Miquel Simon
2572b1464b
KEYCLOAK-15395. Removed totp/remove (DELETE) and credentials/password (GET, POST) endpoints.
2020-09-10 18:03:03 -03:00
Takashi Norimatsu
af2f18449b
KEYCLOAK-14195 FAPI-RW Client Policy - Condition : Client - Client Role
2020-09-10 18:34:19 +02:00
Clement Cureau
b19fe5c01b
Finegrain admin as fallback and added some tests
2020-09-10 12:26:55 -03:00
Sebastian Laskawiec
e01159a943
KEYCLOAK-14767 OpenShift Review Endpoint audience fix
2020-09-09 11:57:24 -03:00
Takashi Norimatsu
cbb79f0430
KEYCLOAK-15448 FAPI-RW : Error Response on OIDC private_key_jwt Client Authentication Error (400 error=invalid_client)
2020-09-09 11:14:21 +02:00
Benjamin Weimer
b2934e8dd0
KEYCLOAK-15327 backchannel logout invalidate offline session even if there is no corresponding active session found
2020-09-08 11:17:20 -03:00
Martin Kanis
4e9bdd44f3
KEYCLOAK-14901 Replace deprecated ClientProvider related methods across Keycloak
2020-09-07 13:11:55 +02:00
stianst
76f7fbb984
KEYCLOAK-14548 Add support for cached gzip encoding of resources
2020-09-07 00:58:47 -07:00
Martin Bartos
e34ff6cd9c
[KEYCLOAK-14326] Identity Provider force sync is not working
2020-09-07 09:42:40 +02:00
Takashi Norimatsu
1d8230d438
KEYCLOAK-14190 Client Policy - Condition : The way of creating/updating a client
2020-09-04 09:54:55 +02:00
Luca Leonardo Scorcia
67b2d5ffdd
KEYCLOAK-14961 SAML Client: Add ability to request specific AuthnContexts to remote IdPs
2020-09-03 21:25:36 +02:00
Hynek Mlnarik
1c4a2db8e1
KEYCLOAK-14510 Properly close Response object
2020-09-03 11:23:05 +02:00
Konstantinos Georgilakis
1fa93db1b4
KEYCLOAK-14304 Enhance SAML Identity Provider Metadata processing
2020-09-02 20:43:09 +02:00
Takashi Norimatsu
b93a6ed19f
KEYCLOAK-14919 Dynamic registration - Scope ignored
2020-09-02 13:59:22 +02:00
Takashi Norimatsu
107a429238
KEYCLOAK-15236 FAPI-RW : Error Response on OAuth 2.0 Mutual TLS Client Authentication Error (400 error=invalid_client)
2020-09-02 09:31:20 +02:00
mhajas
3928a49c77
KEYCLOAK-14816 Reset brute-force-detection data for the user after a successful password grant type flow
2020-09-01 21:45:17 +02:00
Hynek Mlnarik
583fa07bc4
KEYCLOAK-11029 Support modification of broker username / ID for identity provider linking
2020-09-01 20:40:38 +02:00
testn
0362d3a430
KEYCLOAK-15113: Move away from deprecated Promise.success()/error()
2020-09-01 14:26:44 -04:00
mhajas
bdccfef513
KEYCLOAK-14973 Create GroupStorageManager
2020-09-01 10:21:39 +02:00
Martin Bartos
9c847ab176
[KEYCLOAK-14432] Unhandled NPE in identity broker auth response
2020-08-31 14:14:42 +02:00
Martin Kanis
d59a74c364
KEYCLOAK-15102 Complement methods for accessing groups with Stream variants
2020-08-28 20:56:10 +02:00
Thomas Darimont
df94cefbc1
KEYCLOAK-12729 Revise password policy not-email tests
...
- Added missing cleanup to RegisterTest
- Revised test-setup for AccountFormServiceTest
2020-08-21 14:55:07 +02:00
Thomas Darimont
0f967b7acb
KEYCLOAK-12729 Add password policy not-email
...
Added test cases and initial translations
2020-08-21 14:55:07 +02:00
mposolda
bd48d7914d
KEYCLOAK-15139 Backwards compatibility for LDAP Read-only mode with IMPORT_USERS enabled
2020-08-20 14:05:21 +02:00
Hynek Mlnarik
6231b7c904
KEYCLOAK-15207 Fix map storage test failures
2020-08-20 07:53:54 +02:00
Pedro Igor
cb57c58b4b
[KEYCLOAK-14730] - Consent not working when using federation storage and client is displayed on consent screen
2020-08-19 10:08:21 +02:00
mhajas
ae39760a62
KEYCLOAK-14972 Add independent GroupProvider interface
2020-08-13 21:13:12 +02:00
Benjamin Weimer
fdcfa6e13e
KEYCLOAK-15156 backchannel logout offline session handling
2020-08-13 08:09:59 -03:00
David Hellwig
ddc2c25951
KEYCLOAK-2940 - draft - Backchannel Logout ( #7272 )
...
* KEYCLOAK-2940 Backchannel Logout
Co-authored-by: Benjamin Weimer <external.Benjamin.Weimer@bosch-si.com>
Co-authored-by: David Hellwig <hed4be@bosch.com>
2020-08-12 09:07:58 -03:00
Sebastian Paetzold
4ff34c1be9
KEYCLOAK-14890 Improve null handling in case of missing NameId
2020-08-06 10:45:22 -03:00
vmuzikar
b68d06f91c
KEYCLOAK-13127 Update Account Console to Account REST API v1
2020-08-04 18:43:23 -03:00
vramik
6b00633c47
KEYCLOAK-14812 Create RoleStorageManager
2020-07-31 15:11:25 -03:00
vramik
bfa21c912c
KEYCLOAK-14811 Create RoleProvider and make it independent of ClientProvider and RealmProvider
2020-07-31 15:11:25 -03:00
rmartinc
32bf50e037
KEYCLOAK-14336: LDAP group membership is not visible under "Users in Role" tab for users imported from LDAP
2020-07-30 16:19:22 +02:00
Dillon Sellars
25bb2e3ba2
KEYCLOAK-14529 Signed and Encrypted ID Token Support : RSA-OAEP-256 Key Management Algorithm
2020-07-30 15:20:51 +02:00
vramik
7f979ffbcf
KEYCLOAK-14889 Create test for clientStorageProviderTimeout
2020-07-30 08:42:51 -03:00
Yoshiyuki Tabata
cd76ed0d74
KEYCLOAK-14289 OAuth Authorization Server Metadata for Token Revocation
2020-07-29 11:41:56 +02:00
Martin Idel
97400827d2
KEYCLOAK-14870: Fix bug where user is incorrectly imported
...
Bug: SerializedBrokeredIdentityContext was changed to mirror
UserModel changes. However, when creating the user in LDAP,
the username must be provided first (everything else can
be handled via attributes).
2020-07-29 11:33:41 +02:00
Takashi Norimatsu
0191f91850
KEYCLOAK-14380 Support Requesting Claims using the claims Request Parameter
2020-07-29 09:53:28 +02:00
mposolda
c4fca5895f
KEYCLOAK-14892 NullPointerException when group mappings for LDAP users are accessed
2020-07-28 14:45:06 +02:00
Martin Idel
330a3d8ff5
KEYCLOAK-14904 Fix AccountRestService
...
- custom attributes in UserModel are removed during update
- this can break caching (doesn't break if user is written
to database)
- also ensure that we don't accidentally change username
and/or firstName/lastName through attributes
2020-07-28 10:03:14 +02:00
Martin Idel
bf411d7567
KEYCLOAK-14869: Fix nullpointer exception in FullNameLDAPStorageMapper
...
Setting an attribute should be possible with a list
containing no elements or a null list
This can happen e.g. when creating users via idps
using a UserAttributeStatementMapper.
Fix this unprotected access in other classes too
2020-07-28 09:54:37 +02:00
Lorent Lempereur
e82fe7d9e3
KEYCLOAK-13950 SAML2 Identity Provider - Send Subject in SAML requests
2020-07-24 21:41:57 +02:00
mhajas
74988a3f21
KEYCLOAK-14826 Fix non-ssl auth-server tests failures
2020-07-23 14:20:19 +02:00
keycloak-bot
afff0a5109
Set version to 12.0.0-SNAPSHOT
2020-07-22 14:36:15 +02:00
Hynek Mlnarik
8fae2997c9
KEYCLOAK-14553 Improve logging
2020-07-22 00:08:15 +02:00
Hynek Mlnarik
c566b46e8f
KEYCLOAK-14549 Make ClientProvider independent of RealmProvider
...
Co-Authored-By: vramik <vramik@redhat.com>
2020-07-22 00:08:15 +02:00
Hynek Mlnarik
ac0011ab6f
KEYCLOAK-14553 Client map store
...
Co-Authored-By: vramik <vramik@redhat.com>
2020-07-22 00:08:15 +02:00
Martin Kanis
c5d5423cd3
KEYCLOAK-12265 Move KerberosEmbeddedServer to testsuite
2020-07-21 18:27:09 +02:00
vmuzikar
316f9f46e2
KEYCLOAK-14825 Make adapter tests running with FF to test cookies
2020-07-21 10:25:19 -03:00
Luca Leonardo Scorcia
9204402514
KEYCLOAK-14820 Import the NameIDPolicyFormat attribute from SAML IDP metadata descriptors
2020-07-21 12:23:25 +02:00
Takashi Norimatsu
e0fbfa722e
KEYCLOAK-14189 Client Policy : Basics
2020-07-21 07:50:08 +02:00
Douglas Palmer
6d5495141d
[KEYCLOAK-14611] Incorrect error message shown on duplicated email registration
2020-07-20 18:17:54 -03:00
Jan Lieskovsky
969b09f530
[KEYCLOAK-13692] Upgrade to Wildfly "20.0.1.Final" and Infinispan "10.1.8.Final"
...
Co-authored-by: Jan Lieskovsky <jlieskov@redhat.com>
Co-authored-by: Marek Posolda <mposolda@redhat.com>
2020-07-20 22:15:08 +02:00
Luca Leonardo Scorcia
46bf139cb4
KEYCLOAK-14741 Minor SAML specs compliance improvements
2020-07-20 21:08:12 +02:00
mhajas
93149d6b47
KEYCLOAK-14234 Adjust Adapter testsuite to work with app/auth.server.host including TLS configured
2020-07-20 11:22:16 +02:00
Thomas Vitale
4cd5ace800
KEYCLOAK-9321 Remove invalid token_introspection_endpoint
...
The discovery document is advertizing both token_introspection_endpoint
and introspection_endpoint. The former has been removed as it is not
defined by OAuth2/OIDC.
2020-07-17 11:41:28 +02:00
Erik Jan de Wit
ace64c1f0c
KEYCLOAK-12249 added test to test that time is localized
2020-07-15 14:57:38 -04:00
Pedro Igor
582046bbfe
[KEYCLOAK-13141] - Fixing filter
2020-07-15 11:00:55 -03:00
Luca Leonardo Scorcia
f8a4f66d6c
KEYCLOAK-13698 - SAML Client - Add certificate info to signature
...
Adds the X509Data tag to the XML Document signature in AuthnRequests
2020-07-10 23:06:37 +02:00
vmuzikar
7087c081f0
KEYCLOAK-14023 Instagram User Endpoint change
...
Co-authored-by: Jean-Baptiste PIN <jibet.pin@gmail.com>
2020-07-10 17:36:51 -03:00
Pedro Igor
1db1deb066
[KEYCLOAK-13141] - Supporting re-augmentation
2020-07-10 11:04:46 -03:00
Pavel Drozd
48e4432e9d
KEYCLOAK-14508 - Exclude SessionNotOnOrAfterTest from remote tests
2020-07-10 14:22:11 +02:00
Luca Leonardo Scorcia
d6934c64fd
Refactor SAML metadata generation to use the SAMLMetadataWriter class
2020-07-09 09:39:35 +02:00
Pedro Igor
9c4da9b3ce
[KEYCLOAK-14147] - Request filter refactoring
...
Co-authored-by: Stian Thorgersen <stian@redhat.com>
Co-authored-by: Martin Kanis <mkanis@redhat.com>
2020-07-07 11:26:12 -03:00
kurisumakise2011
738f24aa38
[KEYCLOAK-14570] Resolve nullpointer issue in controller
...
Some ProviderFactory returns null as properties instead of
Collections.emptyList() and it leads to NPE.
Fix it with using Optional.ofNullable(...).orElse(Collections.emptyList())
2020-07-07 07:46:26 +02:00
Douglas Palmer
9369c7cf4d
Add filter by name to applications endpoint
2020-07-03 15:35:38 -03:00
Martin Idel
8fe25948f7
KEYCLOAK-13959 Add AdvancedAttribute mapper for SAML to allow regexes
2020-07-03 18:19:35 +02:00
Plamen Kostov
914b226d11
[KEYCLOAK-14282] Create additional filtering for GET /users endpoint for enabled/disabled users
2020-07-03 09:07:42 -03:00
Axel Messinese
f30395d535
KEYCLOAK-12687 Add briefRepresentation queryParams to get roles 'composite' endpoints
2020-07-03 09:41:53 +02:00
Bartosz Siemieńczuk
e2040f5d13
KEYCLOAK-14006 Allow administrator to add additional fields to be fetched with Facebook profile request
2020-07-01 18:27:04 -03:00
Eric Rodrigues Pires
de9a0a0a4a
[KEYCLOAK-13044] Fix owner name representations of UMA tickets for client-owned resources
2020-07-01 18:15:22 -03:00
vmuzikar
dc6f7d0547
KEYCLOAK-14635 Saml tests are failing with invalid redirect urls
2020-07-01 13:46:43 +02:00
vmuzikar
001fe9eb11
KEYCLOAK-13206 Session Status iframe cannot access cookies when 3rd party cookies are blocked
...
Co-authored-by: mhajas <mhajas@redhat.com>
2020-06-30 17:11:20 -03:00
Douglas Palmer
5e44bb781b
[KEYCLOAK-14344] Cannot revoke offline access for an app if the app doesn't require consent
2020-06-26 14:56:08 -04:00
Martin Idel
05b6ef8327
KEYCLOAK-14536 Migrate UserModel fields to attributes
...
- In order to make lastName/firstName/email/username field
configurable in profile
we need to store it as an attribute
- Keep database as is for now (no impact on performance, schema)
- Keep field names and getters and setters (no impact on FTL files)
Fix tests with logic changes
- PolicyEvaluationTest: We need to take new user attributes into account
- UserTest: We need to take into account new user attributes
Potential impact on users:
- When subclassing UserModel, consistency issues may occur since one can
now set e.g. username via setSingleAttribute also
- When using PolicyEvaluations, the number of attributes has changed
2020-06-25 14:50:57 +02:00
Pedro Igor
337a751aaa
[KEYCLOAK-11330] - Clustering tests for GA
2020-06-24 17:23:45 +02:00
Douglas Palmer
1434f14663
[KEYCLOAK-14346] Base URL for applications is broken
2020-06-23 15:26:07 -03:00
vramik
1b988cc12e
KEYCLOAK-14516 app-server-eap6 tests fails due to compilation error
2020-06-22 13:43:11 +02:00
Hiroyuki Wada
f73b51818b
KEYCLOAK-14113 Support for exchanging to SAML 2.0 token
2020-06-19 22:08:42 +02:00
Dirk Weinhardt
08dca9e89f
KEYCLOAK-13205 Apply locale resolution strategy to admin console.
2020-06-19 10:27:13 -04:00
Peter Skopek
5f78a09db1
KEYCLOAK-13029 kcadm composite role creation fails
2020-06-18 16:37:02 +02:00
vmuzikar
662f7fbccd
KEYCLOAK-14497 Compilation error in UsernameTemplateMapperTest
2020-06-18 09:15:07 -03:00
Martin Bartos
ec9bf6206e
[KEYCLOAK-13202] Reset password redirects to account client
2020-06-18 13:08:36 +02:00
Erik Jan de Wit
c20766f2d7
KEYCLOAK-14140 added more test cases
...
Co-authored-by: vmuzikar <vmuzikar@redhat.com>
2020-06-17 13:56:11 -04:00
Thomas Darimont
92ab9c08ae
KEYCLOAK-8100 Expose sub claim in OIDC IdentityBroker Mappers
...
We now expose the claims "sub" for use in Identity Broker mappers.
Previously claims directly mapped to `JsonWebToken` fields were not
accessible for mappings.
2020-06-17 12:56:08 -03:00
Pedro Igor
d331091c5e
[KEYCLOAK-11330] - Quarkus tests
2020-06-17 17:20:55 +02:00
vmuzikar
d71e81ed5e
KEYCLOAK-14235 Support for running broker tests with different hostnames for auth server and IdP
2020-06-17 14:13:00 +02:00
Pedro Igor
a8bad5b9bb
[KEYCLOAK-11330] - Quarkus clustering tests
2020-06-16 10:07:24 -03:00
vramik
c403aa49f7
KEYCLOAK-14087 migration from 9.0.3
2020-06-15 14:47:13 +02:00
mhajas
5d1d75db40
KEYCLOAK-14103 Add Warn message for possibly missing SameSite configuration
2020-06-15 14:45:57 +02:00
Jan Lieskovsky
df7d85b38d
[KEYCLOAK-14358] Enable StartTLS LDAP tests
...
Thanks to KEYCLOAK-14343 Use Truststore SPI StartTLS bug fix
they will work with Truststore SPI used by auth server Wildfly too
Signed-off-by: Jan Lieskovsky <jlieskov@redhat.com>
2020-06-11 18:07:53 +02:00
Tero Saarni
3c82f523ff
[KEYCLOAK-14343] Truststore SPI support for LDAP with StartTLS
...
Signed-off-by: Tero Saarni <tero.saarni@est.tech>
Co-authored-by: Jan Lieskovsky <jlieskov@redhat.com>
2020-06-11 18:07:53 +02:00
Pedro Igor
e16f30d31f
[KEYCLOAK-2343] - Allow exact user search by user attributes
...
Co-authored-by: Hynek Mlnařík <hmlnarik@users.noreply.github.com>
2020-06-10 12:02:50 -03:00
vramik
d63b3ceca4
KEYCLOAK-14141 0 downtime upgrade test
2020-06-10 12:45:34 +02:00
Pedro Igor
6ccde288a3
[KEYCLOAK-11330] - SSL Support
2020-06-09 08:43:52 +02:00
vmuzikar
b192ac4ea7
KEYCLOAK-14233 Support for generating SSL keystore before running testsuite
...
Move profile for app server to base
2020-06-08 10:51:54 -03:00
Douglas Palmer
33863ba161
KEYCLOAK-10162 Usage of ObjectInputStream without checking the object types
...
Co-authored-by: mposolda <mposolda@gmail.com>
2020-06-08 13:12:08 +02:00
Yoshiyuki Tabata
f03ee2ec98
KEYCLOAK-14145 OIDC support for Client "offline" session lifespan
2020-06-04 14:24:52 +02:00
Denis
8d6f8d0465
EYCLOAK-12741 Add name and description edit functionality to Authentication and Execution Flows
2020-06-04 08:08:52 +02:00
Alfredo Boullosa
2ddfc94495
KEYCLOAK-14115 Add a refresh to avoid failure
2020-06-03 20:13:08 -04:00
Pedro Igor
357982adf6
[KEYCLOAK-11330] - Initial changes to get testsuite working for Quarkus
2020-06-03 09:57:24 -03:00
Jan Lieskovsky
a121f77ea4
[KEYCLOAK-12305] [Testsuite] Check LDAP federated user (in)valid
...
login(s) using various authentication methods, bind credential
types, and connection encryption mechanisms
The tests cover various possible combinations of the following:
* Authentication method: Anonymous or Simple (default),
* Bind credential: Secret (default) or Vault,
* Connection encryption: Plaintext (default), SSL, or startTLS
Also, ignore the StartTLS LDAP tests for now till KEYCLOAK-14343
& KEYCLOAK-14354 are corrected (due these issues they aren't
working with auth server Wildfly). They will be re-enabled later
via KEYCLOAK-14358 once possible
Signed-off-by: Jan Lieskovsky <jlieskov@redhat.com>
2020-06-02 14:44:17 +02:00
Pedro Igor
e8dc10b4a1
[KEYCLOAK-11330] - Properly handling POST formdata and UriInfo
2020-06-02 09:36:40 +02:00
stianst
90b29b0e31
KEYCLOAK-14107 Admin page content blocked on v10.0.0 due to content security policy
2020-05-29 13:57:38 +02:00
Benjamin Weimer
4265fdcab2
KEYCLOAK-14318 Client Empty Root URL and relative Base URL is valid
2020-05-29 11:21:28 +02:00
vmuzikar
f8dce7fc3e
KEYCLOAK-13819 SAML brokering with POST binding is broken by new SameSite policies
2020-05-28 13:37:56 +02:00
Thomas Darimont
e825ec24cb
KEYCLOAK-9635 Add AccessTokenHash to IDToken for OIDC Auth Code flow
...
Revised tests
2020-05-27 07:34:05 +02:00
Thomas Darimont
5a337d0376
KEYCLOAK-9635 Add AccessTokenHash to IDToken for OIDC Auth Code flow
...
Added missing test
2020-05-27 07:34:05 +02:00
Torsten Juergeleit
6005503a3d
Namespace support to group-ldap-mapper
...
Previously, Keycloak did only support syncing groups from LDAP federation provider as top-level KC groups.
This approach has some limitations:
- If using multiple group mappers then there’s no way to isolate the KC groups synched by each group mapper.
- If the option "Drop non-existing groups during sync” is activated then all KC groups (including the manually created ones) are deleted.
- There’s no way to inherit roles from a parent KC group.
This patch introduces support to specify a prefix for the resulting group path, which effectively serves as a namespace for a group.
A path prefix can be specified via the newly introduced `Groups Path` config option on the mapper. This groups path defaults to `/` for top-level groups.
This also enables to have multiple `group-ldap-mapper`'s which can manage groups within their own namespace.
An `group-ldap-mapper` with a `Group Path` configured as `/Applications/App1` will only manage groups under that path. Other groups, either manually created or managed by other `group-ldap-mapper` are not affected.
2020-05-26 17:37:29 +02:00
Hynek Mlnarik
7deb89caab
KEYCLOAK-10729 Do not serialize SAML signature
2020-05-25 15:38:17 +02:00
vmuzikar
e873c70374
KEYCLOAK-14236 Support for custom Firefox preferences
2020-05-22 09:24:41 -03:00
cachescrubber
3382682115
KEYCLOAK-10927 - Implement LDAPv3 Password Modify Extended Operation … ( #6962 )
...
* KEYCLOAK-10927 - Implement LDAPv3 Password Modify Extended Operation (RFC-3062).
* KEYCLOAK-10927 - Introduce getLDAPSupportedExtensions(). Use result instead of configuration.
Co-authored-by: Lars Uffmann <lars.uffmann@vitroconnect.de>
Co-authored-by: Kevin Kappen <kevin.kappen@vitroconnect.de>
Co-authored-by: mposolda <mposolda@gmail.com>
2020-05-20 21:04:45 +02:00
Denis
8c7b69fc9e
KEYCLOAK-13748 Create automated test for scenario with alternative subflow for credential reset
2020-05-20 14:06:53 +02:00
Stan Silvert
13d0491ff3
KEYCLOAK-14038: Re-allow special characters for Roles only
2020-05-20 07:53:23 -04:00
Takashi Norimatsu
c057b994e7
KEYCLOAK-13104 Signed and Encrypted ID Token Support : AES 192bit and 256bit key support
2020-05-20 09:01:59 +02:00
mhajas
4b8c7dd7d7
KEYCLOAK-14048 Allow clock skew when testing refresh token actual expiration time
2020-05-20 08:12:54 +02:00
Takashi Norimatsu
be0ba79daa
KEYCLOAK-7997 Implement Client Registration Metadata based on Mutual TLS
2020-05-19 17:00:41 +02:00
mposolda
12d965abf3
KEYCLOAK-13047 LDAP no-import fixes. Avoid lost updates - dont allow update attributes, which are not mapped to LDAP
2020-05-19 16:58:25 +02:00
Martin Kanis
6f43b58ccf
KEYCLOAK-14074 filterIdentityProviders compares providerId instead of alias
2020-05-19 09:46:21 +02:00
Thomas Darimont
6211fa90e0
KEYCLOAK-10932 Honor given_name and family_name in OIDC brokering
...
Previously firstname and lastname were derived from the name claim.
We now use direct mappings to extract firstname and lastname from
given_name and family_name claims.
Added test to KcOidcFirstBrokerLoginTest
Marked org.keycloak.broker.provider.BrokeredIdentityContext#setName
as deprecated to avoid breaking existing integrations.
2020-05-19 09:10:43 +02:00
Álvaro Gómez Giménez
666832d1be
KEYCLOAK-13066 Include resourceType in ScopePermissionRepresentation
2020-05-12 17:11:35 -03:00
Sven-Torben Janus
82d3251ab4
Remove *-imports
2020-05-12 20:50:18 +02:00
Sven-Torben Janus
fcb0e450a0
KEYCLOAK-13817 Return local user from LDAPStorageProvider
2020-05-12 20:50:18 +02:00
Yoshiyuki Tabata
f7d00fc2e9
KEYCLOAK-13844 "exp" claim should not be "0" when using offline token
2020-05-12 16:14:37 +02:00
stianst
49db2c13a5
KEYCLOAK-8141 Fix issue where attribute values are duplicated if updates to user are done in parallell
2020-05-12 09:06:44 +02:00
Pedro Igor
44c49d69a7
[KEYCLOAK-13071] - AuthorizationTokenService swallows Exceptions thrown by KeycloakIdentity
2020-05-08 09:21:37 +02:00
Takashi Norimatsu
3716bd96ad
KEYCLOAK-14093 Specify Signature Algorithm in Signed JWT with Client Secret
2020-05-07 11:28:39 +02:00
Takashi Norimatsu
0d0617d44a
KEYCLOAK-13720 Specify Signature Algorithm in Signed JWT Client Authentication
2020-05-05 17:43:00 +02:00
rmartinc
f0852fd362
KEYCLOAK-13823: "Dir" Full export/import: On import, service account roles and authorization info are not imported
2020-05-05 17:05:56 +02:00
Vanrar68
85feda3beb
KEYCLOAK-13998 ConditionalRoleAuthenticator doesn't work with composite roles
2020-05-05 08:39:04 +02:00
Martin Bartos
7ebdca48d3
[KEYCLOAK-13572] Doesn't observe After events due to assume check
2020-05-04 17:31:44 +02:00
Michael Riedmann
66c7ec6b08
[KEYCLOAK-13995] added test for clientUpdate with ProtocolMappers
2020-05-04 17:13:57 +02:00
Erik Jan de Wit
435815249b
KEYCLOAK-12783 changed to base account url for new console
2020-05-04 07:16:15 -04:00
Hynek Mlnarik
32f13016fa
KEYCLOAK-12874 Align Destination field existence check with spec
2020-05-04 09:19:44 +02:00
Martin Kanis
aa309b96a8
KEYCLOAK-13682 NPE when refreshing token after enabling consent
2020-04-30 08:46:21 +02:00
keycloak-bot
ae20b7d3cd
Set version to 11.0.0-SNAPSHOT
2020-04-29 12:57:55 +02:00
Yoshiyuki Tabata
874642fe9e
KEYCLOAK-12406 Add "Client Session Max" and "Client Session Idle" for OIDC
2020-04-28 15:34:25 +02:00
stianst
5b017e930d
KEYCLOAK-13128 Security Headers SPI and response filter
2020-04-28 15:28:24 +02:00
Yoshiyuki Tabata
b40c12c712
KEYCLOAK-5325 Provide OAuth token revocation capability
2020-04-28 15:25:22 +02:00
Erik Jan de Wit
ab2d1546b4
fix merge errors
2020-04-27 09:09:31 -04:00
Erik Jan de Wit
7580be8708
KEYCLOAK-13121 added the basic functionality
2020-04-27 09:09:31 -04:00
Stefan Guilhen
da1138a8d2
[KEYCLOAK-13005] Make sure the master URL is used if the consumer POST or REDIRECT URL is an empty string
...
- Fixes issue where admin console sets an empty string when the consumer POST or REDIRECT URL is deleted
2020-04-27 14:25:03 +02:00
Pedro Igor
44b489b571
[KEYCLOAK-13656] - Deny request if requested scope is not associated to resource or any typed resources
2020-04-27 08:39:38 +02:00
Pedro Igor
dacbe22d53
[KEYCLOAK-9896] - Authorization Scope modified improperly when updating Resource
2020-04-27 08:38:55 +02:00
Martin Idel
7e8018c7ca
KEYCLOAK-11862 Add Sync mode option
...
- Store in config map in database and model
- Expose the field in the OIDC-IDP
- Write logic for import, force and legacy mode
- Show how mappers can be updated keeping correct legacy mode
- Show how mappers that work correctly don't have to be modified
- Log an error if sync mode is not supported
Fix updateBrokeredUser method for all mappers
- Allow updating of username (UsernameTemplateMapper)
- Delete UserAttributeStatementMapper: mapper isn't even registered
Was actually rejected but never cleaned up: https://github.com/keycloak/keycloak/pull/4513
The mapper won't work as specified and it's not easy to tests here
- Fixup json mapper
- Fix ExternalKeycloakRoleToRoleMapper:
Bug: delete cannot work - just delete it. Don't fix it in legacy mode
Rework mapper tests
- Fix old tests for Identity Broker:
Old tests did not work at all:
They tested that if you take a realm and assign the role,
this role is then assigned to the user in that realm,
which has nothing to do with identity brokering
Simplify logic in OidcClaimToRoleMapperTests
- Add SyncMode tests to most mappers
Added tests for UsernameTemplateMapper
Added tests to all RoleMappers
Add test for json attribute mapper (Github as example)
- Extract common test setup(s)
- Extend admin console tests for sync mode
Signed-off-by: Martin Idel <external.Martin.Idel@bosch.io>
2020-04-24 15:54:32 +02:00
Pedro Igor
8f5e58234e
[KEYCLOAK-11317] - IDP review profile allows empty username
2020-04-24 10:52:59 -03:00
Douglas Palmer
d4eeed306b
[KEYCLOAK-11764] Upgrade to Wildfly 19
2020-04-24 08:19:43 -03:00
Bart Monhemius
9389332675
[KEYCLOAK-13927] Accept only ticketId instead of the PermissionTicketRepresentation for delete in PermissionResource
2020-04-23 15:59:43 -03:00
Bart Monhemius
acc5ab9e44
[KEYCLOAK-13927] Allow deleting permission tickets with the Authz client
2020-04-23 15:59:43 -03:00
Martin Kanis
a04c70531a
KEYCLOAK-9623 Disabling logged in user will not allow other user to login after he is thrown out of his session
2020-04-23 14:40:25 +02:00
Takashi Norimatsu
8513760e25
KEYCLOAK-12176 WebAuthn: show the attestation statement format in the admin console
2020-04-23 10:01:19 +02:00
mhajas
1db87acc98
KEYCLOAK-13852 reset time at the end of testTokenConcurrentRefresh test
2020-04-22 15:06:28 +02:00
mposolda
83255e1b08
KEYCLOAK-13922 MigrationModelTest failing in latest master
2020-04-22 14:05:34 +02:00
Thomas Darimont
12e53e6f11
KEYCLOAK-11003 Remove UPDATE_PASSWORD RequiredAction on non-temporary password reset
...
We now remove a potentially existing UPDATE_PASSWORD action when
explicitly assigning a non-temporary password.
Adapted tests to use a temporary password when UpdatePassword required actions
were used.
2020-04-22 10:59:49 +02:00
Thomas Darimont
f9f71039ae
KEYCLOAK-13566 ValidateUsername should raise USER_NOT_FOUND event if the user lookup fails
2020-04-21 21:11:11 +02:00
Pedro Igor
cbab159aa8
[KEYCLOAK-8071] - Properly validating requested scopes
2020-04-21 12:23:59 +02:00
mposolda
38195ca789
KEYCLOAK-12842 Not possible to update user with multivalued LDAP RDN
2020-04-21 11:35:41 +02:00
aboullos
2945eb63b7
KEYCLOAK-8836 Add test to check product name on welcome page
...
Modify import
KEYCLOAK-8836 Add test to check product name on welcome page
2020-04-21 11:30:20 +02:00
keycloak-bot
33314ae3ca
Set version to 10.0.0-SNAPSHOT
2020-04-21 09:19:32 +02:00
mposolda
b29810c923
KEYCLOAK-13306 Model fixes for check realm when lookup by ID
...
