Commit graph

827 commits

Author SHA1 Message Date
June Zhang
eb8257a52e Fixes KEYCLOAK-7090 Applications page - HTML (#5189) 2018-05-10 18:14:56 -04:00
Bill Burke
1258923a0d
Merge pull request #5188 from patriot1burke/keycloak-7304
KEYCLOAK-7304
2018-05-08 07:31:05 -04:00
Stan Silvert
344286e037
KEYCLOAK-7244: Lang dropdowns should sometimes be hidden (#5175) 2018-05-07 15:56:22 -04:00
Clément Poissonnier
032c48fb25 i18n(login): add missing keys for french language (#5145) 2018-05-07 00:49:46 +02:00
Bill Burke
fdc6fc59b8 KEYCLOAK-7304 2018-05-03 12:14:30 -04:00
Stan Silvert
f3340b113f
KEYCLOAK-6977: Stop using yarn for new admin console (#5181) 2018-05-03 09:29:13 -04:00
Stan Silvert
20f24bffc4
KEYCLOAK-7248: Fixes for IE 11 (#5182) 2018-05-02 16:15:31 -04:00
Stian Thorgersen
90e5c7f3eb
Bump version to 4.0.0.Beta3-SNAPSHOT (#5185) 2018-05-02 14:32:20 +02:00
Stan Silvert
5a56a822b0
KEYCLAOK-7170 device activity component (#5169)
* KEYCLOAK-7170: Create Device Activity Page

* KEYCLOAK-7170: Create Device Activity Page

* Fixes KEYCLOAK-7205 - Device activity - update HTML
2018-04-25 15:04:56 -04:00
Stan Silvert
35154db50f
KEYCLOAK-7123: l10n dropdowns (#5170)
* KEYCLOAK-7196: Add kc_locale to keycloak.js

* KEYCLOAK-7123: Localization dropdowns

* Update keycloak-service to latest keycloak.js
2018-04-25 15:04:12 -04:00
June Zhang
49a83db2e9 Fixes KEYCLOAK-6499 Add password update - HTML (#5154) 2018-04-23 06:46:02 -04:00
June Zhang
c12cd7fd57 Fixes KEYCLOAK-7114 Fix localization for Welcome page - HTML/FTL (#5152) 2018-04-18 12:13:29 -04:00
Oskars
3bef6d5066 KEYCLOAK-4538 Configurable clock skew when validating tokens (#5014)
* [master]: fix type for checkLoginIframeInterval

* [master]: KEYCLOAK-4538 Feature to tolerate a configurable amount of seconds of clock skew when validating tokens

* [master]: KEYCLOAK-4538 Fix unit test scenarios for token clock skew

* [master]: KEYCLOAK-4538 Reverted wildcard imports

* [master]: fix unit test to use longer intervals to make test less fragile.
2018-04-16 11:09:25 +02:00
June Zhang
e8a07c9a6c Fixes KEYCLOAK-6970 Update HTML for profile page (#5146) 2018-04-13 13:34:24 -04:00
June Zhang
03590f117e Fixes KEYCLOAK-6838 Update RH-SSO logo style (#5147) 2018-04-13 08:10:55 +02:00
Stan Silvert
095fec95e5
KEYCLOAK-7022 Fix l10n on Welcome page (#5143) 2018-04-11 12:05:07 -04:00
Hugo Guerrero
fac3118b0a KEYCLOAK-6448 - implement instagram social broker (#4963)
* KEYCLOAK-6448 - implement instagram social broker

