Commit graph

1393 commits

Author SHA1 Message Date
Jared Blashka
61bd9bb58c Fix CachePolicy.MAX_LIFESPAN invalidation 2017-03-20 22:56:35 -04:00
mhajas
8b8b5174eb KEYCLOAK-3961 Fix wrong conflict merge 2017-03-20 15:04:32 +01:00
Peter Nalyvayko
b2f10359c8 KEYCLOAK-4335: x509 client certificate authentication
Started on implementing cert thumbprint validation as a part of x509 auth flow. Added a prompt screen to give users a choice to either log in based on the identity extracted from X509 cert or to continue with normal browser login flow authentication; clean up some of the comments

x509 authentication for browser and direct grant flows. Implemented certificate to user mapping based on user attribute

Implemented CRL and OCSP certificate revocation checking and added corresponding configuration settings to set up responderURI (OCSP), a location of a file containing X509CRL entries and switiches to enable/disable revocation checking; reworked the certificate validation; removed superflous logging; changed the certificate authentication prompt page to automatically log in the user after 10 seconds if no response from user is received

Support for loading CRL from LDAP directory; finished the CRL checking using the distribution points in the certificate; updated the instructions how to add X509 authentication to keycloak authentication flows; minor styling changes

Stashing x509 unit test related changes; added the steps to configure mutual SSL in WildFly to the summary document

A minor fix to throw a security exception when unable to check cert revocation status using OCSP; continue working on README

Changes to the formating of the readme

Added a list of features to readme

Fixed a potential bug in X509 cert user authenticator that may cause NPE if the client certificate does not define keyusage or extended key usage extensions

Fixed compile time errors in X509 validators caused by the changes to the user credentials model in upstream master

Removed a superfluous file created when merging x509 and main branches

X509 authentication: removed the PKIX path validation as superflous

Reverted changes to the AbstractAttributeMapper introduced during merging of x509 branch into main

Merge the unit tests from x509 branch

added mockito dependency to services project; changes to the x509 authenticators to expose methods in order to support unit tests; added a default ctor to CertificateValidator class to support unit testing; updated the direct grant and browser x509 authenticators to report consistent status messages; unit tests to validate X509 direct grant and browser authenticators; fixed OCSP validation to throw an exception if the certificate chain contains a single certificate; fixed the CRL revocation validation to only use CRL distribution point validation only if configured

CRL and OSCP mock tests using mock netty server. Changed the certificate validator to better support unit testing.

changes to the mockserver dependency to explicitly exclude xercesImpl that was causing SAMLParsingTest to fail

Added a utility class to build v3 certificates with optional extensions to facilitate X509 unit testing; removed supoerfluous certificate date validity check (undertow should be checking the certificate dates during PKIX path validation anyway)

X509: changes to make configuring the user identity extraction simplier for users - new identity sources to map certificate CN and email (E) attributes from X500 subject and issuer names directly rather than using regular expressions to parse them

X509 fixed a compile error caused by the changes to the user model in master

Integration tests to validate X509 client certificate authentication

Minor tweaks to X509 client auth related integration tests

CRLs to support x509 client cert auth integration tests

X509: reverted the changes to testrealm.json and updated the test to configure the realm at runtime

X509 - changes to the testsuite project configuration to specify a path to a trust store used to test x509 direct grant flow; integration tests to validate x509 authentication in browser and direct grant flows; updated the client certificate to extend its validatity dates; x509 integration tests and authenticators have been refactored to use a common configuration class

X509 separated the browser and direct grant x509 authenction integration tests

x509 updated the authenticator provider test to remove no longer supported cert thumbprint authenticator

x509 removed the dependency on mockito

x509 re-implemented OCSP certificate revocation client used to check revocation status when logging in with x509 certificate to work around the dependency on Sun OCSP implementation; integration tests to verify OCSP revocation requests

index.txt.attr is needed by openssl to run a simple OCSP server

x509: minor grammar fixes

Add OCSP stub responder to integration tests

This commit adds OCSP stub responder needed for the integration tests,
and eliminates the need to run external OCSP responder in order to run
the OCSP in X509OCSPResponderTest.

