Commit graph

385 commits

Author SHA1 Message Date
Stian Thorgersen
f66eb8b1ef KEYCLOAK-3266
password policy NotUsername breaks new user registration
2016-10-17 21:38:14 +02:00
mposolda
00879b39b7 KEYCLOAK-3719 Add 'options' to ProviderConfigProperty and use it for 'List' type instead of defaultValue 2016-10-17 21:34:21 +02:00
Stian Thorgersen
af508232dc Merge pull request #3328 from hmlnarik/KEYCLOAK-3574
KEYCLOAK-3574 Add missing check for changes in RealmPasswordPolicyCtrl
2016-10-17 18:51:34 +02:00
Stian Thorgersen
cefb1742a1 Merge pull request #3331 from stianst/KEYCLOAK-3665
KEYCLOAK-3665 Remove theme module and make built-in theme resources r…
2016-10-17 18:48:09 +02:00
Stian Thorgersen
e61191edb5 KEYCLOAK-3570 Reduce the size of themes 2016-10-17 14:47:55 +02:00
Geir Ole Hiåsen Stevning
95f62c6aeb KEYCLOAK-3626 - CreatedDate and lastUpdatedDate on user consent 2016-10-17 13:53:12 +02:00
Stan Silvert
8ffb1ecc7d Merge pull request #3324 from ssilvert/remember-selected-flow
KEYCLOAK-2295: Flow selection forgotten when clicking to a sibling tab.
2016-10-17 07:30:51 -04:00
Stan Silvert
a9ce6b9f81 Merge pull request #3321 from ssilvert/pagination
KEYCLOAK-3507: Pagination for clients and roles in admin console
2016-10-17 07:26:04 -04:00
Hynek Mlnarik
c2684a2b36 KEYCLOAK-3574 Add missing check for changes in RealmPasswordPolicyCtrl 2016-10-17 12:37:46 +02:00
Stan Silvert
8a7983bf5a KEYCLOAK-2295: Flow selection forgotten when clicking to a sibling tab. 2016-10-14 15:11:50 -04:00
mposolda
18e0c0277f KEYCLOAK-3666 Dynamic client registration policies 2016-10-14 20:20:40 +02:00
Stan Silvert
7a6324e02c KEYCLOAK-3507: Pagination for clients and roles in admin console 2016-10-14 08:35:46 -04:00
Bill Burke
8c8a39c833 sync and import 2016-10-13 20:49:02 -04:00
Bill Burke
0938390654 sync and import 2016-10-13 20:38:49 -04:00
GUERIN Thierry
e344dddf4b French translation for firstname label 2016-10-13 16:15:20 +02:00
Stian Thorgersen
d2cae0f8c3 KEYCLOAK-905
Realm key rotation for OIDC
2016-10-13 11:19:52 +02:00
Ramunas Kraujutis
b6e0cb374d Lithuanian locale update for 2.3 version 2016-10-12 14:01:30 +03:00
Mohit Suman
0e33e4035f Pagination Directive for clients and roles in admin console 2016-10-10 14:57:39 -04:00
Mohit Suman
c4f0053dd9 add pagination custom css 2016-10-10 14:57:26 -04:00
Stan Silvert
06dcf99b42 KEYCLOAK-3679: Add new flow, default (browser) flow always shown. 2016-10-07 14:32:23 -04:00
Stan Silvert
68ca1849bf KEYCLOAK-3673: Blank items in IDP's Post Login Flow selector 2016-10-06 17:43:13 -04:00
Stan Silvert
36aa3da3d0 Merge pull request #3288 from ssilvert/sort-role-mappings
KEYCLOAK-3649: Sort role lists in Role Mappings screen.
2016-10-04 20:04:13 -04:00
Stan Silvert
d653437830 KEYCLOAK-3649: Sort role lists in Role Mappings screen. 2016-10-04 17:17:03 -04:00
Stan Silvert
b5a1b0bc50 KEYCLOAK-3650: Empty state for User Federation 2016-10-04 15:10:13 -04:00
Stan Silvert
9b10110dcb KEYCLOAK-3633: Don't search on initial page load. 2016-10-03 15:02:11 -04:00
Stan Silvert
ab8803a5d6 KEYCLOAK-3633: Unable to delete multiple users without re-entering search. 2016-10-03 14:42:53 -04:00
Bill Burke
d4c3fae546 merge conflicts 2016-09-30 19:19:12 -04:00
mposolda
f9a0abcfc4 KEYCLOAK-3493 KEYCLOAK-3532 Added KeyStorageProvider. Support key rotation for OIDC clients and identity providers with JWKS url. 2016-09-30 21:28:23 +02:00
Stian Thorgersen
5d34b7e682 Merge pull request #3189 from thomasdarimont/issue/KEYCLOAK-3491-revise-scripting-support
KEYCLOAK-3491 Revise Scripting Support
2016-09-29 10:12:15 +02:00
Bill Burke
8967ca4066 refactor mongo entities, optimize imports 2016-09-28 15:25:39 -04:00
Stian Thorgersen
34f62eb31d Fixes to [KEYCLOAK-2438] PR 2016-09-28 10:25:37 +02:00
Bruno Oliveira
98d2fe15e8 [KEYCLOAK-2438] - Add display name to social login buttons
[KEYCLOAK-3291] - Names of social identity providers are wrongly capitalized (eg GitHub vs Github)
2016-09-26 13:36:28 -03:00
Bill Burke
ecc104719d bump pom version 2016-09-26 11:01:18 -04:00
Stian Thorgersen
033d1f564a KEYCLOAK-2756
Renaming a realm breaks down the Clients
2016-09-26 10:11:28 +02:00
mposolda
04f05c0cd1 KEYCLOAK-3422 Pairwise subjects : few fixes and bit of refactoring 2016-09-23 15:29:13 +02:00
Thomas Darimont
8e113384aa KEYCLOAK-3491 Revise Scripting Support
Refactored the scripting infrastructure and added documentation.
Added tests and an authenticator template in JavaScript for a quickstart.
Increased height of ace code editor to 600px to avoid scrolling.
2016-09-20 14:33:39 +02:00
Stian Thorgersen
992268a8e6 KEYCLOAK-3579 Add ability to define profiles 2016-09-20 08:41:23 +02:00
Marek Posolda
5afe93552a Merge pull request #3231 from TeliaSoneraNorge/pr/KEYCLOAK-3422
KEYCLOAK-3422 support pairwise subject identifier in oidc
2016-09-14 21:51:48 +02:00
Pedro Igor
eb80d59cd8 [KEYCLOAK-3534] - Fixing the logic to display the authz tab. 2016-09-13 16:16:01 -03:00
Martin Hardselius
04d03452bd KEYCLOAK-3422 support pairwise subject identifier in oidc 2016-09-13 09:18:45 +02:00
Pedro Igor
44f57b8273 [KEYCLOAK-3446] - Some minor changes 2016-09-09 17:48:32 -03:00
filipelautert
5eb36f4e0f [KEYCLOAK-3446] Add pt_BR localization for admin screens (#3173)
* Add client.name as a second parameter to the title expressions in login template

