Marek Posolda
d46620569a
KEYCLOAK-12174 WebAuthn: create authenticator, requiredAction and policy for passwordless ( #6649 )
2020-01-29 09:33:45 +01:00
vramik
a2b3747d0e
KEYCLOAK-7014 - Correctly handle null-values in UserAttributes
2020-01-10 12:44:52 +01:00
Tom Billiet
0f8d988d58
[KEYCLOAK-12299] JWKS parsing: fallback to RS256 for RSA keys without alg field
2020-01-09 10:12:34 +01:00
Pedro Igor
709cbfd4b7
[KEYCLOAK-10705] - Return full resource representation when querying policies by id
2020-01-09 10:00:24 +01:00
Pedro Igor
946088d48d
[KEYCLOAK-12109] - Resolving authz discovery url using KeycloakUriBuilder
2019-12-19 14:18:21 +01:00
Douglas Palmer
106e6e15a9
[KEYCLOAK-11859] Added option to always display a client in the accounts console
2019-12-17 17:12:49 -03:00
Douglas Palmer
f9fa5b551d
[KEYCLOAK-5628] Added application endpoint
2019-12-11 13:06:04 -03:00
Pedro Igor
cee884e4a7
[KEYCLOAK-8406] - Remove Drools/Rules Policy
2019-11-22 15:38:51 +01:00
keycloak-bot
76aa199fee
Set version to 9.0.0-SNAPSHOT
2019-11-15 20:43:21 +01:00
AlistairDoswald
4553234f64
KEYCLOAK-11745 Multi-factor authentication ( #6459 )
...
Co-authored-by: Christophe Frattino <christophe.frattino@elca.ch>
Co-authored-by: Francis PEROT <francis.perot@elca.ch>
Co-authored-by: rpo <harture414@gmail.com>
Co-authored-by: mposolda <mposolda@gmail.com>
Co-authored-by: Jan Lieskovsky <jlieskov@redhat.com>
Co-authored-by: Denis <drichtar@redhat.com>
Co-authored-by: Tomas Kyjovsky <tkyjovsk@redhat.com>
2019-11-14 14:45:05 +01:00
Stan Silvert
d439f4181a
KEYCLOAK-6503: Linked Accounts Page
2019-11-14 07:39:43 -03:00
Andrei Arlou
38b48c6dd3
KEYCLOAK-11985 Fix minor warnings in tests module core
2019-11-11 09:39:17 +01:00
Andrei Arlou
5ff0da319a
KEYCLOAK-11983 Use diamond operator for collections in module core
2019-11-11 09:36:03 +01:00
Andrei Arlou
7c295c1d43
KEYCLOAK-11992 Use StandartCharsets.UTF-8 for strings in module core
2019-11-11 09:33:39 +01:00
Andrei Arlou
43c0dd01ec
KEYCLOAK-11984 Remove unused fields and imports from module core
2019-11-11 09:30:58 +01:00
Stian Thorgersen
f14f92ab0b
KEYCLOAK-6073 Make adapters use discovery endpoint for URLs instead of hardcoding ( #6412 )
2019-11-06 10:34:35 +01:00
Stan Silvert
041229f9ca
KEYCLOAK-7429: Linked Accounts REST API
2019-11-05 16:03:21 -05:00
Peter Skopek
d0386dab85
KEYCLOAK-8785 remove k_version endpoint ( #6428 )
2019-11-05 11:35:55 +01:00
Pedro Igor
bb4ff55229
[KEYCLOAK-10868] - Deploy JavaScript code directly to Keycloak server
...
Conflicts:
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/example/authorization/AbstractPhotozExampleAdapterTest.java
(cherry picked from commit 338fe2ae47a1494e786030eb39f908c964ea76c4)
2019-10-22 10:34:24 +02:00
Takashi Norimatsu
7c75546eac
KEYCLOAK-9360 Two factor authentication with W3C Web Authentication - 1st impl phase
...