* Instagram SocialLogin Tests
2018-04-09 17:30:27 +02:00
Douglas Palmer
cf056b3464 [KEYCLOAK-6069] Allow configuration of LDAP connection pooling 2018-04-06 20:27:11 +02:00
Joe32
f41a7000de KEYCLOAK-6305, Slovak translation (#4926) 2018-04-06 11:37:39 +02:00
Stan Silvert
f652b13520
KEYCLOAK-7024: Fix logout dropdown (#5109) 2018-04-04 09:40:15 -04:00
Stan Silvert
baf6b96db6
KEYCLOAK-7037: Welcome Page Links (#5113) 2018-04-04 09:39:35 -04:00
Stan Silvert
701c318b60
KEYCLOAK-7047: Fix RegistrationEmailAsUsername and EditUserNameAllowed (#5122)
on personal info page.
2018-04-04 09:31:38 -04:00
Bill Burke
0b2fe75828
Merge pull request #5115 from patriot1burke/kcinit-browser
KEYCLOAK-7004 KEYCLOAK-7003 KEYCLOAK-6999 KEYCLOAK-7033
2018-04-03 10:31:30 -04:00
June Zhang
7280234422 Fixes KEYCLOAK-6969 Update the welcome page (#5105) 2018-03-31 13:33:12 -04:00
Bill Burke
4078e84fb6 server driven success page 2018-03-31 10:16:44 -04:00
Bill Burke
f4a5e49b63 initial 2018-03-29 17:14:36 -04:00
Bill Burke
f5bacb79c1 review changes 2018-03-28 16:45:52 -04:00
Bill Burke
ad5f3fefc5 Merge remote-tracking branch 'upstream/master' into kcinit 2018-03-27 16:38:35 -04:00
Stan Silvert
80feb67fc2
KEYCLOAK-6494: Address load time of new acct mgt console (#5100)
* Optimize loading. min bundles, stop double-loading, rxjs-system instead of
plain rxjs, clean up 404's

* Create module loading hierarchy.  Allows for lazy loading.

* Upgrade NG, remove jquery, load keycloak.js only from auth/js

* Delay systemjs loading.  Load home page instead of account.

* KEYCLOAK-6496: Cleanup and polish code after optimizations.

* Fix message bundle to be back the way it was.

* Remove unused png's. Remove comments in index.ftl. Remove javaMessages.
2018-03-27 12:42:13 -04:00
Pedro Igor
ffeb0420bf
Merge pull request #5079 from pedroigor/KEYCLOAK-6529
[KEYCLOAK-6529] - Resource Attributes
2018-03-27 09:30:38 -03:00
June Zhang
bff7831912 KEYCLOAK-6942 Cut off background on the new login page 2018-03-26 18:23:36 +02:00
stianst
07fea02146 Bump versions to 4.0.0.Beta2-SNAPSHOT 2018-03-26 18:17:38 +02:00
June Zhang
ca15db81bb KEYCLOAK-6262 Incorporate new visual design from PatternFly (#4983)
* KEYCLOAK-6262 Incorporate new visual design from PatternFly

Update the username or email

Fix narrow/wide in template.ftl

minor style update

Add the Realm HTML name and image

Config OTP and Update Password
Not display the locale selector if there is less than 1 locale.

Fix margins/paddings on config otp screens

Fix title

Upgraded to PatternFly 3.41.6

Added RCUE and updated RH-SSO login theme

Refine the RCUE padding issue

Fix tests

Fix Keycloak background

Fix

* fix the overflowing issue

* Fix Console UI Tests to reflect the new login page

* Fix the different style of the IdP buttons
Fix the IE placeholder issue - add label

* Removed placeholder on login and reset pass. Fixed Keycloak background on wide screens.

* fixed the stackoverflow issues
fixed the width in the tablets
2018-03-21 10:47:33 +01:00
Bill Burke
f000cedcbb Merge remote-tracking branch 'upstream/master' into kcinit 2018-03-20 16:49:43 -04:00
Bill Burke
8926837a3e tests 2018-03-19 16:47:13 -04:00
Áron Bustya
57f57f5c75 set request object mandatory for client, restrict delivery mode
handle new attribute in client representation


add to UI
2018-03-19 19:31:22 +01:00
pedroigor
08896ee9c9 [KEYCLOAK-6529] - Resource Attributes 2018-03-19 13:21:39 -03:00
Bill Burke
4bba11cd94 kcinit 2018-03-16 12:11:57 -04:00
sebastienblanc
ee2d28d589 KEYCLOAK-6775 : fix french typos 2018-03-14 21:13:46 +01:00
Inki Hwang
22e32117e0 [KEYCLOAK-6789] show client id when client name is empty 2018-03-14 15:20:20 +01:00
Bill Burke
e2bec73011 KEYCLOAK-6336 2018-03-02 12:29:07 -05:00
pedroigor
cb531056a6 [KEYCLOAK-6621] - Fixing cache and queries of policies with type scope 2018-02-28 16:33:45 -03:00
Bill Burke
215bbaac6c hide tab when no client storage providers 2018-02-28 08:47:13 -05:00
Bill Burke
53f96099fb review fixes 2018-02-28 08:47:13 -05:00
Bill Burke
681256a079 KEYCLOAK-6622 2018-02-28 08:47:13 -05:00
Gaétan Collaud
1d88d061e6 French translation for KEYCLOAK-2120
* Added translation for KEYCLOAK-2120
* Removed link in translation since apps are now in a list (and html was escaped)
2018-02-28 08:55:26 +01:00
Gaétan Collaud
123c6dffe0 Improved french translation
In french, the "forgot password" email displays the full link instead of having a message like other languages.

