Pedro Igor
dd279dd0fd
[KEYCLOAK-3130] - Permission checks to authorization admin endpoints
2016-06-17 15:27:42 -03:00
Stian Thorgersen
111bcb7433
Merge pull request #2942 from stianst/master
...
Refactor authz changelog in to separate authz-master.xml
2016-06-17 15:26:43 +02:00
Stian Thorgersen
8f3cfed7c5
Merge pull request #2934 from fkiss/master-truststore
...
KEYCLOAK-2283 added email truststore test
2016-06-17 14:05:38 +02:00
Stian Thorgersen
807fc71626
Merge pull request #2939 from mhajas/fixEAP6
...
KEYCLOAK-3125 Fix ssl tests on EAP6
2016-06-17 14:02:23 +02:00
Stian Thorgersen
8ae08f0432
Merge pull request #2938 from mhajas/addJSConsoleTests-master
...
KEYCLOAK-3121 Add JS adapter tests
2016-06-17 14:01:21 +02:00
Stian Thorgersen
2beb1f2466
Merge branch 'KEYCLOAK-3052' of https://github.com/cargosoft/keycloak into cargosoft-KEYCLOAK-3052
2016-06-17 13:55:55 +02:00
Stian Thorgersen
1a9fada964
KEYCLOAK-2753 Refactor authz changelog into separate authz-master.xml
2016-06-17 13:40:22 +02:00
Stian Thorgersen
9030edc04d
KEYCLOAK-2753 Removed unused imports from PolicyAdapter
2016-06-17 13:40:22 +02:00
Stian Thorgersen
3c0f7e2ee2
Merge pull request #2617 from pedroigor/KEYCLOAK-2753
...
[KEYCLOAK-2753] - Fine-grained Authorization Services
2016-06-17 13:40:15 +02:00
Pedro Igor
086c29112a
[KEYCLOAK-2753] - Fine-grained Authorization Services
2016-06-17 02:07:34 -03:00
mhajas
0df2525298
Fix ssl tests on EAP6
2016-06-16 11:56:31 +02:00
mhajas
cdb40fce19
Add JS adapter tests
2016-06-16 11:43:06 +02:00
Dimitri Teleguin
524ad9728a
correct resource URL
2016-06-14 21:07:36 +03:00
fkiss
b50513a946
KEYCLOAK-2283 added email truststore test
2016-06-14 13:49:16 +02:00
Dmitry Telegin
3203842b58
Fix KEYCLOAK-3052
2016-06-14 12:32:43 +03:00
Stian Thorgersen
2d036b58a6
Merge pull request #2932 from stianst/master
...
KEYCLOAK-3050 - fix npe on deployment
2016-06-13 21:16:04 +02:00
Michaël van de Giessen
55910f5f70
KEYCLOAK-3050 - fix npe on deployment
2016-06-13 20:15:41 +02:00
Stian Thorgersen
c1e202eaf9
Merge pull request #2931 from stianst/master
...
KEYCLOAK-3091 Change brute force to use userId
2016-06-13 18:02:32 +02:00
Stian Thorgersen
e538394e60
KEYCLOAK-3091 Change brute force to use userId
2016-06-13 15:30:13 +02:00
Stian Thorgersen
46b17e6149
Merge pull request #2928 from mposolda/KEYCLOAK-3106
...
KEYCLOAK-3106 EventStoreProviderTest.query is failing in some environ…
2016-06-13 15:05:19 +02:00
mposolda
e6b3586b87
KEYCLOAK-3106 EventStoreProviderTest.query is failing in some environments
2016-06-13 15:02:10 +02:00
Stian Thorgersen
bdaba4c85a
Merge pull request #2926 from mposolda/master
...
KEYCLOAK-3105 Can't access single realm with the admin user from mast…
2016-06-13 14:50:19 +02:00
mposolda
1510ac5eb4
KEYCLOAK-3105 Can't access single realm with the admin user from master realm
2016-06-13 12:09:11 +02:00
Marek Posolda
443772d5ec
Merge pull request #2924 from mposolda/master
...
KEYCLOAK-2028: Add preemptive access token refresh support to servlet adapters
2016-06-09 21:51:15 +02:00
mposolda
72736e5e47
KEYCLOAK-2028 Add test for token-minimum-time-to-live adapter option
2016-06-09 19:22:15 +02:00
Ben Loy
ec180db39f
KEYCLOAK-2028: Add preemptive access token refresh support
...
Add a new keycloak.json property and mechanism to automatically
refresh access tokens if they are going to expire in less than a configurable
amount of time.
2016-06-09 19:22:15 +02:00
Marek Posolda
f6d075fbe4
Merge pull request #2922 from mposolda/master
...
KEYCLOAK-2714 Remove the pre-liquibase workarounds
2016-06-08 15:54:36 +02:00
mposolda
5fc5bafbb6
KEYCLOAK-2714 Remove the pre-liquibase workarounds
2016-06-08 14:40:33 +02:00
Stian Thorgersen
a189545f81
Merge pull request #2920 from thomasdarimont/issue/KEYCLOAK-3092-Increase-number-of-users-shown-in-UserListing
...
KEYCLOAK-3092: Show 25 users per page in user list by default
2016-06-08 13:21:13 +02:00
Stian Thorgersen
1c694b4795
Merge pull request #2921 from thomasdarimont/issue/KEYCLOAK-3054-fix-npe-on-unknown-protocol-adjustment
...
