09-20 20:17:27 -04:00
stianst
a6e2f2ef18 Merge pull request #36 from vrockai/KEYCLOAK-60
KEYCLOAK-60 Replace JSF with FreeMarker template engine
2013-09-20 07:39:24 -07:00
Stian Thorgersen
0c76a493b9 Fix ModelTest - forgot to close session and factory 2013-09-20 15:20:34 +01:00
vrockai
b5a4d010ba KEYCLOAK-60 Replace JSF with FreeMarker template engine 2013-09-20 15:15:16 +02:00
Stian Thorgersen
32fcd46e08 Added option on realm to allow reset password via email 2013-09-20 12:53:44 +01:00
Stian Thorgersen
cdce046711 Suppress error warning from GreenMail on stop 2013-09-20 10:48:15 +01:00
Bill Burke
935f6455c0 merge 2013-09-19 17:40:44 -04:00
Bill Burke
e61833aa43 User screens 2013-09-19 17:22:47 -04:00
Stian Thorgersen
27d1a2d547 KEYCLOAK-55 Lost credential logic 2013-09-19 16:58:22 +01:00
Stian Thorgersen
6a8f838d9c KEYCLOAK-52
AccessCode could expire when oauth-client application (OAuth grant flow) is used
2013-09-18 19:44:56 +01:00
Stian Thorgersen
636b197c4c KEYCLOAK-32
Registration verification email
2013-09-18 19:33:18 +01:00
Stian Thorgersen
e5a81653d9 KEYCLOAK-61 Send emails 2013-09-17 13:07:49 +01:00
Stian Thorgersen
6c124a2172 Added required actions to user. Completed flow for user registering when Realm requires TOTP 2013-09-17 11:24:12 +01:00
Bill Burke
1408475ca1 gabriel css files 2013-09-12 09:52:44 -04:00
Bill Burke
bfe9beae72 merge 2013-09-11 09:44:36 -04:00
Bill Burke
b0bbbeaf7f retire Transaction 2013-09-11 09:28:19 -04:00
Bill Burke
b38889f28c Merge remote-tracking branch 'upstream/master' 2013-09-09 08:31:19 -04:00
mposolda
b33b62d1f7 Handle social registration with prefilled info when triggered from oauth-client application 2013-08-26 16:18:46 +02:00
mposolda
dd3c438e00 KEYCLOAK-25 Added flow with user registration with prefilled attributes from social 2013-08-22 18:25:33 +02:00
mposolda
932ed10c17 KEYCLOAK-27 Basic social flow with automatic registration and non-duplicated username 2013-08-22 17:17:33 +02:00
mposolda
b2544dbe8f Added realm option automaticRegistrationAfterSocialLogin to specify whether user is automatically registered after social login or whether he needs to confirm registration data 2013-08-22 17:17:33 +02:00
mposolda
1a374a8d1b Added SocialLink, which represents binding between User and his social username for particular socialProvider 2013-08-22 17:17:33 +02:00
Stian Thorgersen
2bc2126317 Added test for changing password, and a small fix 2013-08-22 12:05:34 +01:00
Stian Thorgersen
de7a185ee0 Started adding totp flow 2013-08-20 17:15:10 +01:00
Stian Thorgersen
17b61ed0c8 Added pages for user account management 2013-08-20 14:28:51 +01:00
Stian Thorgersen
d2621c452e KEYCLOAK-44
Add configuration of TOTP to registration
2013-08-16 15:53:09 +01:00
Bill Burke
73f64bf4ec merge 2013-08-16 08:14:37 -04:00
mposolda
0b9a59950a KEYCLOAK-43 ApplicationAdapter.addScope doesn't add scope into IDM 2013-08-16 13:55:57 +02:00
mposolda
d97a615c81 KEYCLOAK-42 Typo in RealmModel.importRealm causing that bad required credential type could be imported 2013-08-16 13:33:58 +02:00
Stian Thorgersen
a65c8695d7 If registration is not allowed for a realm it should not be possible to login with social login unless the user already exists 2013-08-15 16:34:44 +01:00
Stian Thorgersen
0301094fc9 KEYCLOAK-40 Add default role to realm 2013-08-15 16:19:17 +01:00
Bill Burke
13a93fb776 merged 2013-08-15 09:37:41 -04:00
Stian Thorgersen
