Commit graph

2104 commits

Author SHA1 Message Date
vmuzikar
072cd9f93f KEYCLOAK-12329 Fix linking accounts in the new Account Console 2019-12-03 18:49:40 -03:00
Martin Kanis
73d1a26040 KEYCLOAK-11773 Front-channel logout with identity brokering does not work after browser restart 2019-12-03 08:17:54 +01:00
vmuzikar
f426643225 KEYCLOAK-11744 KEYCLOAK-11271 New Account Console testsuite 2019-11-28 08:32:48 -03:00
Jan Lieskovsky
9a5fda5ec9 [KEYCLOAK-11748] Add multiple OTP tokens configured Direct Access Grant test (#6546)
Add a Direct Access Grant test to verify, when the user has multiple OTP
authenticators configured, they can properly login using the 1-th one of
them (IOW the 1-th OTP token is the preferred credential)

Signed-off-by: Jan Lieskovsky <jlieskov@redhat.com>
2019-11-28 09:34:53 +01:00
harture
129c689855 [KEYCLOAK-12253] Fix conditional authenticators are evaluated even if they are disabled (#6553) 2019-11-28 09:30:31 +01:00
Martin Kanis
685d49c693 KEYCLOAK-11967 Violation of UNIQUE KEY constraint SIBLING_NAMES (#6485) 2019-11-26 16:00:50 +01:00
rmartinc
82ef5b7927 KEYCLOAK-12000: Allow overriding time lifespans on a SAML client 2019-11-26 10:02:34 +01:00
Pedro Igor
cee884e4a7 [KEYCLOAK-8406] - Remove Drools/Rules Policy 2019-11-22 15:38:51 +01:00
Yoshiyuki Tabata
0a9d058b81 KEYCLOAK-12150 change error response from invalid_request to unsupported_grant_type 2019-11-22 11:11:07 +01:00
Yoshiyuki Tabata
a36cfee84b KEYCLOAK-12149 change error response from invalid_grant to unauthorized_client 2019-11-22 11:10:16 +01:00
Yoshiyuki Tabata
4117710379 KEYCLOAK-12019 change error response from unsupported_response_type to unauthorized_client 2019-11-22 11:03:02 +01:00
Martin Kanis
50ec24557e KEYCLOAK-12117 X509BrowserLoginTest failing in pipeline 2019-11-21 11:35:10 +01:00
stianst
3731e36ece KEYCLOAK-12069 Add account-console client for new account console 2019-11-20 08:48:40 -05:00
Ramon Spahr
0f00e23f96 KEYCLOAK-10977 Allow disabling Kerberos athentication with LDAP federation provider (#6422) 2019-11-18 14:12:26 +01:00
Stefan Guilhen
9a7c1a91a5 KEYCLOAK-10780 Stop creating placeholder e-mails for service accounts (#228) 2019-11-15 15:08:29 +01:00
k-tamura
43e2370f21 KEYCLOAK-11772 Fix temporary credential property to work correctly 2019-11-15 08:48:12 +01:00
stianst
3a36569e20 KEYCLOAK-9129 Don't expose Keycloak version in resource paths 2019-11-15 08:21:28 +01:00
AlistairDoswald
4553234f64 KEYCLOAK-11745 Multi-factor authentication (#6459)
Co-authored-by: Christophe Frattino <christophe.frattino@elca.ch>
Co-authored-by: Francis PEROT <francis.perot@elca.ch>
Co-authored-by: rpo <harture414@gmail.com>
Co-authored-by: mposolda <mposolda@gmail.com>
Co-authored-by: Jan Lieskovsky <jlieskov@redhat.com>
Co-authored-by: Denis <drichtar@redhat.com>
Co-authored-by: Tomas Kyjovsky <tkyjovsk@redhat.com>
2019-11-14 14:45:05 +01:00
Andy Munro
e7e49c13d5 KEYCLOAK-11413 Update UI messages
Co-authored-by: stianst <stianst@gmail.com>

