Pedro Igor
b7e5db6534
[KEYCLOAK-18007] - Configure resolved paths with the method config from configuration
2021-05-25 09:48:30 -03:00
Pedro Igor
9ebbc7673c
[KEYCLOAK-18111] - Error when processing path without associated resource
2021-05-20 11:15:11 -03:00
Jeff MAURY
1be81bff7a
KEYCLOAK-17400: allow installed adapter to be reused ( #7853 )
...
* KEYCLOAK-17400: allow installed adapter to be reused
Also add a close method to stop callback if response has not been received yet
Signed-off-by: Jeff MAURY <jmaury@redhat.com>
2021-05-12 09:46:00 -03:00
Bruno Oliveira da Silva
bbc8d83f64
[KEYCLOAK-17997] Upgrade Spring Security
2021-05-10 12:15:01 -03:00
keycloak-bot
4b44f7d566
Set version to 14.0.0-SNAPSHOT
2021-05-06 14:55:01 +02:00
Bruno Oliveira da Silva
4f08912071
[KEYCLOAK-17989] Update Jetty to the latest version
2021-05-04 16:56:43 -03:00
Florian Roks
640cf499cc
KEYCLOAK-17804 added documentation to KeycloakConfigResolver-interface
2021-05-04 15:22:19 -03:00
David Weber
6f86241f60
KEYCLOAK-17665 Use setQueryString
...
Co-authored-by: Michal Hajas <mhajas@redhat.com>
2021-04-22 12:18:09 -03:00
David Weber
5d3f80ab57
KEYCLOAK-17665 Add query parameter support for Spring
2021-04-22 12:18:09 -03:00
Manuel Rauber
30e735dd25
KEYCLOAK-17684: fix TypeScript definition of createAccountUrl parameter ( #7917 )
2021-04-20 14:19:15 -04:00
Martin Bartoš
b237c503ba
KEYCLOAK-16913 Fix failed FuseAdapterTest
2021-04-14 09:51:02 +02:00
sma1212
e10f3b3672
[KEYCLOAK-17484] OIDC Conformance - Authorization response with Hybrid flow does not contain token_type ( #7872 )
...
* [KEYCLOAK-17484] fix oidc conformance for hybrid-flow
* [KEYCLOAK-17484] add TokenType & ExpiresIn to OAuth2Constants
* [KEYCLOAK-17484] add request validation for oidc-flows automated tests
2021-03-30 08:59:30 +02:00
Phillip Schichtel
f754b34c0c
KEYCLOAK-13633 Generalize GenericPrincipalFactory to PrincipleFactory
...
This allows to replace java.security.acl.Group usage only where necessary while keeping legacy adapter unchanged.
Signed-off-by: Phillip Schichtel <phillip@schich.tel>
2021-03-22 15:40:51 +01:00
Pascal Keßler
52db22925c
KEYCLOAK-13633 refactor(tomcat-adapter-spi): change to specific imports instead of star import
2021-03-22 15:40:51 +01:00
Pascal Keßler
b3ee471e11
KEYCLOAK-13633 refactor(tomcat-adapter-spi): remove usage of java.security.acl.Group to make jdk 15 possible
...
Signed-off-by: Phillip Schichtel <phillip@schich.tel>
2021-03-22 15:40:51 +01:00
Andrew Elwell
c76ca4ad13
Correct "doesn't exists" typos - fixes KEYCLOAK-14986 ( #7316 )
...
