Grzegorz Grzybek
3c9d3c2c04
[KEYCLOAK-7681] Review pax-web OSGi dependencies
...
Co-Authored-By: Hynek Mlnarik <hmlnarik@redhat.com>
2018-06-22 13:47:20 +02:00
Grzegorz Grzybek
f90e0fc14c
[KEYCLOAK-7425] Correctly import packages of httpclient and http core, fix Karaf feature
2018-06-21 14:28:47 +02:00
Hynek Mlnarik
6b968796ce
KEYCLOAK-7667 Fix namespace handling when decrypting assertion
2018-06-21 13:09:18 +02:00
vramik
2fcfa5cf71
KEYCLOAK-7094 Support redirect to external logout page for saml filter adapter
2018-06-19 13:23:18 +02:00
stianst
e1a0e581b9
Update to 4.1.0.Final-SNAPSHOT
2018-06-14 14:22:28 +02:00
Dennis Bayer
c43d8b3d85
Get role list to update directly from the security context rather than from previously created subject info.
...
Roles within groups must be unpacked added separately in order to contain all roles.
2018-06-13 21:03:30 -03:00
Dennis Bayer
6a2a121d4e
Map group members of authenticated subject into subject info.
...
This commit contains a POC for the issue "Roles get lost after security context was propagated back to wildfly-swarm, if using jwt for authentication" (KEYCLOAK-7309).
2018-06-13 21:03:30 -03:00
Hynek Mlnarik
9dc5709ce7
KEYCLOAK-7593 Setters for httpContext
2018-06-13 16:32:39 +02:00
vramik
5f1f3dff5e
KEYCLOAK-7094 Support redirect to external logout page for elytron adapter
2018-06-13 12:50:38 +02:00
Stefan Guilhen
d897159560
[KEYCLOAK-7598] - Set CIP config when defining paths in policy enforcer config ( #5264 )
2018-06-12 11:24:17 -03:00
Vlasta Ramik
182c975e01
KEYCLOAK-7597 fix logger classes ( #5263 )
2018-06-12 11:02:04 -03:00
Pedro Igor
db60abc604
[KEYCLOAK-7543] - Policy enforcer should not delegate decisions when using UMA ( #5252 )
2018-06-11 08:17:40 -03:00
Lorent Lempereur
f55c93a1e4
Javascript Adapter - Add 'cordovaOptions' to the Typescript definition of KeycloakLoginOptions ( #5250 )
2018-06-11 08:21:04 +02:00
Grzegorz Grzybek
fca6da3a5a
KEYCLOAK-7523 better context path detection in PathBasedKeycloakConfigResolver
2018-06-08 21:32:14 +02:00
Marek Posolda
49407c2e4f
KEYCLOAK-6630 Client scopes initial support ( #5076 )
...
* KEYCLOAK-6630 KEYCLOAK-349 Client Scopes
Co-authored-by: vramik <vramik@redhat.com>
* KEYCLOAK-6630 Change some clientTemplate occurences to clientScope
2018-06-08 15:38:38 +02:00
Pedro Igor
aa128d6c07
Merge pull request #5240 from pedroigor/KEYCLOAK-7353
...
[KEYCLOAK-7353] Support Policy Management in Protection API
2018-06-07 11:05:49 -03:00
Federico M. Facca
5a9bfea419
[KEYCLOAK-7353] Support Policy Management in Protection API
...
See https://issues.jboss.org/browse/KEYCLOAK-7353
2018-06-06 19:36:42 -03:00
Hynek Mlnarik
5a241392cf
KEYCLOAK-7094 Support redirect to external logout page
2018-06-05 14:51:18 +02:00
Pedro Igor
bc665fdbc3
Merge pull request #5195 from suem/bugfix_FilterSessionStore
...
NullPointerException in FilterSessionStore when restoring request
2018-06-01 10:51:28 -03:00
Stian Thorgersen
dbf5c395b0
Bump version to 4.0.0.Final ( #5224 )
2018-05-24 19:02:30 +02:00
Hynek Mlnarik
1e438cdc45
KEYCLOAK-7277 KEYCLOAK-7282 Tomcat 8/Pax Web integration
2018-05-23 13:14:07 +02:00
Hynek Mlnarik
d70859ef1b
KEYCLOAK-7277 KEYCLOAK-7282 Jetty/Pax Web integration
2018-05-23 13:14:07 +02:00
Hynek Mlnarik
cace03c3cc
KEYCLOAK-7279 Camel/Undertow integration
2018-05-23 13:14:07 +02:00
Hynek Mlnarik
b2df872ad4
KEYCLOAK-7278 KEYCLOAK-7280 CXF/Undertow integration
2018-05-23 13:14:07 +02:00
Hynek Mlnarik
dd65c231f9
KEYCLOAK-7277 KEYCLOAK-7282 Undertow/Pax Web integration
2018-05-23 13:14:07 +02:00
Hynek Mlnarik
ae690e0679
KEYCLOAK-5522 Base for Fuse 7 adapter
2018-05-23 13:14:07 +02:00
Pedro Igor
dac5d313b3
Merge pull request #5166 from pedroigor/KEYCLOAK-7021
...
