Commit graph

2030 commits

Author SHA1 Message Date
mposolda
40d129cf54 KEYCLOAK-7489 Replace failed for entity repeats infinitely 2018-07-04 10:22:49 +02:00
mposolda
8c66f520af KEYCLOAK-7745 JTA error if offline sessions can't be preloaded at startup within 5 minutes 2018-07-04 10:22:13 +02:00
Martin Kanis
0e2e867e4a KEYCLOAK-5023 database migration fails if mysql schema name has hyphen 2018-06-27 10:11:09 +02:00
Takashi Norimatsu
2fb022e501 KEYCLOAK-7688 Offline Session Max for Offline Token 2018-06-26 08:25:06 +02:00
Martin Kanis
998227ac53 KEYCLOAK-5461 Upgrade to Liquibase 3.5.5 2018-06-22 13:20:10 +02:00
stianst
e1a0e581b9 Update to 4.1.0.Final-SNAPSHOT 2018-06-14 14:22:28 +02:00
Marek Posolda
49407c2e4f
KEYCLOAK-6630 Client scopes initial support (#5076)
* KEYCLOAK-6630 KEYCLOAK-349 Client Scopes

Co-authored-by: vramik <vramik@redhat.com>

* KEYCLOAK-6630 Change some clientTemplate occurences to clientScope
2018-06-08 15:38:38 +02:00
Federico M. Facca
5a9bfea419 [KEYCLOAK-7353] Support Policy Management in Protection API
See https://issues.jboss.org/browse/KEYCLOAK-7353
2018-06-06 19:36:42 -03:00
Pedro Igor
f8919f8baa
Merge pull request #5211 from pedroigor/KEYCLOAK-7367
[KEYCLOAK-7367] - User-Managed Policy Provider
2018-06-04 09:35:13 -03:00
Martin Kanis
f429469fc8 KEYCLOAK-5270 Realm cookie path for IE<=11 users (#5106) 2018-05-31 08:44:34 +02:00
Johannes Knutsen
c64ecb1ab8 Remove expired objects from cache cluster instead of local only 2018-05-29 10:27:43 +02:00
Pedro Igor
2b6597e9f1 [KEYCLOAK-7367] - User-Managed Policy Provider 2018-05-25 16:18:15 -03:00
Stian Thorgersen
dbf5c395b0
Bump version to 4.0.0.Final (#5224) 2018-05-24 19:02:30 +02:00
Stian Thorgersen
90e5c7f3eb
Bump version to 4.0.0.Beta3-SNAPSHOT (#5185) 2018-05-02 14:32:20 +02:00
Pedro Igor
5cae1bb134
Merge pull request #5093 from pedroigor/KEYCLOAK-4102
[KEYCLOAK-4102] - Support lazy load paths
2018-03-29 09:16:34 -03:00
pedroigor
4a425c2674 [KEYCLOAK-4102] - Support lazy loading of paths via policy enforcer config 2018-03-28 09:23:59 -03:00
dongay
707b80f436 KEYCLOAK-3210 Apply @Nationalized attribute to entity fields that should support unicode character sets 2018-03-27 20:55:59 +02:00
Pedro Igor
ffeb0420bf
Merge pull request #5079 from pedroigor/KEYCLOAK-6529
[KEYCLOAK-6529] - Resource Attributes
2018-03-27 09:30:38 -03:00
stianst
07fea02146 Bump versions to 4.0.0.Beta2-SNAPSHOT 2018-03-26 18:17:38 +02:00
pedroigor
758ae41999 [KEYCLOAK-6529] - Constraint name too long 2018-03-22 07:05:03 -03:00
Hynek Mlnarik
bb3c76a9d9 KEYCLOAK-6929 Externalizers for AuthenticationSessionEntity 2018-03-21 12:46:50 +01:00
pedroigor
08896ee9c9 [KEYCLOAK-6529] - Resource Attributes 2018-03-19 13:21:39 -03:00
Johannes Knutsen
9de8e79577 KEYCLOAK-6824: Remove negation of isEmpty list check 2018-03-15 18:43:22 +01:00
Pedro Igor
2aa71d1737
Merge pull request #5051 from pedroigor/KEYCLOAK-6787
[KEYCLOAK-6787] - Wrong validation of resources with same name and different owners
2018-03-12 11:41:49 -03:00
Hynek Mlnarik
05dcc6e3af KEYCLOAK-6783 JDG-auth optimizations 2018-03-09 15:08:55 +01:00
mposolda
6f7200868b Secured RemoteCache availability 2018-03-09 15:08:55 +01:00
Bill Burke
4b6b45cf43 KEYCLOAK-6026 2018-03-05 11:57:05 -05:00
vramik
9bd2e70376 KEYCLOAK-6790 Identifier for RESOURCE_SERVER_PERMISSION_TICKET table is too long for Oracle databases 2018-03-02 12:46:19 +01:00
Bill Burke
7f21cdd1f4 KEYCLOAK-6551 2018-03-02 10:41:05 +01:00
pedroigor
1e1de85685 [KEYCLOAK-6787] - Wrong validation of resources with same name and different owners 2018-03-01 16:50:05 -03:00
pedroigor
cb531056a6 [KEYCLOAK-6621] - Fixing cache and queries of policies with type scope 2018-02-28 16:33:45 -03:00
Pedro Igor
91bdc4bde2 [KEYCLOAK-3169] - UMA 2.0 (#4368)
* [KEYCLOAK-3169] - UMA 2.0 Support

* [KEYCLOAK-3169] - Changes to account service and more tests

* [KEYCLOAK-3169] - Code cleanup and tests

* [KEYCLOAK-3169] - Changes to account service and tests

* [KEYCLOAK-3169] - Changes to account service and tests

* [KEYCLOAK-3169] - More tests

* [KEYCLOAK-3169] - Changes to adapter configuration

* [KEYCLOAK-3169] - Reviewing UMA specs and more tests

* [KEYCLOAK-3169] - Reviewing UMA specs and more tests

* [KEYCLOAK-3169] - Changes to UMA Grant Type and refactoring

* [KEYCLOAK-3169] - Refresh tokens for RPT responses and tests

* [KEYCLOAK-3169] - Changes to account my resources and policy enforcers

* [KEYCLOAK-3169] - Realm settings flag to enable/disable user-managed access in account mgmt console

* [KEYCLOAK-3169] - More changes to my resource pages in account mgmt console

* [KEYCLOAK-3169] - Need to enable user-managed on realm to run tests

* [KEYCLOAK-3169] - Removing more UMA 1.0 related code

* [KEYCLOAK-3169] - Only submit requests if ticket exists

* [KEYCLOAK-3169] - Returning UMA 401 response when not authenticated

* [KEYCLOAK-3169] - Removing unused code

* [KEYCLOAK-3169] - Removing unused code

* [KEYCLOAK-3169] - 403 response in case ticket is not created

* [KEYCLOAK-3169] - Fixing AbstractPhotozExampleAdapterTest#testClientRoleRepresentingUserConsent

* [KEYCLOAK-3169] - 403 status code only returned for non-bearer clients
2018-02-28 08:53:10 +01:00
gonzalad
898347366d KEYCLOAK-6589: Optimize jpql in User search API
This commit removes the 6 n+1 select
that are issued when calling GET /users api.