(cherry picked from commit e40a62de31f6f5d326234314a9e285010665f707)
2020-04-21 08:19:50 +02:00
mposolda
821405e175
KEYCLOAK-10852 Inconsistency when using 'forgot password' after changing email directly in LDAP
2020-04-16 12:28:41 +02:00
Pedro Igor
acfbdf6b0e
[KEYCLOAK-13187] - Concurrency issue when refreshing tokens and updating security context state
2020-04-16 12:25:42 +02:00
Pedro Igor
21597b1ff2
[KEYCLOAK-13581] - Fixing client pagination when permission is enabled
2020-04-14 16:57:27 -03:00
mposolda
4f1985826c
KEYCLOAK-12934 LOAD_ROLES_BY_MEMBER_ATTRIBUTE_RECURSIVELY user roles retrieve strategy role-ldap-mapper option should only be displayed if LDAP provider vendor is Active Directory
2020-04-14 20:01:55 +02:00
stianst
1f02f87a6e
KEYCLOAK-13565 Add support for kc_action to keycloak.js
...
Co-authored-by mhajas <mhajas@redhat.com>
2020-04-14 19:23:56 +02:00
stianst
97b5654690
KEYCLOAK-13285 Enable check identity for email
2020-04-14 19:22:57 +02:00
mhajas
845195780e
KEYCLOAK-13758 Exclude some tests for remote runs
2020-04-08 16:38:58 +02:00
Pedro Igor
b60b85ab65
[KEYCLOAK-7450] - Match subject when validating id_token returned from external OP
2020-04-06 13:43:19 +02:00
mposolda
6f62c0ed98
KEYCLOAK-13442 Backwards compatibility in users searching. searchForUser(String, RealmModel, int, int) is no longer called when searching users from the admin console
2020-03-27 13:29:55 +01:00
mposolda
bf92bd16b0
KEYCLOAK-13383 WebAuthnRegisterAndLoginTest fails with -Dproduct with auth-server-eap
2020-03-26 16:27:23 +01:00
vramik
330d5b2c25
KEYCLOAK-13384 exclude IdentityProviderTest.failCreateInvalidUrl from remote-tests
2020-03-26 14:04:38 +01:00
vramik
780d11e790
KEYCLOAK-13571 KcinitTest fails with -Dproduct due to skipped maven plugin exacution
2020-03-26 14:03:11 +01:00
Pedro Igor
b812159193
[KEYCLOAK-10675] - Deleting an Identity Provider doesn't remove the associated IdP Mapper for that user
2020-03-26 11:41:17 +01:00
Pedro Igor
1b8369c7d5
[KEYCLOAK-13385] - Better message when saving a provider with invalid URLs
2020-03-26 08:46:44 +01:00
mhajas
b2b790cd1d
KEYCLOAK-10797 Unignore hawtio on eap6 test
2020-03-24 15:10:40 +01:00
mhajas
8b96882a1c
KEYCLOAK-12972 Fix fuse tests
2020-03-24 14:50:54 +01:00
keycloak-bot
f6a592b15a
Set version to 9.0.4-SNAPSHOT
2020-03-24 08:31:18 +01:00
mposolda
5ddd605ee9
KEYCLOAK-13259
2020-03-24 05:32:41 +01:00
mposolda
9474dd6208
KEYCLOAK-12986 BruteForceProtector does not log failures when login failure in PostBroker flow
2020-03-24 05:32:10 +01:00
Martin Kanis
e6e0e6945d
KEYCLOAK-12156 LogoutEndpoint does not verify token type of id_token_hint
...
Co-authored-by: Martin Kanis <mkanis@redhat.com>
Co-authored-by: Marek Posolda <mposolda@redhat.com>
2020-03-24 05:31:36 +01:00
Pedro Igor
ec63245ac8
[KEYCLOAK-13386] - SslRequired.EXTERNAL doesn't work for identity broker validations
2020-03-23 12:16:43 -03:00
mposolda
3e82473a90
KEYCLOAK-13369 Not possible to move groups in admin console
2020-03-23 10:17:23 +01:00
mposolda
61fd66e107
KEYCLOAK-13368 TestClassProvider undertow server not stopped after testsuite
2020-03-23 07:10:17 +01:00
Pavel Drozd
6cc897e319
KEYCLOAK-8372 - User Federation tests - fixing for different vendors ( #6909 )
2020-03-20 11:36:35 +01:00
Dmitry Telegin
3b24465141
KEYCLOAK-12870 - Allow to pick arbitrary user for IdP linking ( #6828 )
...
* KEYCLOAK-12870 - Allow to pick arbitrary user for IdP linking
* KEYCLOAK-12870: always allow to choose user if password reset is called from first broker login flow
* KEYCLOAK-12870: remove "already authenticated as different user" check and message
* KEYCLOAK-12870: translations
* KEYCLOAK-12870: fix tests
2020-03-20 07:41:35 +01:00
Pedro Igor
2eab44d3f3
[KEYCLOAK-13273] - Remove group policy when group is removed
2020-03-20 07:40:18 +01:00
rmartinc
a8e74196d1
KEYCLOAK-4923: Client Service Account Roles are not exported
2020-03-19 11:38:33 -03:00
Aboullos
f8dc7c0329
KEYCLOAK-13007 Add LDAPAccountTest
2020-03-18 10:11:59 -03:00
Stan Silvert
fff8571cfd
KEYCLOAK-12768: Prevent reserved characters in URLs
2020-03-18 07:40:24 +01:00
Stefan Guilhen
8c627fdb20
[KEYCLOAK-13036] Fix KeycloakElytronCSVaultTest failures on IBM JDK
...
- credential store is generated on the fly for the test, avoiding incompatibilities between implementations of keystores
2020-03-17 17:07:55 +01:00
mposolda
56d1ab19a8
KEYCLOAK-11412 Display more nice error message when creating top level group with same name
2020-03-16 21:03:46 +01:00
mposolda
d7688f6b12
KEYCLOAK-12869 REST sends credential type when no credential exists and credential disabled
2020-03-16 21:02:40 +01:00
Stan Silvert
1f1ed36b71
KEYCLOAK-9782: Do not allow duplicate group name when updating
2020-03-13 10:13:45 -04:00
Sebastian Laskawiec
8774a0f4ba
KEYCLOAK-12881 KEYCLOAK-13099 Update FederatedIdentities and Groups on POST
2020-03-12 14:57:02 +01:00
mposolda
72e4690248
KEYCLOAK-13174 Not possible to delegate creating or deleting OTP credential to userStorage
2020-03-11 12:51:56 +01:00
mposolda
803f398dba
KEYCLOAK-12876 KEYCLOAK-13148 KEYCLOAK-13149 KEYCLOAK-13151 Re-introduce some changes to preserve UserStorage SPI backwards compatibility. Added test for backwards compatibility of user storage
2020-03-11 12:51:56 +01:00
Thomas Darimont
cd51ff3474
KEYCLOAK-13186 Remove role information from RefreshTokens
...
We now no longer expose role assignment information into the RefreshToken.
Previously RefreshTokens contained information about the realm and
client specific roles which are assigned to a user. Since the role
information is usually either taken from the AccessToken, IDToken or
the User-Info endpoint and the RefreshToken is an internal format which
is opaque to the client, it would be a waste of space to keep that
information in the RefreshToken.
See:
https://lists.jboss.org/pipermail/keycloak-dev/2019-April/011936.html
2020-03-11 06:28:22 +01:00
rmartinc
ad3b9fc389
KEYCLOAK-12579: LDAP groups duplicated during UI listing of user groups
2020-03-11 06:14:29 +01:00
mposolda
bc1146ac2f
KEYCLOAK-10029 Offline token migration fix. Always test offline-token migration when run MigrationTest
2020-03-10 20:38:16 +01:00
Pedro Igor
b7a395a3ef
[KEYCLOAK-11345] - Test basic features of Keycloak.X with current tetsuite
2020-03-10 15:59:35 +01:00
Sebastian Schuster
99aba33980
KEYCLOAK-13163 Fixed searching for user with fine-grained permissions
2020-03-09 09:56:13 -03:00
vmuzikar
8cfd4d60e6
KEYCLOAK-13069 Fix failing RH-SSO base tests
2020-03-09 13:50:40 +01:00
Phy
8aa5019efe
KEYCLOAK-13074 Don't return LDAP group members if under IMPORT mode
...
If GroupLDAPStorageMapper is running under IMPORT mode, getGroupMembers should not return users in LDAP, which, according to how UserStorageManager.query works (getting both user federation and Keycloak storage), will cause duplicate users in the list.
A test has been added as well, which will fail before the fix in the mapper.
2020-03-06 11:44:36 +01:00
stianst
ed97d40939
KEYCLOAK-9851 Removed properties from realm json attributes that are included as fields
2020-03-05 17:59:50 +01:00
mabartos
a1bbab9eb2
KEYCLOAK-12799 Missing Cancel button on The WebAuthn setup screen when using AIA
2020-03-05 15:04:38 +01:00
Pedro Igor
23b4aee445
[KEYCLOAK-13056] - Searching clients with reduced permissions results in 403
2020-03-05 13:39:25 +01:00
Pedro Igor
30b07a1ff5
[KEYCLOAK-13175] - Setting the enforcement mode when fetching lazily fetching resources
2020-03-05 13:31:21 +01:00
stianst
75a772f52b
KEYCLOAK-10967 Add JSON body methods for test ldap and smtp connections. Deprecate old form based methods.
2020-03-05 10:07:58 +01:00
Pedro Igor
2f489a41eb
[KEYCLOAK-12192] - Missing Input Validation in IDP Authorization URLs
2020-03-05 06:32:35 +01:00
Hynek Mlnarik
0cf0955318
KEYCLOAK-13181 Fix NPE in EAP 6 adapter
2020-03-04 10:19:43 +01:00
Jon Koops
c1bf183998
KEYCLOAK-9346 Add new KeycloakPromise to support native promises
...
Co-authored-by: mhajas <mhajas@redhat.com>
2020-03-04 08:53:35 +01:00
Douglas Palmer
dfb67c3aa4
[KEYCLOAK-12980] Username not updated when "Email as username" is enabled
2020-03-03 10:26:35 +01:00
Pedro Igor
49b1dbba68
[KEYCLOAK-11804] - Block service accounts to authenticate or manage credentials
2020-03-03 06:48:02 +01:00
Hynek Mlnarik
f45f882f0c
KEYCLOAK-11903 Test for XSW attacks
2020-03-02 21:26:13 +01:00
mhajas
df11a8a864
KEYCLOAK-12606 Add test
2020-03-02 20:07:52 +01:00
vramik
7c91e36e43
KEYCLOAK-10898 WildFly Adapter CLI based installation scripts
2020-03-02 10:08:45 +01:00
mhajas
d3bebb4746
KEYCLOAK-12884 Add more tests for SameSite
2020-02-28 16:19:44 +01:00
mhajas
9b81c42525
KEYCLOAK-13113 Exclude tests for Tomcat
2020-02-28 13:35:33 +01:00
mabartos
695fb92241
KEYCLOAK-13070 UserConsentWithUserStorageModelTest failing with ModelDuplicateException
2020-02-27 21:25:49 +01:00
Hynek Mlnarik
aecfe251e4
KEYCLOAK-12816 Fix representation to model conversion
2020-02-27 21:11:24 +01:00
Douglas Palmer
85d7216228
[KEYCLOAK-12640] Client authorizationSettings.decisionStrategy value lost on realm import
2020-02-27 09:45:48 -03:00
vramik
f1e54455e7
KEYCLOAK-13111 Move execution of db-allocator-plugin to jpa profile
2020-02-27 11:51:05 +01:00
mhajas
3db55727ca
KEYCLOAK-12979 Fix group-attribute parsing
2020-02-27 10:48:03 +01:00
vramik
e2bd99e9e4
KEYCLOAK-13097 fix UserStorageTest - add cleanup after test
2020-02-27 10:46:38 +01:00
Pedro Igor
a830818a84
[KEYCLOAK-12794] - Missing id token checks in oidc broker
2020-02-27 09:13:29 +01:00
Erik Jan de Wit
8297c0c878
KEYCLOAK-11155 split on first '=' instead of all
2020-02-27 09:12:51 +01:00
Erik Jan de Wit
93a1374558
KEYCLOAK-11129 coalesce possible null values
2020-02-27 09:11:29 +01:00
Pedro Igor
1c71eb93db
[KEYCLOAK-11576] - Properly handling redirect_uri parser errors
2020-02-27 08:29:06 +01:00
stianst
950eae090f
KEYCLOAK-13054 Unblock temporarily disabled user on password reset, and remove invalid error message
2020-02-27 08:05:46 +01:00
vmuzikar
de8ba75399
KEYCLOAK-12635 KEYCLOAK-12935 KEYCLOAK-13023 UI test fixes
2020-02-26 15:54:44 -03:00
Martin Bartoš
eaaff6e555
KEYCLOAK-12958 Preview feature profile for WebAuthn ( #6780 )
...
* KEYCLOAK-12958 Preview feature profile for WebAuthn
* KEYCLOAK-12958 Ability to enable features having EnvironmentDependent providers without restart server
* KEYCLOAK-12958 WebAuthn profile product/project
Co-authored-by: Marek Posolda <mposolda@gmail.com>
2020-02-26 08:45:26 +01:00
stianst
9e47022116
KEYCLOAK-8044 Clear theme caches on hot-deploy
2020-02-20 08:50:10 +01:00
stianst
d8d81ee162
KEYCLOAK-12268 Show page not found for /account/log if events are disabled for the realm
2020-02-20 08:49:30 +01:00
stianst
9a3a358b96
KEYCLOAK-11700 Lower-case passwords before checking with password blacklist
2020-02-20 08:33:46 +01:00
stianst
536824beb6
KEYCLOAK-12960 Use Long for time based values in JsonWebToken
2020-02-19 15:46:05 +01:00
Stefan Guilhen
7a3998870c
[KEYCLOAK-12612][KEYCLOAK-12944] Fix validation of SAML destination URLs
...
- no longer compare them to the server absolutePath; instead use the base URI to build the validation URL
2020-02-18 16:38:19 -03:00
mposolda
eeeaafb5e7
KEYCLOAK-12858 Authenticator is sometimes required even when configured as alternative
2020-02-18 09:05:59 +01:00
Thomas Darimont
67ddd3b0eb
KEYCLOAK-12926 Improve Locale based message lookup
...
We now consider intermediate Locales when performing a Locale based
ResourceBundle lookup, before using an Locale.ENGLISH fallback.
Co-authored-by: stianst <stianst@gmail.com>
2020-02-18 08:43:46 +01:00
keycloak-bot
d352d3fa8e
Set version to 9.0.1-SNAPSHOT
2020-02-17 20:38:54 +01:00
Adamczyk Błażej
497787d2cd
[KEYCLOAK-10696] - fixed missing client role attributes after import
2020-02-17 10:01:19 +01:00
mposolda
a76c496c23
KEYCLOAK-12860 KEYCLOAK-12875 Fix for Account REST Credentials to work with LDAP and social users
2020-02-14 20:24:42 +01:00
Douglas Palmer
876086c846
[KEYCLOAK-12161] "Back to Application" link is shown with link to current page
2020-02-14 10:37:32 -03:00
stianst
f0e3122792
KEYCLOAK-12953 Ignore empty realm frontendUrl
2020-02-14 11:33:07 +01:00
stianst
42773592ca
KEYCLOAK-9632 Improve handling of user locale
2020-02-14 08:32:20 +01:00
Pedro Igor
7efaf9869a
[KEYCLOAK-12864] - OIDCIdentityProvider with Reverse Proxy
2020-02-13 15:01:10 +01:00
mabartos
90b35cc13d
KEYCLOAK-10420 Broker tests don't work with RH-SSO
2020-02-12 18:33:55 +01:00
mabartos
1bdf77f409
KEYCLOAK-12065 UserSessionInitializerTest is failing
2020-02-12 17:39:28 +01:00
mhajas
c3f0b342bf
KEYCLOAK-12964 Fix adapter remote tests execution deciding
2020-02-12 16:04:44 +01:00
mhajas
1bb238d20f
KEYCLOAK-12950 Use maven-plugin to configure shrinkwrap resolver
2020-02-12 16:04:44 +01:00
mhajas
f28ca30e6d
KEYCLOAK-12963 Exclude testNoPortInDestination test for remote container
2020-02-12 13:18:51 +01:00
Peter Zaoral
b0ffea699e
KEYCLOAK-12186 Improve the OTP login form
...
-created and implemented login form design, where OTP device can be selected
-implemented selectable-card-view logic in jQuery
-edited related css and ftl theme resources
-fixed affected BrowserFlow tests
Signed-off-by: Peter Zaoral <pzaoral@redhat.com>
2020-02-12 11:25:02 +01:00
vramik
3d22644bbe
KEYCLOAK-12237 Fix WelcomePageTest on Postgresql
2020-02-12 10:43:29 +01:00
Peter Skopek
622a97bd1c
KEYCLOAK-12228 Sensitive Data Exposure
...
from patch of hiba haddad haddadhiba0@gmail.com
2020-02-12 09:57:31 +01:00
stianst
3c0cf8463a
KEYCLOAK-12821 Check if action is disabled in realm before executing
2020-02-12 09:04:43 +01:00
stianst
6676b9bba0
Fix
2020-02-12 08:23:25 +01:00
stianst
0b8adc7874
KEYCLOAK-12921 Fix NPE in client validation on startup
2020-02-12 08:23:25 +01:00
stianst
dda829710e
KEYCLOAK-12829 Require PKCE for admin and account console
2020-02-12 08:22:20 +01:00
Thomas Darimont
7969aed8e0
KEYCLOAK-10931 Trigger UPDATE_PASSWORD event on password update via AccountCredentialResource
2020-02-11 19:51:58 +01:00
Martin Kanis
1d54f2ade3
KEYCLOAK-9563 Improve access token checks for userinfo endpoint
2020-02-11 15:09:21 +01:00
mhajas
e5935d8069
KEYCLOAK-12764 Fix shrinkwrap issue by updating arquillian bom version
2020-02-08 10:51:48 +01:00
stianst
ecec20ad59
KEYCLOAK-12193 Internal error message returned in error response
2020-02-07 18:10:41 +01:00
Pedro Igor
da0e2aaa12
[KEYCLOAK-12897] - Policy enforcer should just deny when beare is invalid
2020-02-07 15:04:45 +01:00
mabartos
a5d02d62c1
KEYCLOAK-12908 TOTP not accepted in request for Access token
2020-02-07 13:17:05 +01:00
stianst
5d1fa8719e
KEYCLOAK-12190 Fix PartialImportTest for client validation
2020-02-07 11:44:09 +01:00
stianst
7545749632
KEYCLOAK-12190 Add validation for client root and base URLs
2020-02-07 09:09:40 +01:00
Pedro Igor
fc514aa256
[KEYCLOAK-12792] - Invalid nonce handling in OIDC identity brokering
2020-02-06 13:16:01 +01:00
Pedro Igor
199e5dfa3e
[KEYCLOAK-12909] - Keycloak uses embedded cache manager instead of container-managed one
2020-02-06 13:14:36 +01:00
Dmitry Telegin
b6c5acef25
KEYCLOAK-7969 - SAML users should not be identified by SAML:NameID
2020-02-06 08:53:31 +01:00
Axel Messinese
b73553e305
Keycloak-11526 search and pagination for roles
2020-02-05 15:28:25 +01:00
mhajas
66350f415c
KEYCLOAK-12849 Exclude SameSite tests in non-SSL test runs
2020-02-05 11:44:07 +01:00
rmartinc
d39dfd8688
KEYCLOAK-12654: Data to sign is incorrect in redirect binding when URI has parameters
2020-02-05 11:30:28 +01:00
Martin Bartoš
b0c4913587
KEYCLOAK-12177 KEYCLOAK-12178 WebAuthn: Improve usability ( #6710 )
2020-02-05 08:35:47 +01:00
Thomas Darimont
42fdc12bdc
KEYCLOAK-8573 Invalid client credentials should return Unauthorized status ( #6725 )
2020-02-05 08:27:15 +01:00
vmuzikar
0801cfb01f
KEYCLOAK-12105 Add UI tests for Single page to manage credentials
2020-02-04 15:18:52 -03:00
rmartinc
5b9eb0fe19
KEYCLOAK-10884: Need clock skew for SAML identity provider
2020-02-03 22:00:44 +01:00
Jan Lieskovsky
b532570747
[KEYCLOAK-12168] Various setup TOTP screen usability improvements ( #6709 )
...
On both the TOTP account and TOTP login screens perform the following:
* Make the "Device name" label optional if user registers the first
TOTP credential. Make it mandatory otherwise,
* Denote the "Authenticator code" with asterisk, so it's clear it's
required field (always),
* Add sentence to Step 3 of configuring TOTP credential explaining
the user to provide device name label,
Also perform other CSS & locale / messages file changes, so the UX is
identical when creating OTP credentials on both of these pages
Add a corresponding testcase
Also address issues pointed out by mposolda's review. Thanks, Marek!
Signed-off-by: Jan Lieskovsky <jlieskov@redhat.com>
2020-02-03 19:34:28 +01:00
Marek Posolda
154bce5693
KEYCLOAK-12340 KEYCLOAK-12386 Regression in credential handling when … ( #6668 )
2020-02-03 19:23:30 +01:00
vramik
337e8f8fad
KEYCLOAK-12240 MigrationModelTest fails in pipeline
2020-02-03 13:14:53 +01:00
Leon Graser
01a42f417f
Search and Filter for the count endpoint
2020-02-03 09:36:30 +01:00
Pedro Igor
ed2d392a3d
[KEYCLOAK-9666] - Entitlement request with service account results in server error
2020-02-03 08:57:56 +01:00
Pedro Igor
658a083a0c
[KEYCLOAK-9600] - Find by name in authz client returning wrong resource
2020-02-03 08:57:20 +01:00
Jan Lieskovsky
00a36e5f7b
[KEYCLOAK-12865] Stabilize distribution profile ( #6712 )
...
Signed-off-by: Jan Lieskovsky <jlieskov@redhat.com>
2020-02-01 13:31:54 +01:00
rmartinc
1989483401
KEYCLOAK-12001: Audience support for SAML clients
2020-01-31 15:56:40 +01:00
Marek Posolda
d8e450719b
KEYCLOAK-12469 KEYCLOAK-12185 Implement nice design to the screen wit… ( #6690 )
...
* KEYCLOAK-12469 KEYCLOAK-12185 Add CredentialTypeMetadata. Implement the screen with authentication mechanisms and implement Account REST Credentials API by use the credential type metadata
2020-01-31 14:28:23 +01:00
Bart Monhemius
52fd2b4aa4
KEYCLOAK-12698: Allow setting lifespan on executeActionsEmail
2020-01-31 09:27:07 +01:00
Pedro Igor
c37ca235ab
[KEYCLOAK-11352] - Can't request permissions by name by a non-owner resource service, although the audience is set
2020-01-30 11:36:21 +01:00
Pedro Igor
2a82ed6eea
[KEYCLOAK-9402] - 401 response when enforcement mode is DISABLED
2020-01-30 11:09:32 +01:00
Pedro Igor
873c62bbef
[KEYCLOAK-12569] - User cannot be deleted if he has owned resources / permission tickets
...
Co-authored-by: mhajas <mhajas@redhat.com>
2020-01-30 11:08:28 +01:00
Pedro Igor
c821dcf820
[KEYCLOAK-12438] - Scope-based policies falsely give a permit with an empty scope list
2020-01-29 14:02:44 +01:00
Marek Posolda
d46620569a
KEYCLOAK-12174 WebAuthn: create authenticator, requiredAction and policy for passwordless ( #6649 )
2020-01-29 09:33:45 +01:00
Takashi Norimatsu
993ba3179c
KEYCLOAK-12615 HS384 and HS512 support for Client Authentication by Client Secret Signed JWT ( #6633 )
2020-01-28 14:55:48 +01:00
Stian Thorgersen
87cab778eb
KEYCLOAK-11996 Authorization Endpoint does not return an error when a request includes a parameter more than once ( #6696 )
...
Co-authored-by: stianst <stianst@gmail.com>
Co-authored-by: Takashi Norimatsu <takashi.norimatsu.ws@hitachi.com>
2020-01-24 12:10:56 +01:00
Denis Richtárik
24c6e2ba08
KEYCLOAK-12742 Authentication -> WebAuthn Policy: Unable to delete the Acceptable AAGUIDS via the provided minus (-) button, once set ( #6695 )
2020-01-24 11:55:20 +01:00
Leon Graser
f1ddd5016f
KEYCLOAK-11821 Add account api roles to the client on creation
...
Co-authored-by: stianst <stianst@gmail.com>
2020-01-23 13:10:04 -06:00
Martin Kanis
1fbee8134b
KEYCLOAK-12697 Remove mvel2 from parent pom and licenses
2020-01-23 13:04:31 -06:00
Benjamin Weimer
dd9ad305ca
KEYCLOAK-12757 New Identity Provider Mapper "Advanced Claim to Role Mapper" with
...
following features
* Regex support for claim values.
* Support for multiple claims.
2020-01-23 07:17:22 -06:00
mposolda
f0d95da52d
KEYCLOAK-12281 Fix export/import for users that have custom credential algorithms with no salt
2020-01-23 05:43:29 -06:00
Denis Richtárik
8d312d748b
KEYCLOAK-12163 Old account console: UI not updated after removing of TOTP ( #6688 )
2020-01-22 12:26:28 +01:00
vmuzikar
03306b87e8
KEYCLOAK-12125 Introduce SameSite attribute in cookies
...
Co-authored-by: mhajas <mhajas@redhat.com>
Co-authored-by: Peter Skopek <pskopek@redhat.com>
2020-01-17 08:36:53 -03:00
vmuzikar
475ec6f3e4
Add tests for 'Always Display in Console'
2020-01-17 08:35:01 -03:00
Stan Silvert
568b1586a6
KEYCLOAK-12526: Add 'Always Display in Console' to admin console
2020-01-17 08:35:01 -03:00
Martin Bartos RH
d3f6937a23
[KEYCLOAK-12426] Add username to the login form + ability to reset login
2020-01-17 09:40:13 +01:00
mposolda
85dc1b3653
KEYCLOAK-12426 Add username to the login form + ability to reset login - NOT DESIGN YET
2020-01-17 09:40:13 +01:00
Tomas Kyjovsky
05c428f6e7
KEYCLOAK-12295 After password reset, the new password has low priority ( #6653 )
2020-01-16 09:11:25 +01:00
Martin Bartoš
5aab03d915
[KEYCLOAK-12184] Remove BACK button from login forms ( #6657 )
2020-01-15 12:25:37 +01:00
Axel Messinese
789e8c70ce
KEYCLOAK-12630 full representation param for get groups by user endpoint
2020-01-15 10:14:52 +01:00
Axel Messinese
72aff51fca
KEYCLOAK-12670 inconsistent param name full to briefRepresentation
2020-01-15 08:32:57 +01:00
Marek Posolda
8d49409de1
KEYCLOAK-12183 Refactor login screens. Introduce try-another-way link. Not show many credentials of same type in credential selector ( #6591 )
2020-01-14 21:54:45 +01:00
k-tamura
221aad9877
KEYCLOAK-11511 Improve exception handling of REST user creation
2020-01-14 13:34:34 +01:00
vramik
3b1bdb216a
KEYCLOAK-11486 Add support for system property or env variable in AllowedClockSkew in keycloak-saml subsystem
2020-01-14 13:17:13 +01:00
mhajas
a79d6289de
KEYCLOAK-11416 Fix nil AttributeValue handling
2020-01-10 12:47:09 +01:00
vramik
a2b3747d0e
KEYCLOAK-7014 - Correctly handle null-values in UserAttributes
2020-01-10 12:44:52 +01:00
Pedro Igor
03bbf77b35
[KEYCLOAK-12511] - Mapper not visible in client's mapper list
2020-01-09 10:25:06 +01:00
mposolda
fea7b4e031
KEYCLOAK-12424 SPNEGO / Kerberos sends multiple 401 responses with WWW-Authenticate: Negotiate header when kerberos token is invalid
2020-01-09 10:21:24 +01:00
Thomas Darimont
062cbf4e0a
KEYCLOAK-9925 Use Client WebOrigins in UserInfoEndpoint
...
We now use the allowed WebOrigins configured for the client
for which the user info is requested.
Previously, Web Origins defined on the Client were not being recognized
by the /userinfo endpoint unless you apply the "Allowed Web Origins"
protocol mapper.
This was an inconsistency with how the Web Origins work compared
with the /token endpoint.
2020-01-09 10:10:59 +01:00
Pedro Igor
dae212c035
[KEYCLOAK-12312] - Partial import of realm breaking access to client's service account roles
2020-01-09 10:06:32 +01:00
Pedro Igor
c596647241
[KEYCLOAK-11712] - Request body not buffered when using body CIP in Undertow
2020-01-09 10:02:18 +01:00
Pedro Igor
709cbfd4b7
[KEYCLOAK-10705] - Return full resource representation when querying policies by id
2020-01-09 10:00:24 +01:00
vramik
419d9c6351
KEYCLOAK-11597 Remote testing changes + possibility to exclude tests for specific auth server
...
Co-Authored-By: <mhajas@redhat.com>
2020-01-06 14:29:36 +01:00
Thomas Darimont
1a7aeb9b20
KEYCLOAK-8249 Improve extraction of Bearer tokens from Authorization headers ( #6624 )
...
We now provide a simple way to extract the Bearer token string from
Authorization header with a null fallback.
This allows us to have more fine grained error handling for the
various endpoints.
2020-01-06 13:58:52 +01:00
mhajas
28b01bc34d
KEYCLOAK-12609 Fix integer overflow for SAML XMLTimeUtil add method parameters
2020-01-06 13:53:16 +01:00
Yoshiyuki Tabata
e96725127f
KEYCLOAK-12165 Fix UserSessionProviderTest to work correctly ( #6513 )
2020-01-02 17:57:14 +01:00
Marek Posolda
fa453e9c0c
KEYCLOAK-12278 Default first broker login flow is broken after migration ( #6556 )
2020-01-02 17:53:56 +01:00
Pedro Igor
56d53b191a
[KEYCLOAK-8779] - Fixing PartialImportTest
2019-12-28 06:24:19 -03:00
rmartinc
401d36b446
KEYCLOAK-8779: Partial export and import to an existing realm is breaking clients with service accounts
2019-12-27 15:59:38 -03:00
Thomas Darimont
0219d62f09
KEYCLOAK-6867 UserInfoEndpoint should return WWW-Authenticate header for Invalid tokens
...
As required by the OIDC spec (1) we now return a proper WWW-Authenticate
response header if the given token is invalid.
1) https://openid.net/specs/openid-connect-core-1_0.html#UserInfoError
2019-12-23 07:42:06 -03:00
Pedro Igor
946088d48d
[KEYCLOAK-12109] - Resolving authz discovery url using KeycloakUriBuilder
2019-12-19 14:18:21 +01:00
Pedro Igor
3bd193acd7
[KEYCLOAK-12412] - Policy enforcer should consider charset when comparing the content-type of the request
2019-12-19 14:14:33 +01:00
Stefan Guilhen
9f69386a53
[KEYCLOAK-11707] Add support for Elytron credential store vault
...
- Adds the elytron-cs-keystore provider that reads secrets from a keystore-backed elytron credential store
- Introduces an abstract provider and factory that unifies code that is common to the existing implementations
- Introduces a VaultKeyResolver interface to allow the creation of different algorithms to combine the realm
and key names when constructing the vault entry id
- Introduces a keyResolvers property to the existing implementation via superclass that allows for the
configuration of one or more VaultKeyResolvers, creating a fallback mechanism in which different key formats
are tried in the order they were declared when retrieving a secret from the vault
- Adds more tests for the files-plaintext provider using the new key resolvers
- Adds a VaultTestExecutionDecider to skip the elytron-cs-keystore tests when running in Undertow. This is
needed because the new provider is available only as a Wildfly extension
2019-12-18 11:54:06 +01:00
harture
26458125cb
[KEYCLOAK-12254] Fix re-evaluation of conditional flow ( #6558 )
2019-12-18 08:45:11 +01:00
Douglas Palmer
106e6e15a9
[KEYCLOAK-11859] Added option to always display a client in the accounts console
2019-12-17 17:12:49 -03:00
vramik
c3d80651bf
KEYCLOAK-12473 Add possibility to specify length of event detail when storing to database
2019-12-17 17:15:50 +01:00
vmuzikar
4f7b56d227
KEYCLOAK-12106 UI tests for Device Activity page
2019-12-16 14:26:58 -03:00
Douglas Palmer
af0594b58d
[KEYCLOAK-12463] Fixed missing consents
2019-12-12 17:27:54 -03:00
Douglas Palmer
f9fa5b551d
[KEYCLOAK-5628] Added application endpoint
2019-12-11 13:06:04 -03:00
Martin Bartoš
2cf6483cdf
[KEYCLOAK-12044] Fix messages in the UsernameForm ( #6548 )
2019-12-11 10:59:46 +01:00
mposolda
0f3e0f4d4e
KEYCLOAK-12432 Compilation error in latest master in LDAPHardcodedAttributeTest
2019-12-10 18:01:11 -03:00
Cédric Couralet
bde94f2f08
KEYCLOAK-11770 add an hardcoded attribute mapper ( #6396 )
...
