madgaet
c35718cb87
[KEYCLOAK-9809] Support private_key_jwt authentication for external IdP
2019-09-17 16:04:23 +02:00
Jan Lieskovsky
63e9eec52d
[KEYCLOAK-11415] Switch the 'GroupMapperConfig.PRESERVE_GROUP_INHERITANCE' setting reliably
...
Use own, separate context when trying to switch 'GroupMapperConfig.PRESERVE_GROUP_INHERITANCE'
group mapper config setting to 'false' (or back), across the various tests from LDAPGroupMapperSyncTest
suite. This makes the test results deterministic again (prevents 'test02_syncWithGroupInheritance()'
and 'test03_syncWithDropNonExistingGroups()' tests randomly to fail depending if attempt
to reset the 'GroupMapperConfig.PRESERVE_GROUP_INHERITANCE' back to 'true' in previous
'test01_syncNoPreserveGroupInheritance()' test succeeded, or not)
Signed-off-by: Jan Lieskovsky <jlieskov@redhat.com>
2019-09-16 20:42:46 +02:00
Jan Lieskovsky
7ab854fecf
[KEYCLOAK-8253] When syncing flat (all groups being the top-level ones) structure
...
of LDAP groups from federation provider to Keycloak, perform the search if the
currently processed group already exists in Keycloak in log(N) time
Signed-off-by: Jan Lieskovsky <jlieskov@redhat.com>
2019-09-12 20:14:18 +02:00
Jan Lieskovsky
cfb225b499
[KEYCLOAK-8253] Improve the time complexity of LDAP groups synchronization
...
(in the direction from LDAP provider to Keycloak) from exponential to
linear time in the case of syncing flat LDAP groups structure
Add a corresponding test (intentionally configured as to be ignored
by CI/CD due to higher demand on time, required fo the test completion)
Signed-off-by: Jan Lieskovsky <jlieskov@redhat.com>
2019-09-12 09:54:13 +02:00
Cédric Couralet
9c37da0ee9
KEYCLOAK-8818 Support message bundle in theme resources
2019-09-11 08:03:16 +02:00
mhajas
2703388946
KEYCLOAK-11245 Adapt LDAPConnectionTestManager to use newly introduced LDAPContextManager
2019-09-10 22:51:19 +02:00
mhajas
9c2525ec1a
KEYCLOAK-11245 Use transcription object for LDAP bindCredential
2019-09-09 19:39:53 +02:00
Martin Kanis
4235422798
KEYCLOAK-11246 Use the transcription object for SMTP password
2019-09-09 13:27:11 +02:00
Hynek Mlnarik
9eb2e1d845
KEYCLOAK-11028 Use pessimistic locks to prevent DB deadlock when deleting objects
2019-09-09 10:57:49 +02:00
Stefan Guilhen
60205845a8
[KEYCLOAK-7264] Add a RoleMappingsProvider SPI to allow for the configuration of custom role mappers in the SAML adapters.
...
- Provides a default implementation based on mappings loaded from a properties file.
- Role mappers can also be configured in the keycloak-saml susbsytem.
2019-09-09 05:24:25 -03:00
rmartinc
a726e625e9
KEYCLOAK-10782: Credentials tab on clients can only be displayed with view-realm
2019-09-06 16:45:08 -03:00
Martin Kanis
b1be6c2bdd
KEYCLOAK-11247 Use the transcription object for Identity providers password
2019-09-06 15:29:11 +02:00
Pedro Igor
a1d8850373
[KEYCLOAK-7416] - Device Activity
2019-09-05 11:43:27 -03:00
Sebastian Laskawiec
69d6613ab6
KEYCLOAK-10169 OpenShift 4 Identity Provider
2019-09-05 16:33:59 +02:00
vmuzikar
2f9d875840
KEYCLOAK-11286 Fix tests in "other" module
2019-09-05 16:29:09 +02:00
vramik
ca6fbac599
KEYCLOAK-11150 testsuite dependency with auth-server-remote
2019-09-05 08:34:22 +02:00
Stefan Guilhen
bb9c811a65
[KEYCLOAK-10935] Add a vault transcriber implementation that can be obtained from the session.
...
- automatically parses ${vault.<KEY>} expressions to obtain the key that contains the secret in the vault.
- enchances the capabilities of the VaultProvider by offering methods to convert the raw secrets into other types.
2019-09-04 22:34:08 +02:00
mposolda
3a19db0c9d
KEYCLOAK-10921 Fix unstable RefreshTokenTest
2019-09-04 05:54:26 -03:00
Martin Bartos RH
a0ba6e593e
[KEYCLOAK-11024] RulesPolicyManagementTest failing with auth-server-undertow in universal pipeline
2019-09-02 11:58:30 +02:00
Niko Köbler
49e9cd759b
KEYCLOAK-10734 Let the check-sso feature do the check in hidden iframe
2019-08-20 15:41:09 -03:00
Pedro Igor
e12c245355
[KEYCLOAK-10779] - CSRF check to My Resources
...
(cherry picked from commit dbaba6f1b8c043da4a37c906dc0d1700956a0869)
2019-08-20 06:35:00 -03:00
Hynek Mlnarik
97811fdd51
KEYCLOAK-10786 Check signature presence in SAML broker
...