[KEYCLOAK-7021] - keycloak-authz.js and keycloak-authz.d.ts do not work with TypeScript
2018-05-17 17:42:51 -03:00
Pedro Igor
21d139c6c2
Merge pull request #5173 from pedroigor/KEYCLOAK-7148
...
[KEYCLOAK-7148] - Associate sub resources to a parent resource
2018-05-17 16:51:55 -03:00
Lorent Lempereur
27d8afe4a7
Javascript Adapter - Reject 'login' promise when users close their cordova in-app-browser on purpose ( #5000 )
2018-05-09 15:49:38 -07:00
Samuel Ueltschi
3391ec5377
check if content-type is null when restoring request
2018-05-09 12:47:14 +02:00
Lorent Lempereur
f6125a2542
[KEYCLOAK-6655] Javascript Adapter - Allow users to provide cordova-specific options to login and register ( #4998 )
...
* Javascript Adapter - Allow users to pass cordova-specific options (in-app-browser) to the login and register functions
* Javascript Adapter - Allow users to pass cordova-specific options (in-app-browser) to the login and register functions
* [KEYCLOAK-6655] On Android 8, explicit hidden=no fails on in-app-browser load.
2018-05-07 00:26:46 +02:00
pedroigor
7ebcc69cb9
[KEYCLOAK-7148] - Associate sub resources to a parent resource
2018-05-02 13:04:11 -03:00
Stian Thorgersen
90e5c7f3eb
Bump version to 4.0.0.Beta3-SNAPSHOT ( #5185 )
2018-05-02 14:32:20 +02:00
Pedro Igor
e960642399
Merge pull request #5144 from pedroigor/KEYCLOAK-4903
...
[KEYCLOAK-4903] - Pushed Claims
2018-04-26 15:59:13 -03:00
Stan Silvert
35154db50f
KEYCLOAK-7123: l10n dropdowns ( #5170 )
...
* KEYCLOAK-7196: Add kc_locale to keycloak.js
* KEYCLOAK-7123: Localization dropdowns
* Update keycloak-service to latest keycloak.js
2018-04-25 15:04:12 -04:00
pedroigor
b249a48dcf
[KEYCLOAK-7147] - Support obtaining a buffered input stream in HttpFacade.Request
2018-04-25 10:16:41 -03:00
pedroigor
035ebc881a
[KEYCLOAK-4903] - Claim Information point Provider SPI and configuration
2018-04-25 10:16:41 -03:00
Stan Silvert
b6a0303a4c
KEYCLOAK-7196: Add kc_locale to keycloak.js ( #5165 )
...
* KEYCLOAK-7196: Add kc_locale to keycloak.js
* Update keycloak.d.ts
2018-04-23 11:45:32 -04:00
pedroigor
824b900a43
[KEYCLOAK-7021] - keycloak-authz.js and keycloak-authz.d.ts do not work with TypeScript
2018-04-23 08:48:42 -03:00
pedroigor
c3d297dd05
[KEYCLOAK-7162] - Expose WWW-Authenticate Header when using CORS
2018-04-23 08:46:54 +02:00
pedroigor
527d6ca4d8
[KEYCLOAK-6414] - Empty response body with 200 response when using Elytron
2018-04-23 08:46:54 +02:00
Wojciech Trocki
c3c1a0fb4e
Allow to use custom adapter ( #5067 )
...
* Allow to use custom adapter
* fix: improve TypeScript documentation
2018-04-20 09:18:46 +02:00
Pedro Igor
e1f5245145
Merge pull request #5120 from pedroigor/KEYCLOAK-7029
...
[KEYCLOAK-7029] - Configuration of cache policies for cached resources/path
2018-04-05 09:33:23 -03:00
Stian Thorgersen
5514812a4d
KEYCLOAK-7048 Clear token if refresh fails ( #5124 )
2018-04-04 20:12:25 +02:00
pedroigor
a939c45d58
[KEYCLOAK-7029] - Configuration of cache policies for cached resources/path
2018-04-03 16:44:27 -03:00
Bill Burke
0b2fe75828
Merge pull request #5115 from patriot1burke/kcinit-browser
...
KEYCLOAK-7004 KEYCLOAK-7003 KEYCLOAK-6999 KEYCLOAK-7033
2018-04-03 10:31:30 -04:00
pedroigor
5c52da80c6
[KEYCLOAK-7028] - Propagating AuthorizationContext when enforcement-mode is disable for a path
2018-04-02 11:10:43 -03:00
Bill Burke
4078e84fb6
server driven success page
2018-03-31 10:16:44 -04:00
Pedro Igor
5cae1bb134
Merge pull request #5093 from pedroigor/KEYCLOAK-4102
...
