Pedro Igor
ec63245ac8
[KEYCLOAK-13386] - SslRequired.EXTERNAL doesn't work for identity broker validations
2020-03-23 12:16:43 -03:00
Pedro Igor
2f489a41eb
[KEYCLOAK-12192] - Missing Input Validation in IDP Authorization URLs
2020-03-05 06:32:35 +01:00
Martin Bartoš
eaaff6e555
KEYCLOAK-12958 Preview feature profile for WebAuthn ( #6780 )
...
* KEYCLOAK-12958 Preview feature profile for WebAuthn
* KEYCLOAK-12958 Ability to enable features having EnvironmentDependent providers without restart server
* KEYCLOAK-12958 WebAuthn profile product/project
Co-authored-by: Marek Posolda <mposolda@gmail.com>
2020-02-26 08:45:26 +01:00
vmuzikar
03306b87e8
KEYCLOAK-12125 Introduce SameSite attribute in cookies
...
Co-authored-by: mhajas <mhajas@redhat.com>
Co-authored-by: Peter Skopek <pskopek@redhat.com>
2020-01-17 08:36:53 -03:00
Tomas Kyjovsky
05c428f6e7
KEYCLOAK-12295 After password reset, the new password has low priority ( #6653 )
2020-01-16 09:11:25 +01:00
Douglas Palmer
f9fa5b551d
[KEYCLOAK-5628] Added application endpoint
2019-12-11 13:06:04 -03:00
Tomas Kyjovsky
cfcf7ef521
KEYCLOAK-12243 MultivaluedHashMap.equalsIgnoreValueOrder() returns true for some maps that are not equal ( #6544 )
2019-11-29 12:34:01 +01:00
Pedro Igor
cee884e4a7
[KEYCLOAK-8406] - Remove Drools/Rules Policy
2019-11-22 15:38:51 +01:00
stianst
3a36569e20
KEYCLOAK-9129 Don't expose Keycloak version in resource paths
2019-11-15 08:21:28 +01:00
AlistairDoswald
4553234f64
KEYCLOAK-11745 Multi-factor authentication ( #6459 )
...
Co-authored-by: Christophe Frattino <christophe.frattino@elca.ch>
Co-authored-by: Francis PEROT <francis.perot@elca.ch>
Co-authored-by: rpo <harture414@gmail.com>
Co-authored-by: mposolda <mposolda@gmail.com>
Co-authored-by: Jan Lieskovsky <jlieskov@redhat.com>
Co-authored-by: Denis <drichtar@redhat.com>
Co-authored-by: Tomas Kyjovsky <tkyjovsk@redhat.com>
2019-11-14 14:45:05 +01:00
Andrei Arlou
5a41e5f8f1
KEYCLOAK-11986 Fix minor warnings in tests from module common
2019-11-11 09:40:41 +01:00
Pedro Igor
bb4ff55229
[KEYCLOAK-10868] - Deploy JavaScript code directly to Keycloak server
...
Conflicts:
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/example/authorization/AbstractPhotozExampleAdapterTest.java
(cherry picked from commit 338fe2ae47a1494e786030eb39f908c964ea76c4)
2019-10-22 10:34:24 +02:00
Pedro Igor
bad9e29c15
[KEYCLOAK-10870] - Deprecate support for JavaScript policy support from UMA policy endpoint
...
Conflicts:
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/authz/UserManagedPermissionServiceTest.java
(cherry picked from commit 13923a7683cb666d2842bc61429c23409c1493b6)
2019-10-22 10:34:24 +02:00
rmartinc
6d6db1f3e5
KEYCLOAK-10345: OCSP validation fails if there is no intermediate CA in the client certificate
2019-07-12 15:16:00 +02:00
Gregor Tudan
334ca6e96b
KEYCLOAK-10796: fix build on MacOS by giving DeSerializerFunctions in the StringUtils a distinct name
2019-07-09 22:52:12 +02:00
mposolda
5f9feee3f8
KEYCLOAK-9846 Verifying signatures on CRL during X509 authentication
2019-07-08 20:20:38 +02:00
Sven-Torben Janus
c883c11e7e
KEYCLOAK-10158 Use PEM cert as X.509 user identity
...