* Fixing tooltip.

* pt_BR localization for admin screens.

* Reverting login.ftl

* Added all tooltip messages - even the ones not translated.
Translated around 150 messages todas.

* More translations.

* Fixing wrong edit.
2016-09-09 16:34:59 -03:00
Pedro Igor
7af16fc747 [KEYCLOAK-3534] - Authorization tab appears too soon in admin console 2016-09-09 01:03:09 -03:00
Stian Thorgersen
71b648a9b6 Merge pull request #3183 from mohitsuman/KEYCLOAK-3502
Keycloak 3502 - Implement "Empty State" for Identity Providers in Admin Console
2016-09-08 08:53:06 +02:00
Stian Thorgersen
ab7bb21991 Merge pull request #3160 from ramunask/feature-lithuanian-locale
KEYCLOAK-3452 add Lithuanian localization
2016-09-08 08:44:45 +02:00
Stian Thorgersen
7c292b1213 KEYCLOAK-3342 Add Identity Provider authenticator 2016-09-08 07:20:35 +02:00
Mohit Suman
bdbc4e1f6d add margin and update the description text 2016-09-06 19:34:07 +05:30
Ramūnas Kraujutis
ca6d1f3c48 LT locale improvements 2016-09-06 14:58:09 +03:00
Ramūnas Kraujutis
c5a149a892 Merge remote-tracking branch 'upstream/master' into feature-lithuanian-locale 2016-09-06 14:50:07 +03:00
Stian Thorgersen
b33648cc29 Merge pull request #3191 from greg0ire/patch-1
Remove duplicate untranslated word
2016-09-06 13:42:32 +02:00
Stian Thorgersen
4a583712b8 Merge pull request #3182 from mohitsuman/KEYCLOAK-2706
Fixed dropdown menu in navigation bar in small screens
2016-09-06 13:16:38 +02:00
Ramūnas Kraujutis
05813832fc add newly added translations to Lithuanian locale files 2016-09-06 10:53:23 +03:00
Ramūnas Kraujutis
e67f8c7a61 Merge branch 'master-upstream' into feature-lithuanian-locale
# Conflicts:
#	themes/src/main/resources/theme/base/account/messages/messages_en.properties
#	themes/src/main/resources/theme/base/account/theme.properties
#	themes/src/main/resources/theme/base/admin/theme.properties
#	themes/src/main/resources/theme/base/email/theme.properties
#	themes/src/main/resources/theme/base/login/theme.properties
2016-09-06 10:51:01 +03:00
Grégoire Paris
c867fcf9e7 Remove duplicate untranslated word 2016-09-05 17:12:21 +02:00
Stian Thorgersen
fc6b7ea8ee Enabled Norwegian translation 2016-09-05 09:45:44 +02:00
Stian Thorgersen
0e1edb3d7a Merge pull request #3170 from TeliaSoneraNorge/issue/KEYCLOAK-3487-add-norwegian-localization
Add Norwegian localization
2016-09-05 09:42:44 +02:00
Stian Thorgersen
b1a233e41f Merge branch 'feature-fix-time-selector' of https://github.com/ramunask/keycloak into ramunask-feature-fix-time-selector 2016-09-05 09:32:11 +02:00
Stian Thorgersen
4d6e656b02 Merge pull request #3150 from stoffus/bug-fix-in-reset-password-tpl
KEYCLOAK-3441 Respect registrationEmailAsUsername in reset-password template
2016-09-05 09:10:49 +02:00
Stian Thorgersen
3354e7c98e Merge pull request #3148 from wadahiro/KEYCLOAK-3435
KEYCLOAK-3435 Fix some minor issues in the Admin Console UI
2016-09-05 09:09:30 +02:00
Ramunas Kraujutis
05fe17be4f merge latest English messages 2016-09-04 22:20:30 +03:00
Ramunas Kraujutis
2e9f14dfd8 Merge branch 'master-upstream' into feature-lithuanian-locale
# Conflicts:
#	themes/src/main/resources/theme/base/account/messages/messages_en.properties
#	themes/src/main/resources/theme/base/account/theme.properties
#	themes/src/main/resources/theme/base/admin/theme.properties
#	themes/src/main/resources/theme/base/email/theme.properties
#	themes/src/main/resources/theme/base/login/theme.properties
2016-09-04 22:20:03 +03:00
mposolda
a24a43c4be KEYCLOAK-3349 Support for 'request' and 'request_uri' parameters 2016-09-02 20:20:38 +02:00
Mohit Suman
b17bd9e660 Fixed dropdown menu in navigation bar in small screens 2016-09-02 01:37:10 +05:30
Mohit Suman
d11efa363c Dropdown alignment with the empty state 2016-09-01 16:02:34 +05:30
Mohit Suman
8f0afb2551 Add empty state for Identitiy Provider in admin console 2016-09-01 15:36:17 +05:30
Marek Posolda
599c69a2a3 Merge pull request #3177 from vmuzikar/KEYCLOAK-3421
KEYCLOAK-3421 Validation for URI fragments in redirect_uri
2016-08-31 19:39:28 +02:00
Pedro Igor
9daced953e Merge pull request #3157 from ramunask/feature-fix-en-translation
KEYCLOAK-3463 fixed translation for authz-policy-decision-strategy.tooltip
