Commit graph

21580 commits

Author SHA1 Message Date
Konstantinos Georgilakis
f4f58ab707 KEYCLOAK-15540 correct SAMLAttributeConsumingServiceParser 2020-09-14 16:01:46 +02:00
mposolda
4123b7a91e KEYCLOAK-11678 Remove dummy resource. Adding keycloak-services and liquibase to jandex indexing 2020-09-14 09:27:34 -03:00
vmuzikar
a9a719b88c KEYCLOAK-15270 Account REST API doesn't verify audience 2020-09-14 08:43:09 -03:00
Dmitry Telegin
b62d68a591 KEYCLOAK-14952 - Unit test failure in keycloak-saml-core on Java 11 2020-09-14 11:17:57 +02:00
Stan Silvert
6348266175
Update README.md 2020-09-13 16:15:30 -04:00
Erik Jan de Wit
55a0f443ed
small fix to make the alert test more readable (#85) 2020-09-11 14:34:43 -04:00
mhajas
3186f1b5a9 KEYCLOAK-15514 Update AbstractStorageManager to check capability interface types 2020-09-11 14:42:48 +02:00
vmuzikar
cb5c893d87 Add tests for KEYCLOAK-15481 2020-09-11 07:03:24 -04:00
Stan Silvert
952e8fecee KEYCLOAK-15481: Display forbidden screen 2020-09-11 07:03:24 -04:00
Miquel Simon
2572b1464b KEYCLOAK-15395. Removed totp/remove (DELETE) and credentials/password (GET, POST) endpoints. 2020-09-10 18:03:03 -03:00
Erik Jan de Wit
1297c9f391
Restructure (#78)
* moved files into new structure

* translation files / namespace per "page"

fixes: #77

* renamed pages to sections

* moved save, delete and others to common bundle
2020-09-10 14:04:03 -04:00
Takashi Norimatsu
af2f18449b KEYCLOAK-14195 FAPI-RW Client Policy - Condition : Client - Client Role 2020-09-10 18:34:19 +02:00
Clement Cureau
b19fe5c01b Finegrain admin as fallback and added some tests 2020-09-10 12:26:55 -03:00
Clement Cureau
73378df52e [KEYCLOAK-11621] Allow user creation via group permissions (Admin API)
Problem:
Using fine-grained admin permissions on groups, it is not permitted to create new users
within a group.

Cause:
The POST /{realm}/users API does not check permission for each group part of the new
user representation

Solution:
- Change access logic for POST /{realm}/users to require MANAGE_MEMBERS and
MANAGE_MEMBERSHIP permissions on each of the incoming groups

Tests:
Manual API testing performed:
  1. admin user from master realm:
    - POST /{realm}/users without groups                  => HTTP 201 user created
    - POST /{realm}/users with groups                     => HTTP 201 user created
  2. user with MANAGE_MEMBERS & MANAGE_MEMBERSHIP permissions on group1
    - POST /{realm}/users without groups                  => HTTP 403 user NOT created
    - POST /{realm}/users with group1                     => HTTP 201 user created
    - POST /{realm}/users with group1 & group2            => HTTP 403 user NOT created
    - POST /{realm}/users with group1 & wrong group path  => HTTP 400 user NOT created
  3. user with MANAGE_MEMBERS permission on group1
    - POST /{realm}/users without groups                  => HTTP 403 user NOT created
    - POST /{realm}/users with group1                     => HTTP 403 user NOT created
    - POST /{realm}/users with group1 & group2            => HTTP 403 user NOT created
    - POST /{realm}/users with group1 & wrong group path  => HTTP 400 user NOT created
2020-09-10 12:26:55 -03:00
testn
706299557e KEYCLOAK-15174: ResourceServerAdapter.toEntity checks the wrong type 2020-09-10 12:19:25 -03:00
testn
c288175c03 KEYCLOAK-15208: PermissionTicketAdapter checks for the wrong type 2020-09-10 12:16:48 -03:00
Heikki Simperi
4500dcbbc6 KEYCLOAK-13837 Admin cli command has alias parameter should be keyAlias 2020-09-10 10:58:52 -03:00
Andy Munro
df1cb476fe KEYCLOAK-14845 Updating IBM Z and OpenJ9 terminology 2020-09-09 15:02:07 -03:00
Sebastian Laskawiec
e01159a943 KEYCLOAK-14767 OpenShift Review Endpoint audience fix 2020-09-09 11:57:24 -03:00
Erik Jan de Wit
7f66895631
added export and delete (#63)
* added export and delete