Signed-off-by: Cédric Couralet <cedric.couralet@insee.fr>
2019-12-10 12:57:46 +01:00
Denis Richtárik
48bddc37ae
KEYCLOAK-12011 Remove cancel button from OTP form ( #6511 )
...
* KEYCLOAK-12011 Remove cancel button from OTP form
* Remove back button
2019-12-09 19:23:26 +01:00
stianst
30e024a3c9
KEYCLOAK-12167 Remove need for Arquillian deployment to load test classes
2019-12-06 12:46:08 +01:00
Yoshiyuki Tabata
b2664c7ef9
KEYCLOAK-12094 "client-session-stats" not search null client information ( #6554 )
2019-12-06 10:37:25 +01:00
Martin Bartoš
e405ce6e97
[KEYCLOAK-11824] Fix bug with only one value of the authentication model execution requirement ( #6570 )
2019-12-05 18:28:00 +01:00
Cristian Schuszter
5c7ce775cf
KEYCLOAK-11472 Pagination support for clients
...
Co-authored-by: stianst <stianst@gmail.com>
2019-12-05 08:17:17 +01:00
vmuzikar
072cd9f93f
KEYCLOAK-12329 Fix linking accounts in the new Account Console
2019-12-03 18:49:40 -03:00
Martin Kanis
73d1a26040
KEYCLOAK-11773 Front-channel logout with identity brokering does not work after browser restart
2019-12-03 08:17:54 +01:00
vmuzikar
f426643225
KEYCLOAK-11744 KEYCLOAK-11271 New Account Console testsuite
2019-11-28 08:32:48 -03:00
Jan Lieskovsky
9a5fda5ec9
[KEYCLOAK-11748] Add multiple OTP tokens configured Direct Access Grant test ( #6546 )
...
Add a Direct Access Grant test to verify, when the user has multiple OTP
authenticators configured, they can properly login using the 1-th one of
them (IOW the 1-th OTP token is the preferred credential)
Signed-off-by: Jan Lieskovsky <jlieskov@redhat.com>
2019-11-28 09:34:53 +01:00
harture
129c689855
[KEYCLOAK-12253] Fix conditional authenticators are evaluated even if they are disabled ( #6553 )
2019-11-28 09:30:31 +01:00
Martin Kanis
685d49c693
KEYCLOAK-11967 Violation of UNIQUE KEY constraint SIBLING_NAMES ( #6485 )
2019-11-26 16:00:50 +01:00
rmartinc
82ef5b7927
KEYCLOAK-12000: Allow overriding time lifespans on a SAML client
2019-11-26 10:02:34 +01:00
Pedro Igor
cee884e4a7
[KEYCLOAK-8406] - Remove Drools/Rules Policy
2019-11-22 15:38:51 +01:00
Yoshiyuki Tabata
0a9d058b81
KEYCLOAK-12150 change error response from invalid_request to unsupported_grant_type
2019-11-22 11:11:07 +01:00
Yoshiyuki Tabata
a36cfee84b
KEYCLOAK-12149 change error response from invalid_grant to unauthorized_client
2019-11-22 11:10:16 +01:00
Yoshiyuki Tabata
4117710379
KEYCLOAK-12019 change error response from unsupported_response_type to unauthorized_client
2019-11-22 11:03:02 +01:00
Martin Kanis
50ec24557e
KEYCLOAK-12117 X509BrowserLoginTest failing in pipeline
2019-11-21 11:35:10 +01:00
stianst
3731e36ece
KEYCLOAK-12069 Add account-console client for new account console
2019-11-20 08:48:40 -05:00
Ramon Spahr
0f00e23f96
KEYCLOAK-10977 Allow disabling Kerberos athentication with LDAP federation provider ( #6422 )
2019-11-18 14:12:26 +01:00
keycloak-bot
76aa199fee
Set version to 9.0.0-SNAPSHOT
2019-11-15 20:43:21 +01:00
Stefan Guilhen
9a7c1a91a5
KEYCLOAK-10780 Stop creating placeholder e-mails for service accounts ( #228 )
2019-11-15 15:08:29 +01:00
k-tamura
43e2370f21
KEYCLOAK-11772 Fix temporary credential property to work correctly
2019-11-15 08:48:12 +01:00
stianst
3a36569e20
KEYCLOAK-9129 Don't expose Keycloak version in resource paths
2019-11-15 08:21:28 +01:00
AlistairDoswald
4553234f64
KEYCLOAK-11745 Multi-factor authentication ( #6459 )
...
Co-authored-by: Christophe Frattino <christophe.frattino@elca.ch>
Co-authored-by: Francis PEROT <francis.perot@elca.ch>
Co-authored-by: rpo <harture414@gmail.com>
Co-authored-by: mposolda <mposolda@gmail.com>
Co-authored-by: Jan Lieskovsky <jlieskov@redhat.com>
Co-authored-by: Denis <drichtar@redhat.com>
Co-authored-by: Tomas Kyjovsky <tkyjovsk@redhat.com>
2019-11-14 14:45:05 +01:00
Andy Munro
e7e49c13d5
KEYCLOAK-11413 Update UI messages
...
Co-authored-by: stianst <stianst@gmail.com>
Made a couple more spelling corrections.
2019-11-14 12:31:05 +01:00
Martin Kanis
25511d4dbf
KEYCLOAK-9651 Wrong ECDSA signature R and S encoding
2019-11-13 15:32:51 +01:00
sarveshtamba
0525fb43b9
Update pom.xml
2019-11-11 11:16:07 -03:00
stianst
b8881b8ea0
KEYCLOAK-11728 New default hostname provider
...
Co-authored-by: Hynek Mlnarik <hmlnarik@redhat.com>
2019-11-11 12:25:44 +01:00
Patrick Teubner
b3d87b52c2
KEYCLOAK-11888 Fix inconsistent pagination of groups by ordering the results of 'getTopLevelGroupIds' query
2019-11-11 09:22:51 +01:00
stianst
062841a059
KEYCLOAK-11898 Refactor AIA implementation
2019-11-08 16:03:07 -03:00
Martin Bartoš
bf8184221a
KEYCLOAK-11838: Fixed unstable RefreshTokenTest ( #6455 )
2019-11-08 08:53:23 +01:00
mhajas
b74f69c5ac
KEYCLOAK-11779 Make feature controller which takes care of enabling/disabling features including restarting container if needed
2019-11-07 09:35:11 +01:00
vmuzikar
b13fa2d16a
KEYCLOAK-11602 Add token exchange test to OpenShift 3 social login test
2019-11-06 06:49:10 -03:00
vmuzikar
bf5cca52a4
KEYCLOAK-11675 Fix unstable Google Social Login test
2019-11-06 06:49:10 -03:00
Stan Silvert
041229f9ca
KEYCLOAK-7429: Linked Accounts REST API
2019-11-05 16:03:21 -05:00
Peter Skopek
d0386dab85
KEYCLOAK-8785 remove k_version endpoint ( #6428 )
2019-11-05 11:35:55 +01:00
Douglas Palmer
a32c8c5190
[KEYCLOAK-11185] Fixed build with JDK 11
2019-11-04 10:56:07 -03:00
Martin Bartoš
e3d755fe9d
KEYCLOAK-11729: ExtendingThemeTest is failing with auth-server-wildfly ( #6410 )
2019-11-04 11:27:03 +01:00
Benjamin Bentmann
d6f56e58c1
KEYCLOAK-11806 Fix SAML adapter to not fail upon receiving a login response without the optional Destination attribute
2019-10-29 23:12:15 +01:00
pkokush
ff551c5545
KEYCLOAK-10307: check password history length in password verification ( #6058 )
2019-10-24 21:33:21 +02:00
Takashi Norimatsu
1905260eac
KEYCLOAK-11251 ES256 or PS256 support for Client Authentication by Signed JWT ( #6414 )
2019-10-24 17:58:54 +02:00
Hynek Mlnarik
783545572a
KEYCLOAK-11684 Add support to display passwords in password fields
...
Add UI tests for KEYCLOAK-11684
Co-authored-by: stianst <stianst@gmail.com>
Co-authored-by: vmuzikar <vmuzikar@redhat.com>
2019-10-23 15:30:11 +02:00
mposolda
0cb8730df8
KEYCLOAK-11474 Fix LDAPGroupMapper tests with MySQL and MariaDB
2019-10-23 14:55:33 +02:00
Hynek Mlnarik
f0685cc246
KEYCLOAK-11739 Ensure unique / PK constraint in JPA is on par with Liquibase
2019-10-23 14:53:17 +02:00
Pedro Igor
bb4ff55229
[KEYCLOAK-10868] - Deploy JavaScript code directly to Keycloak server
...
Conflicts:
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/example/authorization/AbstractPhotozExampleAdapterTest.java
(cherry picked from commit 338fe2ae47a1494e786030eb39f908c964ea76c4)
2019-10-22 10:34:24 +02:00
Pedro Igor
bad9e29c15
[KEYCLOAK-10870] - Deprecate support for JavaScript policy support from UMA policy endpoint
...
Conflicts:
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/authz/UserManagedPermissionServiceTest.java
(cherry picked from commit 13923a7683cb666d2842bc61429c23409c1493b6)
2019-10-22 10:34:24 +02:00
Jan Lieskovsky
f2e5f9dedd
[KEYCLOAK-11717] Drop the public key credential related elements ( #6407 )
...
from the Edit Account screen of the Account console
Add a testcase for it
Signed-off-by: Jan Lieskovsky <jlieskov@redhat.com>
2019-10-21 19:54:39 +02:00
Martin Kanis
37304fdd7d
KEYCLOAK-10728 Upgrade to WildFly 18 Final
2019-10-21 14:06:44 +02:00
Martin Reinhardt
5ad05c9317
[KEYCLOAK-6376] Directly create group
2019-10-21 10:41:04 +02:00
Martin Reinhardt
21a62a2670
[KEYCLOAK-6376] Reorganize imports and revert pom changes
2019-10-21 10:41:04 +02:00
Martin Reinhardt
28748ebf3f
[KEYCLOAK-6376] Fix NPE and test setup
2019-10-21 10:41:04 +02:00
Martin Reinhardt
f18c8b9da5
[KEYCLOAK-6376] Switching to arquillian end2end tests
2019-10-21 10:41:04 +02:00
k-tamura
4a8065ec6b
Add test method pointed out on review
2019-10-21 10:36:16 +02:00
Kohei Tamura
59ba874e1d
KEYCLOAK-10945 Avoid lockout when clicking login twice
2019-10-21 10:36:16 +02:00
Pedro Igor
6acb87bd7a
[KEYCLOAK-10822] - Prevent access to users from another realm
2019-10-21 10:32:50 +02:00
Martin Bartoš
ad9641722f
KEYCLOAK-11613 Chrome Testing API ( #6385 )
2019-10-18 10:50:28 +02:00
stianst
31ed01a6de
KEYCLOAK-11754 Prevent AbstractKeycloakTest from inititating backchannel logout on cleanup
2019-10-17 12:56:31 +02:00
mhajas
9cb2f1afdc
KEYCLOAK-11530 Do not enable/disable vault before/after test method but before/after class
2019-10-17 09:55:06 +02:00
Pedro Igor
17785dac08
[KEYCLOAK-10714] - Add filtering support in My Resources endpoint by name
2019-10-16 16:26:55 +02:00
Tomas Kyjovsky
c2273e8f49
KEYCLOAK-11547 ( #6341 )
...
- Fixing `X509OCSPResponderTest.loginOKOnOCSPResponderRevocationCheckWithoutCA` test case on Windows
2019-10-15 15:56:29 +02:00
mposolda
f0a506a143
KEYCLOAK-11691 Broker tests re-structure
2019-10-14 11:38:09 +02:00
mhajas
2f44c58a0d
KEYCLOAK-11495 Change name of PlaintextVaultProvider to FilesPlaintextVaultProvider
2019-10-09 14:48:00 +02:00
Hisanobu Okuda
75a44696a2
KEYCLOAK-10636 Large Login timeout causes login failure
...
KEYCLOAK-10637 Large Login Action timeout causes login failure
2019-10-07 13:27:20 +02:00
Cédric Couralet
5f006b283a
KEYCLOAK-8316 Add an option to ldap provider to trust emails on import
...
Signed-off-by: Cédric Couralet <cedric.couralet@insee.fr>
2019-10-04 16:28:02 +02:00
Axel Messinese
f3607fd74d
KEYCLOAK-10712 get groups full representation endpoint
2019-10-03 11:26:30 +02:00
Takashi Norimatsu
66de87a211
KEYCLOAK-11253 Advertise acr claim in claims_supported Server Metadata
2019-10-03 11:25:45 +02:00
Vincent Letarouilly
6b36e57593
KEYCLOAK-6698 - Add substitution of system properties and environment variables in theme.properties file
2019-10-01 16:34:54 +02:00
Takashi Norimatsu
6c9cf346c6
KEYCLOAK-11252 Implement Server Metadata of OAuth 2.0 Mutual TLS Client Authentication
2019-10-01 15:27:59 +02:00
Takashi Norimatsu
7c75546eac
KEYCLOAK-9360 Two factor authentication with W3C Web Authentication - 1st impl phase
...
* KEYCLOAK-9360 Two factor authentication with W3C Web Authentication - 1st impl phase
2019-10-01 15:17:38 +02:00
mhajas
f852ef157d
KEYCLOAK-11470 Fix rebase issue
2019-10-01 08:20:55 +02:00
mhajas
6f097bdf89
KEYCLOAK-11470 Remove Assertj from testsuite
...
There is no reason to use more types of assertions and we already
heavily use hamcrest
2019-09-30 13:16:01 +02:00
vramik
b1697a5e71
KEYCLOAK-11069 auth-server-remote tests
2019-09-30 10:29:51 +02:00
Mathieu CLAUDEL
2fb507e170
KEYCLOAK-10802 add support of SAMLv2 ForceAuthn
2019-09-27 09:55:54 +02:00
vmuzikar
1cdc5e1969
KEYCLOAK-11514 Add option to download specific WebDriver binaries versions
2019-09-26 09:54:30 -03:00
Benjamin Weimer
2b1acb99a2
KEYCLAOK-9999 fix client import ( #6136 )
2019-09-23 13:08:24 +02:00
mhajas
f810e85526
KEYCLOAK-11316 Fix Photoz instabilities on windows
...
Error message: Cannot read property 'token_endpoint' of undefined
2019-09-20 13:12:09 +02:00
Hisanobu Okuda
da49dbce2b
KEYCLOAK-10770 user-storage/{id}/sync should return 400 instead of 404
2019-09-20 11:17:09 +02:00
mhajas
37b7b595a5
KEYCLOAK-11410 Do not throw exception in PlaintextVaultProvider if unconfigured
2019-09-19 14:56:19 +02:00
rradillen
b71198af9f
[KEYCLOAK-8575] oidc idp basic auth ( #6268 )
...
* [KEYCLOAK-8575] Allow to choose between basic auth and form auth for oidc idp
* uncomment ui and add tests
* move basic auth to abstract identity provider (except for getting refresh tokens)
* removed duplications
2019-09-19 14:36:16 +02:00
rmartinc
7f54a57271
KEYCLOAK-10757: Replaying assertion with signature in SAML adapters
2019-09-18 16:49:00 +02:00
madgaet
c35718cb87
[KEYCLOAK-9809] Support private_key_jwt authentication for external IdP
2019-09-17 16:04:23 +02:00
Jan Lieskovsky
63e9eec52d
[KEYCLOAK-11415] Switch the 'GroupMapperConfig.PRESERVE_GROUP_INHERITANCE' setting reliably
...
Use own, separate context when trying to switch 'GroupMapperConfig.PRESERVE_GROUP_INHERITANCE'
group mapper config setting to 'false' (or back), across the various tests from LDAPGroupMapperSyncTest
suite. This makes the test results deterministic again (prevents 'test02_syncWithGroupInheritance()'
and 'test03_syncWithDropNonExistingGroups()' tests randomly to fail depending if attempt
to reset the 'GroupMapperConfig.PRESERVE_GROUP_INHERITANCE' back to 'true' in previous
'test01_syncNoPreserveGroupInheritance()' test succeeded, or not)
Signed-off-by: Jan Lieskovsky <jlieskov@redhat.com>
2019-09-16 20:42:46 +02:00
Jan Lieskovsky
7ab854fecf
[KEYCLOAK-8253] When syncing flat (all groups being the top-level ones) structure
...
of LDAP groups from federation provider to Keycloak, perform the search if the
currently processed group already exists in Keycloak in log(N) time
Signed-off-by: Jan Lieskovsky <jlieskov@redhat.com>
2019-09-12 20:14:18 +02:00
Jan Lieskovsky
cfb225b499
[KEYCLOAK-8253] Improve the time complexity of LDAP groups synchronization
...
(in the direction from LDAP provider to Keycloak) from exponential to
linear time in the case of syncing flat LDAP groups structure
Add a corresponding test (intentionally configured as to be ignored
by CI/CD due to higher demand on time, required fo the test completion)
Signed-off-by: Jan Lieskovsky <jlieskov@redhat.com>
2019-09-12 09:54:13 +02:00
Cédric Couralet
9c37da0ee9
KEYCLOAK-8818 Support message bundle in theme resources
2019-09-11 08:03:16 +02:00
mhajas
2703388946
KEYCLOAK-11245 Adapt LDAPConnectionTestManager to use newly introduced LDAPContextManager
2019-09-10 22:51:19 +02:00
mhajas
9c2525ec1a
KEYCLOAK-11245 Use transcription object for LDAP bindCredential
2019-09-09 19:39:53 +02:00
Martin Kanis
4235422798
KEYCLOAK-11246 Use the transcription object for SMTP password
2019-09-09 13:27:11 +02:00
Hynek Mlnarik
9eb2e1d845
KEYCLOAK-11028 Use pessimistic locks to prevent DB deadlock when deleting objects
2019-09-09 10:57:49 +02:00
Stefan Guilhen
60205845a8
[KEYCLOAK-7264] Add a RoleMappingsProvider SPI to allow for the configuration of custom role mappers in the SAML adapters.
...
- Provides a default implementation based on mappings loaded from a properties file.
- Role mappers can also be configured in the keycloak-saml susbsytem.
2019-09-09 05:24:25 -03:00
rmartinc
a726e625e9
KEYCLOAK-10782: Credentials tab on clients can only be displayed with view-realm
2019-09-06 16:45:08 -03:00
Martin Kanis
b1be6c2bdd
KEYCLOAK-11247 Use the transcription object for Identity providers password
2019-09-06 15:29:11 +02:00
Pedro Igor
a1d8850373
[KEYCLOAK-7416] - Device Activity
2019-09-05 11:43:27 -03:00
Sebastian Laskawiec
69d6613ab6
KEYCLOAK-10169 OpenShift 4 Identity Provider
2019-09-05 16:33:59 +02:00
vmuzikar
2f9d875840
KEYCLOAK-11286 Fix tests in "other" module
2019-09-05 16:29:09 +02:00
vramik
ca6fbac599
KEYCLOAK-11150 testsuite dependency with auth-server-remote
2019-09-05 08:34:22 +02:00
Stefan Guilhen
bb9c811a65
[KEYCLOAK-10935] Add a vault transcriber implementation that can be obtained from the session.
...
- automatically parses ${vault.<KEY>} expressions to obtain the key that contains the secret in the vault.
- enchances the capabilities of the VaultProvider by offering methods to convert the raw secrets into other types.
2019-09-04 22:34:08 +02:00
mposolda
3a19db0c9d
KEYCLOAK-10921 Fix unstable RefreshTokenTest
2019-09-04 05:54:26 -03:00
Martin Bartos RH
a0ba6e593e
[KEYCLOAK-11024] RulesPolicyManagementTest failing with auth-server-undertow in universal pipeline
2019-09-02 11:58:30 +02:00
Niko Köbler
49e9cd759b
KEYCLOAK-10734 Let the check-sso feature do the check in hidden iframe
2019-08-20 15:41:09 -03:00
Pedro Igor
e12c245355
[KEYCLOAK-10779] - CSRF check to My Resources
...
(cherry picked from commit dbaba6f1b8c043da4a37c906dc0d1700956a0869)
2019-08-20 06:35:00 -03:00
Hynek Mlnarik
97811fdd51
KEYCLOAK-10786 Check signature presence in SAML broker
...
(cherry picked from commit ba9f73aaff22eb34c7dec16f4b76d36d855d569b)
2019-08-20 06:35:00 -03:00
Leon Graser
0ce10a3249
[KEYCLOAK-10653] Manage Consent via the Account API
2019-08-20 06:24:44 -03:00
Pedro Igor
3f2a38936c
[KEYCLOAK-11154] - Unstable Photoz Adapter Tests
2019-08-19 16:04:24 -03:00
mhajas
78ee5adfe8
KEYCLOAK-10034 Replace pause with waitForPageToLoad
2019-08-19 10:18:15 +02:00
Nemanja Hiršl
411ea331f6
KEYCLOAK-10785 X.509 Authenticator - Update user identity source mappers
...
Update user identity sources and the way how X.509 certificates are mapped to the user to:
1. Include "Serial number + Issuer DN" as described in RFC 5280
2. Include "Certificate's SHA256-Thumbprint"
3. Exclude "Issuer DN"
4. Exclude "Issuer Email"
Add an option to represent serial number in hexadecimal format.
Documentation PR created: https://github.com/keycloak/keycloak-documentation/pull/714
KEYCLOAK-10785 - Documentation for new user identity source mappers
2019-08-16 11:35:50 -03:00
Takashi Norimatsu
8225157a1c
KEYCLOAK-6768 Signed and Encrypted ID Token Support
2019-08-15 15:57:35 +02:00
mposolda
67df6d03af
KEYCLOAK-10449 KEYCLOAK-10550 Fix manual DB migration test with MSSQL
2019-08-15 14:19:27 +02:00
Martin Bartos RH
925864530a
KEYCLOAK-10457 Merge preview features test: SocialLoginTest
2019-08-14 22:09:59 +02:00
Peter Skopek
71eed3af06
KEYCLOAK-10792 MigrationTest fails in pipeline: fix log file checker to start from the right position after server restart
2019-08-12 15:41:56 +02:00
Martin Bartos RH
9d67e92117
[KEYCLOAK-10465] Merge preview features test: OpenShiftTokenReviewEndpoint
2019-08-06 12:57:33 +02:00
Hynek Mlnarik
9bca5c9968
KEYCLOAK-10964 Remove realm reimport in SAMLServletAdapterTest
2019-08-05 09:35:04 +02:00
Martin Bartos RH
da85cff53b
[KEYCLOAK-10458] Merge preview features test: RulesPolicyManagement
2019-08-01 14:34:51 +02:00
Sebastian Laskawiec
041208bd25
KEYCLOAK-10033 Prevent connections going stale
...
See https://stackoverflow.com/questions/10558791/apache-httpclient-interim-error-nohttpresponseexception
2019-07-30 18:13:10 +02:00
Martin Bartos RH
b18d88a37b
[KEYCLOAK-10066] Merge Preview Features Test: OpenshiftClientStorage
2019-07-30 14:20:54 +02:00
Pedro Igor
8b203d48ce
[KEYCLOAK-10949] - Proper error messages when failing to authenticate the request
2019-07-29 17:01:42 -03:00
Pedro Igor
967d21dbb5
[KEYCLOAK-10713] - Pagination to resources rest api
2019-07-29 16:19:22 -03:00
Stan Silvert
bc818367a1
KEYCLOAK-10854: App-initiated actions Phase I
2019-07-26 14:56:29 -03:00
Stan Silvert
6c79bdee41
KEYCLOAK-10854: App initiated actions phase I
2019-07-26 14:56:29 -03:00
mhajas
57a8fcb669
KEYCLOAK-10776 Add session expiration to Keycloak saml login response
2019-07-24 13:35:07 +02:00
mhajas
4b18c6a117
KEYCLOAK-7207 Check session expiration for SAML session
2019-07-24 13:35:07 +02:00
mhajas
bf33cb0cf9
KEYCLOAK-9102 Add tests for Saml RelayState
2019-07-24 12:28:00 +02:00
keycloak-bot
17e9832dc6
Set version to 8.0.0-SNAPSHOT
2019-07-19 19:05:03 +02:00
Leon Graser
e1cb17586f
display users in roles
2019-07-19 09:52:13 -04:00
Hynek Mlnarik
67f8622d13
KEYCLOAK-8318 Workaround Elytron's double encoding of the query parameters
...
Co-Authored-By: mhajas <mhajas@redhat.com>
2019-07-19 14:37:38 +02:00
mhajas
282569df23
KEYCLOAK-10797 Ignore test until the issue is resolved
2019-07-19 13:37:20 +02:00
Hynek Mlnarik
3d4283fac9
KEYCLOAK-9987 Upgrade to Wildfly17
...
Co-Authored-By: hmlnarik <hmlnarik@redhat.com>
2019-07-16 08:05:46 +02:00
Pedro Igor
5f5cb6cb7b
[KEYCLOAK-10808] - Do not show authorization tab when client is not confidential
2019-07-15 10:07:31 -03:00
Steeve Beroard
fc9a0e1766
[KEYCLOAK-8104] Keycloak SAML Adapter does not support clockSkew configuration
...
Co-Authored-By: vramik <vramik@redhat.com>
2019-07-15 13:08:52 +02:00
rmartinc
6d6db1f3e5
KEYCLOAK-10345: OCSP validation fails if there is no intermediate CA in the client certificate
2019-07-12 15:16:00 +02:00
mposolda
77e9f16ad3
KEYCLOAK-10813 ComponentsTest.testConcurrencyWithChildren failed with oracle due timeout
2019-07-12 10:42:37 +02:00
mposolda
c003dabf6c
KEYCLOAK-10753 Possibility for JavascriptExecutor to use the timeout from pageload.timeout property instead of hardcoded
2019-07-12 10:42:37 +02:00
mposolda
91b41b1a2e
KEYCLOAK-10793 Possibility to increase server startup timeout
2019-07-12 10:42:37 +02:00
Takashi Norimatsu
2e850b6d4a
KEYCLOAK-10747 Explicit Proof Key for Code Exchange Activation Settings
2019-07-12 08:33:20 +02:00
Martin Kanis
efdf0f1bd8
KEYCLOAK-6839 You took too long to login after SSO idle
2019-07-10 10:15:26 +02:00
vramik
5a5325672b
KEYCLOAK-10718 Refactor fuse adapter test
2019-07-09 08:56:35 +02:00
mposolda
5f9feee3f8
KEYCLOAK-9846 Verifying signatures on CRL during X509 authentication
2019-07-08 20:20:38 +02:00
Tomasz Prętki
0376e7241a
KEYCLOAK-10251 New Claim JSON Type - JSON
2019-07-08 11:59:57 +02:00
Hynek Mlnarik
ca4e14fbfa
KEYCLOAK-7852 Use original NameId value in logout requests
2019-07-04 19:30:21 +02:00
mposolda
5b40691deb
KEYCLOAK-10355 Avoid LastSessionRefreshUnitTest to trigger scheduled tasks
2019-07-04 09:53:19 +02:00
Sebastian Laskawiec
b5d8f70cc7
KEYCLOAK-8224 Client not found error message
2019-07-03 18:34:56 +02:00
Asier Aguado
bed22b9b8d
[KEYCLOAK-10710] Make social providers compatible with OIDC UsernameTemplateMappers
2019-07-03 15:01:46 +02:00
rmartinc
bd5dec1830
KEYCLOAK-10112: Issues in loading offline session in a cluster environment during startup
2019-07-03 13:17:45 +02:00
Pedro Igor
0cdd23763c
[KEYCLOAK-10443] - Define a global decision strategy for resource servers
2019-07-02 09:14:37 -03:00
Peter Skopek
aca8c89d3e
KEYCLOAK-10075 fix drop all tables for postgres and mssql
2019-06-27 14:03:13 +02:00
mposolda
a46bf708c0
KEYCLOAK-9947 KEYCLOAK-10451 Better support for DB manual migration test with DB provided by docker or dballocator plugin
2019-06-27 13:52:17 +02:00
Jeroen ter Voorde
7654793713
[KEYCLOAK-10419] Remove user and group resource at the end of the GroupTest.
2019-06-21 11:31:01 +02:00
Jeroen ter Voorde
7518692c0d
[KEYCLOAK-10419] Added briefRepresentation parameter support to the admin client interface
...
And added a aquillian test for it.
2019-06-21 11:31:01 +02:00
mhajas
b3d3d5b59d
KEYCLOAK-10361 Fix instabilities on windows
2019-06-14 09:05:02 +02:00
Pedro Igor
fdc0943a92
[KEYCLOAK-8060] - My Resources REST API
2019-06-11 14:23:26 -03:00
Martin Bartos RH
6393dbad8d
KEYCLOAK-10582 Fixed bug with disabling Token Exchange feature
2019-06-11 08:27:23 +02:00
Martin Bartos RH
1b7b8244d0
KEYCLOAK-10459 Merge preview features test: FineGrainAdminUnit
2019-06-06 11:21:27 +02:00
Pedro Igor
61eb94c674
[KEYCLOAK-8915] - Support resource type in authorization requests
2019-06-04 21:02:54 -03:00
Martin Bartos RH
ccd90d5fdc
KEYCLOAK-10065 Merge preview features test: BrokerLinkAndTokenExchangeTest
2019-06-03 15:48:51 +02:00
Thomas Darimont
2825619243
KEYCLOAK-1033 Add PKCE support for JS Adapter
...
This adds support for the "S256" code_challenge_method to the JS Adapter.
Note that the method "plain" was deliberately left out as is not recommended
to be used in new applications.
Note that this PR includes two libraries:
- [base64-js]{@link https://github.com/beatgammit/base64-js }
- [js-sha256]{@link https://github.com/emn178/js-sha256 }
`base64-js` is needed for cross-browser support for decoding the
Uint8ArrayBuffer returned by `crypto.getRandomValues` to a PKCE
compatible base64 string.
`js-sha256` library is required because the `crypto.subtle.digest`
support is not available for all browsers.
The PKCE codeVerifier is stored in the callbackStore of the JS Adapter.
Note: This PR is based on #5255 which got messed up during a rebase.
2019-05-29 15:40:16 +02:00
mposolda
be2e1c333e
KEYCLOAK-10400 KEYCLOAK-10299 DBAllocator plugin fixes. Updated oracle version to 12cR1RAC
2019-05-29 15:05:15 +02:00
skyfalke
0007bad6f3
KEYCLOAK-10393 Fix permission ticket pagination in Authz Client
...
KEYCLOAK-10393 Ensure idempotency of find method of permission ticket store
2019-05-29 09:43:54 -03:00
Stefan Guilhen
40ec46b79b
[KEYCLOAK-8043] Allow prompt=none query parameter to be propagated to default IdP
2019-05-29 09:22:46 +02:00
Pedro Igor
e9ea1f0e36
[KEYCLOAK-10279] - Do not limit results when fetching resources
2019-05-28 15:35:29 -03:00
mhajas
45c024db74
KEYCLOAK-10358 Fix ConsoleProtectionTest auth-server url
2019-05-27 12:41:29 +02:00
mposolda
a980629e66
KEYCLOAK-10295 Tweaks for MariaDB testing in docker container
2019-05-24 12:52:55 +02:00
Réda Housni Alaoui
72d6ac518c
User password cache is not refreshed after updating the user with hashed credential
2019-05-23 14:16:40 +02:00
mhajas
3c96dfb041
KEYCLOAK-9895 Fix wrongly called assertCurrent method
2019-05-23 10:41:10 +02:00
vramik
ac6d877954
KEYCLOAK-10283 Update FuseAdapterTest to check login page directly
2019-05-21 14:26:37 +02:00
mposolda
4ced3b0aee
KEYCLOAK-10246 Fix MultipleRealmsTest on undertow
2019-05-20 20:33:23 +02:00
vramik
d64f716a20
KEYCLOAK-2709 SAML Identity Provider POST Binding request page shown to user is comletely blank with nonsense title
2019-05-20 09:51:04 +02:00
Tomohiro Nagai
d593ac3e6f
KEYCLOAK-9711 REQUIRED authentictor in ALTERNATIVE subflow throws AuthenticationFlowException when the authentictor returns ATTEMPTED.