* KEYCLOAK-9360 Two factor authentication with W3C Web Authentication - 1st impl phase
2019-10-01 15:17:38 +02:00
Pedro Igor
a1d8850373
[KEYCLOAK-7416] - Device Activity
2019-09-05 11:43:27 -03:00
Leon Graser
0ce10a3249
[KEYCLOAK-10653] Manage Consent via the Account API
2019-08-20 06:24:44 -03:00
Takashi Norimatsu
8225157a1c
KEYCLOAK-6768 Signed and Encrypted ID Token Support
2019-08-15 15:57:35 +02:00
keycloak-bot
17e9832dc6
Set version to 8.0.0-SNAPSHOT
2019-07-19 19:05:03 +02:00
Hynek Mlnarik
3d4283fac9
KEYCLOAK-9987 Upgrade to Wildfly17
...
Co-Authored-By: hmlnarik <hmlnarik@redhat.com>
2019-07-16 08:05:46 +02:00
Sven-Torben Janus
c883c11e7e
KEYCLOAK-10158 Use PEM cert as X.509 user identity
...
Allows to use the full PEM encoded X.509 certificate from client cert
authentication as a user identity. Also allows to validate that user's
identity against LDAP in PEM (String and binary format). In addition,
a new custom attribute mapper allows to validate against LDAP when
certificate is stored in DER format (binay, Octet-String).
KEYCLOAK-10158 Allow lookup of certs in binary adn DER format from LDAP
2019-07-08 11:58:26 +02:00
Pedro Igor
0cdd23763c
[KEYCLOAK-10443] - Define a global decision strategy for resource servers
2019-07-02 09:14:37 -03:00
Pedro Igor
fdc0943a92
[KEYCLOAK-8060] - My Resources REST API
2019-06-11 14:23:26 -03:00
Hynek Mlnarik
65326ce16a
KEYCLOAK-9629 Update cookie type
2019-04-24 07:18:41 +01:00
keycloak-bot
49d4e935cb
Set version to 7.0.0-SNAPSHOT
2019-04-17 09:48:07 +01:00
Takashi Norimatsu
9b3e297cd0
KEYCLOAK-9756 PS256 algorithm support for token signing and validation
2019-04-09 20:52:02 +02:00
Pedro Igor
b39cf1c736
[KEYCLOAK-9353] - Final field failing to be set when running quarkus in native mode
2019-04-09 09:49:05 -03:00
Mark Stickel
d5cc18b960
KEYCLOAK-9868 x5t and x5t#S256 JWK parameters
2019-03-27 19:05:57 +01:00
Yaser Abouelenein
404ac1d050
KEYCLOAK-8701 changes needed to include x5c property in jwks
2019-03-15 06:01:15 +01:00
keycloak-bot
e843d84f6e
Set version to 6.0.0-SNAPSHOT
2019-03-06 15:54:08 +01:00
Lars Wilhelmsen
9b1ab0f992
KEYCLOAK-9116: Fixes JWK serialization of ECDSA public key coordinates.
...
Signed-off-by: Lars Wilhelmsen <lars@sral.org>
2019-02-25 09:53:09 -03:00
stianst
e06c705ca8
Set version 5.0.0
2019-02-21 09:35:14 +01:00
Sebastian Laskawiec
ee41a0450f
KEYCLOAK-8349 KEYCLOAK-8659 Use TLS for all tests in the suite
2019-02-08 08:57:48 -02:00
stianst
7c9f15778a
Set version to 4.8.3.Final
2019-01-09 20:39:30 +01:00
stianst
7c4890152c
Set version to 4.8.2
2019-01-03 14:43:22 +01:00
mposolda
061693a8c9
KEYCLOAK-9089 IllegalArgumentException when trying to use ES256 as OIDC access token signature
2018-12-14 21:01:03 +01:00
stianst
b674c0d4d9
Prepare for 4.8.0.Final
2018-12-04 13:54:25 +01:00
mposolda
6db1f60e27
KEYCLOAK-7774 KEYCLOAK-8438 Errors when SSO authenticating to same client multiple times concurrently in more browser tabs
2018-11-21 21:51:32 +01:00
Takashi Norimatsu
0793234c19
KEYCLOAK-8460 Request Object Signature Verification Other Than RS256 ( #5603 )
...
