Commit graph

1187 commits

Author SHA1 Message Date
mildis
de09bdf32d messages_fr to use linkExpirationFormatter 2021-01-12 21:15:38 +01:00
moritz.hilberg
70a20ef50d KEYCLOAK-16566 Display Idp displayName if available 2021-01-12 20:56:18 +01:00
ltressens
0fecf1546a
KEYCLOAK-16790 Attempt to translate 'impersonate' 2021-01-12 20:30:59 +01:00
vramik
1402d021de KEYCLOAK-14846 Default roles processing 2021-01-08 13:55:48 +01:00
Thomas Darimont
1a7600e356
KEYCLOAK-13923 Support PKCE for OIDC based Identity Providers (#7381)
* KEYCLOAK-13923 - Support PKCE for Identity Provider

We now support usage of PKCE for OIDC based Identity Providers.

* KEYCLOAK-13923 Warn if PKCE information cannot be found code-to-token request in OIDCIdentityProvider

* KEYCLOAK-13923 Pull up PKCE handling from OIDC to OAuth IdentityProvider infrastructure

* KEYCLOAK-13923 Adding test for PKCE support for OAuth Identity providers

* KEYCLOAK-13923 Use URI from KeycloakContext instead of HttpRequest

Co-authored-by: Pedro Igor <pigor.craveiro@gmail.com>

Co-authored-by: Pedro Igor <pigor.craveiro@gmail.com>
2021-01-05 10:59:59 -03:00
Réda Housni Alaoui
24522c298e
KEYCLOAK-16657 New Account Console: missing french translation (#7688) 2021-01-04 14:17:53 -05:00
Réda Housni Alaoui
c917ae5ded KEYCLOAK-16652 New Account Console: When langage is not english, no user name displayed at the upper right 2021-01-04 09:04:46 -05:00
keycloak-bot
75be33ccad Set version to 13.0.0-SNAPSHOT 2020-12-16 17:31:55 +01:00
Fabricio Oliveira
019f27abdb
Correct label is 'Dependent Permissions' (#7672)
The label refers to the list 'permissions' dependent on the 'policy'.
2020-12-16 07:59:29 -03:00
Przemyslaw Sztoch
33ec2fe069 KEYCLOAK-14492 More polish translation and fixed language name translation
Language name should not be translated!
You search your language name in native.

New messages for lack fields from OpenID connect scopes.
2020-12-07 08:36:08 +01:00
Peter Zaoral
c8a2f82a50 KEYCLOAK-14138 Upgrade OTP login screen
* edited related css and ftl theme resources
* added tile component
* fixed IE11 compatibility
* fixed affected tests

Signed-off-by: Peter Zaoral <pzaoral@redhat.com>
2020-12-03 16:00:36 +01:00
Joaquim Fellmann
6a6dba5d6e KEYCLOAK-15634: Prevent federated user removal with new account console 2020-11-27 13:44:36 +01:00
Peter Zaoral
ad940a861a KEYCLOAK-14137 Upgrade Authentication selector screen
* edited related css and ftl theme resources
* added IE11 compatibility support
* fixed affected tests

Signed-off-by: Peter Zaoral <pzaoral@redhat.com>
2020-11-27 08:40:06 +01:00
zak905
4f330f4a57 KEYCLOAK-953: add allowing user to delete his own account feature 2020-11-24 15:50:07 +01:00
Stan Silvert
0afd55f32c KEYCLOAK-14547: Make New Account Console the default. 2020-11-23 20:56:05 +01:00
Stan Silvert
36fa3d555a KEYCLOAK-16354: Update serialize-javascript dependency 2020-11-23 14:40:16 +01:00
Martin Bartos
ab347df5ee KEYCLOAK-14915 Upgrade registration screen to PF4 2020-11-18 10:54:17 +01:00
vmuzikar
01be601dbd KEYCLOAK-14306 OIDC redirect_uri allows dangerous schemes resulting in potential XSS
(cherry picked from commit e86bec81744707f270230b5da40e02a7aba17830)

