Commit graph

21672 commits

Author SHA1 Message Date
mposolda
9474dd6208 KEYCLOAK-12986 BruteForceProtector does not log failures when login failure in PostBroker flow 2020-03-24 05:32:10 +01:00
Martin Kanis
e6e0e6945d KEYCLOAK-12156 LogoutEndpoint does not verify token type of id_token_hint
Co-authored-by: Martin Kanis <mkanis@redhat.com>
Co-authored-by: Marek Posolda <mposolda@redhat.com>
2020-03-24 05:31:36 +01:00
Stian Thorgersen
b2174664b5 Update profiles.adoc 2020-03-24 05:29:49 +01:00
Bruno Oliveira da Silva
5e101d20ca [KEYCLOAK-13393] Account2 marked as experimental 2020-03-24 05:29:40 +01:00
Martin Kanis
9336d598ba KEYCLOAK-13380 Validate alignment 2020-03-24 05:12:57 +01:00
Peter Skopek
2cccc97b2e KEYCLOAK-13390 license file update before 9.0.1 release 2020-03-23 20:19:16 +01:00
vmuzikar
03bce36b48 KEYCLOAK-13388 Trailing comma in tsconfig.json 2020-03-23 12:51:58 -04:00
Pedro Igor
ec63245ac8 [KEYCLOAK-13386] - SslRequired.EXTERNAL doesn't work for identity broker validations 2020-03-23 12:16:43 -03:00
Erik Jan de Wit
4279f5b54f KEYCLOAK-13379 added now excluded project files 2020-03-23 08:57:39 -04:00
mposolda
3e82473a90 KEYCLOAK-13369 Not possible to move groups in admin console 2020-03-23 10:17:23 +01:00
mposolda
61fd66e107 KEYCLOAK-13368 TestClassProvider undertow server not stopped after testsuite 2020-03-23 07:10:17 +01:00
Andy Munro
d6108871a2 KEYCLOAK-13271 Changed the port for the admin ui to 8180 to match procedure 2020-03-20 13:36:28 +01:00
Pavel Drozd
6cc897e319
KEYCLOAK-8372 - User Federation tests - fixing for different vendors (#6909) 2020-03-20 11:36:35 +01:00
Andy Munro
c026893bc4 KEYCLOAK-13308 adding steps to set the IPA user password 2020-03-20 08:16:20 +01:00
Dmitry Telegin
d0c60f4527 KEYCLOAK-12870 - Allow to pick arbitrary user for IdP linking 2020-03-20 07:41:44 +01:00
Dmitry Telegin
3b24465141
KEYCLOAK-12870 - Allow to pick arbitrary user for IdP linking (#6828)
* KEYCLOAK-12870 - Allow to pick arbitrary user for IdP linking

* KEYCLOAK-12870: always allow to choose user if password reset is called from first broker login flow

* KEYCLOAK-12870: remove "already authenticated as different user" check and message