2016-08-31 09:18:31 -03:00
Vaclav Muzikar
1b085d3e13 KEYCLOAK-3421 Validation for URI fragments in redirect_uri 2016-08-31 13:07:33 +02:00
Pedro Igor
16bd2fb8f8 Merge pull request #3175 from pedroigor/KEYCLOAK-3337
[KEYCLOAK-3337] - Support more specific date/time periods with the Time policy provider
2016-08-30 18:16:09 -03:00
Pedro Igor
73bcfba5f3 [KEYCLOAK-3337] - Support more specific date/time periods with the Time policy provider 2016-08-30 16:32:00 -03:00
mposolda
02f28a7e8e KEYCLOAK-3416 Add support for signed Userinfo requests 2016-08-30 20:21:04 +02:00
mposolda
a7f9a6e095 KEYCLOAK-3424 Support for import from public key 2016-08-29 14:43:29 +02:00
Caroline Olsen
539d9863aa Add Norwegian localization
KEYCLOAK-3487
2016-08-29 11:01:50 +02:00
Stian Thorgersen
2a29f2a9c6 Merge pull request #3151 from ssilvert/dmr-server-config
KEYCLOAK-3196: Use WildFly management model for server configuration.
2016-08-26 13:44:45 +02:00
Stian Thorgersen
4c2cca4672 Merge pull request #3118 from wadahiro/issue/KEYCLOAK-3397-add-japanese-localization
KEYCLOAK-3397 Add Japanese localization
2016-08-26 11:38:03 +02:00
Hiroyuki Wada
53557d9cfd KEYCLOAK-3397 Fix Japanese translation 2016-08-26 10:46:45 +09:00
Stan Silvert
3493aa4ab7 KEYCLOAK-3196: Use WildFly management model for server configuration. 2016-08-23 11:26:56 -04:00
Ramunas Kraujutis
352602da39 change lt locale position to be ordered alphabetically 2016-08-22 19:12:03 +03:00
Ramunas Kraujutis
c333d1eaa9 change lt locale position to be ordered alphabetically 2016-08-22 19:10:20 +03:00
Ramunas Kraujutis
ee66cb51da adding Lithuanian translation 2016-08-21 16:14:22 +03:00
Ramunas Kraujutis
93d65fa895 fix select options and add values to fix issues when non-English locale is used with translated values 2016-08-21 16:09:18 +03:00
Ramunas Kraujutis
6aafde7819 fixed translation for authz-policy-decision-strategy.tooltip changing "policy" to "permission" 2016-08-21 16:04:51 +03:00
Pedro Igor
fa1fb3a3a9 Merge pull request #3152 from pedroigor/KEYCLOAK-3377
[KEYCLOAK-3377] - Add pagination to authorization UI
2016-08-18 19:43:34 -03:00
Bill Burke
6592014707 Update users.js 2016-08-18 13:13:08 -04:00
Pedro Igor
4cd0a8e894 [KEYCLOAK-3377] - Add pagination to authorization UI 2016-08-18 13:29:54 -03:00
Christopher Svensson
d20d5ce2d7 Bug fix: Respect registrationEmailAsUsername in reset-password template. 2016-08-18 10:24:37 +02:00
Hiroyuki Wada
b34acd4cc2 KEYCLOAK-3397 Add Japanese localization 2016-08-16 20:44:47 +09:00
Hiroyuki Wada
85ac784fd0 KEYCLOAK-3435 Fix some minor issues in the Admin Console UI 2016-08-16 20:34:48 +09:00
mposolda
2cba13db9c KEYCLOAK-3424 Possibility to import JWK key through admin console 2016-08-12 15:51:14 +02:00
mposolda
0520d465c1 KEYCLOAK-3414 Support for client registration from trusted hosts 2016-08-11 15:55:32 +02:00
mposolda
d52e043322 Set version to 2.2.0-SNAPSHOT 2016-08-10 08:57:18 +02:00
Marek Posolda
6c8d55d534 Merge pull request #3125 from thomasdarimont/issue/KEYCLOAK-3391-hide-service-account-roles-if-service-accounts-disabled
KEYCLOAK-3391 Better control over service account roles tab visibility
2016-08-10 08:16:27 +02:00
Marek Posolda
26bc07b2c4 Merge pull request #3126 from pedroigor/KEYCLOAK-3398
[KEYCLOAK-3398] - Review input fields on AuthZ UI to fetch data on demand
2016-08-10 06:50:51 +02:00
Pedro Igor
70eb27ec83 [KEYCLOAK-3398] - Review input fields on AuthZ UI to fetch data on demand 2016-08-09 21:56:29 -03:00
Thomas Darimont
96b729886f KEYCLOAK-3391 Better control of service account roles tab visibility
Previously the service account roles remain visible when changing
the client type from confidential to public or bearer only.

We now only show the service account roles tab iif:
- service accounts are enabled
- client access type is set to confidential
2016-08-10 00:44:14 +02:00
Bill Burke
d14de43ac7 merge User Federation/Storage menu 2016-08-08 16:02:06 -04:00
Thomas Darimont
586f6eeece KEYCLOAK-3142 - Capture ResourceType that triggers an AdminEvent
Introduced new ResourceType enum for AdminEvents which lists
the current supported ResourceTypes for which AdminEvents
can be fired.

