Commit graph

13390 commits

Author SHA1 Message Date
Clement Cureau
b102c892fa [KEYCLOAK-14046] Allow finegrain group admins to create users in console
- enable "Create" button and "Save" button in Admin Console Users views (list
and details)

The flag used to enable those button is computed as follow, since there's no computed flag
from backend on "admin user has fine grain admin permission on at least 1 group" :
  == (existing condition) || (feature "finegrain admin" is enabled && access.queryUsers)

If the admin user hasn't the correct permission on the right groups for the new user he's
trying to create, backend will forbid the creation by returning a 403

This change is following PR #7035, which added the Groups field in the User creation form
2021-06-22 18:26:31 -03:00
Vlastimil Elias
458c841c39 [KEYCLOAK-18447] Dynamically select attributes based on requested scopes 2021-06-22 08:54:03 -03:00
Vlastimil Elias
82491ae5d2 KEYCLOAK-17446 - Prefill username in "Forgot Your Password" form if
called from Login form
2021-06-22 08:48:43 -03:00
Vlastimil Elias
b87d764137 [KEYCLOAK-17443] Username and email form fields kept in registration
form when duplicate
2021-06-22 08:46:42 -03:00
rmartinc
b8452374d2 [KEYCLOAK-18473] Add max length to password policy 2021-06-22 10:15:48 +02:00
Hynek Mlnarik
bfb134a6ce KEYCLOAK-18091 Fail session loading when interrupted 2021-06-22 08:50:08 +02:00
Luca Leonardo Scorcia
f5123cb51b KEYCLOAK-17935 SAML Client - Validate InResponseTo attribute 2021-06-21 12:25:18 +02:00
keycloak-bot
13f7831a77 Set version to 15.0.0-SNAPSHOT 2021-06-18 10:42:27 +02:00
Peter Skopek
1c8087baaf KEYCLOAK-17502 Galleon based server build 2021-06-18 09:04:54 +02:00
Pedro Igor
6bb7a8894d [KEYCLOAK-18464] - Failures when running without tls and remote 2021-06-17 14:33:35 +02:00
Lukas Hanusovsky
b1f3e5554c KEYCLOAK-18102 - set specific jpa schema. 2021-06-17 13:02:40 +02:00
Martin Bartoš
333d279d7a KEYCLOAK-18406 SAMLServletAdapterTest failures 2021-06-17 11:30:39 +02:00
Tomas Kyjovsky
6db1c8204a KEYCLOAK-18393 SAMLAdapterCrossDCTest failures 2021-06-16 18:46:38 +02:00
Martin Bartoš
78b6762326 KEYCLOAK-18442 LifespanAdapterTest - duplicate resources 2021-06-15 15:32:59 +02:00
vramik
e3c76035b2 KEYCLOAK-18359 Default role migration is not performed correctly when empty realm id 2021-06-14 20:54:37 +02:00
Davide Setti
74089a51b3 KEYCLOAK-18383 Update Group: don't check siblings if the name doesn't change 2021-06-14 12:58:45 +02:00
Pedro Igor
ef3a0ee06c [KEYCLOAK-17399] - Declarative User Profile and UI
Co-authored-by: Vlastimil Elias <velias@redhat.com>
2021-06-14 11:28:32 +02:00
Michal Hajas
d2a8a95d79 KEYCLOAK-18369 Create MapKeycloakTransaction interface 2021-06-14 08:31:59 +02:00
Martin Bartoš
7ffa2835ef KEYCLOAK-18391 CIBATest failure 2021-06-11 10:36:56 +02:00
Václav Muzikář
9854f21ace KEYCLOAK-18332 Client Scopes are reset to realm's default when Client is updated 2021-06-11 07:41:18 +02:00
Yoshiyuki Tabata
4d1576b96a KEYCLOAK-18328 "access_denied" instead of "interaction_required" should
be returned when a user cancels the login
2021-06-10 11:16:50 +02:00
Pedro Igor
7d64637438 [KEYCLOAK-18117] - Unhandled exceptions not releasing worker thread 2021-06-10 10:58:07 +02:00
mposolda
070c68e18a KEYCLOAK-18069 Migration of client policies JSON from Keycloak 13 2021-06-10 10:40:14 +02:00
Douglas Palmer
aac0b6ec5f [KEYCLOAK-17602] Email account verification link is wrongly encoded 2021-06-10 08:34:53 +02:00
Stan Silvert
b152d89e22 KEYCLOAK-18373: Cut and Paste in Groups broken 2021-06-10 08:33:42 +02:00
Martin Bartoš
8ea2551d25 KEYCLOAK-18247 LifespanAdapterTest fails due to validation error on EAP 2021-06-10 07:07:35 +02:00
Martin Bartoš
07d57ca30f KEYCLOAK-17179 IdP mappers with MultiValued property can't be saved 2021-06-10 07:02:21 +02:00
mposolda
91865fa93e KEYCLOAK-18368 Invalidate client session after refresh token re-use 2021-06-09 14:43:29 +02:00
Yoshiyuki Tabata
ead667aaac KEYCLOAK-18378 cannot configure Agroal ExceptionSorter correctly 2021-06-09 08:55:40 -03:00
Yoshiyuki Tabata
c1cf306b92 KEYCLOAK-18364 start-up with kc.bat fails if folder name includes space 2021-06-09 08:54:17 -03:00
Benjamin Weimer
f66354a80e KEYCLOAK-16947 add error parameters to access token response & improve logging 2021-06-07 17:53:30 +02:00
vramik
95bf912dc9 KEYCLOAK-18035 Fix update client with default default scope assigned as optional 2021-06-07 16:22:55 +02:00
Tomas Kyjovsky
b071be7799 KEYCLOAK-18260 ClientSearchTest.testQuerySearch failure on MSSQL2019
- removed Central European characters from the test
2021-06-07 16:20:53 +02:00
Tomas Kyjovsky
80eabcb7eb KEYCLOAK-18249 WelcomePageTest fails on MSSQL 2019
- removed reference to `FK_P56CTINXXB9GSK57FO49F9TAC` from the `DropAllServlet`
2021-06-07 16:18:32 +02:00
vramik
5c007420ef KEYCLOAK-18367 fix compilation failure 2021-06-07 12:50:23 +02:00
Martin Bartoš
4b009ebf5e KEYCLOAK-14540 Determine project/product name 2021-06-07 11:24:29 +02:00
Václav Muzikář
6b365d7c12 KEYCLOAK-18044 Client Policy: UI tests (old Admin Console) 2021-06-07 06:43:35 +02:00
Marek Posolda
7a81dfff7a Update services/src/main/java/org/keycloak/services/clientpolicy/executor/FullScopeDisabledExecutorFactory.java
Co-authored-by: Václav Muzikář <vaclav@muzikari.cz>
2021-06-04 15:46:33 +02:00
mposolda
3d16a1e8d3 KEYCLOAK-16811 Add executor for disable 'Full Scope Allowed' and add it to FAPI profiles 2021-06-04 15:46:33 +02:00
Tomas Kyjovsky
1033b272e8 KEYCLOAK-13757 fix for KEYCLOAK-18267_KEYCLOAK-17254 2021-06-03 13:52:25 +02:00
Tomas Kyjovsky
2802740101 KEYCLOAK-13757 update JDG version to 8.1 - testsuite updates 2021-06-03 13:52:25 +02:00
Jan Lieskovsky
cbd4288205 [KEYCLOAK-17254] Adaptively add the default modular JVM options
to the "javaVmArguments" to start the cache server container with,
if the JVM used to run the cache server is modular (JDK 9+)