We now have 4 select queries.
2018-02-22 14:21:42 +01:00
pedroigor
d590600c12 [KEYCLOAK-6321] - NPE when deleting a resource with admin events enabled 2018-02-21 19:41:44 +01:00
Bruno Oliveira
b91998a0d8 [KEYCLOAK-6111] 'Override User-Initiated Action Lifespan' admin GUI can break realm configuration 2018-02-09 06:36:23 -02:00
pedroigor
76657d5239 [KEYCLOAK-6528] - Fixing mysql error. Probably a consequence of KEYCLOAK-6228 changes. 2018-02-08 21:17:33 +01:00
Bill Burke
6054b69eec fix serializable exceptions 2018-01-31 20:26:50 -05:00
Bill Burke
a0d275c850 whoops, fix db script 2018-01-31 14:28:40 -05:00
Bill Burke
26411a123e migrate fix 2018-01-31 13:11:46 -05:00
Bill Burke
126dd70efc client stat improvement 2018-01-31 13:05:13 -05:00
Bill Burke
bd3eb9d662 more hynek db changes 2018-01-30 19:46:42 -05:00
Bill Burke
a571781240 hynek db changes 2018-01-30 17:00:55 -05:00
Bill Burke
0fc7fa557d fix caching 2018-01-29 16:26:51 -05:00
Bill Burke
4bf23cc83a caching 2018-01-29 12:28:17 -05:00
Bill Burke
1d8e38f0c6 admin console 2018-01-27 13:05:02 -05:00
Bill Burke
dd4c0d448c Merge remote-tracking branch 'upstream/master' into client-storage-spi 2018-01-27 09:47:41 -05:00
Bill Burke
6b84b9b4b6 done 1st iteration 2018-01-27 09:47:16 -05:00
vramik
b0fbe5c8ba KEYCLOAK-6300 List of group members is not sorted alphabetically 2018-01-25 20:21:03 +01:00
Bill Burke
ddad1cb8af Merge remote-tracking branch 'upstream/master' into client-storage-spi 2018-01-25 10:08:37 -05:00
Bill Burke
8a17b61f4e initial work 2018-01-25 10:08:26 -05:00
Bill Burke
4bfb62d7f4 marek suggested fixes 2018-01-24 09:32:38 -05:00
Bill Burke
a9297df89c KEYCLOAK-6335 2018-01-23 12:09:49 -05:00
Douglas Palmer
fc3c07f6de [KEYCLOAK-6236] Use MessageDigest.isEquals in place of String.equals 2018-01-18 13:04:54 +01:00
Hynek Mlnarik
e4c875eb41 KEYCLOAK-6108 Remove DROP INDEX in postgres (handled automatically) 2018-01-04 09:03:52 +01:00
Hynek Mlnarik
f0c1e65b2d KEYCLOAK-6095 Include schema in custom SQL 2018-01-04 09:03:52 +01:00
stianst
0bedbb4dd3 Bump version to 4.0.0.CR1-SNAPSHOT 2017-12-21 15:06:00 +01:00
Martin Kanis
351dbffaf2 KEYCLOAK-5172 Set oidc as default protocol to clients 2017-12-20 13:38:12 +01:00
Marko Strukelj
ae573f4814 KEYCLOAK-5617 KEYCLOAK-5993 Race condition putting new user in user cache 2017-12-20 13:35:35 +01:00
mposolda
6696c0f0b2 KEYCLOAK-5245 Restart failures when deleting a client with existing sessions/offline_tokens 2017-12-13 15:53:10 +01:00
mposolda
63efee6e15 KEYCLOAK-5938 Authentication sessions: Support for logins of multiple tabs of same client 2017-12-12 08:01:02 +01:00
Bill Burke
5d5a200413
Merge pull request #4818 from patriot1burke/master
KEYCLOAK-5926
2017-12-08 09:59:32 -05:00
Bill Burke
0dee393071 KEYCLOAK-5926 2017-12-07 19:49:10 -05:00
Bill Burke
efa5949f69
Merge pull request #4814 from patriot1burke/master
KEYCLOAK-5350
2017-12-07 10:07:35 -05:00
stianst
c055ffb083 KEYCLOAK-4215 Consider session expiration when setting token timeouts 2017-12-07 10:45:02 +01:00
stianst
5fd3c9161d KEYCLOAK-5868 2017-12-07 10:42:21 +01:00
Bill Burke
64f8d7ce25 KEYCLOAK-5350 2017-12-06 16:00:23 -05:00
mposolda
8a0fa521c4 KEYCLOAK-5915 Support for sticky sessions managed by loadbalancer. Support for KeyAffinityService 2017-12-06 13:06:54 +01:00
stianst
6d1c33ccdc KEYCLOAK-5667 2017-12-06 06:45:23 +01:00
mposolda
6c34b4c418 KEYCLOAK-5914 Periodic clean of detached client sessions 2017-12-05 08:25:30 +01:00
stianst
37de8e9f69 Bump version to 3.4.2.Final-SNAPSHOT 2017-12-01 09:34:48 +01:00
mposolda
7b03eed9c8 KEYCLOAK-5797 Refactoring authenticationSessions to support login in multiple browser tabs with different clients 2017-11-30 12:56:45 +01:00
Hynek Mlnarik
b466f4d0b6 KEYCLOAK-5910 Retry sending notification when remote cache is unavailable 2017-11-30 11:48:26 +01:00
pedroigor
17748d5ba8 [KEYCLOAK-5660] - Adding UserQueryProvider.getUsersCount(realm, includeServiceAccount) method 2017-11-30 10:45:54 +01:00
pedroigor
674fb31a2c [KEYCLOAK-5660] - Rest API User count returns wrong value 2017-11-30 10:45:54 +01:00
stianst
2be78a0239 KEYCLOAK-5924 Add error handler for uncaught errors 2017-11-30 10:33:13 +01:00
pedroigor
9ffc11d04f [KEYCLOAK-4231] - Unable to import PEM certificate > 2048 2017-11-29 20:26:22 +01:00
mposolda
6d91ab674b KEYCLOAK-5895 CrossDC: NotSerializableException when opening sessions tab in admin console 2017-11-23 20:03:12 +01:00
Bill Burke
2117db5e6d
Merge pull request #4730 from patriot1burke/master
KEYCLOAK-4715
2017-11-22 12:45:23 -05:00
mposolda
bd1072d2eb KEYCLOAK-5747 Ensure refreshToken doesn't need to send request to the other DC. Other fixes and polishing 2017-11-22 11:55:12 +01:00
mposolda
61c5a332b4 KEYCLOAK-5832 Fix the issue with RemoveExpiredCommand exception on JDG side 2017-11-22 11:55:12 +01:00
Bill Burke
8993ca08ad KEYCLOAK-4715 2017-11-21 17:46:48 -05:00
Bill Burke
08ca03051c
Merge pull request #4549 from pkadej/KEYCLOAK-5662
KEYCLOAK-5662
2017-11-20 14:37:07 -05:00
Bill Burke
83ff0eab10 remove irrelevant comments 2017-11-17 11:36:49 -05:00
Bill Burke
c66ff60c58 KEYCLOAK-5715 2017-11-17 11:34:32 -05:00
Hynek Mlnarik
a787cfa33a KEYCLOAK-5425 Have preconditions evaluated in manual mode 2017-11-15 13:37:32 +01:00
Bruno Oliveira
03d0488335 [KEYCLOAK-2052] Allows independently set timeouts for e-mail verification link and rest e.g. forgot password link
Co-authored-by: Hynek Mlnarik <hmlnarik@redhat.com>
2017-11-13 19:57:04 -02:00
Przemysław Kadej
e28f402b6b KEYCLOAK-5662 - CachePolicy.MAX_LIFESPAN - Cached LDAP users aren't being refreshed at all 2017-11-13 11:36:31 +01:00
mposolda
c530a061cc KEYCLOAK-5828 Ensure sessions preloading works for remote distributed caches as well 2017-11-10 11:27:24 +01:00
mposolda
a98f085be6 KEYCLOAK-5618 Fix SessionsPreloadCrossDCTest. Update HOW-TO-RUN docs. Ensure it's executed in travis. 2017-11-09 17:39:04 +01:00
Stian Thorgersen
128ff12f8f Bump versions 2017-11-09 15:37:21 +01:00
mposolda
701b7acd80 KEYCLOAK-5371 More stable cross-dc tests 2017-11-08 10:03:04 +01:00
mposolda
62a1c187a2 KEYCLOAK-5716 KEYCLOAK-5738 Avoid infinispan deadlock. Ensure code-to-token works correctly in cross-dc 2017-11-07 09:01:59 +01:00
Hynek Mlnařík
4d0d28c222
Merge pull request #4621 from hmlnarik/KEYCLOAK-5230-Indexes-on-USER-ID-missing-from-the-federated-user-tables
KEYCLOAK-5230 Add indices to FED_* tables
2017-10-31 08:48:34 +01:00
Hynek Mlnarik
c9aa5e638e KEYCLOAK-5230 Add indices to FED_* tables 2017-10-27 12:43:22 +02:00
Hynek Mlnarik
92027e4c57 KEYCLOAK-5745 Fix ActionTokenCrossDCTest and improve logging 2017-10-27 08:45:05 +02:00
Hynek Mlnarik
75c354fd94 KEYCLOAK-5745 Separate user and client sessions in infinispan 2017-10-26 10:39:41 +02:00
Hynek Mlnařík
7190820fc4 Merge pull request #4566 from vramik/KEYCLOAK-4928
KEYCLOAK-4928 Add primary key constraints
2017-10-24 15:40:37 +02:00
Marek Posolda
a7bc294a08 Merge pull request #4594 from hmlnarik/KEYCLOAK-5688-Externalizer-for-entities-shared-across-DC-2
KEYCLOAK-5688 Externalizers for cluster messages and predicates
2017-10-24 14:41:16 +02:00
mposolda
9a19e95b60 KEYCLOAK-5710 Change cache-server to use backups based caches 2017-10-24 11:52:08 +02:00
vramik
223713bc53 KEYCLOAK-4928 Add primary key constraints 2017-10-24 10:46:46 +02:00
Hynek Mlnarik
faf830dc77 KEYCLOAK-5688 Externalizers for cluster messages and predicates 2017-10-23 12:18:56 +02:00
Bill Burke
92245e3fc8 fixes 2017-10-20 09:55:37 -04:00
Bill Burke
54ebc21880 KEYCLOAK-5698 2017-10-19 19:38:56 -04:00
Bill Burke
0371a562d9 Merge pull request #4574 from patriot1burke/master
KEYCLOAK-5701
2017-10-19 10:33:10 -04:00
Bill Burke
8faa6f1f4d KEYCLOAK-5701 2017-10-18 18:20:50 -04:00
Hynek Mlnarik
6d18ba4b32 KEYCLOAK-5688 Add externalizers for session entities
and remove unused events
2017-10-18 16:04:57 +02:00
Hynek Mlnarik
056ba75a72 KEYCLOAK-5656 Use standard infinispan remote-store 2017-10-16 21:49:42 +02:00
Bruno Oliveira da Silva
b6ab2852c2 Remove unused imports (#4558) 2017-10-16 14:23:42 +02:00
mposolda
26f11078dc KEYCLOAK-5371 Use managed executors on Wildfly 2017-10-11 11:09:53 +02:00
mposolda
f5ff24ccdb KEYCLOAK-5371 Fix SessionExpirationCrossDCTest, Added ExecutorsProvider. Debug support for cache-servers in tests 2017-10-10 22:30:44 +02:00
Hynek Mlnarik
fe972ce12b KEYCLOAK-5656 Remove remoteServers configuration option 2017-10-09 11:58:28 +02:00
Hynek Mlnarik
6cbfbeca0b KEYCLOAK-5656 Remove KeycloakTcpTransportFactory 2017-10-06 13:20:17 +02:00
mposolda
bca4c35708 KEYCLOAK-5371 Fix ActionTokenCrossDCTest and BruteForceCrossDCTest 2017-10-04 13:25:45 +02:00
Marek Posolda
13fe9e7cf8 Merge pull request #4510 from glavoie/KEYCLOAK-3303
KEYCLOAK-3303: Allow reuse of refresh tokens.
2017-09-29 17:07:45 +02:00
mposolda
3b6e1f4e93 KEYCLOAK-5007 Used single-use cache for tracke OAuth code. OAuth code changed to be encrypted and signed JWT 2017-09-29 13:20:22 +02:00
mposolda
63673c4328 KEYCLOAK-5569 Added JWE 2017-09-29 13:01:42 +02:00
Gabriel Lavoie
134daeac7f KEYCLOAK-3303: Allow reuse of refresh tokens.
- Configurable max reuse count.
2017-09-28 15:30:40 -04:00
Bill Burke
fd025ae76b Merge pull request #4209 from guitaro/feature/group-search-and-pagination
[KEYCLOAK-2538] - groups pagination and group search
2017-09-23 20:52:19 -04:00
howcroft
e78bf5f876 Keycloak 2035
This PR adds:
* an endpoint to Role that lists users with the Role
* a tab "Users in Role" in Admin console Role page
* it is applicable to Realm and Client Roles
* Extends UserQueryProvider with default methods (throwing Runtime Exception if not overriden)
* Testing in base testsuite and Console
2017-09-22 15:05:49 +01:00
mposolda
ca92bcbf7f KEYCLOAK-5480 Cross-DC setup: Remote cache stores are connecting to Infinispan servers in both datacenters 2017-09-18 18:04:04 +02:00
Oguz Kilcan
6ec5264f20 KEYCLOAK-5416 Migration from 3.2.1 to 3.3.0 doesn't work on MSSQL due to constraint violation (#4461) 2017-09-15 09:56:22 +02:00
Levente NAGY
d18aa44fb4 Merge branch 'feature/group-search-and-pagination' of https://github.com/guitaro/keycloak into feature/group-search-and-pagination 2017-09-13 16:48:24 +02:00
Levente NAGY
e907da77d7 KEYCLOAK 2538 - UI group pagination - Remove junit mocked TUs, add arquillian Tests, delete mockito from poms, fix groups sorting when get result from cache 2017-09-13 16:45:45 +02:00
Léventé NAGY
503ce3a47f Merge branch 'master' into feature/group-search-and-pagination 2017-09-13 10:27:38 +02:00
Pedro Igor
90db6654d3 Merge pull request #4451 from glavoie/KEYCLOAK-4858-ResourceServer
KEYCLOAK-4858: Slow query performance for client with large data volume
2017-09-12 15:54:16 -03:00
Levente NAGY
c8c88dd58c KEYCLOAK 2538 - UI group pagination - TU + some code improvement + add mockito dependency 2017-09-12 15:09:08 +02:00
Levente NAGY
db56d82dbd KEYCLOAK 2538 - UI group pagination - fix duplicate result for search + sort result 2017-09-12 11:45:37 +02:00
Marek Posolda
2a1f40d487 Merge pull request #4408 from MarkSchmitt/master
KEYCLOAK-5322: Rewrote delete statement to scale better
2017-09-12 11:14:08 +02:00
Marek Posolda
d636bc2616 Merge pull request #4468 from hmlnarik/KEYCLOAK-4899-Optimize-client-session-writes
KEYCLOAK-4899 Replace updates to user session with temporary auth ses…
2017-09-12 10:42:38 +02:00
Bill Burke
1a74288413 Merge pull request #4458 from vramik/KEYCLOAK-5405
KEYCLOAK-5405 add synchronization of the persistence context when cre…
2017-09-11 18:49:33 -04:00
Hynek Mlnarik
24e9cbb292 KEYCLOAK-4899 Replace updates to user session with temporary auth session 2017-09-11 21:43:49 +02:00
Gabriel Lavoie
bf184e8599 KEYCLOAK-4858: ResourceServer PK change to CLIENT_ID.
- MSSQL needs the index to be dropped before the column.
- Different UPDATE statement format to support MSSQL.
2017-09-11 13:50:58 -04:00
Levente NAGY
2c24b39268 KEYCLOAK 2538 - UI group pagination 2017-09-07 19:39:06 +02:00
fmugrau
998262177f KEYCLOAK-5422: Rewrote statement to scale better 2017-09-07 10:17:22 +02:00
Pedro Igor
f10891b662 [KEYCLOAK-4858] - Migration configuration for resource server pk changes 2017-09-06 11:28:58 -03:00
Gabriel Lavoie
c1664478d9 KEYCLOAK-4858: Slow query performance for client with large data volume
- Changing RESOURCE_SERVER PK to the client ID.
- Changing FK on children of RESOURCE_SERVER.
- Use direct fetch of ResourceServer through ID/PK to avoid a lot of implicit Hibernate flush.
2017-09-06 09:55:53 -03:00
Pedro Igor
9ed5fc5595 [KEYCLOAK-5389] - Invalidating ResourceStore.findByUri cache when creating new resources 2017-09-05 11:45:51 -03:00
vramik
37479a9afe KEYCLOAK-5405 add synchronization of the persistence context when creating a group 2017-09-05 14:34:43 +02:00
vramik
d62164f6f0 KEYCLOAK-5385 add not null constraint for user_entity.not_before (#4446) 2017-09-01 08:57:50 +02:00
vramik
8bfab22417 KEYCLOAK-5049 add explicit removal of groups (#4416) 2017-08-30 08:16:00 +02:00
Stian Thorgersen
463661b051 Set version to 3.4.0.CR1-SNAPSHOT 2017-08-28 15:46:22 +02:00
Hynek Mlnařík
23560d9e41 KEYCLOAK-5235 Fix JPA update script for MariaDB (#4423) 2017-08-28 08:05:49 +02:00
mposolda
43ce466aa6 KEYCLOAK-5294 Cross-dc working on Wildfly 2017-08-24 18:03:01 +02:00
Pedro Igor
3ff38e22cf [KEYCLOAK-4639] - Invalidating resource query by owner cache 2017-08-23 15:11:48 -03:00
mposolda
fe5891fbdb KEYCLOAK-5293 Add notBefore to user 2017-08-23 08:58:26 +02:00
mark.schmitt
6a28971218 KEYCLOAK-5322: Rewrote delete statement to scale better 2017-08-22 13:15:09 +00:00
mposolda
089514d8a6 KEYCLOAK-4634 Cross-dc support for UserLoginFailures 2017-08-17 10:22:12 +02:00
mposolda
fc777e166c KEYCLOAK-3298 Bit more perf improvement for bulk removal of sessions 2017-08-14 16:17:59 +02:00
mposolda
c4bb29b4bb KEYCLOAK-4187 SessionExpirationCrossDCTest - added tests for user logout and removal 2017-08-14 11:19:07 +02:00
mposolda
868e76fcf3 KEYCLOAK-4630 Added SessionsPreloadCrossDCTest for test preloading sessions and offline sessions. Support for manual.mode to control manually lifecycle of all servers. 2017-08-11 17:44:00 +02:00
mposolda
1289e84cdb KEYCLOAK-4630 Refactor RemoteCacheSessionsLoader to use JS script for preload sessions through more pages 2017-08-11 17:44:00 +02:00
Levente NAGY
c8aa708cff Merge remote-tracking branch 'upstream/master' 2017-08-10 18:14:49 +02:00
mposolda
0f7440d344 KEYCLOAK-4187 Fixes and tests related to sessions expiration and bulk removal in cross-dc environment 2017-08-10 08:29:59 +02:00
mposolda
a72c297d5d KEYCLOAK-4187 Fix LoginCrossDCTest 2017-08-08 14:02:48 +02:00
Hynek Mlnarik
9ca72dc5c6 KEYCLOAK-4189 Improve logging and concurrency/cross-DC testing 2017-08-08 10:11:51 +02:00
Hynek Mlnarik
80177e8712 KEYCLOAK-4187 Include version when marshalling UserSessionEntity 2017-08-08 10:11:51 +02:00
Hynek Mlnarik
125b178297 KEYCLOAK-4187 Fix warnings 2017-08-08 10:11:51 +02:00
mposolda
251b41a7ac KEYCLOAK-4187 Fix LastSessionRefreshCrossDCTest and ConcurrentLoginCrossDCTest 2017-08-07 11:55:49 +02:00
mposolda
07e2136b3b KEYCLOAK-4187 Added UserSession support for cross-dc 2017-07-27 22:32:58 +02:00
Pedro Igor
6865b4bbb1 [KEYCLOAK-4808] - Import large authz settings a bit faster 2017-07-06 18:22:13 -03:00
Pedro Igor
65251748c7 [KEYCLOAK-5148] - Create authorization settings when creating a new client using a config file 2017-07-05 18:19:00 -03:00
Stian Thorgersen
454c5f4d83 Set version to 3.3.0.CR1-SNAPSHOT 2017-06-30 09:47:11 +02:00
Josh Cain
89fcddd605 KEYCLOAK-3592 Docker auth implementation 2017-06-29 06:37:34 +02:00
Léventé NAGY
1a50e77a4d Merge branch 'master' into feature/group-search-and-pagination 2017-06-26 20:36:36 +02:00
Bill Burke
