Commit graph

15287 commits

Author SHA1 Message Date
Martin Bartoš
ca019c36e8 KEYCLOAK-17457 Failed OfflineServletsAdapterTest 2021-04-19 16:58:38 -03:00
Michal Hajas
1e2db74d86 KEYCLOAK-16932 Authorization map storage 2021-04-16 17:26:16 +02:00
AlistairDoswald
8b3e77bf81 KEYCLOAK-9992 Support for ARTIFACT binding in server to client communication
Co-authored-by: AlistairDoswald <alistair.doswald@elca.ch>
Co-authored-by: harture <harture414@gmail.com>
Co-authored-by: Michal Hajas <mhajas@redhat.com>
2021-04-16 12:15:59 +02:00
Michal Hajas
64ccbda5d5 KEYCLOAK-17323 Compute token expiration using Time.currentTime() instead of userSession.getStarted() 2021-04-14 12:58:45 +02:00
Martin Bartoš
b237c503ba KEYCLOAK-16913 Fix failed FuseAdapterTest 2021-04-14 09:51:02 +02:00
stianst
a09142c43a KEYCLOAK-17678 Fix getting client scope by name resulting in listing clients 2021-04-12 21:10:38 +02:00
Martin Bartoš
5a9068e732 KEYCLOAK-16401 Deny/Allow access in a conditional context 2021-04-09 12:04:45 +02:00
Alfredo Boullosa
cd342ad571 KEYCLOAK-17620 - Fix ClientClientScopesTest 2021-04-08 15:56:51 +02:00
Alfredo Boullosa
2f0f99c204 KEYCLOAK-17619 - Fix DefaultRolesTest 2021-04-08 12:17:53 +02:00
Michito Okai
d9ebbe4958 KEYCLOAK-17202 Restrict Issuance of Refresh tokens to specific clients 2021-04-08 11:51:25 +02:00
Takashi Norimatsu
8b0b657a8f KEYCLOAK-17682 Client Policy - Executor : remove inner config class for executor without any config 2021-04-08 09:22:16 +02:00
Takashi Norimatsu
3221708499 KEYCLOAK-17667 Client Policy - Executor : Only Accept Confidential Client 2021-04-08 09:17:10 +02:00
Takashi Norimatsu
e9035bb7b3 KEYCLOAK-17681 Client Policy - Executor : Limiting available period of Request Object with its configuration 2021-04-08 09:12:20 +02:00
Daniel Fesenmeyer
a48d04bfe0 KEYCLOAK-16082 save attributes when role is created (with REST POST request)
- add missing mapping code to RoleContainerResource#createRole
- extend ClientRolesTest and RealmRolesTest to check that now the attributes are saved when a role is created
- remove no longer needed code which updated roles because attributes were not saved on creation
2021-04-07 14:08:49 -03:00
Lukas Hanusovsky
e0d660d815 KEYCLOAK-17311 - exclude for Remote testsuite 2021-04-07 13:37:38 +02:00
Lukas Hanusovsky
17b19b2e36 KEYCLOAK-17302 - exclude for Remote testsuite 2021-04-07 13:35:47 +02:00
Takashi Norimatsu
7b227ae47c KEYCLOAK-17666 Client Policy - Executor : Limiting available period of Request Object 2021-04-07 08:36:26 +02:00
Takashi Norimatsu
42dec08f3c
KEYCLOAK-16805 Client Policy : Support New Admin REST API (Implementation) (#7780)
* KEYCLOAK-16805 Client Policy : Support New Admin REST API (Implementation)

