libre.sh/keycloak-scim
4
0
Fork 0
Code Issues 15 Pull requests Releases 1 Activity Actions
14591 commits 4 branches 9 tags 483 MiB
Commit graph

77 commits

Author SHA1 Message Date
David Anderson
ee0c67c0c8
Remove BC dependancy from keycloak-core (#13235) 
Closes #12856
 2022-07-23 12:07:16 +02:00
Stian Thorgersen
a251d785db
Remove text based login flows (#13249) 
* Remove text based login flows

Closes #8752

* Add display param back in case it's used by some custom authenticators
 2022-07-22 15:15:25 +02:00
Marek Posolda
be1e31dc68
Introduce crypto/default module. Refactoring BouncyIntegration (#12692) 
Closes #12625
 2022-06-29 07:17:09 +02:00
Marek Posolda
3f5741e988
Possibility to switch between FIPS and non-FIPS during keycloak+quarkus seerver build (#12513) 
* Possibility to switch between FIPS and non-FIPS during keycloak+quarkus server build

Closes #12522
 2022-06-21 11:17:45 +02:00
Stian Thorgersen
e49e8335e0
Refactor BouncyIntegration (#12244) 
Closes #12243
 2022-06-07 09:02:00 +02:00
CorneliaLahnsteiner
dff79cee3c
KEYCLOAK-847 Add support for step up authentication (#7897) 
KEYCLOAK-847 Fix behavior of unknown not essential acr claim

Co-authored-by: Georg Romstorfer <georg.romstorfer@gmail.com>
Co-authored-by: Marek Posolda <mposolda@gmail.com>
 2021-12-22 12:43:12 +01:00
Martin Bartoš
06077dc4ea KEYCLOAK-18466 Configure HTTP client timeouts for adapters - change property names 2021-07-22 10:54:59 +02:00
ruromero
464475caa0 [KEYCLOAK-17872] Add missing HTTPClient properties 
Signed-off-by: ruromero <rromerom@redhat.com>
 2021-07-22 10:54:59 +02:00
Martin Bartoš
23e3bc5f8f KEYCLOAK-18466 Configure HTTP client timeouts for adapters 2021-07-22 10:54:59 +02:00
Pedro Igor
d29d945cc4 [KEYCLOAK-18857] - Do not force default to RS256 when verifying tokens sent by clients and JWK does not hold an algorithm 2021-07-21 11:09:02 +02:00
Johannes Knutsen
ba8d27121c KEYCLOAK-12500 Avoid NPE when parsing JWKS and keys without the use parameter 2021-06-23 08:21:47 +02:00
mposolda
71dcbec642 KEYCLOAK-18108 Refactoring retrieve of condition/executor providers. Make sure correct configuration of executor/condition is used for particular provider 2021-05-18 12:20:47 +02:00
Martin Bartoš
f3e2b6d040 KEYCLOAK-12747 JWKTest.publicEs256 sometimes failing 2021-04-21 08:24:33 +02:00
Xiangjiaox
ca81e6ae8c
KEYCLOAK-15015 Extend KeyWrapper to add whole certificate chain in x5c parameter (#7643) 
* [KEYCLOAK-15015] - Publishing the x5c for JWK

Co-authored-by: Vetle Bergstad <vetle.bergstad@evry.com>
Co-authored-by: Pedro Igor <pigor.craveiro@gmail.com>
 2021-03-23 08:37:50 -03:00
Jan Lieskovsky
833bf98643 [KEYCLOAK-15692] Upgrade to Wildfly "21.0.1.Final" 
Base fixes:
* [KEYCLOAK-15780]      Upgrade Keycloak to Wildfly 21.0.0.Beta1 / Wildfly Core 13.0.0.Beta6
* [KEYCLOAK-16031]      Upgrade Keycloak to Wildfly 21.0.0.Final / Wildfly Core 13.0.1.Final
* [KEYCLOAK-16442]      Upgrade Keycloak to Wildfly 21.0.1.Final / Wildfly Core 13.0.3.Final

Other (dependent) fixes:
* [KEYCLOAK-15408]      Deprecate former Wildfly and Wildfly Core versions in Arquillian's
                        testsuite pom.xml file as part of the upgrade script
* [KEYCLOAK-15442]      Update the version of 'jboss-parent' as part of the Wildfly upgrade
                        script if necessary
* [KEYCLOAK-15474]      Add --verbose and --force options to the Wildfly upgrade automated script
* [KEYCLOAK-15649]      Update "urn:jboss:domain:infinispan:10.0" version as part of the Wildfly
                        upgrade automated script
* [KEYCLOAK-15652]      Wildfly upgrade automated script - Align Python artifact version
                        comparsion algorithm with the Maven / Java one

