Commit graph

1091 commits

Author SHA1 Message Date
Dmitry Telegin
3b24465141
KEYCLOAK-12870 - Allow to pick arbitrary user for IdP linking (#6828)
* KEYCLOAK-12870 - Allow to pick arbitrary user for IdP linking

* KEYCLOAK-12870: always allow to choose user if password reset is called from first broker login flow

* KEYCLOAK-12870: remove "already authenticated as different user" check and message

* KEYCLOAK-12870: translations

* KEYCLOAK-12870: fix tests
2020-03-20 07:41:35 +01:00
Stan Silvert
fff8571cfd KEYCLOAK-12768: Prevent reserved characters in URLs 2020-03-18 07:40:24 +01:00
Stan Silvert
256bbff769 KEYCLOAK-12844: keycloak.d.ts does not belong in new account console 2020-03-17 15:39:06 -03:00
mposolda
72e4690248 KEYCLOAK-13174 Not possible to delegate creating or deleting OTP credential to userStorage 2020-03-11 12:51:56 +01:00
stianst
db26520046 KEYCLOAK-13237 Allow look ahead window set to 0 for otp policy 2020-03-10 16:01:57 +01:00
stianst
097a9b6e2e KEYCLOAK-13233 Fix missing text-security files 2020-03-10 15:50:00 +01:00
vmuzikar
a840d6ff9a KEYCLOAK-13260 Fix "Test authentication" button for LDAP User Federation 2020-03-09 13:36:57 +01:00
mabartos
a1bbab9eb2 KEYCLOAK-12799 Missing Cancel button on The WebAuthn setup screen when using AIA 2020-03-05 15:04:38 +01:00
stianst
75a772f52b KEYCLOAK-10967 Add JSON body methods for test ldap and smtp connections. Deprecate old form based methods. 2020-03-05 10:07:58 +01:00
Douglas Palmer
dfb67c3aa4 [KEYCLOAK-12980] Username not updated when "Email as username" is enabled 2020-03-03 10:26:35 +01:00
Helder dos Santos Alves
1ca417c2c0 KEYCLOAK-13085 minor fixes 2020-03-02 15:06:23 -03:00
Helder dos Santos Alves
80a95eb520 KEYCLOAK-13085 pt_BR messages for login and email 2020-03-02 15:06:23 -03:00
Stan Silvert
c78087c3ed KEYCLOAK-12817: Password form is stretched if IdP is configured 2020-02-28 09:18:46 -03:00
Bart Monhemius
b6d945aaa8 [i18n nl] Add translations for link expiration 2020-02-27 10:47:46 +01:00
Erik Jan de Wit
b19355dd76 KEYCLOAK-10673 updated text-security to 2.0 2020-02-27 10:27:19 +01:00
Martin Bartoš
eaaff6e555
KEYCLOAK-12958 Preview feature profile for WebAuthn (#6780)
* KEYCLOAK-12958 Preview feature profile for WebAuthn

* KEYCLOAK-12958 Ability to enable features having EnvironmentDependent providers without restart server

* KEYCLOAK-12958 WebAuthn profile product/project

Co-authored-by: Marek Posolda <mposolda@gmail.com>
2020-02-26 08:45:26 +01:00
stianst
04903666d1 KEYCLOAK-12597 Fix admin console with base theme 2020-02-19 15:46:38 +01:00
keycloak-bot
d352d3fa8e Set version to 9.0.1-SNAPSHOT 2020-02-17 20:38:54 +01:00
mposolda
a76c496c23 KEYCLOAK-12860 KEYCLOAK-12875 Fix for Account REST Credentials to work with LDAP and social users 2020-02-14 20:24:42 +01:00
Douglas Palmer
876086c846 [KEYCLOAK-12161] "Back to Application" link is shown with link to current page 2020-02-14 10:37:32 -03:00
stianst
42773592ca KEYCLOAK-9632 Improve handling of user locale 2020-02-14 08:32:20 +01:00
Pedro Igor
421ec34557 [KEYCLOAK-8049] - Prevent users from not choosing a group 2020-02-13 10:10:46 +01:00
Peter Zaoral
b0ffea699e KEYCLOAK-12186 Improve the OTP login form
-created and implemented login form design, where OTP device can be selected
-implemented selectable-card-view logic in jQuery
-edited related css and ftl theme resources
-fixed affected BrowserFlow tests

