mposolda
a5567ead7a
KEYCLOAK-1169 Skip DB write at each broker login if 3rd party token is not required
2015-04-01 11:00:02 +02:00
Stian Thorgersen
a2c4a1f760
Merge branch 'KEYCLOAK-1113' of https://github.com/velias/keycloak into velias-KEYCLOAK-1113
...
Conflicts:
services/src/main/java/org/keycloak/services/resources/LoginActionsService.java
2015-04-01 09:45:13 +02:00
Stian Thorgersen
f9d814598e
KEYCLOAK-946 Only show endpoints relevant for admin rest api
2015-04-01 07:31:17 +02:00
Bill Burke
03bfca5e41
expire cookie on backchannel
2015-03-31 19:33:43 -04:00
Stian Thorgersen
fcc2e0a9f0
Removed admin audit events - need to rethink how to implement it
2015-03-31 14:37:54 +02:00
Stian Thorgersen
96dad77c66
KEYCLOAK-392 Admin events
2015-03-30 14:38:32 +02:00
girirajsharma
962b623b4a
[KEYCLOAK-392] - Admin audit events
2015-03-30 14:06:01 +02:00
Vlastimil Elias
01094663bf
KEYCLOAK-1113 - profile update now uses correct form validation also
2015-03-30 12:53:05 +02:00
Michael Gerber
7b820a4eed
i18n for default claims
...
role description i18n
tests
typo
fix unit test
2015-03-29 11:34:53 +02:00
Bill Burke
878ce0761d
broker fixes
2015-03-27 12:13:48 -04:00
Vlastimil Elias
8727aef647
KEYCLOAK-1113 - LoginFormProvider extended to allow per field errors,
...
freemarker implementation extended (backward compatible), used for
registration form
2015-03-27 15:41:42 +01:00
Stian Thorgersen
b727087f04
KEYCLOAK-1150
...
'iss' should be URL not just realm name
2015-03-26 13:50:36 +01:00
Bill Burke
d36ee0d0af
Merge pull request #1088 from patriot1burke/master
...
oidc and saml broker backchannel logout
2015-03-26 08:43:21 -04:00
mposolda
477d8b35e3
KEYCLOAK-1116 KEYCLOAK-1117 JSON migration and removal of ClientModel.claimsMask
2015-03-26 11:49:22 +01:00
mposolda
2599e77491
Fix oracle
2015-03-26 08:10:26 +01:00
Bill Burke
f64d84b03a
Merge remote-tracking branch 'upstream/master'
2015-03-25 19:02:23 -04:00
Bill Burke
e0c70e1c47
oidc broker backchannel logout
2015-03-25 19:02:07 -04:00
Bill Burke
13268c52c6
saml backchannel logout
2015-03-25 16:51:25 -04:00
Stian Thorgersen
14683882e8
KEYCLOAK-1138 Appliance distribution from master failes with ClassNotFoundException
2015-03-25 10:11:56 +01:00
Bill Burke
c3859fa34f
oidc logout and console fixes
2015-03-23 21:30:56 -04:00
Bill Burke
410953fc5f
broker oidc logout
2015-03-23 13:21:17 -04:00
Bill Burke
f546358d66
oidc logout profile
2015-03-22 12:45:36 -04:00
Bill Burke
97d5f4aafc
broker refactor
2015-03-20 18:56:25 -04:00
Bill Burke
90c815055d
broker logout
2015-03-20 12:13:33 -04:00
Stian Thorgersen
71c7d8e48b
Merge pull request #1062 from velias/KEYCLOAK-1053
...
KEYCLOAK-1053 patch of email validation during social login without email
2015-03-20 05:37:16 +01:00
Michael Gerber
d8193f0f25
ui_locales as specified in:
...
http://openid.net/specs/openid-connect-core-1_0.html#rfc.section.3.1.2
replace ' through '' and introduce msg method for i18n in *.ftl files
replace ' through '' and introduce msg method for i18n in *.ftl files
css dorpdown
get current url with locale as query parameter
Introduce LocaleBean
add css dropdown to account page
css styling...
css styling...
2015-03-19 21:28:55 +01:00
mposolda
a65bac7751
Mongo migration: admin roles, timeout, protocol mappers
2015-03-19 19:58:19 +01:00
mposolda
82e290e06c
Minor model fix
2015-03-19 19:58:19 +01:00
Vlastimil Elias
c0cf537654
KEYCLOAK-1053 - social login do not fail when email validation is
...
enabled for realm but email is not provided by social login provider
(eg. Twitter)
2015-03-19 17:19:55 +01:00
Bill Burke
b26277a17c
broker fixes
2015-03-18 21:58:04 -04:00
mposolda
24f18609dd
Update federated links when identity provider alias is changed
2015-03-18 09:43:53 +01:00
mposolda
aeb27ff047
KEYCLOAK-1108 Remove option for enable/disable login per application
2015-03-18 09:43:53 +01:00
Bill Burke
ce2c4188fb
saml broker import/export, and module fixes
2015-03-17 19:20:46 -04:00
Stian Thorgersen
13b22d6644
KEYCLOAK-1107 saml and oidc broker options don't sho
2015-03-17 12:10:53 +01:00
Stian Thorgersen
2d785b5d5e
KEYCLOAK-1050 Added support for selecting multiple values
2015-03-17 07:52:55 +01:00
Bill Burke
4a8f34f27f
Merge pull request #1052 from patriot1burke/master
...
set saml issuer
2015-03-16 16:18:36 -04:00
Bill Burke
de2aa8e676
javadoc fixes
2015-03-16 15:37:49 -04:00
mposolda
4da566ae4d
KEYCLOAK-1094 Rename k_idp_hint to kc_idp_hint
2015-03-16 20:00:20 +01:00
Bill Burke
321041fccf
Merge pull request #1050 from patriot1burke/master
...
saml broker SPSSO descriptor
2015-03-16 13:31:47 -04:00
Bill Burke
224066f0fd
saml broker defaults and export page
2015-03-16 12:34:20 -04:00
mposolda
5fe0c38498
KEYCLOAK-1092 Fix test for crud of federated identity links
2015-03-16 16:49:01 +01:00
Bill Burke
ec1ba40f4a
Merge remote-tracking branch 'upstream/master'
2015-03-16 09:22:55 -04:00
Stian Thorgersen
e2b02d414f
Change adapters to use auth and token endpoints
2015-03-16 09:23:12 +01:00
Michael Gerber
144ee2c56d
add localization support to realm
...