bc05560d4d Merge remote-tracking branch 'upstream/master' 2017-06-26 11:41:12 -04:00
Stian Thorgersen
1c10199698 Merge pull request #4252 from hmlnarik/KEYCLOAK-5078-ConcurrencyTest-fails-intermittently
KEYCLOAK-5078 ConcurrencyTest fails intermittently
2017-06-26 12:48:37 +02:00
Hynek Mlnarik
955cbc76d7 KEYCLOAK-5030 Change action tokens cache type to distributed 2017-06-26 10:11:53 +02:00
Bill Burke
3ee86fedc7 Merge remote-tracking branch 'upstream/master' 2017-06-23 09:57:35 -04:00
Hynek Mlnarik
8f9ed32a66 KEYCLOAK-5078 ConcurrencyTest fails intermittently
This commit fixes 401 Unauthorized issues
2017-06-23 15:16:23 +02:00
Léventé NAGY
41d8d17062 Merge branch 'master' into feature/group-search-and-pagination 2017-06-22 17:41:30 +02:00
Levente NAGY
124bf43a27 [KEYCLOAK-2538] - groups count for pagination 2017-06-22 17:32:38 +02:00
Bill Burke
d08ddade2e merge 2017-06-21 17:43:54 -04:00
Bill Burke
52e40922bc removal 2017-06-21 17:42:57 -04:00
mposolda
fc61a4e89f KEYCLOAK-4631 Move ClientInitialAccessModel from userSession model to realm model 2017-06-21 22:14:20 +02:00
Marek Posolda
be5291f710 Merge pull request #4242 from mposolda/master
KEYCLOAK-4438 Disable kerberos flow when provider removed
2017-06-21 11:54:50 +02:00
mposolda
e91dd011c5 KEYCLOAK-4438 Disable kerberos flow when provider removed 2017-06-21 09:38:20 +02:00
Hynek Mlnarik
2e2d15be9f KEYCLOAK-4189 Infinispan cache and channel statistics for Cross-DC-testing 2017-06-20 12:48:08 +02:00
Pedro Igor
6202222da4 Merge pull request #4221 from pedroigor/KEYCLOAK-5051
[KEYCLOAK-5051] - Invalidate authz cache when realm cache is cleared
2017-06-14 07:53:46 -03:00
Pedro Igor
473065fd31 [KEYCLOAK-5051] - Invalidate authz cache when realm cache is cleared 2017-06-12 12:29:21 -03:00
Hynek Mlnarik
a0f3a6469f KEYCLOAK-4189 - Cross DC testing 2017-06-12 11:14:28 +02:00
Pedro Igor
84d2d7b431 Missing invalidation for some queries cache 2017-06-08 18:09:44 -03:00
Levente NAGY
f377a45c4e [KEYCLOAK-2538] - groups count for pagination limits 2017-06-07 20:52:22 +02:00
Levente NAGY
c4da7637d6 [KEYCLOAK-2538] - groups pagination and group search 2017-06-06 18:32:48 +02:00
Bill Burke
b9f7a43a72 group permissions 2017-06-01 20:16:35 -04:00
Stian Thorgersen
684689d40d Merge pull request #3561 from glavoie/KEYCLOAK-3990
KEYCLOAK-3990: Very slow use of NamedQueries.
2017-05-29 09:39:39 +02:00
Pedro Igor
554e692d8f Merge pull request #4171 from pedroigor/KEYCLOAK-4913
[KEYCLOAK-4913] - Caching more query methods
2017-05-23 17:40:51 -03:00
Pedro Igor
1d5bd2567e [KEYCLOAK-4913] - Caching more query methods 2017-05-23 16:13:20 -03:00
Gabriel Lavoie
e59aeb56cc KEYCLOAK-3990: Very slow use of NamedQueries.
- Generates too many auto-flush checks by Hibernate.
- Moved to collections mapping to allow batching and the use of Hibernate L2 cache.
2017-05-23 08:09:39 -04:00
Stian Thorgersen
e3a04ebd90 Merge pull request #3557 from glavoie/KEYCLOAK-3988
KEYCLOAK-3988: Multiple missing indexes on FKs.
2017-05-23 14:07:51 +02:00
Pedro Igor
37a98fba20 [KEYCLOAK-4913] - Caching more query methods 2017-05-22 19:08:24 -03:00
Bill Burke
ab763e7c5b fixes after merge 2017-05-19 15:54:36 -04:00
mposolda
e2a7b71cf3 KEYCLOAK-4939 ConcurrentLoginTest broken in latest master 2017-05-19 14:00:52 +02:00
Bill Burke
2cac8b1bb7 KEYCLOAK-4929 2017-05-18 16:53:31 -04:00
Bill Burke
c291748f43 KEYCLOAK-4929 2017-05-18 16:48:04 -04:00
mposolda
c178a2392d KEYCLOAK-4907 Fix postgresql and mssql. Fix migration 2017-05-17 22:44:44 +02:00
Gabriel Lavoie
4581272dcd KEYCLOAK-3988: Multiple missing indexes on FKs. 2017-05-15 08:15:58 -04:00
Marek Posolda
70d7e07526 Merge pull request #4132 from mposolda/cross-dc4-squash
KEYCLOAK-4626 KEYCLOAK-4627 Authentication sessions & Action tokens
2017-05-15 12:46:43 +02:00
Pedro Igor
d824b4d93c Changing cache key for findByResource 2017-05-12 10:25:06 -03:00
Pedro Igor
7569493b17 Invalidating cache for findByowner 2017-05-12 10:23:54 -03:00
mposolda
7d8796e614 KEYCLOAK-4626 Support for sticky sessions with AUTH_SESSION_ID cookie. Clustering tests with embedded undertow. Last fixes. 2017-05-11 22:24:07 +02:00
Hynek Mlnarik
b8262a9f02 KEYCLOAK-4628 Single-use cache + its functionality incorporated into reset password token. Utilize single-use cache for relevant actions in execute-actions token 2017-05-11 22:16:26 +02:00
mposolda
db8b733610 KEYCLOAK-4626 Fix TrustStoreEmailTest and PolicyEvaluationCompositeRoleTest. Distribution update 2017-05-11 22:16:26 +02:00
Hynek Mlnarik
c431cc1b01 KEYCLOAK-4627 IdP email account verification + code cleanup. Fix for concurrent access to auth session notes 2017-05-11 22:16:26 +02:00
mposolda
168153c6e7 KEYCLOAK-4626 Authentication sessions - SAML, offline tokens, broker logout and other fixes 2017-05-11 22:16:26 +02:00
mposolda
e7272dc05a KEYCLOAK-4626 AuthenticationSessions - brokering works. Few other fixes and tests added 2017-05-11 22:16:26 +02:00
mposolda
a9ec69e424 KEYCLOAK-4626: AuthenticationSessions - working login, registration, resetPassword flows 2017-05-11 22:16:26 +02:00
mposolda
83b29c5080 KEYCLOAK-4626 AuthenticationSessions: start 2017-05-11 22:16:26 +02:00
Pedro Igor
e14be4460b [KEYCLOAK-4867] - Cluster events and invalidations 2017-05-05 22:48:51 -03:00
Stian Thorgersen
8da766e02e Merge pull request #4104 from sjvs/master
Fix three lgtm.com alerts: two possible NPEs, one possible int overflow
2017-05-05 13:13:02 +02:00
Bill Burke
af792b8abe fix 2017-04-29 17:03:36 -04:00
Bill Burke
1f4311a02c KEYCLOAK-4821 2017-04-29 10:41:32 -04:00
Bas van Schaik
eb93eef874 Fix lgtm.com alert: variable 'config' is always null (likely false logic)
Details:
https://lgtm.com/projects/g/keycloak/keycloak/snapshot/dist-7900299-1490802114895/files/model/jpa/src/main/java/org/keycloak/models/jpa/JpaUserCredentialStore.java#V122
2017-04-28 14:50:30 +01:00
Eriksson Fabian
ca1152c3e5 KEYCLOAK-4204 Extend brute force protection with permanent lockout on failed attempts
- Can still use temporary brute force protection.
- After X-1 failed login attempt, if the user successfully logs in his/her fail login count is reset.
2017-04-28 09:02:10 +02:00
Stian Thorgersen
87dedb56e5 Set version to 3.2.0.CR1-SNAPSHOT 2017-04-27 14:23:03 +02:00
mposolda
8000baeb1f KEYCLOAK-4789 Can't remove userStorage when linked users have consent 2017-04-25 11:32:26 +02:00
Stian Thorgersen
54ee055bd8 KEYCLOAK-4671 Add server-private-spi to dependency deployer 2017-04-25 10:16:24 +02:00
mposolda
d05a894831 KEYCLOAK-4326 KEYCLOAK-4588 Can't get granted consents if client template mappers were consented to 2017-04-24 15:44:38 +02:00
mposolda
1fd5af840b KEYCLOAK-4525 Deleting a client with existing sessions/offline_tokens leads to Internal Server Errors 2017-04-24 11:24:09 +02:00
Pedro Igor
bf69bc94bb [KEYCLOAK-4754] - Unable to delete realm when using aggregated policies 2017-04-20 12:10:52 -03:00
Pedro Igor
8e877a7f6c [KEYCLOAK-3135] - More tests 2017-04-12 14:34:27 -03:00
Pedro Igor
eec712a259 [KEYCLOAK-3135] - Role and user policies apis 2017-04-12 00:52:14 -03:00
Pedro Igor
54ebc1918c [KEYCLOAK-3135] - Using abstract policy representation when creating policies and updating tests 2017-04-12 00:52:13 -03:00
Pedro Igor
55f747ecd0 [KEYCLOAK-3135] - Part 1: Permission Management API 2017-04-12 00:52:13 -03:00
Pedro Igor
1f50421a54 [KEYCLOAK-4726] - Multiple role policies crash realm delete 2017-04-06 12:36:03 -03:00
Jared Blashka
61bd9bb58c Fix CachePolicy.MAX_LIFESPAN invalidation 2017-03-20 22:56:35 -04:00
Stian Thorgersen
a87ee04024 Bump to 3.1.0.CR1-SNAPSHOT 2017-03-16 14:21:40 +01:00
Johannes Knutsen
9a0de676c4 KEYCLOAK-4559 Filter users by realm id when searching for user by user attribute 2017-03-14 11:05:12 +01:00
Pedro Igor
e7e6314146 [KEYCLOAK-4555] - Fixes and improvements to evaluation code 2017-03-13 14:08:54 -03:00
Stian Thorgersen
e7cd8d41c6 Merge pull request #3558 from glavoie/KEYCLOAK-3989
KEYCLOAK-3989: Replacing COMPOSITE_ROLE Collection with Set.
2017-03-10 12:00:59 +01:00
Bill Burke
efffcc5f41 Merge pull request #3915 from TeliaSoneraNorge/KEYCLOAK-4524
KEYCLOAK-4524
2017-03-08 10:08:04 -05:00
Martin Hardselius
a0a85f62c6 KEYCLOAK-4524 possible to add identity prover mappers with same name into single identity provider
- unique name enforcement working
- test added
2017-03-03 16:40:49 +01:00
Bill Burke
3bb29e033b KEYCLOAK-4501, KEYCLOAK-4511, KEYCLOAK-4513 2017-03-03 09:48:52 -05:00
Stian Thorgersen
49ac3587b6 KEYCLOAK-4384 Remove Mongo support 2017-02-15 15:20:58 +01:00
Bill Burke
d9633dc20c Merge remote-tracking branch 'upstream/master' 2017-02-09 09:13:00 -05:00
Bill Burke
cf5e2a1d20 unlink/remoteimported 2017-02-08 19:48:22 -05:00
Stian Thorgersen
1c7de24084 Merge pull request #3832 from stianst/KEYCLOAK-4370
KEYCLOAK-4370 Prevent LDAP provider from being migrated twice
2017-02-06 08:21:30 +01:00
Stian Thorgersen
f73aaef67a KEYCLOAK-4370 Prevent LDAP provider from being migrated twice 2017-02-03 10:05:57 +01:00
Bill Burke
0d308e2b69 KEYCLOAK-4218 2017-01-31 15:15:49 -05:00
Stian Thorgersen
6f22f88d85 Bump version to 3.0.0.CR1 2017-01-26 06:18:11 +01:00
mposolda
e487db349c KEYCLOAK-4274 Fix recursive composite role mappings 2017-01-23 17:55:45 +01:00
Stian Thorgersen
99e1eac094 Merge pull request #3775 from hmlnarik/KEYCLOAK-2847-Unexpected-error-when-trying-to-update-clientTemplate-to-already-existing-name
KEYCLOAK-2847 Fix exception convertor for Wildfly
2017-01-23 13:00:58 +01:00
Stian Thorgersen
7410bdb31c Merge pull request #3756 from mstruk/KEYCLOAK-3657
KEYCLOAK-3657 Role id is not preserved during import-export operation
2017-01-23 09:59:02 +01:00
Hynek Mlnarik
13e4f607ad KEYCLOAK-2847 Fix exception convertor for Wildfly 2017-01-19 18:11:51 +01:00
Bill Burke
73d3e8afd9 Merge pull request #3770 from patriot1burke/master
KEYCLOAK-4077
2017-01-19 07:35:10 -05:00
Bill Burke
8daa2c3703 KEYCLOAK-4256 2017-01-18 18:28:08 -05:00
Pedro Igor
c19360c6f2 [KEYCLOAK-4203] - Removing references to Drools 2017-01-18 12:44:30 -02:00
Marko Strukelj
7de999a7f9 KEYCLOAK-3657 Role id is not preserved during import-export operation 2017-01-13 17:46:30 +01:00
Bill Burke
aa78c9eaf5 Merge pull request #3666 from hmlnarik/KEYCLOAK-4072-User-ID-from-User-Storage-Provider-too-long-for-Offline-User-Session
KEYCLOAK-4072 Add explicit check for key format
2017-01-13 09:39:45 -05:00
mposolda
9a6f202c46 KEYCLOAK-4137 Significant performance lag in 'get client role by role name' 2017-01-12 11:55:58 +01:00
mposolda
7098daaf72 KEYCLOAK-4066 TimeoutException in cluster environment in ClearExpiredSessions 2017-01-11 12:27:51 +01:00
Bill Burke
d075172fd2 KEYCLOAK-3617 KEYCLOAK-4117 KEYCLOAK-4118 2017-01-09 17:14:20 -05:00
Stian Thorgersen
8a0859fcba Merge pull request #3700 from stianst/KEYCLOAK-2980
KEYCLOAK-2980 Fix admin query for resource path
2017-01-04 07:01:19 +01:00
Stian Thorgersen
b7c98ed433 KEYCLOAK-2980 Fix admin query for resource path 2017-01-03 10:34:21 +01:00
Stian Thorgersen
1c0e204f50 Merge pull request #3690 from stianst/master
Bump version to 2.5.1.Final-SNAPSHOT
2017-01-02 08:52:04 +01:00
mposolda
b5317f3485 RHSSO-377 Added reproducer unit test L1SerializationIssueTest 2016-12-22 11:41:10 +01:00
Stian Thorgersen
e805ffd945 Bump version to 2.5.1.Final-SNAPSHOT 2016-12-22 08:22:18 +01:00
Pedro Igor
85446c3b46 Merge pull request #3688 from pedroigor/KEYCLOAK-4125
[KEYCLOAK-4125] - Fixing when running in a cluster
2016-12-21 20:34:10 -02:00
Pedro Igor
df7a68b709 [KEYCLOAK-4125] - Fixing when running in a cluster 2016-12-21 20:04:08 -02:00
mposolda
c998198aac KEYCLOAK-4128 ResourcePermissionManagementTest fails on Oracle DB 2016-12-21 13:01:37 +01:00
Stian Thorgersen
663b99d884 KEYCLOAK-4127
Temporarily disable cache for authorization services as it breaks clustering
2016-12-21 08:36:24 +01:00
Hynek Mlnarik
66eb9095c1 KEYCLOAK-4122 2016-12-20 20:28:13 +01:00
mposolda
96f2985e86 Fix StackOverflowError on Mongo 2016-12-20 12:21:21 +01:00
mposolda
aee8398ee8 KEYCLOAK-4072 Minor update 2016-12-20 11:42:24 +01:00
Bill Burke
8b5aafc4b4 KEYCLOAK-4072 2016-12-20 09:42:43 +01:00
Pedro Igor
c9c8acd029 [KEYCLOAK-4034] - Invalidating policy cache when creating resources and scopes 2016-12-19 20:28:49 -02:00
Pedro Igor
40591cff25 Merge pull request #3662 from pedroigor/KEYCLOAK-4034
[KEYCLOAK-4034] - Improvements to UI, performance and some code cleanup
2016-12-19 16:49:10 -02:00
Pedro Igor
5cf5168770 [KEYCLOAK-4034] - Improvements to UI, performance and some code cleanup 2016-12-19 16:48:16 -02:00
Marek Posolda
c6363aa146 Merge pull request #3630 from sldab/duplicate-email-support
KEYCLOAK-4059 Support for duplicate emails
2016-12-19 15:37:18 +01:00
Pedro Igor
c9c9f05e29 [KEYCLOAK-4034] - Improvements to UI, performance and some code cleanup 2016-12-19 11:22:37 -02:00
Stian Thorgersen
3bd3d0285d Merge branch 'duplicate-groups' of https://github.com/ssilvert/keycloak into ssilvert-duplicate-groups 2016-12-19 13:07:39 +01:00
Hynek Mlnarik
3e3216fb23 KEYCLOAK-4072 Add explicit check for key format 2016-12-19 11:01:45 +01:00
Slawomir Dabek
93cec9b3ee KEYCLOAK-4059 Support for duplicate emails 2016-12-19 10:55:12 +01:00
Bill Burke
9b18601102 KEYCLOAK-3973 2016-12-07 16:10:33 -05:00
Bill Burke
223cc1fb50 KEYCLOAK-3973 2016-12-07 12:56:03 -05:00
Bill Burke
77d17de14d Merge pull request #3611 from patriot1burke/master
KEYCLOAK-3620
2016-12-06 08:18:36 -05:00
Marek Posolda
3826e933c1 Merge pull request #3609 from hmlnarik/KEYCLOAK-3439-database-encoding
KEYCLOAK-4026 - Workaround for liquibase error in MySQL/MariaDB
2016-12-06 10:25:08 +01:00
Marek Posolda
c8b22e71f0 Merge pull request #3573 from glavoie/KEYCLOAK-4003
KEYCLOAK-4003: Slow Infinispan RoleAdapter.hasRole() call.
2016-12-06 09:49:42 +01:00
Bill Burke
6587cd2478 KEYCLOAK-3620 2016-12-05 17:51:06 -05:00
Hynek Mlnarik
819105c3aa KEYCLOAK-4026 - Workaround for liquibase error in MySQL/MariaDB 2016-12-05 16:48:52 +01:00
Gabriel Lavoie
32c23c2410 KEYCLOAK-4002: realmRevisions cache too small with high number of realms.
- Increased the hardcoded default value to help running master with high number of realms.
- Added a value computation based on the realms cache max size (to match the userRevisions cache configuration pattern).
- Computed revisions cache size is now 2 times the configured maximum cache size.
- Added a maximum realms cache size configuration to the different standalone.xml templates.
- Added a missing users cache size configuration to standalone.xsl.
2016-12-05 08:07:24 -05:00
Bill Burke
e8f2527fcd Merge pull request #3555 from vramik/KEYCLOAK-3977
KEYCLOAK-3977 fix logicalFilePath for jpa-changelog-1.0.0.Final-db2.xml
2016-12-03 13:44:54 -05:00
Bill Burke
305dcb2b1e Merge pull request #3552 from hmlnarik/KEYCLOAK-3439-database-encoding
KEYCLOAK-3439, KEYCLOAK-3893, KEYCLOAK-3894 - Support for Unicode
2016-12-03 13:44:10 -05:00
Bill Burke
54758b800b Merge pull request #3585 from abstractj/KEYCLOAK-4011
[KEYCLOAK-4011] - Integrity constraint error when try to delete SSSD Federation Provider
2016-12-03 13:37:36 -05:00
Bill Burke
88d08c4f38 component query and remove provider alis fix 2016-12-03 11:34:48 -05:00
Bill Burke
672e1b3575 oops 2016-12-02 20:14:01 -05:00
Bill Burke
ce50b0ed29 Merge remote-tracking branch 'upstream/master' 2016-12-02 19:26:34 -05:00
Bill Burke
e88af874ca finish 2016-12-02 19:25:17 -05:00
Bruno Oliveira
e7dd49b453 [KEYCLOAK-4011] - Integrity constraint error when try to delete SSSD Federation Provider 2016-12-02 06:52:29 -02:00
Hynek Mlnarik
46d3555798 KEYCLOAK-3439, KEYCLOAK-3893, KEYCLOAK-3894 - Support for Unicode
Treatment of Unicode characters varies among databases. This change
adds support for Unicode characters in the following fields:

* Realms: display name, HTML display name
* Users: username, given name, last name, attribute values
* Groups: name, attribute values
* Components: attribute values
* Roles: name
* Descriptions of objects

Unicode support for the rest of the fields depends on database vendor
and is described in the installation guide in more detail.
2016-12-01 17:23:58 +01:00
Gabriel Lavoie
6fa504489f KEYCLOAK-4003: Slow Infinispan RoleAdapter.hasRole() call.
- Added a session/query cache for the result getComposites() to avoid always hitting the Infinispan cache.
- KeycloakModelUtils doesn't rely anymore on a "visited" set as performance seems good without it.
- Added test for multiple levels of composite roles. Only one level was covered.
2016-11-30 10:56:26 -05:00
Stian Thorgersen
b771b84f56 Bump to 2.5.0.Final-SNAPSHOT 2016-11-30 15:44:51 +01:00
mposolda
ec49d10007 KEYCLOAK-3997 InfinispanKeyStorageProviderTest was failing 2016-11-30 08:38:35 +01:00
Bill Burke
b33afcd47c KEYCLOAK-3903 KEYCLOAK-3960 2016-11-29 16:43:06 -05:00
Gabriel Lavoie
4910b35d69 KEYCLOAK-3989: Replacing COMPOSITE_ROLE Collection with Set.
- Hibernate optimization that avoids deleting/re-inserting all composite roles when adding/removing a composite.
2016-11-28 09:43:05 -05:00
mposolda
69ce1e05f0 KEYCLOAK-3822 Changing signature validation settings of an external IdP is not sometimes reflected 2016-11-28 15:27:25 +01:00
Vlasta Ramik
8d3136188d KEYCLOAK-3977 fix logicalFilePath for jpa-changelog-1.0.0.Final-db2.xml 2016-11-28 14:52:09 +01:00
mposolda
7c6032cc84 KEYCLOAK-3825 Ability to expire publicKeys cache. Migrated OIDCBrokerWithSignatureTest to new testsuite 2016-11-25 17:45:37 +01:00
Bill Burke
ccbd8e8c70 remove User Fed SPI 2016-11-23 16:06:44 -05:00
Bill Burke
d5925b8ccf remove realm UserFed SPI methods 2016-11-23 08:31:20 -05:00
Bill Burke
045d6ef1d0 Merge remote-tracking branch 'upstream/master' 2016-11-22 11:28:09 -05:00
Stian Thorgersen
6ec82865d3 Bump version to 2.4.1.Final-SNAPSHOT 2016-11-22 14:56:21 +01:00
Bill Burke
50fc083d97 fix migration scripts 2016-11-21 11:43:09 -05:00
Bill Burke
798fd84698 Merge remote-tracking branch 'upstream/master' 2016-11-21 11:33:52 -05:00
Bill Burke
19575b2c8f port kerberos 2016-11-21 11:33:44 -05:00
mposolda
6df7a80352 KEYCLOAK-3931 Fix Mongo to have LDAP tests pass 2016-11-21 11:25:18 +01:00
mposolda
da52a5c9cf KEYCLOAK-3930 KEYCLOAK-3931 LDAP and Mongo fixes 2016-11-18 20:02:02 +01:00
mposolda
76bfbad2c4 KEYCLOAK-3895 Make UserSessionProvider and UserSessionPersisterProvider to rely on UserRemovedEvent callbacks 2016-11-18 15:58:33 +01:00
Stian Thorgersen
7043ecc21b KEYCLOAK-3881 Fix login status iframe with * origin 2016-11-18 12:50:52 +01:00
mposolda
a27be0cee7 KEYCLOAK-3857 Clustered invalidation cache fixes and refactoring. Support for cross-DC for invalidation caches. 2016-11-16 22:29:23 +01:00
Bill Burke
8794416241 fix db2 2016-11-14 16:22:30 -05:00
Bill Burke
cc0eb47814 merge 2016-11-14 15:09:41 -05:00
Bill Burke
c280634bfa fix tests 2016-11-14 15:06:17 -05:00
Hynek Mlnarik
223041bc6b KEYCLOAK-3734 Unify master changelog of DB2 and other databases 2016-11-14 15:19:54 +01:00
Bill Burke
4ce055cede mongo ldap migration script 2016-11-11 09:06:25 -05:00
Bill Burke
8a5f817030 ldap jpa migration 2016-11-10 16:52:18 -05:00
Stian Thorgersen
7e33f4a7d1 KEYCLOAK-3882 Split server-spi into server-spi and server-spi-private 2016-11-10 13:28:42 +01:00
Stan Silvert
80b071024f KEYCLOAK-2720: Add unique constraint 2016-11-08 15:05:19 -05:00
Bill Burke
14dc0ff92f Merge remote-tracking branch 'upstream/master' 2016-11-05 20:05:01 -04:00
Bill Burke
4302b440ee ldap port 2016-11-05 20:04:53 -04:00
Bill Burke
c75dcb90c2 ldap port 2016-11-04 21:25:47 -04:00
Pedro Igor
4bf5da8fac Merge pull request #3371 from brewers/bug/cache-dynamic-resource
KEYCLOAK-3752 : Include programmatically created resources in the resource cache
2016-11-02 07:19:04 -02:00
Stian Thorgersen
3d46b4c425 KEYCLOAK-3667 2016-10-28 08:43:24 +02:00
Bill Burke
b67cb0e97a Merge remote-tracking branch 'upstream/master' 2016-10-25 11:44:22 -04:00
Bill Burke
3e28ac1e46 user spi cache policy 2016-10-24 15:36:37 -04:00
Stian Thorgersen
4d47f758fc Merge pull request #3405 from stianst/master
Bump version
2016-10-21 10:11:59 +02:00
Stian Thorgersen
c615674cbb Bump version 2016-10-21 07:03:15 +02:00
Bill Burke
fd86f3bda8 Merge pull request #3399 from patriot1burke/master
realm cache event
2016-10-20 14:02:41 -04:00
Stian Thorgersen
390becb935 Merge pull request #3394 from hmlnarik/KEYCLOAK-3769
KEYCLOAK-3769 Workaround for ChangeLogService stale instance
2016-10-20 19:43:24 +02:00
Bill Burke
139158e614 fix 2016-10-20 12:36:24 -04:00
mposolda
c4ad84945c KEYCLOAK-3773 Testsuite failing with mongo 2016-10-20 17:47:34 +02:00
Bill Burke
36c2422fa4 realm cache event 2016-10-20 10:35:28 -04:00
Hynek Mlnarik
d59f6e397f KEYCLOAK-3769 Workaround for ChangeLogService stale instance
Before applying update or validation operation, Liquibase
ChangeLogService needs to be reset to forget about previously set
change log table. Reason is that the factory creating the
ChangeLogService caches this service per DB connection, not per
Liquibase object, hence changes in name of change log table needed for
custom JpaEntityProvider are not reflected and use only the first
change log table name, i.e. the change log table of the main database.
2016-10-20 14:57:51 +02:00
Bill Burke
cdf7dd3a6c Merge pull request #3372 from patriot1burke/master
onCreate for Components
2016-10-19 16:21:20 -04:00
mposolda
3779bfb6b4 KEYCLOAK-3666 client registration policies - polishing 2016-10-19 17:45:23 +02:00
Bill Burke
fdb8c04ac9 Merge remote-tracking branch 'upstream/master' 2016-10-19 10:06:48 -04:00
Bill Burke
46e32b36d2 onCreate for Components 2016-10-19 10:06:09 -04:00
Hynek Mlnarik
49d3d3f6e3 KEYCLOAK-3698 Manual migration - custom JpaEntityProvide changelog table
Reflect in the SQL script that custom JpaEntityProviders have their
own changelog tables, and issue DDL commands to create them when
initializing a new database.
2016-10-19 12:08:14 +02:00
Cherian Mathew
2bba6af6d9 Include programmatically created resources in the resource cache 2016-10-19 11:04:22 +02:00
Bill Burke
d941e07169 Merge pull request #3350 from patriot1burke/master
federated import/export to json
2016-10-18 14:15:25 -04:00
Stian Thorgersen
a87c08416d Merge pull request #3346 from hmlnarik/KEYCLOAK-3588
KEYCLOAK-3698 Make manual update scripts play nicely with custom JpaEntityProviders
2016-10-18 19:41:02 +02:00
Bill Burke
2199df71bf Merge remote-tracking branch 'upstream/master' 2016-10-18 10:14:00 -04:00
Bill Burke
4182e4d92a federated import/export 2016-10-18 10:13:51 -04:00
Marek Posolda
940237ee78 Merge pull request #3304 from hmlnarik/KEYCLOAK-2964
KEYCLOAK-2964 - Fix groups not applied for authentication of admin operations
2016-10-18 14:50:12 +02:00
Hynek Mlnarik
658988ccd0 KEYCLOAK-3588 Make manual update scripts play nicely with custom JpaEntityProviders 2016-10-18 13:59:24 +02:00
Marek Posolda
386bf8d39e Merge pull request #3344 from hmlnarik/KEYCLOAK-3732
KEYCLOAK-3732 Include 2.3.0 DB changelog for DB2
2016-10-18 10:29:01 +02:00
Hynek Mlnarik
2ea93b8a8b KEYCLOAK-3732 Include 2.3.0 DB changelog for DB2 2016-10-18 09:53:27 +02:00
Hynek Mlnarik
9df3091b22 KEYCLOAK-3588 Update comment with related KC issue 2016-10-18 08:17:18 +02:00
Stian Thorgersen
06ad1537c8 Merge pull request #3323 from hmlnarik/KEYCLOAK-3639
KEYCLOAK-3639 Drop default value that prevents MSSQL update
2016-10-17 19:40:05 +02:00
Stian Thorgersen
3b2f7630bb Merge pull request #3320 from hmlnarik/KEYCLOAK-3698
KEYCLOAK-3698: Add creation of DB changelog to SQL script
2016-10-17 18:55:45 +02:00
Stian Thorgersen
7c09b0c7b4 Merge pull request #3319 from hmlnarik/KEYCLOAK-3588
KEYCLOAK-3588: DB up-to-date check should not modify DB
2016-10-17 18:54:59 +02:00
Geir Ole Hiåsen Stevning
95f62c6aeb KEYCLOAK-3626 - CreatedDate and lastUpdatedDate on user consent 2016-10-17 13:53:12 +02:00
mposolda
18e0c0277f KEYCLOAK-3666 Dynamic client registration policies 2016-10-14 20:20:40 +02:00
Hynek Mlnarik
8bdd8f4274 KEYCLOAK-3639 Drop default value that prevents MSSQL update 2016-10-14 17:51:35 +02:00
Hynek Mlnarik
f256e2b102 KEYCLOAK-3588: DB up-to-date check should not modify DB
The DB up-to-date check uses Liquibase.listUnrunChangeSets() that in
its available variants unconditionally creates a DatabaseChangeLog
tables. Until the variant of listUnrunChangeSets() that suppresses this
behaviour is made public [1] (currently it is protected), workaround
has been implemented that invokes less invasive variant of
listUnrunChangeSets() via reflection.