[KEYCLOAK-4102] - Support lazy load paths
2018-03-29 09:16:34 -03:00
pedroigor
4a425c2674
[KEYCLOAK-4102] - Support lazy loading of paths via policy enforcer config
2018-03-28 09:23:59 -03:00
Bill Burke
ad5f3fefc5
Merge remote-tracking branch 'upstream/master' into kcinit
2018-03-27 16:38:35 -04:00
pedroigor
e9e376419d
[KEYCLOAK-4102] - Removing create-resources configuration option
2018-03-27 09:51:13 -03:00
sebastienblanc
91135c95ae
KEYCLOAK-6732 : Make Spring Sec Dep optional
2018-03-27 10:59:29 +02:00
stianst
07fea02146
Bump versions to 4.0.0.Beta2-SNAPSHOT
2018-03-26 18:17:38 +02:00
Pedro Igor
593f57fd2c
Merge pull request #5088 from pedroigor/KEYCLOAK-6878
...
[KEYCLOAK-6878] - Always refresh token option not working for invalid tokens
2018-03-26 09:38:05 -03:00
Ryan Dawson
d57fb445eb
adapter for spring boot 2
...
remove built directory
update snapshot version references
refactor out core library to remove duplication
adapter for spring boot 2
remove built directory
update snapshot version references
Revert "merge from upstream"
This reverts commit 88c39a2f23b8f2d4b25360e2b46e683d11b4972b, reversing
changes made to f0811145ceeb8ec609ed66b06067f797e288aa89.
setting correct versions
updating to latest keycloak
arquillian test app for spring boot2
update to 2.0.0.RELEASE
added Rest Customizer
2018-03-22 14:23:55 +01:00
pedroigor
3559c5dc3c
[KEYCLOAK-6878] - Always refresh token option not working for invalid tokens
2018-03-21 10:01:02 -03:00
Bill Burke
f000cedcbb
Merge remote-tracking branch 'upstream/master' into kcinit
2018-03-20 16:49:43 -04:00
Bill Burke
681e3d751e
golang integration
2018-03-20 16:42:35 -04:00
Bill Burke
8926837a3e
tests
2018-03-19 16:47:13 -04:00
Bill Burke
4bba11cd94
kcinit
2018-03-16 12:11:57 -04:00
pedroigor
668b67dcdb
[KEYCLOAK-6623] - Policy enforcer gets confused with similar paths ending with wildcards
2018-03-09 16:38:57 -03:00
Pedro Igor
91bdc4bde2
[KEYCLOAK-3169] - UMA 2.0 ( #4368 )
...
* [KEYCLOAK-3169] - UMA 2.0 Support
* [KEYCLOAK-3169] - Changes to account service and more tests
* [KEYCLOAK-3169] - Code cleanup and tests
* [KEYCLOAK-3169] - Changes to account service and tests
* [KEYCLOAK-3169] - Changes to account service and tests
* [KEYCLOAK-3169] - More tests
* [KEYCLOAK-3169] - Changes to adapter configuration
* [KEYCLOAK-3169] - Reviewing UMA specs and more tests
* [KEYCLOAK-3169] - Reviewing UMA specs and more tests
* [KEYCLOAK-3169] - Changes to UMA Grant Type and refactoring
* [KEYCLOAK-3169] - Refresh tokens for RPT responses and tests
* [KEYCLOAK-3169] - Changes to account my resources and policy enforcers
* [KEYCLOAK-3169] - Realm settings flag to enable/disable user-managed access in account mgmt console
* [KEYCLOAK-3169] - More changes to my resource pages in account mgmt console
* [KEYCLOAK-3169] - Need to enable user-managed on realm to run tests
* [KEYCLOAK-3169] - Removing more UMA 1.0 related code
* [KEYCLOAK-3169] - Only submit requests if ticket exists
* [KEYCLOAK-3169] - Returning UMA 401 response when not authenticated
* [KEYCLOAK-3169] - Removing unused code
* [KEYCLOAK-3169] - Removing unused code
* [KEYCLOAK-3169] - 403 response in case ticket is not created
* [KEYCLOAK-3169] - Fixing AbstractPhotozExampleAdapterTest#testClientRoleRepresentingUserConsent
* [KEYCLOAK-3169] - 403 status code only returned for non-bearer clients
2018-02-28 08:53:10 +01:00
wyvie
f8022a5c2f
[KEYCLOAK-6585] hybrid flow: removed token_type and expires_in paramters from oidc auth response
2018-02-27 15:31:12 +01:00
Hynek Mlnarik
1f20c03afa
KEYCLOAK-6470 Refactor SAML adapter parsers
2018-02-27 09:37:29 +01:00
wyvie
52acd959e0
[KEYCLOAK-6584] removed not-before-policy parameter from authorization response
2018-02-26 17:41:18 +01:00
Hynek Mlnarik
e7cdb8ad54
KEYCLOAK-6473 KEYCLOAK-6472 SAML parser refactor + protocol parsers
2018-02-23 08:16:14 +01:00
stianst
eb326cd1bb
KEYCLOAK-6534 Check for string in receiveMessage in session iframe
2018-02-22 07:02:16 +01:00
stianst
9b63cd35f0
KEYCLOAK-6431
2018-02-13 19:38:46 +01:00
Bill Burke
5d5373454c
Merge pull request #4991 from patriot1burke/challenge-support
...