`Lien pour réinitialiser votre mot de passe` = `Link to reset your password`.
2018-02-28 08:55:03 +01:00
Pedro Igor
91bdc4bde2 [KEYCLOAK-3169] - UMA 2.0 (#4368)
* [KEYCLOAK-3169] - UMA 2.0 Support

* [KEYCLOAK-3169] - Changes to account service and more tests

* [KEYCLOAK-3169] - Code cleanup and tests

* [KEYCLOAK-3169] - Changes to account service and tests

* [KEYCLOAK-3169] - Changes to account service and tests

* [KEYCLOAK-3169] - More tests

* [KEYCLOAK-3169] - Changes to adapter configuration

* [KEYCLOAK-3169] - Reviewing UMA specs and more tests

* [KEYCLOAK-3169] - Reviewing UMA specs and more tests

* [KEYCLOAK-3169] - Changes to UMA Grant Type and refactoring

* [KEYCLOAK-3169] - Refresh tokens for RPT responses and tests

* [KEYCLOAK-3169] - Changes to account my resources and policy enforcers

* [KEYCLOAK-3169] - Realm settings flag to enable/disable user-managed access in account mgmt console

* [KEYCLOAK-3169] - More changes to my resource pages in account mgmt console

* [KEYCLOAK-3169] - Need to enable user-managed on realm to run tests

* [KEYCLOAK-3169] - Removing more UMA 1.0 related code

* [KEYCLOAK-3169] - Only submit requests if ticket exists

* [KEYCLOAK-3169] - Returning UMA 401 response when not authenticated

* [KEYCLOAK-3169] - Removing unused code

* [KEYCLOAK-3169] - Removing unused code

* [KEYCLOAK-3169] - 403 response in case ticket is not created

* [KEYCLOAK-3169] - Fixing AbstractPhotozExampleAdapterTest#testClientRoleRepresentingUserConsent

* [KEYCLOAK-3169] - 403 status code only returned for non-bearer clients
2018-02-28 08:53:10 +01:00
Ferdinand Hübner
190ad06f1a KEYCLOAK-6618 Update German translations (#5002)
* KEYCLOAK-6618 Update German translations

Add missing translations for OTP authenticator settings and update
outdated translations for OTP authenticator

Fix minor issue for the username property (plural -> singular)

Add missing translations

* KEYCLOAK-6618: Include review feedback into German translations

* KEYCLOAK-6618: Reword translation for multi-factor authentication and fix minor translation issues

* KEYCLOAK-6618: Update German translation for the login theme

Message bundle keys have been reordered to be in sync with the english
version to improve scanning through the message bundles side-by-side.