(cherry picked from commit ba9f73aaff22eb34c7dec16f4b76d36d855d569b)
2019-08-20 06:35:00 -03:00
Leon Graser
0ce10a3249
[KEYCLOAK-10653] Manage Consent via the Account API
2019-08-20 06:24:44 -03:00
Pedro Igor
3f2a38936c
[KEYCLOAK-11154] - Unstable Photoz Adapter Tests
2019-08-19 16:04:24 -03:00
mhajas
78ee5adfe8
KEYCLOAK-10034 Replace pause with waitForPageToLoad
2019-08-19 10:18:15 +02:00
Nemanja Hiršl
411ea331f6
KEYCLOAK-10785 X.509 Authenticator - Update user identity source mappers
...
Update user identity sources and the way how X.509 certificates are mapped to the user to:
1. Include "Serial number + Issuer DN" as described in RFC 5280
2. Include "Certificate's SHA256-Thumbprint"
3. Exclude "Issuer DN"
4. Exclude "Issuer Email"
Add an option to represent serial number in hexadecimal format.
Documentation PR created: https://github.com/keycloak/keycloak-documentation/pull/714
KEYCLOAK-10785 - Documentation for new user identity source mappers
2019-08-16 11:35:50 -03:00
Takashi Norimatsu
8225157a1c
KEYCLOAK-6768 Signed and Encrypted ID Token Support
2019-08-15 15:57:35 +02:00
mposolda
67df6d03af
KEYCLOAK-10449 KEYCLOAK-10550 Fix manual DB migration test with MSSQL
2019-08-15 14:19:27 +02:00
Martin Bartos RH
925864530a
KEYCLOAK-10457 Merge preview features test: SocialLoginTest
2019-08-14 22:09:59 +02:00
Peter Skopek
71eed3af06
KEYCLOAK-10792 MigrationTest fails in pipeline: fix log file checker to start from the right position after server restart
2019-08-12 15:41:56 +02:00
Martin Bartos RH
9d67e92117
[KEYCLOAK-10465] Merge preview features test: OpenShiftTokenReviewEndpoint
2019-08-06 12:57:33 +02:00
Hynek Mlnarik
9bca5c9968
KEYCLOAK-10964 Remove realm reimport in SAMLServletAdapterTest
2019-08-05 09:35:04 +02:00
Martin Bartos RH
da85cff53b
[KEYCLOAK-10458] Merge preview features test: RulesPolicyManagement
2019-08-01 14:34:51 +02:00
Sebastian Laskawiec
041208bd25
KEYCLOAK-10033 Prevent connections going stale
...
See https://stackoverflow.com/questions/10558791/apache-httpclient-interim-error-nohttpresponseexception
2019-07-30 18:13:10 +02:00
Martin Bartos RH
b18d88a37b
[KEYCLOAK-10066] Merge Preview Features Test: OpenshiftClientStorage
2019-07-30 14:20:54 +02:00
Pedro Igor
8b203d48ce
[KEYCLOAK-10949] - Proper error messages when failing to authenticate the request
2019-07-29 17:01:42 -03:00
Pedro Igor
967d21dbb5
[KEYCLOAK-10713] - Pagination to resources rest api
2019-07-29 16:19:22 -03:00
Stan Silvert
bc818367a1
KEYCLOAK-10854: App-initiated actions Phase I
2019-07-26 14:56:29 -03:00
Stan Silvert
6c79bdee41
KEYCLOAK-10854: App initiated actions phase I
2019-07-26 14:56:29 -03:00
mhajas
57a8fcb669
KEYCLOAK-10776 Add session expiration to Keycloak saml login response
2019-07-24 13:35:07 +02:00
mhajas
4b18c6a117
KEYCLOAK-7207 Check session expiration for SAML session
2019-07-24 13:35:07 +02:00
mhajas
bf33cb0cf9
KEYCLOAK-9102 Add tests for Saml RelayState
2019-07-24 12:28:00 +02:00
keycloak-bot
17e9832dc6
Set version to 8.0.0-SNAPSHOT
2019-07-19 19:05:03 +02:00
Leon Graser
e1cb17586f
display users in roles
2019-07-19 09:52:13 -04:00
Hynek Mlnarik
67f8622d13
KEYCLOAK-8318 Workaround Elytron's double encoding of the query parameters
...
Co-Authored-By: mhajas <mhajas@redhat.com>
2019-07-19 14:37:38 +02:00
mhajas
282569df23
KEYCLOAK-10797 Ignore test until the issue is resolved
2019-07-19 13:37:20 +02:00
Hynek Mlnarik
3d4283fac9
KEYCLOAK-9987 Upgrade to Wildfly17
...
Co-Authored-By: hmlnarik <hmlnarik@redhat.com>
2019-07-16 08:05:46 +02:00
Pedro Igor
5f5cb6cb7b
[KEYCLOAK-10808] - Do not show authorization tab when client is not confidential
2019-07-15 10:07:31 -03:00
Steeve Beroard
fc9a0e1766
[KEYCLOAK-8104] Keycloak SAML Adapter does not support clockSkew configuration
...
Co-Authored-By: vramik <vramik@redhat.com>
2019-07-15 13:08:52 +02:00
rmartinc
6d6db1f3e5
KEYCLOAK-10345: OCSP validation fails if there is no intermediate CA in the client certificate
2019-07-12 15:16:00 +02:00