KEYCLOAK-6355
2018-02-13 09:38:45 -05:00
Bill Burke
a3d6917f20
disable clisso experimental feature
2018-02-12 17:57:05 -05:00
David Festal
f44cda2621
Make the keycloak.js
capable of working with alternate OIDC providers ( #4978 )
...
* Make the `keycloak.js` capable of working with alternate OIDC providers
(provided that they create access_tokens as JWT tokens with `exp` and
`iat` claims).
Also add a `useNonce` option, to allow disabling the `nonce` check
since, in the OIDC specification, `nonce` is optional.
Signed-off-by: David Festal <dfestal@redhat.com>
* Update the `keycloak.ts` with the `useNonce` additional init option.
Signed-off-by: David Festal <dfestal@redhat.com>
* Fix 2 errors in the case `checkSessionIframe` is used
Signed-off-by: David Festal <dfestal@redhat.com>
2018-02-12 11:00:02 +01:00
Bill Burke
d6788a0839
finish
2018-02-10 13:38:39 -05:00
o.pakers
8495a7c05a
[master]: fix type for checkLoginIframeInterval
2018-02-02 08:37:07 +01:00
Martin Kanis
6b8ec0bb82
KEYCLOAK-6154 Exclude common-logging/codec from keycloak-osgi-thirdparty
2018-01-31 21:26:41 +01:00
Takashi Norimatsu
502627f590
KEYCLOAK-5811 Client Authentication by JWS Client Assertion in client secret
2018-01-26 10:59:40 +01:00
Ray DeCampo
a21a94078b
KEYCLOAK-5578: Keycloak JS adapter returns native Promise instances when available.
...
Promise instances are adorned with success() and error() functions to retain backwards compatibility.
2018-01-25 20:42:31 +01:00
stianst
06bb6f00e5
Include Jetty 9.1 in product profile
2018-01-04 09:14:11 +01:00
stianst
0bedbb4dd3
Bump version to 4.0.0.CR1-SNAPSHOT
2017-12-21 15:06:00 +01:00
Hynek Mlnarik
626004e782
KEYCLOAK-6066 Be less strict when handling cookies
2017-12-19 21:39:41 +01:00
sebastienblanc
a96c9d34c9
set auth contraint to true when wildcard is used
2017-12-14 14:00:03 +01:00
vramik
5a8ff72cb6
KEYCLOAK-4641 migrate remaining Adapter tests from old testsuite
2017-12-06 15:12:37 +01:00
stianst
5467d67c91
KEYCLOAK-5945 Strip default ports from urls
2017-12-04 19:56:01 +01:00
mposolda
ff6fcd30d9
KEYCLOAK-4478 OIDC auth response lacks session_state in some cases
2017-12-04 16:13:22 +01:00
Samuel Mendenhall
d69fe27cf9
set error instead of throw
2017-12-04 16:03:47 +01:00
Samuel Mendenhall
ca324c29e8
processInit should return a promise for setupCheckLoginIframe and should only call processCallback if that setupCheckLoginIframe is successful
2017-12-04 16:03:47 +01:00
stianst
37de8e9f69
Bump version to 3.4.2.Final-SNAPSHOT
2017-12-01 09:34:48 +01:00
Domenico Briganti
b72b01bb9d
fix logger class
2017-11-30 10:52:26 +01:00
pedroigor
5f43a6a342
[KEYCLOAK-3629] - Adding confidential-port attribute to wildfly adapter subsystem
2017-11-30 10:39:21 +01:00
pedroigor
6587cfa084
[KEYCLOAK-3629] - Some Adapters do not work with SSL Redirect
2017-11-30 10:39:21 +01:00
stianst
0bd2e63162
KEYCLOAK-5939 Align dependencies with WildFly 11
2017-11-29 20:39:10 +01:00
Pedro Igor
f48509c32c
Merge pull request #4741 from pedroigor/KEYCLOAK-2517
...
[KEYCLOAK-2517] - Doesn't work always refresh token
2017-11-28 20:58:56 -02:00
pedroigor
792ffdf39b
[KEYCLOAK-5925] - Trace-level should log tokens without their signatures
2017-11-28 09:54:57 -02:00
Thomas Kuestermann
bb900f9db8
KEYCLOAK-5753 fixed NPE thrown when using custom RequestMatcher
2017-11-27 09:55:32 +01:00
pedroigor
819a60932e
[KEYCLOAK-2517] - Doesn't work always refresh token
2017-11-24 23:40:29 -02:00
rmartinc
0b3ae30473
Parameter "ui_locales" not redirected to login page in java adapters
2017-11-23 11:18:29 +01:00
David De Vreese
9485a63157
KEYCLOAK-5183 Support for AssertionConsumerServiceUrl in Saml Adapter subsystem
...
Co-Authored-By: Hynek Mlnarik <hmlnarik@redhat.com>
2017-11-20 15:59:47 +01:00
Thomas Recloux
04ad634986
Add configuration for KeycloakAuthenticatedActionsFilter
...
