Commit graph

11830 commits

Author SHA1 Message Date
Stefan Guilhen
ceaae7a254 [KEYCLOAK-10384] Add equals and hashCode to KeycloakUndertowAccount, SamlPrincipal and SamlSession to avoid cache misses in the PicketBox JAAS auth manager 2019-07-18 21:08:22 +02:00
vramik
74f6e362af KEYCLOAK-10878 Realm exports may fail with future community releases 2019-07-18 10:50:34 -03:00
Martin Reinhardt
1ca66b4789 [KEYCLOAK-10018] Show complete group path for assigned groups 2019-07-18 09:24:21 -04:00
Martin Reinhardt
60f2853d44 [KEYCLOAK-10018] Fix inject component utils 2019-07-18 09:24:21 -04:00
Martin Reinhardt
36c47e7491 [KEYCLOAK-10018] Adding search logic for user partials, too 2019-07-18 09:24:21 -04:00
Martin Reinhardt
c08d0a626f Fix search on enter issue 2019-07-18 09:24:21 -04:00
Hynek Mlnarik
04f266d381 KEYCLOAK-10744 Fix MariaDB cannot create database 2019-07-18 13:59:49 +02:00
kuan
1c5f7c1420 Update KeycloakTokenParsed definition.
To match KeycloakInstance's realm access and resources access.
2019-07-17 15:29:34 -04:00
Hynek Mlnarik
67eb0c3079 KEYCLOAK-8318 Workaround ELY-1525 similarly to OIDC adapter 2019-07-17 09:33:20 +02:00
Hynek Mlnarik
3d4283fac9 KEYCLOAK-9987 Upgrade to Wildfly17
Co-Authored-By: hmlnarik <hmlnarik@redhat.com>
2019-07-16 08:05:46 +02:00
Pedro Igor
5f5cb6cb7b [KEYCLOAK-10808] - Do not show authorization tab when client is not confidential 2019-07-15 10:07:31 -03:00
Steeve Beroard
fc9a0e1766 [KEYCLOAK-8104] Keycloak SAML Adapter does not support clockSkew configuration
Co-Authored-By: vramik <vramik@redhat.com>
2019-07-15 13:08:52 +02:00
rmartinc
1d2d6591b2 KEYCLOAK-10826: Provide the locale name in the LocaleBean to be used in themes 2019-07-13 07:18:40 +02:00
rmartinc
6d6db1f3e5 KEYCLOAK-10345: OCSP validation fails if there is no intermediate CA in the client certificate 2019-07-12 15:16:00 +02:00
mposolda
77e9f16ad3 KEYCLOAK-10813 ComponentsTest.testConcurrencyWithChildren failed with oracle due timeout 2019-07-12 10:42:37 +02:00
mposolda
c003dabf6c KEYCLOAK-10753 Possibility for JavascriptExecutor to use the timeout from pageload.timeout property instead of hardcoded 2019-07-12 10:42:37 +02:00
mposolda
91b41b1a2e KEYCLOAK-10793 Possibility to increase server startup timeout 2019-07-12 10:42:37 +02:00
Takashi Norimatsu
2e850b6d4a KEYCLOAK-10747 Explicit Proof Key for Code Exchange Activation Settings 2019-07-12 08:33:20 +02:00
mposolda
625efcfdf8 KEYCLOAK-10445 KEYCLOAK-10446 Fixes for add DB tests with PostgreSQL 10.1 and PostgresPlus to the pipeline 2019-07-10 15:21:27 +02:00
Martin Kanis
efdf0f1bd8 KEYCLOAK-6839 You took too long to login after SSO idle 2019-07-10 10:15:26 +02:00
Gregor Tudan
334ca6e96b KEYCLOAK-10796: fix build on MacOS by giving DeSerializerFunctions in the StringUtils a distinct name 2019-07-09 22:52:12 +02:00
Kohei Tamura
55a6141bff KEYCLOAK-10783 Fix internal server error when logging out after sharing my resource 2019-07-09 09:06:58 -03:00
Pedro Igor
9215957bd0 Revert "KeycloakRole equals only with itself"
This reverts commit 2899375614.
2019-07-09 09:05:20 -03:00
vramik
5a5325672b KEYCLOAK-10718 Refactor fuse adapter test 2019-07-09 08:56:35 +02:00
mposolda
5f9feee3f8 KEYCLOAK-9846 Verifying signatures on CRL during X509 authentication 2019-07-08 20:20:38 +02:00
Valeran86
2899375614 KeycloakRole equals only with itself
I use Keycloak Spring Adapter (KSA) to secure existing application. Today I realized that some functions didn't work anymore because of security checking like this:
```
GrantedAuthority adminRole = new MySpecialGrantedAuthority( "superadmin" );
for ( GrantedAuthority role : userRoles ) {
        if ( role.equals( adminRole ) ) {
          return true;
        }
      }
```
In this example, when I use KSA authorization fails.
I believe, that more preferable in `KeycloakRole` use this implementation of `equals` method.
2019-07-08 14:33:03 -03:00
k-tamura
c636b7a1cd KEYCLOAK-10784 i18n support for UMA resource pages 2019-07-08 14:25:05 -03:00
Tomasz Prętki
0376e7241a KEYCLOAK-10251 New Claim JSON Type - JSON 2019-07-08 11:59:57 +02:00
Sven-Torben Janus
c883c11e7e KEYCLOAK-10158 Use PEM cert as X.509 user identity
Allows to use the full PEM encoded X.509 certificate from client cert
authentication as a user identity. Also allows to validate that user's
identity against LDAP in PEM (String and binary format). In addition,
a new custom attribute mapper allows to validate against LDAP when
certificate is stored in DER format (binay, Octet-String).