Previously it was difficult for custom EventListeners to figure
out which ResourceType triggered an AdminEvent in order
to handle it appropriately, effectively forcing users to parse
the representation.
Having dedicated resource types as a marker on an AdminEvent helps
to ease custom EventListener code.

We now also allow filtering of admin events by ResourceType in the
admin-console.

Signed-off-by: Thomas Darimont <thomas.darimont@gmail.com>
2016-08-04 11:30:02 +02:00
Bill Burke
f91907c8f9 Merge pull request #3107 from thomasdarimont/issue/KEYCLOAK-3392-honor-web-context-for-odic-endpoint-link
KEYCLOAK-3392 Use authUrl prefix for OIDC Configuration link
2016-08-03 21:34:00 -04:00
Bill Burke
9e0667bc11 Merge pull request #3080 from trajakovic/issue/editAccountHtmlTtile
Fixing typo in account resource(s) bundle
2016-08-03 21:31:44 -04:00
Bill Burke
70722d0d3d user storage provider jpa example 2016-08-03 19:16:11 -04:00
Thomas Darimont
57a96fa6aa KEYCLOAK-3392 Use authUrl prefix for OIDC Configuration link
We now use the {{authUrl}} prefix for the OIDC configuration link
in the admin-console to honor different web-context paths.

Previously when a different web-context than /auth was configured
the generated link pointed to the wrong location.

Signed-off-by: Thomas Darimont <thomas.darimont@gmail.com>
2016-08-02 15:52:22 +02:00
Bill Burke
3b9b673e5e turn off menu item 2016-08-02 06:57:48 -04:00
Bill Burke
17e75950fe more fixes 2016-08-02 06:56:22 -04:00
Bill Burke
1c75b03e59 props 2016-08-02 06:50:13 -04:00
Pedro Igor
ae1a7542d8 [KEYCLOAK-3385] - Improvements to evaluation tool UI and result 2016-08-01 18:01:24 -03:00
Pedro Igor
bd5b434894 [KEYCLOAK-3376] - Show authorization data when evaluating authorization requests 2016-07-29 22:09:17 -03:00
Tomislav Rajaković
2b3859f462 Fixing typo in account resource bundle: editAccountHtmlTtile -> editAccountHtmlTitle 2016-07-28 16:34:52 +02:00
Pedro Igor
7e1b97888a [KEYCLOAK-3338] - Adding client roles to role policy and UX improvements 2016-07-27 15:15:14 -03:00
Bill Burke
3973aed57d Merge pull request #2989 from thomasdarimont/issue/KEYCLOAK-3234-allow-restricting-mapper-for-userinfo
KEYCLOAK-3234 Allow restricting claim mapper for userinfo endpoint
2016-07-22 17:54:00 -04:00
Pedro Igor
484d5d6e08 [KEYCLOAK-3313] - UI improvements and messages 2016-07-20 22:11:24 -03:00
Stian Thorgersen
f9bfb5d3e5 KEYCLOAK-3170 Users with only view-users and impersonate can't impersonate in the UI 2016-07-15 07:52:21 +02:00
Pedro Igor
aacf2e9390 [KEYCLOAK-3137] - Review i18n for AuthZ Services 2016-07-14 13:54:37 -03:00
Stian Thorgersen
4f1d83b9dc Merge pull request #3030 from stianst/KEYCLOAK-2824-2
KEYCLOAK-2824 Password Policy SPI
2016-07-14 10:12:25 +02:00
Stian Thorgersen
ea44b5888b KEYCLOAK-2824 Password Policy SPI 2016-07-14 07:20:30 +02:00
mposolda
abde62f369 KEYCLOAK-3220 redirect to client with error if possible 2016-07-13 20:57:43 +02:00
Stian Thorgersen
2fa200889a KEYCLOAK-3143 Wrong field name in login theme message properties 2016-07-12 10:49:13 +02:00
Stian Thorgersen
df090fa5e1 Merge pull request #3012 from wadahiro/KEYCLOAK-3289
KEYCLOAK-3289 Fixed 'User Enabled' toggled incorrectly
2016-07-12 10:01:23 +02:00
Hiroyuki Wada
8e24c73ac8 KEYCLOAK-3289 Fixed 'User Enabled' toggled incorrectly when 'Federation Link' label is clicked 2016-07-08 15:09:58 +09:00
Vaclav Muzikar
5638e9e1c5 KEYCLOAK-3280 Alerts in Admin Console are sometimes shown only for a split second 2016-07-07 13:44:28 +02:00
Stian Thorgersen
842b811a41 Merge pull request #2987 from ssilvert/RHSSO-319
KEYCLOAK-3242: Some hints in admin console contain backslash in front of
2016-07-04 19:17:29 +02:00
Stian Thorgersen
07ab632351 Merge pull request #2986 from ssilvert/RHSSO-253
KEYCLOAK-3240: No tooltip shown for Client Mapper Type
2016-07-04 19:16:57 +02:00
Julien Giovaresco
9bcfda64fa Fix typo in email and login french translations 2016-07-04 19:14:36 +02:00
Stian Thorgersen
122cb1f490 Merge pull request #2925 from chameleon82/issue/KEYCLOAK-3102-russian-localization
KEYCLOAK-3102 Add russian localization
2016-07-04 19:03:04 +02:00
Alex
cb085cc598 KEYCLOAK-3102 update Russian grammar in admin console 2016-07-02 10:04:57 +06:00
Alex
a8b39edd73 KEYCLOAK-3102 Fix russian grammar in admin messages 2016-07-01 23:17:36 +06:00
Thomas Darimont
ce7e7ef1d7 KEYCLOAK-3234 Allow restricting claim mapper for userinfo endpoint
Client mappers can now be configured to be limited to the
userinfo endpoint. This allows to keep access-tokens lean
while providing extended user information on demand via the
userinfo endpoint.
2016-07-01 11:35:19 +02:00
Bill Burke
b224917fc5 bump version 2016-06-30 17:17:53 -04:00
Stan Silvert
daefbcf994 RHSSO-319: Some hints in admin console contain backslash in front of
collon
2016-06-30 13:32:21 -04:00
Stan Silvert
5d9669e5a6 RHSSO-253: No tooltip shown for Client Mapper Type 2016-06-30 13:10:47 -04:00
Pedro Igor
01f3dddd91 Adding a column to list policies associated with a permission. 2016-06-30 10:26:05 -03:00
Pedro Igor
2db41ef052 [KEYCLOAK-2999] - Changes to authz examples for integration test 2016-06-30 10:26:05 -03:00
Alexandre
a9e8f315a4 Update messages_fr.properties
Change the word "adminitrateur" to "administrateur"