* Correct "doesn't exists" typos
* Revert changes to imported package
Co-authored-by: Stian Thorgersen <stianst@gmail.com>
2021-03-16 11:52:36 +01:00
Thomas Darimont
d2060913be
KEYCLOAK-14412 Fixed compiler error in JavascriptAdapterTests
2021-03-11 13:03:08 -03:00
Thomas Darimont
b926cd20f1
KEYCLOAK-14412 Keycloak.js should honor scopes configured in initOptions and loginOptions
2021-03-11 13:03:08 -03:00
Pedro Igor
40efbb0f9c
[KEYCLOAK-13942] - Invalidate pre-defined paths when paths are invalidated
2021-03-02 15:01:42 +01:00
Pedro Igor
1434695616
[KEYCLOAK-10752] - Passing id_token_hint when login out
2021-02-11 09:42:08 -03:00
Pedro Igor
f6c3ec5d9e
[KEYCLOAK-14366] - Missing check for iss claim in JWT validation on Client Authentication (Token Endpoint)
2021-02-09 13:54:06 +01:00
Katsiaryna Mikhalchanka
1c445cc4cc
KEYCLOAK-16798 Add guarding condition for multi-thread usage in KeycloakDeployment.java
2021-01-19 15:18:52 +01:00
Hynek Mlnarik
acfea8ecd2
KEYCLOAK-4250 Include certificates without name for validation
...
Nameless certificates are now included for signature validation
in the SAML adapter when the certificate is downloaded from
metadataUrl.
2021-01-15 22:03:16 +01:00
keycloak-bot
75be33ccad
Set version to 13.0.0-SNAPSHOT
2020-12-16 17:31:55 +01:00
Michal Hajas
a766a1dd16
KEYCLOAK-16074 Fix check3pCookiesSupported message callback
2020-11-13 16:01:50 -03:00
Miquel Simon
53dfa7c56b
KEYCLOAK-14109. Added profiles for Spring 2.3 version.
...
KEYCLOAK-14737. Updated Jetty version to 9.4.29, as required per Spring 2.3.
2020-11-13 12:09:22 -03:00
Martin Bartoš
da6c59f0c3
KEYCLOAK-15242 Error in application logs when refresh token is expired.
2020-11-05 14:40:53 +01:00
Pedro Igor
e70f702bc5
[KEYCLOAK-10790] - KeycloakInstalled adapter can not logoutDesktop more than once
2020-10-23 09:23:51 +02:00
Denis Richtárik
c8d0f2c59c
KEYCLOAK-15892 Can not install 7.4.3.CR1 Fuse adapter
2020-10-20 10:47:56 +02:00
mhajas
d266165f63
KEYCLOAK-14871 Whitelist RefreshableKeycloakSecurityContext for KeycloakPrincipal serialization
2020-10-14 16:00:39 +02:00
Hynek Mlnarik
4541a1b250
KEYCLOAK-15907 Fix new host in SAML adapter cannot restore session
2020-10-12 13:23:03 +02:00
testn
269a72d672
KEYCLOAK-15184: Use static inner class where possible
2020-10-09 23:37:08 +02:00
Thomas Darimont
152588ecc4
KEYCLOAK-13915 Update Jetty 9.4.x dependency to latest version
...
Adapted Jetty94SessionManager to workaround Jetty 9.4 API changes.
The Method org.eclipse.jetty.server.session.SessionHandler#getHttpSession
was changed from public to protected which makes it no longer accessible.
As a workaround the method contents were inlined.
