mposolda
936efe872a
KEYCLOAK-5061 Process correct initial flow when action expired
2017-07-10 22:52:54 +02:00
Marek Posolda
2b427dfcd2
Merge pull request #4309 from mposolda/master
...
KEYCLOAK-5061 Better error messages when action expired
2017-07-10 21:29:03 +02:00
mposolda
7be2c55f61
KEYCLOAK-5061 Better error messages when action expired
2017-07-10 19:50:28 +02:00
Stan Silvert
7dbb439cf3
KEYCLOAK-5075: Allow Origin Missing in Direct Access Grants
2017-07-10 13:45:02 -04:00
Stan Silvert
1721ccc85e
KEYCLOAK-5144: Supported locales undefined ( #4304 )
...
* KEYCLOAK-5144: Supported locales are undefined
* KEYCLOAK-5144: Supported locales are undefined.
* KEYCLOAK-5144: Supported locales are undefined
* KEYCLOAK-5144: Supported locales are undefined
2017-07-09 20:48:49 -04:00
Pedro Igor
0aeba74185
[KEYCLOAK-5158] - Revert changes that made delete on lists and scope permission stop working
2017-07-06 18:22:13 -03:00
Martin@qingcloud
d84ab4f90b
KEYCLOAK-5086:add Chinese translation into messages. ( #4251 )
...
* add Chinese translation into messages.
* convert messages from unicode to utf-8
2017-07-06 08:13:49 +02:00
Stian Thorgersen
9a9f4137e5
KEYCLOAK-4556 KEYCLOAK-5022 Only cache keycloak.js and iframe if specific version is requested ( #4289 )
2017-07-04 21:18:34 +02:00
Stan Silvert
32b16717a7
KEYCLOAK-4234: Link to app in acct mgt doesn't use root url ( #4285 )
...
* KEYCLOAK-4234: Link to app in acct mgt not use root url
* Add tests.
2017-07-04 07:01:58 +02:00
Stian Thorgersen
fdb80d4319
Fix console tests ( #4277 )
2017-06-30 08:49:18 +02:00
Stian Thorgersen
f0f1b85582
KEYCLOAK-5116 ( #4276 )
...
Authz tab not showing
2017-06-30 08:48:28 +02:00
Stan Silvert
6874cdc3b2
KEYCLOAK-4997 KEYCLOAK-4866 KEYCLOAK-4895 Upgrade to latest AngularJS, ( #4275 )
...
jquery, and others.
2017-06-30 05:55:47 +02:00
Josh Cain
89fcddd605
KEYCLOAK-3592 Docker auth implementation
2017-06-29 06:37:34 +02:00
Stian Thorgersen
55d0ad3a50
Merge pull request #4234 from samuelMangot/master
...
Email - I18n - added missing german text
2017-06-28 08:20:50 +02:00
Stian Thorgersen
d90235d1bd
Merge pull request #4245 from hokuda/email-messages-japanese
...
fix email messages in Japanese
2017-06-28 08:20:21 +02:00
Samuel Mangot
f5545eabdc
Email - I18n - fixed another grammar error
2017-06-27 20:30:30 +02:00
Samuel Mangot
3db8f97248
Email - I18n - removed remaining " and fixe grammar error
2017-06-27 18:04:41 +02:00
Samuel Mangot
48421cbc43
Email - I18n - removed "" around text placeholder
2017-06-27 16:55:10 +02:00
Stian Thorgersen
56c5996aff
Merge pull request #4259 from stianst/abstractj-KEYCLOAK-4444
...
KEYCLOAK-4444
2017-06-27 10:44:30 +02:00
Bruno Oliveira
361ab1c988
[KEYCLOAK-4444] Allow sending test email
2017-06-27 08:38:36 +02:00
Stian Thorgersen
c1c1a81a4e
Merge pull request #4138 from ASzc/KEYCLOAK-4752
...
KEYCLOAK-4752
2017-06-27 08:34:00 +02:00
Bill Burke
28b3ef9aa9
admin console work
2017-06-26 11:40:32 -04:00
Bill Burke
d08ddade2e
merge
2017-06-21 17:43:54 -04:00
Bill Burke
52e40922bc
removal
2017-06-21 17:42:57 -04:00
Bill Burke
8c82201add
Merge pull request #4224 from pedroigor/KEYCLOAK-3168
...
[KEYCLOAK-3168] - Group-Based Access Control
2017-06-21 17:03:34 -04:00
Hisanobu Okuda
eebd3feb28
fix email messages in Japanese
2017-06-21 21:42:14 +09:00
Bill Burke
a994af9010
remove scope
2017-06-16 11:26:43 -04:00
Samuel Mangot
a785f9fd11
Email - I18n - added missing german text
2017-06-16 09:55:54 +02:00
Pedro Igor
d4a85d6abc
[KEYCLOAK-5054] - Checking name availability only in cases name is filled
2017-06-14 18:10:51 -03:00
Pedro Igor
169280b6a1
[KEYCLOAK-3168] - Group-Based Access Control
2017-06-13 19:05:44 -03:00
Bill Burke
94528976d4
console work
2017-06-07 16:29:43 -04:00
Bill Burke
536a57a514
ui for permission reference
2017-06-05 19:52:51 -04:00
Bill Burke
b9f7a43a72
group permissions
2017-06-01 20:16:35 -04:00
Alex Szczuczko
bed6f96fc6
KEYCLOAK-4752 Change required actions UI to uncheck and disable the default checkbox when the enable checkbox is not checked. The API will continue to silently drop actions that are not enabled for the realm.