The updated German translations from the account theme were applied to
the login theme as well (where applicable).
2018-02-28 05:10:31 +01:00
Ismael Jimenez
f604449188 Removed duplicated tabindex
The tabindex="3" was at the beginning and at the end of the tag, kept the one at the beginning for consistency.
2018-02-26 10:47:32 +01:00
Bruno Oliveira
f351db608e [KEYCLOAK-6334] Minor typo: "read only" should be "read-only" 2018-02-20 20:18:16 +01:00
Christian Katzorke (cig393a)
2c59d948fc in addition to KEYCLOAK-6065 no automplete 2018-02-20 20:14:28 +01:00
Bill Burke
5d5373454c
Merge pull request #4991 from patriot1burke/challenge-support
KEYCLOAK-6355
2018-02-13 09:38:45 -05:00
Stian Thorgersen
adb6c7789c
Merge pull request #4967 from k-tamura/fix-incorrect-japanese-translations
KEYCLOAK-6469 Fix incorrect Japanese translations
2018-02-12 09:58:58 +01:00
Bill Burke
d6788a0839 finish 2018-02-10 13:38:39 -05:00
Bruno Oliveira
b91998a0d8 [KEYCLOAK-6111] 'Override User-Initiated Action Lifespan' admin GUI can break realm configuration 2018-02-09 06:36:23 -02:00
Douglas Palmer
e8de4655ac KEYCLOAK-6344 Use POST instead of GET for LDAP connection tests 2018-02-08 21:18:03 +01:00
stianst
0e69dc6885 KEYCLOAK-1874 Add PatternFly 3.38.1 2018-02-07 14:26:10 +01:00
stianst
f1e7d3d6da KEYCLOAK-6378 Clean themes common directory 2018-02-07 12:07:40 +01:00
Kohei Tamura
0370cb64e7 Fix incorrect Japanese translations 2018-02-05 19:11:03 +09:00
Kohei Tamura
a50b94be0c KEYCLOAK-6457 Fix typos in properties 2018-02-05 05:58:08 +01:00
Hynek Mlnarik
afa26f7d3c KEYCLOAK-6339 Display SAML client IdP-initiated SSO URL 2018-02-02 11:17:10 +01:00
Bill Burke
8f09efab9d
Merge pull request #4949 from patriot1burke/client-storage-spi
KEYCLOAK-6228
2018-02-01 08:59:02 -05:00
Vlastimil Elias
a5f675d693 KEYCLOAK-4937 - convert time units in emails into human-friendly format 2018-01-30 06:38:57 +01:00
Bill Burke
1d8e38f0c6 admin console 2018-01-27 13:05:02 -05:00
Takashi Norimatsu
502627f590 KEYCLOAK-5811 Client Authentication by JWS Client Assertion in client secret 2018-01-26 10:59:40 +01:00
Douglas Palmer
42759be6ff [KEYCLOAK-6143] Remove Hmac prefix from algorithms in the OTP manual config pages 2018-01-25 07:10:30 +01:00
Douglas Palmer
0f1644e612 [KEYCLOAK-6142] Updated OTP manual config pages to reflect HOTP 2018-01-25 07:09:24 +01:00
Thorsten Boock
64b75d2806 Fix Authenticator Page HTML
Closes `<thead>` and disables escaping for the `totpStep1` message as it includes HTML links.
2018-01-24 13:44:57 -05:00
mposolda
6369c26671 KEYCLOAK-6286 Adding 'Exclude Session State From Authentication Response' switch to fix backwards compatibility with Keycloak 2.X adapters 2018-01-24 11:35:13 +01:00
stianst
f762173eb0 KEYCLOAK-3370 Add option to override theme in client template and client 2018-01-18 09:14:13 +01:00
pedroigor
79349e6307 [KEYCLOAK-6159] - Resource Permission UI not enabling save button when no policies are set 2018-01-09 16:28:53 -02:00
pedroigor
56750cba83 [KEYCLOAK-6113] - Remove red asterisk sign next to 'Apply Policy' while creating a new permission 2018-01-02 12:40:10 -02:00
stianst
6e3303145f KEYCLOAK-6079 2018-01-02 15:15:44 +01:00
stianst
0bedbb4dd3 Bump version to 4.0.0.CR1-SNAPSHOT 2017-12-21 15:06:00 +01:00
stianst
e3995c0154 KEYCLOAK-6079 2017-12-21 12:18:12 +01:00
Pedro Igor
7e072abf74
Merge pull request #4873 from pedroigor/master
[KEYCLOAK-5806] - Returning from child policy not restoring state
2017-12-20 08:53:50 -02:00