2020-10-07 11:40:18 -03:00
vmuzikar
fbe18e67c3
KEYCLOAK-15721 KeycloakPromise sometimes doesn't work
2020-09-28 15:57:46 -03:00
vmuzikar
bca73fd04a
KEYCLOAK-15158 Javascript adapter init() is throwing a promise error after upgrade to 11
2020-09-22 10:56:46 -03:00
testn
2cd03569d6
KEYCLOAK-15238: Fix potential resource leak from not closing Stream/Reader
2020-09-21 13:05:03 +02:00
JF Denise
6a5c1defe1
[KEYCLOAK-14953] keycloak oidc/elytron adapter galleon-pack prototype
2020-09-17 23:27:25 -07:00
mhajas
b75ad2fbd8
KEYCLOAK-15259 Avoid using "null" Origin header as a valid value
2020-09-17 23:21:49 -07:00
testn
0362d3a430
KEYCLOAK-15113: Move away from deprecated Promise.success()/error()
2020-09-01 14:26:44 -04:00
Helder Alves
541063f2ce
KEYCLOAK-14940 refresh expired idtoken
2020-08-03 16:08:21 -03:00
Thomas Darimont
6806dfa4d3
KEYCLOAK-13721 Allow to configure host and port of callbackserver in KeycloakInstalled adapter
2020-07-29 10:00:36 +02:00
Gregor Tudan
5255336be2
Keycloak-14726 - release connections after fetching the OIDC-Config
2020-07-28 12:58:27 -03:00
Dan Manastireanu
1441e5d6f8
fix: Fix regex replacement for underscore and minus in parseToken. Closes #KEYCLOAK-14917
2020-07-28 10:39:45 -03:00
Alex Szczuczko
c7867c4c0d
KEYCLOAK-14875 Enable path cache when maxAge is -1, or greater than 0
2020-07-28 10:13:12 -03:00
Luca Leonardo Scorcia
da6530471b
KEYCLOAK-14742 SAML2NameIDPolicyBuilder: add AllowCreate and SPNameQualifier properties
2020-07-25 10:16:57 +02:00
keycloak-bot
afff0a5109
Set version to 12.0.0-SNAPSHOT
2020-07-22 14:36:15 +02:00
Jan Lieskovsky
969b09f530
[KEYCLOAK-13692] Upgrade to Wildfly "20.0.1.Final" and Infinispan "10.1.8.Final"
...
Co-authored-by: Jan Lieskovsky <jlieskov@redhat.com>
Co-authored-by: Marek Posolda <mposolda@redhat.com>
2020-07-20 22:15:08 +02:00
Jon Koops
098446b070
KEYCLOAK-14652 Align custom adapter example with documentation
2020-07-08 09:32:16 -03:00
Thoralf Rickert-Wendt
541bc5124f
switching to required=false
2020-07-06 11:47:41 -03:00
Thoralf Rickert-Wendt
0dd196e02a
Fixing issue https://issues.redhat.com/browse/KEYCLOAK-14520
2020-07-06 11:47:41 -03:00
Christian Lutz
6abae8bccc
KEYCLOAK-13807 Fix switch parameter order of mapping and url in registerConstraintMapping
2020-07-03 11:35:24 +02:00
vmuzikar
001fe9eb11
KEYCLOAK-13206 Session Status iframe cannot access cookies when 3rd party cookies are blocked
...
Co-authored-by: mhajas <mhajas@redhat.com>
2020-06-30 17:11:20 -03:00
Stefan Guilhen
76717134ba
[KEYCLOAK-12998] Prevent duplicate resources from being added to the keycloak-saml subsystem
...
- Fixes an issue in parser where the closing tag of the IDP element was in the wrong place, which could break the server configuration
- Parser now checks for duplicates of elements described with maxOccurs=1 in the schema
- Add handler for SP and IDP now check for existing SPs or IDPs in the config, preventing addition of a duplicate resource via CLI
- Subsystem test was enhanced so it now tests some invalid configs with duplicate elements
2020-06-23 20:03:36 +02:00
Simon Legner
3c0ecefacc
fix(keycloak.d.ts): class cannot extend interface
2020-06-22 13:22:35 -04:00
Jon Koops
c0744daa5b
KEYCLOAK-14496 Use KeycloakAdapter interface for 'adapter' option
...
Also improves documentation by adding more details and an explicit example on how to use the interface.
2020-06-18 18:09:19 -03:00
Jon Koops
6dde131609
KEYCLOAK-13739 Add missing type definition for register options
2020-06-17 15:26:15 -04:00
mhajas
5d1d75db40
KEYCLOAK-14103 Add Warn message for possibly missing SameSite configuration
2020-06-15 14:45:57 +02:00
Douglas Palmer
33863ba161
KEYCLOAK-10162 Usage of ObjectInputStream without checking the object types
...