Fixes KEYCLOAK-5227
2017-11-10 10:44:12 +01:00
Bartłomiej Piech
d4b9c3c014
KEYCLOAK-5679
2017-11-10 10:42:26 +01:00
emilienbondu
8b8e694c60
Fix https://issues.jboss.org/browse/KEYCLOAK-5636 NPE
2017-11-09 19:32:27 +01:00
Stian Thorgersen
128ff12f8f
Bump versions
2017-11-09 15:37:21 +01:00
Xiaojian Liu
19eed51582
KEYCLOAK-5352 Basic Auth fails if password contains a ':'
2017-11-09 13:56:02 +01:00
Xiaojian Liu
9ff22f596d
KEYCLOAK-5352 Basic Auth fails if password contains a ':'
2017-11-09 13:56:02 +01:00
Xiaojian Liu
e1af9f133f
KEYCLOAK-5352 Basic Auth fails if password contains a ':'
2017-11-09 13:56:02 +01:00
Pedro Igor
476dd1cef5
[KEYCLOAK-4439] - Fixing saml adapter
2017-11-08 19:01:54 -02:00
Pedro Igor
a8ba3eb7f9
[KEYCLOAK-4439] - Fixing elytron adapter for standalone apps
2017-11-08 14:09:34 -02:00
Paramvir-JIndal
d1468eaa45
[KEYCLOAK-5767]IE9 sometimes using HTTP status code 1223 instead of 204 ( #4628 )
2017-11-07 10:46:13 +01:00
Pedro Igor
d3dee07956
[KEYCLOAK-5763] - Forward credentials when using Elytron Adapter
2017-10-27 12:34:31 -02:00
Pedro Igor
7dd7b6b984
[KEYCLOAK-5726] - Defaults to true in case no required scopes are defined
2017-10-24 10:39:55 -02:00
Pedro Igor
a6e1413d58
[KEYCLOAK-5726] - Support define enforcement mode for scopes on the adapter configuration
2017-10-24 10:39:54 -02:00
Pavel Drozd
20d0fa1b4e
Merge pull request #4528 from RaiSaurabh/test
...
KEYCLOAK-5623: Fix to support the URL handler for the file loading.
2017-10-23 12:52:10 +02:00
saurabhrai
6dd8592434
KEYCLOAK-5623: Updated to code to check the profile configuration to support Jboss Fuse adapter. Read from profile resource.
2017-10-23 14:17:18 +05:30
Gabriel Lavoie
e2f5ac60cf
KEYCLOAK-5499: Use authentication token type rather than token source detection to identify interactive and non-interactive authentications. ( #4488 )
...
- access_token URL parameter wasn't interpreted correctly as a non-interactive authentication.
2017-10-16 09:38:05 +02:00
Sjoerd Cranen
cb43e3d763
KEYCLOAK-5191 Prevent exception in KeycloakAuthenticationFailureHandler ( #4319 )
...
* KEYCLOAK-5191 Don't attempt to send 401 when response is already committed
* KEYCLOAK-5191 Defend against configuration errors by preventing 2xx response after authentication failure
2017-10-16 09:34:58 +02:00
Stian Thorgersen
7774d5c6b8
Revert changes in KEYCLOAK-5621 ( #4539 )
2017-10-06 14:02:34 +02:00
Wojciech Trocki
a6e852495d
Remove bug with login redirect on IOS ( #4514 )
...
* Create wrapper for window.open
* Move function to variable
2017-10-06 06:24:07 +02:00
Bartek Andrzejczak
8c7313f290
Renames realmKey to realmPublicKey for consistency ( #4526 )
2017-10-04 08:29:09 +02:00
Pedro Igor
4c71e2ec17
[KEYCLOAK-4439] - Changes for Wildfly 11.0.0.CR1 ( #4504 )
...
* [KEYCLOAK-4439] - Changes for Wildfly 11.0.0.CR1
* [KEYCLOAK-5463] - Fixing servlet filter when using elytron adapters
2017-09-28 11:46:17 +02:00
jtyrrell-se-jboss
9673ce5541
Update OAuthRequestAuthenticator.java ( #4427 )
...
Removed a check for a 400 error, I was seeing a 403 error, and it wasn't until I rewrote the code to be like what is in line 334 I did not see enough meaningful information to figure out I had a /etc/hosts issue, where I had it locally on my machine, but the remote tomcat instance needed it also.
2017-09-12 08:24:36 +02:00
Bill Burke
2cadf0a260
Merge pull request #4454 from sebastienblanc/KEYCLOAK-3473
...
KEYCLOAK-3473 : add new flag to determine if error response must be sent or not
2017-09-11 18:52:07 -04:00
Bill Burke
9c48da2a78
Merge pull request #4417 from mgmeiner/master
...
KEYCLOAK-5329 async support for tomcat7 and tomcat8
2017-09-11 18:51:20 -04:00
Jasper Siepkes
458c2f2682
Clarify request URI mismatch error message in SAML adapter.
...
Show expected URI and received URI in error message. Also makes the logging behavior of 'handleSamlResponse' the same as 'handleSamlRequest' since that method already shows the expected and received URI.