stianst
7d2d7e41d9 KEYCLOAK-6065 Prevent password managers from saving credentials in admin console 2017-12-20 06:46:54 +01:00
pedroigor
3846cfdb4f [KEYCLOAK-5806] - Changing apply policy component and more tests 2017-12-19 17:28:46 -02:00
stianst
902b799bdf KEYCLOAK-6064 Fix identity providers page when realm has no configured providers 2017-12-19 17:56:48 +01:00
stianst
465675ac28 KEYCLOAK-5019 Fixes for password managers 2017-12-19 16:13:16 +01:00
pedroigor
2ace312501 [KEYCLOAK-5806] - More UI tests for parent/child policy flow 2017-12-19 12:13:04 -02:00
pedroigor
c00d89aec3 [KEYCLOAK-5806] - Returning from child policy not restoring state 2017-12-19 10:00:14 -02:00
stianst
71e6f52f7d KEYCLOAK-6022 2017-12-18 11:48:39 +01:00
stianst
b303acaaba KEYCLOAK-2120 Added manual setup page for OTP 2017-12-18 11:20:20 +01:00
pedroigor
5d7ba39e0c [KEYCLOAK-5806] - Create policy component to permission pages 2017-12-15 23:41:52 -02:00
pedroigor
e2118856ca [KEYCLOAK-5806] - Adding table of selected policies 2017-12-15 22:04:37 -02:00
pedroigor
eba47b3c89 [KEYCLOAK-5806] - Create policy button to Aggregated Policies 2017-12-15 22:04:37 -02:00
Pedro Igor
a66fe003d3
Merge pull request #4863 from pedroigor/KEYCLOAK-5877
[KEYCLOAK-5877] - Allow save permissions without policies
2017-12-15 15:45:38 -02:00
Stan Silvert
a719b73808 KEYCLOAK-5935: No success msg on client role add/remove 2017-12-15 10:54:43 -05:00
pedroigor
94928323ee [KEYCLOAK-5877] - Allow saving permissions without policies 2017-12-15 12:55:07 -02:00
stianst
a8943fb323 KEYCLOAK-6043 Use same urls for get and posts in account 2017-12-15 08:31:04 +01:00
Stan Silvert
2b11938084 KEYCLOAK-5932: Remove social idp from dropdown if already defined 2017-12-14 20:18:56 -05:00
Stan Silvert
97e3b26a5c KEYCLOAK-5934: Event filters allowing free values in select2 inputs 2017-12-14 16:38:02 -05:00
Stan Silvert
068785f227 KEYCLOAK-6042: Remove keycloak-preview from product build. 2017-12-14 14:09:04 +01:00
Bill Burke
ea3417253f KEYCLOAK-5923 2017-12-12 16:07:09 -05:00
Bruno Oliveira
0a9055e112 [KEYCLOAK-5175] Importing certificate to saml client takes too long 2017-12-12 14:45:24 +01:00
Stan Silvert
a60fdcedcd KEYCLOAK-5929: Submit buttons in wrong position 2017-12-11 08:27:39 -05:00
stianst
dac6c6bd7e KEYCLOAK-6000 Fix output in execute actions email 2017-12-11 14:24:37 +01:00
Bill Burke
5d5a200413
Merge pull request #4818 from patriot1burke/master
KEYCLOAK-5926
2017-12-08 09:59:32 -05:00
Bill Burke
0dee393071 KEYCLOAK-5926 2017-12-07 19:49:10 -05:00
Bruno Oliveira
3f3d50b9ad KEYCLOAK-5467 X.509 Auth - missing internationalization support
This adds the missing i18n support for login buttons
2017-12-07 08:52:16 -02:00
Stan Silvert
b8da95e901 KEYCLOAK-5930: Submit button on cred screen should start as disabled 2017-12-06 15:35:00 -05:00
stianst
ecfabe4ebe KEYCLOAK-5913 Move Chinese translations into resources-community 2017-12-06 13:58:52 +01:00
Stan Silvert
30ad2899b8 KEYCLOAK-5933: Configure TOTP to Configure OTP 2017-12-05 17:24:54 -05:00
Stan Silvert
19cfbbf7ff KEYCLOAK-5972: i18n broken on keycloak-preview acct mgt 2017-12-04 13:44:16 -05:00
stianst
37de8e9f69 Bump version to 3.4.2.Final-SNAPSHOT 2017-12-01 09:34:48 +01:00
Stan Silvert
4d4ee33d1d KEYCLOAK-5937: Not possible to select role w/ hardocded LDAP role mapper 2017-11-30 15:29:36 -05:00
stianst
4daf6aaec5 KEYCLOAK-5940 2017-11-30 13:43:15 +01:00
Bruno Oliveira
