Commit graph

13924 commits

Author SHA1 Message Date
Pedro Igor
ed0b5d4df1 [KEYCLOAK-8857] - Provide utility to create AuthzClient from InputStream 2018-12-03 11:14:43 -02:00
Pavel Drozd
bfafe65814 KEYCLOAK-8919 - SSSDTest updated error message in assert 2018-11-29 21:31:46 +01:00
vramik
1b8dc04459 KEYCLOAK-8817 skip EntitlementAPITest.testOfflineRequestingPartyToken for auth-server-undertow 2018-11-29 13:38:26 +01:00
Pedro Igor
4355c89b9d [KEYCLOAK-7365] - No need to check roles when refreshing tokens 2018-11-29 08:51:25 -02:00
rmartinc
1b37394276 KEYCLOAK-7242: LDAPS not working with truststore SPI and connection timeout 2018-11-29 11:21:46 +01:00
Hynek Mlnarik
ded82fff3d KEYCLOAK-8941 Fix order of stopping test servers 2018-11-29 11:16:34 +01:00
Sebastian Laskawiec
4fbbaf18aa KEYCLOAK-8830 Stabilize ExportImportTest 2018-11-29 10:33:00 +01:00
vramik
5ad929b9ee KEYCLOAK-8955 adapter installation fails on windows - eap7 2018-11-29 10:18:58 +01:00
Tomasz Prętki
2b9b1ba45f [KEYCLOAK-8823] - PathMatcher doesn't prefer overloaded templated resources 2018-11-28 11:39:11 -02:00
vramik
8b122de425 KEYCLOAK-8951 Update HOW-TO-RUN.md regarding fuse7 testing 2018-11-28 07:01:43 +01:00
vmuzikar
7d75377813 KEYCLOAK-8944 Fix ProfileAssume for backward adapter compat. testing 2018-11-27 13:58:41 +01:00
Stan Silvert
3c8dddf33e KEYCLOAK-8758: Implement i18n/l10n 2018-11-26 16:39:06 -05:00
Stefan Guilhen
311e848460 KEYCLOAK-8504 Ensure the authenticationFlowBindingOverrides client configuration references a valid authentication flow id when a realm is imported 2018-11-23 22:09:14 +01:00
Bruno Oliveira da Silva
607bb1b995 [KEYCLOAK-8943] Fix instructions to run Fuse 7 integration tests 2018-11-23 17:15:42 +01:00
Pedro Igor
91637120ee [KEYCLOAK-5052] - LDAP group names containing / in the name violates SIBILING_NAME constraint in db 2018-11-23 08:48:08 -02:00
Hynek Mlnarik
d90a5d1367 KEYCLOAK-8594 Fix missing option to Base64 encoder 2018-11-22 21:48:00 +01:00
Hynek Mlnarik
d395043fc7 KEYCLOAK-8707 Fix client template to scope migration 2018-11-22 15:07:47 +01:00
Hynek Mlnarik
c9cd060417 KEYCLOAK-8824 Fix servlet filter versions 2018-11-22 14:20:46 +01:00
vramik
abd6e560ac KEYCLOAK-8914 add missing dependency - keycloak-saml-servlet-filter-adapter 2018-11-22 11:29:22 +01:00
mposolda
6e93ca36af KEYCLOAK-8519 OIDCScopeTest.testClientDisplayedOnConsentScreenWithEmptyConsentText failing on Oracle 2018-11-22 09:30:01 +01:00
vramik
2d727fc54c KEYCLOAK-8909 fix KcOidcBrokerLogoutTest for product 2018-11-22 09:28:37 +01:00
mposolda
6db1f60e27 KEYCLOAK-7774 KEYCLOAK-8438 Errors when SSO authenticating to same client multiple times concurrently in more browser tabs 2018-11-21 21:51:32 +01:00
Stefan Guilhen
8af1ca8fc3 KEYCLOAK-8414 use the clientId when the ClientScopeModel is an instance of ClientModel 2018-11-20 15:08:10 +01:00
vramik
55f90ff09f KEYCLOAK-8837 Adapt TS to be able to test migration from 7.2.5.GA (instead from 7.2.0.GA) 2018-11-19 18:06:33 +01:00
Cédric Couralet
dc06a8cee3 Fix KEYCLOAK-8832 (#5735)
Avoid NullPointerException when browser sends "Origin" header and
allowedOrigin is null. This happens on chrome with admin console
2018-11-19 17:53:05 +01:00
Stian Thorgersen
f3bf1456ab
KEYCLOAK-8781 Mark OpenShift integration as preview. Fix issue in Profile where preview features was not enabled in preview mode. (#5738) 2018-11-19 17:32:21 +01:00
Hynek Mlnarik
548950ed8e KEYCLOAK-8756 Consider also required actions of AuthenticationSession 2018-11-19 16:04:43 +01:00
Marek Posolda
f67d6f9660 KEYCLOAK-8482 Access token should never contain azp as an audience (#5719) 2018-11-19 14:38:41 +01:00
Stian Thorgersen
a1d86fbce8
Prepare for RH-SSO 7.2.0.ER1 (#5729)
* Prepare for RH-SSO 7.2.0.ER1