2019-05-15 12:45:50 +02:00
Hynek Mlnarik
b8aa1916d8
KEYCLOAK-10195 Fix role lookup to address roles with dots
2019-05-14 13:00:04 +02:00
Stefan Guilhen
f1acdc000e
[KEYCLOAK-10168] Handle microprofile-jwt client scope migration
2019-05-06 15:14:27 -03:00
mposolda
859bfc06ad
KEYCLOAK-10150 surefire.memory.settings is ignored when running testsuite
2019-04-30 14:11:33 +02:00
Jan Lieskovsky
9eb400262f
KEYCLOAK-6055 Include X.509 certificate data in audit logs
...
Signed-off-by: Jan Lieskovsky <jlieskov@redhat.com>
Co-authored-by: mposolda <mposolda@gmail.com>
2019-04-30 11:31:04 +02:00
Sebastian Loesch
96250c9685
[KEYCLOAK-9573] Allow AdminEvents for custom resource types
2019-04-26 09:57:28 +01:00
mposolda
39a5978273
KEYCLOAK-5473 X509 Add missing tests for User Identity Sources
2019-04-25 09:11:41 +02:00
Hynek Mlnarik
65326ce16a
KEYCLOAK-9629 Update cookie type
2019-04-24 07:18:41 +01:00
Sebastian Loesch
43393220bf
Add X.509 authenticator option for canonical DN
...
Because the current distinguished name determination is security provider
dependent, a new authenticator option is added to use the canonical format
of the distinguished name, as descriped in
javax.security.auth.x500.X500Principal.getName(String format).
2019-04-23 21:04:18 +02:00
mposolda
7a671052a3
KEYCLOAK-9988 Fix unstable UserSessionPersisterOfflineTest.testExpired. Adding ResetTimeOffsetEvent
2019-04-23 20:58:37 +02:00
mhajas
3f08238c2d
KEYCLOAK-6641 Stabilize SpringBoot tests
2019-04-23 20:43:16 +02:00
keycloak-bot
49d4e935cb
Set version to 7.0.0-SNAPSHOT
2019-04-17 09:48:07 +01:00
Martin Bartos RH
0e2a781bb8
KEYCLOAK-10064 Merge preview features test: AccountRestServiceTest
2019-04-16 14:40:44 +02:00
Martin Bartos RH
a6e53b3f1c
KEYCLOAK-10063 Merge preview features test: ClientTokenExchangeTest
2019-04-16 12:49:54 +02:00
vramik
e2d69632e9
KEYCLOAK-10004 refactor fuse adapter tests
2019-04-16 10:11:27 +02:00
mposolda
a8af51c7bb
KEYCLOAK-9988 Fix unstable UserSessionProviderOfflineTest.testExpired
2019-04-12 17:16:53 +02:00
Bekh-Ivanov George
ebcfeb20a3
[KEYCLOAK-10020] - Add ability to request user-managed (ticket) permissions by name
2019-04-12 08:44:57 -03:00
Pedro Igor
c8970c95d5
[KEYCLOAK-10015] - CIP not properly resolving objects from JSON request body
2019-04-11 18:19:43 -03:00
Peter Skopek
3a105cf9e9
KEYCLOAK-8347 migrate Welcome page test to base testsuite
2019-04-11 21:52:52 +02:00
Hynek Mlnarik
a63efd872d
KEYCLOAK-9822 Fix deadlock in OIDC adapter upon logout
2019-04-09 21:03:02 +02:00
Takashi Norimatsu
9b3e297cd0
KEYCLOAK-9756 PS256 algorithm support for token signing and validation
2019-04-09 20:52:02 +02:00
fisache
b4973ad7b5
[KEYCLOAK-9769] service account can't authorize when group policy exists in resource server
2019-04-09 15:23:50 -03:00
vramik
2aeda71e16
KEYCLOAK-6152 fix WAS adapter tests
2019-04-09 19:34:50 +02:00
mhajas
ccc8e06f9a
KEYCLOAK-9895 Fix stability of Hawtio EAP6Fuse test
2019-04-08 08:30:31 +02:00
Stefan Guilhen
2fa2437555
KEYCLOAK-5613 Add built-in optional client scope for MicroProfile-JWT
2019-04-02 08:40:19 -03:00
vramik
5b8b463fc0
KEYCLOAK-9814 ExportImportTest NPE
2019-04-02 13:17:58 +02:00
vramik
35fa4b878b
KEYCLOAK-9712 KEYCLOAK-9911 moved Javascript adater tests and LoginModulesTest outsite of adapter package
2019-03-28 10:08:23 +01:00
rmartinc
a9a4e9daae
KEYCLOAK-9884: "user-attribute-ldap-mapper" is not propagating the change of "username" (uid) attribute.
2019-03-27 19:07:51 +01:00
mhajas
c6bd293d25
KEYCLOAK-9893 Use SSL in EAP6, add / to url for EAP6 deployment
2019-03-27 14:02:03 +01:00
Hisanobu Okuda
b44c86bd26
KEYCLOAK-9833 Large SSO Session Idle/SSO Session Max causes login failure
2019-03-27 11:42:40 +01:00
mhajas
0d0eec8790
KEYCLOAK-9869 Fix stability of cluster tests on EAP6
2019-03-27 08:03:20 +01:00
Hynek Mlnarik
c3cebcae85
KEYCLOAK-9865 Update documentation in testsuite
2019-03-22 14:12:14 +01:00
vramik
b7c5ca8b38
KEYCLOAK-8535 Inconsistent SAML Logout endpoint handling
2019-03-22 14:09:31 +01:00
mposolda
db271f7150
KEYCLOAK-9572 Support for multiple CRLs with X509 authentication
2019-03-20 15:00:44 +01:00
Hynek Mlnarik
1c906c834b
KEYCLOAK-3373 Remove SAML IdP descriptor from client installation and publicize it in realm endpoint instead
2019-03-19 11:37:15 +01:00
fisache
a868b8b22a
[KEYCLOAK-9772] Permissions are duplicated
...
- when resource server is current user
2019-03-18 16:37:54 -03:00
vramik
5808ad2de0
KEYCLOAK-9708 Enable SmallRye Health and Metrics extensions
2019-03-18 10:57:28 +01:00
mposolda
a48698caa3
KEYCLOAK-6056 Map user by Subject Alternative Name (otherName) when authenticating user with X509
2019-03-15 23:11:47 +01:00
vramik
cf35a4648b
KEYCLOAK-9780 Replace XSLT transformations by ant/CLI scripts
2019-03-15 22:18:09 +01:00
Grzegorz Grzybek
79c4d797db
KEYCLOAK-9646 Fix itests for Fuse 7.3
...
Co-Authored-By: Hynek Mlnarik <hmlnarik@redhat.com>
2019-03-15 12:58:17 +01:00
Axel Messinese
e18fb56389
KEYCLOAK-4978 Add endpoint to get groups by role
2019-03-15 06:00:17 +01:00
Martin Bartos RH
a3c175a21e
KEYCLOAK-9348 UserStorageConsentTest fails with some databases
2019-03-15 05:58:59 +01:00
Martin Bartos RH
d0b7700c04
KEYCLOAK-8379 Migrate ModelClass: AuthenticationSessionProviderTest
2019-03-15 05:58:19 +01:00
Pedro Igor
93965512c5
[KEYCLOAK-8522] - Migrate broker tests from old to new testsuite
2019-03-15 05:57:24 +01:00
rmartinc
2602c222cd
KEYCLOAK-4640: LDAP memberships are being replaced instead of being added or deleted
2019-03-14 18:40:15 +01:00
Sebastian Laskawiec
996389d61b
KEYCLOAK-9512 Run x509 tests by default
2019-03-14 15:38:14 +01:00
Corey McGregor
be77fd9459
KEYCLOAK-2339 Adding impersonator details to user session notes and supporting built-in protocol mappers.
2019-03-08 09:14:42 +01:00
rmartinc
231db059b2
KEYCLOAK-8996: Provide a way to set a responder certificate in OCSP/X509 Authenticator
2019-03-07 07:57:20 +01:00
keycloak-bot
e843d84f6e
Set version to 6.0.0-SNAPSHOT
2019-03-06 15:54:08 +01:00
mhajas
8a750c7fca
KEYCLOAK-6750 Adapt Tomcat adapter tests to new structure
2019-03-06 08:57:46 +01:00
Sebastian Laskawiec
406097a508
KEYCLOAK-6749 Jetty App Server
2019-03-05 15:21:48 +01:00
vramik
2e7eb92f43
KEYCLOAK-8699 replace hostnames with nip.io ones to include cors tests by default
2019-03-05 12:00:01 +01:00
Martin Bartos RH
bec5d676e7
[KEYCLOAK-7907] Migrate model package from old testsuite
2019-03-05 09:39:17 +01:00
mposolda
89d0c51e13
KEYCLOAK-3159 Migrate federation package from old testsuite
2019-03-04 13:37:12 +01:00
Gilles
f295a2e303
[KEYCLOAK-3723] Fixed updated of protocol mappers within client updates in clients-registrations resource
2019-03-04 11:57:59 +01:00
Pedro Igor
6aa9096361
[KEYCLOAK-9451] - Policy evaluation fails when not evaluated against a particual resource
2019-02-28 10:38:09 -03:00
vramik
fab52ebc51
KEYCLOAK-9611 Add support to the testsuite for migration from 4.8.3.Final
2019-02-28 13:53:30 +01:00
Pedro Igor
75d9847672
[KEYCLOAK-9478] - Support multiple CIP providers in the policy enforcer configuration
2019-02-27 19:08:57 -03:00
Pedro Igor
bacc1b538f
[KEYCLOAK-8855] - Tests
2019-02-27 15:39:32 -03:00
Stefan Guilhen
9c34cc7365
[KEYCLOAK-9371] Fix premature termination of sessions when remember-me is in use
2019-02-27 15:08:50 +01:00
vramik
5d205d16e8
KEYCLOAK-9167 Using kcadm to update an identity-provider instance via a json file does not work without an "internalId" present in the json
2019-02-27 14:56:36 +01:00
mposolda
362faf3adb
KEYCLOAK-6627 Closing admin clients and testing clients in testsuite
2019-02-27 08:57:42 +01:00
Stan Silvert
05005a1791
KEYCLOAK-8522: Migrate IdpHint tests. Remove unneeded tests.
2019-02-25 09:40:39 -03:00
Hynek Mlnarik
37ef47d6ab
KEYCLOAK-9509 Upgrade to Wildfly 15
...
KEYCLOAK-9584 Update Wildfly Arquillian version
KEYCLOAK-9581: Fix CookiePathTests
KEYCLOAK-9607 CLI sripts and configuration files update
KEYCLOAK-9580 Fix component registration error
KEYCLOAK-9590 Update JDG to newest version
* Infinispan is using whatever version is set in root pom.xml.
KEYCLOAK-9509 Fix Undertow tests
Co-Authored-By: vramik <vramik@redhat.com>
Co-Authored-By: sebastienblanc <scm.blanc@gmail.com>
2019-02-25 08:56:46 +01:00
Pedro Igor
99f8e5f808
[KEYCLOAK-9489] - Fixing fine-grained permission functionality
2019-02-22 09:22:14 -03:00
Pedro Igor
9314f13255
[KEYCLOAK-9093] - False-Positive UMA Policy Evaluation
2019-02-21 21:47:58 -03:00
Pedro Igor
4d5dff1d64
[KEYCLOAK-9474] - Public endpoints are returning 403 with body when enforcement mode is disabled
2019-02-21 16:27:07 -03:00
stianst
e06c705ca8
Set version 5.0.0
2019-02-21 09:35:14 +01:00
mposolda
e4d4159743
KEYCLOAK-9586 Fix cluster tests. Fix cross-dc tests on embedded undertow
2019-02-20 19:11:38 +01:00
Pedro Igor
34d8974e7f
[KEYCLOAK-9489] - User not able to log in to admin console when using query-* roles
2019-02-20 18:09:36 +01:00
vmuzikar
7afd068c27
KEYCLOAK-9423 Fix Stack Overflow Social Login test
2019-02-20 16:45:11 +01:00
Stan Silvert
9e16c772bd
KEYCLOAK-9387: Add hor scroll & tooltips to role selectors
2019-02-19 21:03:52 +01:00
Hynek Mlnarik
c34c0a3860
KEYCLOAK-9112 KEYCLOAK-9108 Ignore expected exceptions
2019-02-13 15:49:49 +01:00
Hynek Mlnarik
a74d6ab932
KEYCLOAK-9107 Fix NPE
2019-02-13 15:49:49 +01:00
Hynek Mlnarik
37e6b6ffc6
KEYCLOAK-9113 Add support for inspecting log messages for uncaught errors
2019-02-13 15:49:49 +01:00
vmuzikar
16827ef64b
KEYCLOAK-9531 Fix broken Arquillian tests in the "other" module
2019-02-12 15:09:31 +01:00
Hynek Mlnarik
59430e7cd6
KEYCLOAK-9456 Docker support for testing with MSSQL, Oracle 11g
2019-02-08 19:31:45 +01:00
vmuzikar
191cbca7ad
UI and Node.js adapter tests fixes
2019-02-08 08:57:48 -02:00
Sebastian Laskawiec
ee41a0450f
KEYCLOAK-8349 KEYCLOAK-8659 Use TLS for all tests in the suite
2019-02-08 08:57:48 -02:00
Pedro Igor
885eec5ef2
[KEYCLOAK-8348] - Containerize database tests
2019-01-30 16:29:03 -02:00
Pedro Igor
e01c9ddd60
[KEYCLOAK-8849] - Fixing request entitlements call
2019-01-16 12:25:18 -02:00
Pedro Igor
31e8e73e48
[KEYCLOAK-8849] - Using custom polling http client
2019-01-16 12:25:18 -02:00
vmuzikar
1199376e37
KEYCLOAK-9273 Log test browser version
2019-01-15 13:00:38 +01:00
vramik
c4a46a5591
KEYCLOAK-7677 KEYCLOAK-7723 fix version collision of httpclient
...
Co-authored-by: Pedro Igor <psilva@redhat.com>
2019-01-10 17:45:41 -02:00
stianst
7c9f15778a
Set version to 4.8.3.Final
2019-01-09 20:39:30 +01:00
vramik
0602a88fcc
KEYCLOAK-9262 Skip SAMLFilterServletAdapterTest for jdk7
2019-01-09 16:36:19 +01:00
Pedro Igor
382f6b0c2c
[KEYCLOAK-9185] - Update LinkedIn broker to LinkedIn API v2
2019-01-09 15:29:40 +01:00
mposolda
692127519b
KEYCLOAK-8724 Stabilize BruteForceCrossDCTest.testBruteForceConcurrentUpdate
2019-01-09 12:20:33 +01:00
vramik
b2a7d42310
KEYCLOAK-9193 CorsExampleAdapterTest fails on Windows
2019-01-04 09:20:28 +01:00
stianst
7c4890152c
Set version to 4.8.2
2019-01-03 14:43:22 +01:00
stianst
07ccbdc3db
KEYCLOAK-9182
2019-01-03 14:28:35 +01:00
Sebastian Laskawiec
602b7207ab
KEYCLOAK-9008 CookieStoreRootContextTest stabilization
2018-12-19 10:11:44 +01:00
mposolda
061693a8c9
KEYCLOAK-9089 IllegalArgumentException when trying to use ES256 as OIDC access token signature
2018-12-14 21:01:03 +01:00
mhajas
26c8af5369
KEYCLOAK-8533 Add tests for native promises
2018-12-13 13:57:58 +01:00
mposolda
1237986fd0
KEYCLOAK-8838 Incorrect resource_access in accessToken when clientId contains dots
2018-12-13 10:31:27 +01:00
rmartinc
3c44e6c377
KEYCLOAK-9068: IDP-initiated-flow is not working with REDIRECT binding
2018-12-13 06:28:38 -02:00
mhajas
81d4908c1d
KEYCLOAK-9058 Fix issue with cyclic object on firefox
2018-12-13 08:33:14 +01:00
mposolda
c51c492996
KEYCLOAK-9050 Change LoginProtocol.authenticated to read most of the values from authenticationSession
2018-12-12 13:30:03 +01:00
Stan Silvert
3ed77825a2
KEYCLOAK-8495: Account REST Svc doesn't require acct roles
2018-12-12 12:07:29 +01:00
mposolda
a7f57c7e23
KEYCLOAK-9021
2018-12-12 07:09:14 +01:00
Hynek Mlnarik
dad12635f6
KEYCLOAK-9014 Fix displayed applications
2018-12-10 09:59:46 +01:00
Pedro Igor
8204509b0c
[KEYCLOAK-8980] - ElytronAccount not serializable
2018-12-10 08:55:00 +01:00
mposolda
88141320ac
KEYCLOAK-9002 StackOverflowError when reading LDAP-backed users via REST API
2018-12-07 12:25:05 +01:00
vramik
6616e4a011
KEYCLOAK-8660 fix package name of Album class
2018-12-06 19:13:38 +01:00
Pedro Igor
0c39eda8d2
[KECLOAK-8237] - Openshift Client Storage
2018-12-06 10:57:53 -02:00
Martin Bartos RH
99a5656f0f
[KEYCLOAK-8389] Migrate ModelClass: UserSessionInitializerTest
2018-12-06 12:43:11 +01:00
vmuzikar
3e48fa1dbc
KEYCLOAK-9023 Add support for Java 11 to the testsuite
2018-12-06 11:47:00 +01:00
Pedro Igor
e798c3bca2
[KEYCLOAK-8901] - Identity Provider : UserInfo response as JWT Token not supported
2018-12-05 09:28:12 -02:00
Hynek Mlnarik
00e0ba8633
KEYCLOAK-8940 Stabilize SessionsPreloadCrossDCTest.loginFailuresPreloadTest
2018-12-04 14:27:57 +01:00
Pavel Drozd
bba081d3a8
KEYCLOAK-8982 - Fix Servlet Filter tests for WLS & WAS
2018-12-04 13:58:25 +01:00
stianst
b674c0d4d9
Prepare for 4.8.0.Final
2018-12-04 13:54:25 +01:00
vramik
4b50fdb404
KEYCLOAK-8955 adapter installation fails on windows - edit logging
2018-12-04 13:50:55 +01:00
Pedro Igor
ed0b5d4df1
[KEYCLOAK-8857] - Provide utility to create AuthzClient from InputStream
2018-12-03 11:14:43 -02:00
vramik
1b8dc04459
KEYCLOAK-8817 skip EntitlementAPITest.testOfflineRequestingPartyToken for auth-server-undertow
2018-11-29 13:38:26 +01:00
Pedro Igor
4355c89b9d
[KEYCLOAK-7365] - No need to check roles when refreshing tokens
2018-11-29 08:51:25 -02:00
rmartinc
1b37394276
KEYCLOAK-7242: LDAPS not working with truststore SPI and connection timeout
2018-11-29 11:21:46 +01:00
Hynek Mlnarik
ded82fff3d
KEYCLOAK-8941 Fix order of stopping test servers
2018-11-29 11:16:34 +01:00
Sebastian Laskawiec
4fbbaf18aa
KEYCLOAK-8830 Stabilize ExportImportTest
2018-11-29 10:33:00 +01:00
Tomasz Prętki
2b9b1ba45f
[KEYCLOAK-8823] - PathMatcher doesn't prefer overloaded templated resources
2018-11-28 11:39:11 -02:00
vmuzikar
7d75377813
KEYCLOAK-8944 Fix ProfileAssume for backward adapter compat. testing
2018-11-27 13:58:41 +01:00
Stefan Guilhen
311e848460
KEYCLOAK-8504 Ensure the authenticationFlowBindingOverrides client configuration references a valid authentication flow id when a realm is imported
2018-11-23 22:09:14 +01:00
Pedro Igor
91637120ee
[KEYCLOAK-5052] - LDAP group names containing / in the name violates SIBILING_NAME constraint in db
2018-11-23 08:48:08 -02:00
Hynek Mlnarik
d90a5d1367
KEYCLOAK-8594 Fix missing option to Base64 encoder
2018-11-22 21:48:00 +01:00
Hynek Mlnarik
d395043fc7
KEYCLOAK-8707 Fix client template to scope migration
2018-11-22 15:07:47 +01:00
mposolda
6e93ca36af
KEYCLOAK-8519 OIDCScopeTest.testClientDisplayedOnConsentScreenWithEmptyConsentText failing on Oracle
2018-11-22 09:30:01 +01:00
vramik
2d727fc54c
KEYCLOAK-8909 fix KcOidcBrokerLogoutTest for product
2018-11-22 09:28:37 +01:00
mposolda
6db1f60e27
KEYCLOAK-7774 KEYCLOAK-8438 Errors when SSO authenticating to same client multiple times concurrently in more browser tabs
2018-11-21 21:51:32 +01:00
Stefan Guilhen
8af1ca8fc3
KEYCLOAK-8414 use the clientId when the ClientScopeModel is an instance of ClientModel
2018-11-20 15:08:10 +01:00
vramik
55f90ff09f
KEYCLOAK-8837 Adapt TS to be able to test migration from 7.2.5.GA (instead from 7.2.0.GA)
2018-11-19 18:06:33 +01:00
Stian Thorgersen
f3bf1456ab
KEYCLOAK-8781 Mark OpenShift integration as preview. Fix issue in Profile where preview features was not enabled in preview mode. ( #5738 )
2018-11-19 17:32:21 +01:00
Hynek Mlnarik
548950ed8e
KEYCLOAK-8756 Consider also required actions of AuthenticationSession
2018-11-19 16:04:43 +01:00
Marek Posolda
f67d6f9660
KEYCLOAK-8482 Access token should never contain azp as an audience ( #5719 )
2018-11-19 14:38:41 +01:00
Stian Thorgersen
3756cf629b
KEYCLOAK-7081 Fixes for manual/qr mode switches on login config otp page ( #5717 )
2018-11-19 14:32:28 +01:00
Takashi Norimatsu
0793234c19
KEYCLOAK-8460 Request Object Signature Verification Other Than RS256 ( #5603 )
...
* KEYCLOAK-8460 Request Object Signature Verification Other Than RS256
also support client signed signature verification by refactored token
verification mechanism
* KEYCLOAK-8460 Request Object Signature Verification Other Than RS256
incorporate feedbacks and refactor client public key loading mechanism
* KEYCLOAK-8460 Request Object Signature Verification Other Than RS256
unsigned request object not allowed
* KEYCLOAK-8460 Request Object Signature Verification Other Than RS256
revert to re-support "none"
2018-11-19 14:28:32 +01:00
Hynek Mlnarik
461dae20de
KEYCLOAK-8731 Ensure password history is kept in line with password policy
2018-11-19 12:48:51 +01:00
mposolda
0533782d90
KEYCLOAK-7275 KEYCLOAK-5479 Faster offline sessions preloading at startup. Track lastSessionRefresh timestamps more properly by support bulk update to DB
2018-11-16 14:23:28 +01:00
Leon Graser
85f11873c3
KEYCLOAK-8613 Group Membership Pagination
2018-11-15 17:54:07 +01:00
Thomas Darimont
cf57a1bc4b
KEYCLOAK-1267 Add dedicated SSO timeouts for Remember-Me
...
Previously remember-me sessions where tied to the SSO max session
timeout which could lead to unexpected early session timeouts.
We now allow SSO timeouts to be configured separately for sessions
with enabled remember-me. This enables users to opt-in for longer
session timeouts.
SSO session timeouts for remember-me can now be configured in the
tokens tab in the realm admin console. This new configuration is
optional and will tipically host values larger than the regular
max SSO timeouts. If no value is specified for remember-me timeouts
then the regular max SSO timeouts will be used.
Work based on PR https://github.com/keycloak/keycloak/pull/3161 by
Thomas Darimont <thomas.darimont@gmail.com>
2018-11-15 06:11:22 +01:00
vmuzikar
8c650f9f6a
KEYCLOAK-8793 Fix backward compatibility testing for adapters
2018-11-14 22:35:47 +01:00
vmuzikar
6cee8b126b
KEYCLOAK-8792 Stabilize and fix Admin Console UI tests for RH-SSO
2018-11-14 22:32:11 +01:00
stianst
ecd476fb10
Prepare for 4.7.0.Final
2018-11-14 20:10:59 +01:00
Hynek Mlnarik
c3778e66db
KEYCLOAK-8260 Improve SAML conditions handling
2018-11-14 20:09:22 +01:00
Martin Kanis
6a23eb19f5
KEYCLOAK-8166
2018-11-14 20:09:22 +01:00
Martin Kanis
72b23c1357
KEYCLOAK-8160
2018-11-14 20:09:22 +01:00
Martin Kanis
0cb6053699
KEYCLOAK-8125
2018-11-14 20:09:22 +01:00
vramik
6564cebc0f
KEYCLOAK-7707
2018-11-14 20:09:22 +01:00
Bruno Oliveira da Silva
a957e118e6
Redirect URLs are not normalized
2018-11-14 20:09:22 +01:00
mposolda
0897d969b1
KEYCLOAK-7340
2018-11-14 20:09:22 +01:00
mposolda
1b5a83c4f1
KEYCLOAK-6980 Check if client_assertion was already used during signed JWT client authentication
2018-11-14 20:09:22 +01:00
Martin Bartos RH
f090b39e85
[KEYCLOAK-8411] Migrate ModelClass: ClientModelTest
2018-11-14 19:15:45 +01:00
mhajas
602a6e201d
KEYCLOAK-8660 Workaround photoz tests on EAP6
2018-11-13 15:57:46 +01:00
Hynek Mlnarik
7703d81389
KEYCLOAK-7421 Support SAML cluster logout for Elytron SAML adapter
2018-11-09 21:06:50 +01:00
Pedro Igor
cd96d6cc35
[KEYCLOAK-8694] - Mark Drools policy as tech preview
2018-11-09 11:08:49 -02:00
mhajas
6d04247947
KEYCLOAK-8047 Make Photoz tests great: run them on undertow + make them
...
stable
2018-11-09 12:45:38 +01:00
vramik
560d76b7ee
KEYCLOAK-6748 undertow saml adapter tests
2018-11-06 21:17:07 +01:00
Pedro Igor
bce2aee144
[KEYCLOAK-8646] - Error deleting policies when admin events are enabled
2018-11-06 11:27:32 -02:00
rmartinc
cbe59f03b7
KEYCLOAK-8708: Provide aggregation of group attributes for mappers
2018-11-06 13:42:38 +01:00
Torbjørn Skyberg Knutsen
36b0d8b80e
KEYCLOAK-7166 Added the possibility of not logging out of remote idp on browser logout, by passing a query param containing the id of the identity provider
2018-11-06 13:39:19 +01:00
scranen
5880efe775
KEYCLOAK-4342 Make naming consistent
2018-11-06 10:28:06 -02:00
scranen
0c6b20e862
[KEYCLOAK-4342] Make adapter state cookie path configurable
2018-11-06 10:28:06 -02:00
Pedro Igor
327991bd73
[KEYCLOAK-8716] - Issue with caching resolved roles in KeycloakSession
2018-11-06 10:27:04 -02:00
vramik
b2aa324ee4
KEYCLOAK-8631 skip AddUserTest on app-server-undertow
2018-10-31 18:08:42 +01:00
vramik
76e4253a21
KEYCLOAK-8670 remove support for migration.mode=import as there are separate tests
2018-10-31 18:07:20 +01:00
mposolda
ffcd8e09e7
KEYCLOAK-8175 Possibility of clientScope not being used if user doesn't have a role
2018-10-31 18:04:41 +01:00
mposolda
cfeb56e18a
KEYCLOAK-8641 Remove aud from the authorization tickets
2018-10-31 13:31:26 +01:00
mposolda
9652748ba9
KEYCLOAK-8484 Remove audience client scope template
2018-10-31 11:11:02 +01:00
Pedro Igor
f6943296c7
[KEYCLOAK-8489] - RPT request: Authorized Party's protocol mappers are being applied instead of the Audience's ones
2018-10-26 09:40:32 -03:00
vramik
4d2300f17e
KEYCLOAK-8664 KEYCLOAK-8665 KEYCLOAK-8666 fix assertions in testsuite
2018-10-25 21:42:01 +02:00
vramik
f449b8b454
KEYCLOAK-8637 Add support for OIDC multitenancy adapter test for jboss based containers
2018-10-25 20:45:45 +02:00
Graser Leon
9ef4c7fffd
KEYCLOAK-8377 Role Attributes
2018-10-24 22:04:28 +02:00
Pedro Igor
460cdf4508
[KEYCLOAK-8617] - Permission cache not handling decisions from negative policies correctly
2018-10-24 15:03:22 -03:00
mposolda
c36b577566
KEYCLOAK-8483 Remove application from the aud claim of accessToken and refreshToken
2018-10-23 13:52:09 +02:00
Pedro Igor
6f8f8e6a28
[KEYCLOAK-8449] - Option to automatically map HTTP verbs to scopes when configuring the policy enforcer
2018-10-23 08:40:54 -03:00
vramik
7a96911a83
KEYCLOAK-8300 KEYCLOAK-8301 Wildfly 14 upgrade
...
Co-authored-by: Marek Posolda <mposolda@redhat.com>
2018-10-17 20:01:07 +02:00
MICHEL Arnault (UA 2118)
ab8789739f
[KEYCLOAK-8580] Add Nginx certificate lookup provider
2018-10-16 07:53:18 +02:00
mposolda
60a8267576
KEYCLOAK-8530 KEYCLOAK-8531 Fix MigrationTest and migration from 2.5.5.Final and 3.4.3.Final
2018-10-15 16:38:24 +02:00
stianst
5f0424fb11
KEYCLOAK-8310 Change scheme option to alwaysHttps option
2018-10-15 14:00:00 +02:00
vmuzikar
393ff50b8d
KEYCLOAK-6757 Fix Microsoft Social Login test
2018-10-15 12:57:31 +02:00
Stefan Guilhen
68a54abb09
KEYCLOAK-6757 Update MicrosoftIdentityProvider to use the Microsoft Graph endpoints
2018-10-15 12:46:15 +02:00
Martin Bartos RH
102628dc59
[KEYCLOAK-4935] Migrate AddUserTest from old testsuite
2018-10-15 08:14:34 +02:00
stianst
11374a2707
KEYCLOAK-8556 Improvements to profile
2018-10-12 12:26:37 +02:00
mposolda
4483677cdd
KEYCLOAK-8529 Fix most of adapter tests on EAP6
2018-10-12 12:01:33 +02:00
mposolda
f254675a5e
KEYCLOAK-8568 DemoServletsAdapterTest.testVersion is unstable on travis
2018-10-12 09:27:37 +02:00
Leon Graser
066bef744f
KEYCLOAK-6658 Fine Grain Permissions via Java Client
...
Signed-off-by: Leon Graser <leon.graser@bosch-si.com>
2018-10-11 09:44:57 -03:00
Moritz Becker
fbe3445c48
fix KEYCLOAK-8513 remove data dependency between testUpdateProfile and testGetProfile in org.keycloak.testsuite.account.AccountRestServiceTest
2018-10-11 08:08:51 +02:00
mposolda
5b51c000af
KEYCLOAK-8481 Don't include empty resource_access in access token
2018-10-11 08:04:07 +02:00
rmartinc
0a6f43c1a1
KEYCLOAK-8490: Direct grants returns invalid credentials when user has pending actions
2018-10-10 20:18:20 +02:00
Pedro Igor
79ca722b49
[KEYCLOAK-7605] - Make sure Evaluation API is read-only
2018-10-09 08:09:29 -03:00
mposolda
3ca386f223
KEYCLOAK-8148 Duplication of listed roles assigned through groups in userinfo endpoint
2018-10-08 22:18:06 +02:00
Pedro Igor
8e57cee30f
[KEYCLOAK-8445] - Owner not granted with permissions when using only scope-based permissions
2018-10-08 09:57:21 -03:00
Hynek Mlnarik
531ee3a1be
KEYCLOAK-8494 Use c3p0 connection pool in testsuite
2018-10-08 14:24:56 +02:00
Mark True
28b6e4dd5b
cleaning up to do PR
2018-10-08 09:16:53 +02:00
Moritz Becker
f17b5f0f49
fix KEYCLOAK-7572 consistently perform duplicate user checks during account update only if email changes
...