Replace printStackTrece with logging

This commit replaces call to printStackTrace that will end up going to
the stderr with logging statement of WARN severity.

Remove unused imports

Removed unused imports in
org.keycloak.authentication.authenticators.x509 package.

Parameterized Hashtable variable

Removed unused CertificateFactory variable

Declared serialVersionUID for Serializable class

Removed unused CertificateBuilder class

The CertificateBuilder was not used anywhere in the code, removing it to
prevent technical debt.

Removing unused variable declaration

`response` variable is not used in the test, removed it.

Made sure InputStreams are closed

Even though the InputStreams are memory based, added try-with-resources
to make sure that they are closed.

Removed deprecated usage of URLEncoder

Replaced invocation of deprecated method from URLEncoder with Encode
from Keycloak util package.

Made it more clear how to control OCSP stub responder in the tests

X509 Certificate user authentication: moved the integration unit tests into their own directory to fix a failing travis test job

KEYCLOAK-4335: reduced the logging level; added the instructions how to run X.509 related tests to HOW-TO-RUN.md doc; removed README.md from x509 folder; removed no longer used ocsp profile and fixed the exclusion filter; refactored the x509 base test class that was broken by the recent changes to the integration tests

KEYCLOAK-4335: fixed a few issues after rebasing
2017-03-17 05:24:57 -04:00
Stian Thorgersen
a87ee04024 Bump to 3.1.0.CR1-SNAPSHOT 2017-03-16 14:21:40 +01:00
vramik
d0992ef9bd KEYCLOAK-4571 Adapt server-config-migration module for testing both project and product 2017-03-16 10:53:14 +01:00
Pavel Drozd
c30cdb5411 Merge pull request #3932 from vmuzikar/KEYCLOAK-4169
KEYCLOAK-4169 Instructions on how to run UI and Welcome Page tests
2017-03-15 23:53:49 +01:00
Pavel Drozd
b2d677256d Merge pull request #3877 from mhajas/KEYCLOAK-3955
KEYCLOAK-3955 Add CORS tests to integration arquillian testsuite
2017-03-15 23:52:03 +01:00
Stian Thorgersen
feeac69197 Merge pull request #3888 from daklassen/KEYCLOAK-4421
KEYCLOAK-4421 Change any http maven urls to https to reduce build-time MITM vulnerability
2017-03-15 09:54:21 +01:00
Thomas Darimont
b782892769 KEYCLOAK-4163 Improve support for e-mail addresses
Added support for user friendly email addresses as well as dedicated
reply-to addresses for emails being sent by Keycloak.
Both can be customized via the email settings per realm in
the admin-console.
User friendly email addresses use the format:
"Friendly Name"<email@example.org> and provide way to add a meaning
full name to an e-mail address.

We also allow to specify an optional envelope from bounce address.
If a mail sent to a user could not be delivered the email-provider
will sent a notification to that address.

