Stian Thorgersen
eb7ad07e31
KEYCLOAK-4109 Ability to disable impersonation
2016-12-20 08:46:21 +01:00
Marek Posolda
c6363aa146
Merge pull request #3630 from sldab/duplicate-email-support
...
KEYCLOAK-4059 Support for duplicate emails
2016-12-19 15:37:18 +01:00
Stian Thorgersen
3bd3d0285d
Merge branch 'duplicate-groups' of https://github.com/ssilvert/keycloak into ssilvert-duplicate-groups
2016-12-19 13:07:39 +01:00
Stian Thorgersen
b8adfcad87
Merge pull request #3658 from hmlnarik/KEYCLOAK-4095--Not-Recently-Used-Password-Policy-with-value-set-to-1-doesn-t-work
...
KEYCLOAK-4095 Fix for expiring passwords
2016-12-19 12:15:26 +01:00
Slawomir Dabek
93cec9b3ee
KEYCLOAK-4059 Support for duplicate emails
2016-12-19 10:55:12 +01:00
Stian Thorgersen
f29bb7d501
KEYCLOAK-4092 key provider for HMAC signatures
2016-12-19 10:50:43 +01:00
Hynek Mlnarik
787a3f8fcc
KEYCLOAK-4095 Fix for expiring passwords
2016-12-16 14:45:05 +01:00
Bill Burke
a4cbf130b4
Merge pull request #3592 from sldab/default-hooks
...
KEYCLOAK-4074 Decoupling of default provider implementations
2016-12-16 08:42:55 -05:00
Hynek Mlnarik
5453bec1bf
KEYCLOAK-4079, KEYCLOAK-4080 Fix for single-valued claims
2016-12-16 10:00:36 +01:00
Stian Thorgersen
9be9d3f580
Merge pull request #3651 from stianst/KEYCLOAK-4081
...
KEYCLOAK-4081
2016-12-15 15:53:39 +01:00
Bill Burke
3c2a12d019
Merge pull request #3648 from patriot1burke/master
...
KEYCLOAK-3451
2016-12-14 15:46:24 -05:00
Bill Burke
56f9aa41d0
KEYCLOAK-3451
2016-12-14 15:04:53 -05:00
Stian Thorgersen
394676222f
Merge pull request #3616 from sldab/fix-cors
...
KEYCLOAK-4047 WebOrigins not expanded in CORS handling of token endpoints
2016-12-14 15:13:49 +01:00
Stian Thorgersen
e316037910
KEYCLOAK-4081
2016-12-14 11:22:10 +01:00
Stian Thorgersen
97a08a1d99
Merge pull request #3644 from stianst/KEYCLOAK-4071
...
KEYCLOAK-4071
2016-12-14 09:55:55 +01:00
Stian Thorgersen
480d4e6f4f
KEYCLOAK-4071
2016-12-14 07:01:54 +01:00
mposolda
40216b5e7d
KEYCLOAK-3921 LDAP binary attributes
2016-12-13 18:31:26 +01:00
Slawomir Dabek
7ad028fcb1
KEYCLOAK-4074 Added hooks to default implementations of direct grant authenticators
...
and email sender.
2016-12-13 15:32:39 +01:00
Bill Burke
62029e8a33
KEYCLOAK-3506
2016-12-10 11:59:29 -05:00
Bill Burke
10fc7302eb
Merge pull request #3632 from hmlnarik/KEYCLOAK-4057-MS-AD-FS-does-not-recognize-certificate-for-POST-signed-AuthnRequest-for-brokering
...
KEYCLOAK-4057 Do not include KeyName for brokered IdPs
2016-12-09 09:09:13 -05:00
Hynek Mlnarik
24a36e6848
KEYCLOAK-4057 Do not include KeyName for brokered IdPs
...
Active Directory Federation Services require that the subject name
matches KeyName element when present. While KeyName is beneficial for
Keycloak adapters, it breaks functionality for AD FS as the name
included there is a key ID, not certificate subject expected by AD FS.
This patch contains functionality that excludes KeyName from SAML
messages to identity providers. This behaviour should be made
configurable per client/identity provider and is prepared to do so,
however actual GUI changes are left for a separate patch.
2016-12-09 14:33:40 +01:00
Bill Burke
1f0600044a
KEYCLOAK-3967
2016-12-08 19:29:02 -05:00
Bill Burke
d3e3990d77
Merge pull request #3629 from patriot1burke/master
...