Fix test
2018-10-05 09:35:05 +02:00
stianst
86a2f28561
KEYCLOAK-8310 Add support to set fixed scheme on fixed hostname provider
2018-10-05 09:34:17 +02:00
mposolda
0d9b1e73b8
KEYCLOAK-7855 Cannot reset Client Consent Screen Text
2018-10-04 21:00:48 +02:00
Hynek Mlnarik
211774ccbc
KEYCLOAK-7810 Fix NPE in Elytron SAML adapter
2018-10-04 14:38:45 +02:00
mposolda
2a4cee6044
KEYCLOAK-6884 KEYCLOAK-3454 KEYCLOAK-8298 Default 'roles' and 'web-origins' client scopes. Add roles and allowed-origins to the token through protocol mappers
2018-10-04 12:00:38 +02:00
Stan Silvert
dba513c921
KEYCLOAK-8419: Make most act mgt APIs only active in preview mode
2018-10-02 16:32:56 -04:00
Pedro Igor
b4b3527df7
[KEYCLOAK-7950] - Fixes user pagination when using filtering users members of groups
2018-10-02 15:44:23 -03:00
Martin Kanis
efe6a38648
KEYCLOAK-6718 Auth Flow does not Check Client Protocol
2018-09-26 21:00:02 +02:00
stianst
c3fc9e9815
Set version to 4.6.0.Final-SNAPSHOT
2018-09-26 20:58:41 +02:00
Pedro Igor
43f5983613
[KEYCLOAK-8289] - Remove authorization services from product preview profile
2018-09-26 18:27:27 +02:00
vramik
723ba42264
KEYCLOAK-8425 fix NPE during adapter cluster tests
2018-09-26 12:43:21 +02:00
Pedro Igor
df311b60b4
[KEYCLOAK-8168] - PEP is resolving claims twice under certain circumstances
2018-09-25 11:47:50 -03:00
Takashi Norimatsu
340c8e8426
KEYCLOAK-8327 Token Introspect Test for Refresh Token Mistake
2018-09-21 11:38:04 +02:00
mposolda
3777dc45d0
KEYCLOAK-3058 Support for validation of "aud" in adapters through verify-token-audience configuration switch
2018-09-21 11:17:05 +02:00
Douglas Palmer
b748e269ec
[KEYCLOAK-7435] Added code to delete a specific session and tests for session deletion
2018-09-20 15:57:58 +02:00
vmuzikar
4268dd1777
KEYCLOAK-7742,KEYCLOAK-6332 Switch Admin Console UI tests to GeckoDriver
2018-09-20 10:32:59 +02:00
vramik
24b7d080af
KEYCLOAK-8268 unify fuse70 and fuse71 modules into fuse7x module
2018-09-20 10:27:17 +02:00
Pedro Igor
6b0bc0b3be
[KEYCLOAK-8308] - Deprecate token_introspection_endpoint claim from OIDC discovery document
2018-09-19 09:46:50 -03:00
Hynek Mlnarik
2bf6d75e57
KEYCLOAK-8010 Improve handling of Conditions SAML tag
2018-09-19 14:00:28 +02:00
Pedro Igor
044d153c37
[KEYCLOAK-8273] - Failed to evaluate permissions when in permissive mode and using UMA tickets
2018-09-18 18:59:15 -03:00
Pedro Igor
609c521c17
[KEYCLOAK-8281] - Deletion of client with token exchange policy leads to breaking errors
2018-09-18 18:58:45 -03:00
Pedro Igor
aaf78297c9
[KEYCLOAK-7987] - Can't set authorization enabled when using kcreg
2018-09-18 10:00:16 -03:00
Pedro Igor
64f8fe4987
[KEYCLOAK-8070] - wrong expose headers when enable cors and policyenforcer
2018-09-17 17:02:15 -03:00
mposolda
99a16dcc1f
KEYCLOAK-6638 Support for adding audiences to tokens
2018-09-13 21:40:16 +02:00
wyvie
01051016f5
[KEYCLOAK-8185] add clear method to exportimport resource
2018-09-13 11:54:28 +02:00
slominskir
c4a651bcac
KEYCLOAK-7270 - Support for automatically linking brokered identities
2018-09-12 18:50:35 +02:00
vmuzikar
62c1ffcb52
KEYCLOAK-8189 Fix broken Google Social Login test
2018-09-12 16:40:28 +02:00
stianst
26f257a6ac
KEYCLOAK-8264 Update OpenShift Token Review endpoint to support additional algorithms and to update session last refresh on token introspection
2018-09-11 19:57:38 +02:00
stianst
12f3d2115d
KEYCLOAK-8263 Add option to client to override access token timeout
2018-09-11 12:40:51 +02:00
stianst
24e60747b6
KEYCLOAK-7560 Refactor token signature SPI PR
...
Also incorporates:
KEYCLOAK-6770 ES256/384/512 providers
KEYCLOAK-4622 Use HS256 for refresh tokens
KEYCLOAK-4623 Use HS256 for client reg tokens
2018-09-11 08:14:10 +02:00
Takashi Norimatsu
5b6036525c
KEYCLOAK-7560 Refactor Token Sign and Verify by Token Signature SPI
2018-09-11 08:14:10 +02:00
vramik
bd4098191b
KEYCLOAK-7604-rename-ids-saml-clients
2018-09-10 21:17:00 +02:00
Pedro Igor
0561d73ae2
[KEYCLOAK-6285] - HTTP Challenge Authentication Flow
2018-09-10 19:02:49 +02:00
stianst
bf758809ba
KEYCLOAK-6229 OpenShift Token Review interface
2018-09-07 08:21:28 +02:00
stianst
1fb4ca4525
Set version to 4.5.0.Final
2018-09-06 20:08:02 +02:00
vmuzikar
bd8510f4da
KEYCLOAK-7925 Initial tests for the new Account Console
2018-09-06 09:59:28 +02:00
Hynek Mlnarik
812e76c39b
KEYCLOAK-8163 Improve SAML validations
2018-09-05 15:47:03 +02:00
vramik
8761819b24
KEYCLOAK-8176 fix export issue for required action
2018-09-05 08:40:31 +02:00
Pedro Igor
47066e1b89
[KEYCLOAK-8012] - Fix offline session support in authorization services
2018-09-04 15:07:49 -03:00
Pedro Igor
6a0a1031a1
[KEYCLOAK-7754] - Fixing compat issues with UMA spec in RPT Introspection Provider
2018-09-04 11:41:09 -03:00
Pedro Igor
33efcc6b93
[KEYCLOAK-8142] - Fixing regression when setting path enforcement mode to disabled
2018-09-04 10:32:06 -03:00
Hynek Mlnarik
9f839f001f
KEYCLOAK-8218 Do not clear SAML REDIRECT query parameters
2018-09-04 11:16:06 +02:00
Hynek Mlnarik
5fe1905e4b
KEYCLOAK-6803 Prevent duplicating required actions in JPA user storage
2018-09-03 19:42:18 +02:00
mposolda
f0ba8f6591
KEYCLOAK-8139 Added wildfly-deprecated module for adapters testing. Remove wildfly9 and wildfly10
2018-09-03 08:56:09 +02:00
Johannes Knutsen
c0b5c12dee
KEYCLOAK-8147: Add support for Content-Security-Policy-Report-Only response headers
2018-08-31 10:38:56 +02:00
vramik
214a8e1fed
KEYCLOAK-8176 fix requiredActionsPriority test
2018-08-31 10:25:28 +02:00
vramik
f89637bd8f
KEYCLOAK-8178 fix AdminEventTest
2018-08-30 15:16:33 +02:00
Hynek Mlnarik
bee3894cdf
KEYCLOAK-8150 Improve loading user list
2018-08-30 13:03:49 +02:00
vramik
df76afb513
KEYCLOAK-8167 fix ExportImportTest on undertow
2018-08-29 15:18:24 +02:00
vramik
c266e90a77
KEYCLOAK-6746 ability to skip adapter test
2018-08-29 14:40:44 +02:00
mposolda
b70468341e
KEYCLOAK-7470 Ability to order client scopes
2018-08-29 14:37:27 +02:00
mhajas
21b71e83dd
KEYCLOAK-7161 Stabilize authz tests as they are running on undertow -> in Travis
2018-08-29 13:13:06 +02:00
mhajas
ccba07a5c0
KEYCLOAK-7213 Make example tests running on app-server-undertow
2018-08-29 13:13:06 +02:00
Pavel Drozd
d37eb5d10b
KEYCLOAK-8138 Fixed tests for product profile
2018-08-29 10:31:10 +02:00
mposolda
31270e2f52
KEYCLOAK-7437 Support for prompt=consent
2018-08-29 08:35:29 +02:00
Johannes Knutsen
56c97407d4
KEYCLOAK-8152: Allow passing the current locale to OAuth2 identity providers
2018-08-28 15:52:23 +02:00
mposolda
e4d05a7852
KEYCLOAK-8127 Added support for app-server-eap71. Make sure ConsoleProtectionTest is executed just for app-server-eap71
2018-08-27 12:52:53 +02:00
mposolda
6fc99cd749
KEYCLOAK-7594 Upgrade to Wildfly 13. Cross-DC: Upgrade to infinispan server 9.2.4 and JDG 7.2
...
Co-authored-by: Douglas Palmer <dpalmer@redhat.com>
Co-authored-by: stianst <stianst@gmail.com>
Co-authored-by: Hynek Mlnarik <hmlnarik@redhat.com>
2018-08-27 12:52:53 +02:00
vramik
01b0b6b345
KEYCLOAK-7975 fix updating execution with Oracle DB
2018-08-24 15:04:48 +02:00
vramik
9e072cb174
KEYCLOAK-8119 Migration tests doesn't reflect if authorization features is enabled or not
2018-08-24 14:38:36 +02:00
Pedro Igor
3c2339ba33
[KEYCLOAK-4902] - Only set effect if result exists and removing ignore from tests
2018-08-24 09:34:39 -03:00
mhajas
694966b613
KEYCLOAK-8120 Fix NullPointerException in ClaimInformationPointProviderTest
2018-08-24 09:00:35 +02:00
Martin Kanis
248654a75e
KEYCLOAK-6706 E-mail verification won't let user back into the app
2018-08-21 16:30:15 +02:00
Gregor Tudan
b606a25684
KEYCLOAK-7991: add pagination params to the RoleResource
2018-08-21 08:19:33 +02:00
rmartinc
1b88eaf817
KEYCLOAK-8080 Audit the realm event configuration change
2018-08-20 21:01:38 +02:00
Corentin Dupont
b80701589c
[KEYCLOAK-7804] - Option to return resource body
2018-08-20 13:07:29 -03:00
Martin Kanis
d04791243c
KEYCLOAK-7970-KEYCLOAK-7222 Add clientId to action tokens
2018-08-20 15:25:24 +02:00
Wolfgang Zenker
c5f861a522
Make cli usable on FreeBSD
2018-08-20 09:08:02 +02:00
Pedro Igor
625f613128
[KEYCLOAK-4902] - Using streams to process requested permissions and limit support for scope responses
2018-08-17 11:00:53 -03:00
stianst
e406e8f1f0
KEYCLOAK-8069 Simplify config for fixed hostname provider
2018-08-17 14:47:14 +02:00
Hynek Mlnarik
645a72482b
KEYCLOAK-8048 Fix testsuite compilation issue
2018-08-14 13:56:45 +02:00
Hiroyuki Wada
730377a843
KEYCLOAK-7528 Set Cache-Control and Pragma header in token endpoint
2018-08-14 11:41:12 +02:00
Stefan Guilhen
f36e45cb10
[KEYCLOAK-4902] - Using streams to process scopes and cache improvements
2018-08-14 06:29:10 -03:00
Steffen Kreutz
ed72097862
KEYCLOAK-5289 Add support for Google's hd parameter
2018-08-14 11:08:57 +02:00
Stefan Guilhen
0b95cdacb8
[KEYCLOAK-7885] Add user policy support to the policy API
2018-08-13 22:09:17 -03:00
vmuzikar
79774d2f07
KEYCLOAK-8035 Fix failing GitLab Social Login test
2018-08-13 08:46:06 -04:00
Sebastian Laskawiec
3449401ae2
KEYCLOAK-7635: Subject DN validation for x509ClientAuthenticator
2018-08-13 09:36:02 +02:00
sebastienblanc
02b2a8aab0
KEYCLOAK-7635 : Authenticate clients with x509 certificate
2018-08-13 09:36:02 +02:00
mposolda
575851d45c
KEYCLOAK-6038 Kerberos cross-realm trust test
2018-08-10 13:31:36 +02:00
Stefan Guilhen
060b3b8d0f
[KEYCLOAK-4902] - Using streams when fetching resources
2018-08-09 16:28:31 -03:00
Pedro Igor
905fd3ae00
[KEYCLOAK-8003] - Migration to 4.2.1 extracting RESOURCE_URIs fails with fine-grained admin permissions
2018-08-08 11:00:25 +02:00
Hynek Mlnarik
fb58214fcc
KEYCLOAK-7994 Move examples to test-apps
2018-08-08 08:55:38 +02:00
Pedro Igor
80e5227bcd
[KEYCLOAK-4902] - Refactoring and improvements to processing of authz requests
2018-08-07 10:53:40 -03:00
vmuzikar
65f51b7b83
KEYCLOAK-6736 Base UI tests for mobile and desktop browsers
2018-08-07 13:53:31 +02:00
mposolda
27719565ae
KEYCLOAK-4298 Migrate LDAP tests to the new testsuite
2018-08-06 12:08:19 +02:00
wyvie
b5d56e2f3b
[KEYCLOAK-7838] made tests ordered so they don't fail because of order
2018-08-03 20:52:54 +02:00
Hynek Mlnarik
f6a4ba98de
KEYCLOAK-7986 Fix realm definition
2018-08-02 15:32:42 +02:00
mposolda
959cd035ba
Set version to 4.3.0.Final-SNAPSHOT
2018-08-01 22:40:05 +02:00
ssilvert@win.redhat.com
e7e15652cf
KEYCLOAK-7479: Sanitize
2018-08-01 14:22:39 -04:00
mposolda
29da7d3d90
KEYCLOAK-7562 Fix ClientInitiatedAccountLinkTest#testErrorConditions
2018-08-01 13:33:23 +02:00
stianst
f99299ee39
KEYCLOAK-7967 Introduce Hostname SPI
2018-08-01 11:57:45 +02:00
Takashi Norimatsu
665bcaebbb
KEYCLOAK-7959 OAuth 2.0 Certificate Bound Access Tokens in Rev Proxy
2018-07-31 21:53:46 +02:00
Hiroyuki Wada
398f7d950f
KEYCLOAK-7910 Store credentials when updating user via Admin REST API
2018-07-31 15:36:21 +02:00
mhajas
9b0930a289
KEYCLOAK-7792 Add tests for fragment in redirect URL
2018-07-31 10:24:58 +02:00
Takashi Mogi
959e7b1b01
KEYCLOAK-7201 OIDC Identity Brokering with Client parameter forward
...
Forward "custom" (non-standard) query parameters to external IDP
2018-07-31 10:18:29 +02:00
ssilvert@win.redhat.com
40cc826586
Fix test side effect.
2018-07-30 13:15:02 -04:00
ssilvert@win.redhat.com
6c593bab5a
Check credential confirmation on server side.
2018-07-30 13:15:02 -04:00
vramik
ecd3fcc0af
KEYCLOAK-7924 Speed-up crossdc tests
...
Co-Authored-By: Hynek Mlnarik <hmlnarik@redhat.com>
2018-07-27 20:53:58 +02:00
vramik
38017d3cec
KEYCLOAK-4407 Ability to restart arquillian containers from test
...
Co-Authored-By: Hynek Mlnarik <hmlnarik@redhat.com>
KEYCLOAK-4407 Fix connection error if underlying container restarts (63b9da857a8174a0b5e65e70c47ef2e2842f4d4e)
2018-07-27 20:53:58 +02:00
Hynek Mlnarik
f43519a16e
KEYCLOAK-6708 Fix NPE when email not set for email NameIDFormat
2018-07-27 11:10:35 +02:00
fisache
771d7f1724
[KEYCLOAK-7872] Fix. Remove Identity Provider Mapper when remove identity provider
2018-07-26 08:45:26 +02:00
ssilvert@win.redhat.com
0844aa8d68
KEYCLOAK-7857: Fix notifications
2018-07-25 08:59:25 -04:00
vramik
9c1a411c6e
KEYCLOAK-7310 Add migration test from 3.4.x to 4.x
2018-07-25 13:48:02 +02:00
vramik
524ab44160
KEYCLOAK-6866 Error 404 after changing locale while authenticating using X.509
2018-07-24 17:24:32 +02:00
mhajas
a6e4f4f9aa
KEYCLOAK-7922 Use Time.currentTimeMillis() instead of System.currentTimeMillis() in PathCache
2018-07-24 08:52:48 -03:00
Daniil Filippov
af72c1374a
KEYCLOAK-7823 Fix HTTP status returned during SPNEGO auth
2018-07-24 10:38:42 +02:00
Hiroyuki Wada
7c0ca9aad2
KEYCLOAK-6313 Add required action's priority for customizing the execution order
2018-07-23 22:21:04 +02:00
Hynek Mlnarik
b43392bac8
KEYCLOAK-6577 KEYCLOAK-5609 Support dot in claim names by escaping with backslash
2018-07-23 14:46:25 +02:00
Peter Zaoral
c4b375c1fc
KEYCLOAK-7802 Fix broken HoKTest
...
Signed-off-by: Peter Zaoral <pzaoral@redhat.com>
2018-07-23 12:30:54 +02:00
Pedro Igor
acc5f5c6d1
[KEYCLOAK-7864] - Authorization claim not set in refresh token when issuing a new refresh token
2018-07-19 09:56:59 -03:00
Pedro Igor
8b6979ac18
[KEYCLOAK-7849] - Improvements to RPT upgrade
2018-07-18 16:40:55 -03:00
Martin Kanis
34407957b9
KEYCLOAK-6314 Internal server error after T&C rejection
2018-07-18 15:05:22 +02:00
vramik
54fcbf12b0
KEYCLOAK-7666 - adapter tests - eap6-fuse6 provider
2018-07-18 13:46:56 +02:00
vramik
8e20986335
KEYCLOAK-7876 Improve stability of fuse7 hawtio test
2018-07-18 10:51:32 +02:00
wyvie
8e221ea597
[KEYCLOAK-7835] BrokerLinkAndTokenExchangeTest turned off
...
Until TOKEN_ECHANGE is enabled (means currently turned off
for prod profile)
2018-07-16 10:27:56 +02:00
mhajas
432ea277a7
KEYCLOAK-7816 Assume preview profile in authz tests
2018-07-13 12:53:46 -03:00
Pedro Igor
90bfa2bff5
[KEYCLOAK-7781] - More validations to authorization requests
2018-07-13 09:18:05 -03:00
stianst
f022bc1269
[KEYCLOAK-5629] Add credential endpoints to account service
2018-07-12 13:00:25 -04:00
mhajas
5aebc74f8c
KEYCLOAK-7269 Setting more uris for Authorization Resource
2018-07-11 17:48:34 -03:00
vmuzikar
0432a566dd
KEYCLOAK-7805 Fix PayPal and Bitbucket Social Login tests
2018-07-11 10:19:24 +02:00
rmartinc
4a82979792
KEYCLOAK-1925: SAML adapter multitenant support
2018-07-10 13:21:11 +02:00
Sebastian Laskawiec
3918dbed59
KEYCLOAK-2886 Turn off clustered tests from IDE
2018-07-10 12:37:21 +02:00
mposolda
d0a824dde4
Updating version to 4.2.0.Final-SNAPSHOT
2018-07-05 07:42:48 -04:00
vmuzikar
64b391cc1b
KEYCLOAK-7761 Fix Instagram Social Login test
2018-07-04 09:00:54 +02:00
ssilvert@win.redhat.com
d55ccf5312
KEYCLOAK-7015: Not allowing two users to have empty string emails addrs.
2018-07-03 11:04:36 -04:00
Pedro Igor
871be4ad87
[KEYCLOAK-7764] - Error when processing resource-less permissions
2018-07-03 10:35:11 -03:00
Pedro Igor
6f3c59e086
[KEYCLOAK-7062] - Groups claim should be optional
2018-07-03 10:03:20 -03:00
vramik
742a280f5d
KEYCLOAK-5556 support for POST for AuthorizationEndpoint
2018-07-03 10:38:10 +02:00
vmuzikar
d99dca2db3
KEYCLOAK-7743 Fix broken X.509 tests
2018-07-02 12:42:50 +02:00
vmuzikar
3355399b4e
KEYCLOAK-7741 Fix broken test modules
2018-06-29 10:17:06 -03:00
Pedro Igor
dcadc61220
[KEYCLOAK-7670] - PEP not returning correct status code when authorization header is not set
2018-06-29 09:39:55 -03:00
stianst
3c5027de3c
KEYCLOAK-7701 Refactor key providers to support additional algorithms
2018-06-29 14:14:25 +02:00
vramik
c97e7e720e
KEYCLOAK-7550 - adapter tests - Fuse7.1 provider
2018-06-28 16:24:02 +02:00
Pedro Igor
f10c47955f
[KEYCLOAK-7427] - Fix to support writing to response when doing programmatic logouts
2018-06-28 11:08:28 -03:00
vramik
591093f867
KEYCLOAK-7730 - revert OSGiApplicationArchiveProcessor moved into fuse app servers
2018-06-28 10:22:25 -03:00
vramik
9039b44f4d
KEYCLOAK-7718 DemoFilterServletAdapterTest test not configured correctly
2018-06-28 09:33:52 -03:00
stianst
5f0c86a49f
KEYCLOAK-6663 Add test to check custom uri scheme in redirect URI
2018-06-28 11:14:05 +02:00
vramik
8ac7bda52c
KEYCLOAK-7589 - adapter tests - Fuse7.0 provider
2018-06-28 08:45:02 +02:00
stianst
0d9ccba566
Some work on deprecated testsuite migration
2018-06-27 08:16:14 +02:00
vramik
39cbf4e9ab
KEYCLOAK-7588 - adapter tests - Fuse6.3 provider
2018-06-26 16:47:01 +02:00
Takashi Norimatsu
2fb022e501
KEYCLOAK-7688 Offline Session Max for Offline Token
2018-06-26 08:25:06 +02:00
vramik
b478472b35
KEYCLOAK-7478 Add key query param to change locale url
2018-06-26 08:19:25 +02:00
vramik
8fdadcc596
KEYCLOAK-7475 adapter tests - add Wildfly10 and Wildfly9 providers
2018-06-25 14:31:11 +02:00
vramik
d9f79fae79
KEYCLOAK-7510 Add Support for server specific ArchiveProcessor
2018-06-22 11:38:57 +02:00
Hynek Mlnarik
530a710dce
KEYCLOAK-7412 Tests for Fuse 7.0
2018-06-22 08:59:44 +02:00
Hynek Mlnarik
6b968796ce
KEYCLOAK-7667 Fix namespace handling when decrypting assertion
2018-06-21 13:09:18 +02:00
Hiroyuki Wada
c2012a595b
KEYCLOAK-7650 Don't display disabled identity providers
2018-06-19 08:55:24 -04:00
vramik
2fcfa5cf71
KEYCLOAK-7094 Support redirect to external logout page for saml filter adapter
2018-06-19 13:23:18 +02:00
stianst
e1a0e581b9
Update to 4.1.0.Final-SNAPSHOT
2018-06-14 14:22:28 +02:00
vramik
ccb09fbf45
KEYCLOAK-7616 fix NPE for UserStorageConsentTest
2018-06-13 15:53:41 +02:00
vramik
5f1f3dff5e
KEYCLOAK-7094 Support redirect to external logout page for elytron adapter
2018-06-13 12:50:38 +02:00
Pedro Igor
dd93de75d9
[KEYCLOAK-7579] - Fixing test to use client scopes instead of old scope param required ( #5259 )
2018-06-12 15:44:03 -03:00
vramik
f19a324030
KEYCLOAK-7587 Some system properties are not included
2018-06-12 11:42:10 +02:00
vramik
9cf965a157
Ignore non-related failing ClientInitiatedAccountLinkTest#testErrorConditions
2018-06-11 13:46:59 +02:00
vramik
9e42be09d7
KEYCLOAK-7517 - adapter tests - EAP6 provider
2018-06-11 13:46:59 +02:00
vramik
a5c0cbc3b4
KEYCLOAK-7473 app-server-eap provider
2018-06-11 13:46:59 +02:00
vramik
bb5dc4c473
KEYCLOAK-6745 Adapter tests - remove abstract adapter test classes
2018-06-11 13:46:59 +02:00
vramik
132386f64d
KEYCLOAK-6541 app server wildfly provider
2018-06-11 13:46:59 +02:00
vramik
b0c89d739b
KEYCLOAK-6541 app server undertow support
2018-06-11 13:46:59 +02:00
vramik
6a07a7ed2c
KEYCLOAK-6541 base changes
2018-06-11 13:46:59 +02:00
Marek Posolda
49407c2e4f
KEYCLOAK-6630 Client scopes initial support ( #5076 )
...
* KEYCLOAK-6630 KEYCLOAK-349 Client Scopes
Co-authored-by: vramik <vramik@redhat.com>
* KEYCLOAK-6630 Change some clientTemplate occurences to clientScope
2018-06-08 15:38:38 +02:00
Pedro Igor
aa128d6c07
Merge pull request #5240 from pedroigor/KEYCLOAK-7353
...
[KEYCLOAK-7353] Support Policy Management in Protection API
2018-06-07 11:05:49 -03:00
Ola Bergefall
c8c76cc03f
KEYCLOAK-7316: Default back to false if isPassive is missing in request.
2018-06-07 08:50:32 +02:00
Federico M. Facca
5a9bfea419
[KEYCLOAK-7353] Support Policy Management in Protection API
...
See https://issues.jboss.org/browse/KEYCLOAK-7353
2018-06-06 19:36:42 -03:00
vramik
dffe70e40a
KEYCLOAK-7518 DeploymentArchiveProcessor assumes that every archive contains jboss-deployment-structure.xml file
2018-06-06 21:15:39 +02:00
Hynek Mlnarik
7ff18ca14b
KEYCLOAK-7331 Fix NPE when SAML Issuer not set in AuthnRequest
2018-06-06 16:21:18 +02:00
Hynek Mlnarik
5a241392cf
KEYCLOAK-7094 Support redirect to external logout page
2018-06-05 14:51:18 +02:00
Takashi Norimatsu
c586c63533
KEYCLOAK-6771 Holder of Key mechanism
...
OAuth 2.0 Mutual TLS Client Authentication and Certificate Bound Access
Tokens
2018-06-05 08:18:29 +02:00
Pedro Igor
f8919f8baa
Merge pull request #5211 from pedroigor/KEYCLOAK-7367
...
[KEYCLOAK-7367] - User-Managed Policy Provider
2018-06-04 09:35:13 -03:00
Pavel Drozd
6c3e6bc90c
KEYCLOAK-7476 - sshLoginTest - changed command result
2018-06-01 10:35:38 +02:00
Jared Blashka
65c39763eb
KEYCLOAK-7356 Code to Token flow fails if initial redirect_uri contains a session_state parameter
2018-05-31 08:53:11 +02:00
Martin Kanis
f429469fc8
KEYCLOAK-5270 Realm cookie path for IE<=11 users ( #5106 )
2018-05-31 08:44:34 +02:00
Takashi Norimatsu
eb97151476
KEYCLOAK-7451 OAuth Authorization Server Metadata for Proof Key for Code Exchange
2018-05-28 22:15:43 +02:00
Pedro Igor
2b6597e9f1
[KEYCLOAK-7367] - User-Managed Policy Provider
2018-05-25 16:18:15 -03:00
Stian Thorgersen
dbf5c395b0
Bump version to 4.0.0.Final ( #5224 )
2018-05-24 19:02:30 +02:00
Pedro Igor
08c22416a2
Merge pull request #5208 from ASzc/KEYCLOAK-7362
...
KEYCLOAK-7362 Disable mvn-golang-wrapper in the product build
2018-05-18 13:51:17 -03:00
Pedro Igor
21d139c6c2
Merge pull request #5173 from pedroigor/KEYCLOAK-7148
...
[KEYCLOAK-7148] - Associate sub resources to a parent resource
2018-05-17 16:51:55 -03:00
vramik
39b6bf62ba
KEYCLOAK-6991 fixed ExportImportTest not to affect other tests (PermissionsTest, RealmTest) on auth-server-undertow
2018-05-17 11:07:29 +02:00
Alex Szczuczko
6a19a8fb7e
KEYCLOAK-7362 Disable mvn-golang-wrapper in the product build
...
com.igormaznitsa:mvn-golang-wrapper is a new plugin used by the testsuite. It
depends on arbitrary internet resources, including github and
storage.googleapis.com. This isn't permissible in a product build, and so PNC
blocks it.
As a short-term solution, I've added a product profile the sets the skip
parameter to true for this plugin. Other approaches, like changing the phase of
the get goals, didn't work.
2018-05-16 16:53:39 -06:00
Bill Burke
e5a6dbd77a
Merge pull request #5192 from ttaylor249/master
...
Force the mvn-golang plugin to use the maven proxy
2018-05-16 09:47:01 -04:00
Pedro Igor
1634bef28a
Merge pull request #5194 from pedroigor/KEYCLOAK-7322
...
[KEYCLOAK-7322] - NPE when removing group from representation
2018-05-15 06:05:54 -03:00
pedroigor
88f21eae87
[KEYCLOAK-7322] - NPW when removing group from representation
2018-05-08 14:03:33 -03:00
Bill Burke
1258923a0d
Merge pull request #5188 from patriot1burke/keycloak-7304
...
KEYCLOAK-7304
2018-05-08 07:31:05 -04:00
mhajas
3ced81a2c2
KEYCLOAK-7315 Fix issues in JavascriptAdapter tests ( #5193 )
...
more in issue KEYCLOAK-7315
2018-05-07 14:47:56 -04:00
Tim Taylor
49a03a86fb
Force the mvn-golang plugin to use the maven proxy
2018-05-04 15:31:49 -04:00
Pedro Igor
e84acd9898
Merge pull request #5177 from pedroigor/KEYCLOAK-7206
...
[KEYCLOAK-7206] - Search by user id on admin console
2018-05-04 09:11:49 -03:00
Bill Burke
fdc6fc59b8
KEYCLOAK-7304
2018-05-03 12:14:30 -04:00
pedroigor
7ebcc69cb9
[KEYCLOAK-7148] - Associate sub resources to a parent resource
2018-05-02 13:04:11 -03:00
Stian Thorgersen
90e5c7f3eb
Bump version to 4.0.0.Beta3-SNAPSHOT ( #5185 )
2018-05-02 14:32:20 +02:00
Martin Kanis
9505925363
Revert "KEYCLOAK-5270 Realm cookie path for IE<=11 users ( #5106 )" ( #5183 )
...
This reverts commit a67da7bc59
2018-05-02 09:31:42 +02:00
mhajas
6e123bcea2
KEYCLOAK-6847 Fix OIDC adapter tests
2018-05-02 09:28:26 +02:00
pedroigor
ddceaaf3d5
[KEYCLOAK-7206] - Search by user id on admin console
2018-04-30 11:44:33 -03:00
vmuzikar
5ec50461ee
KEYCLOAK-7101 Fix DockerClientTest
2018-04-27 15:02:10 +02:00
Pedro Igor
e960642399
Merge pull request #5144 from pedroigor/KEYCLOAK-4903
...
[KEYCLOAK-4903] - Pushed Claims
2018-04-26 15:59:13 -03:00
pedroigor
035ebc881a
[KEYCLOAK-4903] - Claim Information point Provider SPI and configuration
2018-04-25 10:16:41 -03:00
vramik
8b5fd2b4ac
KEYCLOAK-7091 fuse7 testsuite
2018-04-25 14:35:56 +02:00
pedroigor
e813fcd9c8
[KEYCLOAK-4903] - Pushing claims when obtaining a permission ticket
2018-04-24 19:47:28 -03:00
mposolda
634e7170e3
KEYCLOAK-7158 RestartLoginCookie throws error when KC_RESTART cookie created by Keycloak 1.9
2018-04-23 21:56:13 +02:00
Stan Silvert
b6a0303a4c
KEYCLOAK-7196: Add kc_locale to keycloak.js ( #5165 )
...
* KEYCLOAK-7196: Add kc_locale to keycloak.js
* Update keycloak.d.ts
2018-04-23 11:45:32 -04:00
pedroigor
c3d297dd05
[KEYCLOAK-7162] - Expose WWW-Authenticate Header when using CORS
2018-04-23 08:46:54 +02:00
mhajas
a1e7351072
KEYCLOAK-6815 Use htmlunit as default browser for adapter tests
2018-04-19 15:01:14 +02:00
Martin Kanis
7efa45126c
KEYCLOAK-6991 NPE when importing realm from file
2018-04-19 14:26:50 +02:00
wyvie
4ddff9ee16
[KEYCLOAK-7017] fixed ActionTokenCrossDCTest failures
...
Test was failing because of change of login page design. Element which
contained title headers was moved from header title to another element.
Was not fixed upon initial commit (ca15db) because test's only turned on
by profile.