Made a couple more spelling corrections.
2019-11-14 12:31:05 +01:00
Martin Kanis
25511d4dbf KEYCLOAK-9651 Wrong ECDSA signature R and S encoding 2019-11-13 15:32:51 +01:00
stianst
b8881b8ea0 KEYCLOAK-11728 New default hostname provider
Co-authored-by: Hynek Mlnarik <hmlnarik@redhat.com>
2019-11-11 12:25:44 +01:00
Patrick Teubner
b3d87b52c2 KEYCLOAK-11888 Fix inconsistent pagination of groups by ordering the results of 'getTopLevelGroupIds' query 2019-11-11 09:22:51 +01:00
stianst
062841a059 KEYCLOAK-11898 Refactor AIA implementation 2019-11-08 16:03:07 -03:00
Martin Bartoš
bf8184221a KEYCLOAK-11838: Fixed unstable RefreshTokenTest (#6455) 2019-11-08 08:53:23 +01:00
mhajas
b74f69c5ac KEYCLOAK-11779 Make feature controller which takes care of enabling/disabling features including restarting container if needed 2019-11-07 09:35:11 +01:00
vmuzikar
b13fa2d16a KEYCLOAK-11602 Add token exchange test to OpenShift 3 social login test 2019-11-06 06:49:10 -03:00
Stan Silvert
041229f9ca KEYCLOAK-7429: Linked Accounts REST API 2019-11-05 16:03:21 -05:00
Peter Skopek
d0386dab85 KEYCLOAK-8785 remove k_version endpoint (#6428) 2019-11-05 11:35:55 +01:00
Douglas Palmer
a32c8c5190 [KEYCLOAK-11185] Fixed build with JDK 11 2019-11-04 10:56:07 -03:00
Martin Bartoš
e3d755fe9d KEYCLOAK-11729: ExtendingThemeTest is failing with auth-server-wildfly (#6410) 2019-11-04 11:27:03 +01:00
Benjamin Bentmann
d6f56e58c1 KEYCLOAK-11806 Fix SAML adapter to not fail upon receiving a login response without the optional Destination attribute 2019-10-29 23:12:15 +01:00
pkokush
ff551c5545 KEYCLOAK-10307: check password history length in password verification (#6058) 2019-10-24 21:33:21 +02:00
Takashi Norimatsu
1905260eac KEYCLOAK-11251 ES256 or PS256 support for Client Authentication by Signed JWT (#6414) 2019-10-24 17:58:54 +02:00
Hynek Mlnarik
783545572a KEYCLOAK-11684 Add support to display passwords in password fields
Add UI tests for KEYCLOAK-11684

Co-authored-by: stianst <stianst@gmail.com>
Co-authored-by: vmuzikar <vmuzikar@redhat.com>
2019-10-23 15:30:11 +02:00
mposolda
0cb8730df8 KEYCLOAK-11474 Fix LDAPGroupMapper tests with MySQL and MariaDB 2019-10-23 14:55:33 +02:00
Hynek Mlnarik
f0685cc246 KEYCLOAK-11739 Ensure unique / PK constraint in JPA is on par with Liquibase 2019-10-23 14:53:17 +02:00
Pedro Igor
bb4ff55229 [KEYCLOAK-10868] - Deploy JavaScript code directly to Keycloak server
Conflicts:
	testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/example/authorization/AbstractPhotozExampleAdapterTest.java

(cherry picked from commit 338fe2ae47a1494e786030eb39f908c964ea76c4)
2019-10-22 10:34:24 +02:00
Pedro Igor
bad9e29c15 [KEYCLOAK-10870] - Deprecate support for JavaScript policy support from UMA policy endpoint
Conflicts:
	testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/authz/UserManagedPermissionServiceTest.java

(cherry picked from commit 13923a7683cb666d2842bc61429c23409c1493b6)
2019-10-22 10:34:24 +02:00
Jan Lieskovsky
f2e5f9dedd [KEYCLOAK-11717] Drop the public key credential related elements (#6407)
from the Edit Account screen of the Account console