See: https://en.wikipedia.org/wiki/Bounce_address

Add test for proper email headers in sent messages
2017-03-14 18:22:54 +01:00
Bill Burke
6d51862057 Merge pull request #3897 from anderius/feature/KEYCLOAK-4504-redirect-logout
[WIP] Saml broker: Option to specify logout request binding
2017-03-14 11:32:26 -04:00
David Klassen
32d3f760ec KEYCLOAK-4421: Change http url to https
Change any http maven urls to https to reduce build-time MITM vulnerability
2017-03-14 10:18:40 +01:00
Pedro Igor
9d1d22565c Merge pull request #3938 from pedroigor/authz-fixes
AuthZ Services Fixes
2017-03-13 15:20:41 -03:00
Pedro Igor
e7e6314146 [KEYCLOAK-4555] - Fixes and improvements to evaluation code 2017-03-13 14:08:54 -03:00
Marek Posolda
649ca36ece Merge pull request #3945 from mposolda/master
KEYCLOAK-4572 AccountTest.changeProfileNoAccess unstable
2017-03-13 15:57:43 +01:00
Pavel Drozd
253c8a342b Merge pull request #3941 from pdrozd/KEYCLOAK-4569
KEYCLOAK-4569 SSSDTest rewrited to be usable in different enviroments
2017-03-13 15:50:06 +01:00
Pavel Drozd
71a9d51c56 Merge pull request #3940 from pdrozd/KEYCLOAK-4304
KEYCLOAK-4304 Updated Kerberos tests to be able to run them on differ…
2017-03-13 15:49:01 +01:00
Stian Thorgersen
ef164f5e69 Merge pull request #3943 from stianst/TRAVIS
Add --no-snapshot-updates to Travis builds
2017-03-13 15:41:05 +01:00
mposolda
aa84709087 KEYCLOAK-4572 AccountTest.changeProfileNoAccess unstable 2017-03-13 13:58:46 +01:00
Stian Thorgersen
2cf4518ffd Disable snapshot for repositories 2017-03-13 09:03:46 +01:00
Pavel Drozd
f32fc99e80 KEYCLOAK-4569 SSSDTest rewrited to be usable in different enviroments 2017-03-13 08:05:30 +01:00
Pavel Drozd
b5433720c1 KEYCLOAK-4304 Updated Kerberos tests to be able to run them on different environment 2017-03-13 08:00:41 +01:00
Pavel Drozd
282896b653 Merge pull request #3930 from vmuzikar/KEYCLOAK-4554-2
KEYCLOAK-4554 Fix WelcomePage test
2017-03-10 15:57:47 +01:00
Pavel Drozd
3884dd974a Merge pull request #3925 from vmuzikar/KEYCLOAK-4553
KEYCLOAK-4553 Truststore not found in Arquillian tests in "other" module
2017-03-10 15:56:40 +01:00
Vaclav Muzikar
f3e842fdd9 KEYCLOAK-4169 Instructions on how to run UI and Welcome Page tests 2017-03-10 11:26:21 +01:00
Bill Burke
0ff4223184 Merge pull request #3922 from hmlnarik/KEYCLOAK-4288-SAML-logouts-are-not-invalidating-the-sessions-for-all-the-logged-in-applications
KEYCLOAK-4288 Invalidate sessions in cluster for SAML logouts
2017-03-09 19:13:37 -05:00
Bill Burke
b618dbd97f Merge pull request #3926 from mrpardijs/KEYCLOAK-4360-Add-SAML-OneTimeUse-Condition
KEYCLOAK-4360: Add OneTimeUse condition to SAMLResponse
2017-03-09 19:09:02 -05:00
Vaclav Muzikar
dc2d2cdbde Merge branch 'master' of https://github.com/keycloak/keycloak into KEYCLOAK-4553 2017-03-09 16:54:08 +01:00
Vaclav Muzikar
8b888fdf0c KEYCLOAK-4554 Fix WelcomePage test 2017-03-09 16:41:54 +01:00
Pavel Drozd
11d93994c2 Merge pull request #3919 from vramik/KEYCLOAK-4210
KEYCLOAK-4210 remove redundant dependency
2017-03-09 15:49:55 +01:00
Mark Pardijs
c78c0b73d3 KEYCLOAK-4360: Add OneTimeUse condition to SAMLResponse
Add OneTimeUse Condition to SAMLResponse when configured in client settings
2017-03-09 13:01:05 +01:00
Vaclav Muzikar
2175f66a30 KEYCLOAK-4553 Truststore not found in Arquillian tests in "other" module 2017-03-09 11:17:42 +01:00
Thomas Darimont
1dea38bdbb KEYCLOAK-4205 Allow to return json arrays in Client and Realm Role Mappers
Previously the ClientRoleMapper and RealmRoleMapper returned
roles as a comma delimited String in OIDC tokens which
needed to be parsed by client applications.
We now support to generate the role information as JSON
arrays by setting "multi valued" to "true" in the
client role mapper or realm role mappers respectively
which makes it easier for clients to consume.

The default setting for "multi valued" is "false" to
remain backwards compatible.