Signed-off-by: Peter Zaoral <pzaoral@redhat.com>
2020-02-12 11:25:02 +01:00
Alex Szczuczko
3ef338d392 KEYCLOAK-9436 Filter out git-Logo.svg to fix zip for Windows
Should be safe to filter, upstream PR redhat-rcue/rcue#89 will remove
eventually, and tests use lowercase version of this file.
2020-02-11 09:16:59 +01:00
Stan Silvert
b236cae7f7 KEYCLOAK-12875: User w/o pswd can't set pswd in new acct console. 2020-02-10 14:03:16 -05:00
Erik Jan de Wit
41bf0b78be KEYCLOAK-11631 reset to default befor loading new 2020-02-10 12:55:14 -05:00
Dmitry Telegin
b6c5acef25 KEYCLOAK-7969 - SAML users should not be identified by SAML:NameID 2020-02-06 08:53:31 +01:00
Martin Bartoš
7dec314ed0
KEYCLOAK-12900 NullPointerException during WebAuthn Registration (#6732) 2020-02-05 17:01:36 +01:00
Axel Messinese
b73553e305 Keycloak-11526 search and pagination for roles 2020-02-05 15:28:25 +01:00
Martin Bartoš
b0c4913587
KEYCLOAK-12177 KEYCLOAK-12178 WebAuthn: Improve usability (#6710) 2020-02-05 08:35:47 +01:00
Alex Szczuczko
038b8fd975 KEYCLOAK-12853 Add license information for account2 dependencies 2020-02-04 15:41:27 -03:00
vmuzikar
0801cfb01f KEYCLOAK-12105 Add UI tests for Single page to manage credentials 2020-02-04 15:18:52 -03:00
Stan Silvert
a2ac8e940d KEYCLOAK-12867: Cred title should be visible if cred type disabled 2020-02-04 07:28:15 -05:00
Douglas Palmer
dc97a0af92 [KEYCLOAK-12107] Add tests for Applications page 2020-02-04 09:26:42 -03:00
rmartinc
5b9eb0fe19 KEYCLOAK-10884: Need clock skew for SAML identity provider 2020-02-03 22:00:44 +01:00
Thomas Darimont
a9572e6ee9 KEYCLOAK-12102 Show proper error messages in new account console
Previously error codes were not properly translated in the account theme.
2020-02-03 15:55:10 -05:00
Jan Lieskovsky
b532570747
[KEYCLOAK-12168] Various setup TOTP screen usability improvements (#6709)
On both the TOTP account and TOTP login screens perform the following:
* Make the "Device name" label optional if user registers the first
  TOTP credential. Make it mandatory otherwise,
* Denote the "Authenticator code" with asterisk, so it's clear it's
  required field (always),
* Add sentence to Step 3 of configuring TOTP credential explaining
  the user to provide device name label,

Also perform other CSS & locale / messages file changes, so the UX is
identical when creating OTP credentials on both of these pages

Add a corresponding testcase

Also address issues pointed out by mposolda's review. Thanks, Marek!

Signed-off-by: Jan Lieskovsky <jlieskov@redhat.com>
2020-02-03 19:34:28 +01:00
Marek Posolda
154bce5693
KEYCLOAK-12340 KEYCLOAK-12386 Regression in credential handling when … (#6668) 2020-02-03 19:23:30 +01:00
Marek Posolda
d8e450719b
KEYCLOAK-12469 KEYCLOAK-12185 Implement nice design to the screen wit… (#6690)
* KEYCLOAK-12469 KEYCLOAK-12185 Add CredentialTypeMetadata. Implement the screen with authentication mechanisms and implement Account REST Credentials API by use the credential type metadata
2020-01-31 14:28:23 +01:00
Stan Silvert
6ac5a2a17e
[KEYCLOAK-12744] rh-sso-preview theme for product build
* change logo for RH-SSO
* Small fixes to rh-sso-preview theme
* rh-sso-preview theme

Co-authored-by: Erik Jan de Wit <erikjan.dewit@gmail.com>
2020-01-31 08:16:52 -03:00
Bruno Oliveira da Silva
22bd945332 [KEYCLOAK-10304] Configure JS Adapter to use PKCE for new Account Management 2020-01-30 09:26:27 -05:00
vmuzikar
6eb6418208 KEYCLOAK-12834 Fix Account Console build is missing some dependencies 2020-01-30 10:31:27 -03:00
Bruno Oliveira da Silva
a9c3e4b8bd Update node_modules folder 2020-01-30 14:25:29 +01:00
Bruno Oliveira da Silva
c36bcc8701 [KEYCLOAK-12439] Update to Angular 1.7.9 2020-01-30 14:25:29 +01:00
Erik Jan de Wit
8a022da30d KEYCLOAK-10303 configure JS Adapter to use PKCE 2020-01-30 10:29:06 +01:00
stianst
c38baa32ba KEYCLOAK-12685 Set callback URI for identity providers to use frontend URL 2020-01-29 14:05:48 +01:00
Marek Posolda
d46620569a
KEYCLOAK-12174 WebAuthn: create authenticator, requiredAction and policy for passwordless (#6649) 2020-01-29 09:33:45 +01:00
Alex Szczuczko
1a53110bb6 KEYCLOAK-11293 Filter out cruft from account2 modules 2020-01-29 05:26:55 -03:00
Alex Szczuczko
7dd7686635 KEYCLOAK-11293 Run mvn clean package -Pnpm-update 2020-01-29 05:26:55 -03:00
Alex Szczuczko
52d8b759d3 KEYCLOAK-11293 Update theme build for keycloak-preview
`npm install` is changed to run at build time, removing the need for commiting
the js modules, which are getting a bit silly in size with the introduction of
account2. Appropriate changes to prod-arguments.json are included that should
enable the product build to function properly. The community and developer
builds will continue to work without the proxying PNC provides.

