Erlend Hamnaberg
208ecbc3f7
KEYCLOAK-6676: Fix NPE if the redirect_uri parameter is missing
2018-02-21 19:44:22 +01:00
mposolda
fc463ae50b
KEYCLOAK-6617 Offline token logout did not invalidate user session
2018-02-19 08:49:05 +01:00
cgol
86a8addf49
KEYCLOAK-6615 Remove offline session from database on offline token logout
...
remove offline token from database on offline session logout
2018-02-19 08:49:05 +01:00
stianst
9b63cd35f0
KEYCLOAK-6431
2018-02-13 19:38:46 +01:00
Hynek Mlnarik
84ea3f8cb1
KEYCLOAK-4315 Remove some dead/duplicate classes
2018-02-13 15:41:36 +01:00
Bill Burke
5d5373454c
Merge pull request #4991 from patriot1burke/challenge-support
...
KEYCLOAK-6355
2018-02-13 09:38:45 -05:00
Bill Burke
87ee15a081
fix
2018-02-12 16:52:55 -05:00
Bill Burke
d6788a0839
finish
2018-02-10 13:38:39 -05:00
stianst
505cf5b251
KEYCLOAK-6519 Theme resource provider
2018-02-09 08:28:59 +01:00
Bill Burke
5ea4ef9e55
change code query params to session_code
2018-02-08 17:37:27 -05:00
Douglas Palmer
e8de4655ac
KEYCLOAK-6344 Use POST instead of GET for LDAP connection tests
2018-02-08 21:18:03 +01:00
Jochen Preusche
8325151e16
Extract findLocale
to LocaleNegotiator
, add tests
...
* Improve Testability of Locale Negotiation
* Add test for Locale Negotiation
* Fix Locale Negotiation for omitted Country Code
2018-02-06 09:50:04 +01:00
Serhii Shymkiv
c2fe500eb8
[KEYCLOAK-4721] Consider Session Language of Realm Also In ReCaptcha
2018-02-02 13:57:03 +01:00
vramik
019c3c9ef9
KEYCLOAK-6146 realm import fails when password policy is specified
2018-02-02 08:30:06 +01:00
Thomas Darimont
77334af34e
KEYCLOAK-6222 Check syntax for errors on ScriptBasedOIDCProtocolMapper validation
...
We now explicitly check for syntax errors
during validation of ScriptBasedOIDCProtocolMappers.
2018-02-02 08:28:27 +01:00
Bill Burke
8f09efab9d
Merge pull request #4949 from patriot1burke/client-storage-spi
...
KEYCLOAK-6228
2018-02-01 08:59:02 -05:00
Bill Burke
126dd70efc
client stat improvement
2018-01-31 13:05:13 -05:00
Bill Burke
a571781240
hynek db changes
2018-01-30 17:00:55 -05:00
Vlastimil Elias
a5f675d693
KEYCLOAK-4937 - convert time units in emails into human-friendly format
2018-01-30 06:38:57 +01:00
Bill Burke
1d8e38f0c6
admin console
2018-01-27 13:05:02 -05:00
Bill Burke
dd4c0d448c
Merge remote-tracking branch 'upstream/master' into client-storage-spi
2018-01-27 09:47:41 -05:00
Bill Burke
6b84b9b4b6
done 1st iteration
2018-01-27 09:47:16 -05:00
Takashi Norimatsu
502627f590
KEYCLOAK-5811 Client Authentication by JWS Client Assertion in client secret
2018-01-26 10:59:40 +01:00
gregoirew
13261b52db
Use the github /user/emails api endpoint if the github user did not set any public email.
...
Github can send a null email on the user info endpoint if there is no public email on the user profile.
This commit look for email on the /user/emails endpoint, selecting the primary email.
2018-01-25 20:56:24 +01:00
Bill Burke
ddad1cb8af
Merge remote-tracking branch 'upstream/master' into client-storage-spi
2018-01-25 10:08:37 -05:00
Bill Burke
8a17b61f4e
initial work
2018-01-25 10:08:26 -05:00
Bill Burke
7c66f76858
Merge pull request #4932 from patriot1burke/per-client-flow
...
KEYCLOAK-6335
2018-01-25 09:55:11 -05:00
Thomas Darimont
3d12bf7d14
KEYCLOAK-4743 Revise proxy support for HttpClient SPI
...
Polishing & more tests.
2018-01-25 09:31:32 +01:00
Thomas Darimont
851d0192ad
KEYCLOAK-4743 Add proxy support to HttpClient SPI
...
We now provide a configurable way for dynamic proxy route selection
for the default HttpClient based on regex based targetHostname patterns.