KEYCLOAK-3054: Use string format for log message
2016-06-08 07:08:05 +02:00
Stian Thorgersen
819c42dad2
Merge pull request #2918 from chameleon82/issue/KEYCLOAK-3089-email-subject-internationalization
...
KEYCLOAK-3089 Change email subject encoding to utf-8/base64
2016-06-08 07:07:37 +02:00
Некрасов Александр Сергеевич
7bdccc21b2
KEYCLOAK-3089 Change email subject encoding to utf-8
2016-06-08 09:10:39 +06:00
Thomas Darimont
a9f461bfd1
KEYCLOAK-3054: Use string format for log message
...
Need to use log.debugf(..) to correctly resolve the %s placeholder.
2016-06-07 21:56:04 +02:00
Thomas Darimont
56a565f913
KEYCLOAK-3092: Show 20 users per page in user list by default
...
More sensible default for number of users shown per page in
the user listing of the admin console.
This is also recommended in the patternfly guidelines.
Prior to the PR only 5 users were shown per page.
2016-06-07 13:23:03 +02:00
Stian Thorgersen
b6a76b1267
Merge pull request #2917 from thomasdarimont/issue/KEYCLOAK-3054-fix-npe-on-unknown-protocol
...
KEYCLOAK-3054: Fix potential NPE in RealmsResource
2016-06-07 13:09:54 +02:00
Thomas Darimont
67a63a806e
KEYCLOAK-3054: Fix potential NPE in RealmsResource
...
Prior to PR .well-known Endpoint threw NPE with if unknown
Protocol was provided.
2016-06-07 08:29:23 +02:00
Stian Thorgersen
816b01860b
Merge pull request #2912 from thomasdarimont/issue/KEYCLOAK-2891-fix-openidc-endpoint-label-alignment
...
KEYCLOAK-2891: Fix label alignment for OIDC Endpoint link.
2016-06-07 07:07:17 +02:00
Stian Thorgersen
ce2f009e76
Merge pull request #2915 from pdrozd/KEYCLOAK-3082
...
KEYCLOAK-3082 - clear queue before event
2016-06-07 07:00:42 +02:00
Stian Thorgersen
d5a44db2de
Merge pull request #2914 from pdrozd/master
...
KEYCLOAK-3085 - Add module org.jboss.resteasy.resteasy-jaxrs to integ…
2016-06-07 07:00:11 +02:00
Некрасов Александр Сергеевич
5474496867
KEYCLOAK-3089 Change email subject encoding to utf-8/base64
2016-06-07 09:11:46 +06:00
Pavel Drozd
54d9943a3b
KEYCLOAK-3085 - Add module org.jboss.resteasy.resteasy-jaxrs to integration-arquillian-testsuite-providers
2016-06-06 11:51:20 +02:00
Pavel Drozd
81de73df8e
KEYCLOAK-3082 - clear queue before event
2016-06-06 11:46:39 +02:00
Thomas Darimont
51312ff7ff
KEYCLOAK-2891: Fix label alignment for OIDC Endpoint link.
...
This probably happend during merge.
2016-06-06 09:55:31 +02:00
Bill Burke
b2d8c6bca2
Merge pull request #2418 from schmeedy/master
...
Fix k_query_bearer_token endpoint in proxy
2016-06-05 11:20:08 -04:00
Bill Burke
4c9a0b45d4
Merge pull request #2229 from thomasdarimont/issue/KEYCLOAK-2489-script-based-authenticator-definitions
...
KEYCLOAK-2489 - Add support for Script-based AuthenticationExecution definitions.
2016-06-05 11:12:05 -04:00
Bill Burke
b3f3449e39
Merge pull request #2810 from thomasdarimont/issue/KEYCLOAK-2974-handle-ModelException-in-UsersResource
...
KEYCLOAK-2974: Handle ModelException in UsersResource
2016-06-05 11:06:32 -04:00
Bill Burke
a76a4730e3
Merge pull request #2884 from thomasdarimont/issue/KEYCLOAK-2891-link-to-oidc-endpoints-from-admin-console
...
KEYCLOAK-2891: Add link to OpenID Endpoint Configuration to realm details page.
2016-06-05 11:06:11 -04:00
Bill Burke
dbeb3353f8
Merge pull request #2911 from thomasdarimont/issue/KEYCLOAK-3081-oidc-support-user-role-mapper
...
KEYCLOAK-3081: Add client mappers to map user roles to token
2016-06-05 11:03:47 -04:00
Thomas Darimont
a2d1c8313d
KEYCLOAK-3081: Add client mapper to map user roles to token
...
Introduced two new client protocol mappers to propagate assigned user client / realm roles to a JWT ID/Access Token.
Each protocol mapper supports to use a prefix string that is prepended to each role name.
The client role protocol mapper can specify from which client the roles should be considered.
Composite Roles are resolved recursively.
Background:
Some OpenID Connect integrations like mod_auth_openidc don't support analyzing deeply nested or encoded structures.
In those scenarios it is helpful to be able to define custom client protocol mappers that allow to propagate a users's roles as a flat structure
(e.g. comma separated list) as a top-level (ID/Access) Token attribute that can easily be matched with a regex.
In order to differentiate between client specific roles and realm roles it is possible to configure
both separately to be able to use the same role names with different contexts rendered as separate token attributes.
2016-06-03 15:52:58 +02:00
Marek Posolda
193233899f
Merge pull request #2910 from mposolda/master
...
KEYCLOAK-3074 AdminEventStoreProviderTest fixes
2016-06-03 11:33:22 +02:00