Signed-off-by: Jan Lieskovsky <jlieskov@redhat.com>
2021-06-03 10:36:53 +02:00
Jan Lieskovsky
de8dd59d66 [KEYCLOAK-18267] Fix 'java.lang.NoClassDefFoundError: Could not initialize class org.jboss.marshalling.river.RiverMarshaller'
error for:

* org.keycloak.testsuite.crossdc.LastSessionRefreshCrossDCTest and
* org.keycloak.testsuite.crossdc.SessionExpirationCrossDCTest

tests, when running cross-DC tests with JDK 11

Signed-off-by: Jan Lieskovsky <jlieskov@redhat.com>
2021-06-03 10:36:53 +02:00
mposolda
12c47150e7 KEYCLOAK-18337 FAPI1Test fails in pipeline with auth-server-undertow-non-tls 2021-06-03 10:09:40 +02:00
Martin Bartoš
fc40e875b9 KEYCLOAK-14515 ModAuthMellonTest fails 2021-06-02 18:01:08 +02:00
vramik
0959475099 KEYCLOAK-18305 revisit tests - authz disabled 2021-06-02 14:26:22 +02:00
Douglas Palmer
986b69c03f [KEYCLOAK-17405] Session auth time updated when user has not re-authenticated 2021-06-01 19:35:42 +02:00
Miquel Simon
ccad4653d8 KEYCLOAK-18324. Exclude FAPI tests for remote auth server. 2021-06-01 11:47:13 +02:00
Gregor Tudan
628274dee2 KEYCLOAK-16075: always show the register-button during webauthn-registration.
Safari will fail to register if the action has not been triggered by a user gesture.
2021-06-01 10:48:16 +02:00
Gregor Tudan
14407a631c KEYCLOAK-16075: show a button instead of logging in automatically with WebAuthn onLoad.
Safari will fail to use TouchID/FaceID if it is not triggered by an explicit user interaction. There is an open discussion in the WebAuthn-Spec to make this a mandatory behavior and quiet a few other auth-servers have adopted this behavior.
2021-06-01 10:48:16 +02:00