Stian Thorgersen
209f8155d1
KEYCLOAK-3835 Remove redirect on flow and return not modified if page is refreshed
2016-12-02 06:29:59 +01:00
Manuel Palacio
bfec073457
KEYCLOAK-3648
2016-12-01 19:34:33 +01:00
Stian Thorgersen
1e7f1b1e54
Merge pull request #3570 from stianst/master
...
Bump to 2.5.0.Final-SNAPSHOT
2016-12-01 06:36:37 +01:00
Stian Thorgersen
433f373f60
KEYCLOAK-3889 Add produces to server info endpoint
2016-11-30 15:46:01 +01:00
Stian Thorgersen
b771b84f56
Bump to 2.5.0.Final-SNAPSHOT
2016-11-30 15:44:51 +01:00
mposolda
d0a96d463d
KEYCLOAK-3831 Improve AddressMapper configurability. Support for 'formatted' subclaim
2016-11-30 13:04:45 +01:00
Bill Burke
9e50a45b4c
UserBulkUpdateProvider interface
2016-11-29 18:43:22 -05:00
Stan Silvert
83063a5740
KEYCLOAK-3042: NPE when trying to overwrite client role
2016-11-29 15:43:48 -05:00
Bill Burke
7efa3a3ddf
Merge remote-tracking branch 'upstream/master'
2016-11-29 11:34:04 -05:00
Marek Posolda
80c4b2aa31
Merge pull request #3556 from mposolda/master
...
KEYCLOAK-3822 Changing signature validation settings of an external I…
2016-11-28 22:37:44 +01:00
Bill Burke
63458a7de7
Merge pull request #3559 from patriot1burke/master
...
KEYCLOAK-3980
2016-11-28 13:36:52 -05:00
Bill Burke
f6a080729a
javadoc
2016-11-28 12:25:54 -05:00
Bill Burke
1dacddb7e3
KEYCLOAK-3980
2016-11-28 12:20:40 -05:00
mposolda
69ce1e05f0
KEYCLOAK-3822 Changing signature validation settings of an external IdP is not sometimes reflected
2016-11-28 15:27:25 +01:00
Hynek Mlnarik
65b269cd54
KEYCLOAK-3731 Provide functionality for IdP-initiated SSO for broker
...
A SAML brokered IdP can send unsolicited login response to the broker.
This commit adds a new GET/POST endpoint under [broker SAML
endpoint]/clients/{client_id}. Broken will respond to submission to
this new endpoint by looking up a SAML client with URL name equal to
client_id, and if found, it performs IdP-initiated SSO to that client.
2016-11-28 13:54:04 +01:00
mposolda
7c6032cc84
KEYCLOAK-3825 Ability to expire publicKeys cache. Migrated OIDCBrokerWithSignatureTest to new testsuite
2016-11-25 17:45:37 +01:00
Bill Burke
ccbd8e8c70
remove User Fed SPI
2016-11-23 16:06:44 -05:00
Bill Burke
d5925b8ccf
remove realm UserFed SPI methods
2016-11-23 08:31:20 -05:00
Stian Thorgersen
6ec82865d3
Bump version to 2.4.1.Final-SNAPSHOT
2016-11-22 14:56:21 +01:00
mposolda
d8c8afe070
KEYCLOAK-3943 Admin console issues when updating LDAP Storage provider
2016-11-21 14:22:45 +01:00
mposolda
da52a5c9cf
KEYCLOAK-3930 KEYCLOAK-3931 LDAP and Mongo fixes
2016-11-18 20:02:02 +01:00
Stian Thorgersen
7043ecc21b
KEYCLOAK-3881 Fix login status iframe with * origin
2016-11-18 12:50:52 +01:00
Marek Posolda
3e71aeddf3
Merge pull request #3479 from hmlnarik/KEYCLOAK-3469-UserRealmRoleMapper
...
KEYCLOAK-3469 Make role mappers account for user groups
2016-11-18 09:21:56 +01:00
Marek Posolda
b434c2b9cf
Merge pull request #3510 from ssilvert/delete-subflows
...
KEYCLOAK-3681: Delete top flow doesn't remove all subflows
2016-11-18 08:50:13 +01:00
mposolda
a27be0cee7
KEYCLOAK-3857 Clustered invalidation cache fixes and refactoring. Support for cross-DC for invalidation caches.