Co-authored-by: mposolda <mposolda@gmail.com>
2020-06-08 13:12:08 +02:00
spurreiter
6332ed42c0
KEYCLOAK-13940 remove duplicated urlsafe decoding
2020-05-08 15:18:56 +02:00
Hynek Mlnarik
32f13016fa
KEYCLOAK-12874 Align Destination field existence check with spec
2020-05-04 09:19:44 +02:00
keycloak-bot
ae20b7d3cd
Set version to 11.0.0-SNAPSHOT
2020-04-29 12:57:55 +02:00
Pedro Igor
2e54ebda76
[KEYCLOAK-13579] - Ignore exceptions when shutting down loopback server
2020-04-29 12:33:35 +02:00
Stefan Guilhen
fd9c4e9228
[KEYCLOAK-12097] Fix NPE when trying to obtain the cache container name from jboss-web.xml
...
- check if the cache name as configured in jboss-web.xml is composite - i.e. has a 'parent.child' structure
2020-04-27 10:13:25 +02:00
Luke Nadur
74c379c3df
[KEYCLOAK-13586] Fix typos related to QueryParamterTokenRequestAuthenticator
2020-04-21 21:14:03 +02:00
Jon Koops
9f3b847817
KEYCLOAK-13714 Add missing type definition for logout options
2020-04-21 11:31:16 +02:00
keycloak-bot
33314ae3ca
Set version to 10.0.0-SNAPSHOT
2020-04-21 09:19:32 +02:00
Pedro Igor
acfbdf6b0e
[KEYCLOAK-13187] - Concurrency issue when refreshing tokens and updating security context state
2020-04-16 12:25:42 +02:00
stianst
1f02f87a6e
KEYCLOAK-13565 Add support for kc_action to keycloak.js
...
Co-authored-by mhajas <mhajas@redhat.com>
2020-04-14 19:23:56 +02:00
mhajas
10d92a01a6
KEYCLOAK-13577 Remove property from child class since parents class contains it
2020-03-26 09:55:52 -03:00
keycloak-bot
f6a592b15a
Set version to 9.0.4-SNAPSHOT
2020-03-24 08:31:18 +01:00
Pedro Igor
84d099e48f
[KEYCLOAK-11282] - Properly resolve config resolver
...
Co-authored-by: mhajas <mhajas@redhat.com>
2020-03-17 15:49:00 +01:00
Laure-Emmanuelle Issler
967ff939ec
KEYCLOAK-13026 Set path of OAuth_Token_Request_State cookie to /
2020-03-05 16:21:24 +01:00
Pedro Igor
30b07a1ff5
[KEYCLOAK-13175] - Setting the enforcement mode when fetching lazily fetching resources
2020-03-05 13:31:21 +01:00
Hynek Mlnarik
0cf0955318
KEYCLOAK-13181 Fix NPE in EAP 6 adapter
2020-03-04 10:19:43 +01:00
Jon Koops
c1bf183998
KEYCLOAK-9346 Add new KeycloakPromise to support native promises
...
Co-authored-by: mhajas <mhajas@redhat.com>
2020-03-04 08:53:35 +01:00
Thomas Kuestermann
8ed355a5fe
KEYCLOAK-12749 single worker/IO thread, use OAUTH2 constants
2020-03-03 12:39:19 -03:00
Thomas Kuestermann
22555371d8
KEYCLOAK-12749 fix "invalid state" error due to IE requesting favicon
...
Internet Explorer occasionally requests a favicon before doing the
actual redirect to localhost. This commit adds Undertow to properly
handle those unwanted requests.
