Stian Thorgersen
d778a8551a
Use references to obtain the signed elements in a signature ( #188 ) ( #33190 )
...
Closes keycloak/keycloak-private#191
Closes #33116
Signed-off-by: rmartinc <rmartinc@redhat.com>
Co-authored-by: Ricardo Martin <rmartinc@redhat.com>
2024-09-23 13:51:46 +02:00
Giuseppe Graziano
c2c74faec0
Removing BOM character from SAML entity descriptor
...
Closes #30604
Signed-off-by: Giuseppe Graziano <g.graziano94@gmail.com>
2024-08-26 10:59:05 +02:00
Jon Koops
df18629ffe
Use a default Java version from root POM ( #29927 )
...
Signed-off-by: Jon Koops <jonkoops@gmail.com>
2024-06-21 14:19:31 +02:00
Thibault Morin
f6fa869b12
feat(SAML): add Artifact Binding on brokering scenarios when Keycloak is SP ( #29619 )
...
* feat: add Artifact Binding on brokering scenarios when Keycloak is SP
Signed-off-by: tmorin <git@morin.io>
* Adding broker test and minor improvements
Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
* Fixing IdentityProviderTest
Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
* Renaming methods related to idp initiated flows
Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
* Fixing partial_import_test.spec.ts
Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
---------
Signed-off-by: tmorin <git@morin.io>
Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
Co-authored-by: Pedro Igor <pigor.craveiro@gmail.com>
2024-06-14 08:54:49 -03:00
Dimitri Papadopoulos Orfanos
64a145e960
Fix user-facing typos in error messages ( #29326 )
...
Update resource file and tests accordingly
Signed-off-by: Dimitri Papadopoulos <3234522+DimitriPapadopoulos@users.noreply.github.com>
2024-05-16 09:55:41 +02:00
Dimitri Papadopoulos Orfanos
cd8e0fd333
Fix user-facing typos in Javadoc ( #28971 )
...
Signed-off-by: Dimitri Papadopoulos <3234522+DimitriPapadopoulos@users.noreply.github.com>
Co-authored-by: Erik Jan de Wit <erikjan.dewit@gmail.com>
2024-05-06 18:57:55 +00:00
Konstantinos Georgilakis
a40a953644
SAML element EncryptionMethod can consist any element
...
closes #12585
Signed-off-by: cgeorgilakis-grnet <cgeorgilakis@admin.grnet.gr>
2024-04-09 14:15:56 +02:00
Marek Posolda
335a10fead
Handle 'You are already logged in' for expired authentication sessions ( #27793 )
...
closes #24112
Signed-off-by: mposolda <mposolda@gmail.com>
2024-04-04 10:41:03 +02:00
Alexander Schwartz
595959398b
Instead of an InputStream that doesn't know about its encoding, use a String
...
Closes #20916
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
2024-03-07 10:24:36 +00:00
Ricardo Martin
2ba7a51da6
Escape action in the form_post response mode ( #60 )
...
Closes keycloak/keycloak-private#31
Closes https://issues.redhat.com/browse/RHBK-652
Signed-off-by: rmartinc <rmartinc@redhat.com>
2023-12-18 18:10:41 -03:00
rmartinc
16afecd6b4
Allow automatic download of SAML certificates in the identity provider
...
Closes https://github.com/keycloak/keycloak/issues/24424
Signed-off-by: rmartinc <rmartinc@redhat.com>
2023-11-29 18:03:31 +01:00
rmartinc
e17295d04a
Allow duplicated keys in the HardcodedKeyLocator
...
Closes https://github.com/keycloak/keycloak/issues/24961
Signed-off-by: rmartinc <rmartinc@redhat.com>
2023-11-27 19:29:57 -03:00
rmartinc
f8a9e0134a
Ensure that the EncryptedKey is passed to the DecryptionKeyLocator for SAML
...
Closes https://github.com/keycloak/keycloak/issues/22974
2023-09-20 15:09:18 +02:00
Thomas Darimont
82269f789a
Avoid using deprecated junit APIs in tests
...
- Replaced usage of Assert.assertThat with static import
- Replaced static import org.junit.Assert.assertThat with org.hamcrest.MatcherAssert.assertThat
Fixes : #22111
2023-08-01 11:44:25 +02:00
Martin Bartoš
6118e5cfb7
Use JakartaEE dependencies
...
---
Quarkus3 branch sync no. 14 (24.4.2023)
Resolved conflicts:
keycloak/pom.xml - Modified
---
Quarkus3 branch sync no. 5 (10.2.2023)
Resolved conflicts:
keycloak/pom.xml - Modified
2023-04-27 13:36:54 +02:00
Martin Bartoš
7cff857238
Migrate packages from javax.* to jakarta.*
...