The "s" was missing in "admini-S-trateur"

That all !
2016-06-30 07:34:17 +02:00
Iván Perdomo
8a8bf47043 [KEYCLOAK-3185] Fix navigation resource > permission 2016-06-27 14:21:19 +02:00
Alex
01d0821142 KEYCLOAK-3102 Fix grammar 2016-06-25 13:30:22 +06:00
Pedro Igor
074a312fe5 Renaming authorization attributes. 2016-06-22 17:20:50 -03:00
Pedro Igor
7512abe9a7 Renaming Scopes tab to Authorization Scopes 2016-06-22 16:58:09 -03:00
Alex
61be5cc90e KEYCLOAK-3102 Fix Russian translation more cleaner 2016-06-21 01:16:05 +06:00
Stian Thorgersen
2beb1f2466 Merge branch 'KEYCLOAK-3052' of https://github.com/cargosoft/keycloak into cargosoft-KEYCLOAK-3052 2016-06-17 13:55:55 +02:00
Stian Thorgersen
3c0f7e2ee2 Merge pull request #2617 from pedroigor/KEYCLOAK-2753
[KEYCLOAK-2753] - Fine-grained Authorization Services
2016-06-17 13:40:15 +02:00
Pedro Igor
086c29112a [KEYCLOAK-2753] - Fine-grained Authorization Services 2016-06-17 02:07:34 -03:00
Dimitri Teleguin
524ad9728a correct resource URL 2016-06-14 21:07:36 +03:00
Dmitry Telegin
3203842b58 Fix KEYCLOAK-3052 2016-06-14 12:32:43 +03:00
Stian Thorgersen
e538394e60 KEYCLOAK-3091 Change brute force to use userId 2016-06-13 15:30:13 +02:00
Некрасов Александр Сергеевич
1422d2962e KEYCLOAK-3102 Add russian localization 2016-06-10 15:54:19 +06:00
Thomas Darimont
56a565f913 KEYCLOAK-3092: Show 20 users per page in user list by default
More sensible default for number of users shown per page in
the user listing of the admin console.
This is also recommended in the patternfly guidelines.

Prior to the PR only 5 users were shown per page.
2016-06-07 13:23:03 +02:00
Thomas Darimont
51312ff7ff KEYCLOAK-2891: Fix label alignment for OIDC Endpoint link.
This probably happend during merge.
2016-06-06 09:55:31 +02:00
Bill Burke
4c9a0b45d4 Merge pull request #2229 from thomasdarimont/issue/KEYCLOAK-2489-script-based-authenticator-definitions
KEYCLOAK-2489 - Add support for Script-based AuthenticationExecution definitions.
2016-06-05 11:12:05 -04:00
Bill Burke
a76a4730e3 Merge pull request #2884 from thomasdarimont/issue/KEYCLOAK-2891-link-to-oidc-endpoints-from-admin-console
KEYCLOAK-2891: Add link to OpenID Endpoint Configuration to realm details page.
2016-06-05 11:06:11 -04:00
Thomas Darimont
a2d1c8313d KEYCLOAK-3081: Add client mapper to map user roles to token
Introduced two new client protocol mappers to propagate assigned user client / realm roles to a JWT ID/Access Token.
Each protocol mapper supports to use a prefix string that is prepended to each role name.

 The client role protocol mapper can specify from which client the roles should be considered.
 Composite Roles are resolved recursively.

Background:
Some OpenID Connect integrations like mod_auth_openidc don't support analyzing deeply nested or encoded structures.
In those scenarios it is helpful to be able to define custom client protocol mappers that allow to propagate a users's roles as a flat structure
(e.g. comma separated list) as a top-level  (ID/Access) Token attribute that can easily be matched with a regex.

In order to differentiate between client specific roles and realm roles it is possible to configure
both separately to be able to use the same role names with different contexts rendered as separate token attributes.
2016-06-03 15:52:58 +02:00
Fernando Mora
5148e69006 Fixes displaying message on login using base theme
Using base theme produces an error when login page tries to display a message.
The following properties that are not defined in base theme (only in keycloak theme) are being called without default_value operator "!"