(cherry picked from commit b00764b)
add localization support to realm
(cherry picked from commit b00764b)
add localization support to realm
(cherry picked from commit b00764b)
admin gui for localization support
(cherry picked from commit c157cc3)
added locale support to ClassLoaderTheme and FolderTheme
(cherry picked from commit 764960a)
rename localizatin to internationalization
(cherry picked from commit 74a0658)
fallback if no message can be found
(cherry picked from commit 2d54e6f)
fallback if no message can be found
(cherry picked from commit 2d54e6f)
add HttpHeaders
(cherry picked from commit be921c8)
add HttpHeaders
(cherry picked from commit be921c8)
NPE fix
(cherry picked from commit 148158b)
improve locale helper
(cherry picked from commit 57a805a)
write cookie
fix npe
(cherry picked from commit 33398b3)
dropdown to choose language
(cherry picked from commit 9e2eb60)
added dropdown to choose locale to the account page.
fixed the path of the cookie.
(cherry picked from commit 871469a)
remove debug info
(cherry picked from commit c3ea6b1)
added dropdown to change locale for user.
(cherry picked from commit 1575bea)
add i18n for emails
(cherry picked from commit b6280e9)
i18n for emails
(cherry picked from commit 6118c51)
set default locale to english
(cherry picked from commit 386447b)
change locale type form String to Locale
(cherry picked from commit 8dcc595)
change file encoding
(cherry picked from commit 2cce96d)
added parameters to setSuccess, setWarning, setError
(cherry picked from commit 64ea438)
i18n for error messages
(cherry picked from commit e75d5ef)
i18n for error message in login
(cherry picked from commit 8b60c96)
add i18n for messages in account pages
(cherry picked from commit 9849d94)
fix unit test
(cherry picked from commit a70a1c7)
fix unit test
(cherry picked from commit 008744b)
locale localization :)
(cherry picked from commit f3a2144)
locale localization :)
(cherry picked from commit 21f6384)
messages refactoring
(cherry picked from commit 08f1ae7)
messages refactoring
(cherry picked from commit 3b4b53a)
messages refactoring
(cherry picked from commit 69146d4)
messages refactoring
(cherry picked from commit cd3db1d)
messages refactoring
(cherry picked from commit 715583f)
fix unit tests after message refactoring
(cherry picked from commit a82c9ff)
fix unit tests after message refactoring
(cherry picked from commit 5662d83)
fix unit tests after message refactoring
(cherry picked from commit 1188de6)
fix unit tests after message refactoring
(cherry picked from commit 90ded07)
German translations
(cherry picked from commit 9822b99)
removed newliines
(cherry picked from commit 34ca1d8)
removed java 8 dependency
(cherry picked from commit 3a23f4f)
typo
(cherry picked from commit a818122)
typo
(cherry picked from commit a818122)
forgotten properties
unit test fixes
unit test fixes
fixes after rebase
add localization support to realm
(cherry picked from commit b00764b)
add localization support to realm
(cherry picked from commit b00764b)
add localization support to realm
(cherry picked from commit b00764b)
admin gui for localization support
(cherry picked from commit c157cc3)
added locale support to ClassLoaderTheme and FolderTheme
(cherry picked from commit 764960a)
rename localizatin to internationalization
(cherry picked from commit 74a0658)
fallback if no message can be found
(cherry picked from commit 2d54e6f)
fallback if no message can be found
(cherry picked from commit 2d54e6f)
add HttpHeaders
(cherry picked from commit be921c8)
add HttpHeaders
(cherry picked from commit be921c8)
NPE fix
(cherry picked from commit 148158b)
improve locale helper
(cherry picked from commit 57a805a)
write cookie
fix npe
(cherry picked from commit 33398b3)
dropdown to choose language
(cherry picked from commit 9e2eb60)
added dropdown to choose locale to the account page.
fixed the path of the cookie.
(cherry picked from commit 871469a)
remove debug info
(cherry picked from commit c3ea6b1)
added dropdown to change locale for user.
(cherry picked from commit 1575bea)
add i18n for emails
(cherry picked from commit b6280e9)
i18n for emails
(cherry picked from commit 6118c51)
set default locale to english
(cherry picked from commit 386447b)
change locale type form String to Locale
(cherry picked from commit 8dcc595)
change file encoding
(cherry picked from commit 2cce96d)
added parameters to setSuccess, setWarning, setError
(cherry picked from commit 64ea438)
i18n for error messages
(cherry picked from commit e75d5ef)
i18n for error message in login
(cherry picked from commit 8b60c96)
add i18n for messages in account pages
(cherry picked from commit 9849d94)
fix unit test
(cherry picked from commit a70a1c7)
fix unit test
(cherry picked from commit 008744b)
locale localization :)
(cherry picked from commit f3a2144)
locale localization :)
(cherry picked from commit 21f6384)
messages refactoring
(cherry picked from commit 08f1ae7)
messages refactoring
(cherry picked from commit 3b4b53a)
messages refactoring
(cherry picked from commit 69146d4)
messages refactoring
(cherry picked from commit cd3db1d)
messages refactoring
(cherry picked from commit 715583f)
fix unit tests after message refactoring
(cherry picked from commit a82c9ff)
fix unit tests after message refactoring
(cherry picked from commit 5662d83)
fix unit tests after message refactoring
(cherry picked from commit 1188de6)
fix unit tests after message refactoring
(cherry picked from commit 90ded07)
German translations
(cherry picked from commit 9822b99)
removed newliines
(cherry picked from commit 34ca1d8)
removed java 8 dependency
(cherry picked from commit 3a23f4f)
typo
(cherry picked from commit a818122)
typo
(cherry picked from commit a818122)
forgotten properties
unit test fixes
unit test fixes
fixes after rebase
fixes after rebase
fixes after rebase
fixes after rebase
2015-03-14 14:08:06 +01:00
Bill Burke
60ecf99aa6
export saml broker SPSSO descriptor
2015-03-13 20:56:40 -04:00
Juraci Paixão Kröhling
a64ce244d5
KEYCLOAK-1101 - Added notUsername() to password policy.
