Pedro Igor
|
d29d945cc4
|
[KEYCLOAK-18857] - Do not force default to RS256 when verifying tokens sent by clients and JWK does not hold an algorithm
|
2021-07-21 11:09:02 +02:00 |
|
Takashi Norimatsu
|
2c019c9ce5
|
KEYCLOAK-18832 FAPI-CIBA-ID1 conformance test : need to return 401 error=invalid_client if client authentication is not successfully completed on Backchannel Authentication endpoint
|
2021-07-21 10:13:55 +02:00 |
|
Takashi Norimatsu
|
8df36fbf28
|
KEYCLOAK-18828 FAPI-CIBA-ID1 conformance test : Additional checks of signed authentication request
|
2021-07-21 08:19:19 +02:00 |
|
Takashi Norimatsu
|
61fcbb307b
|
KEYCLOAK-18830 FAPI-CIBA-ID1 conformance test : HolderOfKeyEnforcerExecutor needs to be executed on CIBA token request
|
2021-07-21 08:07:50 +02:00 |
|
Pedro Igor
|
54a0e84070
|
[KEYCLOAK-18741] - Review error messages when validating PAR requests
|
2021-07-20 14:08:49 -03:00 |
|
Pedro Igor
|
7f34af4016
|
Revert "[KEYCLOAK-18425] - Allow mapping user profile attributes"
This reverts commit 3e07ca3c
|
2021-07-20 14:08:09 -03:00 |
|
mposolda
|
db7e247f7b
|
KEYCLOAK-18848 KEYCLOAK-18850 Enable CIBA and PAR by default
|
2021-07-20 15:59:06 +02:00 |
|
Takashi Norimatsu
|
f154b0b209
|
KEYCLOAK-18831 FAPI-CIBA-ID1 conformance test : need to return 400 if user authentication is not successfully completed
|
2021-07-20 10:46:16 +02:00 |
|
Takashi Norimatsu
|
e2c5fa20a2
|
KEYCLOAK-18849 Client Policy - Condition : ClientRolesCondition needs to be evaluated on PAR endpoint
|
2021-07-20 09:41:48 +02:00 |
|
Pedro Igor
|
396a78bcc4
|
[KEYCLOAK-18723] - Configurable constraints for request object encryption
|
2021-07-20 09:28:09 +02:00 |
|
Pedro Igor
|
730d4e8ac9
|
[KEYCLOAK-18807] - Fixing claims in JARM responses
|
2021-07-20 08:23:33 +02:00 |
|
Pedro Igor
|
13a08362d4
|
[KEYCLOAK-18819] - SecureResponseType executor shall allow response_type=code when using JARM and response_mode=jwt
|
2021-07-20 08:16:19 +02:00 |
|
Takashi Norimatsu
|
f76c07476c
|
KEYCLOAK-18827 FAPI-CIBA-ID1 conformance test : Client JWT authentication should allow Backchannel Authentication endpoint as audience
|
2021-07-20 06:39:28 +02:00 |
|
Takashi Norimatsu
|
02a9eb442d
|
KEYCLOAK-18829 FAPI-CIBA-ID1 conformance test : ClientRolesCondition needs to be evaluated on CIBA backchannel authentication request and token request
|
2021-07-20 06:31:10 +02:00 |
|
Pedro Igor
|
fe4e089e81
|
[KEYCLOAK-18745] - Client JWT authentication should allow PAR endpoint as audience
|
2021-07-19 14:23:53 -03:00 |
|
Vlastimil Elias
|
61aa4e6a70
|
KEYCLOAK-18750 - Set "Email Verified" to false when email changed in
UserProfile Provider
|
2021-07-19 11:19:29 -03:00 |
|
Takashi Norimatsu
|
f188f02d03
|
KEYCLOAK-18826 FAPI-CIBA-ID1 conformance test : ID Token needs to include auth_time claim
|
2021-07-19 15:11:23 +02:00 |
|
Takashi Norimatsu
|
63f04c1118
|
KEYCLOAK-18683 Client policy executor for check Backchannel signed request algorithms matching FAPI compliant algorithms
|
2021-07-19 14:48:31 +02:00 |
|
Pedro Igor
|
a79d28f115
|
[KEYCLOAK-18729] - Support JAR when using PAR
|
2021-07-19 11:42:20 +02:00 |
|
bal1imb
|
2c8d4ad9b4
|
KEYCLOAK-18590 Realm localizations of one realm must not affect themes displayed in context of other realms.