An example AccessToken that shows the two modes can be found here:
https://gist.github.com/thomasdarimont/dff0cd691cd6e0b5e33c2eb4c76ae5e8
2017-03-08 20:56:56 +01:00
Bill Burke
efffcc5f41 Merge pull request #3915 from TeliaSoneraNorge/KEYCLOAK-4524
KEYCLOAK-4524
2017-03-08 10:08:04 -05:00
vramik
0c4a1b1489 KEYCLOAK-4210 remove redundant dependency 2017-03-08 10:51:18 +01:00
Pavel Drozd
62876b9694 Merge pull request #3912 from vmuzikar/KEYCLOAK-4526
KEYCLOAK-4526 Fix Node.js Arquillian tests
2017-03-07 21:53:30 +01:00
Pavel Drozd
739dae0846 Merge pull request #3908 from vramik/KEYCLOAK-4348
KEYCLOAK-4348 upgrade maven-surefire-plugin version
2017-03-07 21:52:24 +01:00
Pavel Drozd
7ab67d205b Merge pull request #3903 from tkyjovsk/KEYCLOAK-4515
KEYCLOAK-4515 Make it possible to clean-up other DB types than mysql or postgres
2017-03-07 21:50:48 +01:00
mhajas
213ed6fa4b KEYCLOAK-3955 2017-03-06 10:22:06 +01:00
mhajas
280689055f KEYCLOAK-3961 2017-03-06 10:17:59 +01:00
Bill Burke
05e080624b import after each test 2017-03-03 11:32:48 -05:00
Bill Burke
c6dc59f63e Merge remote-tracking branch 'upstream/master' 2017-03-03 11:00:32 -05:00
Martin Hardselius
a0a85f62c6 KEYCLOAK-4524 possible to add identity prover mappers with same name into single identity provider
- unique name enforcement working
- test added
2017-03-03 16:40:49 +01:00
Bill Burke
3bb29e033b KEYCLOAK-4501, KEYCLOAK-4511, KEYCLOAK-4513 2017-03-03 09:48:52 -05:00
Bartosz Majsak
beee0c1e67 Implements social login test for OpenShift 2017-03-03 14:55:40 +01:00
Vaclav Muzikar
b0b0bfdf76 KEYCLOAK-4526 Fix Node.js Arquillian tests 2017-03-03 11:08:13 +01:00
vramik
a24070c2b0 KEYCLOAK-4348 upgrade maven-surefire-plugin version 2017-03-02 12:09:15 +01:00
mposolda
69e61398a6 KEYCLOAK-4520 Enable testsuite logging when running test from IDE 2017-03-02 10:50:50 +01:00
Hynek Mlnarik
27ba4eb978 KEYCLOAK-4288 Tests for EAP6 and Wildfly 2017-03-01 15:17:39 +01:00
mposolda
091b376624 KEYCLOAK-1590 Realm import per test class 2017-03-01 09:38:44 +01:00
Pavel Drozd
52fbe00c04 Merge pull request #3874 from vramik/KEYCLOAK-4258
KEYCLOAK-4258 add server-config-migration module to parent pom
2017-03-01 08:27:59 +01:00
Tomas Kyjovsky
c94b7922aa Added profile jdbc-driver-depencency to arq. testsuite; changed jdbc module path from layers/base/com/${db} to layers/base/test/jdbc/${db} 2017-03-01 01:37:53 +01:00
Anders Båtstrand
8d82390843 KEYCLOAK-4504 New configuration option for SAML Broker:
* postBindingLogout: Indicates if POST or redirect should be used for the logout requests.

This applies to both IdP-initiated logout, and Keycloak-initiated logout. If unset (for example when upgrading Keycloak), the setting is initially set to the same as postBindingResponse.