54f3f7a922 Added generic type to Transaction class to remove warnings 2013-08-15 13:30:38 +01:00
Stian Thorgersen
5f90150058 Added more messages to resource bundle for forms 2013-08-15 12:16:08 +01:00
Stian Thorgersen
f88097582d Fixed ImportTest after changing credential label 2013-08-15 12:15:22 +01:00
Stian Thorgersen
92235e3b07 Added realm registration 2013-08-15 11:31:10 +01:00
Stian Thorgersen
0ffe1cb354 Renamed sdk-html for forms and added registration form 2013-08-14 12:30:16 +01:00
Stian Thorgersen
a0f0e30348 KEYCLOAK-33
Callback URL for social includes realm name
2013-08-13 16:38:02 +01:00
Bill Burke
38300f3e7f user panels and query 2013-08-12 09:41:55 -04:00
Bill Burke
5b03b56c4a realm progress 2013-08-10 16:01:00 -04:00
Bill Burke
a81d03213d refactor 2013-08-10 12:43:55 -04:00
Bill Burke
993fc5c301 required creds 2013-08-10 08:13:39 -04:00
Bill Burke
3480cb5646 session timeout improvements 2013-08-08 09:53:18 -04:00
Bill Burke
095b4c62fb idle timeout and app create 2013-08-07 21:52:33 -04:00
Bill Burke
df5823f0e8 fix saas login/register 2013-08-07 10:13:01 -04:00
Stian Thorgersen
38900efa40 Renamed SaaSService to SaasService to match class name 2013-08-05 17:16:13 +01:00
Stian Thorgersen
dd65a41e86 Changed SaaSService to use login form from sdk-html instead of its own 2013-08-05 17:14:59 +01:00
Bill Burke
7dd876bcda make easier for softlinks 2013-08-05 09:51:02 -04:00
Bill Burke
fb45fcc5fd nav ui fixes 2013-08-04 19:33:25 -04:00
Bill Burke
d11876f58e resource rest api 2013-08-04 12:57:12 -04:00
Bill Burke
4e61981b69 expand required credentials 2013-08-04 11:48:09 -04:00
Bill Burke
9ff4ef4d64 roles 2013-08-03 22:41:55 -04:00
Bill Burke
ca35971959 Merge remote-tracking branch 'upstream/master' 2013-08-03 12:03:14 -04:00
Bill Burke
d4f8d2dc7a realm creation ui 2013-08-03 12:00:29 -04:00
Bill Burke
8b00fff5ee remove filters 2013-08-02 23:36:25 -04:00
Bill Burke
540385fec5 admin ui login 2013-08-02 22:26:57 -04:00
Stian Thorgersen
5ad087d721 Updated login form 2013-08-02 16:38:07 +01:00
Stian Thorgersen
acd4a4b0d4 Integrated social 2013-08-02 13:06:00 +01:00
Bill Burke
5c9a3a730c upgrade picketlink 2013-08-01 19:16:07 -04:00
Bill Burke
c9ec2bb2c5 picketlink 2.5.0.Beta6 2013-08-01 19:04:39 -04:00
Bill Burke
72d9841baa finish picketlink abstraction 2013-07-31 17:56:17 -04:00
Bill Burke
93f9a34175 abstract Picketlink User/Role 2013-07-31 16:30:39 -04:00
Bill Burke
92c15637b2 refactor out picketlink 2013-07-30 21:44:22 -04:00
Bill Burke
15a947f4ae last oauth 2013-07-29 10:24:15 -04:00
Bill Burke
579aefd310 oauth 2013-07-28 22:34:54 -04:00
Bill Burke
4a40ec71c9 role description 2013-07-28 09:47:26 -04:00
Bill Burke
6fdff819a1 logout 2013-07-27 18:19:23 -04:00
Bill Burke
fa63da7e06 cookie login 2013-07-25 09:47:52 -04:00
Bill Burke
b7d45f9d18 more 2013-07-24 20:35:04 -04:00
Bill Burke
74b121539d better demo 2013-07-22 18:07:00 -04:00
Bill Burke
729d9afac3 demo fixes 2013-07-22 16:34:14 -04:00
Bill Burke
33e9de654b more 2013-07-19 21:33:44 -04:00
Bill Burke
e1fe001a22 demo 2013-07-19 17:59:36 -04:00
Bill Burke
79e6f46183 refactoring for demo setup 2013-07-18 11:44:59 -04:00
Bill Burke
f7b3f2998d refactoring 2013-07-18 10:14:52 -04:00
Bill Burke
5ce263c2b5 further 2013-07-15 09:38:06 -04:00
Bill Burke
1548065b7f more stuff 2013-07-11 17:56:15 -04:00
Bill Burke
1586f461be more 2013-07-05 14:23:16 -04:00
Bill Burke
7a1c825dcb initial 2013-07-02 10:05:33 -04:00