pedroigor
5c52da80c6
[KEYCLOAK-7028] - Propagating AuthorizationContext when enforcement-mode is disable for a path
2018-04-02 11:10:43 -03:00
pedroigor
4a425c2674
[KEYCLOAK-4102] - Support lazy loading of paths via policy enforcer config
2018-03-28 09:23:59 -03:00
pedroigor
e9e376419d
[KEYCLOAK-4102] - Removing create-resources configuration option
2018-03-27 09:51:13 -03:00
pedroigor
668b67dcdb
[KEYCLOAK-6623] - Policy enforcer gets confused with similar paths ending with wildcards
2018-03-09 16:38:57 -03:00
Pedro Igor
91bdc4bde2
[KEYCLOAK-3169] - UMA 2.0 ( #4368 )
...
* [KEYCLOAK-3169] - UMA 2.0 Support
* [KEYCLOAK-3169] - Changes to account service and more tests
* [KEYCLOAK-3169] - Code cleanup and tests
* [KEYCLOAK-3169] - Changes to account service and tests
* [KEYCLOAK-3169] - Changes to account service and tests
* [KEYCLOAK-3169] - More tests
* [KEYCLOAK-3169] - Changes to adapter configuration
* [KEYCLOAK-3169] - Reviewing UMA specs and more tests
* [KEYCLOAK-3169] - Reviewing UMA specs and more tests
* [KEYCLOAK-3169] - Changes to UMA Grant Type and refactoring
* [KEYCLOAK-3169] - Refresh tokens for RPT responses and tests
* [KEYCLOAK-3169] - Changes to account my resources and policy enforcers
* [KEYCLOAK-3169] - Realm settings flag to enable/disable user-managed access in account mgmt console
* [KEYCLOAK-3169] - More changes to my resource pages in account mgmt console
* [KEYCLOAK-3169] - Need to enable user-managed on realm to run tests
* [KEYCLOAK-3169] - Removing more UMA 1.0 related code
* [KEYCLOAK-3169] - Only submit requests if ticket exists
* [KEYCLOAK-3169] - Returning UMA 401 response when not authenticated
* [KEYCLOAK-3169] - Removing unused code
* [KEYCLOAK-3169] - Removing unused code
* [KEYCLOAK-3169] - 403 response in case ticket is not created
* [KEYCLOAK-3169] - Fixing AbstractPhotozExampleAdapterTest#testClientRoleRepresentingUserConsent
* [KEYCLOAK-3169] - 403 status code only returned for non-bearer clients
2018-02-28 08:53:10 +01:00
Takashi Norimatsu
502627f590
KEYCLOAK-5811 Client Authentication by JWS Client Assertion in client secret
2018-01-26 10:59:40 +01:00
Hynek Mlnarik
626004e782
KEYCLOAK-6066 Be less strict when handling cookies
2017-12-19 21:39:41 +01:00
vramik
5a8ff72cb6
KEYCLOAK-4641 migrate remaining Adapter tests from old testsuite
2017-12-06 15:12:37 +01:00
stianst
5467d67c91
KEYCLOAK-5945 Strip default ports from urls
2017-12-04 19:56:01 +01:00
mposolda
ff6fcd30d9
KEYCLOAK-4478 OIDC auth response lacks session_state in some cases
2017-12-04 16:13:22 +01:00
Domenico Briganti
b72b01bb9d
fix logger class
2017-11-30 10:52:26 +01:00
pedroigor
6587cfa084
[KEYCLOAK-3629] - Some Adapters do not work with SSL Redirect
2017-11-30 10:39:21 +01:00
pedroigor
792ffdf39b
[KEYCLOAK-5925] - Trace-level should log tokens without their signatures
2017-11-28 09:54:57 -02:00
rmartinc
0b3ae30473
Parameter "ui_locales" not redirected to login page in java adapters
2017-11-23 11:18:29 +01:00
emilienbondu
8b8e694c60
Fix https://issues.jboss.org/browse/KEYCLOAK-5636 NPE
2017-11-09 19:32:27 +01:00
Xiaojian Liu
19eed51582
KEYCLOAK-5352 Basic Auth fails if password contains a ':'
2017-11-09 13:56:02 +01:00
Xiaojian Liu
9ff22f596d
KEYCLOAK-5352 Basic Auth fails if password contains a ':'
2017-11-09 13:56:02 +01:00
Xiaojian Liu
e1af9f133f
KEYCLOAK-5352 Basic Auth fails if password contains a ':'
2017-11-09 13:56:02 +01:00
Pedro Igor
7dd7b6b984
[KEYCLOAK-5726] - Defaults to true in case no required scopes are defined
2017-10-24 10:39:55 -02:00
Pedro Igor
a6e1413d58
[KEYCLOAK-5726] - Support define enforcement mode for scopes on the adapter configuration
2017-10-24 10:39:54 -02:00
saurabhrai
6dd8592434
KEYCLOAK-5623: Updated to code to check the profile configuration to support Jboss Fuse adapter. Read from profile resource.
2017-10-23 14:17:18 +05:30
jtyrrell-se-jboss
9673ce5541
Update OAuthRequestAuthenticator.java ( #4427 )
...