2015-03-13 15:50:28 +01:00
Vlastimil Elias
43aa61ace3
KEYCLOAK-1074
...
- field label changes on login page
- added all relevant integration tests
2015-03-12 15:45:41 +01:00
Vlastimil Elias
dec8d33af1
code formatting improved to keep only real changes done for
...
KEYCLOAK-1074
2015-03-12 15:43:16 +01:00
Vlastimil Elias
c8c0449124
code formatting patched to be close to original and produce better difs
2015-03-12 15:39:31 +01:00
Vlastimil Elias
21b4f9a2f1
KEYCLOAK-1074 - Allow registration with email as username (without
...
username as separate field)
2015-03-12 15:31:19 +01:00
Stian Thorgersen
ffbb2df1f3
KEYCLOAK-571 OpenID Connect Discovery
...
KEYCLOAK-1091 JSON Web Key Set endpoint
KEYCLOAK-790 One OpenID Connect token endpoint URL
2015-03-12 11:45:13 +01:00
Bill Burke
6450c4c5f3
cleanup and docs for mappers
2015-03-11 12:05:27 -04:00
Bill Burke
451ce64907
role name mapper
2015-03-11 09:59:56 -04:00
Bill Burke
28a5e61dff
role mappers and testing
2015-03-09 21:03:35 -04:00
Bill Burke
5cf64546c8
Merge remote-tracking branch 'upstream/master'
2015-03-09 09:05:53 -04:00
Bill Burke
cdf22669f4
test oidc mappers
2015-03-09 09:05:39 -04:00
Bill Burke
d4468913dd
hardcoded saml mappers
2015-03-09 07:55:20 -04:00
Stian Thorgersen
452931bfb8
Simplified setting to/from dates
2015-03-09 11:47:08 +01:00
girirajsharma
d2188a3f55
Fixed Event Viewer pagination, date filter and added testcases.
2015-03-09 11:47:08 +01:00
girirajsharma
ce33ce2485
[KEYCLOAK-1050] - Improve filtering in Event viewer in admin app.
2015-03-09 11:47:08 +01:00
Bill Burke
5c6c30fef4
saml role list mapper
2015-03-07 19:47:34 -05:00
Bill Burke
1de285b724
mappers
2015-03-06 18:42:20 -05:00
Bill Burke
4a4158a4e4
test saml attributes
2015-03-06 18:29:36 -05:00
mposolda
db07d79009
KEYCLOAK-1066 Kerberos credential delegation support
2015-03-06 12:59:29 +01:00
Stian Thorgersen
1f5fedb0b0
Module provider loader
2015-03-06 05:30:17 +01:00
Bill Burke
db2c01caa9
more mappers
2015-03-05 19:55:53 -05:00
Bill Burke
98831ec05a
fix other claims in IDToken
2015-03-04 20:27:06 -05:00
Bill Burke
453ef808cc
ID token mapping
2015-03-04 18:39:10 -05:00
Bill Burke
94980fff29
merge conflicts
2015-03-04 17:27:44 -05:00
Bill Burke
33520e9fec
reg/account custom attributes
2015-03-04 17:25:50 -05:00
Stian Thorgersen
6c7f35c509
KEYCLOAK-1014 Don't redirect to app after reset password or verify email if new browser session
2015-03-04 13:39:11 +01:00
Stian Thorgersen
f907a749aa
KEYCLOAK-1015 Allow configuring login timeout separate to login actions
2015-03-04 08:45:01 +01:00
Bill Burke
396e0c6171
refactor mappers
2015-03-03 20:38:28 -05:00
Bill Burke
608185f06a
boolean mapper property types
2015-03-03 12:00:40 -05:00
Bill Burke
753feae49e
fixes
2015-03-02 21:39:43 -05:00
mposolda
58a7e549b2
Fix mongo to pass with testsuite
2015-03-02 12:07:31 +01:00
Bill Burke
4361ce1d42
mapper refactoring
2015-02-28 19:48:50 -05:00
Bill Burke
2da925505e
saml attribute mappers
2015-02-28 11:17:06 -05:00
Bill Burke
07b038e126
add mapper category and help text
2015-02-27 18:21:42 -05:00
Bill Burke
8533d49dfb
Merge remote-tracking branch 'upstream/master'
2015-02-27 17:28:09 -05:00
Bill Burke
1c6e90c4ef
protocol mapper ui
2015-02-27 17:21:02 -05:00
pedroigor
b45d6b896a
[KEYCLOAK-883] - Configuration option to disable token retrieval from applications.
2015-02-27 02:13:27 -03:00
pedroigor
17653e7e74
[KEYCLOAK-883] - Reverting change that redirects to error page when federating identities..
2015-02-26 15:27:32 -03:00
pedroigor
8f263a43e3
[KEYCLOAK-883] - Examples config and logging changes.
2015-02-26 12:34:33 -03:00
pedroigor
6e38964838
[KEYCLOAK-883] - Minor changes to the configuration of identity providers for clients.