[1] https://liquibase.jira.com/browse/CORE-2919
2016-10-14 14:29:01 +02:00
Hynek Mlnarik
3d47ab3665 KEYCLOAK-3698: Add creation of DB changelog to SQL script
Creation of database table DatabaseChangeLog was omitted from SQL
script which prevented creation of the database from scratch. The fix
adds DDL commands to create the table to the output SQL script in case
of empty database initialization.

Please note that DatabaseChangeLogLock is intentionally omitted. It is
created automatically before the update is even executed because a lock
is acquired (thus the table is properly created if it does not exist)
before check for up-to-dateness of database and potential migration in
KeycloakApplication constructor.
2016-10-14 14:27:07 +02:00
Bill Burke
8c8a39c833 sync and import 2016-10-13 20:49:02 -04:00
Bill Burke
0938390654 sync and import 2016-10-13 20:38:49 -04:00
Hynek Mlnarik
6578ce73a1 KEYCLOAK-3697: Evaluate preconditions when generating SQL script
Plus minor related change - replace deprecated call with equivalent
supported, add javadoc

Further info:
* http://forum.liquibase.org/topic/unexpected-behaviour-of-preconditions-with-updatesql
* http://stackoverflow.com/questions/17671923/liquibase-migrate-sql-does-not-check-precondtions
2016-10-13 13:00:33 +02:00
Stian Thorgersen
d2cae0f8c3 KEYCLOAK-905
Realm key rotation for OIDC
2016-10-13 11:19:52 +02:00
Hynek Mlnarik
03cf9bad2e KEYCLOAK-2964 - Fix groups not applied for authentication of admin operations 2016-10-11 15:21:38 +02:00
Bill Burke
c5600e888d revactor CredentialValidationOutput apis 2016-10-04 17:26:45 -04:00
Bill Burke
4af0976194 remove UserCredValueModel and hold hash providers 2016-10-04 12:34:15 -04:00
Marek Posolda
c32cf51808 Merge pull request #3254 from didiez/master
KEYCLOAK-3608 Update existing user single attribute removes all other attributes from user
2016-10-04 08:43:22 +02:00
mposolda
0f9798a10d KEYCLOAK-3493 KEYCLOAK-3532 Renamed KeyStorageProvider to PublicKeyStorageProvider 2016-10-03 15:23:50 +02:00
Bill Burke
d4c3fae546 merge conflicts 2016-09-30 19:19:12 -04:00
Bill Burke
6a4e413bf4 final mongo fixes 2016-09-30 19:08:34 -04:00
Bill Burke
110f6ad549 mongo fed 2016-09-30 16:48:59 -04:00
mposolda
f9a0abcfc4 KEYCLOAK-3493 KEYCLOAK-3532 Added KeyStorageProvider. Support key rotation for OIDC clients and identity providers with JWKS url. 2016-09-30 21:28:23 +02:00
Bill Burke
8967ca4066 refactor mongo entities, optimize imports 2016-09-28 15:25:39 -04:00
Stian Thorgersen
a58c985934 Merge pull request #3268 from stianst/REVIEW
KEYCLOAK-2438
2016-09-28 13:27:26 +02:00
Stian Thorgersen
34f62eb31d Fixes to [KEYCLOAK-2438] PR 2016-09-28 10:25:37 +02:00
Bill Burke
d65cc830eb mongo fixes 2016-09-27 17:07:16 -04:00
Bruno Oliveira
98d2fe15e8 [KEYCLOAK-2438] - Add display name to social login buttons
[KEYCLOAK-3291] - Names of social identity providers are wrongly capitalized (eg GitHub vs Github)
2016-09-26 13:36:28 -03:00
Bill Burke
ecc104719d bump pom version 2016-09-26 11:01:18 -04:00
Bill Burke
ff1326fe35 authenticator example updated 2016-09-23 16:50:08 -04:00
Bill Burke
8e65356891 creds 2016-09-22 19:57:39 -04:00
Bill Burke
7209a95dce credential refactoring 2016-09-22 08:34:45 -04:00
didiez
98bf095471 Keep setSingleAttribute from deleting all other attributes of the user being updated. 2016-09-22 10:42:24 +02:00
mposolda
9d79a847c8 KEYCLOAK-3547 Incorrect jpa-changelog-2.2.0.xml 2016-09-09 09:47:32 +02:00
Bill Burke
2a5c778af5 Merge pull request #3209 from patriot1burke/master
KEYCLOAK-3440
2016-09-08 09:10:54 -04:00
Stian Thorgersen
1f27fc9e4b Merge pull request #3153 from cargosoft/KEYCLOAK-3327
KEYCLOAK-3327 Make realm attributes accessible via the RealmModel
2016-09-08 08:00:14 +02:00
Bill Burke
3b9a6b32e1 Revert "Revert "KEYCLOAK-3440""
This reverts commit 01e48dc4b8.
2016-09-07 23:41:32 -04:00
Bill Burke
01e48dc4b8 Revert "KEYCLOAK-3440" 2016-09-07 23:17:35 -04:00
Bill Burke
3f35234cf5 Merge remote-tracking branch 'upstream/master' 2016-09-07 23:11:38 -04:00
Bill Burke
da135389c7 KEYCLOAK-3440 2016-09-07 23:11:28 -04:00
mposolda
5a015a6518 KEYCLOAK-3494 Input elements backed by user attributes fail to update in themes 2016-09-07 20:08:09 +02:00
Bill Burke
15d31a202f Merge remote-tracking branch 'upstream/master' 2016-09-06 08:56:17 -04:00
Bill Burke
6714c1a136 cred refactor 2016-09-06 08:55:47 -04:00
mposolda
494d9973a6 KEYCLOAK-3460 Support for ClientUpdatedEvent 2016-08-23 14:57:31 +02:00
Stian Thorgersen
c522a20ab9 KEYCLOAK-3447 Manual upgrade of database schema 2016-08-22 10:22:08 +02:00
Dimitri Teleguin
b109ce14b0 KEYCLOAK-3327 Make realm attributes accessible via the RealmModel 2016-08-18 23:28:32 +03:00
Pedro Igor
4cd0a8e894 [KEYCLOAK-3377] - Add pagination to authorization UI 2016-08-18 13:29:54 -03:00
Bill Burke
6c44e9befa Merge remote-tracking branch 'upstream/master' 2016-08-18 11:57:25 -04:00
Bill Burke
8e9cfc4a28 creds 2016-08-18 11:52:00 -04:00
Pedro Igor
bfe10e34e7 [KEYCLOAK-3390] - Updating authorization objects doesn't invalidate cache in cluster 2016-08-12 11:15:13 -03:00
mposolda
0520d465c1 KEYCLOAK-3414 Support for client registration from trusted hosts 2016-08-11 15:55:32 +02:00
mposolda
d52e043322 Set version to 2.2.0-SNAPSHOT 2016-08-10 08:57:18 +02:00
Bill Burke
ff703f935f component export/import 2016-08-09 12:25:04 -04:00
Thomas Darimont
e49afb2d83 KEYCLOAK-3142 - Revised according to codereview
Liquibase Moved schema evolution configuration from jpa-changelog-2.1.0
to jpa-changelog-2.2.0.
Corrected wrong ResourceType references in tests.
Adapted AdminEvents copy-routines to be aware of resourceType attribute.
Added ResourceType enum to exposed ENUMS of ServerInfoAdminResource.

Signed-off-by: Thomas Darimont <thomas.darimont@gmail.com>
2016-08-05 00:01:03 +02:00
Thomas Darimont
586f6eeece KEYCLOAK-3142 - Capture ResourceType that triggers an AdminEvent
Introduced new ResourceType enum for AdminEvents which lists
the current supported ResourceTypes for which AdminEvents
can be fired.

Previously it was difficult for custom EventListeners to figure
out which ResourceType triggered an AdminEvent in order
to handle it appropriately, effectively forcing users to parse
the representation.
Having dedicated resource types as a marker on an AdminEvent helps
to ease custom EventListener code.

We now also allow filtering of admin events by ResourceType in the
admin-console.