The flag is also set when importing IdP metadata.
2017-02-28 12:08:22 +01:00
Bill Burke
0765b01189 Merge remote-tracking branch 'upstream/master' 2017-02-27 18:46:09 -05:00
Bill Burke
b4f625e1ce KEYCLOAK-4501 2017-02-27 18:46:00 -05:00
Hynek Mlnarik
1970e03361 KEYCLOAK-4368 Enable htmlUnit for adapter tests (not examples though) 2017-02-26 16:56:26 +01:00
Stian Thorgersen
e2b1c97e26 KEYCLOAK-943 Added initial implementation for update profile 2017-02-24 13:19:29 +01:00
vramik
f77670c4dd KEYCLOAK-4262 disable server-config-migration for distribution and add possibility to run it with profile 2017-02-23 14:46:05 +01:00
Pavel Drozd
089bde3571 Merge pull request #3852 from tkyjovsk/user-storage-tests
UserStorageTest migrated to Arquillian testsuite
2017-02-22 16:09:57 +01:00
Tomas Kyjovsky
a5677e87db UserStorageTest migrated to Arquillian testsuite 2017-02-22 13:54:11 +01:00
vramik
4fbb8ed994 KEYCLOAK-4262 make AbstractSamlTest class abstract 2017-02-22 10:20:34 +01:00
mposolda
f6bc0806d5 KEYCLOAK-4368 Switch default WebDriver impl to htmlUnit 2017-02-20 21:52:15 +01:00
Pavel Drozd
ec32acec27 Merge pull request #3872 from mhajas/KEYCLOAK-4179
KEYCLOAK-4179
2017-02-20 15:44:29 +01:00
Pavel Drozd
152b4f13e7 Merge pull request #3871 from mhajas/KEYCLOAK-4626
KEYCLOAK-4626 KEYCLOAK-4261 KEYCLOAK-4181 KEYCLOAK-4160 Add tests for SAML issues
2017-02-20 15:43:38 +01:00
Pavel Drozd
284ef5992d Merge pull request #3868 from zschwarz/12-16-failing-ssl-tests-z
KEYCLOAK-4084 Fix ssl adapter tests
2017-02-20 15:42:19 +01:00
Stian Thorgersen
3653d7ed9a Merge pull request #3762 from sldab/hide-providers
KEYCLOAK-4224 Allow hiding identity providers on login page
2017-02-17 12:04:35 +01:00
Pavel Drozd
6af06348bd Merge pull request #3806 from hmlnarik/KEYCLOAK-4191-OIDCProtocolMappersTest-sometimes-fails-on-mariadb
KEYCLOAK-4191 Fix for OIDCProtocolMappersTest on mariadb
2017-02-16 13:36:25 +01:00
vramik
e960e45671 Enable server-config-migration for distribution 2017-02-16 13:00:27 +01:00
mhajas
5bce87d6e7 KEYCLOAK-4179 2017-02-16 10:50:10 +01:00
Stian Thorgersen
7db6d51a39 Merge pull request #3870 from stianst/MONGO-REMOVAL
KEYCLOAK-4384 Remove Mongo support
2017-02-16 10:50:04 +01:00
mhajas
b1510c43ff KEYCLOAK-4160 2017-02-16 08:09:11 +01:00
mhajas
44c81910bf KEYCLOAK-4181 2017-02-16 08:04:42 +01:00
mhajas
27e390965e KEYCLOAK-4261 2017-02-16 08:04:23 +01:00
mhajas
119435ac76 KEYCLOAK-4262 Test for rejected consent 2017-02-16 08:04:06 +01:00
Stian Thorgersen
49ac3587b6 KEYCLOAK-4384 Remove Mongo support 2017-02-15 15:20:58 +01:00
mhajas
f2a4fd029d KEYCLOAK-4084 Fix ssl adapter tests 2017-02-15 09:35:15 +01:00
mhajas
91bcc24977 KEYCLOAK-4329 Add test for empty KeyInfo 2017-02-14 12:36:17 +01:00
Stian Thorgersen
d72b67c460 Merge pull request #3857 from anderius/feature/KEYCLOAK-4392-component-id
KEYCLOAK-4392 Copy component id from representation to model
2017-02-14 09:43:38 +01:00
Anders Båtstrand
3af9f2f989 KEYCLOAK-4392 Copy component id from representation to model 2017-02-13 13:03:57 +01:00
Pavel Drozd
8668eff1b6 Merge pull request #3856 from mhajas/KEYCLOAK-3987