Add a testcase for it

Signed-off-by: Jan Lieskovsky <jlieskov@redhat.com>
2019-10-21 19:54:39 +02:00
Martin Kanis
37304fdd7d KEYCLOAK-10728 Upgrade to WildFly 18 Final 2019-10-21 14:06:44 +02:00
Martin Reinhardt
5ad05c9317 [KEYCLOAK-6376] Directly create group 2019-10-21 10:41:04 +02:00
Martin Reinhardt
21a62a2670 [KEYCLOAK-6376] Reorganize imports and revert pom changes 2019-10-21 10:41:04 +02:00
Martin Reinhardt
28748ebf3f [KEYCLOAK-6376] Fix NPE and test setup 2019-10-21 10:41:04 +02:00
Martin Reinhardt
f18c8b9da5 [KEYCLOAK-6376] Switching to arquillian end2end tests 2019-10-21 10:41:04 +02:00
k-tamura
4a8065ec6b Add test method pointed out on review 2019-10-21 10:36:16 +02:00
Kohei Tamura
59ba874e1d KEYCLOAK-10945 Avoid lockout when clicking login twice 2019-10-21 10:36:16 +02:00
Pedro Igor
6acb87bd7a [KEYCLOAK-10822] - Prevent access to users from another realm 2019-10-21 10:32:50 +02:00
Martin Bartoš
ad9641722f KEYCLOAK-11613 Chrome Testing API (#6385) 2019-10-18 10:50:28 +02:00
stianst
31ed01a6de KEYCLOAK-11754 Prevent AbstractKeycloakTest from inititating backchannel logout on cleanup 2019-10-17 12:56:31 +02:00
mhajas
9cb2f1afdc KEYCLOAK-11530 Do not enable/disable vault before/after test method but before/after class 2019-10-17 09:55:06 +02:00
Pedro Igor
17785dac08 [KEYCLOAK-10714] - Add filtering support in My Resources endpoint by name 2019-10-16 16:26:55 +02:00
Tomas Kyjovsky
c2273e8f49 KEYCLOAK-11547 (#6341)
- Fixing `X509OCSPResponderTest.loginOKOnOCSPResponderRevocationCheckWithoutCA` test case on Windows
2019-10-15 15:56:29 +02:00
mposolda
f0a506a143 KEYCLOAK-11691 Broker tests re-structure 2019-10-14 11:38:09 +02:00
mhajas
2f44c58a0d KEYCLOAK-11495 Change name of PlaintextVaultProvider to FilesPlaintextVaultProvider 2019-10-09 14:48:00 +02:00
Hisanobu Okuda
75a44696a2 KEYCLOAK-10636 Large Login timeout causes login failure
KEYCLOAK-10637 Large Login Action timeout causes login failure
2019-10-07 13:27:20 +02:00
Cédric Couralet
5f006b283a KEYCLOAK-8316 Add an option to ldap provider to trust emails on import
Signed-off-by: Cédric Couralet <cedric.couralet@insee.fr>
2019-10-04 16:28:02 +02:00
Axel Messinese
f3607fd74d KEYCLOAK-10712 get groups full representation endpoint 2019-10-03 11:26:30 +02:00
Takashi Norimatsu
66de87a211 KEYCLOAK-11253 Advertise acr claim in claims_supported Server Metadata 2019-10-03 11:25:45 +02:00
Vincent Letarouilly
6b36e57593 KEYCLOAK-6698 - Add substitution of system properties and environment variables in theme.properties file 2019-10-01 16:34:54 +02:00
Takashi Norimatsu
6c9cf346c6 KEYCLOAK-11252 Implement Server Metadata of OAuth 2.0 Mutual TLS Client Authentication 2019-10-01 15:27:59 +02:00
Takashi Norimatsu
7c75546eac KEYCLOAK-9360 Two factor authentication with W3C Web Authentication - 1st impl phase
* KEYCLOAK-9360 Two factor authentication with W3C Web Authentication - 1st impl phase
2019-10-01 15:17:38 +02:00
mhajas
f852ef157d KEYCLOAK-11470 Fix rebase issue 2019-10-01 08:20:55 +02:00
mhajas
6f097bdf89 KEYCLOAK-11470 Remove Assertj from testsuite
There is no reason to use more types of assertions and we already
heavily use hamcrest
2019-09-30 13:16:01 +02:00
vramik
b1697a5e71 KEYCLOAK-11069 auth-server-remote tests 2019-09-30 10:29:51 +02:00
Mathieu CLAUDEL
2fb507e170 KEYCLOAK-10802 add support of SAMLv2 ForceAuthn 2019-09-27 09:55:54 +02:00
vmuzikar
1cdc5e1969 KEYCLOAK-11514 Add option to download specific WebDriver binaries versions 2019-09-26 09:54:30 -03:00
Benjamin Weimer
2b1acb99a2 KEYCLAOK-9999 fix client import (#6136) 2019-09-23 13:08:24 +02:00
mhajas
f810e85526 KEYCLOAK-11316 Fix Photoz instabilities on windows
Error message: Cannot read property 'token_endpoint' of undefined
2019-09-20 13:12:09 +02:00
Hisanobu Okuda
da49dbce2b KEYCLOAK-10770 user-storage/{id}/sync should return 400 instead of 404 2019-09-20 11:17:09 +02:00
mhajas
37b7b595a5 KEYCLOAK-11410 Do not throw exception in PlaintextVaultProvider if unconfigured 2019-09-19 14:56:19 +02:00
rradillen
b71198af9f [KEYCLOAK-8575] oidc idp basic auth (#6268)
* [KEYCLOAK-8575] Allow to choose between basic auth and form auth for oidc idp