2017-06-01 08:25:51 -06:00
Pedro Igor
81f1a5b145
Merge pull request #4183 from pedroigor/stan-ui-fixes
...
[KEYCLOAK-4915] - Fixes to evaluation tool UI
2017-05-24 09:32:42 -03:00
Marek Posolda
79af4dfd18
Merge pull request #4127 from sbryzak/KEYCLOAK-4886
...
KEYCLOAK-4886
2017-05-24 10:47:09 +02:00
Pedro Igor
829bcf5eaf
Fix to evaluation tool
2017-05-23 17:50:06 -03:00
Stian Thorgersen
130452f6c3
Merge pull request #4085 from mstruk/RHSSO-402
...
RHSSO-402 need a way to dump configuration (including ldap provider config) to a file
2017-05-23 13:29:32 +02:00
Pedro Igor
8d40ee17f1
Merge pull request #4166 from pedroigor/stan-ui-fixes
...
[EYCLOAK-4915] - Review AuthZ UIs
2017-05-22 10:10:09 -03:00
Pedro Igor
7ae117707b
Fixing validation of required fields
2017-05-19 19:45:47 -03:00
Pedro Igor
d1d590b45c
Delete action on lists
2017-05-19 19:45:47 -03:00
Pedro Igor
62ffab7239
Exporting a client is updating policy config
2017-05-19 19:45:47 -03:00
Bill Burke
ab763e7c5b
fixes after merge
2017-05-19 15:54:36 -04:00
Bill Burke
f114895cd2
for merge
2017-05-19 11:29:26 -04:00
Dominik Langenegger
dce4353e0d
KEYCLOAK-4940 Fix typo in German email verification body
2017-05-19 14:26:40 +02:00
Marek Posolda
4d5ca2b8fa
Merge pull request #4159 from hmlnarik/KEYCLOAK-4627-Nicer-text-in-html-email
...
KEYCLOAK-4627 Nicer link texts in HTML variant of emails
2017-05-19 14:03:39 +02:00
Marek Posolda
8e4899f874
Merge pull request #4158 from hmlnarik/KEYCLOAK-4627-Change-wording
...
KEYCLOAK-4627 Change wording of the configuration in UI
2017-05-19 14:03:24 +02:00
Hynek Mlnarik
d4f870fbb4
KEYCLOAK-4627 Nicer link texts in HTML variant of emails
2017-05-19 10:08:02 +02:00
Hynek Mlnarik
ca8d756c05
KEYCLOAK-4627 Change wording of the configuration in UI
2017-05-19 09:39:58 +02:00
Hynek Mlnarik
355af6d1cf
KEYCLOAK-4627 Action tokens theme typo
2017-05-18 14:27:53 +02:00
Marko Strukelj
7d0ca42c6c
RHSSO-402 need a way to dump configuration (including ldap provider config) to a file
2017-05-15 12:13:58 +02:00
Bill Burke
954ef99f22
Merge remote-tracking branch 'upstream/master'
2017-05-12 10:10:29 -04:00
mposolda
7d8796e614
KEYCLOAK-4626 Support for sticky sessions with AUTH_SESSION_ID cookie. Clustering tests with embedded undertow. Last fixes.
2017-05-11 22:24:07 +02:00
Hynek Mlnarik
b8262a9f02
KEYCLOAK-4628 Single-use cache + its functionality incorporated into reset password token. Utilize single-use cache for relevant actions in execute-actions token
2017-05-11 22:16:26 +02:00
Hynek Mlnarik
c431cc1b01
KEYCLOAK-4627 IdP email account verification + code cleanup. Fix for concurrent access to auth session notes
2017-05-11 22:16:26 +02:00
mposolda
168153c6e7
KEYCLOAK-4626 Authentication sessions - SAML, offline tokens, broker logout and other fixes
2017-05-11 22:16:26 +02:00
mposolda
e7272dc05a
KEYCLOAK-4626 AuthenticationSessions - brokering works. Few other fixes and tests added
2017-05-11 22:16:26 +02:00
mposolda
a9ec69e424
KEYCLOAK-4626: AuthenticationSessions - working login, registration, resetPassword flows
2017-05-11 22:16:26 +02:00
Shane Bryzak
349a59cf35
KEYCLOAK-4886 update Openshift view template to allow setting an alias and display name
...
Signed-off-by: Shane Bryzak <sbryzak@redhat.com>
2017-05-11 09:27:49 +10:00
Bill Burke
bfb4395b28
role and Users finished UI work
2017-05-10 15:25:04 -04:00
Johannes Knutsen
b64817761a
KEYCLOAK-4875 Use realm name instead of realm id to generate OpenID Endpoint Configuration URL in admin's Realm Settings page
2017-05-09 22:05:10 +02:00
Bill Burke
a8a8ea4bcd
Merge remote-tracking branch 'upstream/master'
2017-05-08 13:49:03 -04:00
Bill Burke
f760427c5c
fine grain tests
2017-05-08 13:48:51 -04:00
Bill Burke
e1b6ba13cc
Merge pull request #3893 from anderius/feature/KEYCLOAK-3056-verify-signature
...