* KEYCLOAK-8460 Request Object Signature Verification Other Than RS256
also support client signed signature verification by refactored token
verification mechanism
* KEYCLOAK-8460 Request Object Signature Verification Other Than RS256
incorporate feedbacks and refactor client public key loading mechanism
* KEYCLOAK-8460 Request Object Signature Verification Other Than RS256
unsigned request object not allowed
* KEYCLOAK-8460 Request Object Signature Verification Other Than RS256
revert to re-support "none"
2018-11-19 14:28:32 +01:00
Thomas Darimont
cf57a1bc4b
KEYCLOAK-1267 Add dedicated SSO timeouts for Remember-Me
...
Previously remember-me sessions where tied to the SSO max session
timeout which could lead to unexpected early session timeouts.
We now allow SSO timeouts to be configured separately for sessions
with enabled remember-me. This enables users to opt-in for longer
session timeouts.
SSO session timeouts for remember-me can now be configured in the
tokens tab in the realm admin console. This new configuration is
optional and will tipically host values larger than the regular
max SSO timeouts. If no value is specified for remember-me timeouts
then the regular max SSO timeouts will be used.
Work based on PR https://github.com/keycloak/keycloak/pull/3161 by
Thomas Darimont <thomas.darimont@gmail.com>
2018-11-15 06:11:22 +01:00
stianst
ecd476fb10
Prepare for 4.7.0.Final
2018-11-14 20:10:59 +01:00
scranen
5880efe775
KEYCLOAK-4342 Make naming consistent
2018-11-06 10:28:06 -02:00
scranen
0c6b20e862
[KEYCLOAK-4342] Make adapter state cookie path configurable
2018-11-06 10:28:06 -02:00
Graser Leon
9ef4c7fffd
KEYCLOAK-8377 Role Attributes
2018-10-24 22:04:28 +02:00
mposolda
c36b577566
KEYCLOAK-8483 Remove application from the aud claim of accessToken and refreshToken
2018-10-23 13:52:09 +02:00
Pedro Igor
6f8f8e6a28
[KEYCLOAK-8449] - Option to automatically map HTTP verbs to scopes when configuring the policy enforcer
2018-10-23 08:40:54 -03:00
vramik
7a96911a83
KEYCLOAK-8300 KEYCLOAK-8301 Wildfly 14 upgrade
...
Co-authored-by: Marek Posolda <mposolda@redhat.com>
2018-10-17 20:01:07 +02:00
stianst
11374a2707
KEYCLOAK-8556 Improvements to profile
2018-10-12 12:26:37 +02:00
Leon Graser
066bef744f
KEYCLOAK-6658 Fine Grain Permissions via Java Client
...
Signed-off-by: Leon Graser <leon.graser@bosch-si.com>
2018-10-11 09:44:57 -03:00
mposolda
5b51c000af
KEYCLOAK-8481 Don't include empty resource_access in access token
2018-10-11 08:04:07 +02:00
mposolda
2a4cee6044
KEYCLOAK-6884 KEYCLOAK-3454 KEYCLOAK-8298 Default 'roles' and 'web-origins' client scopes. Add roles and allowed-origins to the token through protocol mappers
2018-10-04 12:00:38 +02:00
stianst
c3fc9e9815
Set version to 4.6.0.Final-SNAPSHOT
2018-09-26 20:58:41 +02:00
mposolda
3777dc45d0
KEYCLOAK-3058 Support for validation of "aud" in adapters through verify-token-audience configuration switch
2018-09-21 11:17:05 +02:00
mposolda
99a16dcc1f
KEYCLOAK-6638 Support for adding audiences to tokens
2018-09-13 21:40:16 +02:00
stianst
24e60747b6
KEYCLOAK-7560 Refactor token signature SPI PR
...