* uncomment ui and add tests

* move basic auth to abstract identity provider (except for getting refresh tokens)

* removed duplications
2019-09-19 14:36:16 +02:00
rmartinc
7f54a57271 KEYCLOAK-10757: Replaying assertion with signature in SAML adapters 2019-09-18 16:49:00 +02:00
madgaet
c35718cb87 [KEYCLOAK-9809] Support private_key_jwt authentication for external IdP 2019-09-17 16:04:23 +02:00
Jan Lieskovsky
63e9eec52d [KEYCLOAK-11415] Switch the 'GroupMapperConfig.PRESERVE_GROUP_INHERITANCE' setting reliably
Use own, separate context when trying to switch 'GroupMapperConfig.PRESERVE_GROUP_INHERITANCE'
group mapper config setting to 'false' (or back), across the various tests from LDAPGroupMapperSyncTest
suite. This makes the test results deterministic again (prevents 'test02_syncWithGroupInheritance()'
and 'test03_syncWithDropNonExistingGroups()' tests randomly to fail depending if attempt
to reset the 'GroupMapperConfig.PRESERVE_GROUP_INHERITANCE' back to 'true' in previous
'test01_syncNoPreserveGroupInheritance()' test succeeded, or not)

Signed-off-by: Jan Lieskovsky <jlieskov@redhat.com>
2019-09-16 20:42:46 +02:00
Jan Lieskovsky
7ab854fecf [KEYCLOAK-8253] When syncing flat (all groups being the top-level ones) structure
of LDAP groups from federation provider to Keycloak, perform the search if the
currently processed group already exists in Keycloak in log(N) time

Signed-off-by: Jan Lieskovsky <jlieskov@redhat.com>
2019-09-12 20:14:18 +02:00
Jan Lieskovsky
cfb225b499 [KEYCLOAK-8253] Improve the time complexity of LDAP groups synchronization
(in the direction from LDAP provider to Keycloak) from exponential to
linear time in the case of syncing flat LDAP groups structure

Add a corresponding test (intentionally configured as to be ignored
by CI/CD due to higher demand on time, required fo the test completion)