Signed-off-by: Jan Lieskovsky <jlieskov@redhat.com>
 2020-11-26 09:25:29 +01:00
Dillon Sellars
25bb2e3ba2 KEYCLOAK-14529 Signed and Encrypted ID Token Support : RSA-OAEP-256 Key Management Algorithm 2020-07-30 15:20:51 +02:00
vramik
a2b3747d0e KEYCLOAK-7014 - Correctly handle null-values in UserAttributes 2020-01-10 12:44:52 +01:00
Tom Billiet
0f8d988d58 [KEYCLOAK-12299] JWKS parsing: fallback to RS256 for RSA keys without alg field 2020-01-09 10:12:34 +01:00
Andrei Arlou
38b48c6dd3 KEYCLOAK-11985 Fix minor warnings in tests module core 2019-11-11 09:39:17 +01:00
Takashi Norimatsu
8225157a1c KEYCLOAK-6768 Signed and Encrypted ID Token Support 2019-08-15 15:57:35 +02:00
Mark Stickel
d5cc18b960 KEYCLOAK-9868 x5t and x5t#S256 JWK parameters 2019-03-27 19:05:57 +01:00
Yaser Abouelenein
404ac1d050 KEYCLOAK-8701 changes needed to include x5c property in jwks 2019-03-15 06:01:15 +01:00
Lars Wilhelmsen
9b1ab0f992 KEYCLOAK-9116: Fixes JWK serialization of ECDSA public key coordinates. 
Signed-off-by: Lars Wilhelmsen <lars@sral.org>
 2019-02-25 09:53:09 -03:00
mposolda
061693a8c9 KEYCLOAK-9089 IllegalArgumentException when trying to use ES256 as OIDC access token signature 2018-12-14 21:01:03 +01:00
mposolda
5b51c000af KEYCLOAK-8481 Don't include empty resource_access in access token 2018-10-11 08:04:07 +02:00
mposolda
3777dc45d0 KEYCLOAK-3058 Support for validation of "aud" in adapters through verify-token-audience configuration switch 2018-09-21 11:17:05 +02:00
mposolda
99a16dcc1f KEYCLOAK-6638 Support for adding audiences to tokens 2018-09-13 21:40:16 +02:00
stianst
24e60747b6 KEYCLOAK-7560 Refactor token signature SPI PR 
Also incorporates:
KEYCLOAK-6770 ES256/384/512 providers
KEYCLOAK-4622 Use HS256 for refresh tokens
KEYCLOAK-4623 Use HS256 for client reg tokens
 2018-09-11 08:14:10 +02:00
mposolda
a2afe7c205 KEYCLOAK-7977 Release failing due the NPE during swagger2markup-maven-plugin execution 2018-07-31 22:05:34 +02:00
Oskars
3bef6d5066 KEYCLOAK-4538 Configurable clock skew when validating tokens (#5014) 
* [master]: fix type for checkLoginIframeInterval

* [master]: KEYCLOAK-4538 Feature to tolerate a configurable amount of seconds of clock skew when validating tokens

* [master]: KEYCLOAK-4538 Fix unit test scenarios for token clock skew

* [master]: KEYCLOAK-4538 Reverted wildcard imports

* [master]: fix unit test to use longer intervals to make test less fragile.
 2018-04-16 11:09:25 +02:00
Bill Burke
4bba11cd94 kcinit 2018-03-16 12:11:57 -04:00
mposolda
7d641baf4e KEYCLOAK-5570 Added InvalidationCrossDCTest 2017-09-29 19:36:40 +02:00
mposolda
3b6e1f4e93 KEYCLOAK-5007 Used single-use cache for tracke OAuth code. OAuth code changed to be encrypted and signed JWT 2017-09-29 13:20:22 +02:00
mposolda
63673c4328 KEYCLOAK-5569 Added JWE 2017-09-29 13:01:42 +02:00
Bill Burke
28b3ef9aa9 admin console work 2017-06-26 11:40:32 -04:00
Bill Burke
8967ca4066 refactor mongo entities, optimize imports 2016-09-28 15:25:39 -04:00
Martin Hardselius
04d03452bd KEYCLOAK-3422 support pairwise subject identifier in oidc 2016-09-13 09:18:45 +02:00
mposolda
3eb9134e02 KEYCLOAK-3424 Support for save JWKS in OIDC ClientRegistration endpoint 2016-08-12 15:51:14 +02:00
mposolda
a8fb988e31 KEYCLOAK-3406 OIDC dynamic client registrations specs fixes 2016-08-11 15:54:51 +02:00
mposolda
9be6777685 KEYCLOAK-2169 KEYCLOAK-3286 Support for at_hash and c_hash 2016-08-08 10:57:44 +02:00
Stian Thorgersen
ccfae82b77 KEYCLOAK-1040 
Allow import of realm keys (like we do for SAML)
 2016-02-29 09:35:08 +01:00
mposolda
0f21b6f6d9 KEYCLOAK-2479 Avoid ZIPException during bigger load 2016-02-18 19:28:20 +01:00
Stian Thorgersen
c7a8742a36 KEYCLOAK-1524 
Source code headers
 2016-02-03 11:20:22 +01:00
Stian Thorgersen
435980d776 KEYCLOAK-1809 
Upgrade jackson to version 2.x
 2016-01-14 16:34:30 +01:00
mposolda
4587fd23b6 KEYCLOAK-1929 Change package names. Fix Fuse demo 2015-10-16 16:30:42 +02:00
mposolda
7816f053a6 KEYCLOAK-1856 KEYCLOAK-1860 Fix onoffswitchvalue directive 2015-10-02 11:09:54 +02:00
Stian Thorgersen
5ca3a48094 KEYCLOAK-1723 Allow aud to be single field or array 2015-08-20 15:55:52 +02:00
Bill Burke
c0f3d851db reset password refactor/flow 2015-08-16 12:23:15 -04:00
Bill Burke
33f01009d2 login timeouts, verify email 2015-07-25 12:13:41 -04:00
Stian Thorgersen
1642ac2394 KEYCLOAK-1385 Introduce end-of-line normalization 2015-07-17 13:46:51 +02:00