Signed-off-by: Thomas Darimont <thomas.darimont@gmail.com>
2016-08-04 11:30:02 +02:00
Bill Burke
534ee2e50c Merge remote-tracking branch 'upstream/master' 2016-08-03 19:16:45 -04:00
Bill Burke
70722d0d3d user storage provider jpa example 2016-08-03 19:16:11 -04:00
mposolda
bf3541414c KEYCLOAK-3393 Fix Keycloak on EAP7 overlay 2016-08-03 13:01:44 +02:00
mposolda
9242e972c0 Fix Oracle DB 2016-08-03 13:01:30 +02:00
mposolda
b3a55df1e7 Fixing mongo 2016-08-02 10:58:44 +02:00
Bill Burke
09693eb108 component model 2016-08-02 05:48:57 +02:00
mposolda
9688880837 Fix testsuite with mongo 2016-08-02 05:44:40 +02:00
mposolda
c5d40a76ff Fix DB2 and Oracle 2016-08-01 12:31:16 +02:00
Bill Burke
2219cd363e Merge pull request #3079 from patriot1burke/master
KEYCLOAK-3268
2016-07-28 07:22:45 -04:00
Pedro Igor
7e1b97888a [KEYCLOAK-3338] - Adding client roles to role policy and UX improvements 2016-07-27 15:15:14 -03:00
Bill Burke
69f051fb0a test user fed registration spi 2016-07-23 08:55:06 -04:00
Bill Burke
db852f7e11 preRemove 2016-07-22 14:24:37 -04:00
Bill Burke
06fca9c897 Merge remote-tracking branch 'upstream/master' 2016-07-22 11:42:14 -04:00
Bill Burke
72d134748c user fed spi querying tests 2016-07-22 11:42:07 -04:00
Marek Posolda
079026a7be Merge pull request #3055 from mposolda/master
KEYCLOAK-3344 Can't remove realm with mongo model
2016-07-21 14:18:49 +02:00
mposolda
981ff90c81 KEYCLOAK-3344 Can't remove realm with mongo model 2016-07-21 12:47:25 +02:00
Pedro Igor
484d5d6e08 [KEYCLOAK-3313] - UI improvements and messages 2016-07-20 22:11:24 -03:00
Bill Burke
c709598fdd user fed spi simple test 2016-07-20 10:59:45 -04:00
Stian Thorgersen
ea44b5888b KEYCLOAK-2824 Password Policy SPI 2016-07-14 07:20:30 +02:00
Pedro Igor
eba56e4784 Merge pull request #3027 from pedroigor/KEYCLOAK-3305
[KEYCLOAK-3305] - Cache is not properly handling failures when importing configuration
2016-07-12 17:57:47 -03:00
Pedro Igor
02896768f5 [KEYCLOAK-3305] - Cache is not properly handling failures when importing configuration 2016-07-12 13:57:49 -03:00
mposolda
a912ba3148 KEYCLOAK-3306 Added reproducer test for OutdatedTopologyException 2016-07-12 18:12:20 +02:00
mposolda
6e94931023 KEYCLOAK-3296 same user logging twice at the same time causes lock issue - HQL deletion patch 2016-07-11 19:40:24 +02:00
Bill Burke
0040d3fc3b Merge remote-tracking branch 'upstream/master' 2016-07-07 10:35:45 -04:00
Bill Burke
7e5a5f79cf fixes for new user fed spi 2016-07-07 10:35:35 -04:00
Stian Thorgersen
3fc215d041 KEYCLOAK-3202 Creating users causes memory leak 2016-07-05 19:54:55 +02:00
Stian Thorgersen
7cfee80e58 KEYCLOAK-3189 KEYCLOAK-3190 Add kid and typ to JWT header 2016-07-05 08:26:26 +02:00
Pedro Igor
74139ec787 [KEYCLOAK-3248] - Permissions don't unlink from resources and scopes 2016-07-04 09:33:46 -03:00
Bill Burke
a19469aba5 Merge remote-tracking branch 'upstream/master' 2016-06-30 17:18:17 -04:00
Bill Burke
b224917fc5 bump version 2016-06-30 17:17:53 -04:00
Bill Burke
3f1eecc4be Merge remote-tracking branch 'upstream/master' 2016-06-30 16:47:55 -04:00
Bill Burke
3ba3be877e fixes 2016-06-30 16:47:49 -04:00
Pedro Igor
afa9471c7c [KEYCLOAK-3128] - Admin Client Authorization Endpoints 2016-06-30 10:26:05 -03:00
Bill Burke
a9f6948d74 Merge remote-tracking branch 'upstream/master' 2016-06-29 15:37:32 -04:00
Bill Burke
f51098c50b user fed refactor 2016-06-29 15:37:22 -04:00
mposolda
9b9a656192 Fix Oracle DB 2016-06-23 13:23:44 +02:00
mposolda
f6ce1438fd Fix DB2 and MSSQL 2016-06-23 11:01:30 +02:00
mposolda
5c25619cd6 Fix ResourceManagementTest.testFindById to pass with other RDBMS besides H2 2016-06-23 09:42:59 +02:00
mposolda
f7a2ad021e KEYCLOAK-3141 Fix DB2 and some other DB issues 2016-06-22 17:06:55 +02:00
mposolda
5c731b4d14 KEYCLOAK-3149 DB update triggered before DBLock is retrieved 2016-06-21 17:14:25 +02:00
mposolda
c4513fdad9 KEYCLOAK-2474 Polishing. Support for separate changelock table per changelog. Support for authenticated endpoint in domain-extension example 2016-06-21 12:06:22 +02:00
Erik Mulder
f4ead484de KEYCLOAK-2474 Possibility to add custom SPI and extend the data model 2016-06-20 10:56:33 +02:00
Stian Thorgersen
1a9fada964 KEYCLOAK-2753 Refactor authz changelog into separate authz-master.xml 2016-06-17 13:40:22 +02:00
Stian Thorgersen
9030edc04d KEYCLOAK-2753 Removed unused imports from PolicyAdapter 2016-06-17 13:40:22 +02:00
Stian Thorgersen
3c0f7e2ee2 Merge pull request #2617 from pedroigor/KEYCLOAK-2753
[KEYCLOAK-2753] - Fine-grained Authorization Services
2016-06-17 13:40:15 +02:00
Pedro Igor
086c29112a [KEYCLOAK-2753] - Fine-grained Authorization Services 2016-06-17 02:07:34 -03:00
Stian Thorgersen
e538394e60 KEYCLOAK-3091 Change brute force to use userId 2016-06-13 15:30:13 +02:00
mposolda
5fc5bafbb6 KEYCLOAK-2714 Remove the pre-liquibase workarounds 2016-06-08 14:40:33 +02:00
Dane Barentine
2f4c2c20f9 KEYCLOAK-2973 Persist federated identity on token update 2016-05-05 14:51:17 -07:00
mposolda
5263101bc0 KEYCLOAK-2820 Mongo doesn't start on wildfly 2016-04-14 10:43:57 +02:00
mposolda
3c3bbdbbdb KEYCLOAK-2809 NPE when removing role, which is in scope of some ClientTemplate 2016-04-13 11:49:29 +02:00
mposolda
a52fb53ac7 Fix testsuite with Mongo 2016-04-13 09:55:28 +02:00
Bill Burke
8f7f9e0b9c KEYCLOAK-2790 2016-04-12 18:25:23 -04:00
Stian Thorgersen
d748f7e459 Merge pull request #2573 from stianst/KEYCLOAK-2700
KEYCLOAK-2700 Import existing realm fails due to can't delete group
2016-04-12 07:20:01 +02:00
mposolda
65f94fdf84 KEYCLOAK-2795 Testsuite fails sometimes with NPE in LockServiceFactory.getLockService 2016-04-11 10:09:15 +02:00
Stian Thorgersen
e588860c21 KEYCLOAK-2700 Import existing realm fails due to can't delete group 2016-04-11 09:18:57 +02:00
mposolda
90fc721315 KEYCLOAK-2614 Refactor database lock to use 'SELECT FOR UPDATE' pessimistic locking 2016-04-08 12:20:54 +02:00
mposolda
3d5055d920 KEYCLOAK-2737 Handle the databaseSchema: 'validate' against empty database 2016-04-06 11:43:41 +02:00
Stian Thorgersen
4a285bae9b KEYCLOAK-2748
Mark modules as private
2016-04-06 08:07:33 +02:00
Marek Posolda
1714422b10 Merge pull request #2487 from mposolda/master
databaseSchema option - proper support for "validate" for both JPA and Mongo
2016-04-05 08:48:33 +02:00
Bill Burke
8beff63dc0 KEYCLOAK-2669 2016-04-04 21:12:55 -04:00
mposolda
3a8b450575 KEYCLOAK-2737 connectionsMongo: Support for 'databaseSchema: validate' 2016-04-04 22:24:33 +02:00
mposolda
e6df30602e KEYCLOAK-2744 connectionsJpa: the databaseSchema 'validate' should check if database schema is updated to latest version 2016-04-04 22:24:25 +02:00
Bill Burke
4d5ae5dd68 KEYCLOAK-2512 2016-04-01 14:50:26 -04:00
mposolda
afd3a36ee4 KEYCLOAK-2737 Remove 'databaseSchema' property from connectionsMongo 2016-04-01 16:55:06 +02:00
mposolda
36bc97e3cd KEYCLOAK-2661 Broken migration from Keycloak 1.5 with Mongo 3 2016-03-31 22:30:41 +02:00
mposolda
c52500ce88 KEYCLOAK-2610 Add more indexes to database 2016-03-31 11:50:02 +02:00
Bill Burke
545fb8b849 KEYCLOAK-2716 2016-03-30 18:15:11 -04:00
mposolda
c9545e16f7 KEYCLOAK-2713 Fix error at startup 2016-03-24 15:30:53 +01:00
mposolda
c973dc9eee KEYCLOAK-2610 Ommit checks for default roles and groups during creation of user 2016-03-24 11:11:35 +01:00
mposolda
20fe2b75b5 KEYCLOAK-2710 Improve hibernate statistics report 2016-03-24 11:11:35 +01:00
mposolda
50f8846c3d KEYCLOAK-2610 Improve performance of creating users with MySQL 2016-03-23 22:36:31 +01:00
mposolda
22ce20ff6b KEYCLOAK-2710 Possibility to log some hibernate statistics 2016-03-23 22:36:31 +01:00
mposolda
f9595fc6c5 KEYCLOAK-2632 Remove flag from UserCacheSession.invalidateUsers 2016-03-22 21:39:35 +01:00
mposolda
4c6dd10e48 KEYCLOAK-2632 Caching of identity provider links 2016-03-22 21:39:35 +01:00
mposolda
5c912d3501 KEYCLOAK-2631 Caching of service account links 2016-03-22 07:08:47 +01:00
mposolda
e2e96f7183 KEYCLOAK-2630 Add caching for user consents 2016-03-22 07:07:42 +01:00
Bill Burke
b0264d528d trace log 2016-03-10 13:29:05 -05:00
Bill Burke
82ad26189f refactor user cache 2016-03-10 13:01:21 -05:00
Bill Burke
cd299c995b refactor cache 2016-03-10 13:01:20 -05:00
Stian Thorgersen
36f2febde1 Next is 2.0.0.CR1 2016-03-10 13:01:18 -05:00
mposolda
1939f25a71 KEYCLOAK-2601 Fix incorrectly autodetected dialect with MSSQL2014 2016-03-10 13:01:12 -05:00
Stian Thorgersen
76df229967 Next is 1.9.2.Final 2016-03-10 13:01:10 -05:00
mposolda
3ce6deaa1b Log DB info in arquillian testsuite 2016-03-10 13:01:09 -05:00
mposolda
12e5dfa3e5 Fix DB2 2016-03-10 13:01:06 -05:00
mposolda
4ff4f69343 KEYCLOAK-2611 Keycloak fails to start with Oracle DB 2016-03-10 13:01:05 -05:00
Dane Barentine
f72b0f3f6d Use createCredential so that authentication will work with both 2.x and 3.x MongoDB servers 2016-03-10 13:01:00 -05:00
mposolda
f8ec178fae KEYCLOAK-2529 More proper handling of DB errors during migration 2016-03-10 13:00:54 -05:00
mposolda
6d0e5d6ad1 KEYCLOAK-2529 Concurrent startup by more cluster nodes at the same time. Added DBLockProvider 2016-03-10 13:00:51 -05:00
Bill Burke
4be6dc2f0c cleanup cache 2016-03-04 10:30:48 -05:00
Jared Blashka
05c590ac88 Increase CERTIFICATE column size 2016-03-03 17:35:40 -05:00
Marek Posolda
002074bb30 Merge pull request #2320 from mposolda/master
KEYCLOAK-2523 Fix concurrency tests with all databases by track trans…
2016-03-03 12:34:29 +01:00
mposolda
a258dd51ee KEYCLOAK-2523 Fix concurrency tests with all databases by track transaction startup revision 2016-03-03 11:21:26 +01:00
Stian Thorgersen
b4239c40c1 KEYCLOAK-2547 NPE in TokenEndpoint and InfinispanUserSessionProvider 2016-03-03 10:45:05 +01:00
Bill Burke
a13bac4c9d concurrent transaction fix 2016-03-02 16:55:55 -05:00
Stian Thorgersen
ccfae82b77 KEYCLOAK-1040
Allow import of realm keys (like we do for SAML)
2016-02-29 09:35:08 +01:00
Bill Burke
a0696fcb97 clustered testing 2016-02-26 16:45:58 -05:00
Bill Burke
abddbfb3a4 clustered testing 2016-02-26 15:39:22 -05:00
Bill Burke
f10f00ba71 group list caching 2016-02-24 17:21:11 -05:00
Bill Burke
9488787986 Merge remote-tracking branch 'upstream/master' 2016-02-23 14:36:30 -05:00
Stian Thorgersen
3e1976b3e5 Merge pull request #2255 from stianst/master
Next is 1.9.1.Final-SNAPSHOT
2016-02-23 10:59:53 +01:00
mposolda
ad753a50a3 KEYCLOAK-2526 JPA migration from 1.8.1 doesn't work 2016-02-23 10:01:40 +01:00
Stian Thorgersen
a1d9753ec2 Next is 1.9.1.Final-SNAPSHOT 2016-02-23 08:48:26 +01:00
Bill Burke
599faa454b Merge remote-tracking branch 'upstream/master' 2016-02-22 17:17:01 -05:00
Bill Burke
4dcdaf4985 role cached queries 2016-02-22 17:16:35 -05:00
Stian Thorgersen
4fd97091ff Version bump to 2.0.0.CR1-SNAPSHOT 2016-02-22 11:36:56 +01:00
Bill Burke
daa09f9a41 more fine tuning 2016-02-20 09:40:04 -05:00
Bill Burke
1511f7088f javadoc 2016-02-19 17:08:45 -05:00
Bill Burke
2e64d01251 reorg caching 2016-02-19 16:38:31 -05:00
Bill Burke
c45524d8d4 caching 2016-02-19 15:44:19 -05:00
mposolda
a441be57ed KEYCLOAK-2508 Possible NullPointerException during bigger load when removing UserSession 2016-02-19 11:49:30 +01:00
Bill Burke
acf2d662c2 remove RealmModel.getClientNameMap() 2016-02-17 16:09:25 -05:00
Bill Burke
20348e5d0b remove RealmModel.getClientNameMap() 2016-02-17 16:05:25 -05:00
Bill Burke
d731189236 Merge remote-tracking branch 'upstream/master' 2016-02-17 14:57:38 -05:00
mposolda
e237bcd383 KEYCLOAK-2412 wildfly configs and polishing 2016-02-17 13:10:51 +01:00
mposolda
f52f998bcd KEYCLOAK-2495 Improve startup time with many offlineSessions in UserSessionPersister 2016-02-17 11:02:42 +01:00
mposolda
1328531f31 KEYCLOAK-2412 Added ClusterProvider. Avoid concurrent federation sync execution by more cluster nodes at the same time.
Clustering - more progress
2016-02-17 11:02:42 +01:00
Bill Burke
c9cc189602 make RealmModel unmodifiable collections 2016-02-12 16:28:07 -05:00
Bill Burke
24da8288eb Merge remote-tracking branch 'upstream/master' 2016-02-12 11:38:36 -05:00
Bill Burke
4ff1848681 javadoc 2016-02-12 11:38:12 -05:00
mposolda
969b8c153f KEYCLOAK-1989 Refreshing offline tokens didn't work correctly in cluster with revokeRefreshToken enabled 2016-02-12 12:54:47 +01:00
mposolda
e880a768c5 Fix MySQL 2016-02-12 09:06:12 +01:00
Bill Burke
860a104828 stress testing 2016-02-12 00:30:36 -05:00
Bill Burke
d79a7146ba fix cache 2016-02-11 22:01:54 -05:00
Bill Burke
8bf9ea838a remove some @JoinTables 2016-02-10 21:32:44 -05:00
Bill Burke
f2bd50335a errors 2016-02-10 20:47:27 -05:00
Bill Burke
fd212a2a2a Merge remote-tracking branch 'upstream/master' 2016-02-10 14:09:43 -05:00
Bill Burke
84949bb51f concurrency 2016-02-10 14:09:29 -05:00
Stian Thorgersen
bb77c717c9 KEYCLOAK-2303
Update dependency versions to align with WildFly 10
2016-02-10 09:07:06 +01:00
Bill Burke
0b54838f31 concurrency 2016-02-09 22:13:55 -05:00
Bill Burke