2016-11-16 22:29:23 +01:00
Stan Silvert
55556fc63c
KEYCLOAK-3681: Delete top flow doesn't remove all subflows
2016-11-16 12:43:11 -05:00
Stian Thorgersen
26b1541f4a
Merge pull request #3476 from abstractj/KEYCLOAK-3875
...
[KEYCLOAK-3875] - Conditional OTP Forms not working as expected
2016-11-16 12:44:50 +01:00
Stian Thorgersen
1c3a475d1e
Merge pull request #3485 from hmlnarik/KEYCLOAK-3071
...
KEYCLOAK-3071 Add SOAP and PAOS endpoints to valid redirect URIs on SP import
2016-11-16 12:38:45 +01:00
Bill Burke
cc0eb47814
merge
2016-11-14 15:09:41 -05:00
Bill Burke
c280634bfa
fix tests
2016-11-14 15:06:17 -05:00
Hynek Mlnarik
750e942267
KEYCLOAK-3469 Make role mappers account for user groups
2016-11-14 11:38:00 +01:00
Bruno Oliveira
39f40bc005
[KEYCLOAK-3875] - Conditional OTP Forms not working as expected
2016-11-11 15:16:08 -02:00
Stian Thorgersen
a86b5988b5
Merge pull request #3484 from hmlnarik/KEYCLOAK-3658
...
KEYCLOAK-3658 Fixed typo in condition
2016-11-11 09:41:48 +01:00
Stian Thorgersen
088f0ea630
Merge pull request #3490 from stianst/KEYCLOAK-3086
...
[KEYCLOAK-3086] - NPE when accessing Account with invalid clientId s…
2016-11-11 09:35:45 +01:00
Bruno Oliveira
675faee593
[KEYCLOAK-3086] - NPE when accessing Account with invalid clientId set as ?referrer, and additional referrer_uri set
2016-11-10 13:49:40 +01:00
Stian Thorgersen
7e33f4a7d1
KEYCLOAK-3882 Split server-spi into server-spi and server-spi-private
2016-11-10 13:28:42 +01:00
Bill Burke
94076a3b24
admin console ui
2016-11-09 17:34:07 -05:00
Hynek Mlnarik
8816b55843
KEYCLOAK-3071 Add SOAP and PAOS endpoints to valid redirect URIs on SP import
2016-11-09 14:13:53 +01:00
Hynek Mlnarik
9c724b616d
KEYCLOAK-3658 Fixed typo in condition
2016-11-09 11:27:33 +01:00
Vlasta Ramik
6f1b8e1fee
remove KEYCLOAK_REMEMBERME when user logs in without rememberme checked + tests
2016-11-09 10:33:46 +01:00
Bill Burke
4880c0443c
ldap port admin console
2016-11-08 12:30:20 -05:00
Stian Thorgersen
292777259e
Merge pull request #3472 from hmlnarik/KEYCLOAK-1881-saml-key-rotation
...
Keycloak 1881 - SAML key/cert rotation for IdP
2016-11-08 07:56:25 +01:00
Stian Thorgersen
db4f3561a5
Merge pull request #3454 from ssilvert/keystore-error-messages
...
KEYCLOAK-3817: More detailed errors when loading keys from JKS
2016-11-08 07:33:43 +01:00
Bill Burke
5a86623c88
merge
2016-11-06 08:52:10 -05:00
Bill Burke
14dc0ff92f
Merge remote-tracking branch 'upstream/master'
2016-11-05 20:05:01 -04:00
Bill Burke
4302b440ee
ldap port
2016-11-05 20:04:53 -04:00
Bill Burke
c75dcb90c2
ldap port
2016-11-04 21:25:47 -04:00
Hynek Mlnarik
8ae1b1740d
KEYCLOAK-1881 Client installers
2016-11-04 21:53:43 +01:00
Hynek Mlnarik
4f9e35c0a1
KEYCLOAK-1881 Support for multiple certificates in broker (hardcoded at the moment)
2016-11-04 21:53:43 +01:00
Hynek Mlnarik
67bb9aef3d
KEYCLOAK-1881 Add switch to enable/disable generation of <Extensions>
...
Some SP clients might be confused by using a standard SAML protocol tag
<Extensions> which is used for signed REDIRECT binding messages to
specify signing key ID. To enable the interoperability, generation of
the tag is disabled by default and can be enabled for individual
clients.
2016-11-04 21:53:43 +01:00
Hynek Mlnarik
1ae268ec6f
KEYCLOAK-1881 Include key ID for REDIRECT and use it for validation
...