Removed a check for a 400 error, I was seeing a 403 error, and it wasn't until I rewrote the code to be like what is in line 334 I did not see enough meaningful information to figure out I had a /etc/hosts issue, where I had it locally on my machine, but the remote tomcat instance needed it also.
2017-09-12 08:24:36 +02:00
sebastienblanc
aaac85e541
add new flag to determine if error response must be sent or not
2017-09-05 15:08:17 +02:00
Pedro Igor
b4530cfbe9
fixing policy enforcer /*
2017-08-23 13:30:24 -03:00
Marek Posolda
09ec642543
Merge pull request #4232 from wvdhaute/token-store
...
[KEYCLOAK-5067] Allow refreshable context to have an optional adapter token store
2017-07-03 20:55:26 +02:00
Sebastien Blanc
500a21685f
KEYCLOAK-5082 : Add new redirect-rewrite-rule parameters for the adapters ( #4255 )
...
* add rewrite rule config property
* add subsystem support for redirect rewrite
* update deployment unit test
* add license headers
* Optimize rewrite method
2017-06-29 12:50:42 +02:00
Wim Vandenhaute
0e0140d88b
Allow refreshable context to have an optional adapter token store
2017-06-15 15:24:07 +02:00
Alex Szczuczko
5d88c2b8be
KEYCLOAK-4758 Update Encode class using latest resteasy. Use encodeQueryParamAsIs instead of encodeQueryParam when encoding key=value pairs for URI query sections. Also fix a few callers who were relying on the bad behaviour of queryParam.
2017-06-05 16:24:38 -06:00
Pedro Igor
d69d00082f
[KEYCLOAK-4932] - Improvements to policy enforcer and better spring boot support
2017-06-01 22:55:58 -03:00
Stian Thorgersen
178fd08d9a
Merge pull request #4066 from johnament/KEYCLOAK-4765
...
KEYCLOAK-4765 - Add ability to disable Query Parameter parsing.
2017-05-23 13:24:08 +02:00
Pedro Igor
b68494b3f0
[KEYCLOAK-4927] - Authz client incompatible with client definition
2017-05-18 09:57:12 -03:00
mposolda
168153c6e7
KEYCLOAK-4626 Authentication sessions - SAML, offline tokens, broker logout and other fixes
2017-05-11 22:16:26 +02:00
Stian Thorgersen
e0da7ed6b4
Merge pull request #4074 from sebastienblanc/allow_headers
...
Keycloak-3297 : adding cors-exposed-headers to conf
2017-05-05 12:54:47 +02:00
John Ament
1f98dc5527
KEYCLOAK-4765 - Simplified unit tests.
2017-04-25 20:38:07 -04:00
Pedro Igor
79c9078caa
[KEYCLOAK-4792] - Client credentials provider support and making easier to obtain authz client
2017-04-25 14:51:45 -03:00
emilienbondu
46bc102799
adding cors-exposed-headers to conf
...
add missing field in the BaseAdapterConfig
cleaning for PR & adding unit test
Adding property to subsystem, removing formatting changes
2017-04-25 12:02:17 +02:00
John Ament
cb7cef8858
KEYCLOAK-4765 - Add ability to disable Query Parameter parsing.
2017-04-24 14:42:03 -04:00
Pedro Igor
70a3dd1e4a
[KEYCLOAK-4769] - Better error message when resource has no or invalid uri
2017-04-20 13:21:01 -03:00
Pedro Igor
80a80512ea
[KEYCLOAK-4769] - Policy enforcer path matching tests
2017-04-20 13:21:01 -03:00
Pedro Igor
2a1a19f290
[KEYCLOAK-4751] - Send default access denied page when requests don't match any path config
2017-04-12 18:25:13 -03:00
Takashi Norimatsu
ef3aef9381
Merge branch 'master' into master
2017-03-28 16:21:40 +09:00
Pedro Igor
258af94889
Delegating caching of resource instances to to path matcher
2017-03-17 09:35:19 -03:00
Pedro Igor
dabd7c0b27
[KEYCLOAK-4602] - Improving pattern matching algorithm
2017-03-17 09:34:52 -03:00
Pedro Igor
f6786e29c6
[KEYCLOAK-4602] - A runtime cache for path configurations
2017-03-17 09:34:16 -03:00
wildloop
80c9e23282
Update RequestAuthenticator.java
2017-03-15 09:14:48 +01:00
wildloop
366dee6575
Update RequestAuthenticator.java
2017-03-15 09:13:41 +01:00
wildloop
d723c608d6
Update RequestAuthenticator.java
2017-03-14 11:36:57 +01:00
wildloop
7904ce5a37
one-line debug log
2017-03-07 16:01:13 +01:00
Takashi Norimatsu
fe5fe4c968
KEYCLOAK-2604 Proof Key for Code Exchange by OAuth Public Clients - RFC
...
7636 - Client Side Implementation
2017-02-03 12:02:54 +09:00
Agile Developer
d60c3b7c0c
missing import
2017-02-03 00:47:41 +01:00