2020-03-03 12:39:19 -03:00
mhajas
8061aa5217
KEYCLOAK-13161 Use iterator instead of for-each loop in ClientCredentialsProviderUtils
2020-02-28 16:22:03 +01:00
Erik Jan de Wit
8297c0c878
KEYCLOAK-11155 split on first '=' instead of all
2020-02-27 09:12:51 +01:00
keycloak-bot
d352d3fa8e
Set version to 9.0.1-SNAPSHOT
2020-02-17 20:38:54 +01:00
stianst
42773592ca
KEYCLOAK-9632 Improve handling of user locale
2020-02-14 08:32:20 +01:00
Pedro Igor
da0e2aaa12
[KEYCLOAK-12897] - Policy enforcer should just deny when beare is invalid
2020-02-07 15:04:45 +01:00
Stefan Guilhen
d943b8a9e3
[KEYCLOAK-12873] Fix differences between keycloak-saml.xml (adapter) and the keycloak-saml subsystem
2020-02-07 12:06:28 +01:00
Sebastian Laskawiec
9b2e7f6e2c
KEYCLOAK-12650 Fix NullPointerException when creating HttpClient
2020-02-05 15:52:33 +01:00
mhajas
fc7b769b6e
KEYCLOAK-6817 Ignore SniSSLSocketFactory exception for IBM jdk
2020-01-31 09:08:44 +01:00
Pedro Igor
2a82ed6eea
[KEYCLOAK-9402] - 401 response when enforcement mode is DISABLED
2020-01-30 11:09:32 +01:00
Takashi Norimatsu
993ba3179c
KEYCLOAK-12615 HS384 and HS512 support for Client Authentication by Client Secret Signed JWT ( #6633 )
2020-01-28 14:55:48 +01:00
vmuzikar
03306b87e8
KEYCLOAK-12125 Introduce SameSite attribute in cookies
...
Co-authored-by: mhajas <mhajas@redhat.com>
Co-authored-by: Peter Skopek <pskopek@redhat.com>
2020-01-17 08:36:53 -03:00
root
4cbe478129
Fix KEYCLOAK-10838, use bytesRead to make sure the output stream does not get padded with null bytes.
2020-01-14 13:20:10 +01:00
vramik
3b1bdb216a
KEYCLOAK-11486 Add support for system property or env variable in AllowedClockSkew in keycloak-saml subsystem
2020-01-14 13:17:13 +01:00
mhajas
a79d6289de
KEYCLOAK-11416 Fix nil AttributeValue handling
2020-01-10 12:47:09 +01:00
Pedro Igor
c596647241
[KEYCLOAK-11712] - Request body not buffered when using body CIP in Undertow
2020-01-09 10:02:18 +01:00
Michael Thirion
44ab3f46b7
[KEYCLOAK-6008] - Spring Boot does not honour wildcard auth-role ( #6579 )
2019-12-24 19:06:55 -03:00
Asbjørn Dyhrberg Thegler
1162455f32
KEYCLOAK-10894 Adds a ready indicating promise
...
This is non-intrusive and backwards compatible. With this change it is possible
to `await keycloakAuthorization.ready` to make sure the component has been
properly initialized.
2019-12-24 18:33:20 -03:00
Pedro Igor
e316e2a2f0
[KEYCLOAK-8616] - Process requests only if a deployment can be resolved
2019-12-20 13:33:12 +01:00
Pedro Igor
3bd193acd7
[KEYCLOAK-12412] - Policy enforcer should consider charset when comparing the content-type of the request
2019-12-19 14:14:33 +01:00
keycloak-bot
76aa199fee
Set version to 9.0.0-SNAPSHOT
2019-11-15 20:43:21 +01:00
scranen
2d3f771b70
Cookie token store not working in Spring Security adapter
...
Co-authored-by: scranen <scranen@gmail.com>
Co-authored-by: rainerfrey <frey.rainer@gmail.com>
Co-authored-by: pedroigor <pigor.craveiro@gmail.com>
2019-11-13 16:54:45 +01:00
Andrei Arlou
df5cdea1e8
KEYCLOAK-12006 Use diamond operator in module adapters/oidc/as7-eap6
2019-11-13 09:54:10 +01:00
Andrei Arlou
dca8835fbc
KEYCLOAK-12008 Fix minor warnings in module adapters/oidc/installed
2019-11-13 09:35:49 +01:00