* support tests using auth-server-quarkus

* Configuration changes for ClientPolicyExecutorProvider

* Change VALUE of table REALM_ATTRIBUTES to NCLOB

* add author tag

* incorporate all review comments

Co-authored-by: mposolda <mposolda@gmail.com>
2021-04-06 16:31:10 +02:00
vramik
d1ad905407 KEYCLOAK-17640 fix MultiVersionClusterTest.verifyFailureOn* tests 2021-04-06 12:55:26 +02:00
Martin Bartoš
f203e4808d
KEYCLOAK-16898 Locale dropdown is broken in IE11 (#7808) 2021-04-06 10:23:39 +02:00
Miquel Simon
5f551e018d
KEYCLOAK-17310. Disabled test in remote environment. (#7898) 2021-04-06 09:03:04 +02:00
Stan Silvert
ca49840266 KEYCLOAK-17610: WhoAMI doesn't support CORS 2021-03-31 18:51:39 +02:00
Jan Lieskovsky
07ea524433 [KEYCLOAK-17326] Fix:
$ git diff --name-only HEAD^
fatal: ambiguous argument 'HEAD^': unknown revision or path not in the working tree.
Use '--' to separate paths from revisions, like this:
'git <command> [<revision>...] -- [<file>...]'

GHA failure on 'Test Clustering on Wildfly' phase. See e.g. recent:
  https://github.com/keycloak/keycloak/pull/7705/checks?check_run_id=2023996258

Signed-off-by: Jan Lieskovsky <jlieskov@redhat.com>
2021-03-31 17:40:50 +02:00
Jan Lieskovsky
55cd56b636 [KEYCLOAK-17315] Enable run of clustering and Cross-DC tests on Wildfly
within GitHub actions also for changes upgrading Keycloak to next
Wildfly version

Also, update GIT_DIFF evaluation per Hynek's suggestion. Thanks, Hynek!

Signed-off-by: Jan Lieskovsky <jlieskov@redhat.com>
Co-authored-by: Hynek Mlnařík <hmlnarik@users.noreply.github.com>
2021-03-31 17:40:50 +02:00
vramik
185075d373 KEYCLOAK-14552 Realm Map Store 2021-03-31 15:49:03 +02:00
Konstantinos Georgilakis
ec5c256562 KEYCLOAK-5657 Support for transient NameIDPolicy and AllowCreate in SAML IdP 2021-03-31 14:45:39 +02:00
rmartinc
0a0caa07d6 KEYCLOAK-17215 Slowness issue while hitting /auth/admin/realms/$REALM/clients?viewableOnly=true after DELETE a role 2021-03-31 12:57:17 +02:00
vramik
c3b9c66941 KEYCLOAK-17460 invalidate client when assigning scope 2021-03-30 10:58:16 +02:00
sma1212
e10f3b3672
[KEYCLOAK-17484] OIDC Conformance - Authorization response with Hybrid flow does not contain token_type (#7872)
* [KEYCLOAK-17484] fix oidc conformance for hybrid-flow

* [KEYCLOAK-17484] add TokenType & ExpiresIn to OAuth2Constants

* [KEYCLOAK-17484] add request validation for oidc-flows automated tests
2021-03-30 08:59:30 +02:00
devopsix
590ee1b1a2
KEYCLOAK-15459 Fix serialization of locale in admin console's “whoami” (#7397)
call.
2021-03-29 18:37:26 -04:00
Bodo Graumann
0033b7daf7 [KEYCLOAK-17166] Use radio buttons for otp select 2021-03-29 15:46:34 +02:00
Alexandros Trifyllis
a60cb65252 KEYCLOAK-17444 Enlist the EventListenerTransaction with the Keycloak Transaction Manager 2021-03-26 12:47:15 +01:00
Thomas Darimont
7ec6a54e22 KEYCLOAK-17581 Prevent empty group names
Create / Update operations in `GroupResource ` and `GroupsResource#addTopLevelGroup`
did not validate the given group name. This allowed the creation of groups with empty names.