KEYCLOAK-10158 Allow lookup of certs in binary adn DER format from LDAP
2019-07-08 11:58:26 +02:00
Hynek Mlnarik
ca4e14fbfa KEYCLOAK-7852 Use original NameId value in logout requests 2019-07-04 19:30:21 +02:00
Vlasta Ramik
cc8cfd4269 KEYCLOAK-10751 Fix SAML undertow adapter not sending challenge
Co-Authored-By: mhajas <mhajas@redhat.com>
Co-Authored-By: Hynek Mlnarik <hmlnarik@redhat.com>
2019-07-04 10:04:51 +02:00
mposolda
5b40691deb KEYCLOAK-10355 Avoid LastSessionRefreshUnitTest to trigger scheduled tasks 2019-07-04 09:53:19 +02:00
Sebastian Laskawiec
b5d8f70cc7 KEYCLOAK-8224 Client not found error message 2019-07-03 18:34:56 +02:00
Asier Aguado
bed22b9b8d [KEYCLOAK-10710] Make social providers compatible with OIDC UsernameTemplateMappers 2019-07-03 15:01:46 +02:00
rmartinc
bd5dec1830 KEYCLOAK-10112: Issues in loading offline session in a cluster environment during startup 2019-07-03 13:17:45 +02:00
Thomas Darimont
53d0db80c3 KEYCLOAK-10313 Only use PKCE if enable-pkce is configured for KeycloakInstalled adapter
Users who want to use PKCE support with the KeycloakInstalled adapter need to set the property
``"enable-pkce": true` in the adapter configuration / `keycloak.json`.
2019-07-03 08:49:55 +02:00
Thomas Darimont
8bd48391ca KEYCLOAK-10313 Add PKCE support to KeycloakInstalled Adpater
This adds PKCE support for Desktop Apps as
a followup to KEYCLOAK-1033 #6047.
2019-07-03 08:49:55 +02:00
Axel Messinese
b32d52e62b KEYCLOAK-10750 Check if role exist on get user/group in role endpoint 2019-07-03 08:46:36 +02:00
Pedro Igor
0cdd23763c [KEYCLOAK-10443] - Define a global decision strategy for resource servers 2019-07-02 09:14:37 -03:00
Peter Skopek
aca8c89d3e KEYCLOAK-10075 fix drop all tables for postgres and mssql 2019-06-27 14:03:13 +02:00
mposolda
a46bf708c0 KEYCLOAK-9947 KEYCLOAK-10451 Better support for DB manual migration test with DB provided by docker or dballocator plugin 2019-06-27 13:52:17 +02:00
Stian Thorgersen
1778269c68
Update .travis.yml 2019-06-27 07:25:46 +02:00
Stian Thorgersen
65ca41b1bf
Update .travis.yml 2019-06-27 07:21:56 +02:00
Stian Thorgersen
6efe38a1d3
Update .travis.yml 2019-06-27 07:19:12 +02:00
Sebastian Loesch
c9fbed7eb8 KEYCLOAK-10545 Fix formatting error in log message
Fixes the formatting error
java.util.IllegalFormatConversionException: d != java.util.UUID
2019-06-26 10:22:15 +02:00
mhajas
fe62ece2c3 KEYCLOAK-10701 Remove SpringBoot test within test-apps directory 2019-06-24 21:58:48 +02:00
mposolda
c124aec586 KEYCLOAK-10262 DBLockTest.testLockConcurrently fails with MariaDB Galera 10.1 2019-06-24 11:23:18 +02:00
Jeroen ter Voorde
7654793713 [KEYCLOAK-10419] Remove user and group resource at the end of the GroupTest. 2019-06-21 11:31:01 +02:00
Jeroen ter Voorde
7518692c0d [KEYCLOAK-10419] Added briefRepresentation parameter support to the admin client interface
And added a aquillian test for it.
2019-06-21 11:31:01 +02:00
Jeroen ter Voorde
a2099cff39 [KEYCLOAK-10419] Added support for briefRepresentation param on the GroupResource members endpoint. 2019-06-21 11:31:01 +02:00