---
Quarkus3 branch sync no. 14 (24.4.2023)
Resolved conflicts:
keycloak/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/federation/storage/ComponentExportImportTest.java - Modified
keycloak/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/DeclarativeUserTest.java - Modified
keycloak/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/federation/storage/FederatedStorageExportImportTest.java - Modified
keycloak/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/authentication/FlowTest.java - Modified
keycloak/services/src/main/java/org/keycloak/services/resources/admin/UserResource.java - Modified
---
Quarkus3 branch sync no. 13 (11.4.2023)
Resolved conflicts:
keycloak/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/pages/AccountTotpPage.java - Deleted
keycloak/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/federation/storage/BackwardsCompatibilityUserStorageTest.java - Modified
---
Quarkus3 branch sync no. 12 (31.3.2023)
Resolved conflicts:
keycloak/quarkus/runtime/src/main/java/org/keycloak/quarkus/runtime/services/resources/QuarkusWelcomeResource.java - Modified
keycloak/services/src/main/java/org/keycloak/protocol/saml/profile/util/Soap.java - Modified
keycloak/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/util/UserInfoClientUtil.java - Modified
keycloak/services/src/main/java/org/keycloak/protocol/oidc/endpoints/UserInfoEndpoint.java - Modified
keycloak/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/sessionlimits/UserSessionLimitsTest.java - Modified
---
Quarkus3 branch sync no. 10 (17.3.2023)
Resolved conflicts:
keycloak/services/src/main/java/org/keycloak/protocol/saml/SamlProtocolUtils.java - Modified
---
Quarkus3 branch sync no. 9 (10.3.2023)
Resolved conflicts:
keycloak/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/federation/kerberos/AbstractKerberosSingleRealmTest.java - Modified
keycloak/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/forms/LoginTest.java - Modified
---
Quarkus3 branch sync no. 8 (3.3.2023)
Resolved conflicts:
keycloak/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/util/SamlClient.java Modified - Modified
keycloak/services/src/main/java/org/keycloak/protocol/saml/SamlProtocol.java - Modified
keycloak/examples/providers/authenticator/src/main/java/org/keycloak/examples/authenticator/SecretQuestionAuthenticator.java - Modified
---
Quarkus3 branch sync no. 6 (17.2.2023)
Resolved conflicts:
keycloak/integration/admin-client/src/main/java/org/keycloak/admin/client/resource/ComponentsResource.java - Modified
keycloak/testsuite/utils/src/main/java/org/keycloak/testsuite/KeycloakServer.java - Modified
keycloak/services/src/main/java/org/keycloak/protocol/saml/installation/SamlSPDescriptorClientInstallation.java - Modified
---
Quarkus3 branch sync no. 5 (10.2.2023)
Resolved conflicts:
/keycloak/services/src/main/java/org/keycloak/social/google/GoogleIdentityProvider.java Modified - Modified
keycloak/services/src/main/java/org/keycloak/social/twitter/TwitterIdentityProvider.java - Modified
---
Quarkus3 branch sync no. 4 (3.2.2023)
Resolved conflicts:
keycloak/quarkus/runtime/src/main/java/org/keycloak/quarkus/runtime/integration/jaxrs/QuarkusKeycloakApplication.java - Modified
---
Quarkus3 branch sync no. 1 (18.1.2023)
Resolved conflicts:
keycloak/testsuite/client/ClientPoliciesTest.java - Deleted
keycloak/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/client/ClientRegistrationTest.java - Modified
keycloak/model/map-jpa/src/main/java/org/keycloak/models/map/storage/jpa/JpaModelCriteriaBuilder.java - Modified
2023-04-27 13:36:54 +02:00
rmartinc
04ac3a64ee
Adding support for rsa-oaep for SAML encryption
...
Closes https://github.com/keycloak/keycloak/issues/19689
2023-04-26 10:46:10 +02:00
Daniel Kobras
a45b5dcd90
Prefer cert over pubkey in SAML metadata
...
If SAML key material was given as a certificate, consistently
expose the certificate rather than just the public key when
presenting SAML metadata info. This change ensures that the
client obtains sufficient information (eg. issuer) to close
the trust chain.
Closes : #17549
Signed-off-by: Daniel Kobras <kobras@puzzle-itc.de>
2023-03-29 11:17:24 +02:00
rmartinc
cab7e50410
Better handling for SAML signatures in POST and REDIRECT bindings
...
Closes https://github.com/keycloak/keycloak/issues/17456
2023-03-15 09:06:59 -03:00
Jon Koops
972ebb9650
Use a valid SemVer format for the SNAPSHOT version ( #17334 )
...
* Use a valid SemVer format for the SNAPSHOT version
* Update pom.xml
* Update pom.xml
---------
Co-authored-by: Stian Thorgersen <stianst@gmail.com>
Co-authored-by: Stian Thorgersen <stian@redhat.com>
2023-03-03 11:11:44 +01:00
lpa
3cd413dee1
SOAP backchannel logout for SAML protocol
...
Closes #16293
2023-02-27 14:24:12 +01:00
laskasn
dc8b759c3d
Use encryption keys rather than sig for crypto in SAML
...
Closes #13606
Co-authored-by: mhajas <mhajas@redhat.com>
Co-authored-by: hmlnarik <hmlnarik@redhat.com>
2023-02-10 12:06:49 +01:00
Hynek Mlnarik
977cc473bb
Fix linebreaks in XML / SAML signatures
...