* added types
2020-09-09 16:34:05 +02:00
Michael Furman
6b9a5f2854 Update spring-security-adapter.adoc 2020-09-09 11:19:57 +02:00
Michael Furman
cdbdac6c36 Fixing KEYCLOAK-14642
Fixing documentation to resolve KEYCLOAK-14642
2020-09-09 11:19:57 +02:00
Takashi Norimatsu
cbb79f0430 KEYCLOAK-15448 FAPI-RW : Error Response on OIDC private_key_jwt Client Authentication Error (400 error=invalid_client) 2020-09-09 11:14:21 +02:00
Stan Silvert
8fbcf7582a
Flesh out left navigation (#76)
Co-authored-by: Erik Jan de Wit <erikjan.dewit@gmail.com>
2020-09-09 11:07:17 +02:00
mhajas
df52c12ebb KEYCLOAK-15479 Replace enlistAfterCompletion with enlist in MapClientProvider 2020-09-09 08:27:38 +02:00
Sarah Rambacher
bc38db7dbb
Adjusts toolbar help menu items (#65)
* Adjusts toolbar help menu items

* remove workaround css for dropdown description text

* fixes formatting

* capitalize menu item

* revert change in variable name
2020-09-08 14:54:21 -04:00
Erik Jan de Wit
8fa720438e
some small fixes to the realm selector (#74) 2020-09-08 13:20:29 -04:00
Erik Jan de Wit
082682e6d3
initial version of json file upload component (#75) 2020-09-08 13:16:08 -04:00
Erik Jan de Wit
c59a7198c9
initial version of help items (#70) 2020-09-08 13:12:42 -04:00
Benjamin Weimer
b2934e8dd0 KEYCLOAK-15327 backchannel logout invalidate offline session even if there is no corresponding active session found 2020-09-08 11:17:20 -03:00
Stan Silvert
ca7c014e55
Run tsc on build to check for typescript errors (#69)
* Run tsc on build to check for typescript errors

* Fix typescript errors.  Rename failing stories.

* Make prettier happy

* Use only tsconfig for tsc.
2020-09-08 07:56:44 +02:00
Hynek Mlnarik
bf637dc8ca KEYCLOAK-14961 Update release notes 2020-09-07 15:19:40 +02:00
PoojaChandak
1fd8a6e28e Update fine-grain.adoc
review comment update
2020-09-07 06:09:50 -07:00
PoojaChandak
43dbad7cfc Update fine-grain.adoc
Observed a few changes, suggesting the same. Kindly check.
2020-09-07 06:09:50 -07:00
Martin Kanis
4e9bdd44f3 KEYCLOAK-14901 Replace deprecated ClientProvider related methods across Keycloak 2020-09-07 13:11:55 +02:00
stianst
76f7fbb984 KEYCLOAK-14548 Add support for cached gzip encoding of resources 2020-09-07 00:58:47 -07:00
Martin Bartos
e34ff6cd9c [KEYCLOAK-14326] Identity Provider force sync is not working 2020-09-07 09:42:40 +02:00
Stan Silvert
0eea5b8057
Use isBlock instead of css (#67)
* Use isBlock instead of css

* Make prettier happy

* Fix tests
2020-09-05 15:37:42 -04:00
Eugenia
c6a310a827
add realm selector (#48)
* WIP realm selector

* realm dropdown is working

* address PR feedback

* address PR feedback and fix conflicts

* fix formatting

* fix path

* address PR feedback from Stan

* update snapshot tests

* fix formatting

* change minwidth
2020-09-04 14:16:11 -04:00
Erik Jan de Wit
87d8414bd7
fix storybook imports (#62) 2020-09-04 06:38:58 -04:00
Erik Jan de Wit
258b21e334
remove env vars and use simple copy task to switch (#60) 2020-09-04 06:38:23 -04:00
Takashi Norimatsu
1d8230d438 KEYCLOAK-14190 Client Policy - Condition : The way of creating/updating a client 2020-09-04 09:54:55 +02:00
Luca Leonardo Scorcia
67b2d5ffdd KEYCLOAK-14961 SAML Client: Add ability to request specific AuthnContexts to remote IdPs 2020-09-03 21:25:36 +02:00
Luca Leonardo Scorcia
865dd55f04 KEYCLOAK-14961 SAML Client: Add ability to request specific AuthnContexts to remote IdPs 2020-09-03 21:25:30 +02:00
Erik Jan de Wit
f1c9d2e49e
Import client json file (#55)
* import form

* added confirmation dialog

* introduced page component for clients
2020-09-03 15:25:05 -04:00
Erik Jan de Wit
a0b2b52b4f
upgraded to storybook 6 and changed to tsx (#58) 2020-09-03 13:26:36 -04:00
Erik Jan de Wit
050f6aaed5
added more tests (#59) 2020-09-03 13:25:35 -04:00
dependabot-preview[bot]
ad16ce23d4
Bump i18next-http-backend from 1.0.17 to 1.0.18 (#57)
Bumps [i18next-http-backend](https://github.com/i18next/i18next-http-backend) from 1.0.17 to 1.0.18.
- [Release notes](https://github.com/i18next/i18next-http-backend/releases)
- [Commits](https://github.com/i18next/i18next-http-backend/compare/v1.0.17...v1.0.18)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-09-03 14:58:42 +02:00
Hynek Mlnarik
1c4a2db8e1 KEYCLOAK-14510 Properly close Response object 2020-09-03 11:23:05 +02:00
Simon Legner
bed664e4fe KEYCLOAK-15186 Sort user federation table 2020-09-02 17:40:41 -04:00