2018-04-17 16:14:10 +02:00
Vlastimil Eliáš
c1311e4619
KEYCLOAK-6849 - LinkedIn social login provider updated to new LinkedIn OAuth2 endpoint ( #5125 )
...
* KEYCLOAK-6849 - LinkedIn social login provider updated to new LinkedIn
OAuth2 endpoint
* KEYCLOAK-6849 - LinkedIn social login provider test updated
* KEYCLOAK-6849 - LinkedIn social login provider test updated to
conditionally handle consent page when shown only
* Simplify the LinkedIn app authorization
This reverts commit c12359e7a13d9ff231fe2e25cddba66ad679a9cd.
2018-04-13 08:09:27 +02:00
vramik
9a94004fc9
KEYCLOAK-7137 Polish testsuite a bit
2018-04-12 16:46:59 +02:00
mhajas
b78f0aa9db
KEYCLOAK-6806 Wait for query error to appear in query response mode test ( #5130 )
2018-04-10 09:58:23 +02:00
Hugo Guerrero
fac3118b0a
KEYCLOAK-6448 - implement instagram social broker ( #4963 )
...
* KEYCLOAK-6448 - implement instagram social broker
* Instagram SocialLogin Tests
2018-04-09 17:30:27 +02:00
Martin Kanis
a67da7bc59
KEYCLOAK-5270 Realm cookie path for IE<=11 users ( #5106 )
2018-04-06 09:26:29 +02:00
wyvie
943bd9e48e
[KEYCLOAK-6808] fix for the WildflyConsoleProtectionTest
...
Access Control is not an 'a' tag, but rather 'span'
Also two tests do not behave correctly with a same
Before annotated initialization, so reduce number
of tests to one, which calls the other one
2018-04-06 07:28:29 +02:00
Pedro Igor
e1f5245145
Merge pull request #5120 from pedroigor/KEYCLOAK-7029
...
[KEYCLOAK-7029] - Configuration of cache policies for cached resources/path
2018-04-05 09:33:23 -03:00
wyvie
b3513e3203
[KEYCLOAK-6872] fixed account link test
2018-04-05 10:53:00 +02:00
Bill Burke
ffd9d957f4
Merge pull request #5123 from patriot1burke/kcadm-token
...
KEYCLOAK-7044 KEYCLOAK-7046
2018-04-04 17:22:17 -04:00
Stefan Guilhen
87abe5e648
[KEYCLOAK-6853] Make TimePolicyProvider use the kc.date.time_date contextual attribute when evaluating policies
2018-04-04 14:37:03 -03:00
mhajas
b3b81d6a76
KEYCLOAK-6806 timeSkew tolerance in tests ( #5110 )
2018-04-04 11:19:18 +02:00
Bill Burke
8a5428808e
KEYCLOAK-7044 KEYCLOAK-7046
2018-04-03 21:29:31 -04:00
pedroigor
a939c45d58
[KEYCLOAK-7029] - Configuration of cache policies for cached resources/path
2018-04-03 16:44:27 -03:00
Bill Burke
0b2fe75828
Merge pull request #5115 from patriot1burke/kcinit-browser
...
KEYCLOAK-7004 KEYCLOAK-7003 KEYCLOAK-6999 KEYCLOAK-7033
2018-04-03 10:31:30 -04:00
pedroigor
5c52da80c6
[KEYCLOAK-7028] - Propagating AuthorizationContext when enforcement-mode is disable for a path
2018-04-02 11:10:43 -03:00
Bill Burke
04a72b9608
bump kcinit version tag
2018-03-31 22:34:37 -04:00
Bill Burke
4078e84fb6
server driven success page
2018-03-31 10:16:44 -04:00
Bill Burke
06f32a47ec
fake browser tests
2018-03-30 08:24:30 -04:00
Bill Burke
f4a5e49b63
initial
2018-03-29 17:14:36 -04:00
Pedro Igor
5cae1bb134
Merge pull request #5093 from pedroigor/KEYCLOAK-4102
...
[KEYCLOAK-4102] - Support lazy load paths
2018-03-29 09:16:34 -03:00
Bill Burke
8d3dc790df
Merge pull request #5087 from patriot1burke/kcinit
...
KEYCLOAK-6813
2018-03-28 17:35:33 -04:00
Bill Burke
f5bacb79c1
review changes
2018-03-28 16:45:52 -04:00
pedroigor
4a425c2674
[KEYCLOAK-4102] - Support lazy loading of paths via policy enforcer config
2018-03-28 09:23:59 -03:00
Bill Burke
c38b6d585e
KEYCLOAK-528 ( #5103 )
2018-03-28 11:15:37 +02:00
Bill Burke
ad5f3fefc5
Merge remote-tracking branch 'upstream/master' into kcinit
2018-03-27 16:38:35 -04:00
Pedro Igor
ffeb0420bf
Merge pull request #5079 from pedroigor/KEYCLOAK-6529
...
[KEYCLOAK-6529] - Resource Attributes
2018-03-27 09:30:38 -03:00
mhajas
a63bb44ba2
KEYCLOAK-3164 Migrate SAML ECP tests to integration-arquillian
2018-03-27 12:07:07 +02:00
stianst
07fea02146
Bump versions to 4.0.0.Beta2-SNAPSHOT
2018-03-26 18:17:38 +02:00
Pavel Drozd
92aba77cc1
Merge pull request #5094 from vmuzikar/fix-stackoverflow
...
KEYCLOAK-6510 Fix StackOverflow social login test
2018-03-26 08:22:32 +02:00
Bill Burke
67229912e6
use kcinit branch
2018-03-21 13:38:40 -04:00
Bill Burke
39f93dfa33
fix providers test
2018-03-21 10:01:40 -04:00
June Zhang
ca15db81bb
KEYCLOAK-6262 Incorporate new visual design from PatternFly ( #4983 )
...
* KEYCLOAK-6262 Incorporate new visual design from PatternFly
Update the username or email
Fix narrow/wide in template.ftl
minor style update
Add the Realm HTML name and image
Config OTP and Update Password
Not display the locale selector if there is less than 1 locale.
Fix margins/paddings on config otp screens
Fix title
Upgraded to PatternFly 3.41.6
Added RCUE and updated RH-SSO login theme
Refine the RCUE padding issue
Fix tests
Fix Keycloak background
Fix
* fix the overflowing issue
* Fix Console UI Tests to reflect the new login page
* Fix the different style of the IdP buttons
Fix the IE placeholder issue - add label
* Removed placeholder on login and reset pass. Fixed Keycloak background on wide screens.
* fixed the stackoverflow issues
fixed the width in the tablets
2018-03-21 10:47:33 +01:00
Bill Burke
f000cedcbb
Merge remote-tracking branch 'upstream/master' into kcinit
2018-03-20 16:49:43 -04:00
Bill Burke
681e3d751e
golang integration
2018-03-20 16:42:35 -04:00
Bill Burke
8926837a3e
tests
2018-03-19 16:47:13 -04:00
Stefan Guilhen
35b9fe043c
[KEYCLOAK-6543] Remove the authz examples from the Keycloak codebase.
2018-03-19 17:00:02 -03:00
Áron Bustya
82ba2b1b0d
remove changes from standard OIDC client registration, move constants
2018-03-19 19:31:22 +01:00
Áron Bustya
57f57f5c75
set request object mandatory for client, restrict delivery mode
...
handle new attribute in client representation
add to UI
2018-03-19 19:31:22 +01:00
pedroigor
08896ee9c9
[KEYCLOAK-6529] - Resource Attributes
2018-03-19 13:21:39 -03:00
Pedro Igor
917ba90f2c
Merge pull request #5077 from pedroigor/KEYCLOAK-6628
...
[KEYCLOAK-6628] - Expose methods to query roles, groups, and attributes of users in Evaluation API
2018-03-19 08:54:12 -03:00
Bill Burke
4bba11cd94
kcinit
2018-03-16 12:11:57 -04:00
mhajas
3826f6fae2
KEYCLOAK-3161 KEYCLOAK-3165 Migrate SAML tests from old testsuite to integration-arquillian
2018-03-15 18:15:44 +01:00
pedroigor
711bf244ed
[KEYCLOAK-6628] - Expose methods to query roles, groups, and attributes of users in Evaluation API
2018-03-15 14:02:15 -03:00
Douglas Palmer
fed1b62c5d
[KEYCLOAK-6301] Remove service account when it is disabled from the client
2018-03-14 15:09:42 +01:00
Takashi Norimatsu
e72756d01a
KEYCLOAK-6700 Financial API Read and Write API Security Profile : state hash value (s_hash) to protect state parameter
2018-03-13 16:40:34 +01:00
Pedro Igor
871ecf83fb
Merge pull request #5071 from vramik/KEYCLOAK-6644-stabilize-PhotozExampleAdapterTest
...
KEYCLOAK-6644 PhotozExampleAdapterTest is not stable
2018-03-13 09:03:57 -03:00
vmuzikar
daaa35bc37
KEYCLOAK-6831 Fix Microsoft Social Login test
2018-03-13 10:19:27 +01:00
vramik
9d10ccef70
KEYCLOAK-6644 PhotozExampleAdapterTest is not stable
2018-03-13 09:53:17 +01:00
Pedro Igor
2aa71d1737
Merge pull request #5051 from pedroigor/KEYCLOAK-6787
...
[KEYCLOAK-6787] - Wrong validation of resources with same name and different owners
2018-03-12 11:41:49 -03:00
Pedro Igor
b9b1102b74
Merge pull request #5004 from pedroigor/KEYCLOAK-6623
...
[KEYCLOAK-6623] - Policy enforcer gets confused with similar paths ending with wildcards
2018-03-12 09:59:05 -03:00
Pedro Igor
f824582aac
Merge pull request #5009 from pedroigor/KEYCLOAK-6116
...
[KEYCLOAK-6116] - Get email attribute from 'subject alternative name' using X509 certificate
2018-03-12 09:58:02 -03:00
pedroigor
199f289ee3
[KEYCLOAK-6623] - Adding test
2018-03-09 16:39:33 -03:00
Hynek Mlnarik
190771ddf1
KEYCLOAK-6783 Add authentication into cross-dc testing
2018-03-09 15:08:55 +01:00
pedroigor
62b70b561e
[KEYCLOAK-6116] - Removing references to phantomjs.cli.args
2018-03-09 10:56:35 -03:00
pedroigor
1f13427dee
[KEYCLOAK-6116] - Enabling tests for both jboss servers
2018-03-09 10:56:35 -03:00
pedroigor
6aee573e2e
[KEYCLOAK-6116] - Tests for X509 Subject Alternative Name Extension
2018-03-09 10:56:35 -03:00
vmuzikar
d66c33a8b9
KEYCLOAK-6793 Support custom Chrome binary in Arquillian testsuite
2018-03-07 10:38:12 +01:00
wyvie
c27ffbda8b
[KEYCLOAK-6643] server version now retreived from server info web page
2018-03-06 10:49:09 +01:00
vmuzikar
502fc62967
KEYCLOAK-6797 Fix Social Login test
2018-03-06 10:19:10 +01:00
Bill Burke
4b6b45cf43
KEYCLOAK-6026
2018-03-05 11:57:05 -05:00
Pedro Igor
1b06194455
Merge pull request #5050 from TeliaSoneraNorge/KEYCLOAK-6659
...
Add pairwise sub support to authorization services
2018-03-02 14:44:28 -03:00
Martin Hardselius
8549bd70b7
Add pairwise sub support to authorization services
...
Identity token verification will now fetch the user from the session
state instead of relying on the sub provided in the token. Also done in
KeycloakIdentity.
Resolves: KEYCLOAK-6659
2018-03-02 13:08:27 +01:00
vramik
569f26776e
KEYCLOAK-5060 KEYCLOAK-3157 migrated Adapter package from old testsuite
2018-03-02 10:56:26 +01:00
pedroigor
1e1de85685
[KEYCLOAK-6787] - Wrong validation of resources with same name and different owners
2018-03-01 16:50:05 -03:00
pedroigor
b0200d462d
[KEYCLOAK-6621] - Removing unnecessary code to process scopes from typed resources
2018-02-28 16:33:45 -03:00
vmuzikar
028e78f46b
KEYCLOAK-6772 Fix SessionsPreloadCrossDCTest
2018-02-28 20:14:50 +01:00
Hynek Mlnarik
9ca7b22cec
KEYCLOAK-6777 Fix AccountPageTest
2018-02-28 16:28:48 +01:00
Hynek Mlnarik
1b45ab2601
KEYCLOAK-6773 XML vulnerability test
2018-02-28 15:05:07 +01:00
Pedro Igor
91bdc4bde2
[KEYCLOAK-3169] - UMA 2.0 ( #4368 )
...
* [KEYCLOAK-3169] - UMA 2.0 Support
* [KEYCLOAK-3169] - Changes to account service and more tests
* [KEYCLOAK-3169] - Code cleanup and tests
* [KEYCLOAK-3169] - Changes to account service and tests
* [KEYCLOAK-3169] - Changes to account service and tests
* [KEYCLOAK-3169] - More tests
* [KEYCLOAK-3169] - Changes to adapter configuration
* [KEYCLOAK-3169] - Reviewing UMA specs and more tests
* [KEYCLOAK-3169] - Reviewing UMA specs and more tests
* [KEYCLOAK-3169] - Changes to UMA Grant Type and refactoring
* [KEYCLOAK-3169] - Refresh tokens for RPT responses and tests
* [KEYCLOAK-3169] - Changes to account my resources and policy enforcers
* [KEYCLOAK-3169] - Realm settings flag to enable/disable user-managed access in account mgmt console
* [KEYCLOAK-3169] - More changes to my resource pages in account mgmt console
* [KEYCLOAK-3169] - Need to enable user-managed on realm to run tests
* [KEYCLOAK-3169] - Removing more UMA 1.0 related code
* [KEYCLOAK-3169] - Only submit requests if ticket exists
* [KEYCLOAK-3169] - Returning UMA 401 response when not authenticated
* [KEYCLOAK-3169] - Removing unused code
* [KEYCLOAK-3169] - Removing unused code
* [KEYCLOAK-3169] - 403 response in case ticket is not created
* [KEYCLOAK-3169] - Fixing AbstractPhotozExampleAdapterTest#testClientRoleRepresentingUserConsent
* [KEYCLOAK-3169] - 403 status code only returned for non-bearer clients
2018-02-28 08:53:10 +01:00
mhajas
e52380915b
KEYCLOAK-4817 Fix instability
2018-02-27 14:35:52 +01:00
vmuzikar
08bf19d4aa
KEYCLOAK-6694 Revamp OpenShift Social Login test
2018-02-27 12:28:42 +01:00
Hynek Mlnarik
1f20c03afa
KEYCLOAK-6470 Refactor SAML adapter parsers
2018-02-27 09:37:29 +01:00
vmuzikar
d70e4740fc
KEYCLOAK-6693 Support external truststore in testsuite
2018-02-27 07:45:21 +01:00
Bill Burke
aa089980ce
Merge pull request #4942 from mstruk/KEYCLOAK-5807
...
KEYCLOAK-5807 Intermittent failures in UserStorageTest
2018-02-26 12:14:38 -05:00
mhajas
fe1c447d9a
KEYCLOAK-6546 Run filter test on WebLogic and WebSphere
2018-02-26 15:47:13 +01:00
Hynek Mlnarik
bde9210fa3
KEYCLOAK-6692 Fix LogoutTest on Oracle
2018-02-26 15:45:55 +01:00
mhajas
e2ad59a74d
KEYCLOAK-4816 KEYCLOAK-4817 Move javascript tests to base testsuite and ( #4964 )
...
* KEYCLOAK-4816 KEYCLOAK-4817 Move javascript tests to base testsuite and
use JavascriptExecutor
* Use PhantomJS 2.1.1 instead of 1.9.8 in Travis CI
2018-02-26 10:49:05 +01:00
Hynek Mlnarik
e7cdb8ad54
KEYCLOAK-6473 KEYCLOAK-6472 SAML parser refactor + protocol parsers
2018-02-23 08:16:14 +01:00
pedroigor
8112c5d3f2
[KEYCLOAK-6492] - Migrate authorization package from old testsuite
2018-02-22 09:05:40 +01:00
Erlend Hamnaberg
208ecbc3f7
KEYCLOAK-6676: Fix NPE if the redirect_uri parameter is missing
2018-02-21 19:44:22 +01:00
pedroigor
61d5425fdf
[KEYCLOAK-6321] - Tests
2018-02-21 19:41:44 +01:00
Bruno Oliveira
f351db608e
[KEYCLOAK-6334] Minor typo: "read only" should be "read-only"
2018-02-20 20:18:16 +01:00
mposolda
fc463ae50b
KEYCLOAK-6617 Offline token logout did not invalidate user session
2018-02-19 08:49:05 +01:00
cgol
86a8addf49
KEYCLOAK-6615 Remove offline session from database on offline token logout
...
remove offline token from database on offline session logout
2018-02-19 08:49:05 +01:00
stianst
9b63cd35f0
KEYCLOAK-6431
2018-02-13 19:38:46 +01:00
Bill Burke
5d5373454c
Merge pull request #4991 from patriot1burke/challenge-support
...
KEYCLOAK-6355
2018-02-13 09:38:45 -05:00
Bill Burke
d6788a0839
finish
2018-02-10 13:38:39 -05:00
mhajas
2b65adc15f
KEYCLOAK-6309 Fix tests
...
Add trustore to war even if ssl is not enabled because HttpClient is configured with truststore
2018-02-09 10:24:58 +01:00
Bruno Oliveira
b91998a0d8
[KEYCLOAK-6111] 'Override User-Initiated Action Lifespan' admin GUI can break realm configuration
2018-02-09 06:36:23 -02:00
stianst
505cf5b251
KEYCLOAK-6519 Theme resource provider
2018-02-09 08:28:59 +01:00
Hynek Mlnarik
c07b60d527
KEYCLOAK-6474 Fix NPE on SAML logout
2018-02-07 08:05:36 +01:00
Douglas Palmer
fc52ff65bd
[KEYCLOAK-6518] Added explicit guava dependency instead of relying on transitive dependency.
2018-02-06 10:52:48 +01:00
Hynek Mlnarik
b3766576d7
KEYCLOAK-6146 Simplify test via RealmCreator
2018-02-06 09:28:07 +01:00
vmuzikar
c8c86d2bad
KEYCLOAK-6510 Fix StackOverflow social login test
2018-02-05 17:16:33 +01:00
Marko Strukelj
62a9d4ea91
KEYCLOAK-5807 Under daily eviction policy user entries not returned from cache when they should
2018-02-02 19:27:23 +01:00
vmuzikar
340afb2a50
KEYCLOAK-6450 Stabilize WelcomePageTest
2018-02-02 13:08:52 +01:00
vmuzikar
46ebff2163
KEYCLOAK-6331 Fix and stabilize Console UI tests
2018-02-02 11:58:47 +01:00
Pavel Drozd
9382439a05
Merge pull request #4944 from mhajas/KEYCLOAK-4751
...
KEYCLOAK-4751 Fix tests on EAP6 and add test for EAP7
2018-02-02 11:13:07 +01:00
vramik
019c3c9ef9
KEYCLOAK-6146 realm import fails when password policy is specified
2018-02-02 08:30:06 +01:00
Thomas Darimont
77334af34e
KEYCLOAK-6222 Check syntax for errors on ScriptBasedOIDCProtocolMapper validation
...
We now explicitly check for syntax errors
during validation of ScriptBasedOIDCProtocolMappers.
2018-02-02 08:28:27 +01:00
Bill Burke
8f09efab9d
Merge pull request #4949 from patriot1burke/client-storage-spi
...
KEYCLOAK-6228
2018-02-01 08:59:02 -05:00
mhajas
c34db4cf01
KEYCLOAK-6309 Configure HTTPClient in keycloak-saml.xml
2018-02-01 09:59:08 +01:00
Bill Burke
126dd70efc
client stat improvement
2018-01-31 13:05:13 -05:00
Vlastimil Elias
a5f675d693
KEYCLOAK-4937 - convert time units in emails into human-friendly format
2018-01-30 06:38:57 +01:00
Bill Burke
4a044fe867
add ofline token test
2018-01-29 17:08:13 -05:00
Bill Burke
0fc7fa557d
fix caching
2018-01-29 16:26:51 -05:00
Bill Burke
79f9de9de4
Merge remote-tracking branch 'upstream/master' into client-storage-spi
2018-01-29 12:28:26 -05:00
Bill Burke
4bf23cc83a
caching
2018-01-29 12:28:17 -05:00
mhajas
2a2f255640
KEYCLOAK-4793 Fix authorization services maven scanner properties in base testsuite for product
2018-01-29 09:18:20 +01:00
Bill Burke
1d8e38f0c6
admin console
2018-01-27 13:05:02 -05:00
Bill Burke
dd4c0d448c
Merge remote-tracking branch 'upstream/master' into client-storage-spi
2018-01-27 09:47:41 -05:00
Bill Burke
6b84b9b4b6
done 1st iteration
2018-01-27 09:47:16 -05:00
mhajas
8ac7d1deca
KEYCLOAK-4751 Fix tests on EAP6 and add test for EAP7
2018-01-26 11:25:33 +01:00
Takashi Norimatsu
502627f590
KEYCLOAK-5811 Client Authentication by JWS Client Assertion in client secret
2018-01-26 10:59:40 +01:00
vmuzikar
806b554fb2
Social login test for GitHub with private email
2018-01-25 20:56:24 +01:00
vramik
b0fbe5c8ba
KEYCLOAK-6300 List of group members is not sorted alphabetically
2018-01-25 20:21:03 +01:00
Bill Burke
7c66f76858
Merge pull request #4932 from patriot1burke/per-client-flow
...
KEYCLOAK-6335
2018-01-25 09:55:11 -05:00
Douglas Palmer
42759be6ff
[KEYCLOAK-6143] Remove Hmac prefix from algorithms in the OTP manual config pages
2018-01-25 07:10:30 +01:00
Douglas Palmer
0f1644e612
[KEYCLOAK-6142] Updated OTP manual config pages to reflect HOTP
2018-01-25 07:09:24 +01:00
Bill Burke
4bfb62d7f4
marek suggested fixes
2018-01-24 09:32:38 -05:00
mposolda
6369c26671
KEYCLOAK-6286 Adding 'Exclude Session State From Authentication Response' switch to fix backwards compatibility with Keycloak 2.X adapters
2018-01-24 11:35:13 +01:00
Thomas Recloux
71e0b00600
KEYCLOAK-5857 Supports PBKDF2 hashes with different key size
...
The original use case is to support imported credentials with a different key size without
implementing a totally new PasswordHashProvider
2018-01-24 09:02:37 +01:00
Bill Burke
be65c14a6a
fix provider test
2018-01-23 13:03:45 -05:00
Bill Burke
7b2e72d395
Merge remote-tracking branch 'upstream/master' into per-client-flow
2018-01-23 12:10:11 -05:00
Bill Burke
a9297df89c
KEYCLOAK-6335
2018-01-23 12:09:49 -05:00
Hynek Mlnarik
4ba72e2d2d
KEYCLOAK-5976 Fix client setting in brokered IdP-initiated scenario
2018-01-23 09:34:11 +01:00
stianst
f762173eb0
KEYCLOAK-3370 Add option to override theme in client template and client
2018-01-18 09:14:13 +01:00
Thomas Darimont
bae4d4c673
KEYCLOAK-5791 Allow multi-valued ScriptBasedOIDCProtocolMapper
...
We now support multi-valued attribute values for the
`ScriptBasedOIDCProtocolMapper`.
Previously the `ScriptBasedOIDCProtocolMapper` only supported
single valued output. If a script returned a list of
output values then only the first value was emitted to the token.
By default multi-valued is set to `false` / `off`.
2018-01-11 08:52:24 +01:00
mhajas
a77be7eb7b
KEYCLOAK-5503 Remove redirecting to error page for AutodetectBearerOnly client
2018-01-09 16:34:18 +01:00
Hynek Mlnarik
b5fc6045fd
KEYCLOAK-6106 Put dotless ids first in identity broker state
2018-01-02 21:31:49 +01:00
stianst
d8c0cc447f
KEYCLOAK-6090 Add missing cors headers with invalid username/password and resource owner grant
2018-01-02 15:15:15 +01:00
stianst
0bedbb4dd3
Bump version to 4.0.0.CR1-SNAPSHOT
2017-12-21 15:06:00 +01:00
Marko Strukelj
23d0afbfd8
KEYCLOAK-6058 Partial import should ignore built-in clients
2017-12-21 13:52:58 +01:00
stianst
f0c5752ef9
KEYCLOAK-5443 Fix update user account when both email as username and edit username are enabled
2017-12-20 14:40:03 +01:00
Martin Kanis
351dbffaf2
KEYCLOAK-5172 Set oidc as default protocol to clients
2017-12-20 13:38:12 +01:00
Bruno Oliveira
811cd3a04a
KEYCLOAK-6011
2017-12-20 13:37:11 +01:00
stianst
e96c6a4bcb
KEYCLOAK-6068 Fix preflight request on admin endpoints
2017-12-20 10:19:34 +01:00
mposolda
5a66f577eb
KEYCLOAK-5982 Fix NPEs when client 'account' was renamed/removed
2017-12-18 21:47:17 +01:00
stianst
27b5e1aae2
KEYCLOAK-6050 Fix export doesn't export internal realm rep
2017-12-18 13:15:42 +01:00
stianst
b303acaaba
KEYCLOAK-2120 Added manual setup page for OTP
2017-12-18 11:20:20 +01:00
Bill Burke
b5ae7e836d
smaller times
2017-12-16 13:18:41 -05:00
Bill Burke
a27097e9ef
reset defaults
2017-12-16 11:28:15 -05:00
Bill Burke
003f27e9bd
fix more
2017-12-16 08:31:33 -05:00
Bill Burke
76cccc3f2b
fix more
2017-12-16 08:29:58 -05:00
Bill Burke
80be4c9dbc
fix more
2017-12-16 07:12:32 -05:00
Bill Burke
1eec2747ef
fix stupidity
2017-12-15 15:31:14 -05:00
Bill Burke
7cb39c2dfc
KEYCLOAK-5420
2017-12-15 12:16:24 -05:00
Pavel Drozd
1b14f9e73e
Merge pull request #4847 from vramik/KEYCLOAK-4793
...
KEYCLOAK-4793 moved profile a lever lower due to migration test
2017-12-15 14:52:04 +01:00
stianst
a8943fb323
KEYCLOAK-6043 Use same urls for get and posts in account
2017-12-15 08:31:04 +01:00
Bruno Oliveira
1a541889f4
[KEYCLOAK-6015] replyTo can be empty string in DB
2017-12-15 07:01:15 +01:00
stianst
b672229efc
KEYCLOAK-6032 Fix error page when internationalization is enabled
2017-12-15 06:32:00 +01:00
vramik
abea430802
KEYCLOAK-4793
2017-12-14 11:30:28 +01:00
Hynek Mlnarik
2a2e6c839b
KEYCLOAK-5635
2017-12-13 21:07:46 +01:00
stianst
f939818252
KEYCLOAK-5907 Use client manager to delete clients in client registration services
2017-12-12 14:25:05 +01:00
mposolda
b8416dfa3e
KEYCLOAK-5981 Test Impersonation works when authenticationSession exists
2017-12-12 09:43:34 +01:00
mposolda
63efee6e15
KEYCLOAK-5938 Authentication sessions: Support for logins of multiple tabs of same client
2017-12-12 08:01:02 +01:00
Pavel Drozd
047fdb55a2
Merge pull request #4803 from mhajas/KEYCLOAK-5896
...
KEYCLOAK-5896 Run localization test only in community
2017-12-12 00:09:02 +01:00
Pavel Drozd
be36f5358c
Merge pull request #4802 from mhajas/KEYCLOAK-5986
...
KEYCLOAK-5986 Fix token javacsript tests
2017-12-12 00:07:16 +01:00
stianst
dac6c6bd7e
KEYCLOAK-6000 Fix output in execute actions email
2017-12-11 14:24:37 +01:00
Bill Burke
c9b218db71
Merge pull request #4823 from patriot1burke/master
...
KEYCLOAK-5724
2017-12-08 20:03:05 -05:00
Bill Burke
7c031505e2
add test
2017-12-08 17:38:00 -05:00
Hynek Mlnarik
00fb36437d
KEYCLOAK-5861 Remove AUTH_SESSION_ID when END_AFTER_REQUIRED_ACTIONS set
2017-12-08 09:52:14 +01:00
Hynek Mlnarik
4a012b73ea
KEYCLOAK-4998 Fix NPE in AttributeToRoleMapper
2017-12-08 09:21:21 +01:00
Pavel Drozd
e567dcb888
Merge pull request #4809 from vramik/KEYCLOAK-4641
...
KEYCLOAK-4641 migrate remaining Adapter tests from old testsuite
2017-12-07 11:06:47 +01:00
stianst
c055ffb083
KEYCLOAK-4215 Consider session expiration when setting token timeouts
2017-12-07 10:45:02 +01:00
stianst
cccddebfd0
KEYCLOAK-5984 Fix error message in client initiated
2017-12-06 19:46:11 +01:00
vramik
5a8ff72cb6
KEYCLOAK-4641 migrate remaining Adapter tests from old testsuite
2017-12-06 15:12:37 +01:00
mposolda
8a0fa521c4
KEYCLOAK-5915 Support for sticky sessions managed by loadbalancer. Support for KeyAffinityService
2017-12-06 13:06:54 +01:00
mhajas
09348b2aff
KEYCLOAK-5896 Run localization test only in community
2017-12-06 10:09:46 +01:00
mhajas
896e216f99
KEYCLOAK-5986 Fix token javacsript tests
2017-12-06 10:08:32 +01:00
mposolda
6c34b4c418
KEYCLOAK-5914 Periodic clean of detached client sessions
2017-12-05 08:25:30 +01:00
stianst
c3d9f4704e
KEYCLOAK-5946 Make sure wildcard origin is never returned
2017-12-04 19:55:34 +01:00
stianst
4541acc628
KEYCLOAK-5176 Strip headers from PEM when uploading to client
2017-12-04 19:54:15 +01:00
mposolda
ff6fcd30d9
KEYCLOAK-4478 OIDC auth response lacks session_state in some cases
2017-12-04 16:13:22 +01:00
stianst
37de8e9f69
Bump version to 3.4.2.Final-SNAPSHOT
2017-12-01 09:34:48 +01:00
mposolda
7b03eed9c8
KEYCLOAK-5797 Refactoring authenticationSessions to support login in multiple browser tabs with different clients
2017-11-30 12:56:45 +01:00
Peter Nalyvayko
b8e5fd2b99
KC-4335: working on adding a reverse proxy support to allow X.509 client certificate authentication when running keycloak behind a reverse proxy
...
KC-4335: reverse proxy => a swtich to change a type of reverse proxy when running the X509 integration tests; changes to the names of the reverse proxy providers
KC-4335: updated the migration scripts to add x509 spi to standalone and domain configurations; removed the HAproxy and apache x509 spi configuration
2017-11-30 11:00:32 +01:00
pedroigor
674fb31a2c
[KEYCLOAK-5660] - Rest API User count returns wrong value
2017-11-30 10:45:54 +01:00
Bruno Oliveira
6a528a3ee6
[KEYCLOAK-2645] Reset password page says 'You need to change your password to activate your account.'
2017-11-30 10:37:21 +01:00
stianst
2be78a0239
KEYCLOAK-5924 Add error handler for uncaught errors
2017-11-30 10:33:13 +01:00
Pavel Drozd
4408cdb5c7
Merge pull request #4756 from tkyjovsk/KEYCLOAK-5922
...
KEYCLOAK-5922 Cluster tests don't work with non-undertow server
2017-11-30 09:24:39 +01:00
Bruno Oliveira
af66c5dbd2
[KEYCLOAK-5483] X.509 Auth - log in attempt is not sometimes logged in the Login Events
2017-11-29 20:08:22 +01:00
Tomas Kyjovsky
4240295af9
KEYCLOAK-5922 Cluster tests don't work with non-undertow server
2017-11-28 17:35:13 +01:00
Bill Burke
0a8995efc7
Merge pull request #4747 from mstruk/KEYCLOAK-5741
...
KEYCLOAK-5741 [Admin CLI] Fix instructions in build-in help
2017-11-28 08:57:29 -05:00
Bill Burke
c398f6619f
Merge pull request #4748 from mstruk/KEYCLOAK-5762
...