Signed-off-by: Jan Lieskovsky <jlieskov@redhat.com>
2019-09-12 09:54:13 +02:00
Cédric Couralet
9c37da0ee9 KEYCLOAK-8818 Support message bundle in theme resources 2019-09-11 08:03:16 +02:00
mhajas
2703388946 KEYCLOAK-11245 Adapt LDAPConnectionTestManager to use newly introduced LDAPContextManager 2019-09-10 22:51:19 +02:00
mhajas
9c2525ec1a KEYCLOAK-11245 Use transcription object for LDAP bindCredential 2019-09-09 19:39:53 +02:00
Martin Kanis
4235422798 KEYCLOAK-11246 Use the transcription object for SMTP password 2019-09-09 13:27:11 +02:00
Hynek Mlnarik
9eb2e1d845 KEYCLOAK-11028 Use pessimistic locks to prevent DB deadlock when deleting objects 2019-09-09 10:57:49 +02:00
Stefan Guilhen
60205845a8 [KEYCLOAK-7264] Add a RoleMappingsProvider SPI to allow for the configuration of custom role mappers in the SAML adapters.
- Provides a default implementation based on mappings loaded from a properties file.
 - Role mappers can also be configured in the keycloak-saml susbsytem.
2019-09-09 05:24:25 -03:00
rmartinc
a726e625e9 KEYCLOAK-10782: Credentials tab on clients can only be displayed with view-realm 2019-09-06 16:45:08 -03:00
Martin Kanis
b1be6c2bdd KEYCLOAK-11247 Use the transcription object for Identity providers password 2019-09-06 15:29:11 +02:00
Pedro Igor
a1d8850373 [KEYCLOAK-7416] - Device Activity 2019-09-05 11:43:27 -03:00
Sebastian Laskawiec
69d6613ab6 KEYCLOAK-10169 OpenShift 4 Identity Provider 2019-09-05 16:33:59 +02:00
vmuzikar
2f9d875840 KEYCLOAK-11286 Fix tests in "other" module 2019-09-05 16:29:09 +02:00
Stefan Guilhen
bb9c811a65 [KEYCLOAK-10935] Add a vault transcriber implementation that can be obtained from the session.
- automatically parses ${vault.<KEY>} expressions to obtain the key that contains the secret in the vault.
 - enchances the capabilities of the VaultProvider by offering methods to convert the raw secrets into other types.
2019-09-04 22:34:08 +02:00
mposolda
3a19db0c9d KEYCLOAK-10921 Fix unstable RefreshTokenTest 2019-09-04 05:54:26 -03:00
Martin Bartos RH
a0ba6e593e [KEYCLOAK-11024] RulesPolicyManagementTest failing with auth-server-undertow in universal pipeline 2019-09-02 11:58:30 +02:00
Niko Köbler
49e9cd759b KEYCLOAK-10734 Let the check-sso feature do the check in hidden iframe 2019-08-20 15:41:09 -03:00
Pedro Igor
e12c245355 [KEYCLOAK-10779] - CSRF check to My Resources
(cherry picked from commit dbaba6f1b8c043da4a37c906dc0d1700956a0869)
2019-08-20 06:35:00 -03:00
Hynek Mlnarik
97811fdd51 KEYCLOAK-10786 Check signature presence in SAML broker
(cherry picked from commit ba9f73aaff22eb34c7dec16f4b76d36d855d569b)
2019-08-20 06:35:00 -03:00
Leon Graser
0ce10a3249 [KEYCLOAK-10653] Manage Consent via the Account API 2019-08-20 06:24:44 -03:00
Pedro Igor
3f2a38936c [KEYCLOAK-11154] - Unstable Photoz Adapter Tests 2019-08-19 16:04:24 -03:00
Nemanja Hiršl
411ea331f6 KEYCLOAK-10785 X.509 Authenticator - Update user identity source mappers
Update user identity sources and the way how X.509 certificates are mapped to the user to:
1. Include "Serial number + Issuer DN" as described in RFC 5280
2. Include "Certificate's SHA256-Thumbprint"
3. Exclude "Issuer DN"
4. Exclude "Issuer Email"

Add an option to represent serial number in hexadecimal format.

