Commit graph

252 commits

Author SHA1 Message Date
Takashi Norimatsu
2efd79f982 FAPI 2.0 security profile - supporting RFC 9207 OAuth 2.0 Authorization Server Issuer Identification
Closes #20584
2023-07-24 09:11:30 +02:00
Václav Muzikář
776bcbcbd4
Update bcpkix and bcprov dependencies (#21543)
Closes #21360
2023-07-20 11:57:18 +02:00
mauritsdebruin
8c7a08e580 Fix connection-pool-size 0 being ignored and being unable to disable the connection pool 2023-07-03 19:26:41 -03:00
Douglas Palmer
52eeac76e1 Set connection TTL in adapters HttpClientBuilder
closes #17304
2023-04-25 20:06:29 +02:00
Pedro Igor
a30b6842a6 Decouple the policy enforcer from adapters and provide a separate library
Closes keycloak#17353
2023-03-17 11:40:51 +01:00
Jon Koops
972ebb9650
Use a valid SemVer format for the SNAPSHOT version (#17334)
* Use a valid SemVer format for the SNAPSHOT version

* Update pom.xml

* Update pom.xml

---------

Co-authored-by: Stian Thorgersen <stianst@gmail.com>
Co-authored-by: Stian Thorgersen <stian@redhat.com>
2023-03-03 11:11:44 +01:00
Rafał Gała
b7d7268744 Initialize CryptoIntegration before loading adapter config
Initialize CryptoIntegration before building KeycloakDeploymentBuilder, same way as in public static KeycloakDeployment build(InputStream is) method

Closes #15767
2022-12-02 12:46:16 +01:00
Christian Lutz
9e41053587 [fixes #9287] Fix *-Capability OSGI manifest to provide ClaimInformationPointProviderFactory via service loader 2022-09-13 07:22:45 -03:00
Lex Cao
1f197aa96b
Add basic auth compliant to RFC 6749 (#14179)
Closes #14179
2022-09-07 10:09:30 +02:00
Marcin Niedzielski
5dbbc0e7bf
[resolve #9084] - Log more information in adapter-core module (#9086)
Co-authored-by: Stian Thorgersen <stianst@gmail.com>
2022-08-26 15:25:21 +02:00
David Anderson
ce1331f550
Remove bouncycastle dependency from keycloak-services (#13489)
Closes #12857


Co-authored-by: mposolda <mposolda@gmail.com>
2022-08-22 15:43:59 +02:00
Pedro Igor
15bbb46657 Avoid removing static path config from cache
Closes #9855
2022-08-17 16:29:59 -03:00
Lex Cao
f0988a62b8
Use base64 url decoded for client secret when authenticating with Basic Auth (#12486)
Closes #11908
2022-07-16 09:38:41 +02:00
Pedro Igor
5b48d72730 Upgrade Resteasy v4
Closes #10916

Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
2022-07-11 12:17:51 -03:00
Marek Posolda
be1e31dc68
Introduce crypto/default module. Refactoring BouncyIntegration (#12692)
Closes #12625
2022-06-29 07:17:09 +02:00
Alexander Schwartz
850af55edc Ensure that only JDK 8 APIs are used where JDK 8 is still required.
Closes #10842
2022-06-20 14:44:33 -03:00
rmartinc
5332a7d435 Issue #9194: Client authentication fails when using signed JWT, if the JWA signing algorithm is not RS256 2022-06-06 12:07:09 +02:00
Ian
78b88765ec
use toString() instead of cast String or it will fail when using Spring configtree (#10980)
Resolves #10979
Co-authored-by: Bruno Oliveira da Silva <bruno@abstractj.com>
2022-05-25 16:41:00 -03:00
Stian Thorgersen
e3f3e65ac5
Remove JDK7 support for adapters (#11607)
Closes #11606
2022-04-27 08:33:23 +02:00
Marek Posolda
22a16ee899
OIDC RP-Initiated logout endpoint (#10887)
* OIDC RP-Initiated logout endpoint
Closes #10885