KEYCLOAK-3987 Add test for grant role from token
2017-02-13 10:43:32 +01:00
Pavel Drozd
3cec57da6a Merge pull request #3827 from mhajas/KEYCLOAK-4346
KEYCLOAK-4346 Validation tests are failing because of ban on server w…
2017-02-13 10:42:08 +01:00
Pavel Drozd
6602123b55 Merge pull request #3824 from mhajas/KEYCLOAK-4020
KEYCLOAK-4020 add test for boolean attribute
2017-02-13 10:41:04 +01:00
Pavel Drozd
767b4a2e2a Merge pull request #3811 from mhajas/KEYCLOAK-4286
KEYCLOAK-4286 Use desired version of JS-adapter
2017-02-13 10:39:56 +01:00
Pavel Drozd
beb96b7f01 Merge pull request #3810 from vramik/KEYCLOAK-4337
KEYCLOAK-4337 Few fixes for testsuite
2017-02-13 10:38:31 +01:00
Pavel Drozd
4ede1174b7 Merge pull request #3805 from mhajas/KEYCLOAK-3841
KEYCLOAK-3841 Fix tests on windows
2017-02-13 10:37:32 +01:00
mhajas
00932f4eb3 KEYCLOAK-3987 Add test for grant role from token 2017-02-10 10:27:38 +01:00
mhajas
7d203ed448 KEYCLOAK-4346 Validation tests are failing because of ban on server which provides some imports to SAML xsd 2017-02-09 14:15:45 +01:00
Stian Thorgersen
8e16e5d953 Merge pull request #3839 from stianst/SOCIAL_LOGIN_TEST
KEYCLOAK-4265 Social login tests
2017-02-09 10:15:17 +01:00
Stian Thorgersen
44180a68e6 Merge pull request #3845 from frelibert/KEYCLOAK-4378
KEYCLOAK-4378 New user attribute is not added after first login from …
2017-02-09 10:02:09 +01:00
Frederik Libert
f3a552ac9d KEYCLOAK-4378 New user attribute is not added after first login from broker 2017-02-07 15:37:16 +01:00
Stian Thorgersen
5b5dc3e442 KEYCLOAK-4265 Social login tests 2017-02-06 13:50:10 +01:00
mposolda
8a16ab52a9 KEYCLOAK-4371 Offline Tokens still useless When SSO Session Max is Reached and normal userSession expired 2017-02-03 11:55:58 +01:00
Takashi Norimatsu
6bab704bba KEYCLOAK-2604 Proof Key for Code Exchange by OAuth Public Clients - RFC
7636 - Arquillian Test Cases
2017-02-03 14:41:36 +09:00
mhajas
ddf9301ceb KEYCLOAK-4020 add test for boolean attribute 2017-02-02 09:47:52 +01:00
vramik
7abe140621 resolve 'There is no context available for qualifier' message 2017-02-02 09:20:03 +01:00
Stan Silvert
b4e4cbcbaa KEYCLOAK-4262: Update pom version 2017-02-01 14:38:52 -05:00
Stan Silvert
a7c3d1b8df KEYCLOAK-4262 Split migration-domain script into two separate scripts 2017-02-01 14:23:20 -05:00
Bill Burke
1d04d56bdb Merge pull request #3816 from patriot1burke/master
KEYCLOAK-4218
2017-02-01 08:55:10 -05:00
mposolda
f92dd6bd16 KEYCLOAK-4339 MigrationTest fails to run 2017-01-31 16:00:16 +01:00
mhajas
99e1482e06 KEYCLOAK-4286 Use desired version of JS-adapter 2017-01-31 14:04:14 +01:00
vramik
aec59a7e91 refactor asserts in ExportImportTest to be more verbose 2017-01-31 13:24:06 +01:00
vramik
9a16805f17 assumeCommunity for AccountPageTest.testLocalizedReferrerLinkContent 2017-01-31 13:22:16 +01:00
mposolda
acf2e30c2f Fix MigrationTest 2017-01-30 22:23:19 +01:00
mposolda
5c5b7a33d3 KEYCLOAK-4169 Add initial testsuite how-to 2017-01-30 22:23:08 +01:00
Hynek Mlnarik
4d362fe9ca KEYCLOAK-4191 Fix for OIDCProtocolMappersTest on mariadb 2017-01-30 10:52:17 +01:00