2015-02-25 21:00:49 -03:00
Bill Burke
430daf4c39
Merge remote-tracking branch 'upstream/master'
2015-02-25 11:35:04 -05:00
Bill Burke
9f759ed77c
rest interface for claim mapping
2015-02-25 11:34:51 -05:00
Stian Thorgersen
195a5dffdc
Merge pull request #995 from stianst/master
...
KEYCLOAK-1017 Add server version to cached resources to prevent problems...
2015-02-25 16:15:11 +01:00
pedroigor
128cd98ce2
[KEYCLOAK-1036] - Revert.
2015-02-25 11:21:56 -03:00
Stian Thorgersen
5a10bbc8ca
KEYCLOAK-1017 Add server version to cached resources to prevent problems with browser cache
2015-02-25 15:03:01 +01:00
Stian Thorgersen
b6a512b494
KEYCLOAK-934 Extract dependencies into modules
2015-02-25 12:05:48 +01:00
Bill Burke
c20ad93807
claim mappings next phase
2015-02-24 19:37:07 -05:00
Bill Burke
100dbd5fd7
ProviderFactory.postInit()
2015-02-23 12:11:48 -05:00
Bill Burke
d06b7a47ac
Merge remote-tracking branch 'upstream/master'
2015-02-23 11:39:39 -05:00
Bill Burke
1dde3e1459
provider events
2015-02-23 11:39:24 -05:00
mposolda
9f8b59dfb6
Kerberos/LDAP fixes
2015-02-23 14:07:55 +01:00
mposolda
9dd5ecd464
Kerberos automated test
2015-02-23 13:13:34 +01:00
Bill Burke
69582ee3be
more claims work
2015-02-21 10:26:55 -05:00
Bill Burke
42ffe21f91
Merge remote-tracking branch 'upstream/master'
2015-02-20 09:23:18 -05:00
Bill Burke
20f12ea960
changes
2015-02-20 09:22:49 -05:00
mposolda
d8024b0c6c
Kerberos refactored to be federation provider. Support for Kerberos and LDAP. Username/password authentication support with kerberos credentials.
...
First step - KerberosFederationProvider
Finished KerberosFederationProvider. Added support for username/password authentication with kerberos credentials
Added Kerberos UI to LDAPFederationProvider
Fixes
2015-02-18 17:19:15 +01:00
mposolda
5da05aa62a
LDAP testing improvements. Support for embedded Kerberos server in testsuite
2015-02-16 11:50:28 +01:00
mposolda
3ef243dd42
Add authenticateByDefault flag to IdentityProviderModel
2015-02-13 10:08:51 +01:00
pedroigor
b0fb737de3
[KEYCLOAK-883] - Code cleanup and refactoring.
2015-02-13 01:27:11 -02:00
mposolda
534187f4d7
KEYCLOAK-1037 Bad error message on login form in case of expired code
2015-02-11 18:48:32 +01:00
mposolda
03d607b022
Fix showing federation links of users in admin console
2015-02-11 13:03:31 +01:00
mposolda
4b637036ac
Display error page if kerberos token is unavailable
2015-02-11 12:25:20 +01:00
Bill Burke
40f2fb91bc
Merge pull request #960 from girirajsharma/master
...
Updated BC provider versions and deprecated CertificateUtil methods.
2015-02-10 17:55:45 -05:00
mposolda
f582250b31
KEYCLOAK-1036 Don't allow registration through identity brokering in case that realm registration is disabled
2015-02-10 16:57:07 +01:00
girirajsharma
c3d7ef8066
Updated BC provider versions and deprecated CertificateUtil methods.
2015-02-10 18:44:54 +05:30
mposolda
90496f62ac
KEYCLOAK-1035 Brokered identity linked by account management may not be recognized during login
2015-02-10 13:54:45 +01:00
mposolda
d523d7f202
Ensure timestamp on clientSession is updated in AccountService when linking identity broker
2015-02-10 09:49:44 +01:00
pedroigor
ff1f10d7a7
[KEYCLOAK-883] - Refactoring to services endpoints and exposing them through admin client.
2015-02-09 21:30:21 -02:00
pedroigor
cb72fa4788
[KEYCLOAK-883] - Idp hint should be processed firts.
2015-02-08 22:01:30 -02:00
pedroigor
1e13254598
[KEYCLOAK-992] - Initial code for examples. Fixing cors when retreiving tokens.
2015-02-08 03:27:57 -02:00
pedroigor
4b1ba704ec
[KEYCLOAK-992] - Token retrieval from brokered idps.
2015-02-06 22:23:34 -02:00
mposolda
8b4e724aeb
KEYCLOAK-1025 Skip automatic logout from KC admin console for non-authorized users
2015-02-06 18:13:17 +01:00
pedroigor
99a457c5c1
[KEYCLOAK-996] - Allow application to select provider.
2015-01-30 14:02:53 -02:00
girirajsharma
2d6e1048ef
Fixed adding right CORS headers to actual and preflight CORS requests.
2015-01-30 13:57:27 +05:30
Pedro Igor
f013796324
Merge pull request #938 from pedroigor/KEYCLOAK-883
...
[KEYCLOAK-883] - Initial tests for SAML brokering.
2015-01-29 09:11:39 -02:00
pedroigor
1960c608cd
[KEYCLOAK-883] - Initial tests for SAML brokering.
2015-01-29 00:04:02 -02:00
Bill Burke
fd20a25100
Merge remote-tracking branch 'upstream/master'
2015-01-28 17:09:59 -05:00
Bill Burke
ea3bba98aa
saml frontchannel logout
2015-01-28 17:09:13 -05:00
Stian Thorgersen
6ecd9fbde7
Merge pull request #936 from stianst/master
...