Conflicts:
    testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/client/ClientRegistrationTest.java
    testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/ClientTest.java
    services/src/main/java/org/keycloak/validation/DefaultClientValidationProvider.java
2020-11-12 08:21:54 +01:00
rmartinc
e6bd12b174 [KEYCLOAK-16139] Serialize the calls for groups tab on admin console 2020-11-10 15:41:16 +01:00
Thomas Darimont
de20830412 KEYCLOAK-9551 KEYCLOAK-16159 Make refresh_token generation for client_credentials optional. Support for revocation of access tokens.
Co-authored-by: mposolda <mposolda@gmail.com>
2020-11-06 09:15:34 +01:00
Martin Bartos
7522d5ac74 KEYCLOAK-15841 Upgrade rest of the minor forms to PF4 2020-11-05 17:58:41 +01:00
Peter Zaoral
4fbc6389b5 KEYCLOAK-15386 Some icons are not displayed properly
* pficon.woff/woff2 - updated PatternFly font resource
* pficon.css - css that contains @font-face rule
Signed-off-by: Peter Zaoral <pzaoral@redhat.com>
2020-11-02 20:21:38 +01:00
Christoph Leistert
e131de9574 KEYCLOAK-14855 Added realm-specific localization texts which affect texts in every part of the UI (admin console / login page / personal info page / email templates). Also new API endpoints and a new UI screen to manage the realm-specific localization texts were introduced.
Co-authored-by: Daniel Fesenmeyer <daniel.fesenmeyer@bosch.io>
2020-10-30 08:02:43 -03:00
Martin Bartos
2e59d5c232 KEYCLOAK-14679 Unable to log in with WebAuthn on unsupported browsers 2020-10-29 14:03:17 +01:00
Martin Bartos
a8df7d88a1 [KEYCLOAK-14139] Upgrade login screen to PF4 2020-10-27 20:24:07 +01:00
Grandys
c122e72178 [KEYCLOAK-15850] Removed references to unminimized versions of javascript libraries in base admin template 2020-10-23 10:57:32 +02:00
Roland Werner
d544b132f9 KEYCLOAK-15806:
Extension to SignatureAlgorithm to support more Algorithms (RSA_SHA256_MGF1, RSA_SHA512_MGF1).
    Also included in clients.js and realms.js so it can be chosen as signature algorithm when connecting as SAML client and when brokering through SAML.
2020-10-15 20:55:27 +02:00
Jonathan Buzzetti
a2efb84e00
KEYCLOAK-15978 Update spanish email verification message
For it to be similar to its english counterpart
2020-10-15 16:46:24 +02:00
Luca Leonardo Scorcia
0621e4ceb9 KEYCLOAK-15697 Fix config entry tooltip 2020-10-14 07:39:49 +02:00
Elisabeth Schulz
4c4750f1d9 KEYCLOAK-13983 Include algorithm parameters
Restore accidental change
2020-10-12 10:12:01 +02:00
Elisabeth Schulz
9143bc748f KEYCLOAK-13983 Include algorithm parameters
Include suggestions made by @mposolda to enable more generic
usage
2020-10-12 10:12:01 +02:00
Luca Leonardo Scorcia
f274ec447b KEYCLOAK-15697 Make the Service Provider Entity ID user configurable 2020-10-09 22:04:02 +02:00
vmuzikar
790b549cf9 KEYCLOAK-15262 Logout all sessions after password change 2020-09-18 20:09:40 -03:00
Luca Leonardo Scorcia
c6608c1561 KEYCLOAK-15383 Translation strings escaped twice in saml-post-form.ftl 2020-09-16 21:31:51 +02:00
Luca Leonardo Scorcia
10077b1efe KEYCLOAK-15485 Add option to enable SAML SP metadata signature 2020-09-16 16:40:45 +02:00
Joaquim Fellmann
be4780243b KEYCLOAK-15483 Replace badly displayed HTML message with simple text message for french locale (align with en, de, pt, po, tr, nl locales) 2020-09-15 17:09:53 -04:00
Stan Silvert
952e8fecee KEYCLOAK-15481: Display forbidden screen 2020-09-11 07:03:24 -04:00
Clement Cureau
73378df52e [KEYCLOAK-11621] Allow user creation via group permissions (Admin API)
Problem:
Using fine-grained admin permissions on groups, it is not permitted to create new users
within a group.