Documentation PR created: https://github.com/keycloak/keycloak-documentation/pull/714
KEYCLOAK-10785 - Documentation for new user identity source mappers
2019-08-16 11:35:50 -03:00
Takashi Norimatsu
8225157a1c KEYCLOAK-6768 Signed and Encrypted ID Token Support 2019-08-15 15:57:35 +02:00
Martin Bartos RH
925864530a KEYCLOAK-10457 Merge preview features test: SocialLoginTest 2019-08-14 22:09:59 +02:00
Peter Skopek
71eed3af06 KEYCLOAK-10792 MigrationTest fails in pipeline: fix log file checker to start from the right position after server restart 2019-08-12 15:41:56 +02:00
Martin Bartos RH
9d67e92117 [KEYCLOAK-10465] Merge preview features test: OpenShiftTokenReviewEndpoint 2019-08-06 12:57:33 +02:00
Hynek Mlnarik
9bca5c9968 KEYCLOAK-10964 Remove realm reimport in SAMLServletAdapterTest 2019-08-05 09:35:04 +02:00
Martin Bartos RH
da85cff53b [KEYCLOAK-10458] Merge preview features test: RulesPolicyManagement 2019-08-01 14:34:51 +02:00
Sebastian Laskawiec
041208bd25 KEYCLOAK-10033 Prevent connections going stale
See https://stackoverflow.com/questions/10558791/apache-httpclient-interim-error-nohttpresponseexception
2019-07-30 18:13:10 +02:00
Martin Bartos RH
b18d88a37b [KEYCLOAK-10066] Merge Preview Features Test: OpenshiftClientStorage 2019-07-30 14:20:54 +02:00
Pedro Igor
8b203d48ce [KEYCLOAK-10949] - Proper error messages when failing to authenticate the request 2019-07-29 17:01:42 -03:00
Pedro Igor
967d21dbb5 [KEYCLOAK-10713] - Pagination to resources rest api 2019-07-29 16:19:22 -03:00
Stan Silvert
bc818367a1 KEYCLOAK-10854: App-initiated actions Phase I 2019-07-26 14:56:29 -03:00
Stan Silvert
6c79bdee41 KEYCLOAK-10854: App initiated actions phase I 2019-07-26 14:56:29 -03:00
mhajas
57a8fcb669 KEYCLOAK-10776 Add session expiration to Keycloak saml login response 2019-07-24 13:35:07 +02:00
mhajas
4b18c6a117 KEYCLOAK-7207 Check session expiration for SAML session 2019-07-24 13:35:07 +02:00
mhajas
bf33cb0cf9 KEYCLOAK-9102 Add tests for Saml RelayState 2019-07-24 12:28:00 +02:00
Leon Graser
e1cb17586f display users in roles 2019-07-19 09:52:13 -04:00
Hynek Mlnarik
67f8622d13 KEYCLOAK-8318 Workaround Elytron's double encoding of the query parameters
Co-Authored-By: mhajas <mhajas@redhat.com>
2019-07-19 14:37:38 +02:00
mhajas
282569df23 KEYCLOAK-10797 Ignore test until the issue is resolved 2019-07-19 13:37:20 +02:00
Hynek Mlnarik
3d4283fac9 KEYCLOAK-9987 Upgrade to Wildfly17
Co-Authored-By: hmlnarik <hmlnarik@redhat.com>
2019-07-16 08:05:46 +02:00
Pedro Igor
5f5cb6cb7b [KEYCLOAK-10808] - Do not show authorization tab when client is not confidential 2019-07-15 10:07:31 -03:00
Steeve Beroard
fc9a0e1766 [KEYCLOAK-8104] Keycloak SAML Adapter does not support clockSkew configuration
Co-Authored-By: vramik <vramik@redhat.com>
2019-07-15 13:08:52 +02:00
rmartinc
6d6db1f3e5 KEYCLOAK-10345: OCSP validation fails if there is no intermediate CA in the client certificate 2019-07-12 15:16:00 +02:00
mposolda
77e9f16ad3 KEYCLOAK-10813 ComponentsTest.testConcurrencyWithChildren failed with oracle due timeout 2019-07-12 10:42:37 +02:00
mposolda
91b41b1a2e KEYCLOAK-10793 Possibility to increase server startup timeout 2019-07-12 10:42:37 +02:00
Takashi Norimatsu
2e850b6d4a KEYCLOAK-10747 Explicit Proof Key for Code Exchange Activation Settings 2019-07-12 08:33:20 +02:00
Martin Kanis
efdf0f1bd8 KEYCLOAK-6839 You took too long to login after SSO idle 2019-07-10 10:15:26 +02:00
vramik
5a5325672b KEYCLOAK-10718 Refactor fuse adapter test 2019-07-09 08:56:35 +02:00
mposolda
5f9feee3f8 KEYCLOAK-9846 Verifying signatures on CRL during X509 authentication 2019-07-08 20:20:38 +02:00
Tomasz Prętki
0376e7241a KEYCLOAK-10251 New Claim JSON Type - JSON 2019-07-08 11:59:57 +02:00
Hynek Mlnarik
ca4e14fbfa KEYCLOAK-7852 Use original NameId value in logout requests 2019-07-04 19:30:21 +02:00
mposolda
5b40691deb KEYCLOAK-10355 Avoid LastSessionRefreshUnitTest to trigger scheduled tasks 2019-07-04 09:53:19 +02:00
Sebastian Laskawiec
b5d8f70cc7 KEYCLOAK-8224 Client not found error message 2019-07-03 18:34:56 +02:00
Asier Aguado
bed22b9b8d [KEYCLOAK-10710] Make social providers compatible with OIDC UsernameTemplateMappers 2019-07-03 15:01:46 +02:00
rmartinc
bd5dec1830 KEYCLOAK-10112: Issues in loading offline session in a cluster environment during startup 2019-07-03 13:17:45 +02:00
Pedro Igor
0cdd23763c [KEYCLOAK-10443] - Define a global decision strategy for resource servers 2019-07-02 09:14:37 -03:00
Peter Skopek
aca8c89d3e KEYCLOAK-10075 fix drop all tables for postgres and mssql 2019-06-27 14:03:13 +02:00
mposolda
a46bf708c0 KEYCLOAK-9947 KEYCLOAK-10451 Better support for DB manual migration test with DB provided by docker or dballocator plugin 2019-06-27 13:52:17 +02:00
Jeroen ter Voorde
7654793713 [KEYCLOAK-10419] Remove user and group resource at the end of the GroupTest. 2019-06-21 11:31:01 +02:00
Jeroen ter Voorde
7518692c0d [KEYCLOAK-10419] Added briefRepresentation parameter support to the admin client interface
And added a aquillian test for it.
2019-06-21 11:31:01 +02:00
mhajas
b3d3d5b59d KEYCLOAK-10361 Fix instabilities on windows 2019-06-14 09:05:02 +02:00
Pedro Igor
fdc0943a92 [KEYCLOAK-8060] - My Resources REST API 2019-06-11 14:23:26 -03:00
Martin Bartos RH
6393dbad8d KEYCLOAK-10582 Fixed bug with disabling Token Exchange feature 2019-06-11 08:27:23 +02:00
Martin Bartos RH
1b7b8244d0 KEYCLOAK-10459 Merge preview features test: FineGrainAdminUnit 2019-06-06 11:21:27 +02:00
Pedro Igor
61eb94c674 [KEYCLOAK-8915] - Support resource type in authorization requests 2019-06-04 21:02:54 -03:00
Martin Bartos RH
ccd90d5fdc KEYCLOAK-10065 Merge preview features test: BrokerLinkAndTokenExchangeTest 2019-06-03 15:48:51 +02:00
Thomas Darimont
2825619243 KEYCLOAK-1033 Add PKCE support for JS Adapter
This adds support for the "S256" code_challenge_method to the JS Adapter.
Note that the method "plain" was deliberately left out as is not recommended
to be used in new applications.