Provider loaders
2015-01-28 11:51:05 +01:00
Stian Thorgersen
67ba1de56f
KEYCLOAK-999 Load providers from file-system
2015-01-28 09:15:07 +01:00
pedroigor
2065815627
[KEYCLOAK-883] - Model tests.
2015-01-27 23:53:56 -02:00
pedroigor
c2ba2a70ce
[KEYCLOAK-997] - Redirect directly to provider if password login is disabled and there's only one provider.
2015-01-23 18:20:19 -02:00
pedroigor
b9a7594113
[KEYCLOAK-883] - More SAML configuration. Using SAML builders to create AuthnRequest.
2015-01-21 23:40:20 -02:00
Stian Thorgersen
f31bece1b9
KEYCLOAK-980 Password reset is possible with expired link
2015-01-21 13:11:06 +01:00
Stian Thorgersen
e7a792f922
KEYCLOAK-983 Fix login after reset-password
2015-01-21 12:28:30 +01:00
Bill Burke
8b6a3ad8e4
Merge remote-tracking branch 'upstream/master'
2015-01-16 18:58:01 -05:00
Bill Burke
a0ba6d2c16
saml redirect logout 1st step
2015-01-16 18:57:33 -05:00
Bill Burke
ef2698936b
Merge pull request #919 from pedroigor/KEYCLOAK-884
...
[KEYCLOAK-884] - OpenID Connect UserInfo Endpoint.
2015-01-16 14:28:30 -05:00
pedroigor
4f432775ed
[KEYCLOAK-884] - OpenID Connect UserInfo Endpoint.
2015-01-16 15:45:27 -02:00
mposolda
e4a8ced8b0
KEYCLOAK-974 ServerVersionResource doesn't handle cors requests
2015-01-16 12:57:08 +01:00
Stian Thorgersen
8828d6e2f1
KEYCLOAK-965 NPE in TokenManager.verifyAccess if application is deleted
2015-01-16 11:25:05 +01:00
Stian Thorgersen
bf6c46da1c
KEYCLOAK-962 Changed access token request to use redirect_uri from initial request instead of the resolved redirect_uri
2015-01-16 11:01:03 +01:00
Stian Thorgersen
29b8c2c924
KEYCLOAK-949 Disabled user with wrong credentials receive wrong error message
2015-01-14 10:10:53 +01:00
Stian Thorgersen
abd5967be3
KEYCLOAK-957 Access Token Request does not verify redirect_uri
2015-01-14 09:59:21 +01:00
Michael Gerber
3be74cda30
check if email is null
2015-01-14 09:18:05 +01:00
pedroigor
fa2533ed11
[KEYCLOAK-883] - Initial changes.
2015-01-13 00:58:19 -02:00
mposolda
fff8ae9f8a
KEYCLOAK-942 Incorrect condition in ResourceAdminManager could cause global logout
2015-01-08 11:09:11 +01:00
pedroigor
c4892428ae
[KEYCLOAK-928] - Validate duplicated emails when updating profile.
2015-01-07 11:09:40 -02:00
Michael Gerber
181c1c8b5b
add error event if mail can not be send
2015-01-06 13:02:27 +01:00
Stian Thorgersen
45a1f4361e
Add test
2015-01-05 14:34:08 +01:00
Stian Thorgersen
39daeca09c
Merge branch 'reset-password' of https://github.com/gerbermichi/keycloak into gerbermichi-reset-password
2015-01-05 14:26:51 +01:00
gerbermichi
0c73e67372
a disabled user should not receive an email to reset the password
2015-01-05 14:07:03 +01:00
Stian Thorgersen
628437c146
KEYCLOAK-760 OAuth2 refresh token expiration date
2015-01-05 10:50:50 +01:00
Michael Gerber
019bb558d1
reset-password-email with redirect_uri and client_id
2015-01-02 14:10:44 +01:00
Michael Gerber
53e18b3ebe
fix reset-password-email
2015-01-02 12:52:21 +01:00
Stian Thorgersen
f97b71c207
KEYCLOAK-903
...
No client session for direct grant
2014-12-30 13:28:08 +01:00
Stian Thorgersen
a367473386
KEYCLOAK-902 State should not be required
2014-12-30 10:38:08 +01:00
Stian Thorgersen
e174802b0d
KEYCLOAK-825
...
Log out user sessions on password reset
2014-12-17 14:54:33 +01:00
Stian Thorgersen
6cf42db584
KEYCLOAK-891 Create server info page on admin console
2014-12-17 13:21:31 +01:00
gerbermichi
2186fe32a9
Bugfix: Can not read keycloak-server.json if the path contains a space
...
https://issues.jboss.org/browse/KEYCLOAK-892
2014-12-17 12:32:06 +01:00
apenders
f3adf02eea
Added CORS preflight support for realms/<realm>/tokens/refresh
2014-12-02 15:33:15 -07:00
Stian Thorgersen
a843e31c12
KEYCLOAK-862 Use HmacSHA256 for code signatures
2014-11-27 10:02:08 +01:00
Bill Burke
46983d68f3
move ServerCookie to core
2014-11-14 09:20:03 -05:00
mposolda
a94ab5883d
KEYCLOAK-835 Move AdapterConstants to different package
2014-11-10 22:16:20 +01:00
Marek Posolda
c0f377c8c7
Merge pull request #841 from jpkrohling/JPK-KEYCLOAK-821
...
KEYCLOAK-821 - Support for comma-separated list of file names to import.
2014-11-06 20:32:31 +01:00
Juraci Paixão Kröhling
cd0ad70952
KEYCLOAK-821 - Support for comma-separated list of file names to import.