[WIP] Saml broker: Added wantAssertionsSigned and wantAssertionsEncrypted
2017-05-05 09:04:41 -04:00
Stan Silvert
2e66cd1070
Merge pull request #4108 from ssilvert/error_description
...
KEYCLOAK-4462: Unexpected error when creat client w/ existing ClientID
2017-05-04 16:29:43 -04:00
Stan Silvert
55f3d8c1d0
KEYCLOAK-4462: Use errorInterceptor instead of handling errors locally
2017-05-04 15:21:05 -04:00
Stan Silvert
b8fecca0ba
KEYCLOAK-4462: Unexpected error when creating client with existing
...
ClientID
2017-05-01 18:13:27 -04:00
Stan Silvert
1438982104
KEYCLOAK-4720: Wrongly positioned IdPs table header
2017-05-01 15:19:44 -04:00
Eriksson Fabian
ca1152c3e5
KEYCLOAK-4204 Extend brute force protection with permanent lockout on failed attempts
...
- Can still use temporary brute force protection.
- After X-1 failed login attempt, if the user successfully logs in his/her fail login count is reset.
2017-04-28 09:02:10 +02:00
Pedro Igor
fbcfcfa088
[KEYCLOAK-4755] - Client UI Tests
2017-04-26 12:11:53 -03:00
Pedro Igor
b3131bf679
[KEYCLOAK-3135] - Rules UI Tests
2017-04-25 16:52:14 -03:00
Pedro Igor
38ae6c981b
Merge pull request #4068 from pedroigor/KEYCLOAK-3135
...
[KEYCLOAK-3135] - Scope permission UI tests and reusable ui-select2 component
2017-04-25 08:19:32 -03:00
Stian Thorgersen
cf7f28d97e
Merge pull request #4031 from abacusresearch/KEYCLOAK-4736_http_header_x-xss-protection
...
KEYCLOAK-4736 Extend security defenses with X-XSS-Protection header
2017-04-25 10:38:21 +02:00
Stian Thorgersen
1385d3c219
Merge pull request #4062 from ssilvert/dbl-click
...
KEYCLOAK-4121: Prevent double form submission
2017-04-25 08:57:15 +02:00
Pedro Igor
49547ccfbc
[KEYCLOAK-3135] - Scope permission UI tests and reusable ui-select2 component
2017-04-24 23:12:46 -03:00
Pedro Igor
5972c94dc8
[KEYCLOAK-3135] - More UI tests
2017-04-24 16:50:23 -03:00
Pedro Igor
dfec691de0
[KEYCLOAK-3135] - Fixing cancel button
2017-04-24 08:39:08 -03:00
Pedro Igor
e0f753bcf5
[KEYCLOAK-3135] - More changes to Policy Management API
2017-04-24 07:34:08 -03:00
Stan Silvert
8dc65cff0a
KEYCLOAK-4121: Prevent double form submission
2017-04-21 14:11:44 -04:00
Stan Silvert
62000e042d
KEYCLOAK-4402: Fix regexp password policy.
2017-04-20 18:09:20 -04:00
Stian Thorgersen
1d03eb5f2b
Merge pull request #4045 from stianst/KEYCLOAK-4737
...
KEYCLOAK-4737 Admin Console redirect loop when hostname contains console
2017-04-20 09:29:41 +02:00
Stian Thorgersen
7de0b329a2
Merge pull request #4046 from stianst/KEYCLOAK-4637
...
KEYCLOAK-4637 Fix FreeOTP url in Swedish translation
2017-04-19 15:48:12 +02:00
Stian Thorgersen
10009868a3
KEYCLOAK-4637 Fix FreeOTP url in Swedish translation
2017-04-19 14:54:44 +02:00
Stian Thorgersen
0a0d2174e4
KEYCLOAK-4737 Admin Console redirect loop when hostname contains console
2017-04-19 14:43:56 +02:00
Markus Lindström
0b21ed3e0e
KEYCLOAK-4762 Improve French translations
2017-04-19 10:23:52 +02:00
Stian Thorgersen
330663dfd3
Merge pull request #3898 from chameleon82/KEYCLOAK-4502_Update_Russian_Translation
...
KEYCLOAK-4502 Update Russian translation
2017-04-19 09:41:49 +02:00
Stian Thorgersen
da6781dd91
Merge pull request #4029 from abacusresearch/KEYCLOAK-4734_update_italian_translation
...
KEYCLOAK-4734 Update Italian translations
2017-04-18 15:14:33 +02:00
Stian Thorgersen
4f771ac51a
Merge pull request #4027 from abacusresearch/KEYCLOAK-4729_update_german_translation
...