45e5cfac99 concurrency 2 2016-02-09 21:10:30 -05:00
Bill Burke
1c97b9c41d Merge remote-tracking branch 'upstream/master' 2016-02-09 12:26:11 -05:00
Bill Burke
347cdcbb28 concurrency 2016-02-09 12:25:48 -05:00
Stian Thorgersen
e5447f7f1e Merge pull request #2193 from stianst/KEYCLOAK-2455
KEYCLOAK-2455
2016-02-08 20:32:41 +01:00
Stian Thorgersen
ec20c004ba KEYCLOAK-2455
Typo in cached ClientTemplateAdapter
2016-02-08 19:40:42 +01:00
Bill Burke
ffc0e4f005 hashcode/equals on all entities/adapters 2016-02-08 12:20:14 -05:00
Stian Thorgersen
579ab56a5a Bump version to 1.9.0.Final-SNAPSHOT 2016-02-04 15:55:11 +01:00
mposolda
bae3ce4aab Fix failing test with DB2 2016-02-03 12:29:37 +01:00
Stian Thorgersen
c7a8742a36 KEYCLOAK-1524
Source code headers
2016-02-03 11:20:22 +01:00
mposolda
db76655717 KEYCLOAK-2431 Ensure users removed through UserManager to properly invoke callbacks. Make UserSessionPersister implementations more resistent when user was not properly removed 2016-02-03 10:16:39 +01:00
mposolda
8838486df6 KEYCLOAK-2404 Fix migration issue on postgres from 1.6.0 2016-02-02 17:05:54 +01:00
mposolda
958c379688 KEYCLOAK-1506 Mysql warning at startup 2016-02-02 14:28:34 +01:00
mposolda
dcebc453df KEYCLOAK-330 IBM DB2 support 2016-01-29 17:43:11 +01:00
mposolda
f2082d5e24 Fix testsuite with Sybase 2016-01-29 13:30:44 +01:00
Marek Posolda
a7619f90e2 Merge pull request #2128 from georgekankava/staging/long-suffix-L-should-be-upper-case-fix-1
squid:LowerCaseLongSuffixCheck - Long suffix "L" should be upper case
2016-01-29 13:20:42 +01:00
mposolda
8ed76c6921 Fix sybase 2016-01-29 08:36:05 +01:00
mposolda
6046d15279 KEYCLOAK-2364 Fix migration with MSSQL 2016-01-28 16:39:01 +01:00
George Kankava
e937dda556 squid:LowerCaseLongSuffixCheck - Long suffix "L" should be upper case 2016-01-28 19:06:41 +04:00
Bill Burke
93f85d34a7 Merge remote-tracking branch 'upstream/master' 2016-01-28 09:23:34 -05:00
mposolda
e1416b658f KEYCLOAK-1402 Postgresplus 9.4 support 2016-01-28 10:12:23 +01:00
Bill Burke
25347cd45e browser back button 2016-01-27 22:14:28 -05:00
Moritz Becker
35a2d176fa Fixed sql syntax error in credential migration script 2016-01-21 17:09:42 +01:00
Bill Burke
ad33d3c0d8 infinispan reorg 2016-01-20 14:52:04 -05:00
Stian Thorgersen
3dc090b893 KEYCLOAK-2185 Add support to disable realm and user cache, and added support to clear caches from admin console 2016-01-20 14:09:03 +01:00
Bill Burke
7d08d4c036 fixes 2016-01-19 18:11:45 -05:00
Bill Burke
4ed1eb66ee truststore httpclient 2016-01-19 17:29:16 -05:00
Bill Burke
17d856a5d8 mongo 2016-01-19 17:12:54 -05:00
Bill Burke
9b09a91481 consolidate JPA 2016-01-19 17:00:58 -05:00
Bill Burke
b93d55cb63 remove model-api, add server-spi 2016-01-15 18:44:17 -05:00
Thomas Darimont
39cb362d63 KEYCLOAK-2329 - fix wrong resourcePath in AdminEvent after creating new IdentityProvider stored via JPA.
We now propagate the generated internal id to the given IdentityProvider instance.
Previously if one creates a new IdentityProvider in a Realm with activated admin event listeners,
then a admin event is created that contains a resourcePath that ends with /null instead of /some-uuid.
2016-01-15 20:29:38 +01:00
Stian Thorgersen
435980d776 KEYCLOAK-1809
Upgrade jackson to version 2.x
2016-01-14 16:34:30 +01:00
Bill Burke
1e16803d7b Merge pull request #2021 from cainj13/providerConfigPassword
Add 'password' configuration field type for federation providers
2016-01-14 09:05:17 -05:00
Josh Cain
202d562022 Add 'password' configuration field type for federation providers 2016-01-13 13:05:38 -06:00
Stian Thorgersen
f8841d2365 Mark all SPIs as internal 2016-01-13 15:49:53 +01:00
Stian Thorgersen
e572d45bea KEYCLOAK-2142
Drop support to deploy server to EAP 6.4
2016-01-13 14:32:04 +01:00
Stian Thorgersen
0193c696ab Version bump 2016-01-13 09:20:38 +01:00
mposolda
3336d4d7ac KEYCLOAK-2290 bulk update of algorithm field during migration from 1.7 2016-01-12 18:04:50 +01:00
Stian Thorgersen
421dc6043d KEYCLOAK-2290
Migration: empty algorithm field on user credentials of type 'password'
2016-01-12 09:46:35 +01:00
mposolda
fe8755d4a4 Fix mongo model 2016-01-11 13:00:56 +01:00
Stian Thorgersen
bc14cade62 KEYCLOAK-2278
NoSuchMethodError org.infinispan.Cache.entrySet() in EAP6 server overlay
2016-01-11 10:07:04 +01:00
Stian Thorgersen
f1602b3b8d Merge pull request #1998 from ssilvert/partial-import
KEYCLOAK-1979: Partial import
2016-01-11 09:22:09 +01:00
Stan Silvert
fbff61bfba For overwrite, do all deletes, then all adds.
Minor UI enhancements.
Fix 2 JPA bugs.
General cleanup.
Documentation.
2016-01-08 13:45:22 -05:00
Bill Burke
78fe064cf0 2213 2016-01-07 17:25:47 -05:00
Bill Burke
71b6ed80ae Merge remote-tracking branch 'upstream/master' 2016-01-06 16:51:24 -05:00
Stian Thorgersen
a5c159eeff KEYCLOAK-2247
Upgrade to WildFly 10.0.0.CR5
2016-01-06 16:15:00 +01:00
Bill Burke
1cbe5c4c80 Merge remote-tracking branch 'upstream/master' 2016-01-06 10:03:27 -05:00
Bill Burke
4a472b8272 KEYCLOAK-1990 KEYCLOAK-1991 2016-01-06 10:02:56 -05:00
Stan Silvert
f6a02bd408 Clean commit for partial import with single page for all imports. 2016-01-05 15:33:42 -05:00
Bruno Oliveira
7ec0dad88f Make use of display name by default for TOTP
- use realm name just in case of display name is not available
2016-01-05 18:31:13 -02:00
Bill Burke
63975886cb Merge pull request #1974 from patriot1burke/master
set frameork for template config
2016-01-05 10:03:48 -05:00
mposolda
b6718b44a1 KEYCLOAK-2178 KEYCLOAK-1744 Added MSADUserAccountControlMapper. Removing enableUserAccountControlAfterPasswordUpdate option 2016-01-05 12:11:48 +01:00
Bill Burke
3bacbdf6ff set framework for template config 2016-01-04 17:13:15 -05:00
Bill Burke
6d5de7b44e Merge remote-tracking branch 'upstream/master' 2016-01-04 11:26:15 -05:00
Bill Burke
10eba78036 Merge remote-tracking branch 'upstream/master'
Conflicts:
	saml/saml-protocol/src/main/java/org/keycloak/protocol/saml/profile/ecp/SamlEcpProfileProtocolFactory.java
2016-01-04 11:25:14 -05:00
Stian Thorgersen
eece3689f2 KEYCLOAK-2228
Deleting of realm when using JPA requires server restart
2016-01-04 13:04:33 +01:00
Bill Burke
dbac147419 client config refactor 2015-12-22 17:50:03 -05:00
mposolda
41d22986d5 KEYCLOAK-1899 Added HardcodedLDAPRoleMapper 2015-12-22 16:22:02 +01:00
mposolda
1747e0981f KEYCLOAK-2154 Added Group mapper for LDAP. LDAP mappers improvements and fixes 2015-12-22 08:54:09 +01:00
Stian Thorgersen
606e6fa479 KEYCLOAK-1934
Add display-name and display-name-html to realm
2015-12-21 12:15:13 +01:00
Bill Burke
5caf3e0a2d Merge remote-tracking branch 'upstream/master' 2015-12-18 17:15:40 -05:00
Bill Burke
d939b6a431 template scope 2015-12-18 17:15:27 -05:00
Pedro Igor
1b614a379b [KEYCLOAK-2202] - Initial support for SAML ECP Profile. 2015-12-16 18:46:52 -02:00
mposolda
0d52e4e6c5 Added sync support to UserFederationMapper 2015-12-16 13:52:11 +01:00
mposolda
358c273d39 KEYCLOAK-2227 Added UserRolesRetrieveStrategy. Possibility to read user role mappings through 'memberOf' attribute 2015-12-16 13:52:11 +01:00
mposolda
06a55419f1 KEYCLOAK-1906 Customized LDAP filter. LDAP conditions improvements 2015-12-14 13:55:11 +01:00
Bill Burke
96e1813b34 client templates backend 2015-12-11 10:31:42 -05:00
mposolda
081db0d353 KEYCLOAK-2124 Post-Broker login flow support 2015-12-09 16:36:26 +01:00
Stian Thorgersen
321cac2ab8 KEYCLOAK-1900 Refactoring 2015-12-08 14:06:40 +01:00
tsudot
162dd4051d KEYCLOAK-1900 Add password hash SPI and provider
- Default encoder set to Pbkdf2PasswordEncoder
2015-12-08 13:25:59 +01:00
Stian Thorgersen
8d23422605 KEYCLOAK-2176 Add default roles and actions to users created with add-user script 2015-12-03 11:45:56 +01:00
Stian Thorgersen
f45bb62fcc KEYCLOAK-2192
Class serialization issues when Realm and User caches are in ASYNC mode
2015-12-03 08:24:30 +01:00
Stian Thorgersen
a218cc3034 KEYCLOAK-2179 Cache fixes 2015-12-03 08:24:16 +01:00
Stian Thorgersen
ee6753d31b KEYCLOAK-1813 KEYCLOAK-2182 Fixes enable/disable cache 2015-12-02 11:24:04 +01:00
Stian Thorgersen
09c18306c2 KEYCLOAK-2179
Realm and user cache is invalidated when added to other nodes
2015-12-02 11:23:54 +01:00
Stian Thorgersen
ff806eae08 Version bump 2015-12-01 19:54:28 +01:00
mposolda
ad34d63cb3 KEYCLOAK-2172 Make Identity broker User Attribute mappers compatible with First Broker Login flow 2015-12-01 15:48:25 +01:00
Stian Thorgersen
778a96c9e4 KEYCLOAK-2173 No such method on Infinispan on EAP6 2015-12-01 13:54:17 +01:00
mposolda
32fb604c88 KEYCLOAK-2149 Fix possible NPE during migration 2015-12-01 11:41:32 +01:00
mposolda
0f3d2bbfb4 KEYCLOAK-2149 DB fixes. firstBrokerLogin migration 2015-11-30 18:57:31 +01:00
mposolda
5b61a10b55 KEYCLOAK-2061 Direct Access Grants disabled by default 2015-11-30 15:56:21 +01:00
mposolda
ec327c99f4 KEYCLOAK-2152 KEYCLOAK-2061 Client switches changes. Support for response_types and grant_types in OIDC Client registration 2015-11-30 15:31:38 +01:00
Stian Thorgersen
5a686c4260 KEYCLOAK-2158
Add add-user-keycloak.sh to server overlays
2015-11-30 14:03:54 +01:00
mposolda
57b60797ce KEYCLOAK-1129 Implicit flow: more work 2015-11-28 00:15:41 +01:00
mposolda
8d2e4c0316 KEYCLOAK-2061 Add switches to enable/disable grant types for clients 2015-11-27 22:28:38 +01:00
Stian Thorgersen
c83e3bd2d1 KEYCLOAK-2106 HTTP 500 for unparsable refresh tokens 2015-11-27 08:59:23 +01:00
Stian Thorgersen
5ea880cfff Merge pull request #1880 from stianst/KEYCLOAK-2129-USRCACHE
KEYCLOAK-2139
2015-11-26 21:14:08 +01:00
Stian Thorgersen
d5105164e9 Merge pull request #1882 from abstractj/KEYCLOAK-2048
KEYCLOAK-2148: Update HmacOTP to make use of SecureRandom
2015-11-26 19:40:52 +01:00
Bruno Oliveira
0d582a1326 KEYCLOAK-2148: Update HmacOTP to make use of SecureRandom 2015-11-26 15:53:56 -02:00
Bruno Oliveira
a99df49bc9 KEYCLOAK-2136: Unexpected error when trying to create mapper with already existing name 2015-11-26 13:55:10 -02:00
Stian Thorgersen
b996e88dbd KEYCLOAK-2139
UserCache invalidation does not work proper
2015-11-26 16:39:06 +01:00
Stian Thorgersen
bf4d5f4df9 KEYCLOAK-2082
Cross site scripting issues
2015-11-26 10:12:43 +01:00
Bill Burke
b04b124351 KEYCLOAK-2114 2015-11-25 10:13:44 -05:00
Bill Burke
df74338cbc Merge pull request #1850 from girirajsharma/KEYCLOAK-2113
[KEYCLOAK-2113] Cannot delete group
2015-11-25 08:52:26 -05:00
Stian Thorgersen
3685a185d4 Merge pull request #1859 from stianst/reset-pass
KEYCLOAK-1758 add-user script
2015-11-25 06:56:35 +01:00
Stian Thorgersen
cfc28b861b KEYCLOAK-1758 add-user script 2015-11-24 21:54:58 +01:00
Stian Thorgersen
500bced6ee KEYCLOAK-1971 REST end point does't validate password policies properly 2015-11-24 20:50:41 +01:00
Marek Posolda
d6089597ff Merge pull request #1847 from gerbermichi/password
remove empty password check
2015-11-24 17:23:51 +01:00
Michael Gerber
9a3e023c43 fix null pointer 2015-11-24 13:54:33 +00:00
Stian Thorgersen
f6743eff69 KEYCLOAK-2119
OTP Policy form validates both TOTP and HOTP at the same time
2015-11-23 12:02:39 +01:00
girirajsharma
cf8b0abaad [KEYCLOAK-2113] Cannot delete group 2015-11-22 20:52:31 +05:30
Stian Thorgersen
aedd23a43d Merge pull request #1843 from stianst/client-reg
KEYCLOAK-1749 Add documentation and fixed clean-up of expired initial…
2015-11-19 19:58:42 +01:00
Stian Thorgersen
7e8c80c0df KEYCLOAK-1749 Add documentation and fixed clean-up of expired initial access tokens 2015-11-19 16:11:41 +01:00
Bill Burke
98958a2bc4 default groups 2015-11-18 19:40:30 -05:00
Bill Burke
6989589e72 Merge remote-tracking branch 'upstream/master' 2015-11-18 15:24:45 -05:00
Bill Burke
4f00f6cceb group mongo 2015-11-18 15:24:27 -05:00
Stian Thorgersen
95e729b0b7 Merge pull request #1832 from stianst/client-reg
KEYCLOAK-2085
2015-11-18 19:34:47 +01:00
Bill Burke
41331111da resolve conflicts 2015-11-18 09:39:19 -05:00
Bill Burke
bff334d365 group token/assertion and tests 2015-11-18 09:36:47 -05:00
Stian Thorgersen
764c20d748 KEYCLOAK-2085 Initial access tokens for client registration 2015-11-18 10:33:24 +01:00
Thomas Darimont
c81d0c0898 KEYCLOAK-2101 - Ensure consistent order for properties in json configuration export.
We now explicitly order the AuthenticatorFlows, AuthenticatorConfig, as well
as RequiredActions to ensure a consistent order for the configuration export to make
it easier to diff / version keycloak configuration files.
Previously the order of the json properties of an configuration export were
non deterministic. The configuration file could look partially different after a
 export, import, export sequence even if no changes were made.
2015-11-17 22:34:21 +01:00
Stian Thorgersen
62c5bc0e91 KEYCLOAK-1749 Rotate registration access token, add registration access token to admin console 2015-11-17 09:44:50 +01:00
Stian Thorgersen
bad0a95123 KEYCLOAK-1749 Client registration service
Changed endpoints of client registration to just clients