2014-11-05 17:04:17 +01:00
Stian Thorgersen
e7625c2bb1
KEYCLOAK-820 Don't expose realm private key through admin endpoints
2014-11-05 15:34:56 +01:00
Bill Burke
9c175bfb5d
Merge remote-tracking branch 'upstream/master'
2014-11-04 15:55:47 -05:00
Bill Burke
ede59a4441
fix jax-doclets
2014-11-04 15:55:33 -05:00
Stian Thorgersen
7327423a03
Fix ResetPasswordTest
2014-11-04 13:05:50 +01:00
Stian Thorgersen
bb2de4dc59
KEYCLOAK-787 Clicking back to login after sending password reset email fails
2014-10-31 13:59:56 +01:00
Stian Thorgersen
9b0d5acb50
KEYCLOAK-704 KEYCLOAK-768 Improvements to access code generation
2014-10-31 12:45:03 +01:00
Stian Thorgersen
8adad9dddf
KEYCLOAK-806
...
Increase defaults for 'SSO Session Idle Timeout'
2014-10-31 09:41:21 +01:00
Bill Burke
cf747dac22
remove info logging
2014-10-30 09:53:06 -04:00
Bill Burke
0183ac43bc
aud should be client-id, issuer should be realm
2014-10-29 15:56:25 -04:00
Stian Thorgersen
6e4785e74c
KEYCLOAK-777 No login event for social login
2014-10-28 19:56:41 +01:00
Bill Burke
12e2a4698d
idp descriptor
2014-10-28 12:49:31 -04:00
Bill Burke
e3609cc85b
app importer
2014-10-28 11:54:58 -04:00
Bill Burke
971f0f5c16
publish protocol support
2014-10-24 11:25:04 -04:00
Bill Burke
1be070e34d
cleanup
2014-10-24 11:00:34 -04:00
Bill Burke
ce76270ad8
saml key refactor
2014-10-24 10:58:32 -04:00
mposolda
f3da9760a3
Send node registration at 1st request instead of deployment startup. Bugfixing
2014-10-21 23:15:21 +02:00
Bill Burke
668497df4d
upload keys
2014-10-21 16:33:17 -04:00
mposolda
01c705b4d3
KEYCLOAK-759 Added adapter clustering to admin console
2014-10-21 12:32:53 +02:00
Stian Thorgersen
dd4b2f811b
KEYCLOAK-710 Ignore missing roles in access-code
2014-10-21 11:15:35 +02:00
Stian Thorgersen
6b2a4229e3
KEYCLOAK-700 Check path is valid in account/login-redirect
2014-10-21 09:57:56 +02:00
Stian Thorgersen
63b41e2548
KEYCLOAK-703 Check valid origin is passed to login-status-iframe
2014-10-21 09:57:56 +02:00
Stian Thorgersen
ed895ce02d
KEYCLOAK-699 Set maximum size of qr-code
2014-10-21 09:57:56 +02:00
mposolda
7d8f265789
KEYCLOAK-759 dynamic registration of managementUrls in cluster
2014-10-17 21:51:46 +02:00
Bill Burke
8fbc8fc736
Merge remote-tracking branch 'upstream/master'
2014-10-14 18:39:08 -04:00
Bill Burke
7760887ac1
app cert support, bug fixes
2014-10-14 18:38:48 -04:00
Stian Thorgersen
106a0cb48d
KEYCLOAK-755 Support env variables in keycloak-server.json
2014-10-14 15:06:18 +02:00
Stian Thorgersen
1021e8af5c
KEYCLOAK-753 Add 'username:' prefix to remember me cookie to prevent issue with old cookie
2014-10-14 13:44:03 +02:00
Stian Thorgersen
4d401224de
KEYCLOAK-746 Allow linking to account from external provider
2014-10-13 10:48:45 +02:00
Bill Burke
4d007c776a
generate/store realm certificate
2014-10-11 10:49:04 -04:00
Bill Burke
deffa9b4e1
oauth id in admin console
2014-10-10 16:55:57 -04:00
Bill Burke
0ace5cd746
merge conflicts
2014-10-09 18:26:14 -04:00
Bill Burke
94da99bf10
use app id in admin console urls
2014-10-09 18:22:02 -04:00
mposolda
9954d68a1f
KEYCLOAK-748 cluster-aware logout for non-distributable apps
2014-10-09 21:33:07 +02:00
mposolda
ac8b43358d
Reduce logging
2014-10-08 23:28:02 +02:00
mposolda
7e7406ddb7
KEYCLOAK-743 Stateless session mgmt. Drop statistics for adapters.
2014-10-08 22:18:10 +02:00
Bill Burke
a1d1877751
ClientModel attributes and protocol
2014-10-08 10:54:13 -04:00
Bill Burke
5f1e6f3a23
merge
2014-10-07 18:17:44 -04:00
Bill Burke
6d5ab0f66b
saml backchannel logout
2014-10-07 18:06:02 -04:00
Bill Burke
e01424b815
Merge pull request #741 from patriot1burke/master
...