See https://bugs.openjdk.org/browse/JDK-8264194
See https://issues.apache.org/jira/browse/SANTUARIO-482
Fixes : #14529
2023-01-23 15:39:10 +01:00
Alexander Schwartz
0fee33bb95
Normalize JVM heap usage in tests and handle OOM situations
...
Closes #16089
2022-12-20 13:26:07 +01:00
David Anderson
a8db79a68c
Introduce crypto module using Wildfly Elytron ( #14415 )
...
Closes #12702
2022-09-27 08:53:46 +02:00
Sebastian Knauer
21f700679f
KEYCLOAK-19866 Fix user-defined- and xml-fragment-parsing/Add XPathAttributeMapper
2022-08-03 13:07:12 +02:00
Marek Posolda
4e4fc16617
Skip adding xmlsec security provider. Adding KeycloakFipsSecurityProvider to workaround 'Security.getInstance("SHA1PRNG")' ( #12786 )
...
Closes #12425 #12853
2022-07-26 16:40:36 +02:00
Marek Posolda
be1e31dc68
Introduce crypto/default module. Refactoring BouncyIntegration ( #12692 )
...
Closes #12625
2022-06-29 07:17:09 +02:00
Alexander Schwartz
850af55edc
Ensure that only JDK 8 APIs are used where JDK 8 is still required.
...
Closes #10842
2022-06-20 14:44:33 -03:00
Stian Thorgersen
e49e8335e0
Refactor BouncyIntegration ( #12244 )
...
Closes #12243
2022-06-07 09:02:00 +02:00
Stian Thorgersen
e3f3e65ac5
Remove JDK7 support for adapters ( #11607 )
...
Closes #11606
2022-04-27 08:33:23 +02:00
Michal Hajas
01e16a569d
Remove usage of BiFunction from keycloak-core module
...
Closes #11091
2022-04-04 15:52:09 +02:00
Francis PEROT
7555063ed9
Support 0/1 values for XML boolean attributes
...
Closes #10802
2022-03-31 09:36:35 +02:00
Kohei Tamura
05eb4b376d
Update DefaultPicketLinkLogger.java
2022-03-24 10:28:49 +01:00
Kohei Tamura
2c94370e8e
KEYCLOAK-19105 Fix to log the root cause of exception
...
Please refer to: https://issues.redhat.com/browse/KEYCLOAK-19105
2022-03-24 10:28:49 +01:00
keycloak-bot
c71aa8b711
Set version to 999-SNAPSHOT ( #10784 )
2022-03-22 09:22:48 +01:00
Yoann Guion
3d470126de
include AuthnContextDecl if present during SAML Assertion Serialization
...
Closes #10743
2022-03-16 12:12:35 +01:00
keycloak-bot
d9f1a9b207
Set version to 18.0.0-SNAPSHOT ( #10165 )
2022-02-11 21:28:06 +01:00
Hans-Christian Halfbrodt
d9d77fe1f7
Fix for KEYCLOAK-18914 ( #9355 )
...
Closed #9382
Co-authored-by: Hans-Christian Halfbrodt <hc-github42@halfbrodt.org>
2022-01-06 18:05:50 +01:00
keycloak-bot
9f3d4a7d42
Set version to 17.0.0-SNAPSHOT
2021-12-20 10:50:39 +01:00
Martin Bartoš
1e1a6779be
Issue 8814: Replace deprecated hamcrest-all dependencies
2021-11-23 13:56:28 +01:00
Konstantinos Georgilakis
63c9845cb9
KEYCLOAK-18276 client content screen enhancement
2021-11-18 13:15:02 +01:00
stianst
12c7bc7350
KEYCLOAK-19410 Compile issues in IntelliJ due to imports of sun packages
2021-09-28 14:59:33 +02:00
stianst
b04236f7de
Fix saml-core issues without changing Java version
2021-09-28 08:11:39 +02:00
stianst
9f79476520
KEYCLOAK-19403 Fix issues in IntelliJ
2021-09-28 08:11:39 +02:00
Sebastian Kanzow
4e8e4592ca
[KEYCLOAK-18419] Support SAML 2.0 Encrypted IDs in Assertion
2021-08-03 11:55:36 +02:00
keycloak-bot
262ec3d031
Set version to 16.0.0-SNAPSHOT
2021-07-30 14:56:10 +02:00
Sebastian Kanzow
a412bb7b99
[KEYCLOAK-18417] Skip SAML 2.0 AttributeValue with user-defined xsi types
2021-07-30 08:48:25 +02:00
Luca Leonardo Scorcia
6bd7420907
KEYCLOAK-17290 SAML Client - Generate AttributeConsumingService SP metadata section
2021-07-22 21:53:16 +02:00
Martin Bartoš
23e3bc5f8f
KEYCLOAK-18466 Configure HTTP client timeouts for adapters
2021-07-22 10:54:59 +02:00