Allows to use the full PEM encoded X.509 certificate from client cert
authentication as a user identity. Also allows to validate that user's
identity against LDAP in PEM (String and binary format). In addition,
a new custom attribute mapper allows to validate against LDAP when
certificate is stored in DER format (binay, Octet-String).
KEYCLOAK-10158 Allow lookup of certs in binary adn DER format from LDAP
2019-07-08 11:58:26 +02:00
Hynek Mlnarik
ca4e14fbfa
KEYCLOAK-7852 Use original NameId value in logout requests
2019-07-04 19:30:21 +02:00
mposolda
c124aec586
KEYCLOAK-10262 DBLockTest.testLockConcurrently fails with MariaDB Galera 10.1
2019-06-24 11:23:18 +02:00
vramik
d64f716a20
KEYCLOAK-2709 SAML Identity Provider POST Binding request page shown to user is comletely blank with nonsense title
2019-05-20 09:51:04 +02:00
Mark Stickel
d5cc18b960
KEYCLOAK-9868 x5t and x5t#S256 JWK parameters
2019-03-27 19:05:57 +01:00
rmartinc
231db059b2
KEYCLOAK-8996: Provide a way to set a responder certificate in OCSP/X509 Authenticator
2019-03-07 07:57:20 +01:00
Freddy Tuxworth
3c0e8022a9
Added tests for common utilities CollectionUtil & HtmlUtils.
...
These tests were written using Diffblue Cover.
2019-02-21 11:45:17 +01:00
Tomasz Prętki
2b9b1ba45f
[KEYCLOAK-8823] - PathMatcher doesn't prefer overloaded templated resources
2018-11-28 11:39:11 -02:00
Stian Thorgersen
f3bf1456ab
KEYCLOAK-8781 Mark OpenShift integration as preview. Fix issue in Profile where preview features was not enabled in preview mode. ( #5738 )
2018-11-19 17:32:21 +01:00
Stan Silvert
0b36020bf5
KEYCLOAK-8759: Wrong RH-SSO name on Welcome Page
2018-11-15 13:00:55 -05:00
Pedro Igor
cd96d6cc35
[KEYCLOAK-8694] - Mark Drools policy as tech preview
2018-11-09 11:08:49 -02:00
stianst
11374a2707
KEYCLOAK-8556 Improvements to profile
2018-10-12 12:26:37 +02:00
mposolda
0d9b1e73b8
KEYCLOAK-7855 Cannot reset Client Consent Screen Text
2018-10-04 21:00:48 +02:00
Pedro Igor
b4b3527df7
[KEYCLOAK-7950] - Fixes user pagination when using filtering users members of groups
2018-10-02 15:44:23 -03:00
Pedro Igor
43f5983613
[KEYCLOAK-8289] - Remove authorization services from product preview profile
2018-09-26 18:27:27 +02:00
stianst
bf758809ba
KEYCLOAK-6229 OpenShift Token Review interface
2018-09-07 08:21:28 +02:00
mposolda
8c66f520af
KEYCLOAK-7745 JTA error if offline sessions can't be preloaded at startup within 5 minutes
2018-07-04 10:22:13 +02:00
pedroigor
7ebcc69cb9
[KEYCLOAK-7148] - Associate sub resources to a parent resource
2018-05-02 13:04:11 -03:00
Pedro Igor
5cae1bb134
Merge pull request #5093 from pedroigor/KEYCLOAK-4102
...