KEYCLOAK-4729 Update German translations
2017-04-18 15:13:39 +02:00
Pedro Igor
a415ea3670
[KEYCLOAK-4755] - AuthZ UI Tests
2017-04-13 15:54:52 -03:00
Pedro Igor
eec712a259
[KEYCLOAK-3135] - Role and user policies apis
2017-04-12 00:52:14 -03:00
Pedro Igor
54ebc1918c
[KEYCLOAK-3135] - Using abstract policy representation when creating policies and updating tests
2017-04-12 00:52:13 -03:00
Pedro Igor
55f747ecd0
[KEYCLOAK-3135] - Part 1: Permission Management API
2017-04-12 00:52:13 -03:00
Dominik Langenegger
8840bc073f
KEYCLOAK-4736 Extend security defenses with additional option to set the X-XSS-Protection header, block by default
2017-04-10 11:20:07 +02:00
Nekrasov Aleksander
2066259518
KEYCLOAK-4502 Update Russian translation
2017-04-08 11:42:33 +07:00
Nekrasov Aleksander
9bca7fb7c5
KEYCLOAK-4502 Update russian translation
2017-04-08 11:27:34 +07:00
Dominik Langenegger
c73de4f2b9
KEYCLOAK-4734 Update Italian translations
2017-04-07 16:46:43 +02:00
Dominik Langenegger
16430791bb
KEYCLOAK-4729 Update German translations
2017-04-07 16:03:34 +02:00
Dominik Langenegger
e9d22f3506
KEYCLOAK-4728 Fix typo
2017-04-07 09:31:05 +02:00
Stian Thorgersen
af4c74f1d9
Merge pull request #3718 from thomasdarimont/issue/KEYCLOAK-4163-improve-support-for-email-addresses
...
KEYCLOAK-4163 Improve support for e-mail addresses
2017-04-06 15:34:30 +02:00
Stian Thorgersen
4845286e04
Merge pull request #4001 from stianst/KEYCLOAK-4693
...
KEYCLOAK-4693
2017-04-04 15:48:08 +02:00
Stian Thorgersen
eaf386f1d2
KEYCLOAK-4693
...
Improve blocking search indexing
2017-04-04 09:56:48 +02:00
Pedro Igor
838a045239
[KEYCLOAK-4650] - Adding scope filter and fixing cancel buttons
2017-03-29 12:59:41 -03:00
Pedro Igor
33a0dc880f
[KEYCLOAK-4650] - Confirmation dialog when disabling authorization settings
2017-03-29 11:17:10 -03:00
Marko Strukelj
d26f2b44bd
KEYCLOAK-4496 Strange truncation of Client information when creating a new client
...
- Added polyfill from https://github.com/tbosch/autofill-event
2017-03-28 18:06:17 +02:00
Bill Burke
f554fd90db
Merge pull request #3911 from almighty/oso_provider
...
[KEYCLOAK-4528] Adds Openshift Identity Provider as part of social brokers
2017-03-25 19:25:44 -04:00
Stian Thorgersen
7968394537
KEYCLOAK-4654 Disable unsupported LDAP vendors in product profile
2017-03-24 13:44:33 +01:00
Nekrasov Aleksander
d0b3cb32f0
KEYCLOAK-4502 Update Russian translation
2017-03-24 18:22:25 +07:00
Stian Thorgersen
90c4de27e5
KEYCLOAK-3251 Add product Maven profile
...
KEYCLOAK-3254 Product profile should include RH-SSO theme and change default theme
2017-03-24 07:10:11 +01:00
Bartosz Majsak
210143738e
Merge branch 'master' into oso_provider
2017-03-23 13:45:07 +01:00
Pedro Igor
deae380941
Merge pull request #3964 from pedroigor/KEYCLOAK-4587
...
[KEYCLOAK-4587] - Missing breadcrumb
2017-03-22 13:55:50 -03:00
Marek Posolda
975dfe9489
Merge pull request #3167 from brat000012001/master
...
X509 Certificate user authentication
2017-03-22 08:26:26 +01:00
Thomas Darimont
05a8fffdbf
KEYCLOAK-4614 Fix linkOnly tooltip reference
2017-03-22 00:07:40 +01:00
Pedro Igor
c517565cc5
[KEYCLOAK-4587] - Missing breadcrumb
2017-03-21 16:55:21 -03:00
Peter Nalyvayko
b2f10359c8
KEYCLOAK-4335: x509 client certificate authentication
...