This also changes the themes pom to work with more than one `package.json`
file. The only other one at the moment is for the new account console /
account2.

The documentation file has been updated.

Since we're building directly out of the source directories, it is possible in
a local dev environment for unintended files (e.g. old compiled .js files),
placed within src/main/resources/, to be included in the themes jar. This
shouldn't be a problem for actual builds though, which use a fresh clone.

Other small changes include refactoring the npm setup stuff to a global
definition, and the introduction of some properties to avoid duplicating path
definitions everywhere.

This commit does not include the churn that would result from deleting the
existing commited modules.
2020-01-29 05:26:55 -03:00
Erik Jan de Wit
3beef2a4c0 KEYCLOAK-8098 use html5 email validation 2020-01-27 15:16:05 -05:00
Denis Richtárik
24c6e2ba08 KEYCLOAK-12742 Authentication -> WebAuthn Policy: Unable to delete the Acceptable AAGUIDS via the provided minus (-) button, once set (#6695) 2020-01-24 11:55:20 +01:00
Thomas Darimont
303861f7e8 KEYCLOAK-10003 Fix handling of request parameters for SMTP Connection Test
We now transfer the SMTP connection configuration via HTTP POST
request body parameters instead of URL parameters.
The improves handling of SMTP connection configuration values with
special characters. As a side effect sensitive information like SMTP
credentials are now longer exposed via URL parameters.

Previously the SMTP connection test send the connection parameters
as encoded URL parameters in combination with parameters in the request body.
However the server side endpoint did only look at the URL parameters.

Certain values, e.g. passwords with + or ; could lead to broken URL parameters.
2020-01-23 13:19:31 -06:00
Leon Graser
f1ddd5016f KEYCLOAK-11821 Add account api roles to the client on creation
Co-authored-by: stianst <stianst@gmail.com>
2020-01-23 13:10:04 -06:00
Benjamin Weimer
dd9ad305ca KEYCLOAK-12757 New Identity Provider Mapper "Advanced Claim to Role Mapper" with
following features

    * Regex support for claim values.
    * Support for multiple claims.
2020-01-23 07:17:22 -06:00
Stan Silvert
210fd92d23 KEYCLOAK-11550: Signing In page 2020-01-23 07:35:09 -05:00
Tobias Oort
910324e4eb minor changes (punctuation, caps) 2020-01-20 06:51:08 -06:00
Tobias Oort
632925cc06 [i18n nl] Updated totpStep1 - removed a-href tags
A tags are not rendered as-is - they are escaped. This fixes html output as plaintext in the dutch translation.
2020-01-20 06:51:08 -06:00
Stan Silvert
922c9260a4 KEYCLOAK-12526: Fix when switch is displayed 2020-01-17 08:35:01 -03:00
Stan Silvert
568b1586a6 KEYCLOAK-12526: Add 'Always Display in Console' to admin console 2020-01-17 08:35:01 -03:00
Martin Bartos RH
d3f6937a23 [KEYCLOAK-12426] Add username to the login form + ability to reset login 2020-01-17 09:40:13 +01:00
mposolda
85dc1b3653 KEYCLOAK-12426 Add username to the login form + ability to reset login - NOT DESIGN YET 2020-01-17 09:40:13 +01:00
Alex Szczuczko
3ac4992808 KEYCLOAK-12478 Remove all html and css files under keycloak-preview 2020-01-16 15:26:13 -05:00
Martin Bartoš
5aab03d915 [KEYCLOAK-12184] Remove BACK button from login forms (#6657) 2020-01-15 12:25:37 +01:00
Marek Posolda
8d49409de1
KEYCLOAK-12183 Refactor login screens. Introduce try-another-way link. Not show many credentials of same type in credential selector (#6591) 2020-01-14 21:54:45 +01:00
Bodo Graumann
65b674a131 KEYCLOAK-10818 Add hint about +, * in client CORS
The '+' in the allowed CORS origins does not replicate a '*' wildcard
from the Valid Redirect URIs. This information is now available in the
tooltip.