Bill Burke
bb77ab4a81 account link tests 2017-01-27 17:37:08 -05:00
mhajas
1a073629ec KEYCLOAK-3841 2017-01-27 14:43:46 +01:00
mposolda
265522a2e3 KEYCLOAK-4285 Adapter tests for examples fail in Wildfly/EAP6 2017-01-27 14:26:21 +01:00
Stian Thorgersen
5fd3eb2990 KEYCLOAK-3729 Ability to run tests within Keycloak server 2017-01-27 12:14:19 +01:00
Marek Posolda
1674bf1643 Merge pull request #3799 from mposolda/master
KEYCLOAK-4271 Migration test for offline tokens
2017-01-26 18:50:30 +01:00
mposolda
42ad8aec64 KEYCLOAK-4271 Migration test for offline tokens 2017-01-26 17:19:03 +01:00
Marek Posolda
835d4c0aad Merge pull request #3798 from mposolda/master
KEYCLOAK-2813 Remove LegacyImportTest as the legacy JSON export/impor…
2017-01-26 12:13:51 +01:00
mposolda
a8e2c8ef31 KEYCLOAK-2813 Remove LegacyImportTest as the legacy JSON export/import tested with MigrationTest 2017-01-26 09:48:29 +01:00
Stian Thorgersen
6f22f88d85 Bump version to 3.0.0.CR1 2017-01-26 06:18:11 +01:00
Stian Thorgersen
7cfa1cc368 Merge pull request #3792 from hmlnarik/KEYCLOAK-4281-Some-adapter-tests-fail-for-Wildfly
KEYCLOAK-4281 Fix tests for SAML adapters in Arquillian TS
2017-01-25 12:29:17 +01:00
Hynek Mlnarik
6085b21c36 KEYCLOAK-4258 Disable server-config-migration for auth-server-wildfly 2017-01-25 12:22:47 +01:00
Hynek Mlnarik
e329c7801d KEYCLOAK-4281 Fix tests for SAML adapters in Arquillian TS 2017-01-24 22:36:03 +01:00
mposolda
2de2df3a41 KEYCLOAK-4282 Fix authorization import in DirImportProvider 2017-01-24 21:57:35 +01:00
Stian Thorgersen
94ffeda62a Merge pull request #3773 from hmlnarik/KEYCLOAK-4181-SAML-Response-without-any-assertion-leads-to-an-exception
KEYCLOAK-4181 Fix handling of SAML error code in broker
2017-01-24 10:33:05 +01:00
mposolda
e487db349c KEYCLOAK-4274 Fix recursive composite role mappings 2017-01-23 17:55:45 +01:00
Stian Thorgersen
15d0a116ac Merge pull request #3769 from hmlnarik/KEYCLOAK-4167-Unable-to-validate-access-token-for-OIDC-External-IDP-using-configured-public-key
KEYCLOAK-4167 Always use preset key for verification if key ID not set
2017-01-23 13:59:35 +01:00
Stian Thorgersen
052534de82 Merge pull request #3764 from vramik/KEYCLOAK-4098
KEYCLOAK-4098 simplify + fix migration test
2017-01-23 13:04:32 +01:00
Stian Thorgersen
7410bdb31c Merge pull request #3756 from mstruk/KEYCLOAK-3657
KEYCLOAK-3657 Role id is not preserved during import-export operation
2017-01-23 09:59:02 +01:00
Hynek Mlnarik
5da491c270 KEYCLOAK-4181 Fix handling of SAML error code in broker 2017-01-19 16:30:06 +01:00
Stian Thorgersen
536b88790e Merge pull request #3757 from mstruk/KEYCLOAK-4150
KEYCLOAK-4150 Unresolved variable ${cliane_security-admin-console} in admin web client
2017-01-19 13:55:36 +01:00
Vlasta Ramik
aef6bb9789 simplify + fix migration test 2017-01-19 12:35:59 +01:00
Pedro Igor
c7f2a0ffdd Merge pull request #3766 from pedroigor/KEYCLOAK-4203
[KEYCLOAK-4203] - Removing references to Drools
2017-01-18 13:31:23 -02:00
Pedro Igor
c19360c6f2 [KEYCLOAK-4203] - Removing references to Drools 2017-01-18 12:44:30 -02:00
Hynek Mlnarik
