Stefan Guilhen
e9c55f45e5
Enable action token JPA provider in map-storage-jpa profile
...
Closes #13139
2022-07-20 16:30:20 -03:00
Pedro Igor
3631a413d2
Allow token exchange when subjec_token is not associated with a session
...
Closes #12596
2022-07-20 15:42:26 -03:00
Martin Bartoš
1b9a3bf51a
Cannot use WebAuthn with WildFly distribution
...
Fixes #12762
2022-07-20 09:59:44 -03:00
Lex Cao
f0988a62b8
Use base64 url decoded for client secret when authenticating with Basic Auth ( #12486 )
...
Closes #11908
2022-07-16 09:38:41 +02:00
Pedro Igor
89028613d8
Introducing --optimise option
...
Closes #10737
2022-07-15 15:12:17 -03:00
Marcelo Daniel Silva Sales
f7a80409a9
Add flow to generate secret length based on signature algorithm ( #13107 )
...
Closes #9376
2022-07-15 11:06:07 +02:00
Vlasta Ramik
ec853a6b83
JPA map storage: User / client session no-downtime store ( #12241 )
...
Co-authored-by: Alexander Schwartz <alexander.schwartz@gmx.net>
Closes #9666
2022-07-14 12:07:02 -03:00
Alexander Schwartz
b8d5e01cf3
Avoid using old legacy-store API in the test suite ( #13077 )
2022-07-13 09:58:01 -03:00
kz-masa
d26cff270f
Delete unnecessary import statements ( #12935 ) ( #12936 )
2022-07-12 19:37:15 -03:00
Martin Bartoš
216922233a
Remote base tests don't work with WildFly ( #12842 )
...
Fixes #12841
2022-07-12 15:14:09 +02:00
Martin Kanis
4b43612806
Disable WARN logging for Hot Rod RemoteQuery class
2022-07-11 16:48:56 -03:00
Pedro Igor
5b48d72730
Upgrade Resteasy v4
...
Closes #10916
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
2022-07-11 12:17:51 -03:00
Martin Bartoš
07ab29378b
Make WebAuthn required actions enabled by default
...
Closes #12723
2022-07-11 15:32:40 +02:00
Michal Hajas
0f86427dd0
Make user->client sessions relationship consistent
...
Closes #12817
2022-07-11 08:42:28 -03:00
Martin Bartoš
17f1d04960
Possibility to execute DB migration tests for Quarkus distribution ( #12688 )
...
Closes #12685
2022-07-11 12:23:41 +02:00
fwojnar
7fccdb10d8
Fixing ClientPoliciesTest failure ( #12670 )
...
Closes #10633
Co-authored-by: wojnarfilip <fwojnar@redhat.com>
2022-07-11 12:22:25 +02:00
Takashi Norimatsu
29aad9dc45
PAR logic affecting /auth endpoint
...
Closes #9289
2022-07-11 11:56:37 +02:00
Alexander Schwartz
29a501552e
Disable the JpaUserFederatedStorageProvider when map storage is enabled
...
Closes #12895
2022-07-07 10:47:42 -03:00
Alexander Schwartz
d91a5eb99f
Move methods from UserStorageUtil to LegacyRealmModel
...
It is better suited to take methods removed from RealmModel earlier.
Closes #12805
2022-07-07 09:57:17 -03:00
Stefan Guilhen
dc88dd5286
Users Map JPA implementation ( #12871 )
2022-07-05 11:19:31 -03:00
Alexander Schwartz
098d4dda0e
Split PublicKeyStorageProvider ( #12897 )
...
Split PublicKeyStorageProvider
- Extract clearCache() method to separate interface and move it to the legacy module
- Make PublicKeyProvider factories environment dependent
- Simple map storage for public keys that just delegates
Resolves #12763
Co-authored-by: Martin Kanis <mkanis@redhat.com>
2022-07-05 09:57:51 -03:00
Stefan Guilhen
007fa1f374
Single Use Objects Map JPA implementation
...
Closes #9852
2022-07-04 10:05:51 -03:00
Alexander Schwartz
4b20e90292
Move session persistence package to legacy-private module
...
Also, disabling the jpa session persister when map storage is enabled.
Closes #12712
2022-07-04 10:05:26 -03:00
Konstantinos Georgilakis
32f8f30f36
Include 'urn:ietf:params:oauth:grant-type:token-exchange' in grant_types_supported field of Keycloak OP metadata, if token-exchange is enabled
...
closes #10888
2022-06-30 17:13:47 -03:00
Jon Koops
06d1b4faab
Restore enum variant of ResourceType
...
This reverts commit 3b5a578934
.