Started on implementing cert thumbprint validation as a part of x509 auth flow. Added a prompt screen to give users a choice to either log in based on the identity extracted from X509 cert or to continue with normal browser login flow authentication; clean up some of the comments
x509 authentication for browser and direct grant flows. Implemented certificate to user mapping based on user attribute
Implemented CRL and OCSP certificate revocation checking and added corresponding configuration settings to set up responderURI (OCSP), a location of a file containing X509CRL entries and switiches to enable/disable revocation checking; reworked the certificate validation; removed superflous logging; changed the certificate authentication prompt page to automatically log in the user after 10 seconds if no response from user is received
Support for loading CRL from LDAP directory; finished the CRL checking using the distribution points in the certificate; updated the instructions how to add X509 authentication to keycloak authentication flows; minor styling changes
Stashing x509 unit test related changes; added the steps to configure mutual SSL in WildFly to the summary document
A minor fix to throw a security exception when unable to check cert revocation status using OCSP; continue working on README
Changes to the formating of the readme
Added a list of features to readme
Fixed a potential bug in X509 cert user authenticator that may cause NPE if the client certificate does not define keyusage or extended key usage extensions
Fixed compile time errors in X509 validators caused by the changes to the user credentials model in upstream master
Removed a superfluous file created when merging x509 and main branches
X509 authentication: removed the PKIX path validation as superflous
Reverted changes to the AbstractAttributeMapper introduced during merging of x509 branch into main
Merge the unit tests from x509 branch
added mockito dependency to services project; changes to the x509 authenticators to expose methods in order to support unit tests; added a default ctor to CertificateValidator class to support unit testing; updated the direct grant and browser x509 authenticators to report consistent status messages; unit tests to validate X509 direct grant and browser authenticators; fixed OCSP validation to throw an exception if the certificate chain contains a single certificate; fixed the CRL revocation validation to only use CRL distribution point validation only if configured
CRL and OSCP mock tests using mock netty server. Changed the certificate validator to better support unit testing.
changes to the mockserver dependency to explicitly exclude xercesImpl that was causing SAMLParsingTest to fail
Added a utility class to build v3 certificates with optional extensions to facilitate X509 unit testing; removed supoerfluous certificate date validity check (undertow should be checking the certificate dates during PKIX path validation anyway)
X509: changes to make configuring the user identity extraction simplier for users - new identity sources to map certificate CN and email (E) attributes from X500 subject and issuer names directly rather than using regular expressions to parse them
X509 fixed a compile error caused by the changes to the user model in master
Integration tests to validate X509 client certificate authentication
Minor tweaks to X509 client auth related integration tests
CRLs to support x509 client cert auth integration tests
X509: reverted the changes to testrealm.json and updated the test to configure the realm at runtime
X509 - changes to the testsuite project configuration to specify a path to a trust store used to test x509 direct grant flow; integration tests to validate x509 authentication in browser and direct grant flows; updated the client certificate to extend its validatity dates; x509 integration tests and authenticators have been refactored to use a common configuration class
X509 separated the browser and direct grant x509 authenction integration tests
x509 updated the authenticator provider test to remove no longer supported cert thumbprint authenticator
x509 removed the dependency on mockito
x509 re-implemented OCSP certificate revocation client used to check revocation status when logging in with x509 certificate to work around the dependency on Sun OCSP implementation; integration tests to verify OCSP revocation requests
index.txt.attr is needed by openssl to run a simple OCSP server
x509: minor grammar fixes
Add OCSP stub responder to integration tests
This commit adds OCSP stub responder needed for the integration tests,
and eliminates the need to run external OCSP responder in order to run
the OCSP in X509OCSPResponderTest.
Replace printStackTrece with logging
This commit replaces call to printStackTrace that will end up going to
the stderr with logging statement of WARN severity.
Remove unused imports
Removed unused imports in
org.keycloak.authentication.authenticators.x509 package.
Parameterized Hashtable variable
Removed unused CertificateFactory variable
Declared serialVersionUID for Serializable class
Removed unused CertificateBuilder class
The CertificateBuilder was not used anywhere in the code, removing it to
prevent technical debt.
Removing unused variable declaration
`response` variable is not used in the test, removed it.
Made sure InputStreams are closed
Even though the InputStreams are memory based, added try-with-resources
to make sure that they are closed.
Removed deprecated usage of URLEncoder
Replaced invocation of deprecated method from URLEncoder with Encode
from Keycloak util package.
Made it more clear how to control OCSP stub responder in the tests
X509 Certificate user authentication: moved the integration unit tests into their own directory to fix a failing travis test job
KEYCLOAK-4335: reduced the logging level; added the instructions how to run X.509 related tests to HOW-TO-RUN.md doc; removed README.md from x509 folder; removed no longer used ocsp profile and fixed the exclusion filter; refactored the x509 base test class that was broken by the recent changes to the integration tests
KEYCLOAK-4335: fixed a few issues after rebasing
2017-03-17 05:24:57 -04:00
Stian Thorgersen
feeac69197
Merge pull request #3888 from daklassen/KEYCLOAK-4421
...
KEYCLOAK-4421 Change any http maven urls to https to reduce build-time MITM vulnerability
2017-03-15 09:54:21 +01:00
Thomas Darimont
b782892769
KEYCLOAK-4163 Improve support for e-mail addresses
...
Added support for user friendly email addresses as well as dedicated
reply-to addresses for emails being sent by Keycloak.
Both can be customized via the email settings per realm in
the admin-console.
User friendly email addresses use the format:
"Friendly Name"<email@example.org> and provide way to add a meaning
full name to an e-mail address.
We also allow to specify an optional envelope from bounce address.
If a mail sent to a user could not be delivered the email-provider
will sent a notification to that address.
See: https://en.wikipedia.org/wiki/Bounce_address
Add test for proper email headers in sent messages
2017-03-14 18:22:54 +01:00
Bill Burke
6d51862057
Merge pull request #3897 from anderius/feature/KEYCLOAK-4504-redirect-logout
...