* Update pom.xml
2018-11-19 14:33:20 +01:00
Stian Thorgersen
3756cf629b
KEYCLOAK-7081 Fixes for manual/qr mode switches on login config otp page (#5717) 2018-11-19 14:32:28 +01:00
Takashi Norimatsu
0793234c19 KEYCLOAK-8460 Request Object Signature Verification Other Than RS256 (#5603)
* KEYCLOAK-8460 Request Object Signature Verification Other Than RS256

also support client signed signature verification by refactored token
verification mechanism

* KEYCLOAK-8460 Request Object Signature Verification Other Than RS256

incorporate feedbacks and refactor client public key loading mechanism

* KEYCLOAK-8460 Request Object Signature Verification Other Than RS256

unsigned request object not allowed

* KEYCLOAK-8460 Request Object Signature Verification Other Than RS256

revert to re-support "none"
2018-11-19 14:28:32 +01:00
Hynek Mlnarik
461dae20de KEYCLOAK-8731 Ensure password history is kept in line with password policy 2018-11-19 12:48:51 +01:00
Stefan Guilhen
a3d4612edd KEYCLOAK-8854 Updated UserSessionPredicate.ExternalizerImpl to include the remember-me properties 2018-11-19 12:17:03 +01:00
mposolda
0533782d90 KEYCLOAK-7275 KEYCLOAK-5479 Faster offline sessions preloading at startup. Track lastSessionRefresh timestamps more properly by support bulk update to DB 2018-11-16 14:23:28 +01:00
Michael Gottlieb
3bdbbf41af KEYCLOAK-8702:Fix Offline Sessions requires column
Prevent RemoveDuplicateOfflineSessions from running when migration to 3.2.0 has been run.
This prevents running when the  database has already dropped CLIENT_SESSION_ID from  OFFLINE_CLIENT_SESSION table.
This change unblocks migrating from 3.2.0 to 4.4.0 and later.
2018-11-16 12:03:57 +01:00
Stan Silvert
0b36020bf5 KEYCLOAK-8759: Wrong RH-SSO name on Welcome Page 2018-11-15 13:00:55 -05:00
Leon Graser
85f11873c3 KEYCLOAK-8613 Group Membership Pagination 2018-11-15 17:54:07 +01:00
Gideon Caranzo
39bf08e1b9 KEYCLOAK-8783 also checked admin roles when realm admin client is specified 2018-11-15 14:23:18 +01:00
Gideon Caranzo
9f88abb022 KEYCLOAK-8783 only checked master and realm admin roles when roles are specified in imported realm 2018-11-15 14:23:18 +01:00
Boleslaw Dawidowicz
78b2067f73 List of adopters and contributors (#5709)
* List of adopters

* Update ADOPTERS.md
2018-11-15 08:14:38 +01:00
Thomas Darimont
cf57a1bc4b KEYCLOAK-1267 Add dedicated SSO timeouts for Remember-Me
Previously remember-me sessions where tied to the SSO max session
timeout which could lead to unexpected early session timeouts.
We now allow SSO timeouts to be configured separately for sessions
with enabled remember-me. This enables users to opt-in for longer
session timeouts.

SSO session timeouts for remember-me can now be configured in the
tokens tab in the realm admin console. This new configuration is
optional and will tipically host values larger than the regular
max SSO timeouts. If no value is specified for remember-me timeouts
then the regular max SSO timeouts will be used.

Work based on PR https://github.com/keycloak/keycloak/pull/3161 by
Thomas Darimont <thomas.darimont@gmail.com>
2018-11-15 06:11:22 +01:00
vmuzikar
8c650f9f6a KEYCLOAK-8793 Fix backward compatibility testing for adapters 2018-11-14 22:35:47 +01:00
vramik
22d8fb17f5 KEYCLOAK-8771 add jboss-jsp-api_2.3_spec dependency to app-server-undertow 2018-11-14 22:34:14 +01:00
vmuzikar
6cee8b126b KEYCLOAK-8792 Stabilize and fix Admin Console UI tests for RH-SSO 2018-11-14 22:32:11 +01:00
Pedro Igor
f5ae76d8e3 [KEYCLOAK-8768] - Policy evaluation tool failing when client is used and identity.getId is called 2018-11-14 19:16:41 -02:00
stianst
e391328b5d Don't fail on JavaDoc errors 2018-11-14 20:51:54 +01:00
stianst
ecd476fb10 Prepare for 4.7.0.Final 2018-11-14 20:10:59 +01:00
Hynek Mlnarik
c3778e66db KEYCLOAK-8260 Improve SAML conditions handling 2018-11-14 20:09:22 +01:00
Martin Kanis
6a23eb19f5 KEYCLOAK-8166 2018-11-14 20:09:22 +01:00
Martin Kanis
72b23c1357 KEYCLOAK-8160 2018-11-14 20:09:22 +01:00