2022-06-30 12:20:51 -03:00
Alexander Schwartz
ddeab744d0
Moving RoleStorageProviderModel to the legacy modules
...
Closes #12656
2022-06-29 20:04:32 +02:00
vramik
3b5a578934
Change enum ResourceType to interface with String constants
...
Closes #12485
2022-06-29 13:35:11 +02:00
Lex Cao
c3c8b9f0c8
Add client_secret
to response when token_endpoint_auth_method
is not private_key_jwt
( #12609 )
...
Closes #12565
2022-06-29 10:19:18 +02:00
Clara Fang
4643fd09e3
Replace occurrences of getParameterTypes().length and getParameters().length with getParameterCount()
...
This should reduce GC pressure.
Closes #12644
2022-06-29 08:53:09 +02:00
Konstantinos Georgilakis
ccc0449314
json device code flow error responses
...
closes #11438
2022-06-29 07:23:02 +02:00
Marek Posolda
be1e31dc68
Introduce crypto/default module. Refactoring BouncyIntegration ( #12692 )
...
Closes #12625
2022-06-29 07:17:09 +02:00
danielFesenmeyer
b6d8c27cac
OIDC logout: In "legacy mode", support post_logout_redirect_uri param without requiring id_token_hint param
...
Closes #12680
2022-06-28 14:36:03 +02:00
leandrobortoli
c5d5659100
Fixed bug on client credentials grant when encryption key not found
...
Closes #12348
2022-06-27 13:00:21 +02:00
Lex Cao
f8a7c8e160
Validate name of client scope ( #12571 )
...
Closes #12553
2022-06-27 12:26:18 +02:00
Pedro Igor
3d2c3fbc6a
Support JSON objects when evaluating claims in regex policy
...
Closes #11514
2022-06-23 14:04:09 -03:00
Pedro Igor
d3a40e8620
Use backend baseURL for UMA-related backend endpoints
...
Closes #12549
2022-06-23 10:35:26 -03:00
Takashi Norimatsu
a10eef882f
DeviceTokenRequestContext.getEvent returns a wrong ClientPolicyEvent
...
Closes #12455
2022-06-22 13:01:35 +02:00
Takashi Norimatsu
d396ee7d30
CIBA flow : no error on invalid scope
...
Closes #12589
2022-06-22 12:55:55 +02:00
rmartinc
711440e513
[ #11036 ] Identity Providers: Add support for elliptic curve signatures (ES256/ES384/ES512) using JWKS URL
2022-06-21 10:52:25 -03:00
Stefan Guilhen
7d96f3ad5a
Events Map JPA implementation
...
Closes #9667
2022-06-21 13:53:48 +02:00
Alexander Schwartz
cb0c881821
rename SingleEntityCredentialManager to SubjectCredentialManager
2022-06-21 08:53:06 +02:00
Hynek Mlnarik
26198e4b0b
Disable tests irrelevant for map storage
2022-06-21 08:53:06 +02:00
Alexander Schwartz
d41764b19b
Inline deprecated methods in legacy code
2022-06-21 08:53:06 +02:00
Alexander Schwartz
1a227212de
Simplify implementation of a federated storage by moving the default implementation to the abstract base class; this will also allow the quickstarts and implementations derived from that to run without changes.
2022-06-21 08:53:06 +02:00
Alexander Schwartz
08bbb1fb92
Move LDAP REST Endpoints to LDAP package
...
- Thus remove implicit dependency on services on the legacy modules
- Disable tests for LDAP/Kerberos that won't work when map storage is enabled
2022-06-21 08:53:06 +02:00
Alexander Schwartz
1bc6133e4e
redirect calls to userLocalStorage from legacy modules (federation, ldap, sssd, kerberos)
2022-06-21 08:53:06 +02:00
Hynek Mlnarik
e396d0daa1
Renaming SingleUserCredentialManager and UserModel.getUserCredentialManager():
...
- class SingleUserCredentialManager to SingleEntityCredentialManager
- method UserModel.getUserCredentialManager() to credentialManager()
Renaming of API without "get" prefix to make it consistent with other APIs like for example with KeycloakSession
2022-06-21 08:53:06 +02:00
Alexander Schwartz
6f287e7ded
Avoid using methods on UserCredentialStoreManager
2022-06-21 08:53:06 +02:00
Alexander Schwartz
bc8fd21dc6
SingleUserCredentialManager moving in
...
- UserStorageManager now handles authentication for old Kerberos+LDAP style
- new getUserByCredential method in MapUserProvider would eventually do the same.
2022-06-21 08:53:06 +02:00
Alexander Schwartz
82094d113e
Move User Storage SPI, introduce ExportImportManager
2022-06-21 08:53:06 +02:00