|
2021-07-16 16:12:58 +02:00 |
|
Pedro Igor
|
f1face6973
|
[KEYCLOAK-18748] - Do not remove attributes when declarative provider is enabled
|
2021-07-15 12:00:39 -03:00 |
|
Daniel Fesenmeyer
|
a25c70784c
|
KEYCLOAK-18467 support unicode for realm localization texts
|
2021-07-15 10:30:42 +02:00 |
|
vramik
|
a07f3f9608
|
KEYCLOAK-18688 Add testing composite roles in RoleInvalidationClusterTest
|
2021-07-15 10:18:57 +02:00 |
|
Vlastimil Elias
|
7618e66136
|
[KEYCLOAK-18541] separate template for IDP review page
|
2021-07-13 21:43:52 -03:00 |
|
vramik
|
00017b44a3
|
KEYCLOAK-18311 fix creation of roles during client registration
|
2021-07-12 11:39:47 +02:00 |
|
Pedro Igor
|
1baab67f3b
|
[KEYCLOAK-18630] - Request object encryption support
|
2021-07-09 11:27:30 -03:00 |
|
Vlastimil Elias
|
6686482ba5
|
[KEYCLOAK-18591] - Support a dynamic IDP user review form
|
2021-07-09 10:05:26 -03:00 |
|
Martin Bartoš
|
f3a96b9da9
|
KEYCLOAK-18644 New Account Console Tests failures
|
2021-07-09 11:56:02 +02:00 |
|
Takashi Norimatsu
|
7cdcf0f93e
|
KEYCLOAK-18654 Client Policy - Endpoint : support Token Request by CIBA Backchannel Authentication
|
2021-07-09 11:24:12 +02:00 |
|
Takashi Norimatsu
|
43eb2b7c90
|
KEYCLOAK-18123 Client Policy - Executor : Enforce Backchannel Authentication Request satisfying high security level
|
2021-07-09 09:11:13 +02:00 |
|
Takashi Norimatsu
|
63b737545f
|
KEYCLOAK-18653 Client Policy - Endpoint : support Pushed Authorization Request Endpoint
|
2021-07-09 09:06:38 +02:00 |
|
Pedro Igor
|
4099833be8
|
[KEYCLOAK-18693] - Declarative profile validating read-only attribute if it exists
|
2021-07-08 15:22:02 -03:00 |
|
Takashi Norimatsu
|
dce163d3e2
|
KEYCLOAK-18587 CIBA signed request: Client must configure the algorithm
|
2021-07-08 10:16:22 +02:00 |
|
Benjamin Weimer
|
8c1ea60b04
|
* Add sid claim to ID Token
* deprecate session state parameter in ID Token
* remove charset=UTF-8 from backchannel logout post request Content-Type header
|
2021-07-06 15:30:53 -03:00 |
|
Takashi Norimatsu
|
2b1624390a
|
KEYCLOAK-17937 Client Policy - Endpoint : support CIBA Backchannel Authentication Endpoint
|
2021-07-03 08:57:20 +02:00 |
|
Hryhorii Hevorkian
|
2803685cd7
|
KEYCLOAK-18353 Implement Pushed Authorization Request inside the Keycloak
Co-authored-by: Takashi Norimatsu <takashi.norimatsu.ws@hitachi.com>
Co-authored-by: mposolda <mposolda@gmail.com>
|
2021-07-03 08:47:42 +02:00 |
|
lbortoli
|
e5ae113453
|
KEYCLOAK-18452 FAPI JARM: JWT Secured Authorization Response Mode for OAuth 2.0
|
2021-07-03 00:00:32 +02:00 |
|
Vlastimil Elias
|
04ff2c327b
|
[KEYCLOAK-18429] Support a dynamic update profile form
|
2021-07-02 10:22:47 -03:00 |
|
Vlastimil Elias
|
f32447bcc1
|
[KEYCLOAK-18424] GUI order for user profile attributes
|
2021-07-02 08:37:24 -03:00 |
|
Pedro Igor
|
b26b41332e
|
[KEYCLOAK-18626] - Avoid changing username when registration as email is enabled
|
2021-07-02 08:07:04 -03:00 |
|
Pedro Igor
|
3e07ca3c22
|
[KEYCLOAK-18425] - Allow mapping user profile attributes
|
2021-07-01 10:19:28 -03:00 |
|
vramik
|
2b9b50d50a
|
KEYCLOAK-18194 fix migration of default role when realm id contains apostrophe
|
2021-07-01 11:22:11 +02:00 |
|
lbortoli
|
164f3df080
|
KEYCLOAK-18502 - Support for additional parameters from the backchannel authentication request and backchannel authentication callback.
|
2021-07-01 00:31:26 +02:00 |
|
Luca Leonardo Scorcia
|
ae98d8ea28
|
KEYCLOAK-18315 SAML Client - Add parameter to request specific AttributeConsumingServiceIndex
|
2021-06-29 16:22:38 +02:00 |
|
Martin Bartoš
|
9dc7300178
|
KEYCLOAK-18391 CIBATest failures
|
2021-06-29 16:15:12 +02:00 |
|
Sebastian Rose
|
ca6b78b730
|
KEYCLOAK-18390 GroupProvider search implementation of JPA and Map delivers different results
|
2021-06-29 14:59:01 +02:00 |
|
Martin Bartoš
|
8a82130579
|
KEYCLOAK-18505 ConfigMigrationTest failures
|
2021-06-29 10:15:04 +02:00 |
|
Takashi Norimatsu
|
57c80483bb
|
KEYCLOAK-17936 FAPI-CIBA : support Signed Authentication Request
Co-authored-by: Pritish Joshi <pritish@banfico.com>
Co-authored-by: mposolda <mposolda@gmail.com>
|
2021-06-29 08:07:40 +02:00 |
|
Pedro Igor
|
948f453e2d
|
[KEYCLOAK-18427] - Allowing switching to declarative provider
|
2021-06-28 15:50:04 -03:00 |
|
Vlastimil Elias
|
512bcd14f7
|
[KEYCLOAK-18428] - dynamic registration form
|
2021-06-25 17:11:15 -03:00 |
|