* Steps to Reproduce:
1. Set `base` theme as `Login Theme`
2. Sign out
3. Try to sign in using and invalid username/password

* Expected behaviour:
  * Message `Invalid username or password.`is shown
* Actual behavior:
  * Bank page is shown and following stackatrace in logs:
```
15:58:19,575 ERROR [freemarker.runtime] (default task-9) Error executing FreeMarker template: freemarker.core.InvalidReferenceException: The following has evaluated to null or missing:
==> properties.kcFeedbackErrorIcon  [in template "template.ftl" at line 67, column 76]

----
Tip: It's the step after the last dot that caused this error, not those before it.
----
Tip: If the failing expression is known to be legally refer to something that's sometimes null or missing, either specify a default value like myOptionalVar!myDefault, or use <#if myOptionalVar??>when-present<#else>when-missing</#if>. (These only cover the last step of the expression; to cover the whole expression, use parenthesis: (myOptionalVar.foo)!myDefault, (myOptionalVar.foo)??
----

----
FTL stack trace ("~" means nesting-related):
	- Failed at: ${properties.kcFeedbackErrorIcon}  [in template "template.ftl" in macro "registrationLayout" at line 67, column 74]
	- Reached through: @layout.registrationLayout displayInf...  [in template "login.ftl" at line 2, column 1]
----
	at freemarker.core.InvalidReferenceException.getInstance(InvalidReferenceException.java:131)
	at freemarker.core.EvalUtil.coerceModelToString(EvalUtil.java:355)
	at freemarker.core.Expression.evalAndCoerceToString(Expression.java:82)
	at freemarker.core.DollarVariable.accept(DollarVariable.java:41)
	at freemarker.core.Environment.visit(Environment.java:324)
	at freemarker.core.MixedContent.accept(MixedContent.java:54)
	at freemarker.core.Environment.visitByHiddingParent(Environment.java:345)
	at freemarker.core.ConditionalBlock.accept(ConditionalBlock.java:48)
	at freemarker.core.Environment.visit(Environment.java:324)
	at freemarker.core.MixedContent.accept(MixedContent.java:54)
	at freemarker.core.Environment.visitByHiddingParent(Environment.java:345)
	at freemarker.core.ConditionalBlock.accept(ConditionalBlock.java:48)
	at freemarker.core.Environment.visit(Environment.java:324)
	at freemarker.core.MixedContent.accept(MixedContent.java:54)
	at freemarker.core.Environment.visit(Environment.java:324)
	at freemarker.core.Macro$Context.runMacro(Macro.java:184)
	at freemarker.core.Environment.invoke(Environment.java:701)
	at freemarker.core.UnifiedCall.accept(UnifiedCall.java:84)
	at freemarker.core.Environment.visit(Environment.java:324)
	at freemarker.core.MixedContent.accept(MixedContent.java:54)
	at freemarker.core.Environment.visit(Environment.java:324)
	at freemarker.core.Environment.process(Environment.java:302)
	at freemarker.template.Template.process(Template.java:325)
	at org.keycloak.theme.FreeMarkerUtil.processTemplate(FreeMarkerUtil.java:61)
	at org.keycloak.forms.login.freemarker.FreeMarkerLoginFormsProvider.createResponse(FreeMarkerLoginFormsProvider.java:314)
	at org.keycloak.forms.login.freemarker.FreeMarkerLoginFormsProvider.createLogin(FreeMarkerLoginFormsProvider.java:431)
	at org.keycloak.authentication.authenticators.browser.AbstractUsernameFormAuthenticator.invalidUser(AbstractUsernameFormAuthenticator.java:58)
	at org.keycloak.authentication.authenticators.browser.AbstractUsernameFormAuthenticator.invalidUser(AbstractUsernameFormAuthenticator.java:87)
	at org.keycloak.authentication.authenticators.browser.AbstractUsernameFormAuthenticator.validateUserAndPassword(AbstractUsernameFormAuthenticator.java:141)
	at org.keycloak.authentication.authenticators.browser.UsernamePasswordForm.validateForm(UsernamePasswordForm.java:56)
	at org.keycloak.authentication.authenticators.browser.UsernamePasswordForm.action(UsernamePasswordForm.java:49)
	at org.keycloak.authentication.DefaultAuthenticationFlow.processAction(DefaultAuthenticationFlow.java:84)
	at org.keycloak.authentication.DefaultAuthenticationFlow.processAction(DefaultAuthenticationFlow.java:75)
	at org.keycloak.authentication.AuthenticationProcessor.authenticationAction(AuthenticationProcessor.java:756)
	at org.keycloak.services.resources.LoginActionsService.processFlow(LoginActionsService.java:359)
	at org.keycloak.services.resources.LoginActionsService.processAuthentication(LoginActionsService.java:341)
	at org.keycloak.services.resources.LoginActionsService.authenticateForm(LoginActionsService.java:386)
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