2017-09-11 19:52:49 +02:00
sebastienblanc
aaac85e541
add new flag to determine if error response must be sent or not
2017-09-05 15:08:17 +02:00
Stian Thorgersen
463661b051
Set version to 3.4.0.CR1-SNAPSHOT
2017-08-28 15:46:22 +02:00
Hynek Mlnarik
794c508b10
KEYCLOAK-4995 Support for distributed SAML logout in cross DC
2017-08-28 13:15:11 +02:00
WITT-AD\Micgme
0a82a6b434
KEYCLOAK-5329 abstracted AuthenticatedActionsValve to allow async support for Tomcat7 and Tomcat8 adapter
2017-08-24 15:54:43 +02:00
Pedro Igor
b4530cfbe9
fixing policy enforcer /*
2017-08-23 13:30:24 -03:00
Pedro Igor
a6dfb4ccdd
[KEYCLOAK-5015] - Support for Elytron capabilities in subsystem
2017-08-22 18:01:19 -03:00
Pedro Igor
d3e559453b
[KEYCLOAK-5015] - Updating Elytron Adapters
2017-08-22 18:01:19 -03:00
Markus Heberling
ef32585f57
create JS source maps ( #4365 )
...
updated minify plugin to 1.7.6
switch minify plugin to use CLOSURE compiler
enable source map generation https://docs.google.com/document/d/1U1RGAehQwRypUTovF1KRlpiOFze0b-_2gc6fAH0KY0k
include source maps in distribution files
2017-08-22 08:10:09 +02:00
Stian Thorgersen
b5ed8961f7
Add title attribute for iframe to suppress accessibility errors ( #4407 )
2017-08-22 08:07:04 +02:00
Bill Burke
61ab6d5b8b
Merge pull request #4303 from jmcshane/master
...
KEYCLOAK-5173 Spring Boot KeycloakRestTemplate support
2017-08-13 12:22:45 -04:00
Bill Burke
02f043d9a6
fix readme file
2017-07-28 16:21:33 -04:00
Bill Burke
852e9274d4
Merge remote-tracking branch 'upstream/master'
2017-07-28 16:15:53 -04:00
Bill Burke
db9b1bcb21
token exchange
2017-07-28 16:15:39 -04:00
Marek Posolda
1b83928652
Merge pull request #4354 from hmlnarik/KEYCLOAK-5241-Tomcat-Adapter-8-x-does-not-work-with-Tomcat-8-5-8
...
KEYCLOAK-5241 Tomcat SAML Adapter (Fix for Tomcat 8.5.8)
2017-07-27 14:27:19 +02:00
Hynek Mlnarik
96bdd32bd0
KEYCLOAK-5241 Tomcat SAML Adapter Tomcat 8.5.8
2017-07-27 10:20:49 +02:00
Hynek Mlnarik
d8b77895db
KEYCLOAK-4788 Fix reversed arguments and String comparison
2017-07-27 08:25:22 +02:00
Marek Posolda
dd6a7b23c3
Merge pull request #4350 from hmlnarik/KEYCLOAK-4446-Failed-to-process-response-when-reject-consent-with-turned-on-encryption
...
KEYCLOAK-4446 Do not encrypt SAML status messages
2017-07-26 15:31:54 +02:00
Hynek Mlnarik
3c537f5f28
KEYCLOAK-4446 Do not encrypt SAML status messages
...
SAML status messages are not encryptable per Chapter 6 of
saml-core-2.0-os.pdf. Only assertions, attributes, base ID and name ID
can be encrypted.
2017-07-26 11:22:56 +02:00
Hynek Mlnarik
8d81a4a2e4
KEYCLOAK-5236
2017-07-26 11:22:05 +02:00
c5403
ec89aab8fb
Refactoring the spring-boot adapter to use the rest template customizer
2017-07-24 11:15:01 -05:00
Thomas Recloux
69fa9de4d8
Fix KEYCLOAK-3471 ClassCastException
2017-07-23 21:49:16 +02:00
Pedro Igor
5456514499
[KEYCLOAK-5015] - Pushing keycloak context to exchange scope
2017-07-19 16:39:38 -03:00
jmcshane
e99b08c6da
Adding a instance of HttpComponentsClientHttpRequestFactory that supports the embedded servlet container auth pattern
2017-07-07 23:48:43 -05:00
Stian Thorgersen
9a9f4137e5
KEYCLOAK-4556 KEYCLOAK-5022 Only cache keycloak.js and iframe if specific version is requested ( #4289 )
2017-07-04 21:18:34 +02:00
Marek Posolda
09ec642543
Merge pull request #4232 from wvdhaute/token-store
...
[KEYCLOAK-5067] Allow refreshable context to have an optional adapter token store
2017-07-03 20:55:26 +02:00
Stian Thorgersen
454c5f4d83
Set version to 3.3.0.CR1-SNAPSHOT
2017-06-30 09:47:11 +02:00
hmlnarik
b4ad69b841
KEYCLOAK-5115 ( #4272 )
2017-06-29 15:50:50 +02:00
Sebastien Blanc
500a21685f
KEYCLOAK-5082 : Add new redirect-rewrite-rule parameters for the adapters ( #4255 )
...