KEYCLOAK-2806
2016-12-08 17:36:28 -05:00
Bill Burke
4a80f1e913
Merge remote-tracking branch 'upstream/master'
2016-12-08 17:05:46 -05:00
Bill Burke
0550bdb467
KEYCLOAK-3214
2016-12-08 16:47:17 -05:00
Bill Burke
5f07fa8057
KEYCLOAK-2806
2016-12-08 16:28:22 -05:00
mposolda
e7f6c780e2
KEYCLOAK-4058 Improve LDAPStorageMapper and remove LDAPStorageMapperBridge
2016-12-08 18:35:56 +01:00
Bill Burke
75e2b404c8
Merge pull request #3618 from abstractj/KEYCLOAK-3685
...
[KEYCLOAK-3685]: Username not updated when "Email as username" is enabled
2016-12-06 22:06:55 -05:00
Bill Burke
7271fdaaaa
KEYCLOAK-3509
2016-12-06 18:52:37 -05:00
Bill Burke
68c8bfa0e1
KEYCLOAK-2705
2016-12-06 17:32:41 -05:00
Bruno Oliveira
ddb201db6c
[KEYCLOAK-3685]: Username not updated when "Email as username" is enabled
2016-12-06 19:46:31 -02:00
Slawomir Dabek
4069be3ff6
KEYCLOAK-4047 Expand + to valid WebOrigins in Cors class
2016-12-06 20:22:35 +01:00
Bill Burke
77d17de14d
Merge pull request #3611 from patriot1burke/master
...
KEYCLOAK-3620
2016-12-06 08:18:36 -05:00
Bill Burke
bab08bf8f0
Merge remote-tracking branch 'upstream/master'
2016-12-06 08:18:05 -05:00
Bill Burke
6587cd2478
KEYCLOAK-3620
2016-12-05 17:51:06 -05:00
Bill Burke
693d6c0e5d
Merge pull request #3608 from hmlnarik/KEYCLOAK-4035
...
KEYCLOAK-4035 Composite roles need to be expanded in SAML attribute mapper
2016-12-05 14:44:21 -05:00
Bill Burke
952c1decf0
Merge pull request #3607 from patriot1burke/master
...
KEYCLOAK-4033
2016-12-05 14:44:07 -05:00
Bill Burke
f03d79c7d3
Merge pull request #3603 from thomasdarimont/issue/KEYCLOAK-3969-Allow-authentication-via-ScriptAuthenticator-without-user
...
KEYCLOAK-3969 Allow use of ScriptAuthenticator without user
2016-12-05 10:19:02 -05:00
Hynek Mlnarik
3c4114091f
KEYCLOAK-4035 Composite roles need to be expanded in SAML attribute mapper
2016-12-05 16:16:08 +01:00
Bill Burke
d354aa1f62
KEYCLOAK-4033
2016-12-05 10:15:55 -05:00
Hynek Mlnarik
197f51e50f
KEYCLOAK-3950 Fix NPE on request for NameIDPolicy without format
...
... and two more one-line issues
2016-12-05 07:24:38 +01:00
Thomas Darimont
8610a02d72
KEYCLOAK-3969 Allow use of ScriptAuthenticator without user
...
Previously ScriptAuthenticator required a user to be authenticated
before it could be used as an additional authentication step which
limited the scenarios the authenticator could be used.
We now allow ScriptAuthenticators to be used without requiring an
user to be authenticated before.
Adapted the authenticator-template.js with a null safe username check.
Note that existing custom ScriptAuthenticators might need some additional
null checks since the user can now be undefined.
2016-12-04 23:15:53 +01:00
Bill Burke
0ab352706b
Merge pull request #3554 from hassaneinaltememyictu/2.3.0-ictu-change-role-attributeToRoleMapper
...
grant the new role from the saml token if it exist
2016-12-03 13:43:40 -05:00
Bill Burke
88d08c4f38
component query and remove provider alis fix
2016-12-03 11:34:48 -05:00
Bill Burke
8fd7091068
KEYCLOAK-3986
2016-12-03 09:33:52 -05:00
Bill Burke
ce50b0ed29
Merge remote-tracking branch 'upstream/master'
2016-12-02 19:26:34 -05:00
Bill Burke
e88af874ca
finish
2016-12-02 19:25:17 -05:00
mposolda
17d8394ab6
KEYCLOAK-3340 Service Account user not renamed when renaming client-id
2016-12-02 18:13:29 +01:00
mposolda
cccb532a21
KEYCLOAK-3701 NullPointerException when trying to get access token from offline token
2016-12-02 16:35:21 +01:00
Stian Thorgersen
8842d88058
Merge pull request #3562 from ssilvert/overwrite-client-role-fails
...
KEYCLOAK-3042: NPE when trying to overwrite client role
2016-12-02 14:06:27 +01:00