KEYCLOAK-5762 [Client Registration CLI] Fix instructions in built-in help
2017-11-28 08:57:15 -05:00
Stian Thorgersen
cf485c3fc9
KEYCLOAK-5308 Fix updating protocol mappers on Oracle
2017-11-27 19:46:12 +01:00
Stian Thorgersen
5666bfe88b
KEYCLOAK-4962 Fix updating mappers for identity providers on Oracle
2017-11-27 19:46:12 +01:00
Marko Strukelj
c35c6e6ab7
KEYCLOAK-5762 [Client Registration CLI] Fix instructions in built-in help
2017-11-27 17:00:48 +01:00
Marko Strukelj
0e2332196d
KEYCLOAK-5741 [Admin CLI] Fix instructions in build-in help
2017-11-27 16:12:00 +01:00
Pavel Drozd
a8bcdfb401
Merge pull request #4735 from vmuzikar/fix-ui
...
KEYCLOAK-5816, KEYCLOAK-5815 UI tests fixes
2017-11-27 15:12:35 +01:00
Bruno Oliveira
9d35891e7d
[KEYCLOAK-5467] X.509 Auth - missing internationalization support
2017-11-27 13:44:38 +01:00
Bruno Oliveira
00677a6b92
[KEYCLOAK-5898] X.509 Auth - add tests for CRL with direct grant
2017-11-27 13:43:37 +01:00
Bruno Oliveira
697caaa805
[KEYCLOAK-4683] Add key usage tests for X.509 Authentication
...
These tests cover the scenarios already available at our certificates:
* Key Usage with the flag critical
* Extended Key Usage without the flag critical
2017-11-27 13:42:57 +01:00
Marek Posolda
dd6502013e
Merge pull request #4734 from rmartinc/ui_locales
...
KEYCLOAK-5896: Parameter "ui_locales" not redirected to login page in java adapters
2017-11-24 10:59:26 +01:00
rmartinc
ecbf6e5386
KEYCLOAK-5896: adding a test for the ui_locales change.
2017-11-24 08:21:37 +01:00
pedroigor
2721e6a5e4
[KEYCLOAK-5770] - Logout event test
2017-11-23 21:08:07 +01:00
mposolda
6d91ab674b
KEYCLOAK-5895 CrossDC: NotSerializableException when opening sessions tab in admin console
2017-11-23 20:03:12 +01:00
vmuzikar
6f4ab8870e
KEYCLOAK-5816, KEYCLOAK-5815 UI tests fixes
2017-11-23 13:51:38 +01:00
Pavel Drozd
94ba85c210
Merge pull request #4720 from vramik/KEYCLOAK-5872
...
KEYCLOAK-5872 add preview assumption to InvalidationCrossDCTest.authz…
2017-11-23 07:42:31 +01:00
Bill Burke
2117db5e6d
Merge pull request #4730 from patriot1burke/master
...
KEYCLOAK-4715
2017-11-22 12:45:23 -05:00
Bill Burke
116bfb05c2
fix
2017-11-22 11:55:10 -05:00
Bill Burke
aee6d16f58
fix more stupidity
2017-11-22 10:22:47 -05:00
Bill Burke
ae29e36e1f
fix my stupidity
2017-11-22 08:19:30 -05:00
mposolda
bd1072d2eb
KEYCLOAK-5747 Ensure refreshToken doesn't need to send request to the other DC. Other fixes and polishing
2017-11-22 11:55:12 +01:00
Bill Burke
75d517a1e8
cleanup test
2017-11-21 21:49:51 -05:00
Bill Burke
8993ca08ad
KEYCLOAK-4715
2017-11-21 17:46:48 -05:00
vmuzikar
7fd237b40b
KEYCLOAK-5879 Fix SocialLoginTest with -Pauth-server-wildfly
2017-11-21 11:12:21 +01:00
Bill Burke
06762ba13d
KEYCLOAK-5878
2017-11-20 17:03:28 -05:00
vramik
37b625fd99
KEYCLOAK-5872 add preview assumption to InvalidationCrossDCTest.authzResourceInvalidationTest
2017-11-20 11:30:44 +01:00
Bruno Oliveira
641069d4fd
[KEYCLOAK-5866] MigrationTest fails for extracting realm keys
2017-11-16 19:44:09 +01:00
Bruno Oliveira
07aa718cb9
[KEYCLOAK-5379] MigrationTest fails for migration to 3.3.0
2017-11-16 07:22:57 +01:00
Pedro Igor
f96c3312e2
[KEYCLOAK-5841] - Test
2017-11-16 07:03:08 +01:00
Hynek Mlnařík
393fae74b3
Merge pull request #4693 from hmlnarik/KEYCLOAK-5349-JS-client-breaks-login-session
...
KEYCLOAK-5349 User session count in IdP-initiated flow tests
2017-11-15 12:35:19 +01:00
Hynek Mlnarik
a2f6c16764
KEYCLOAK-5349 User session count in IdP-initiated flow tests
2017-11-15 11:41:45 +01:00
Pedro Igor
63a01b1e1f
Merge pull request #4689 from pedroigor/KEYCLOAK-5844
...
[KEYCLOAK-5844] - Refreshing PAT instead of obtaining a new one every time
2017-11-14 18:25:24 -02:00
Pedro Igor
fdb618219f
[KEYCLOAK-5844] - Refreshing PAT instead of obtaining a new one every time
2017-11-14 11:24:45 -02:00
Stian Thorgersen
89f4b87038
KEYCLOAK-5567 Set correct status code on login error pages
2017-11-14 12:33:29 +01:00
Bruno Oliveira
03d0488335
[KEYCLOAK-2052] Allows independently set timeouts for e-mail verification link and rest e.g. forgot password link
...
Co-authored-by: Hynek Mlnarik <hmlnarik@redhat.com>
2017-11-13 19:57:04 -02:00
Stian Thorgersen
925d5e1dea
KEYCLOAK-3173 enable logout offline refresh token using OIDC logout endpoint
2017-11-13 18:23:39 +01:00
Stian Thorgersen
d30bf938ee
KEYCLOAK-5821 Fix basic auth tests with embedded Undertow
2017-11-13 16:34:25 +01:00
Pavel Drozd
af97a84108
Merge pull request #4635 from vmuzikar/fix-x509
...
KEYCLOAK-5720 Fix X.509 tests
2017-11-13 11:56:16 +01:00
Stian Thorgersen
4295f4ec31
KEYCLOAK-1886 Added cors headers to errors in token endpoint
2017-11-10 12:01:21 +01:00
mposolda
b033ce0669
KEYCLOAK-5371 SessionExpirationCrossDCTest - improve stability. Remove checks for counts of sent messages
2017-11-09 22:18:47 +01:00
mposolda
a98f085be6
KEYCLOAK-5618 Fix SessionsPreloadCrossDCTest. Update HOW-TO-RUN docs. Ensure it's executed in travis.
2017-11-09 17:39:04 +01:00
Stian Thorgersen
128ff12f8f
Bump versions
2017-11-09 15:37:21 +01:00
Marko Strukelj
dae0fafc8a
KEYCLOAK-5040 ProfileAssume needs to use server info endpoint
2017-11-09 14:19:06 +01:00
Bruno Oliveira
26e253f4a5
[KEYCLOAK-5284]
2017-11-09 13:45:06 +01:00
Marko Strukelj
2854a2006e
KEYCLOAK-5810 ClientTokenExchangeTest failures with -Pproduct profile
2017-11-09 13:44:10 +01:00
vmuzikar
2c2a332f80
KEYCLOAK-5332 Fix GitLab social test
2017-11-09 07:19:01 +01:00
vmuzikar
b21d5bbf04
KEYCLOAK-5805 Fix tests in the 'other' module
2017-11-09 07:01:27 +01:00
mposolda
62a1c187a2
KEYCLOAK-5716 KEYCLOAK-5738 Avoid infinispan deadlock. Ensure code-to-token works correctly in cross-dc
2017-11-07 09:01:59 +01:00
Hynek Mlnarik
fe2f65daac
KEYCLOAK-5581 Fix SAML identity broker context serialization
2017-11-03 21:09:18 +01:00
vmuzikar
ef8adc15f4
KEYCLOAK-5720 Fix X.509 tests
2017-11-03 17:09:46 +01:00
Pedro Igor
3716fa44ac
[KEYCLOAK-5728] - Permission Claims support
2017-10-27 12:40:30 -02:00
Hynek Mlnařík
248da4687a
Merge pull request #4610 from hmlnarik/KEYCLOAK-5745-Extract-client-sessions-from-user-sessions
...
KEYCLOAK-5745 Separate user and client sessions in infinispan
2017-10-26 13:09:06 +02:00
Hynek Mlnarik
75c354fd94
KEYCLOAK-5745 Separate user and client sessions in infinispan
2017-10-26 10:39:41 +02:00
Bill Burke
903a4dd849
Merge pull request #4612 from patriot1burke/master
...
KEYCLOAK-5273
2017-10-25 13:54:32 -04:00
Bill Burke
de6eab6d5d
fix
2017-10-25 13:00:58 -04:00
Bill Burke
8c1a3253fb
KEYCLOAK-5273
2017-10-25 10:31:11 -04:00
Bruno Oliveira da Silva
375e01a074
KEYCLOAK-5278 ( #4606 )
2017-10-25 15:27:24 +02:00
Bill Burke
50ccb5e5f6
Merge pull request #4591 from abstractj/KEYCLOAK-5717
...
KEYCLOAK-5717
2017-10-24 17:38:28 -04:00
Pedro Igor
1840cc54e4
Merge pull request #4601 from pedroigor/KEYCLOAK-5726
...
[KEYCLOAK-5726] - Support define enforcement mode for scopes on the adapter config
2017-10-24 12:51:52 -02:00
Pedro Igor
80e9b08bb6
[KEYCLOAK-5726] - Tests for scopes-enforcement-mode ALL and ANY
2017-10-24 11:37:41 -02:00
Bruno Oliveira
4d762159ef
KEYCLOAK-5717
2017-10-24 10:55:02 -02:00
Hynek Mlnařík
8e0cc2a5ea
Merge pull request #4605 from mposolda/master
...
KEYCLOAK-5710 Change cache-server to use backups based caches
2017-10-24 14:40:01 +02:00
Pedro Igor
a6e1413d58
[KEYCLOAK-5726] - Support define enforcement mode for scopes on the adapter configuration
2017-10-24 10:39:54 -02:00
Pavel Drozd
a4ec32ba66
Merge pull request #4602 from vramik/KEYCLOAK-5244
...
KEYCLOAK-5244 fix PasswordPolicyTest.testBlacklistPasswordPolicyWithT…
2017-10-24 14:17:35 +02:00
mposolda
9a19e95b60
KEYCLOAK-5710 Change cache-server to use backups based caches
2017-10-24 11:52:08 +02:00
Stan Silvert
9083e5fe5c
KEYCLOAK-5298: Enable autoescaping in Freemarker ( #4561 )
...
* KEYCLOAK-5298: Enable autoescaping in Freemarker
* Fix several of the failing tests.
* Fix broken tests in integration-deprecated
* Fix last failing test.
2017-10-23 12:03:00 -04:00
Stian Thorgersen
9b75b603e3
KEYCLOAK-5234 ( #4585 )
2017-10-23 16:13:22 +02:00
vramik
a3a1761eb7
KEYCLOAK-5244 fix PasswordPolicyTest.testBlacklistPasswordPolicyWithTestBlacklist on Wildfly
2017-10-23 12:11:36 +02:00
Bill Burke
73ba06b26b
Merge pull request #4590 from patriot1burke/master
...
KEYCLOAK-5698
2017-10-20 14:58:07 -04:00
Bill Burke
92245e3fc8
fixes
2017-10-20 09:55:37 -04:00
Hynek Mlnarik
3248557897
KEYCLOAK-5707 Have travis run cross-dc tests when appropriate
2017-10-19 13:29:26 +02:00
Stian Thorgersen
d9ffc4fa21
KEYCLOAK-5225 ( #4577 )
...
KEYCLOAK-5225 fix test
Fix
2017-10-19 08:23:16 +02:00
Stian Thorgersen
fea4c54adc
KEYCLOAK-5280 ( #4576 )
2017-10-19 08:02:23 +02:00
Pedro Igor
cedc095a9c
[KEYCLOAK-4550] - Test invalid configuration for user policy
2017-10-18 18:42:55 -02:00
Thomas Darimont
3103e0fd0a
KEYCLOAK-5244 Add BlacklistPasswordPolicyProvider ( #4370 )
...
* KEYCLOAK-5244 Add BlacklistPasswordPolicyProvider
This introduces a new PasswordPolicy which can refer to
a named predefined password-blacklist to avoid users
choosing too easy to guess passwords.
The BlacklistPasswordPolicyProvider supports built-in as
well as custom blacklists.
built-in blacklists use the form `default/filename`
and custom ones `custom/filename`, where filename
is the name of the found blacklist-filename.
I'd propose to use some of the freely available password blacklists
from the [SecLists](https://github.com/danielmiessler/SecLists/tree/master/Passwords ) project.
For testing purposes one can download the password blacklist
```
wget -O 10_million_password_list_top_1000000.txt https://github.com/danielmiessler/SecLists/blob/master/Passwords/10_million_password_list_top_1000000.txt?raw=true
```
to /data/keycloak/blacklists/
Custom password policies can be configured with the SPI
configuration mechanism via jboss-cli:
```
/subsystem=keycloak-server/spi=password-policy:add()
/subsystem=keycloak-server/spi=password-policy/provider=passwordBlacklist:add(enabled=true)
/subsystem=keycloak-server/spi=password-policy/provider=passwordBlacklist:write-attribute(name=properties.blacklistsFolderUri, value=file:///data/keycloak/blacklists/)
```
Password blacklist is stored in a TreeSet.
* KEYCLOAK-5244 Encode PasswordBlacklist as a BloomFilter
We now use a dynamically sized BloomFilter with a
false positive probability of 1% as a backing store
for PasswordBlacklists.
BloomFilter implementation is provided by google-guava
which is available in wildfly.
Password blacklist files are now resolved against
the ${jboss.server.data.dir}/password-blacklists.
This can be overridden via system property, or SPI config.
See JavaDoc of BlacklistPasswordPolicyProviderFactory for details.
Revised implementation to be more extensible, e.g. it could be
possible to use other stores like databases etc.
Moved FileSystem specific methods to FileBasesPasswordBlacklistPolicy.
The PasswordBlacklistProvider uses the guava version 20.0
shipped with wildfly. Unfortunately the arquillian testsuite
transitively depends on guava 23.0 via the selenium-3.5.1
dependency. Hence we need to use version 23.0 for tests but 20.0
for the policy provider to avoid NoClassDefFoundErrors in the
server-dist.
Configure password blacklist folder for tests
* KEYCLOAK-5244 Configure jboss.server.data.dir for test servers
* KEYCLOAK-5244 Translate blacklisted message in base/login
2017-10-17 20:41:44 +02:00
Hynek Mlnařík
fe76b2428b
Merge pull request #4563 from hmlnarik/KEYCLOAK-5656-Transport-factory-should-not-limit-to-a-single-DC-3
...
KEYCLOAK-5656 Use standard infinispan remote-store
2017-10-17 09:39:01 +02:00
Pavel Drozd
9c16a58d52
Merge pull request #4554 from vramik/KEYCLOAK-5672
...
KEYCLOAK-5672 rewrite server-config-migration module to use offline mode
2017-10-17 07:42:29 +02:00
vramik
cb2bd0fe1a
KEYCLOAK-5672 rewrite server-config-migration module to use offline mode
2017-10-16 22:51:59 +02:00
Hynek Mlnarik
056ba75a72
KEYCLOAK-5656 Use standard infinispan remote-store
2017-10-16 21:49:42 +02:00
Bill Burke
31dccc9a5e
Merge pull request #4509 from TeliaSoneraNorge/KEYCLOAK-5032
...
KEYCLOAK-5032 Forward request parameters to another IdP
2017-10-13 18:47:05 -04:00
Bill Burke
c66ce3a209
Merge pull request #4559 from micedre/KEYCLOAK-4052bis
...
KEYCLOAK-4052 - add an option to validate Password Policy for ldap user storage
2017-10-13 18:44:57 -04:00
Bill Burke
46d3ed7832
Merge remote-tracking branch 'upstream/master'
2017-10-13 17:00:57 -04:00
Bill Burke
d9af93850c
KEYCLOAK-5683, KEYCLOAK-5684, KEYCLOAK-5682, KEYCLOAK-5612, KEYCLOAK-5611
2017-10-13 16:51:56 -04:00
Cédric Couralet
656fc5d7c0
KEYCLOAK-4052 - add an option to validate Password Policy for ldap user storage
2017-10-13 13:54:50 +02:00
mposolda
1874820008
KEYCLOAK-5371 Fix ConcurrentLoginCrossDCTest.concurrentLoginWithRandomDcFailures
2017-10-11 13:02:55 +02:00
mposolda
f5ff24ccdb
KEYCLOAK-5371 Fix SessionExpirationCrossDCTest, Added ExecutorsProvider. Debug support for cache-servers in tests
2017-10-10 22:30:44 +02:00
Bill Burke
b0464f1751
Merge remote-tracking branch 'upstream/master'
2017-10-10 09:10:04 -04:00
Bill Burke
5bd4ea30ad
rev
2017-10-10 09:09:51 -04:00
Marek Posolda
d336667972
Merge pull request #4527 from Hitachi/master
...
OIDC Financial API Read Only Profile : scope MUST be returned in the response from Token Endpoint
2017-10-10 11:37:45 +02:00
Carl Kristian Eriksen
50dd07217d
KEYCLOAK-5032 Forward request parameters to another IdP
...
Forwarding of prompt and acr_values, if provided in the authorization request.
If prompt is set in the configuration for the identity provider, the configuration overrules the request parameter.
2017-10-09 16:15:27 +02:00
Marek Posolda
c6483f8b1e
Merge pull request #4523 from abustya/master
...
KEYCLOAK-5616 Processing of claims parameter
2017-10-09 11:14:23 +02:00
Bill Burke
c8516c2349
support social external exchange
2017-10-06 16:44:26 -04:00
Hynek Mlnařík
00ddf03ad3
Merge pull request #4538 from vramik/KEYCLOAK-5586
...
KEYCLOAK-5586 increase startup timeout for jboss containers
2017-10-06 10:46:49 +02:00
vramik
940715a975
KEYCLOAK-5586 increase startup timeout for jboss containers
2017-10-06 10:06:26 +02:00
Pavel Drozd
945404be24
Merge pull request #4532 from vmuzikar/fix-twitter-test
...
KEYCLOAK-5632 Fix Twitter social test
2017-10-05 13:30:02 +02:00
Stian Thorgersen
698483ee17
Missing test ( #4537 )
2017-10-05 13:27:15 +02:00
Vaclav Muzikar
eab047c130
KEYCLOAK-5632 Fix Twitter social test
2017-10-04 15:29:28 +02:00
mposolda
bca4c35708
KEYCLOAK-5371 Fix ActionTokenCrossDCTest and BruteForceCrossDCTest
2017-10-04 13:25:45 +02:00
Hynek Mlnařík
9aa4c3cf22
Merge pull request #4530 from vramik/KEYCLOAK-5586
...
KEYCLOAK-5586 crossdc tests on Wildfly using real database
2017-10-04 13:10:08 +02:00
vramik
b0a1550df5
KEYCLOAK-5586 crossdc tests on Wildfly using real database
2017-10-04 12:00:18 +02:00
Pavel Drozd
98c63bc195
Merge pull request #4502 from mhajas/KEYCLOAK-5555
...
KEYCLOAK-5555 Use driver from function argument for URL Asserts
2017-10-04 08:00:45 +02:00
Takashi Norimatsu
6f6a467c7b
OIDC Financial API Read Only Profile : scope MUST be returned in the
...
response from Token Endpoint
2017-10-04 12:59:49 +09:00
Áron Bustya
c2ffaa0777
Merge remote-tracking branch 'keycloak/master'
2017-10-03 14:53:40 +02:00
Áron Bustya
632414cc92
process claims parameter
...
also support parsing from request object
2017-10-03 14:51:46 +02:00
vramik
f806d4a5d6
KEYCLOAK-5586 Add support for testing cross dc tests on jboss-based containers
2017-10-03 14:01:45 +02:00
Bruno Oliveira da Silva
da72968085
KEYCLOAK-4401: Wrong message when a temporarily disabled user requests password reset ( #4506 )
2017-10-03 06:28:34 +02:00
Marek Posolda
faa5ec5125
Merge pull request #4520 from mposolda/master
...
KEYCLOAK-5440 RestartLoginCookie field 'cs' not marked ignorable
2017-10-02 20:03:34 +02:00
filipelautert
c4cc752e18
Fixing tests for Oracle ( #4481 )
2017-10-02 14:59:33 +02:00
mposolda
4a7013d550
KEYCLOAK-5440 RestartLoginCookie field 'cs' not marked ignorable
2017-10-02 14:19:27 +02:00
Bruno Oliveira da Silva
bb0bccc3c0
[KEYCLOAK-5486] Test email connection feature does not work the second time ( #4517 )
2017-10-02 13:14:50 +02:00
mposolda
7d641baf4e
KEYCLOAK-5570 Added InvalidationCrossDCTest
2017-09-29 19:36:40 +02:00
Marek Posolda
13fe9e7cf8
Merge pull request #4510 from glavoie/KEYCLOAK-3303
...
KEYCLOAK-3303: Allow reuse of refresh tokens.
2017-09-29 17:07:45 +02:00
mposolda
3b6e1f4e93
KEYCLOAK-5007 Used single-use cache for tracke OAuth code. OAuth code changed to be encrypted and signed JWT
2017-09-29 13:20:22 +02:00
Gabriel Lavoie
134daeac7f
KEYCLOAK-3303: Allow reuse of refresh tokens.
...
- Configurable max reuse count.
2017-09-28 15:30:40 -04:00
mhajas
01187901ea
KEYCLOAK-5555 Use driver from function argument for URL Asserts
2017-09-27 10:09:46 +02:00
Bill Burke
fd025ae76b
Merge pull request #4209 from guitaro/feature/group-search-and-pagination
...
[KEYCLOAK-2538] - groups pagination and group search
2017-09-23 20:52:19 -04:00
Bill Burke
9034708c99
Merge pull request #4474 from hmlnarik/KEYCLOAK-5254-NPE-in-SAMLIdentityProvider
...
KEYCLOAK-5254 Fix NPE - NameID format is optional
2017-09-23 20:39:50 -04:00
Bill Burke
537081ec9d
Merge pull request #4494 from patriot1burke/master
...
KEYCLOAK-5516
2017-09-22 16:38:13 -04:00
Bill Burke
3020a04a8b
Merge pull request #4490 from Fiercely/master
...
Keycloak 2035
2017-09-22 16:13:22 -04:00
Thomas Darimont
236b2b9273
KEYCLOAK-3599 Add Script based OIDC ProtocolMapper
2017-09-22 21:24:20 +02:00
Bill Burke
9d452b4bc3
Merge remote-tracking branch 'upstream/master'
2017-09-22 11:48:41 -04:00
Bill Burke
eb4f7f3b21
KEYCLOAK-5516
2017-09-22 11:48:30 -04:00
howcroft
e78bf5f876
Keycloak 2035
...
This PR adds:
* an endpoint to Role that lists users with the Role
* a tab "Users in Role" in Admin console Role page
* it is applicable to Realm and Client Roles
* Extends UserQueryProvider with default methods (throwing Runtime Exception if not overriden)
* Testing in base testsuite and Console
2017-09-22 15:05:49 +01:00
Bill Burke
15ddb2009d
Merge pull request #4475 from mstruk/KEYCLOAK-5328
...
KEYCLOAK-5328 Documentation issue for kcadm.sh set-password command
2017-09-21 21:50:16 -04:00
Bill Burke
8ace0e68c3
KEYCLOAK-910 KEYCLOAK-5455
2017-09-21 17:15:18 -04:00
Bill Burke
ab58052a4c
Merge pull request #4482 from patriot1burke/master
...
KEYCLOAK-5491 KEYCLOAK-5492 KEYCLOAK-5490
2017-09-19 14:01:40 -04:00
Pavel Drozd
c67a1d0469
Merge pull request #4483 from vmuzikar/KEYCLOAK-5495
...
KEYCLOAK-5495 Update Arquillian Drone to 2.4.2
2017-09-19 16:34:16 +02:00
Marko Strukelj
87cad0d84b
KEYCLOAK-5328 Documentation issue for kcadm.sh set-password command
2017-09-18 20:01:31 +02:00
mposolda
ca92bcbf7f
KEYCLOAK-5480 Cross-DC setup: Remote cache stores are connecting to Infinispan servers in both datacenters
2017-09-18 18:04:04 +02:00
Marek Posolda
fa35249afd
Merge pull request #4480 from TeliaSoneraNorge/KEYCLOAK-5494
...
Fix introspection error for pairwise access tokens
2017-09-18 16:44:24 +02:00
Pedro Igor
e8ef050093
Merge pull request #4471 from pedroigor/KEYCLOAK-5095
...
[KEYCLOAK-5095] - RPT should contain the RS as audience
2017-09-18 09:32:47 -03:00
Martin Hardselius
6b687c4318
Fix offline validation errors
...
Refactored token validation method to run user checks only if the user
session is valid.
2017-09-18 11:26:57 +02:00
Vaclav Muzikar
b4aae198fc
KEYCLOAK-5495 Update Arquillian Drone to 2.4.2
2017-09-18 09:52:45 +02:00
Bill Burke
2276279434
fix
2017-09-15 17:46:42 -04:00
Bill Burke
5a22b360f1
resolve conflicts
2017-09-15 16:37:35 -04:00
Bill Burke
f927ee7b4e
KEYCLOAK-5491 KEYCLOAK-5492
2017-09-15 16:30:45 -04:00
Pavel Drozd
42bb09fa31
Merge pull request #4463 from vmuzikar/fix-socialtests
...
KEYCLOAK-5437 Fix Facebook social login test
2017-09-15 13:37:16 +02:00
Pavel Drozd
34b8c58c0f
Merge pull request #4459 from mhajas/KEYCLOAK-5320
...
KEYCLOAK-5320 Configure SSL using creaper
2017-09-15 13:35:14 +02:00
Bill Burke
3e6adbc904
KEYCLOAK-5490 ( #4477 )
2017-09-15 11:36:48 +02:00
Martin Hardselius
a4315f4076
Fix introspection error for pairwise access tokens
...
When access tokens containing a pairwise sub are introspected, user
related checks are using that sub to fetch the UserModel instead of
fetching the user from the UserSession. No corresponding user is found
(or possibly even another user) and the token is reported inactive.
Resolves: KEYCLOAK-5494
2017-09-15 10:31:47 +02:00
Bill Burke
affeadf4f3
KEYCLOAK-5490
2017-09-14 21:16:50 -04:00
Hynek Mlnarik
9098105a64
KEYCLOAK-5254 Fix NPE - NameID format is optional
2017-09-14 14:59:05 +02:00
Levente NAGY
d18aa44fb4
Merge branch 'feature/group-search-and-pagination' of https://github.com/guitaro/keycloak into feature/group-search-and-pagination
2017-09-13 16:48:24 +02:00
Levente NAGY
e907da77d7
KEYCLOAK 2538 - UI group pagination - Remove junit mocked TUs, add arquillian Tests, delete mockito from poms, fix groups sorting when get result from cache
2017-09-13 16:45:45 +02:00
Pedro Igor
8b2d47dd71
[KEYCLOAK-5095] - Adding tests
2017-09-13 10:37:52 -03:00
Hisanobu Okuda
b7af96aa4d
KEYCLOAK-5315 Conditional OTP enforcement does not work ( #4399 )
2017-09-13 06:58:59 +02:00
Martin Kanis
550e5f752a
KEYCLOAK-5146 TokenEndpoint returns wrong methods for preflight requests ( #4455 )
2017-09-13 06:23:11 +02:00
Pedro Igor
90db6654d3
Merge pull request #4451 from glavoie/KEYCLOAK-4858-ResourceServer
...
KEYCLOAK-4858: Slow query performance for client with large data volume
2017-09-12 15:54:16 -03:00
Petter Lysne
7f8b5e032a
feat: added PayPal IDP ( #4449 )
2017-09-12 11:57:59 +02:00
Hynek Mlnarik
24e9cbb292
KEYCLOAK-4899 Replace updates to user session with temporary auth session
2017-09-11 21:43:49 +02:00
Pavel Drozd
9032889c15
Merge pull request #4465 from vramik/KEYCLOAK-4793
...
KEYCLOAK-4793 add kie.maven.settings.custom property to tests
2017-09-11 11:55:13 +02:00
vramik
a33007afb6
KEYCLOAK-4793 add kie.maven.settings.custom property to tests
2017-09-11 11:15:38 +02:00
Vaclav Muzikar
473aefacec
KEYCLOAK-5437 Fix Facebook social login test
2017-09-08 15:44:15 +02:00
mhajas
330cb022eb
KEYCLOAK-5320 Configure SSL using creaper
2017-09-08 13:19:48 +02:00
vramik
0a5de1239f
KEYCLOAK-5414 fix AccountRestServiceTest on undertow ( #4460 )
2017-09-07 09:30:20 +02:00
Gabriel Lavoie
c1664478d9
KEYCLOAK-4858: Slow query performance for client with large data volume
...
- Changing RESOURCE_SERVER PK to the client ID.
- Changing FK on children of RESOURCE_SERVER.
- Use direct fetch of ResourceServer through ID/PK to avoid a lot of implicit Hibernate flush.
2017-09-06 09:55:53 -03:00
mposolda
fe43c26829
KEYCLOAK-5248 auth_time is not updated when reauthentication is requested with 'login=prompt'
2017-09-05 12:22:30 +02:00
mposolda
30d8a7503b
KEYCLOAK-5326 Test that userSession is still the same after prompt=login
2017-09-05 12:22:30 +02:00
Pedro Igor
fa6d5f0ee2
[KEYCLOAK-4653] - Identity.hasClientRole(String) and Identity.hasRole(String) break role namespaces and should be removed
2017-09-01 16:08:34 -03:00
filipelautert
e055589448
[KEYCLOAK-4778] Fix for Oracle null value when having an empty String as attribute value ( #4406 )
...
* Add client.name as a second parameter to the title expressions in login template
* Fixing tooltip.
* pt_BR localization for admin screens.
* Reverting login.ftl
* Added all tooltip messages - even the ones not translated.
Translated around 150 messages todas.
* More translations.
* Fixing wrong edit.
* [KEYCLOAK-4778] Null check on Attribute value. This value can be null when retrieved from an Oracle database.
* [KEYCLOAK-4778] Create unit tests for empty and null values.
* [KEYCLOAK-4778] Move empty and null attributes tests to a separated test method; change tests to empty or null Strings.
* [KEYCLOAK-4778] Check if value is null and set it as empty array. In the former code if null was received it would generate an array with 1 string element ["null"]. Also if we set value as null instead of ArrayList, later when the rest call is executed it will generate the same incorrect array again.
* [KEYCLOAK-4778] Tests clean up.
2017-08-31 06:09:41 +02:00
Wim Vandenhaute
924b4f651a
KEYCLOAK-5186 createUser: set federationLink ( #4316 )
2017-08-31 06:07:43 +02:00
Hynek Mlnařík
e36b94d905
KEYCLOAK-5318 Verify signature on raw query parameters ( #4445 )
2017-08-31 05:46:26 +02:00
vramik
8bfab22417
KEYCLOAK-5049 add explicit removal of groups ( #4416 )
2017-08-30 08:16:00 +02:00
Stian Thorgersen
dcfa4aca8c
KEYCLOAK-943 Started account rest service. Profile and sessions completed. ( #4439 )
2017-08-29 20:12:09 +02:00
Stian Thorgersen
463661b051
Set version to 3.4.0.CR1-SNAPSHOT
2017-08-28 15:46:22 +02:00
Hynek Mlnařík
0caf93dfd9
KEYCLOAK-5336 Count on IPv6 address in tests ( #4433 )
2017-08-28 15:39:44 +02:00
Hynek Mlnarik
794c508b10
KEYCLOAK-4995 Support for distributed SAML logout in cross DC
2017-08-28 13:15:11 +02:00
Hynek Mlnarik
a2ccf4efa3
KEYCLOAK-5300 Fix Wildfly 10 SAML cluster tests
2017-08-28 13:15:11 +02:00
Pavel Drozd
53fe96db78
Merge pull request #4403 from mhajas/KEYCLOAK-5313
...
KEYCLOAK-5313 Assume preview profile for InstallationTests
2017-08-28 10:28:13 +02:00
Pavel Drozd
a76e4434fa
KEYCLOAK-5340 - Testsuite compilation error - waitForPageToLoad without driver param
2017-08-28 09:14:45 +02:00
Pavel Drozd
e3a61c580e
Merge pull request #4414 from vmuzikar/KEYCLOAK-5229-dep-update
...