* add rewrite rule config property
* add subsystem support for redirect rewrite
* update deployment unit test
* add license headers
* Optimize rewrite method
2017-06-29 12:50:42 +02:00
Stian Thorgersen
4be0e36306
Merge pull request #4208 from ASzc/KEYCLOAK-4758
...
KEYCLOAK-4758
2017-06-27 11:35:43 +02:00
Stian Thorgersen
b041146a3f
Merge pull request #4200 from guigarage/servlet-config
...
KeycloakConfigResolver config for servlet filter
2017-06-27 10:45:29 +02:00
Stian Thorgersen
cc14c5db23
Merge pull request #4239 from frelibert/KEYCLOAK-4897
...
KEYCLOAK-4897 SAML Adapter fails to validate signature on assertion
2017-06-22 08:45:04 +02:00
Stian Thorgersen
8e36a52f1e
Merge pull request #4227 from sebastienblanc/KEYCLOAK-3492-rebased
...
KEYCLOAK-3492 : Changing request matcher to attempt auth on /sso/login or Auhtorizati…
2017-06-21 08:51:09 +02:00
Stian Thorgersen
9edb5b53c0
Merge pull request #4199 from guigarage/spring-security-annotation
...
Easy Spring security annotation
2017-06-21 08:47:17 +02:00
Frederik Libert
63d2d0f7ed
KEYCLOAK-4897 SAML Adapter fails to validate signature on assertion
2017-06-19 18:26:17 +02:00
Wim Vandenhaute
0e0140d88b
Allow refreshable context to have an optional adapter token store
2017-06-15 15:24:07 +02:00
Hendrik Ebbers
0ac92c4bfa
new line in doc
2017-06-15 13:01:05 +02:00
Hendrik Ebbers
98a5c57e65
Author added
2017-06-15 13:00:24 +02:00
emilienbondu
91585f8563
Changing request matcher to attempt auth on /sso/login or Auhtorization header
...
Add default login URL.
Throwing exception if login fails to enable auth entry point
Adding a test for invalid token and bearer-only
handle redirect correctly
2017-06-14 14:41:35 +02:00
Stian Thorgersen
6cccd66162
Merge pull request #4192 from hokuda/KEYCLOAK-4980
...
KEYCLOAK-4980 SAML adapter should return 403 when unauthenticated Aja…
2017-06-09 04:40:26 +02:00
Hisanobu Okuda
9135ba7c40
KEYCLOAK-4980 SAML adapter should return 401 when unauthenticated Ajax client accesses
2017-06-08 23:36:25 +09:00
Alex Szczuczko
5d88c2b8be
KEYCLOAK-4758 Update Encode class using latest resteasy. Use encodeQueryParamAsIs instead of encodeQueryParam when encoding key=value pairs for URI query sections. Also fix a few callers who were relying on the bad behaviour of queryParam.
2017-06-05 16:24:38 -06:00
Pedro Igor
d69d00082f
[KEYCLOAK-4932] - Improvements to policy enforcer and better spring boot support
2017-06-01 22:55:58 -03:00
Hendrik Ebbers
4d5e03049e
provide a custom KeycloakConfigResolver instance for servlet filter.
2017-06-01 14:35:12 +02:00
Hendrik Ebbers
7d017b4edf
Easy Spring security annotation
2017-06-01 12:05:02 +02:00
Stian Thorgersen
63c237423d
Merge pull request #4098 from ahus1/KEYCLOAK-4814-disable-keycloak-spring-boot-by-configuration
...
KEYCLOAK-4814 disable keycloak spring boot by configuration
2017-05-24 07:12:05 +02:00
Stian Thorgersen
c00a64208a
Merge pull request #4136 from frelibert/KEYCLOAK-4897
...
KEYCLOAK-4897
2017-05-23 14:10:34 +02:00
Stian Thorgersen
cd53486566
Merge pull request #4167 from sebastienblanc/bug-KEYCLOAK-3492
...
Fix https://issues.jboss.org/browse/KEYCLOAK-3492
2017-05-23 13:58:19 +02:00
Stian Thorgersen
178fd08d9a
Merge pull request #4066 from johnament/KEYCLOAK-4765
...
KEYCLOAK-4765 - Add ability to disable Query Parameter parsing.
2017-05-23 13:24:08 +02:00
emilienbondu
3580dea399
Fix https://issues.jboss.org/browse/KEYCLOAK-3492
2017-05-22 10:18:22 +02:00
Pedro Igor
b68494b3f0
[KEYCLOAK-4927] - Authz client incompatible with client definition
2017-05-18 09:57:12 -03:00
Frederik Libert
71f0db0837
KEYCLOAK-4897
...
SAML Adapter fails to validate signature on encrypted assertion.
2017-05-17 15:47:04 +02:00
Marek Posolda
70d7e07526
Merge pull request #4132 from mposolda/cross-dc4-squash
...