df4f1e7129 KEYCLOAK-4167 Always use preset key for verification if key ID not set 2017-01-18 10:29:06 +01:00
Stian Thorgersen
212182ee34 Merge pull request #3765 from zschwarz/community
KEYCLOAK-4233 Run failing i18n tests with community profile
2017-01-18 08:52:17 +01:00
Stian Thorgersen
86988833e9 Merge pull request #3761 from abstractj/KEYCLOAK-4207
[KEYCLOAK-4207] SSSD Provider - NullPointerException when mail attribute is not filled
2017-01-18 08:41:36 +01:00
Stian Thorgersen
e364680792 Merge pull request #3721 from hmlnarik/KEYCLOAK-3399-End-session-endpoint-returns-error-when-keycloak-session-is-expired
KEYCLOAK-3399 Ignore user session expiration on OIDC logout
2017-01-18 08:38:53 +01:00
Slawomir Dabek
9bb65ba9b7 KEYCLOAK-4224 Allow hiding identity providers on login page 2017-01-17 14:32:59 +01:00
zschwarz
ae40bfb96e KEYCLOAK-4233 Run failing i18n tests with community profile 2017-01-16 15:27:39 +01:00
Vaclav Muzikar
547f5ecfa6 KEYCLOAK-4230 Fix failing Arquillian tests in the "other" module 2017-01-16 10:59:02 +01:00
Stian Thorgersen
1913f801b9 Merge pull request #3739 from hmlnarik/KEYCLOAK-2847-Unexpected-error-when-trying-to-update-clientTemplate-to-already-existing-name
KEYCLOAK-2847 Fix for client template duplicate name
2017-01-16 09:45:39 +01:00
Stian Thorgersen
1ef2eb6110 Merge pull request #3693 from ssilvert/config-migration-2
KEYCLOAK-4101: jboss-cli script to do migration of configuration
2017-01-16 09:37:01 +01:00
Bruno Oliveira
9fb46a7b1c [KEYCLOAK-4207] SSSD Provider - NullPointerException when mail attribute is not filled 2017-01-13 17:35:55 -02:00
Marko Strukelj
d68f6bbc42 KEYCLOAK-4150 Unresolved variable ${cliane_security-admin-console} in admin web client 2017-01-13 17:48:21 +01:00
Marko Strukelj
7de999a7f9 KEYCLOAK-3657 Role id is not preserved during import-export operation 2017-01-13 17:46:30 +01:00
Pavel Drozd
2f7143e72f Merge pull request #3749 from pdrozd/KEYCLOAK-4210
KEYCLOAK-4210: Added Fuse admin tests
2017-01-13 11:37:24 +01:00
Hynek Mlnarik
0b58bebc90 KEYCLOAK-2847 Fix for client template duplicate name 2017-01-13 09:32:28 +01:00
mposolda
93157e49d5 KEYCLOAK-4201 Offline tokens become useless when accessing admin REST API 2017-01-13 09:06:53 +01:00
Pavel Drozd
3d9f11168e KEYCLOAK-4210: Added Fuse admin tests 2017-01-13 01:05:37 +01:00
Stan Silvert
901ff9c3d5 KEYCLOAK-4101: Uncomment sssd module from pom 2017-01-12 12:10:03 -05:00
Bill Burke
1e51ade620 Merge remote-tracking branch 'upstream/master' 2017-01-12 09:34:36 -05:00
Bill Burke
89e6f93fa4 KEYCLOAK-4099 2017-01-12 09:34:26 -05:00
Bill Burke
41630d6962 Merge pull request #3727 from hmlnarik/KEYCLOAK-4141
KEYCLOAK-4141
2017-01-12 08:49:29 -05:00
Hynek Mlnarik
e11957ecf3 KEYCLOAK-4167 Make OIDC identity provider key ID configurable 2017-01-11 18:24:22 +01:00
Stan Silvert
8441bda3da KEYCLOAK-4101: Move tests under testsuite. Only run under
-Pauth-server-wildfly
2017-01-10 07:30:58 -05:00
Marek Posolda
227900f288 Merge pull request #3731 from mposolda/master
KEYCLOAK-4175 Provide a way to set the connect and read timeout for l…
2017-01-10 09:49:18 +01:00