Note that this PR includes two libraries:
- [base64-js]{@link https://github.com/beatgammit/base64-js}
- [js-sha256]{@link https://github.com/emn178/js-sha256}

`base64-js` is needed for cross-browser support for decoding the
Uint8ArrayBuffer returned by `crypto.getRandomValues` to a PKCE
compatible base64 string.

`js-sha256` library is required because the `crypto.subtle.digest`
support is not available for all browsers.

The PKCE codeVerifier is stored in the callbackStore of the JS Adapter.

Note: This PR is based on #5255 which got messed up during a rebase.
2019-05-29 15:40:16 +02:00
skyfalke
0007bad6f3 KEYCLOAK-10393 Fix permission ticket pagination in Authz Client
KEYCLOAK-10393 Ensure idempotency of find method of permission ticket store
2019-05-29 09:43:54 -03:00
Stefan Guilhen
40ec46b79b [KEYCLOAK-8043] Allow prompt=none query parameter to be propagated to default IdP 2019-05-29 09:22:46 +02:00
Pedro Igor
e9ea1f0e36 [KEYCLOAK-10279] - Do not limit results when fetching resources 2019-05-28 15:35:29 -03:00
mhajas
45c024db74 KEYCLOAK-10358 Fix ConsoleProtectionTest auth-server url 2019-05-27 12:41:29 +02:00
mposolda
a980629e66 KEYCLOAK-10295 Tweaks for MariaDB testing in docker container 2019-05-24 12:52:55 +02:00
Réda Housni Alaoui
72d6ac518c User password cache is not refreshed after updating the user with hashed credential 2019-05-23 14:16:40 +02:00
mhajas
3c96dfb041 KEYCLOAK-9895 Fix wrongly called assertCurrent method 2019-05-23 10:41:10 +02:00
vramik
ac6d877954 KEYCLOAK-10283 Update FuseAdapterTest to check login page directly 2019-05-21 14:26:37 +02:00