KEYCLOAK-5229 Update testsuite dependencies
2017-08-28 08:07:25 +02:00
Hynek Mlnařík
9ee8f72be9
\KEYCLOAK-5335 Destination attr in SAML requests is optional ( #4424 )
2017-08-28 08:06:48 +02:00
Bruno Oliveira da Silva
859cd30c3a
Include frame-ancestors for CSP 2 ( #4413 )
...
Signed-off-by: Bruno Oliveira <bruno@abstractj.org>
2017-08-28 06:46:03 +02:00
Pavel Drozd
9b858907ec
Merge pull request #4402 from mhajas/KEYCLOAK-5312
...
KEYCLOAK-5312 Add preview profile assumption to authz tests
2017-08-25 11:25:00 +02:00
Stian Thorgersen
d58c6ad4e0
[KEYCLOAK-4900] Pass login_hint parameter to idp & review ( #4421 )
2017-08-25 10:14:38 +02:00
Bill Burke
6696c44dc0
Merge remote-tracking branch 'upstream/master'
2017-08-24 15:19:48 -04:00
Bill Burke
7a57723c01
more token exchange
2017-08-24 15:19:38 -04:00
mhajas
8bb473147c
KEYCLOAK-5312 Add preview profile assumption
2017-08-24 11:45:09 +02:00
mhajas
543f61048f
KEYCLOAK-5313 Assume preview profile for Authz test
2017-08-24 10:20:27 +02:00
Vaclav Muzikar
da9a88c45c
KEYCLOAK-5229 Update testsuite dependencies
2017-08-23 15:36:29 +02:00
Pedro Igor
8e5752c9db
Merge pull request #4388 from pedroigor/KEYCLOAK-5015-elytron-adapter
...
[KEYCLOAK-5015] - Updating Elytron Adapters
2017-08-23 08:55:25 -03:00
mposolda
fe5891fbdb
KEYCLOAK-5293 Add notBefore to user
2017-08-23 08:58:26 +02:00
Pedro Igor
287a86938e
[KEYCLOAK-5015] - HAL integration tests
2017-08-22 18:01:19 -03:00
Pavel Drozd
8d3384666a
Merge pull request #4401 from mhajas/KEYCLOAK-5265
...
KEYCLOAK-5265 Set localization tests to community profile only
2017-08-22 09:01:33 +02:00
Pavel Drozd
2ae812420d
Merge pull request #4396 from mhajas/KEYCLOAK-5311
...
KEYCLOAK-5311 Fix authorization tests
2017-08-22 09:00:23 +02:00
Pavel Drozd
bb10dc8c02
Merge pull request #4395 from mhajas/KEYCLOAK-4393
...
KEYCLOAK-4393 Remove example tests
2017-08-22 08:59:20 +02:00
Stian Thorgersen
20ac70d3fd
KEYCLOAK-5119 ( #4400 )
2017-08-22 08:07:36 +02:00
mhajas
7f7c0bac1e
KEYCLOAK-5265 Set localization tests to community profile only
2017-08-21 13:10:45 +02:00
mhajas
d58499acfb
KEYCLOAK-5311 Fix authorization tests
2017-08-18 09:22:50 +02:00
mhajas
0c21b8c3a6
KEYCLOAK-4393 Remove example tests
2017-08-18 09:11:53 +02:00
mposolda
089514d8a6
KEYCLOAK-4634 Cross-dc support for UserLoginFailures
2017-08-17 10:22:12 +02:00
Stian Thorgersen
6119572934
KEYCLOAK-5282 ( #4389 )
2017-08-17 09:22:23 +02:00
mposolda
c4bb29b4bb
KEYCLOAK-4187 SessionExpirationCrossDCTest - added tests for user logout and removal
2017-08-14 11:19:07 +02:00
mposolda
3aae4d22f6
KEYCLOAK-4630 Testing that refresh with offline token works
2017-08-11 19:37:25 +02:00
mposolda
868e76fcf3
KEYCLOAK-4630 Added SessionsPreloadCrossDCTest for test preloading sessions and offline sessions. Support for manual.mode to control manually lifecycle of all servers.
2017-08-11 17:44:00 +02:00
mposolda
0f7440d344
KEYCLOAK-4187 Fixes and tests related to sessions expiration and bulk removal in cross-dc environment
2017-08-10 08:29:59 +02:00
Pavel Drozd
9f6d9f7403
Merge pull request #4376 from pdrozd/KEYCLOAK-5267
...
KEYCLOAK-5267 Fuse tests - added timeouts for closing ssh channel
2017-08-09 21:48:36 +02:00
Bill Burke
3470b1839d
Merge remote-tracking branch 'upstream/master'
2017-08-09 10:25:25 -04:00
Bill Burke
2fa55550f3
token exchange permissions
2017-08-09 10:04:14 -04:00
Pavel Drozd
6bdc49048a
KEYCLOAK-5267 Fuse tests - added timeouts for closing ssh channel
2017-08-09 13:39:04 +02:00
mposolda
a72c297d5d
KEYCLOAK-4187 Fix LoginCrossDCTest
2017-08-08 14:02:48 +02:00
Hynek Mlnarik
52de3fff06
KEYCLOAK-4189 Fix tests
2017-08-08 10:11:51 +02:00
Hynek Mlnarik
afc972278c
KEYCLOAK-4694
2017-08-08 10:11:51 +02:00
Hynek Mlnarik
9ca72dc5c6
KEYCLOAK-4189 Improve logging and concurrency/cross-DC testing
2017-08-08 10:11:51 +02:00
mposolda
251b41a7ac
KEYCLOAK-4187 Fix LastSessionRefreshCrossDCTest and ConcurrentLoginCrossDCTest
2017-08-07 11:55:49 +02:00
Bill Burke
2365445a3e
Merge pull request #4360 from hmlnarik/KEYCLOAK-4189-Update-ConcurrencyTest-null
...
KEYCLOAK-4189 Update ConcurrencyTest
2017-08-02 19:47:55 -04:00
Bill Burke
3b5ca2bac0
Merge pull request #4366 from hmlnarik/KEYCLOAK-4694-null
...
KEYCLOAK-4694
2017-08-02 19:47:34 -04:00
Hynek Mlnarik
4583a45e78
KEYCLOAK-4694
2017-08-01 09:57:12 +02:00
Bill Burke
8c93fdfb62
fix test
2017-07-31 13:01:23 -04:00
Bill Burke
56bb37a9cf
Merge remote-tracking branch 'upstream/master'
2017-07-31 10:53:24 -04:00
Pavel Drozd
d761085318
Merge pull request #4353 from vramik/was
...
KEYCLOAK-5243 was-wls support
2017-07-31 13:26:04 +02:00
Pavel Drozd
070bb9bf6a
Merge pull request #4318 from mhajas/KEYCLOAK-3297
...
KEYCLOAK-3297 Add test for Access-Control-Expose-Headers
2017-07-31 12:59:32 +02:00
Bill Burke
6b991b850e
change role name
2017-07-28 16:20:23 -04:00
Bill Burke
852e9274d4
Merge remote-tracking branch 'upstream/master'
2017-07-28 16:15:53 -04:00
Bill Burke
db9b1bcb21
token exchange
2017-07-28 16:15:39 -04:00
Hynek Mlnarik
a955364f0e
KEYCLOAK-4189 Update ConcurrencyTest
2017-07-28 13:00:14 +02:00
mposolda
07e2136b3b
KEYCLOAK-4187 Added UserSession support for cross-dc
2017-07-27 22:32:58 +02:00
vramik
9fa50bded5
was-wls changes
2017-07-27 10:24:34 +02:00
Marek Posolda
dd6a7b23c3
Merge pull request #4350 from hmlnarik/KEYCLOAK-4446-Failed-to-process-response-when-reject-consent-with-turned-on-encryption
...
KEYCLOAK-4446 Do not encrypt SAML status messages
2017-07-26 15:31:54 +02:00
Hynek Mlnarik
3c537f5f28
KEYCLOAK-4446 Do not encrypt SAML status messages
...
SAML status messages are not encryptable per Chapter 6 of
saml-core-2.0-os.pdf. Only assertions, attributes, base ID and name ID
can be encrypted.
2017-07-26 11:22:56 +02:00
Hynek Mlnarik
8d81a4a2e4
KEYCLOAK-5236
2017-07-26 11:22:05 +02:00
Hynek Mlnarik
c7046b6325
KEYCLOAK-4189 Preparation for cross-DC SAML testing
2017-07-25 09:44:36 +02:00
Bill Burke
11ff5a05e9
KEYCLOAK-5205
2017-07-18 11:03:01 -04:00
Bill Burke
7406a095b9
Merge remote-tracking branch 'upstream/master'
2017-07-17 17:56:09 -04:00
Bill Burke
876edc0186
...
2017-07-17 17:55:59 -04:00
Bill Burke
b10e7b8c31
Merge pull request #4323 from patriot1burke/master
...
KEYCLOAK-5152
2017-07-14 15:35:48 -04:00
Bill Burke
f68754290f
KEYCLOAK-5152
2017-07-14 14:14:38 -04:00
Stian Thorgersen
badba7adaf
KEYCLOAK-5143 Run auth-server-wildfly profile on Travis ( #4317 )
2017-07-14 07:01:54 +02:00
Bill Burke
b0a33c9765
KEYCLOAK-5155
2017-07-13 14:51:27 -04:00
mhajas
b86079c589
KEYCLOAK-3297 Add test for Access-Control-Expose-Headers
2017-07-13 14:40:43 +02:00
mposolda
3fca731395
KEYCLOAK-5136 Improve browser refresh button after switch to different flow
2017-07-11 13:03:18 +02:00
Marek Posolda
d2274fa49f
Merge pull request #4311 from mposolda/master
...
KEYCLOAK-5061 Process correct initial flow when action expired
2017-07-11 07:23:07 +02:00
Pedro Igor
7e7d67464e
Merge pull request #4308 from pedroigor/KEYCLOAK-5140
...
[KEYCLOAK-5140] - GroupPolicyManagementTest fails with mssql and oracle
2017-07-10 18:04:19 -03:00
mposolda
936efe872a
KEYCLOAK-5061 Process correct initial flow when action expired
2017-07-10 22:52:54 +02:00
mposolda
7be2c55f61
KEYCLOAK-5061 Better error messages when action expired
2017-07-10 19:50:28 +02:00
Pedro Igor
dac381058c
[KEYCLOAK-5140] - GroupPolicyManagementTest fails with mssql and oracle
2017-07-10 11:54:58 -03:00
Marek Posolda
48eaebf1c3
Merge pull request #4293 from TeliaSoneraNorge/KEYCLOAK-5139
...
KEYCLOAK-5139 refresh token does not work with pairwise subject ident…
2017-07-10 11:21:34 +02:00
Martin Hardselius
5b2e390f57
Update refresh token test for deleted user
...
Instead of disabling the user under test, the test will now correctly
delete the user under test.
2017-07-10 10:20:41 +02:00
Pavel Drozd
50424b2ad3
Merge pull request #4284 from vramik/KEYCLOAK-5133
...
KEYCLOAK-5133 Fix FineGrainAdminUnitTest when impersonation is disabled
2017-07-10 08:04:23 +02:00
Pedro Igor
65251748c7
[KEYCLOAK-5148] - Create authorization settings when creating a new client using a config file
2017-07-05 18:19:00 -03:00
Pedro Igor
4b7c61111c
Merge pull request #4288 from pedroigor/KEYCLOAK-5135
...
[KEYCLOAK-5135] - Wrong comparison when checking for duplicate resources during creation
2017-07-05 08:22:23 -03:00
Martin Hardselius
8cb8678525
KEYCLOAK-5139 refresh token does not work with pairwise subject identifiers
2017-07-05 12:32:43 +02:00
Stian Thorgersen
c95aace6e0
KEYCLOAK-5141 Return '*' in Cors requests when '*' is in list of permitted origins. Stop caching well-known information as it can change. ( #4290 )
2017-07-05 09:25:21 +02:00
Stian Thorgersen
eba8dac47d
KEYCLOAK-4536 Add test to check behavior with file redirect URI ( #4291 )
2017-07-05 09:08:13 +02:00
Pedro Igor
e1622006c3
[KEYCLOAK-5135] - More tests for resource mgmt
2017-07-04 16:45:06 -03:00
Stian Thorgersen
9a9f4137e5
KEYCLOAK-4556 KEYCLOAK-5022 Only cache keycloak.js and iframe if specific version is requested ( #4289 )
2017-07-04 21:18:34 +02:00
Stan Silvert
32b16717a7
KEYCLOAK-4234: Link to app in acct mgt doesn't use root url ( #4285 )
...
* KEYCLOAK-4234: Link to app in acct mgt not use root url
* Add tests.
2017-07-04 07:01:58 +02:00
vramik
41011a95e1
KEYCLOAK-5133 Fix FineGrainAdminUnitTest when impersonation is disabled
2017-07-03 11:49:46 +02:00
Stian Thorgersen
454c5f4d83
Set version to 3.3.0.CR1-SNAPSHOT
2017-06-30 09:47:11 +02:00
Bill Burke
999dff353c
Merge remote-tracking branch 'upstream/master'
2017-06-29 17:37:45 -04:00
Bill Burke
f5389b0e17
don't clean up properly
2017-06-29 17:36:45 -04:00
vramik
6ba3687b76
KEYCLOAK-5114 Fix UsersTest on auth-server-wildfly ( #4271 )
2017-06-29 14:39:59 +02:00
Stian Thorgersen
620bea3553
Merge pull request #4270 from stianst/KEYCLOAK-5107
...
KEYCLOAK-5107 Fix FineGrainAdminUnitTest and IllegalAdminUpgradeTest …
2017-06-29 08:54:59 +02:00
Stian Thorgersen
c9bc321d2a
Merge pull request #4269 from stianst/dockerdockerdocker
...
KEYCLOAK-3592 Docker auth implementation
2017-06-29 07:23:47 +02:00
Stian Thorgersen
74fe9249d5
Merge pull request #4216 from machielg/master
...
KEYCLOAK-5026 Store credentials
2017-06-29 06:52:16 +02:00
Stian Thorgersen
9f814c6cf1
KEYCLOAK-5107 Fix FineGrainAdminUnitTest and IllegalAdminUpgradeTest on auth-server-wildfly
2017-06-29 06:46:21 +02:00
Josh Cain
89fcddd605
KEYCLOAK-3592 Docker auth implementation
2017-06-29 06:37:34 +02:00
Hynek Mlnarik
5e16a32f86
KEYCLOAK-5106 Fix BasicSamlTest on auth-server-wildfly
2017-06-28 20:47:43 +02:00
Stian Thorgersen
e964b156cc
Merge pull request #4264 from stianst/KEYCLOAK-5074
...
KEYCLOAK-5074 Allow updating client secret through client registratio…
2017-06-28 11:40:04 +02:00
Stian Thorgersen
ce4506f367
Merge pull request #4261 from hmlnarik/KEYCLOAK-4377-null
...
KEYCLOAK-4377
2017-06-28 08:21:20 +02:00
Stian Thorgersen
1220d7f898
KEYCLOAK-5074 Allow updating client secret through client registration service
2017-06-28 08:11:51 +02:00
Hynek Mlnarik
a3ccac2012
KEYCLOAK-4377
2017-06-27 14:34:47 +02:00
Pavel Drozd
947254e14f
Merge pull request #4222 from vmuzikar/KEYCLOAK-5055
...
KEYCLOAK-4787, KEYCLOAK-5055 Stabilize UI tests
2017-06-27 11:42:21 +02:00
Stian Thorgersen
4be0e36306
Merge pull request #4208 from ASzc/KEYCLOAK-4758
...
KEYCLOAK-4758
2017-06-27 11:35:43 +02:00
Stian Thorgersen
56c5996aff
Merge pull request #4259 from stianst/abstractj-KEYCLOAK-4444
...
KEYCLOAK-4444
2017-06-27 10:44:30 +02:00
Machiel Groeneveld
7849191ec7
Merge branch 'master' into master
2017-06-27 10:27:07 +02:00
Bruno Oliveira
361ab1c988
[KEYCLOAK-4444] Allow sending test email
2017-06-27 08:38:36 +02:00
Stian Thorgersen
b4d39ca061
KEYCLOAK-4984 Don't update client registration access token on read
2017-06-27 08:29:03 +02:00
Bill Burke
b771960e21
fix log file
2017-06-26 12:36:43 -04:00
Bill Burke
bc05560d4d
Merge remote-tracking branch 'upstream/master'
2017-06-26 11:41:12 -04:00
Bill Burke
3855b5c0a3
admin console work
2017-06-26 11:40:56 -04:00
Bill Burke
28b3ef9aa9
admin console work
2017-06-26 11:40:32 -04:00
Bill Burke
22987bb90b
Merge pull request #4250 from mposolda/RHSSO-1027
...
KEYCLOAK-5085 Easy fix to just handle the exception
2017-06-26 10:04:02 -04:00
Hynek Mlnarik
955cbc76d7
KEYCLOAK-5030 Change action tokens cache type to distributed
2017-06-26 10:11:53 +02:00
Bill Burke
f1807aead4
impersonate
2017-06-25 11:28:37 -04:00
mposolda
756d996a4a
KEYCLOAK-5085 RHSSO-1027 Fix to handle the exception thrown from alternative flow
2017-06-23 19:13:43 +02:00
Bill Burke
3ee86fedc7
Merge remote-tracking branch 'upstream/master'
2017-06-23 09:57:35 -04:00
Bill Burke
39dea4b078
restricting admin role mapping
2017-06-22 16:51:46 -04:00
Pavel Drozd
58e5f41415
Merge pull request #4210 from vramik/KEYCLOAK-4983
...
KEYCLOAK-4983 export authorization test with multiple roles
2017-06-22 09:36:26 +02:00
Pavel Drozd
a7fbcaaef4
Merge pull request #4211 from vramik/KEYCLOAK-5027
...
KEYCLOAK-5027 Add possibility to attach debugger to jboss based servers
2017-06-22 09:34:58 +02:00
Stian Thorgersen
6f731dfee9
Merge pull request #4118 from skjolber/feature/KEYCLOAK-3056-verify-signature-2
...
Some adjustments for KEYCLOAK-3056 / PR #3893
2017-06-22 08:44:32 +02:00
Marek Posolda
ab7a0c2252
Merge pull request #4248 from mposolda/client-initial-access-db
...
KEYCLOAK-4631 Move ClientInitialAccessModel from userSession model to…
2017-06-22 06:27:25 +02:00
Bill Burke
d08ddade2e
merge
2017-06-21 17:43:54 -04:00
Bill Burke
52e40922bc
removal
2017-06-21 17:42:57 -04:00
Bill Burke
f1132ffabe
Merge pull request #4175 from mrezai/fix-pkce-s256-code-challenge
...
KEYCLOAK-4956: Fix incorrect PKCE S256 code challenge generation
2017-06-21 17:04:31 -04:00
Bill Burke
8c82201add
Merge pull request #4224 from pedroigor/KEYCLOAK-3168
...
[KEYCLOAK-3168] - Group-Based Access Control
2017-06-21 17:03:34 -04:00
mposolda
fc61a4e89f
KEYCLOAK-4631 Move ClientInitialAccessModel from userSession model to realm model
2017-06-21 22:14:20 +02:00
Hynek Mlnarik
bf43ccf6c1
KEYCLOAK-4993 Fix intermittent failures in ComponentsTest testConcurrencyWithChildren
...
... and seems that the KEYCLOAK-5020 as well
2017-06-21 15:19:23 +02:00
Marek Posolda
be5291f710
Merge pull request #4242 from mposolda/master
...
KEYCLOAK-4438 Disable kerberos flow when provider removed
2017-06-21 11:54:50 +02:00
Marek Posolda
3fd6fc250d
Merge pull request #4240 from hmlnarik/KEYCLOAK-4189-Cross-DC-testing
...
KEYCLOAK-4189 Infinispan cache and channel statistics for Cross-DC testing
2017-06-21 10:22:43 +02:00
mposolda
e91dd011c5
KEYCLOAK-4438 Disable kerberos flow when provider removed
2017-06-21 09:38:20 +02:00
mposolda
32cf8b7cad
KEYCLOAK-3316 Fixes for OAuth2 requests without 'scope=openid'
2017-06-20 17:17:43 +02:00
Hynek Mlnarik
2e2d15be9f
KEYCLOAK-4189 Infinispan cache and channel statistics for Cross-DC-testing
2017-06-20 12:48:08 +02:00
mposolda
f363dbcad0
KEYCLOAK-4327 Switching language on User consent gives error
2017-06-20 09:21:41 +02:00
Bill Burke
57cb46148f
tests
2017-06-19 11:21:59 -04:00
Bill Burke
a994af9010
remove scope
2017-06-16 11:26:43 -04:00
vramik
dfed148921
KEYCLOAK-4189 fixed issue with exlude cross DC tests by default
2017-06-16 11:32:02 +02:00
Pedro Igor
5028c05cc2
[KEYCLOAK-3168] - Export and import tests
2017-06-14 09:33:59 -03:00
Martin Hardselius
60942346f3
KEYCLOAK-4924: pairwise clients get duplicate subs in tokens
2017-06-14 10:47:40 +02:00
vramik
97509ebf89
KEYCLOAK-4983 export authorization test with multiple roles
2017-06-14 10:38:47 +02:00
Pedro Igor
169280b6a1
[KEYCLOAK-3168] - Group-Based Access Control
2017-06-13 19:05:44 -03:00
Vaclav Muzikar
35857bf649
KEYCLOAK-5055 Stabilize UI tests
2017-06-13 11:24:45 +02:00
Hynek Mlnarik
a0f3a6469f
KEYCLOAK-4189 - Cross DC testing
2017-06-12 11:14:28 +02:00
Pedro Igor
fd8a3dccaf
Merge pull request #4214 from pedroigor/KEYCLOAK-4904
...
[KEYCLOAK-4904] - Authorization Audit - Part 1
2017-06-09 17:17:30 -03:00
Pedro Igor
f12cef2c86
[KEYCLOAK-4904] - Authorization Audit - Part 1
2017-06-09 13:31:06 -03:00
Machiel Keizer-Groeneveld
80f8815b9a
KEYCLOAK-5026 Store credentials
...
Credentials are stored with user creation if they are present in the UserRepresentation.
2017-06-09 09:32:33 +02:00
Stian Thorgersen
6cccd66162
Merge pull request #4192 from hokuda/KEYCLOAK-4980
...
KEYCLOAK-4980 SAML adapter should return 403 when unauthenticated Aja…
2017-06-09 04:40:26 +02:00
Hisanobu Okuda
9135ba7c40
KEYCLOAK-4980 SAML adapter should return 401 when unauthenticated Ajax client accesses
2017-06-08 23:36:25 +09:00
Bill Burke
94528976d4
console work
2017-06-07 16:29:43 -04:00
vramik
7381ec456a
KEYCLOAK-5027 Add possibility to attach debugger to jboss based servers
2017-06-07 14:35:33 +02:00
Bill Burke
536a57a514
ui for permission reference
2017-06-05 19:52:51 -04:00
Alex Szczuczko
5d88c2b8be
KEYCLOAK-4758 Update Encode class using latest resteasy. Use encodeQueryParamAsIs instead of encodeQueryParam when encoding key=value pairs for URI query sections. Also fix a few callers who were relying on the bad behaviour of queryParam.
2017-06-05 16:24:38 -06:00
Pedro Igor
9be9e30ad6
Merge pull request #4206 from pedroigor/KEYCLOAK-4983
...
[KEYCLOAK-4983] - Authz settings export of role base policy generates json where are just role-names
2017-06-05 16:19:58 -03:00
Pedro Igor
23887f4031
Fixing tests and more client policy tests
2017-06-05 11:26:33 -03:00
Pedro Igor
3760f2753b
[KEYCLOAK-4983] - Authz settings export of role base policy generates json where are just role-names
2017-06-02 20:09:33 -03:00
Pedro Igor
d0f505455d
[KEYCLOAK-4991] - Allow clients to limit the number of permission in a RPT when using entitlements
2017-06-02 19:06:40 -03:00
Bill Burke
a41d282e92
client permission tests
2017-06-02 15:49:20 -04:00
Thomas Skjølberg
241c58dd61
Add unit tests related to signatures, check that a signature is present when want assertion signing.
2017-06-02 15:36:52 +02:00
Bill Burke
b9f7a43a72
group permissions
2017-06-01 20:16:35 -04:00
Pedro Igor
dcd1a68d95
[KEYCLOAK-4992] - Allow clients to exclude resource_set_name from RPT
2017-05-31 19:33:34 -03:00
Pavel Drozd
a52a1f4618
Merge pull request #4196 from vramik/KEYCLOAK-4481
...
KEYCLOAK-4481 some authz export tests
2017-05-30 16:56:54 +02:00
Stian Thorgersen
a6e4245185
Merge pull request #4194 from stianst/KEYCLOAK-4888
...
KEYCLOAK-4888
2017-05-30 14:49:22 +02:00
vramik
8f1938c28d
KEYCLOAK-4481 Role based permission test
2017-05-30 13:10:09 +02:00
Stian Thorgersen
8c53c5a90e
KEYCLOAK-4888
...
Change default hashing provider for realm
2017-05-30 09:54:05 +02:00
Thomas Darimont
7d0b461683
KEYCLOAK-4975 Use authenticationSession binding name in ScriptBasedAuthenticator
...
We now use authenticationSession instead of clientSession to reflect
the renaming of ClientSessionModel to AuthenticationSessionModel.
Note that this is a breaking change which needs to be mentioned in
the upgrade notes!
2017-05-29 18:14:02 +02:00
Bill Burke
c3ea847b3e
auth changes
2017-05-29 09:53:17 -04:00
Stian Thorgersen
684689d40d
Merge pull request #3561 from glavoie/KEYCLOAK-3990
...
KEYCLOAK-3990: Very slow use of NamedQueries.
2017-05-29 09:39:39 +02:00
mposolda
c4f172afe7
KEYCLOAK-4977 Upgrade infinispan and undertow version to align with Wildfly 11.0.0.Alpha1
2017-05-26 14:29:30 +02:00
Hynek Mlnarik
e4fc8f083e
KEYCLOAK-3990 Tests
2017-05-24 07:50:48 -04:00
mposolda
2b59db71a8
KEYCLOAK-3316 Remove the IDToken if scope=openid is not used
2017-05-24 09:23:14 +02:00
Stian Thorgersen
c442bcd8d3
Merge pull request #4174 from stianst/KEYCLOAK-4889
...
KEYCLOAK-4889
2017-05-23 14:26:15 +02:00
Stian Thorgersen
c00a64208a
Merge pull request #4136 from frelibert/KEYCLOAK-4897
...
KEYCLOAK-4897
2017-05-23 14:10:34 +02:00
Pavel Drozd
06152d9883
Merge pull request #4165 from vmuzikar/google-fix
...
KEYCLOAK-4944 Fix SocialLoginTest to reflect new Google Login screen
2017-05-23 14:03:08 +02:00
Stian Thorgersen
ef29097679
Merge pull request #4172 from hmlnarik/KEYCLOAK-4813-Destination-Validation-should-ignore-whether-default-port-is-explicitly-specified
...
KEYCLOAK-4813 Destination validation counts on port being not specified
2017-05-23 13:59:36 +02:00
Pavel Drozd
0a869f56a7
Merge pull request #4146 from vramik/KEYCLOAK-4926
...
KEYCLOAK-4926 exclude WelcomePageTest from migration scenario
2017-05-23 13:59:26 +02:00
Stian Thorgersen
ff2d6941d0
Merge pull request #4140 from mstruk/RHSSO-978
...
RHSSO-978 Cannot migrate event types using export/import
2017-05-23 13:55:17 +02:00
Mohammad Rezai
acd78ee407
KEYCLOAK-4956: Fix incorrect PKCE S256 code challenge generation
2017-05-23 16:15:44 +04:30
Stian Thorgersen
130452f6c3
Merge pull request #4085 from mstruk/RHSSO-402
...
RHSSO-402 need a way to dump configuration (including ldap provider config) to a file
2017-05-23 13:29:32 +02:00
Stian Thorgersen
097a2267f5
KEYCLOAK-4889
...
Improve error messages for password policies
2017-05-23 13:18:06 +02:00
Hynek Mlnarik
f47283f61a
KEYCLOAK-4813 Destination validation counts on port being not specified
2017-05-23 12:52:48 +02:00
mposolda
8adde64e2c
KEYCLOAK-4016 Provide a Link to go Back to The Application on a Timeout
2017-05-23 09:08:58 +02:00
Daan de Wit
ef6b303bfe
KEYCLOAK-4911 charset not specified by Java client registration API
2017-05-22 15:22:39 +02:00
Bill Burke
ab763e7c5b
fixes after merge
2017-05-19 15:54:36 -04:00
Vaclav Muzikar
c2379dbe49
KEYCLOAK-4944 Fix SocialLoginTest to reflect new Google Login screen
2017-05-19 18:07:05 +02:00
Bill Burke
f114895cd2
for merge
2017-05-19 11:29:26 -04:00
vramik
f0386d9374
KEYCLOAK-4926 exclude WelcomePageTest from migration scenario
2017-05-19 13:30:01 +02:00
Marek Posolda
d80381ec0d
Merge pull request #4139 from vramik/KEYCLOAK-4827
...
KEYCLOAK-4827 Add tests for concurrent use of user session in cache
2017-05-19 11:14:57 +02:00
Bill Burke
2cac8b1bb7
KEYCLOAK-4929
2017-05-18 16:53:31 -04:00
Bill Burke
c291748f43
KEYCLOAK-4929
2017-05-18 16:48:04 -04:00
Hynek Mlnarik
f9767ad6cd
KEYCLOAK-4627 Additional tests for action tokens
2017-05-18 12:04:32 +02:00
Hynek Mlnarik
10c9e0f00f
KEYCLOAK-4897 Tests for assertion-only signatures with encrypted assertions
2017-05-17 15:56:49 +02:00
Marko Strukelj
27b291c345
RHSSO-978 Cannot migrate event types using export/import
2017-05-16 18:52:58 +02:00
Marko Strukelj
7d0ca42c6c
RHSSO-402 need a way to dump configuration (including ldap provider config) to a file
2017-05-15 12:13:58 +02:00
Bill Burke
954ef99f22
Merge remote-tracking branch 'upstream/master'
2017-05-12 10:10:29 -04:00
vramik
cc6a5419de
KEYCLOAK-4827 Add tests for concurrent use of user session in cache
2017-05-12 14:14:14 +02:00
mposolda
7d8796e614
KEYCLOAK-4626 Support for sticky sessions with AUTH_SESSION_ID cookie. Clustering tests with embedded undertow. Last fixes.
2017-05-11 22:24:07 +02:00
Hynek Mlnarik
b8262a9f02
KEYCLOAK-4628 Single-use cache + its functionality incorporated into reset password token. Utilize single-use cache for relevant actions in execute-actions token
2017-05-11 22:16:26 +02:00
mposolda
db8b733610
KEYCLOAK-4626 Fix TrustStoreEmailTest and PolicyEvaluationCompositeRoleTest. Distribution update
2017-05-11 22:16:26 +02:00
Hynek Mlnarik
c431cc1b01
KEYCLOAK-4627 IdP email account verification + code cleanup. Fix for concurrent access to auth session notes
2017-05-11 22:16:26 +02:00
mposolda
168153c6e7
KEYCLOAK-4626 Authentication sessions - SAML, offline tokens, broker logout and other fixes
2017-05-11 22:16:26 +02:00
Hynek Mlnarik
47aaa5a636
KEYCLOAK-4627 reset credentials and admin e-mails use action tokens. E-mail verification via action tokens.
2017-05-11 22:16:26 +02:00
mposolda
e7272dc05a
KEYCLOAK-4626 AuthenticationSessions - brokering works. Few other fixes and tests added
2017-05-11 22:16:26 +02:00
Hynek Mlnarik
b55b089355
KEYCLOAK-4627 Changes in TokenVerifier to include token in exceptions. Reset credentials uses checks to validate individual token aspects
2017-05-11 22:16:26 +02:00
mposolda
a9ec69e424
KEYCLOAK-4626: AuthenticationSessions - working login, registration, resetPassword flows
2017-05-11 22:16:26 +02:00
Hynek Mlnarik
19a41c8704
KEYCLOAK-4627 Refactor TokenVerifier to support more than just access token checks. Action tokens implementation with reset e-mail action converted to AT
2017-05-11 22:16:26 +02:00
mposolda
e4aba9e471
KEYCLOAK-4829 Access token from offline token falsely reported as inactive by token introspection
2017-05-11 21:17:04 +02:00
Stian Thorgersen
c3a2b3a6b6
KEYCLOAK-4523 PBKDF2WithHmacSHA256 and PBKDF2WithHmacSHA512 providers
2017-05-11 11:58:22 +02:00