Contrary to POST binding, signature of SAML protocol message sent using
REDIRECT binding is contained in query parameters and not in the
message. This renders <dsig:KeyName> key ID hint unusable. This commit
adds <Extensions> element in SAML protocol message containing key ID so
that key ID is present in the SAML protocol message.
2016-11-04 21:53:43 +01:00
Hynek Mlnarik
d5c3bde0af
KEYCLOAK-1881 Make SAML descriptor endpoint return all certificates
2016-11-04 21:53:43 +01:00
Hynek Mlnarik
5d840500af
KEYCLOAK-1881 Include key ID in <ds:KeyInfo> in SAML assertions and protocol message
...
Changes of SAML assertion creation/parsing that are required to allow
for validation of rotating realm key: signed SAML assertions and signed
SAML protocol message now contain signing key ID in XML <dsig:KeyName>
element.
2016-11-04 21:53:43 +01:00
Pedro Igor
706c1e2660
[KEYCLOAK-3704] - Registering UserSinchronizer to remove resources when the owner is removed
2016-11-02 21:40:58 -02:00
Pedro Igor
95d2130405
[KEYCLOAK-3704] - Checkign if owner is a valid user
2016-11-02 21:01:24 -02:00
Stan Silvert
facdd586a3
KEYCLOAK-2720: Should not allow two groups with the same path.
2016-11-01 16:08:30 -04:00
Stan Silvert
a5e5f4cf9c
KEYCLOAK-3817: More detailed errors when loading keys from JKS
2016-11-01 13:54:34 -04:00
Bill Burke
ccaac40863
Merge pull request #3437 from patriot1burke/master
...
disable credential type REST and admin ui
2016-10-28 11:33:16 -04:00
Stian Thorgersen
f4a77c3d06
Merge pull request #3444 from stianst/KEYCLOAK-3225
...
KEYCLOAK-3225
2016-10-28 11:51:35 +02:00
Stian Thorgersen
b6b567f948
Merge pull request #3441 from stianst/KEYCLOAK-3733
...
KEYCLOAK-3733 Set default max results for paginated endpoints
2016-10-28 10:36:24 +02:00
Stian Thorgersen
479295cfd2
KEYCLOAK-3225
...
Modifying user's Identity Provider Links requires manage-realm client role
2016-10-28 10:25:41 +02:00
Stian Thorgersen
a78cfa4b2c
Merge pull request #3440 from stianst/KEYCLOAK-3667
...
KEYCLOAK-3667
2016-10-28 10:13:06 +02:00
Stian Thorgersen
c6caeb3bec
Merge pull request #3439 from stianst/KEYCLOAK-3828
...
KEYCLOAK-3828
2016-10-28 10:12:51 +02:00
Stian Thorgersen
a9d47287ee
KEYCLOAK-3733 Set default max results for paginated endpoints
2016-10-28 09:15:05 +02:00
Stian Thorgersen
3d46b4c425
KEYCLOAK-3667
2016-10-28 08:43:24 +02:00
Stian Thorgersen
db428dad1d
KEYCLOAK-3828
...
Component uses wrong role
2016-10-28 07:56:44 +02:00
Stian Thorgersen
e958bd254a
Merge pull request #3435 from stianst/KEYCLOAK-3331
...
KEYCLOAK-3331 Reset password leads to 400 bad request when link is op…
2016-10-28 06:40:48 +02:00
Stian Thorgersen
0c6b47b9f2
Merge pull request #3433 from stianst/KEYCLOAK-3641
...
KEYCLOAK-3641 Clicking an invalid verification link due to re-send re…
2016-10-28 06:40:27 +02:00
Bill Burke
91da6a47d7
disable cred types ui
2016-10-27 16:17:02 -04:00
Stian Thorgersen
c6ac3266f0
KEYCLOAK-3641 Clicking an invalid verification link due to re-send removes the email verification key from the session
2016-10-27 16:16:52 +02:00
Stian Thorgersen
ab72b2b141
KEYCLOAK-3331 Reset password leads to 400 bad request when link is opened in a different browser session
2016-10-27 16:04:45 +02:00
Bill Burke
73e3f2a89b
REST API for disable cred type
2016-10-26 15:48:45 -04:00
Bill Burke
68e853b4bd
Merge remote-tracking branch 'upstream/master'
2016-10-25 13:40:32 -04:00
Bill Burke
b67cb0e97a
Merge remote-tracking branch 'upstream/master'
2016-10-25 11:44:22 -04:00
Stian Thorgersen
4b27e66714
KEYCLOAK-3782 Keysize for rsa-generated should be a dropdown
2016-10-25 08:52:02 +02:00
Bill Burke
3e28ac1e46
user spi cache policy
2016-10-24 15:36:37 -04:00
hassaneinaltememyictu
a119a46495
grant the new role from the saml token if it exist
...
grant the user with the new role from the saml token if it is a realm role in keycloak
2016-10-24 17:17:22 +02:00
Stian Thorgersen
4d47f758fc
Merge pull request #3405 from stianst/master
...