saml basic
2014-10-04 22:15:56 -04:00
Bill Burke
e3a3933390
saml basic
2014-10-04 21:27:48 -04:00
Stian Thorgersen
0d5be568f8
KEYCLOAK-722 Refreshing token throws RuntimeException if realm keys have changed
2014-10-03 13:23:21 +02:00
Stian Thorgersen
d6f030a05a
KEYCLOAK-662 NPE when using direct grant API with email as username
2014-10-03 12:10:52 +02:00
mposolda
e6121f301f
KEYCLOAK-732 AuthenticationManager.logout should logout just current userSession
2014-10-02 22:52:44 +02:00
mposolda
72b5632cfe
KEYCLOAK-731 Support for replacing configuration of Java adapters with system properties
2014-10-02 19:15:37 +02:00
mposolda
95521e8a95
KEYCLOAK-709 ResourceAdminManager.logoutApplication shouldn't immediatelly fail with RuntimeException
2014-10-01 23:20:49 +02:00
Bill Burke
6cf62a2768
move pre-auth
2014-10-01 14:57:52 -04:00
Bill Burke
cbc383d494
finish protocol refactoring
2014-10-01 14:19:59 -04:00
Bill Burke
546d45b009
protocol abstraction
2014-10-01 10:38:42 -04:00
Bill Burke
4b399fe05a
login protocol abstraction
2014-10-01 10:01:42 -04:00
Bill Burke
e32f73880f
Merge remote-tracking branch 'upstream/master'
2014-09-30 15:58:39 -04:00
Bill Burke
63b65c933b
token service refactoring
2014-09-30 15:58:20 -04:00
Stian Thorgersen
1d4e842cc0
Fixes to Mongo user session provider
2014-09-30 14:24:49 +02:00
Stian Thorgersen
99c73a9cc7
Clustering support
2014-09-30 09:40:20 +02:00
Bill Burke
fc867e59ea
action url refactor
2014-09-29 16:57:58 -04:00
Bill Burke
75a3093dda
login refactor phase 2, still more to do
2014-09-29 16:15:33 -04:00
Bill Burke
67f10bee24
Merge remote-tracking branch 'upstream/master'
2014-09-29 09:56:37 -04:00
Bill Burke
524b423733
ClientSession everywhere refactor phase1
2014-09-26 17:44:33 -04:00
Stian Thorgersen
f2e97ff9d6
Add test to add/remove attributes to user through admin endpoints
2014-09-25 19:35:57 +02:00
Bill Burke
66d58476d0
refactor security page flow
2014-09-23 11:05:10 -04:00
Bill Burke
bf42227224
remove junk
2014-09-22 16:35:22 -04:00
Bill Burke
99a6713e6f
clientsession notes
2014-09-22 16:34:42 -04:00
Bill Burke
0b8b31a3ea
KEYCLOAK-705
2014-09-19 10:00:47 -04:00
Stian Thorgersen
dcb5717154
KEYCLOAK-696 Display Keycloak version in admin console
2014-09-18 13:24:03 +02:00
mposolda
89471b7db1
KEYCLOAK-695 Let KEYCLOAK_REMEMBER_ME cookie to be valid for 1 year
2014-09-18 11:03:44 +02:00
mposolda
1049bca433
Prefill login form just if rememberMe enabled for the realm
2014-09-17 08:54:29 +02:00
mposolda
5352872b4b
Use KEYCLOAK_REMEMBER_ME as hint to prefill login form. Change lifespan of KEYCLOAK_IDENTITY to maxSsoSessionLifespan
2014-09-16 22:09:27 +02:00
mposolda
1be2bff95f
Typo
2014-09-12 16:57:02 +02:00
Stian Thorgersen
811cfd52c9
KEYCLOAK-657 Set cache-control for keycloak.js and login-iframe
2014-09-12 13:46:56 +02:00
Stian Thorgersen
7c15a70f53
Fixes to KEYCLOAK-682
2014-09-12 12:26:52 +02:00
Stian Thorgersen
5d141d4d8a
KEYCLOAK-682 Only send logout admin action to clients associated with user session
2014-09-12 11:47:11 +02:00
mposolda
6f173d4554
KEYCLOAK-678 Preserve form values in account mgmt after error
2014-09-11 20:54:48 +02:00
mposolda
649a40f58c
KEYCLOAK-676 Validate email address format during registration or account mgmt
2014-09-11 20:05:00 +02:00
Stian Thorgersen
b23463a1d2
KEYCLOAK-653 Add theme support to welcome-pages
2014-09-11 15:58:29 +02:00
Stian Thorgersen
280cbf2174
KEYCLOAK-680 Add/remove social-links through admin api
2014-09-11 12:09:55 +02:00
mposolda
aa7bbeb11b
Support for cors in PublicRealmResource
2014-09-10 13:05:53 +02:00
mposolda
52920119bd
Ensure that ServerInfo request is authorized and add CORS support to it
2014-09-10 10:42:05 +02:00
Stian Thorgersen
557de7690e
Fix CRSF protection on Chrome, and add check if 'Referer' header
2014-09-10 10:32:56 +02:00
Bill Burke
e3e32982a0
change CSRF to random value
2014-09-09 13:27:34 -04:00
Bill Burke
ac29db51e5
nolog CORS exception
2014-09-09 12:51:55 -04:00
Bill Burke
d0a3a04d34
CSRF
2014-09-09 12:06:48 -04:00
Stian Thorgersen
3530fa6259
KEYCLOAK-666 Update session last refreshed on every token refresh
2014-09-09 11:01:24 +02:00
Stian Thorgersen
8c8c44e50f
KEYCLOAK-658 Fix searching for users
2014-09-02 10:01:44 +02:00
Stian Thorgersen
31b0f5543f
Fixes
2014-08-29 17:11:18 +02:00
Stian Thorgersen
39c0be5d99
KEYCLOAK-652
...
Social user can't set password
2014-08-29 16:51:10 +02:00
Stian Thorgersen
b9d0f64f74
Added password token to use inplace of plain-text password for totp
2014-08-28 13:51:55 +02:00
Stian Thorgersen
55d614fce8
Reduce log in UserFederationResource
2014-08-28 11:26:55 +02:00
Stian Thorgersen
3bfe3d256e
Rename audit to events
2014-08-28 10:56:37 +02:00
mposolda
fb18004c1d
KEYCLOAK-643 Handle flows with adding user with existing username or email in federation providers
2014-08-27 12:19:23 +02:00
Stian Thorgersen
55bd889a0f
KEYCLOAK-531 Reduce info level logging
2014-08-27 11:17:24 +02:00
mposolda
b3b480c25f
Display proper error message if LDAP-linked user couldn't be deleted due to read-only mode
2014-08-26 19:10:48 +02:00
mposolda
fd9d2ba4d5
Handle exceptions and UI errors when user is read only. Some sync issues
2014-08-26 12:54:05 +02:00
mposolda
6c7d0f27a7
More tooltips for LDAP and generic federation. Minor fixes
2014-08-25 16:28:52 +02:00
Bill Burke
e99afec7ec
import console from export
2014-08-21 17:17:09 -04:00
Bill Burke
5dd84f1d9a
fix AccountService referrer problems
2014-08-20 14:20:59 -04:00
Bill Burke
47f361a4ab
nocache for fed provider list
2014-08-20 11:29:45 -04:00
Bill Burke
6e7924da76
demo fixes
2014-08-20 11:08:40 -04:00
Bill Burke
c38abb2cfe
?