	at java.lang.reflect.Method.invoke(Method.java:498)
	at org.jboss.resteasy.core.MethodInjectorImpl.invoke(MethodInjectorImpl.java:139)
	at org.jboss.resteasy.core.ResourceMethodInvoker.invokeOnTarget(ResourceMethodInvoker.java:295)
	at org.jboss.resteasy.core.ResourceMethodInvoker.invoke(ResourceMethodInvoker.java:249)
	at org.jboss.resteasy.core.ResourceLocatorInvoker.invokeOnTargetObject(ResourceLocatorInvoker.java:138)
	at org.jboss.resteasy.core.ResourceLocatorInvoker.invoke(ResourceLocatorInvoker.java:101)
	at org.jboss.resteasy.core.SynchronousDispatcher.invoke(SynchronousDispatcher.java:395)
	at org.jboss.resteasy.core.SynchronousDispatcher.invoke(SynchronousDispatcher.java:202)
	at org.jboss.resteasy.plugins.server.servlet.ServletContainerDispatcher.service(ServletContainerDispatcher.java:221)
	at org.jboss.resteasy.plugins.server.servlet.HttpServletDispatcher.service(HttpServletDispatcher.java:56)
	at org.jboss.resteasy.plugins.server.servlet.HttpServletDispatcher.service(HttpServletDispatcher.java:51)
	at javax.servlet.http.HttpServlet.service(HttpServlet.java:790)
	at io.undertow.servlet.handlers.ServletHandler.handleRequest(ServletHandler.java:85)
	at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:129)
	at org.keycloak.services.filters.KeycloakSessionServletFilter.doFilter(KeycloakSessionServletFilter.java:88)
	at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:60)
	at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131)
	at io.undertow.servlet.handlers.FilterHandler.handleRequest(FilterHandler.java:84)
	at io.undertow.servlet.handlers.security.ServletSecurityRoleHandler.handleRequest(ServletSecurityRoleHandler.java:62)
	at io.undertow.servlet.handlers.ServletDispatchingHandler.handleRequest(ServletDispatchingHandler.java:36)
	at org.wildfly.extension.undertow.security.SecurityContextAssociationHandler.handleRequest(SecurityContextAssociationHandler.java:78)
	at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
	at io.undertow.servlet.handlers.security.SSLInformationAssociationHandler.handleRequest(SSLInformationAssociationHandler.java:131)
	at io.undertow.servlet.handlers.security.ServletAuthenticationCallHandler.handleRequest(ServletAuthenticationCallHandler.java:57)
	at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
	at io.undertow.security.handlers.AbstractConfidentialityHandler.handleRequest(AbstractConfidentialityHandler.java:46)
	at io.undertow.servlet.handlers.security.ServletConfidentialityConstraintHandler.handleRequest(ServletConfidentialityConstraintHandler.java:64)
	at io.undertow.security.handlers.AuthenticationMechanismsHandler.handleRequest(AuthenticationMechanismsHandler.java:60)
	at io.undertow.servlet.handlers.security.CachedAuthenticatedSessionHandler.handleRequest(CachedAuthenticatedSessionHandler.java:77)
	at io.undertow.security.handlers.NotificationReceiverHandler.handleRequest(NotificationReceiverHandler.java:50)
	at io.undertow.security.handlers.AbstractSecurityContextAssociationHandler.handleRequest(AbstractSecurityContextAssociationHandler.java:43)
	at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
	at org.wildfly.extension.undertow.security.jacc.JACCContextIdHandler.handleRequest(JACCContextIdHandler.java:61)
	at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
	at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
	at io.undertow.servlet.handlers.ServletInitialHandler.handleFirstRequest(ServletInitialHandler.java:284)
	at io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(ServletInitialHandler.java:263)
	at io.undertow.servlet.handlers.ServletInitialHandler.access$000(ServletInitialHandler.java:81)
	at io.undertow.servlet.handlers.ServletInitialHandler$1.handleRequest(ServletInitialHandler.java:174)
	at io.undertow.server.Connectors.executeRootHandler(Connectors.java:202)
	at io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:793)
	at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
	at java.lang.Thread.run(Thread.java:745)
```
2016-05-25 18:38:11 +02:00
Thomas Darimont
08320890b1 KEYCLOAK-2891: Add link to OpenID Endpoint Configuration to realm details page
We now show a link to the OIDC Endpoints configuration in the realm
details page.
This makes it easier for users to find the OIDC endpoints.
2016-05-25 14:26:44 +02:00
Stian Thorgersen
27bdc996e7 KEYCLOAK-3008 Upload Realm Keys doesn't work 2016-05-23 10:35:23 +02:00
Thomas Darimont
c59fdb4299 KEYCLOAK-2994: Revise german translations for login pages in base theme
Reworded some german translations and fixed some spelling errors.