Started installation

Added adapter config retrival to client reg
2015-11-16 13:24:56 +01:00
Stian Thorgersen
1bc08fff16 Merge pull request #1823 from abstractj/KEYCLOAK-2056
KEYCLOAK-2056: Removal of file model provider
2015-11-16 08:33:56 +01:00
mposolda
ea7709a104 KEYCLOAK-2026 Fix realm.getMasterAdminClient() in JPA and Mongo models 2015-11-13 18:51:09 +01:00
mposolda
1d5a01577e KEYCLOAK-1750 First broker login - migration 2015-11-13 18:51:09 +01:00
mposolda
4288260aa6 KEYCLOAK-1822 Don't redirect to login theme when error during link identity in account mgmt. 2015-11-13 18:51:09 +01:00
Bruno Oliveira
4b0e33e388 KEYCLOAK-2056: Removal of file model provider 2015-11-13 13:44:15 -02:00
Bill Burke
fa7a7d35a9 Merge remote-tracking branch 'upstream/master' 2015-11-13 09:30:37 -05:00
Bill Burke
fe5809db4d token group roles 2015-11-13 09:30:25 -05:00
mposolda
ce4a865579 KEYCLOAK-1750 First broker login - tests 2015-11-13 09:32:46 +01:00
Bill Burke
0d20e3c7ff Merge remote-tracking branch 'upstream/master' 2015-11-12 11:31:55 -05:00
Bill Burke
21119604c6 user group membership 2015-11-12 11:31:44 -05:00
Stian Thorgersen
99cddcef6c Merge pull request #1805 from velias/KEYCLOAK-2033
KEYCLOAK-2033 - Allow custom SPI Providers to show additional info on
2015-11-12 09:21:38 +01:00
Bill Burke
33ac048c8c resolve conflicts 2015-11-11 18:06:39 -05:00
Bill Burke
e25157655b group ui 2015-11-11 18:03:53 -05:00
Vlastimil Elias
b39146f6f5 KEYCLOAK-2033 - Allow custom SPI Providers to show additional info on
Server Info page
2015-11-10 12:55:36 +01:00
mposolda
4ca442d1b2 KEYCLOAK-1750 Option updateProfileOnFirstLogin moved from IdentityProvider to IdpReviewProfile authenticator 2015-11-10 11:06:23 +01:00
mposolda
99e75c69a0 KEYCLOAK-1750 First broker login - support for change password after first social login 2015-11-10 10:25:31 +01:00
mposolda
adbf2b22ad KEYCLOAK-1750 Improve first time login with social. Added 'first broker login' flow 2015-11-09 10:34:55 +01:00
Daniël van 't Ooster
7bd0b7ddfc KEYCLOAK-2032 Changed some column names from lower- to uppercase, so it is in sync with liquibase scripts 2015-11-04 11:43:09 +01:00
Bill Burke
151c56a304 conflicts 2015-11-02 11:21:10 -05:00
Bill Burke
c2ad918975 group model 2015-11-02 11:19:19 -05:00
Bill Burke
d896800ec6 groups initial 2015-10-29 16:33:02 -04:00
mposolda
f8f4de9389 KEYCLOAK-2005 Fixed migration to take less time. Added UserProvider.grantToAllUsers 2015-10-26 11:06:19 +01:00
mposolda
74924f2f8c KEYCLOAK-2011 2015-10-23 22:48:06 +02:00
mposolda
c498b06f68 KEYCLOAK-2007 Migration upgrade for 1.6.1 2015-10-23 22:47:53 +02:00
mposolda
e04dbffb88 KEYCLOAK-1999 KC server doesn't start on EAP 6.4 in local mode on PostgreSQL 2015-10-22 14:28:08 +02:00
Stian Thorgersen
23546402fa Merge pull request #1749 from cfsnyder/master
KEYCLOAK-1863 added both issuer and account name to otp configuration
2015-10-21 09:24:58 +02:00
Stian Thorgersen
3f8312427a Version bump 2015-10-19 16:15:29 +02:00
mposolda
7d590761dd KEYCLOAK-1981 Migration fix of create-client 2015-10-19 12:46:47 +02:00
mposolda
028cbe1ce2 KEYCLOAK-1983 Fix Oracle and Sybase 2015-10-19 11:45:49 +02:00
mposolda
605c80a68d KEYCLOAK-1952 Migration fix. Change some INFO messages to DEBUG/TRACE 2015-10-16 20:51:40 +02:00
mposolda
9cc5ca3ce4 KEYCLOAK-1972 docs and export/import fixes for offline tokens. DB fixes 2015-10-16 19:09:52 +02:00
mposolda
4587fd23b6 KEYCLOAK-1929 Change package names. Fix Fuse demo 2015-10-16 16:30:42 +02:00
Cory Snyder
d8ebf1e3d6 KEYCLOAK-1863 added both issuer and account name to otp configuration 2015-10-16 09:46:56 -04:00
Stian Thorgersen
a6556a49c2 Merge pull request #1738 from gerbermichi/locale
KEYCLOAK-1962 update realm overwrites supported locales with empty list
2015-10-16 10:21:20 +02:00
Bill Burke
8674578d0d Merge pull request #1730 from patriot1burke/master
KEYCLOAK-1908
2015-10-15 18:32:57 -04:00
Bill Burke
99028e9cab Merge remote-tracking branch 'upstream/master' 2015-10-15 16:30:35 -04:00
Bill Burke
20f18eec15 support browser refresh 2015-10-15 16:30:21 -04:00
mposolda
67435791ed KEYCLOAK-1961 revokeRefreshToken support for offline tokens and other fixes 2015-10-15 22:30:17 +02:00
mposolda
802a39b1ce KEYCLOAK-904 Offline session idle timeout + admin console 2015-10-15 22:30:17 +02:00
Stian Thorgersen
e582de2837 KEYCLOAK-1961
Same token can be used multiple times to obtain access token
2015-10-15 09:11:18 +02:00
Michael Gerber
f8effaee58 return null instead of an empty set. 2015-10-15 08:19:18 +02:00
Thomas Darimont
870702fd81 KEYCLOAK-1918 - Add description field to client definition.
Introduced description field with support for i18n for more descriptive client information.
Applications can use the description to display a "slightly" longer gist of
what the client / application is about, especially useful for tooltips.

The description is currently limited to 255 characters.
2015-10-15 07:33:38 +02:00
mposolda
f92fe6bea9 KEYCLOAK-904 Offline tokens storage changes. Added UserSessionPersisterProvider . offline sessions preloaded to cache at startup 2015-10-14 11:07:44 +02:00
Stian Thorgersen
8c72ef2980 KEYCLOAK-1877
Empty bubble in admin event types select box
2015-10-14 07:22:56 +02:00
Stian Thorgersen
c85e0248dd KEYCLOAK-1883
Improve setting of users locale
2015-10-13 19:47:10 +02:00
Stian Thorgersen
4ce93171ba KEYCLOAK-1335
Slow startup in OpenStack
2015-10-13 07:00:47 +02:00
Stian Thorgersen
366a1629e5 KEYCLOAK-1749 Client registration service and client java api 2015-10-08 11:55:42 +02:00
Stian Thorgersen
64ecc3b153 Merge pull request #1672 from ssilvert/KEYCLOAK-1882-add-locale-mapper-on-new-realm
KEYCLOAK-1882 Also add locale mapper when new realm is created.
2015-10-06 14:58:27 +02:00
girirajsharma
0a3de09b5a [KEYCLOAK-1864] No names for required actions 2015-10-04 23:44:44 +05:30
Stan Silvert
28fad68486 KEYCLOAK-1882 Also add locale mapper when new realm is created. 2015-10-02 15:01:39 -04:00
Stian Thorgersen
a53aebcddf KEYCLOAK-1882 Add locale mapper to admin console clients during migration 2015-10-02 13:43:41 +02:00
mposolda
4f6d3c8dca KEYCLOAK-1815 Reduce info logging 2015-09-30 16:35:56 +02:00
mposolda
95fe2fe74b KEYCLOAK-904 offline tokens - migration 2015-09-30 16:35:56 +02:00
mposolda
6fbb8ccf71 KEYCLOAK-904 Offline tokens - model changes, admin console, export/import, docs 2015-09-30 10:51:36 +02:00
Stian Thorgersen
55deedd3b8 KEYCLOAK-1868 Import clients through admin console
KEYCLOAK-1869 Add root url to clients that should be used to resolve relative urls
2015-09-29 12:16:05 +02:00
Stian Thorgersen
75c0d5089f KEYCLOAK-1878
Add Base64 to Keycloak core
2015-09-25 07:02:25 +02:00
Stian Thorgersen
7d239f8990 Make it possible to set hibernate spec artifact id with a property in parent pom 2015-09-23 15:36:40 +02:00
mposolda
046edbbd54 KEYCLOAK-904 Consents support. Added scopeParamRequired flag to RoleModel 2015-09-23 12:52:47 +02:00