Co-Authored-By: Marek Posolda <mposolda@gmail.com>

* Review feedback

Co-authored-by: Douglas Palmer <dpalmer@redhat.com>
2022-03-30 11:55:26 +02:00
keycloak-bot
c71aa8b711
Set version to 999-SNAPSHOT (#10784) 2022-03-22 09:22:48 +01:00
keycloak-bot
d9f1a9b207
Set version to 18.0.0-SNAPSHOT (#10165) 2022-02-11 21:28:06 +01:00
keycloak-bot
9f3d4a7d42 Set version to 17.0.0-SNAPSHOT 2021-12-20 10:50:39 +01:00
David Perrenoud
36da2d20e9 KEYCLOAK-17039 Local file in a webview fails when requesting with "Origin: null" since 11.0.2 2021-11-11 10:55:33 +01:00
Adamczyk Błażej
e5b05d05f0 KEYCLOAK-18551 Fixed the adapter to use dynamic openid-configuration instead of building the tokenUrl by itself. 2021-10-04 10:37:25 -03:00
keycloak-bot
262ec3d031 Set version to 16.0.0-SNAPSHOT 2021-07-30 14:56:10 +02:00
Stefan Guilhen
9e676fce7e [KEYCLOAK-18559] Fix SAML adapters so they allow unescaped characters in URIs
- Makes adapters bahavior consistent with containers that allow unescaped characters in URIs
2021-07-29 12:11:32 +02:00
Martin Bartoš
06077dc4ea KEYCLOAK-18466 Configure HTTP client timeouts for adapters - change property names 2021-07-22 10:54:59 +02:00
ruromero
464475caa0 [KEYCLOAK-17872] Add missing HTTPClient properties
Signed-off-by: ruromero <rromerom@redhat.com>
2021-07-22 10:54:59 +02:00
Martin Bartoš
23e3bc5f8f KEYCLOAK-18466 Configure HTTP client timeouts for adapters 2021-07-22 10:54:59 +02:00
keycloak-bot
13f7831a77 Set version to 15.0.0-SNAPSHOT 2021-06-18 10:42:27 +02:00
Pedro Igor
b7e5db6534 [KEYCLOAK-18007] - Configure resolved paths with the method config from configuration 2021-05-25 09:48:30 -03:00
Pedro Igor
9ebbc7673c [KEYCLOAK-18111] - Error when processing path without associated resource 2021-05-20 11:15:11 -03:00
keycloak-bot
4b44f7d566 Set version to 14.0.0-SNAPSHOT 2021-05-06 14:55:01 +02:00
Florian Roks
640cf499cc KEYCLOAK-17804 added documentation to KeycloakConfigResolver-interface 2021-05-04 15:22:19 -03:00
Pedro Igor
40efbb0f9c [KEYCLOAK-13942] - Invalidate pre-defined paths when paths are invalidated 2021-03-02 15:01:42 +01:00
Pedro Igor
f6c3ec5d9e [KEYCLOAK-14366] - Missing check for iss claim in JWT validation on Client Authentication (Token Endpoint) 2021-02-09 13:54:06 +01:00
Katsiaryna Mikhalchanka
1c445cc4cc KEYCLOAK-16798 Add guarding condition for multi-thread usage in KeycloakDeployment.java 2021-01-19 15:18:52 +01:00
keycloak-bot
75be33ccad Set version to 13.0.0-SNAPSHOT 2020-12-16 17:31:55 +01:00
Martin Bartoš
da6c59f0c3 KEYCLOAK-15242 Error in application logs when refresh token is expired. 2020-11-05 14:40:53 +01:00
Denis Richtárik
c8d0f2c59c
KEYCLOAK-15892 Can not install 7.4.3.CR1 Fuse adapter 2020-10-20 10:47:56 +02:00
mhajas
d266165f63 KEYCLOAK-14871 Whitelist RefreshableKeycloakSecurityContext for KeycloakPrincipal serialization 2020-10-14 16:00:39 +02:00
testn
269a72d672 KEYCLOAK-15184: Use static inner class where possible 2020-10-09 23:37:08 +02:00
mhajas
b75ad2fbd8 KEYCLOAK-15259 Avoid using "null" Origin header as a valid value 2020-09-17 23:21:49 -07:00
Helder Alves
541063f2ce KEYCLOAK-14940 refresh expired idtoken 2020-08-03 16:08:21 -03:00
Gregor Tudan
5255336be2 Keycloak-14726 - release connections after fetching the OIDC-Config 2020-07-28 12:58:27 -03:00
Alex Szczuczko
c7867c4c0d KEYCLOAK-14875 Enable path cache when maxAge is -1, or greater than 0 2020-07-28 10:13:12 -03:00
keycloak-bot
afff0a5109 Set version to 12.0.0-SNAPSHOT 2020-07-22 14:36:15 +02:00
keycloak-bot
ae20b7d3cd Set version to 11.0.0-SNAPSHOT 2020-04-29 12:57:55 +02:00
Luke Nadur
74c379c3df [KEYCLOAK-13586] Fix typos related to QueryParamterTokenRequestAuthenticator 2020-04-21 21:14:03 +02:00