This could also be applied to 1.9.x.
2016-05-12 10:41:09 +02:00
Thomas Darimont
c8d47926b8 KEYCLOAK-2489 - Add support for Script-based AuthenticationExecution definitions.
This is a POC for script based authenticator support.
Introduced a ScriptBasedAuthenticator that is bootstraped via a
ScriptBasedAuthenticatorFactory can be execute a configured script
against a provided execution context.
Added an alias property to the AuthFlowExecutionRepresentation in order
to be able to differentiate multiple instances of an Authenticator
within the same AuthFlow.

For convenience editing the AngularJS bindings for the ACE editor were
added for fancy script editing - this needs to be cut down a bit wrt to
themes and supported scripts - e.g. we probably don't expect users to write
authenticator scripts in Cobol...
Removed currently not needed ACE sytax highlighting and themes.

Scripting is now available to all keycloak components that have access to the KeycloakSession.
Introduced new Scripting SPI for configurable scripting providers.
2016-04-27 14:37:13 +02:00
Stian Thorgersen
04d76b0052 KEYCLOAK-2491 Fix permissions in admin console to match permissions in admin endpoints 2016-04-20 09:57:57 +02:00
Stian Thorgersen
5606160e70 KEYCLOAK-2828 Refactor contribution and add tests 2016-04-19 13:09:00 +02:00
Thomas Raehalme
cd1094c3ad KEYCLOAK-2828: LoginStatusIframeEndpoint now sets the P3P header.
IE requires a P3P header to be present in <iframe /> response. Otherwise
cookies are forbidden. The value of the header does not seem to matter.
2016-04-19 10:24:28 +02:00
Bill Burke
600f429abb KEYCLOAK-2740 2016-04-15 16:49:06 -04:00
mposolda
44ea920f92 KEYCLOAK-2823 Password policy 'hashAlgorithm' value not correctly shown in admin console 2016-04-14 13:16:14 +02:00
Stian Thorgersen
6a428c8ee7 KEYCLOAK-2810 Added robots.txt and robots meta header 2016-04-13 11:22:57 +02:00
Stian Thorgersen
bb3937e3c1 KEYCLOAK-2804 Prevent browser from prefilling username/password into non-login form 2016-04-13 10:00:48 +02:00
Stian Thorgersen
350a9cd997 KEYCLOAK-2803 Fix failure to add execution to client flow 2016-04-12 08:04:15 +02:00
mposolda
e4f75409c9 KEYCLOAK-2802 NPE during identity broker cancelled from account mgmt 2016-04-11 23:31:24 +02:00
mposolda
98ad9b7e7c KEYCLOAK-2801 Redirected to login theme error page after failed social linking from account management 2016-04-11 23:30:18 +02:00
mposolda
3e9ba71baa KEYCLOAK-2769 Better error handling of expired code in IdentityBrokerService 2016-04-11 18:20:26 +02:00
Stian Thorgersen
8ea057a122 KEYCLOAK-2683 Remove QRCodeResource and embed QR code in image 2016-04-08 09:00:57 +02:00
Stian Thorgersen
f2dd556323 Merge pull request #2532 from stianst/KEYCLOAK-2762
KEYCLOAK-2762 Renaming a realm without saving the form affects all li…
2016-04-07 09:34:35 +02:00
Stian Thorgersen
f585f5dfc9 Merge pull request #2530 from stianst/KEYCLOAK-2761
KEYCLOAK-2761 Broken on/off switch at Client Mappers with specific wi…
2016-04-07 07:13:35 +02:00
Stian Thorgersen
61ae15cf56 KEYCLOAK-2762 Renaming a realm without saving the form affects all links in Console 2016-04-07 06:59:21 +02:00
Stian Thorgersen
139e19514b Merge pull request #2528 from stianst/KEYCLOAK-2760
KEYCLOAK-2760
2016-04-07 06:51:24 +02:00
Stian Thorgersen
d395a9e318 KEYCLOAK-2761 Broken on/off switch at Client Mappers with specific window width 2016-04-07 06:18:40 +02:00
Stian Thorgersen
729d73bb17 KEYCLOAK-2760
Cannot delete a client template mapper with a little trash icon in heading
2016-04-07 06:06:55 +02:00
Stian Thorgersen
5854e44391 KEYCLOAK-2758
Weird behavior of add/remove button for 'Valid Redirect URIs' in a client settings form
2016-04-07 05:43:07 +02:00
Stian Thorgersen
92c1e01d0e KEYCLOAK-2707 Fix account management layout for medium size screens 2016-04-05 10:30:43 +02:00
Stian Thorgersen
85622ac522 KEYCLOAK-2711
Button for 'impersonate user' is visible when I am creating new user
2016-04-05 07:53:57 +02:00
Stian Thorgersen
9299591272 KEYCLOAK-2742
Broken navigation links while creating/editing a Client Mapper
2016-04-04 15:17:15 +02:00
Stian Thorgersen
ff73e1a36a KEYCLOAK-2651
No CSRF protection or general security headers on welcome page
2016-04-04 09:07:21 +02:00
Bill Burke
d35ccd9a5e KEYCLOAK-2621 2016-03-31 14:33:41 -04:00
Bill Burke
9cf788c590 KEYCLOAK-2490 2016-03-30 15:41:46 -04:00
Stan Silvert
0f52768064 KEYCLOAK-2619: Partial Import doesn't support groups 2016-03-28 14:26:34 -04:00
Bill Burke
28c70fa8ab KEYCLOAK-2698 2016-03-28 10:20:27 -04:00
mposolda
7ffd6dc7a7 KEYCLOAK-2696 Unexpected error when trying to delete role mappings from read-only LDAP role mapper 2016-03-22 13:03:49 +01:00
Jared Blashka
49c5610971 Remove admin theme from i18n consideration 2016-03-21 09:42:00 -04:00
Jared Blashka
7a05078030 Fix JS error when working with theme i18n 2016-03-16 18:28:06 -04:00
mposolda
85ccd64e01 KEYCLOAK-2643 Added write-only property to LDAP full-name attribute mapper 2016-03-11 22:32:55 +01:00
mposolda
73c3534e7a KEYCLOAK-2629 LDAP Federation provider - input fields validation 2016-03-11 22:32:45 +01:00
Stian Thorgersen
7342261dbe KEYCLOAK-2593 Character set missing from responses and no content sniffing defense in place 2016-03-11 15:31:15 +01:00
Stian Thorgersen
b3bb68aed7 Merge pull request #2364 from stianst/KEYCLOAK-2637
KEYCLOAK-2637
2016-03-11 13:00:54 +01:00
Stian Thorgersen
bdfc9b8efc KEYCLOAK-2637
ModelExceptionMapper uses AdminMessagesProvider which loads messages outside of themes
2016-03-11 12:08:28 +01:00
Stian Thorgersen
50e5d203b3 KEYCLOAK-2636
Tooltip for redirect uri is wrong
2016-03-11 06:39:25 +01:00
Stian Thorgersen
28fe13a800 Next is 2.0.0.CR1 2016-03-10 08:13:00 +01:00
Stian Thorgersen
d722e53108 Next is 1.9.2.Final 2016-03-10 07:28:27 +01:00
Stan Silvert
2c79456e72 KEYCLOAK-2535: ClientResource endpoint tests 2016-03-04 07:41:24 -05:00
Stian Thorgersen
7b8869bde6 Removed english values from non-english messages bundles£ 2016-03-03 06:53:00 +01:00
Stian Thorgersen
4214793a2d KEYCLOAK-2568 Add autocomplete=off to password and otp input fields 2016-03-03 06:29:56 +01:00
Stian Thorgersen
8c3545d219 KEYCLOAK-2570
Login event error field typo (lower case)
2016-03-02 07:52:04 +01:00
Stian Thorgersen
5d93f4a298 Merge pull request #2307 from stianst/KEYCLOAK-2566
KEYCLOAK-2566 kc-action-cell action buttons don't appear on IE
2016-03-02 07:04:42 +01:00
Stian Thorgersen
8270c0a19a KEYCLOAK-2566 kc-action-cell action buttons don't appear on IE 2016-03-01 19:58:11 +01:00
Stian Thorgersen
7ad8a6e074 KEYCLOAK-2567 Order required actions alphabetically 2016-03-01 08:41:35 +01:00
Bill Burke
32d15e2027 KEYCLOAK-2510 2016-02-29 20:39:44 -05:00