Also incorporates:
KEYCLOAK-6770 ES256/384/512 providers
KEYCLOAK-4622 Use HS256 for refresh tokens
KEYCLOAK-4623 Use HS256 for client reg tokens
2018-09-11 08:14:10 +02:00
Takashi Norimatsu
5b6036525c
KEYCLOAK-7560 Refactor Token Sign and Verify by Token Signature SPI
2018-09-11 08:14:10 +02:00
stianst
1fb4ca4525
Set version to 4.5.0.Final
2018-09-06 20:08:02 +02:00
Pedro Igor
6a0a1031a1
[KEYCLOAK-7754] - Fixing compat issues with UMA spec in RPT Introspection Provider
2018-09-04 11:41:09 -03:00
Stefan Guilhen
0b95cdacb8
[KEYCLOAK-7885] Add user policy support to the policy API
2018-08-13 22:09:17 -03:00
Pedro Igor
80e5227bcd
[KEYCLOAK-4902] - Refactoring and improvements to processing of authz requests
2018-08-07 10:53:40 -03:00
mposolda
959cd035ba
Set version to 4.3.0.Final-SNAPSHOT
2018-08-01 22:40:05 +02:00
Hynek Mlnarik
f57cc3a9c0
KEYCLOAK-5257 Clarify usage of TokenVerifier
2018-08-01 13:38:31 +02:00
mposolda
a2afe7c205
KEYCLOAK-7977 Release failing due the NPE during swagger2markup-maven-plugin execution
2018-07-31 22:05:34 +02:00
ssilvert@win.redhat.com
0844aa8d68
KEYCLOAK-7857: Fix notifications
2018-07-25 08:59:25 -04:00
Hiroyuki Wada
7c0ca9aad2
KEYCLOAK-6313 Add required action's priority for customizing the execution order
2018-07-23 22:21:04 +02:00
Pedro Igor
8b6979ac18
[KEYCLOAK-7849] - Improvements to RPT upgrade
2018-07-18 16:40:55 -03:00
Pedro Igor
90bfa2bff5
[KEYCLOAK-7781] - More validations to authorization requests
2018-07-13 09:18:05 -03:00
mhajas
5aebc74f8c
KEYCLOAK-7269 Setting more uris for Authorization Resource
2018-07-11 17:48:34 -03:00
mposolda
d0a824dde4
Updating version to 4.2.0.Final-SNAPSHOT
2018-07-05 07:42:48 -04:00
stianst
3c5027de3c
KEYCLOAK-7701 Refactor key providers to support additional algorithms
2018-06-29 14:14:25 +02:00
Takashi Norimatsu
2fb022e501
KEYCLOAK-7688 Offline Session Max for Offline Token
2018-06-26 08:25:06 +02:00
stianst
e1a0e581b9
Update to 4.1.0.Final-SNAPSHOT
2018-06-14 14:22:28 +02:00
Marek Posolda
49407c2e4f
KEYCLOAK-6630 Client scopes initial support ( #5076 )
...
* KEYCLOAK-6630 KEYCLOAK-349 Client Scopes
Co-authored-by: vramik <vramik@redhat.com>
* KEYCLOAK-6630 Change some clientTemplate occurences to clientScope
2018-06-08 15:38:38 +02:00
Pedro Igor
aa128d6c07
Merge pull request #5240 from pedroigor/KEYCLOAK-7353
...
[KEYCLOAK-7353] Support Policy Management in Protection API
2018-06-07 11:05:49 -03:00
Federico M. Facca
5a9bfea419
[KEYCLOAK-7353] Support Policy Management in Protection API
...