We now prevent the creation of groups with empty names.
2021-03-25 19:10:38 -03:00
Hynek Mlnarik
a36fafe04e KEYCLOAK-17409 Support for amphibian (both component and standalone) provider 2021-03-25 13:28:20 +01:00
Jan Lieskovsky
5fac80b05e [KEYCLOAK-17100] Testsuite Wildfly initialization error on Windows
[KEYCLOAK-17392] Java CLASSPATH is wrongly parsed on Windows

Signed-off-by: Jan Lieskovsky <jlieskov@redhat.com>
Co-Authored-By: Peter Zaoral <pzaoral@redhat.com>
2021-03-25 09:21:34 +01:00
Alfredo Boullosa
e126969f82 Add Retry 2021-03-24 15:15:02 +01:00
Pedro Igor
fca65ac644 Adding a test when custom policies are used 2021-03-24 08:24:43 -03:00
Xiangjiaox
ca81e6ae8c
KEYCLOAK-15015 Extend KeyWrapper to add whole certificate chain in x5c parameter (#7643)
* [KEYCLOAK-15015] - Publishing the x5c for JWK

Co-authored-by: Vetle Bergstad <vetle.bergstad@evry.com>
Co-authored-by: Pedro Igor <pigor.craveiro@gmail.com>
2021-03-23 08:37:50 -03:00
Hynek Mlnarik
17d41c472b KEYCLOAK-17412 Improve control of model tests 2021-03-22 21:56:59 +01:00
cgeorgilakis
18afdea392
KEYCLOAK-16048 SAML Client import - add md:RequestedAttribute as "User Attribute" ProtocolMapper 2021-03-22 21:55:32 +01:00
Phillip Schichtel
f754b34c0c KEYCLOAK-13633 Generalize GenericPrincipalFactory to PrincipleFactory
This allows to replace java.security.acl.Group usage only where necessary while keeping legacy adapter unchanged.

Signed-off-by: Phillip Schichtel <phillip@schich.tel>
2021-03-22 15:40:51 +01:00
Pascal Keßler
52db22925c KEYCLOAK-13633 refactor(tomcat-adapter-spi): change to specific imports instead of star import 2021-03-22 15:40:51 +01:00
Pascal Keßler
b3ee471e11 KEYCLOAK-13633 refactor(tomcat-adapter-spi): remove usage of java.security.acl.Group to make jdk 15 possible
Signed-off-by: Phillip Schichtel <phillip@schich.tel>
2021-03-22 15:40:51 +01:00
Stan Silvert
717d9515fa
KEYCLOAK-16890: Stored XSS attack on new acct console (#7867) 2021-03-22 11:24:12 +01:00
Stan Silvert
3b80eee5bf KEYCLOAK-17033: Reflected XSS attack with referrer in new account
console
2021-03-22 11:22:23 +01:00
Katharina Marzok
6e3dbfcb3d
KEYCLOAK-16660 Fix typo in 'applicationName' 2021-03-22 11:18:10 +01:00
Clement Cureau
0b68f24a09
[KEYCLOAK-14046] Include groups in user creation via Admin Console (#7035)
* [KEYCLOAK-14046] Include groups in user creation via Admin Console

Since the POST /users API now supports providing groups membership, here is the UI
part!

- Added a field in the user creation UI to specify groups the newly created user
will be joining
- Added associated messages in english language

* Added UI integration tests

* Fixed UI tests

* Flatten nested groups in user creation groups searchbox

* Filtering out searched groups

* Removed unused injection

* Fixed UI tests

Co-authored-by: Clement Cureau <clement.cureau@cdiscount.com>
2021-03-19 13:55:45 +01:00
Pedro Igor
cbb118c013 [KEYCLOAK-17442] - Upgrade to Quarkus 1.12.2 2021-03-17 13:45:30 -03:00
Peter Skopek
cd44b99eb9 KEYCLOAK-16356 update JUnit to the latest version 2021-03-17 09:53:25 -03:00
mposolda
853a6d7327 KEYCLOAK-17000 Adding server tmp directory inside the auth-server home directory 2021-03-17 10:06:48 +01:00