KEYCLOAK-4626 KEYCLOAK-4627 Authentication sessions & Action tokens
2017-05-15 12:46:43 +02:00
Bill Burke
789722ec6a
Merge pull request #4137 from pedroigor/master
...
Caching improvements and checking attachments in Elytron adapter
2017-05-12 10:09:44 -04:00
Pedro Igor
aaddb035a8
Checking if attachments are supported by the underlying container
2017-05-12 10:23:37 -03:00
mposolda
168153c6e7
KEYCLOAK-4626 Authentication sessions - SAML, offline tokens, broker logout and other fixes
2017-05-11 22:16:26 +02:00
Stan Silvert
64cd689e38
KEYCLOAK-4822: Change copyright to reflect correct author.
2017-05-10 16:32:05 -04:00
Stan Silvert
2d825dd366
KEYCLOAK-4822: Update to ES6-compatible typings
2017-05-05 15:08:23 -04:00
Stian Thorgersen
e0da7ed6b4
Merge pull request #4074 from sebastienblanc/allow_headers
...
Keycloak-3297 : adding cors-exposed-headers to conf
2017-05-05 12:54:47 +02:00
Marko Strukelj
47ea1ade8a
KEYCLOAK-4037 JS Adapter fails in Cordova mode for iOS apps
2017-05-03 17:05:54 +02:00
Alexander Schwartz
5a8634e359
KEYCLOAK-4814 disable keycloak spring boot by configuration
2017-04-28 09:48:42 +02:00
sebastienblanc
dee4548798
rename the starter and spring-boot-starter
2017-04-27 15:54:44 +02:00
Stian Thorgersen
87dedb56e5
Set version to 3.2.0.CR1-SNAPSHOT
2017-04-27 14:23:03 +02:00
sebastienblanc
0781f3b33d
add shading
...
add new module containing adapters
remove conditional bean
move bundle module
2017-04-27 09:15:36 +02:00
John Ament
b37ed7145c
KEYCLOAK-4765 - Adding support for wildfly subsystem disable query parameter parsing.
2017-04-26 09:42:00 -04:00
Stian Thorgersen
7c2ea4db98
Merge pull request #4080 from hmlnarik/KEYCLOAK-2122-Config-of-AssertionConsumerServiceUrl-in-Saml-Adapter
...
KEYCLOAK-2122 Configuration of AssertionConsumerServiceUrl in SAML adapter
2017-04-26 15:26:50 +02:00
Stian Thorgersen
eedb40bbe0
Merge pull request #4071 from stianst/KEYCLOAK-4784
...
KEYCLOAK-4784 Cannot build project with -Dproduct
2017-04-26 12:51:20 +02:00
Stian Thorgersen
c83e192a6f
KEYCLOAK-4784 Add Jetty 9.3 to product profile
2017-04-26 12:07:47 +02:00
Hynek Mlnarik
d7615d6a68
KEYCLOAK-2122 Configuration of AssertionConsumerServiceUrl in SAML adapter
2017-04-26 11:59:37 +02:00
John Ament
1f98dc5527
KEYCLOAK-4765 - Simplified unit tests.
2017-04-25 20:38:07 -04:00
Pedro Igor
79c9078caa
[KEYCLOAK-4792] - Client credentials provider support and making easier to obtain authz client
2017-04-25 14:51:45 -03:00
emilienbondu
46bc102799
adding cors-exposed-headers to conf
...
add missing field in the BaseAdapterConfig
cleaning for PR & adding unit test
Adding property to subsystem, removing formatting changes
2017-04-25 12:02:17 +02:00
John Ament
cb7cef8858
KEYCLOAK-4765 - Add ability to disable Query Parameter parsing.
2017-04-24 14:42:03 -04:00
Stian Thorgersen
3dbd0d5063
Merge pull request #3838 from ahus1/KEYCLOAK-4208-spring-boot-adapter-roles
...
KEYCLOAK-4208 restructure spring auth config to match servlet spec
2017-04-21 15:34:09 +02:00
Stian Thorgersen
257a973995
KEYCLOAK-4503 Require init with token and refreshToken
2017-04-21 13:39:53 +02:00
Stian Thorgersen
606c385f26
Merge pull request #4057 from stianst/KEYCLOAK-4480
...
KEYCLOAK-4480 Fix re-encoding of query params in keycloak.js after re…
2017-04-21 13:37:44 +02:00
Stian Thorgersen
e6486ab1c1
KEYCLOAK-4480 Fix re-encoding of query params in keycloak.js after redirect
2017-04-21 13:29:46 +02:00
Stian Thorgersen
b45089f5f0
Merge pull request #4033 from sebastienblanc/KEYCLOAK-3818
...
KEYCLOAK-3818 : safer method to retrieve the webcontext for jetty
2017-04-21 11:20:59 +02:00
Pedro Igor
fa1b998802
Merge pull request #4050 from pedroigor/KEYCLOAK-4769
...
[KEYCLOAK-4769] - Policy enforcer path matching tests
2017-04-20 14:02:59 -03:00