See https://issues.jboss.org/browse/KEYCLOAK-7353
2018-06-06 19:36:42 -03:00
Takashi Norimatsu
c586c63533
KEYCLOAK-6771 Holder of Key mechanism
...
OAuth 2.0 Mutual TLS Client Authentication and Certificate Bound Access
Tokens
2018-06-05 08:18:29 +02:00
Stian Thorgersen
dbf5c395b0
Bump version to 4.0.0.Final ( #5224 )
2018-05-24 19:02:30 +02:00
Pedro Igor
1634bef28a
Merge pull request #5194 from pedroigor/KEYCLOAK-7322
...
[KEYCLOAK-7322] - NPE when removing group from representation
2018-05-15 06:05:54 -03:00
Federico M. Facca
5cbe595fe3
This commit implement feature KEYCLOAK-7337
...
* return requester
when returnNames=true
* return requesterName
* return owernName
2018-05-11 21:08:16 +02:00
pedroigor
88f21eae87
[KEYCLOAK-7322] - NPW when removing group from representation
2018-05-08 14:03:33 -03:00
Stian Thorgersen
90e5c7f3eb
Bump version to 4.0.0.Beta3-SNAPSHOT ( #5185 )
2018-05-02 14:32:20 +02:00
pedroigor
035ebc881a
[KEYCLOAK-4903] - Claim Information point Provider SPI and configuration
2018-04-25 10:16:41 -03:00
pedroigor
e813fcd9c8
[KEYCLOAK-4903] - Pushing claims when obtaining a permission ticket
2018-04-24 19:47:28 -03:00
Oskars
3bef6d5066
KEYCLOAK-4538 Configurable clock skew when validating tokens ( #5014 )
...
* [master]: fix type for checkLoginIframeInterval
* [master]: KEYCLOAK-4538 Feature to tolerate a configurable amount of seconds of clock skew when validating tokens
* [master]: KEYCLOAK-4538 Fix unit test scenarios for token clock skew
* [master]: KEYCLOAK-4538 Reverted wildcard imports
* [master]: fix unit test to use longer intervals to make test less fragile.
2018-04-16 11:09:25 +02:00
pedroigor
a939c45d58
[KEYCLOAK-7029] - Configuration of cache policies for cached resources/path
2018-04-03 16:44:27 -03:00
Pedro Igor
5cae1bb134
Merge pull request #5093 from pedroigor/KEYCLOAK-4102
...
[KEYCLOAK-4102] - Support lazy load paths
2018-03-29 09:16:34 -03:00
Bill Burke
f5bacb79c1
review changes
2018-03-28 16:45:52 -04:00
pedroigor
4a425c2674
[KEYCLOAK-4102] - Support lazy loading of paths via policy enforcer config
2018-03-28 09:23:59 -03:00
Bill Burke
ad5f3fefc5
Merge remote-tracking branch 'upstream/master' into kcinit
2018-03-27 16:38:35 -04:00
pedroigor
e9e376419d
[KEYCLOAK-4102] - Removing create-resources configuration option
2018-03-27 09:51:13 -03:00
Pedro Igor
ffeb0420bf
Merge pull request #5079 from pedroigor/KEYCLOAK-6529
...
[KEYCLOAK-6529] - Resource Attributes
2018-03-27 09:30:38 -03:00
stianst
07fea02146
Bump versions to 4.0.0.Beta2-SNAPSHOT
2018-03-26 18:17:38 +02:00
Bill Burke
f000cedcbb
Merge remote-tracking branch 'upstream/master' into kcinit
2018-03-20 16:49:43 -04:00
Áron Bustya
82ba2b1b0d
remove changes from standard OIDC client registration, move constants
2018-03-19 19:31:22 +01:00
Áron Bustya
57f57f5c75
set request object mandatory for client, restrict delivery mode
...
handle new attribute in client representation
add to UI
2018-03-19 19:31:22 +01:00