[WIP] Saml broker: Option to specify logout request binding
2017-03-14 11:32:26 -04:00
David Klassen
32d3f760ec
KEYCLOAK-4421: Change http url to https
...
Change any http maven urls to https to reduce build-time MITM vulnerability
2017-03-14 10:18:40 +01:00
Stian Thorgersen
99581748e0
Merge pull request #3921 from gmarziou/fix-french-plural
...
KEYCLOAK-4561 Fix plural error in French translation
2017-03-14 09:32:37 +01:00
Stian Thorgersen
f0ae34d1ad
Merge pull request #3885 from sk8ter/master
...
add Swedish translation for account, email, login
2017-03-14 09:31:36 +01:00
Stan Silvert
e6df617cfc
KEYCLOAK-4535: Needless heading while adding or editing a Role
2017-03-13 21:03:05 -04:00
Pedro Igor
45caea4dbd
[KEYCLOAK-4549] - Scope Permission Form is not showing saved resource
2017-03-10 17:32:55 -03:00
Bill Burke
b618dbd97f
Merge pull request #3926 from mrpardijs/KEYCLOAK-4360-Add-SAML-OneTimeUse-Condition
...
KEYCLOAK-4360: Add OneTimeUse condition to SAMLResponse
2017-03-09 19:09:02 -05:00
Gaël MARZIOU
46c6db1739
Update URL for FreeOTP
...
It was poniting to obsolete location: https://fedorahosted.org/freeotp/
Now pointing to: https://freeotp.github.io/
2017-03-09 16:20:28 +01:00
Mark Pardijs
c78c0b73d3
KEYCLOAK-4360: Add OneTimeUse condition to SAMLResponse
...
Add OneTimeUse Condition to SAMLResponse when configured in client settings
2017-03-09 13:01:05 +01:00
Gael MARZIOU
0fc4cd134f
Fix plural error in French translation
2017-03-08 18:47:06 +01:00
Bill Burke
c6dc59f63e
Merge remote-tracking branch 'upstream/master'
2017-03-03 11:00:32 -05:00
Bill Burke
3bb29e033b
KEYCLOAK-4501, KEYCLOAK-4511, KEYCLOAK-4513
2017-03-03 09:48:52 -05:00
Bartosz Majsak
669b0143af
Adds tooltip for URL and en translation
2017-03-02 20:24:52 +01:00
Bartosz Majsak
1a6bb2fedb
Adds Openshift Identity Provider as part of social brokers
2017-03-02 15:14:57 +01:00
Quentin Caillard
75851ee0b3
administrator Spelling mistake
2017-03-01 12:32:55 +01:00
Marek Posolda
b54d7c37b6
Merge pull request #3890 from daklassen/KEYCLOAK-2994
...
KEYCLOAK-2994: Revise german translations
2017-03-01 12:22:44 +01:00
Anders Båtstrand
8d82390843
KEYCLOAK-4504 New configuration option for SAML Broker:
...
* postBindingLogout: Indicates if POST or redirect should be used for the logout requests.
This applies to both IdP-initiated logout, and Keycloak-initiated logout. If unset (for example when upgrading Keycloak), the setting is initially set to the same as postBindingResponse.
The flag is also set when importing IdP metadata.
2017-02-28 12:08:22 +01:00
Anders Båtstrand
89c6cda2ac
Two new configuration options for the Saml broker:
...
* wantAssertionsSigned: This will toggle the flag in the SP Metadata Descriptor, and validate the signature if and only if "Validate signature" is selected.
* wantAssertionsEncrypted: This will simply require that the assertion is encrypted.
Default behavior is unchanged. The signature validation uses the original XML, and supports therefore an IdP that adds whitespace and line breaks between tags (for example OpenAM).
2017-02-24 15:08:57 +01:00
Mika Andrianarijaona
ceb5a3a04b
Update french translation in admin console
2017-02-23 11:04:55 +03:00
David Klassen
999a3f62ac
KEYCLOAK-2994: Revise german translations
...
Corrected a huge amount of typos. Improved some translations.
2017-02-23 08:45:51 +01:00
Viktor Kostov
2cf25b6c57
add Swedish translation for account, email, login
2017-02-22 11:51:30 +01:00
Stan Silvert
4f78312a98
KEYCLOAK-4463: JS warnings caused by ui-ace while manipulating with
...
mappers
2017-02-21 19:31:25 -05:00
Stan Silvert
3bf9428cc0
KEYCLOAK-4467: Realm name collides with sidebar navigation
2017-02-20 15:43:46 -05:00
Stian Thorgersen
3653d7ed9a
Merge pull request #3762 from sldab/hide-providers
...
KEYCLOAK-4224 Allow hiding identity providers on login page
2017-02-17 12:04:35 +01:00
Stan Silvert
224f93f25d
Merge pull request #3782 from cargosoft/master
...