Bump version
2016-10-21 10:11:59 +02:00
Stian Thorgersen
c615674cbb
Bump version
2016-10-21 07:03:15 +02:00
Stian Thorgersen
1a4f9e656d
Merge pull request #3398 from stianst/KEYCLOAK-3774
...
KEYCLOAK-3774 Fix keycloak.js with prompt=none and new stricter redir…
2016-10-21 06:34:43 +02:00
Stian Thorgersen
9801f09a93
KEYCLOAK-3774 Fix keycloak.js with prompt=none and new stricter redirect_uri
2016-10-20 21:31:25 +02:00
Stian Thorgersen
5a00aaefa8
KEYCLOAK-2594
...
bind credential being leaked in admin tool JSON response
KEYCLOAK-2972
Keycloak leaks configuration passwords in Admin Event logs
2016-10-20 19:30:59 +02:00
Stian Thorgersen
1bf24d26a4
Merge pull request #3395 from stianst/master
...
KEYCLOAK-3772
2016-10-20 19:27:03 +02:00
Stian Thorgersen
839c4e8ede
KEYCLOAK-3772
...
Login with Twitter is not working
2016-10-20 15:05:07 +02:00
mposolda
072ccb5c61
KEYCLOAK-3770 OIDC registration with id_token grant type should set publicClient flag to true
2016-10-20 14:10:53 +02:00
Stian Thorgersen
dfc09b69a8
Merge pull request #3380 from stianst/KEYCLOAK-3364
...
KEYCLOAK-3364 Fix for dns that ends with digit
2016-10-20 06:24:50 +02:00
Stian Thorgersen
d2e0432afb
Merge pull request #3389 from patriot1burke/master
...
KEYCLOAK-3651
2016-10-20 06:24:15 +02:00
Bill Burke
34d80c9083
KEYCLOAK-3651
2016-10-19 20:28:33 -04:00
Bill Burke
9f00f693c6
Merge pull request #3387 from ssilvert/spelling-represenation
...
KEYCLOAK-3496: Spelling Error in Admin GUI Documentation
2016-10-19 19:59:41 -04:00
Stan Silvert
ad59cd618e
Merge pull request #3383 from ssilvert/duplicate-fed-provider
...
KEYCLOAK-2892: Bad error when create fed provider w/ same name.
2016-10-19 16:40:58 -04:00
Stan Silvert
ac80f99e8c
KEYCLOAK-3496: Spelling Error in Admin GUI Documentation
2016-10-19 16:33:59 -04:00
Bill Burke
cdf7dd3a6c
Merge pull request #3372 from patriot1burke/master
...
onCreate for Components
2016-10-19 16:21:20 -04:00
Bill Burke
934ea1c33c
KEYCLOAK-3562
2016-10-19 14:01:21 -04:00
Stan Silvert
9d098e9068
KEYCLOAK-2892: Bad error when create fed provider w/ same name.
2016-10-19 13:32:28 -04:00
Stian Thorgersen
ffce2023c0
KEYCLOAK-3364 Fix for dns that ends with digit
2016-10-19 18:41:43 +02:00
mposolda
3779bfb6b4
KEYCLOAK-3666 client registration policies - polishing
2016-10-19 17:45:23 +02:00
mposolda
964cd50f1d
KEYCLOAK-3666 Added client reg policies for maxClients and clientDisabled
2016-10-19 17:45:23 +02:00
Stian Thorgersen
36c367a3bc
Merge pull request #3369 from stianst/KEYCLOAK-3625
...
KEYCLOAK-3625
2016-10-19 15:56:57 +02:00
Stian Thorgersen
1b24d2edd8
KEYCLOAK-3625 More work on the issue
2016-10-19 14:21:50 +02:00
Stian Thorgersen
bbc1d26b72
Merge pull request #3367 from stianst/KEYCLOAK-3745
...
KEYCLOAK-3745 Change attributes in user rep
2016-10-19 14:01:39 +02:00