Cause:
The POST /{realm}/users API does not check permission for each group part of the new
user representation

Solution:
- Change access logic for POST /{realm}/users to require MANAGE_MEMBERS and
MANAGE_MEMBERSHIP permissions on each of the incoming groups

Tests:
Manual API testing performed:
  1. admin user from master realm:
    - POST /{realm}/users without groups                  => HTTP 201 user created
    - POST /{realm}/users with groups                     => HTTP 201 user created
  2. user with MANAGE_MEMBERS & MANAGE_MEMBERSHIP permissions on group1
    - POST /{realm}/users without groups                  => HTTP 403 user NOT created
    - POST /{realm}/users with group1                     => HTTP 201 user created
    - POST /{realm}/users with group1 & group2            => HTTP 403 user NOT created
    - POST /{realm}/users with group1 & wrong group path  => HTTP 400 user NOT created
  3. user with MANAGE_MEMBERS permission on group1
    - POST /{realm}/users without groups                  => HTTP 403 user NOT created
    - POST /{realm}/users with group1                     => HTTP 403 user NOT created
    - POST /{realm}/users with group1 & group2            => HTTP 403 user NOT created
    - POST /{realm}/users with group1 & wrong group path  => HTTP 400 user NOT created
2020-09-10 12:26:55 -03:00
Luca Leonardo Scorcia
67b2d5ffdd KEYCLOAK-14961 SAML Client: Add ability to request specific AuthnContexts to remote IdPs 2020-09-03 21:25:36 +02:00
Simon Legner
bed664e4fe KEYCLOAK-15186 Sort user federation table 2020-09-02 17:40:41 -04:00
stianst
a92bf0c3be KEYCLOAK-15091 Fix issue with custom favicon.ico 2020-09-02 23:18:49 +02:00
Konstantinos Georgilakis
1fa93db1b4 KEYCLOAK-14304 Enhance SAML Identity Provider Metadata processing 2020-09-02 20:43:09 +02:00
Takashi Norimatsu
aad3bdcb88 KEYCLOAK-15251 keycloak-themes build fails in windows 2020-09-02 12:40:07 -04:00
testn
0362d3a430 KEYCLOAK-15113: Move away from deprecated Promise.success()/error() 2020-09-01 14:26:44 -04:00
Iavael
f021f72fcd [KEYCLOAK-14663] Fix spelling in RU translation
https://en.wiktionary.org/wiki/%D0%BF%D1%80%D0%B8%D0%B2%D0%B8%D0%BB%D0%B5%D0%B3%D0%B8%D1%8F
2020-09-01 12:01:13 +02:00
Jon Koops
b64cf3c315 KEYCLOAK-14980 Remove references to Bower 2020-09-01 11:49:58 +02:00
Luca Leonardo Scorcia
03c07bd2d7 KEYCLOAK-14902 Replace SAML SP metadata export with link to descriptor 2020-08-31 22:26:30 +02:00
Martin Bartos
9c847ab176 [KEYCLOAK-14432] Unhandled NPE in identity broker auth response 2020-08-31 14:14:42 +02:00
kaibo-ondruska
6d45d715d3 KEYCLOAK-15369 fix Czech translation
"Přihlasovací" should be "Přihlašovací"
2020-08-28 14:54:50 +02:00
Thomas Darimont
0f967b7acb KEYCLOAK-12729 Add password policy not-email
Added test cases and initial translations
2020-08-21 14:55:07 +02:00