KEYCLOAK-4270 Custom login protocol doesn't show when creating a client
2017-02-13 07:58:21 -05:00
Bill Burke
75bee51ac1
console remote imported/unlink users
2017-02-09 09:11:48 -05:00
Bill Burke
cf5e2a1d20
unlink/remoteimported
2017-02-08 19:48:22 -05:00
Stian Thorgersen
07689c9537
KEYCLOAK-4259 Tweak login screen
2017-01-25 08:21:58 +01:00
Stian Thorgersen
cea52a6db9
KEYCLOAK-4259 Add top-margin to container to prevent overlay with logo
2017-01-24 09:35:57 +01:00
Stian Thorgersen
04228791f3
KEYCLOAK-4259 Reverted original padding around logo
2017-01-24 09:27:28 +01:00
Stian Thorgersen
15d0a116ac
Merge pull request #3769 from hmlnarik/KEYCLOAK-4167-Unable-to-validate-access-token-for-OIDC-External-IDP-using-configured-public-key
...
KEYCLOAK-4167 Always use preset key for verification if key ID not set
2017-01-23 13:59:35 +01:00
Dmitry Telegin
5bacd2919d
KEYCLOAK-4270 Custom login protocol doesn't show when creating a client
2017-01-21 01:46:34 +03:00
Stan Silvert
f55d18189c
KEYCLOAK-4259: Login page rendering broken
2017-01-20 16:07:36 -05:00
Stan Silvert
fe8e437e74
Merge pull request #3768 from ssilvert/otp-scrollbar
...
KEYCLOAK-3884: Another small tweak.
2017-01-20 14:22:27 -05:00
Stian Thorgersen
536b88790e
Merge pull request #3757 from mstruk/KEYCLOAK-4150
...
KEYCLOAK-4150 Unresolved variable ${cliane_security-admin-console} in admin web client
2017-01-19 13:55:36 +01:00
Pedro Igor
c7f2a0ffdd
Merge pull request #3766 from pedroigor/KEYCLOAK-4203
...
[KEYCLOAK-4203] - Removing references to Drools
2017-01-18 13:31:23 -02:00
Pedro Igor
c19360c6f2
[KEYCLOAK-4203] - Removing references to Drools
2017-01-18 12:44:30 -02:00
Hynek Mlnarik
df4f1e7129
KEYCLOAK-4167 Always use preset key for verification if key ID not set
2017-01-18 10:29:06 +01:00
mposolda
843b4b470b
KEYCLOAK-2333 LDAP/MSAD password policies are not used when user changes password
2017-01-17 21:06:09 +01:00
Slawomir Dabek
9bb65ba9b7
KEYCLOAK-4224 Allow hiding identity providers on login page
2017-01-17 14:32:59 +01:00
Stan Silvert
2eeb2f52c5
KEYCLOAK-3884: Another small tweak.
2017-01-16 14:24:44 -05:00
Stan Silvert
23c1f513e7
KEYCLOAK-3953: Remove recalculation of time when units change
2017-01-16 09:55:08 -05:00
Marko Strukelj
d68f6bbc42
KEYCLOAK-4150 Unresolved variable ${cliane_security-admin-console} in admin web client
2017-01-13 17:48:21 +01:00
Stan Silvert
c4cce147e2
Merge pull request #3747 from ssilvert/otp-scrollbar
...
KEYCLOAK-3884: OTP login page cutoff under weird sizes
2017-01-12 16:37:43 -05:00
Stan Silvert
3a2927e12e
KEYCLOAK-3884: OTP login page cutoff under weird sizes
2017-01-12 16:02:04 -05:00
Hynek Mlnarik
e11957ecf3
KEYCLOAK-4167 Make OIDC identity provider key ID configurable
2017-01-11 18:24:22 +01:00
Marek Posolda
227900f288
Merge pull request #3731 from mposolda/master
...
KEYCLOAK-4175 Provide a way to set the connect and read timeout for l…
2017-01-10 09:49:18 +01:00
Stian Thorgersen
345e0da76d
Merge pull request #3733 from stianst/KEYCLOAK-4180
...
KEYCLOAK-4180 When you turn on authorization for client Clustering ta…
2017-01-10 09:33:04 +01:00
Stian Thorgersen
ab0a669662
KEYCLOAK-4180 When you turn on authorization for client Clustering tab appears without saving
2017-01-10 06:59:40 +01:00
mposolda
c32620b718
KEYCLOAK-4175 Provide a way to set the connect and read timeout for ldap connections
2017-01-09 21:35:58 +01:00
Stian Thorgersen
dd74b57d13
KEYCLOAK-4165 KEYCLOAK-4014 Add missing sources for ace editor and fix loading of ace libs
2017-01-09 14:59:50 +01:00
Bas Dalenoord
42a8a0eb15
KEYCLOAK-4177: Changed URL to FreeOTP homepage;
2017-01-09 10:30:29 +01:00
Pedro Igor
5bc134ea7b
Merge pull request #3717 from pedroigor/KEYCLOAK-4164
...
[KEYCLOAK-4164] - Creating typed resources always result in error
2017-01-06 17:29:47 -02:00
Stian Thorgersen
fb6a8da863
Merge pull request #3713 from stianst/KEYCLOAK-3952
...