Introduced `ProxyMapping` to describe a regex based mapping
between target hosts and the proxy URL to use.
A `ProxyMapping` can be build from an ordered list of string based
mapping representations, e.g:
```
^.*.(google.com|googleapis.com)$;http://localhost:8080
```
If the targetHost does not match a configured proxy mapping,
no proxy is used.
This can be configured via standalone.xml / jboss-cli, e.g.:
```
echo SETUP: Configure proxy routes for HttpClient SPI
/subsystem=keycloak-server/spi=connectionsHttpClient/provider=default:add(enabled=true)
/subsystem=keycloak-server/spi=connectionsHttpClient/provider=default:write-attribute(name=properties.proxy-mappings,value=["^.*.(google.com|googleapis.com)$;http://www-proxy1:8080 ","^.*.facebook.com$;http://www-proxy2:8080 "])
```
The new `ProxyMappingWareRoutePlanner` uses a configured `ProxyMapping`
to decide which proxy to use for a given request based on the target host
denoted by the HTTP request to execute.
I verified this manually with the BurpProxy Suite.
2018-01-25 09:31:32 +01:00
mposolda
6369c26671
KEYCLOAK-6286 Adding 'Exclude Session State From Authentication Response' switch to fix backwards compatibility with Keycloak 2.X adapters
2018-01-24 11:35:13 +01:00
Bill Burke
7b2e72d395
Merge remote-tracking branch 'upstream/master' into per-client-flow
2018-01-23 12:10:11 -05:00
Bill Burke
a9297df89c
KEYCLOAK-6335
2018-01-23 12:09:49 -05:00
Hynek Mlnarik
4ba72e2d2d
KEYCLOAK-5976 Fix client setting in brokered IdP-initiated scenario
2018-01-23 09:34:11 +01:00
stianst
f762173eb0
KEYCLOAK-3370 Add option to override theme in client template and client
2018-01-18 09:14:13 +01:00
stianst
35ada9d636
KEYCLOAK-6289 Add ThemeSelectorSPI
2018-01-18 09:14:13 +01:00
Thomas Darimont
bae4d4c673
KEYCLOAK-5791 Allow multi-valued ScriptBasedOIDCProtocolMapper
...
We now support multi-valued attribute values for the
`ScriptBasedOIDCProtocolMapper`.
Previously the `ScriptBasedOIDCProtocolMapper` only supported
single valued output. If a script returned a list of
output values then only the first value was emitted to the token.
By default multi-valued is set to `false` / `off`.
2018-01-11 08:52:24 +01:00
stianst
d8c0cc447f
KEYCLOAK-6090 Add missing cors headers with invalid username/password and resource owner grant
2018-01-02 15:15:15 +01:00
stianst
0bedbb4dd3
Bump version to 4.0.0.CR1-SNAPSHOT
2017-12-21 15:06:00 +01:00
Marko Strukelj
23d0afbfd8
KEYCLOAK-6058 Partial import should ignore built-in clients
2017-12-21 13:52:58 +01:00
stianst
f0c5752ef9
KEYCLOAK-5443 Fix update user account when both email as username and edit username are enabled
2017-12-20 14:40:03 +01:00
Bruno Oliveira
811cd3a04a
KEYCLOAK-6011
2017-12-20 13:37:11 +01:00
stianst
e96c6a4bcb
KEYCLOAK-6068 Fix preflight request on admin endpoints
2017-12-20 10:19:34 +01:00
stianst
465675ac28
KEYCLOAK-5019 Fixes for password managers
2017-12-19 16:13:16 +01:00
mposolda
5a66f577eb
KEYCLOAK-5982 Fix NPEs when client 'account' was renamed/removed
2017-12-18 21:47:17 +01:00
stianst
27b5e1aae2
KEYCLOAK-6050 Fix export doesn't export internal realm rep
2017-12-18 13:15:42 +01:00
stianst
b303acaaba
KEYCLOAK-2120 Added manual setup page for OTP
2017-12-18 11:20:20 +01:00
Bill Burke
118e998570
Merge pull request #4834 from pedroigor/KEYCLOAK-5806
...
[KEYCLOAK-5806] - Create policy button to associated policies
2017-12-16 23:44:35 -05:00
Bill Burke
80be4c9dbc
fix more
2017-12-16 07:12:32 -05:00
pedroigor
5d7ba39e0c
[KEYCLOAK-5806] - Create policy component to permission pages
2017-12-15 23:41:52 -02:00
Bill Burke
7cb39c2dfc
KEYCLOAK-5420
2017-12-15 12:16:24 -05:00