2014-08-18 18:52:51 -04:00
Bill Burke
faf18dfdfd
fix cookie parsing problem
2014-08-18 18:36:36 -04:00
Bill Burke
2dc32fb8c9
fix menu error
2014-08-18 18:06:23 -04:00
Bill Burke
c86a6ba3f3
fix admin reset email
2014-08-15 11:46:38 -04:00
Bill Burke
5dca2a3588
expanded token service coverage
2014-08-14 21:01:05 -04:00
Bill Burke
cfee00d4c5
fix relative uri problem
2014-08-14 11:01:04 -04:00
Bill Burke
29691a3167
Merge pull request #626 from patriot1burke/master
...
more tooltips, change password
2014-08-13 12:17:48 -04:00
Bill Burke
edf73af508
change password
2014-08-13 10:35:49 -04:00
mposolda
4bac0474c6
Sync UI for generic providers
2014-08-12 18:12:28 +02:00
mposolda
f0b66a2241
Admin console UI for sync of users from LDAP. Sync fixes
2014-08-12 18:12:27 +02:00
Bill Burke
abb1647672
Merge pull request #619 from patriot1burke/master
...
fix logout
2014-08-12 10:06:44 -04:00
Bill Burke
114c1b95fa
fix logout
2014-08-12 10:06:19 -04:00
Stian Thorgersen
f95418dfc9
KEYCLOAK-592 Display login form with error message if trying to login with social provider where email already exists
2014-08-12 12:06:13 +01:00
Bill Burke
7c97e02715
X-Frame-Options, Content-Security-Policy
2014-08-11 17:45:01 -04:00
Stian Thorgersen
3f83538fc1
Merge pull request #612 from stianst/master
...
KEYCLOAK-616 Not require registration to add a new social user
2014-08-11 15:35:54 +01:00
Stian Thorgersen
3040f4e89f
KEYCLOAK-616 Not require registration to add a new social user
2014-08-11 15:34:57 +01:00
mposolda
8ba7559cac
Fix transaction handling in KeycloakModelUtils.runJobInTransaction. Start sync tasks for configured federation providers at startup
2014-08-11 13:51:44 +02:00
mposolda
d699404ce7
Support for periodic users sync
2014-08-10 23:23:50 +02:00
mposolda
5cb6c4e77c
Improve TimerSPI to support cancelling of previously scheduled tasks
2014-08-10 23:17:39 +02:00
Bill Burke
48f7efc97f
@NoCache where appropriate
2014-08-10 12:28:43 -04:00
Bill Burke
9aa6b4cbfa
optimize imports
2014-08-10 12:17:45 -04:00
Bill Burke
dc4e8603d7
change logout behavior
2014-08-08 18:33:37 -04:00
Bill Burke
32a19563a5
KEYCLOAK-547
2014-08-06 19:15:52 -04:00
Bill Burke
aff32f69bb
version
2014-08-06 15:44:50 -04:00
Bill Burke
5b5fea347a
improved oauth login/grant
2014-08-05 19:36:19 -04:00
Bill Burke
19e1ddff1d
logging
2014-08-05 16:04:13 -04:00
Bill Burke
ea0ceeb65d
Merge pull request #589 from patriot1burke/master
...
app full scope
2014-08-04 16:26:51 -04:00
Bill Burke
a497c69758
relative logout
2014-08-04 16:17:35 -04:00
Bill Burke
731d75c756
app full scope by default
2014-08-04 16:04:10 -04:00
mposolda
5edb84ccfb
Ensure that displayName is persisted. Add 'user' to ActiveDirectory classes
2014-08-04 16:42:48 +02:00
Bill Burke
60a564dcfd
fix fed example
2014-08-03 10:53:37 -04:00
Bill Burke
101a72cd65
remove AuthenticationProvider/Link
2014-08-01 18:03:48 -04:00
Bill Burke
d1c5c55a61
switch to a get
2014-08-01 13:28:17 -04:00
Bill Burke
bdc31d9459
Merge remote-tracking branch 'upstream/master'
2014-08-01 13:18:46 -04:00
Bill Burke
f08c42a37e
token validation
2014-08-01 13:18:32 -04:00
Stian Thorgersen
6cbeeb1b1a
KEYCLOAK-591 Require SSL for all external requests by default
2014-08-01 13:52:04 +01:00
Bill Burke
705da88daa
fix cache setup
2014-07-31 14:05:23 -04:00
Bill Burke
94c06f3f5d
fed ui
2014-07-31 13:13:48 -04:00
Bill Burke
b72a7db6fe
federation display name
2014-07-31 10:51:04 -04:00
Bill Burke
d0dc75c06f
federation ui
2014-07-30 22:52:39 -04:00
Stian Thorgersen
fa01d53f9e
KEYCLOAK-545 Stop NPE if no client_secret is specified or bearer-only application is used for grants/access
2014-07-30 16:41:07 +01:00
Stian Thorgersen
50bc53d673
KEYCLOAK-562 Cache theme instances
2014-07-30 16:06:08 +01:00
Stian Thorgersen
fcc4781e3a
Updated admin endpoints and console to use oauth client name/clientId to retrieve a oauth client
2014-07-30 14:10:25 +01:00