* KEYCLOAK-12870: translations

* KEYCLOAK-12870: fix tests
2020-03-20 07:41:35 +01:00
Pedro Igor
2eab44d3f3 [KEYCLOAK-13273] - Remove group policy when group is removed 2020-03-20 07:40:18 +01:00
Martin Kanis
3d95637102 KEYCLOAK-13356 Update licenses for kerby-asn1 2020-03-19 17:59:52 +01:00
Peter Skopek
48e5e1a532 KEYCLOAK-13348 license files updates - due to broken product build 2020-03-19 16:35:25 +01:00
rmartinc
a8e74196d1 KEYCLOAK-4923: Client Service Account Roles are not exported 2020-03-19 11:38:33 -03:00
Peter Skopek
82267c9647 KEYCLOAK-12696 license files updates 2020-03-18 16:42:49 +01:00
Aboullos
f8dc7c0329 KEYCLOAK-13007 Add LDAPAccountTest 2020-03-18 10:11:59 -03:00
Takashi Norimatsu
fc58af1365 KEYCLOAK-12696 Upgrade to webauthn4j 0.10.2.RELEASE 2020-03-18 10:56:51 +01:00
vramik
86089d40b8 KEYCLOAK-13249 jpa-changelog-8.0.0.xml contains whitespace character 2020-03-18 09:36:23 +01:00
Stan Silvert
fff8571cfd KEYCLOAK-12768: Prevent reserved characters in URLs 2020-03-18 07:40:24 +01:00
Stan Silvert
256bbff769 KEYCLOAK-12844: keycloak.d.ts does not belong in new account console 2020-03-17 15:39:06 -03:00
vmuzikar
89f483d578 KEYCLOAK-13257 Fix WelcomeScreenTest.accountSecurityTest 2020-03-17 15:31:05 -03:00
vmuzikar
e4f7eb78b5 KEYCLOAK-13256 Fix WebAuthn in new Account Console tests 2020-03-17 15:31:05 -03:00
Stefan Guilhen
8c627fdb20 [KEYCLOAK-13036] Fix KeycloakElytronCSVaultTest failures on IBM JDK
- credential store is generated on the fly for the test, avoiding incompatibilities between implementations of keystores
2020-03-17 17:07:55 +01:00
stianst
aece5d1b4c KEYCLOAK-5162 Add index to even table 2020-03-17 17:05:21 +01:00
Hynek Mlnarik
c756744bd5 KEYCLOAK-13197 Add OpenJ9 variant of OpenShift guide 2020-03-17 15:52:42 +01:00
Pedro Igor
c201f92046 [KEYCLOAK-11282] - Release notes fixes to Spring Boot 2020-03-17 15:49:48 +01:00
Pedro Igor
84d099e48f [KEYCLOAK-11282] - Properly resolve config resolver
Co-authored-by: mhajas <mhajas@redhat.com>
2020-03-17 15:49:00 +01:00
Andy Munro
c1a7c5a1d0 Fixing link to work for EAP and Wildfly documentation. 2020-03-17 07:55:24 +01:00
mposolda
56d1ab19a8 KEYCLOAK-11412 Display more nice error message when creating top level group with same name 2020-03-16 21:03:46 +01:00
mposolda
d7688f6b12 KEYCLOAK-12869 REST sends credential type when no credential exists and credential disabled 2020-03-16 21:02:40 +01:00
Neon Ngo
16f57eb0d9 Update server version to 4.6.0 in known issue
* per author of KEYCLOAK-8954, Keycloak server 4.6.0 was when problem occurred.
* FYI: Keycloak gatekeeper 2.3.0 does work Keycloak server 8.0.1 without the workaround
2020-03-16 14:45:18 -03:00
Andy Munro
7b136740c2 KEYCLOAK-13168 correcting URL for API documentation 2020-03-16 15:57:38 +01:00
Andy Munro
c775efdf28 KEYCLOAK-12991 Identifying 3.11 as the OpenShift version 2020-03-16 15:53:45 +01:00
Thomas Delrue
aa41426f00 Update multi-tenancy.adoc
small typo
2020-03-16 15:52:33 +01:00
Stan Silvert
1f1ed36b71 KEYCLOAK-9782: Do not allow duplicate group name when updating 2020-03-13 10:13:45 -04:00
Pedro Igor
62f5850731 Fixing examples in master 2020-03-12 11:21:17 -03:00
Sebastian Laskawiec
8774a0f4ba KEYCLOAK-12881 KEYCLOAK-13099 Update FederatedIdentities and Groups on POST 2020-03-12 14:57:02 +01:00
stianst
ec1c21efe9 KEYCLOAK-12344 Update examples version 2020-03-12 09:22:51 +01:00
mposolda
72e4690248 KEYCLOAK-13174 Not possible to delegate creating or deleting OTP credential to userStorage 2020-03-11 12:51:56 +01:00
mposolda
803f398dba KEYCLOAK-12876 KEYCLOAK-13148 KEYCLOAK-13149 KEYCLOAK-13151 Re-introduce some changes to preserve UserStorage SPI backwards compatibility. Added test for backwards compatibility of user storage 2020-03-11 12:51:56 +01:00
Thomas Darimont
cd51ff3474 KEYCLOAK-13186 Remove role information from RefreshTokens
We now no longer expose role assignment information into the RefreshToken.

Previously RefreshTokens contained information about the realm and
client specific roles which are assigned to a user. Since the role
information is usually either taken from the AccessToken, IDToken or
the User-Info endpoint and the RefreshToken is an internal format which
is opaque to the client, it would be a waste of space to keep that
information in the RefreshToken.

See:
https://lists.jboss.org/pipermail/keycloak-dev/2019-April/011936.html
2020-03-11 06:28:22 +01:00
rmartinc
ad3b9fc389 KEYCLOAK-12579: LDAP groups duplicated during UI listing of user groups 2020-03-11 06:14:29 +01:00
mposolda
bc1146ac2f KEYCLOAK-10029 Offline token migration fix. Always test offline-token migration when run MigrationTest 2020-03-10 20:38:16 +01:00
stianst
db26520046 KEYCLOAK-13237 Allow look ahead window set to 0 for otp policy 2020-03-10 16:01:57 +01:00