6a528a3ee6 [KEYCLOAK-2645] Reset password page says 'You need to change your password to activate your account.' 2017-11-30 10:37:21 +01:00
stianst
2be78a0239 KEYCLOAK-5924 Add error handler for uncaught errors 2017-11-30 10:33:13 +01:00
Stan Silvert
fc8a8b1dd8 KEYCLOAK-5905: 'Disable Credentials' not displayed after reset password. 2017-11-28 16:40:41 -05:00
Bill Burke
c36b3cd296 KEYCLOAK-5904 2017-11-28 09:10:43 -05:00
stianst
24b7e318ca KEYCLOAK-5913 Fix all locales showing in RH-SSO 2017-11-28 07:54:26 +01:00
Stan Silvert
27268044ae KEYCLOAK-5906: Active page not highlighted in nav sidebar 2017-11-27 12:43:43 -05:00
Bruno Oliveira
9d35891e7d [KEYCLOAK-5467] X.509 Auth - missing internationalization support 2017-11-27 13:44:38 +01:00
Stian Thorgersen
feaf834184 KEYCLOAK-5863 Fix error when updating mapper twice in a row 2017-11-17 12:20:43 +01:00
Shon T. Urbas
f186ea12c6 Removal of duplicate cuff. 2017-11-16 07:18:49 +01:00
Stan Silvert
dc05134e41 KEYCLOAK-5850: Del realm role broken on permissions & Users tabs. 2017-11-16 07:05:08 +01:00
Stan Silvert
f923211e9f KEYCLOAK-5849: Multiple errors in acct page displays '<br/>' 2017-11-15 19:59:54 +01:00
Bill Burke
a70461b726
Merge pull request #4695 from patriot1burke/master
KEYCLOAK-5459 KEYCLOAK-5855
2017-11-14 22:02:13 -05:00
Bill Burke
6b8ead6c4b KEYCLOAK-5459 2017-11-14 19:37:07 -05:00
Stan Silvert
8b023f57f9
KEYCLOAK-5474: Unexp behavior with "login w/ email" and "Dup emails" (#4683)
settings.
2017-11-14 16:12:56 -05:00
Hynek Mlnařík
1412fed265
Merge pull request #4676 from abstractj/KEYCLOAK-2052
[KEYCLOAK-2052] Allows independently set timeouts for e-mail verification link and rest e.g. forgot password link
2017-11-14 09:19:57 +01:00
Stian Thorgersen
de72542151 KEYCLOAK-5795 Strip ids of client export from admin console 2017-11-14 08:49:58 +01:00
Bruno Oliveira
03d0488335 [KEYCLOAK-2052] Allows independently set timeouts for e-mail verification link and rest e.g. forgot password link
Co-authored-by: Hynek Mlnarik <hmlnarik@redhat.com>
2017-11-13 19:57:04 -02:00
Stian Thorgersen
128ff12f8f Bump versions 2017-11-09 15:37:21 +01:00
Stan Silvert
8759b42e6b KEYCLOAK-4461: Missing error msg when add idp mapper 2017-11-09 07:13:38 +01:00
liuzheng712
9243430b75 fix(Chinese language): add # encoding: utf-8 2017-11-09 07:10:59 +01:00
Stan Silvert
d3b270d025
KEYCLOAK-5475: UI glitches when alias blank in auth config (#4645) 2017-11-08 08:21:28 -05:00
Albert-Jan Verhees
b8f3c8a445 Fixed typo in Dutch translations 2017-11-08 12:59:55 +01:00
Stan Silvert
1db3134df8
KEYCLOAK-5506: Set empty fed config prop fails in admin console (#4625) 2017-11-06 12:44:13 -05:00
Stan Silvert
986540ab34 KEYCLOAK-4383: Dbl-click login button leads to "already logged in" page (#4614) 2017-10-27 10:29:37 -04:00
Marek Posolda
74f5c1c160 Merge pull request #4611 from mposolda/ldap-eviction-day
KEYCLOAK-5746 Bad label for evictionDay in admin console in EVICT_WEE…
2017-10-25 11:14:18 +02:00
mposolda
5f889dd3c6 KEYCLOAK-5746 Bad label for evictionDay in admin console in EVICT_WEEKLY cache policy 2017-10-25 09:08:33 +02:00
Bruno Oliveira
4d762159ef KEYCLOAK-5717 2017-10-24 10:55:02 -02:00
Stan Silvert
330f2acc29 KEYCLOAK-5732: Freemarker pages using ?html (#4607) 2017-10-23 16:35:45 -04:00
Stan Silvert
574fd42534 KEYCLOAK-5681: Upgrade AngularJS for Admin Console (#4571) 2017-10-23 12:03:46 -04:00
Stan Silvert
9083e5fe5c KEYCLOAK-5298: Enable autoescaping in Freemarker (#4561)
* KEYCLOAK-5298: Enable autoescaping in Freemarker