[KEYCLOAK-4102] - Support lazy load paths
2018-03-29 09:16:34 -03:00
pedroigor
4a425c2674
[KEYCLOAK-4102] - Support lazy loading of paths via policy enforcer config
2018-03-28 09:23:59 -03:00
Bill Burke
4bba11cd94
kcinit
2018-03-16 12:11:57 -04:00
Pedro Igor
91bdc4bde2
[KEYCLOAK-3169] - UMA 2.0 ( #4368 )
...
* [KEYCLOAK-3169] - UMA 2.0 Support
* [KEYCLOAK-3169] - Changes to account service and more tests
* [KEYCLOAK-3169] - Code cleanup and tests
* [KEYCLOAK-3169] - Changes to account service and tests
* [KEYCLOAK-3169] - Changes to account service and tests
* [KEYCLOAK-3169] - More tests
* [KEYCLOAK-3169] - Changes to adapter configuration
* [KEYCLOAK-3169] - Reviewing UMA specs and more tests
* [KEYCLOAK-3169] - Reviewing UMA specs and more tests
* [KEYCLOAK-3169] - Changes to UMA Grant Type and refactoring
* [KEYCLOAK-3169] - Refresh tokens for RPT responses and tests
* [KEYCLOAK-3169] - Changes to account my resources and policy enforcers
* [KEYCLOAK-3169] - Realm settings flag to enable/disable user-managed access in account mgmt console
* [KEYCLOAK-3169] - More changes to my resource pages in account mgmt console
* [KEYCLOAK-3169] - Need to enable user-managed on realm to run tests
* [KEYCLOAK-3169] - Removing more UMA 1.0 related code
* [KEYCLOAK-3169] - Only submit requests if ticket exists
* [KEYCLOAK-3169] - Returning UMA 401 response when not authenticated
* [KEYCLOAK-3169] - Removing unused code
* [KEYCLOAK-3169] - Removing unused code
* [KEYCLOAK-3169] - 403 response in case ticket is not created
* [KEYCLOAK-3169] - Fixing AbstractPhotozExampleAdapterTest#testClientRoleRepresentingUserConsent
* [KEYCLOAK-3169] - 403 status code only returned for non-bearer clients
2018-02-28 08:53:10 +01:00
stianst
e4185496fd
KEYCLOAK-6078
...
Account2 is listed as disabled feature in product even though it's not included at all
2017-12-21 11:45:00 +01:00
pskopek
e29ccebc21
KEYCLOAK-5666 removed not needed decodeToObject methods
2017-12-18 19:19:00 +01:00
Bill Burke
1c38cec10f
KEYCLOAK-4427
2017-12-15 10:53:13 -05:00
Bill Burke
e7c25f76a7
KEYCLOAK-4427
2017-12-15 10:49:51 -05:00
stianst
5467d67c91
KEYCLOAK-5945 Strip default ports from urls
2017-12-04 19:56:01 +01:00
stianst
4541acc628
KEYCLOAK-5176 Strip headers from PEM when uploading to client
2017-12-04 19:54:15 +01:00
Bruno Oliveira
bc28223a77
KEYCLOAK-5859
2017-11-15 20:00:58 +01:00
mposolda
701b7acd80
KEYCLOAK-5371 More stable cross-dc tests
2017-11-08 10:03:04 +01:00
mposolda
62a1c187a2
KEYCLOAK-5716 KEYCLOAK-5738 Avoid infinispan deadlock. Ensure code-to-token works correctly in cross-dc
2017-11-07 09:01:59 +01:00
Bruno Oliveira da Silva
b6ab2852c2
Remove unused imports ( #4558 )
2017-10-16 14:23:42 +02:00
mposolda
3b6e1f4e93
KEYCLOAK-5007 Used single-use cache for tracke OAuth code. OAuth code changed to be encrypted and signed JWT
2017-09-29 13:20:22 +02:00
Bill Burke
8ace0e68c3
KEYCLOAK-910 KEYCLOAK-5455
2017-09-21 17:15:18 -04:00