KEYCLOAK-3952
2017-01-06 07:17:27 +01:00
Pedro Igor
72691b2e74
[KEYCLOAK-4164] - Creating typed resources always result in error
2017-01-05 14:32:49 -02:00
Stian Thorgersen
2d1417d72b
KEYCLOAK-3952
...
User Administration: Double step cancel
2017-01-05 08:50:22 +01:00
Stan Silvert
a76c52ef84
KEYCLOAK-4155: User Federation: Page not found when click cancel creating
...
ldap provider
2017-01-04 14:03:39 -05:00
Stian Thorgersen
8a0859fcba
Merge pull request #3700 from stianst/KEYCLOAK-2980
...
KEYCLOAK-2980 Fix admin query for resource path
2017-01-04 07:01:19 +01:00
Stian Thorgersen
b7c98ed433
KEYCLOAK-2980 Fix admin query for resource path
2017-01-03 10:34:21 +01:00
Stian Thorgersen
08d7211a93
KEYCLOAK-4038 Get bind credential from component if stored
2017-01-02 14:40:12 +01:00
Pedro Igor
df7a68b709
[KEYCLOAK-4125] - Fixing when running in a cluster
2016-12-21 20:04:08 -02:00
Stian Thorgersen
e262f8fb63
KEYCLOAK-4120
...
Authz doesn't show in menu for clients
2016-12-20 14:46:56 +01:00
Stian Thorgersen
d365d9d784
Merge pull request #3649 from sldab/bearer-client-credentials
...
KEYCLOAK-4086 Client credentials missing in bearer-only JSON config
2016-12-20 12:32:03 +01:00
Stian Thorgersen
f6323d94ec
Merge pull request #3676 from stianst/KEYCLOAK-4109
...
KEYCLOAK-4109 Ability to disable impersonation
2016-12-20 09:35:03 +01:00
Stian Thorgersen
eb7ad07e31
KEYCLOAK-4109 Ability to disable impersonation
2016-12-20 08:46:21 +01:00
Pedro Igor
40591cff25
Merge pull request #3662 from pedroigor/KEYCLOAK-4034
...
[KEYCLOAK-4034] - Improvements to UI, performance and some code cleanup
2016-12-19 16:49:10 -02:00
Pedro Igor
5cf5168770
[KEYCLOAK-4034] - Improvements to UI, performance and some code cleanup
2016-12-19 16:48:16 -02:00
Slawomir Dabek
16fb1e2078
KEYCLOAK-4086 Client credentials missing in bearer-only Keycloak OIDC JSON
2016-12-19 16:55:19 +01:00
Marek Posolda
c6363aa146
Merge pull request #3630 from sldab/duplicate-email-support
...
KEYCLOAK-4059 Support for duplicate emails
2016-12-19 15:37:18 +01:00
Pedro Igor
c9c9f05e29
[KEYCLOAK-4034] - Improvements to UI, performance and some code cleanup
2016-12-19 11:22:37 -02:00
Slawomir Dabek
93cec9b3ee
KEYCLOAK-4059 Support for duplicate emails
2016-12-19 10:55:12 +01:00
Stian Thorgersen
f29bb7d501
KEYCLOAK-4092 key provider for HMAC signatures
2016-12-19 10:50:43 +01:00
Bill Burke
7b115b4b44
Merge pull request #3656 from patriot1burke/master
...
KEYCLOAK-4041
2016-12-15 16:07:55 -05:00
Bill Burke
4d64f0e160
KEYCLOAK-4041
2016-12-15 16:06:06 -05:00
Hynek Mlnarik
5006fe2292
KEYCLOAK-4062 - GUI changes for KeyName format + few tests
2016-12-12 22:29:01 +01:00
Pedro Igor
588e1711dd
Merge pull request #3597 from jlpettersson/KEYCLOAK-4018
...
KEYCLOAK-4018 Client-Based Policy
2016-12-09 17:32:19 -02:00
Bill Burke
d3e3990d77
Merge pull request #3629 from patriot1burke/master
...
KEYCLOAK-2806
2016-12-08 17:36:28 -05:00
Bill Burke
5f07fa8057
KEYCLOAK-2806
2016-12-08 16:28:22 -05:00
mposolda
7d8b392fd9
KEYCLOAK-4049 Admin Console: User Federation: Client ids not listed in role-ldap-mapper
2016-12-08 13:46:19 +01:00
Bill Burke
75e2b404c8
Merge pull request #3618 from abstractj/KEYCLOAK-3685
...
[KEYCLOAK-3685]: Username not updated when "Email as username" is enabled
2016-12-06 22:06:55 -05:00
Bill Burke
a0b54ebedc
KEYCLOAK-2654
2016-12-06 17:05:34 -05:00
Bruno Oliveira
ddb201db6c
[KEYCLOAK-3685]: Username not updated when "Email as username" is enabled
2016-12-06 19:46:31 -02:00
Stan Silvert
f3dbacabf8
KEYCLOAK-4039: Unexpected behavior when switching client access type.
2016-12-05 14:16:24 -05:00
Bill Burke
6cd6edce64
Merge pull request #3588 from abstractj/KEYCLOAK-3847
...
[KEYCLOAK-2568]
2016-12-03 13:37:06 -05:00