* Fix several of the failing tests.

* Fix broken tests in integration-deprecated

* Fix last failing test.
2017-10-23 12:03:00 -04:00
Stian Thorgersen
9b75b603e3 KEYCLOAK-5234 (#4585) 2017-10-23 16:13:22 +02:00
Bill Burke
8faa6f1f4d KEYCLOAK-5701 2017-10-18 18:20:50 -04:00
Bill Burke
0fb99a0098 Merge pull request #4569 from patriot1burke/master
KEYCLOAK-4328
2017-10-18 10:49:52 -04:00
Bill Burke
649bca7618 KEYCLOAK-4328 2017-10-18 09:37:17 -04:00
Thomas Darimont
3103e0fd0a KEYCLOAK-5244 Add BlacklistPasswordPolicyProvider (#4370)
* KEYCLOAK-5244 Add BlacklistPasswordPolicyProvider

This introduces a new PasswordPolicy which can refer to
a named predefined password-blacklist to avoid users
choosing too easy to guess passwords.

The BlacklistPasswordPolicyProvider supports built-in as
well as custom blacklists.
built-in blacklists use the form `default/filename`
and custom ones `custom/filename`, where filename
is the name of the found blacklist-filename.

I'd propose to use some of the freely available password blacklists
from the [SecLists](https://github.com/danielmiessler/SecLists/tree/master/Passwords) project.

For testing purposes one can download the password blacklist
```
wget -O 10_million_password_list_top_1000000.txt https://github.com/danielmiessler/SecLists/blob/master/Passwords/10_million_password_list_top_1000000.txt?raw=true
```
to /data/keycloak/blacklists/

Custom password policies can be configured with the SPI
configuration mechanism via jboss-cli:
```
/subsystem=keycloak-server/spi=password-policy:add()
/subsystem=keycloak-server/spi=password-policy/provider=passwordBlacklist:add(enabled=true)
/subsystem=keycloak-server/spi=password-policy/provider=passwordBlacklist:write-attribute(name=properties.blacklistsFolderUri, value=file:///data/keycloak/blacklists/)
```

Password blacklist is stored in a TreeSet.

* KEYCLOAK-5244 Encode PasswordBlacklist as a BloomFilter

We now use a dynamically sized BloomFilter with a
false positive probability of 1% as a backing store
for PasswordBlacklists.

BloomFilter implementation is provided by google-guava
which is available in wildfly.

Password blacklist files are now resolved against
the ${jboss.server.data.dir}/password-blacklists.

This can be overridden via system property, or SPI config.
See JavaDoc of BlacklistPasswordPolicyProviderFactory for details.

Revised implementation to be more extensible, e.g. it could be
possible to use other stores like databases etc.

Moved FileSystem specific methods to FileBasesPasswordBlacklistPolicy.

The PasswordBlacklistProvider uses the guava version 20.0
shipped with wildfly. Unfortunately the arquillian testsuite
transitively depends on guava 23.0 via the selenium-3.5.1
dependency. Hence we need to use version 23.0 for tests but 20.0
for the policy provider to avoid NoClassDefFoundErrors in the
server-dist.

Configure password blacklist folder for tests

* KEYCLOAK-5244 Configure jboss.server.data.dir for test servers

* KEYCLOAK-5244 Translate blacklisted message in base/login
2017-10-17 20:41:44 +02:00
Cédric Couralet
656fc5d7c0 KEYCLOAK-4052 - add an option to validate Password Policy for ldap user storage 2017-10-13 13:54:50 +02:00
Gaetan Collaud
06ad4caa1b KEYCLOAK-5505 put tabindex in login page 2017-10-10 16:56:03 +02:00
Stan Silvert
9131e7e73c KEYCLOAK-4248: Remove revocation tab for SAML clients. 2017-10-04 14:03:39 -04:00
Herbert Mühlburger
f0f7321c38 Fix spelling error in admin message properties (#4525)
* fix spelling error in admin message properties

* fix typo in admin messages
2017-10-03 20:58:17 +02:00
Bill Burke
817d6cc8c7 minor ui fix 2017-10-02 11:02:19 -04:00
Gabriel Lavoie
134daeac7f KEYCLOAK-3303: Allow reuse of refresh tokens.
- Configurable max reuse count.
2017-09-28 15:30:40 -04:00