Also translated changed message into german.
2020-01-09 10:09:02 +01:00
Bruno Oliveira da Silva
c0aa0891cd [KEYCLOAK-12533] Applications UI has erroneous "Remove Access" button 2020-01-06 10:49:52 -03:00
Bruno Oliveira da Silva
caf08da2af [KEYCLOAK-10962] Application screen for the new account console 2019-12-17 17:09:45 -03:00
vmuzikar
4c17fa8664 KEYCLOAK-12104 UI tests for Linked Accounts Page 2019-12-16 16:06:03 -03:00
Stan Silvert
8efe89135e KEYCLOAK-8181: Implement spinner 2019-12-16 14:55:00 -03:00
vmuzikar
4f7b56d227 KEYCLOAK-12106 UI tests for Device Activity page 2019-12-16 14:26:58 -03:00
Erik Jan de Wit
fb999d96a5 reverted 2019-12-13 15:22:32 -05:00
Erik Jan de Wit
9cfb22f176 added redirectUri to go back where the user was 2019-12-13 15:22:32 -05:00
Erik Jan de Wit
af0f43b769 KEYCLOAK-11496 detect session timeout 2019-12-13 15:22:32 -05:00
Stef van der Wel
118b413152 KEYCLOAK-12315 Fixed rendering resources template without baseUri. 2019-12-11 16:52:39 -03:00
Martin Bartoš
2cf6483cdf [KEYCLOAK-12044] Fix messages in the UsernameForm (#6548) 2019-12-11 10:59:46 +01:00
moremagic
17237ee7fc KEYCLOAK-6758 2019-12-10 09:15:25 +01:00
Denis Richtárik
48bddc37ae KEYCLOAK-12011 Remove cancel button from OTP form (#6511)
* KEYCLOAK-12011 Remove cancel button from OTP form

* Remove back button
2019-12-09 19:23:26 +01:00
Cristian Schuszter
5c7ce775cf KEYCLOAK-11472 Pagination support for clients
Co-authored-by: stianst <stianst@gmail.com>
2019-12-05 08:17:17 +01:00
k-tamura
5fc39daad3 KEYCLOAK-10440 Update Japanese translation for version 7.0.1 2019-12-03 07:51:19 +01:00
Bruno Oliveira da Silva
f9683b460b [KEYCLOAK-12277] NPM lint errors and warnings on MyResources page 2019-12-02 11:26:37 -05:00
vmuzikar
f426643225 KEYCLOAK-11744 KEYCLOAK-11271 New Account Console testsuite 2019-11-28 08:32:48 -03:00
Tomas Kyjovsky
61eb569ae5 KEYCLOAK-11921 Reset password (#6505) 2019-11-28 09:38:11 +01:00
Stan Silvert
de6f90b43b KEYCLOAK-11550: Single page for credentials (initial commit) 2019-11-27 07:32:13 -03:00
rmartinc
82ef5b7927 KEYCLOAK-12000: Allow overriding time lifespans on a SAML client 2019-11-26 10:02:34 +01:00
stianst
c74a081ad8 KEYCLOAK-12224 Use frontendUrl for ODIC discovery and SAML IdP metadata in admin console 2019-11-26 08:21:34 +01:00
Kohei Tamura
bc7d7ad754 KEYCLOAK-12021 Remove unnecessary property key in property value 2019-11-22 15:48:45 +01:00
Pedro Igor
cee884e4a7 [KEYCLOAK-8406] - Remove Drools/Rules Policy 2019-11-22 15:38:51 +01:00
Stan Silvert
ea268af511 KEYCLOAK-12159: AIA and Logout broken in new acct console 2019-11-21 09:35:46 -03:00
stianst
3731e36ece KEYCLOAK-12069 Add account-console client for new account console 2019-11-20 08:48:40 -05:00
keycloak-bot
76aa199fee Set version to 9.0.0-SNAPSHOT 2019-11-15 20:43:21 +01:00
Erik Jan de Wit
e6414856b4 fix: make brand logo click go back to welcome screen
fixing KEYCLOAK-11680
2019-11-15 13:01:03 -05:00
AlistairDoswald
4553234f64 KEYCLOAK-11745 Multi-factor authentication (#6459)
Co-authored-by: Christophe Frattino <christophe.frattino@elca.ch>
Co-authored-by: Francis PEROT <francis.perot@elca.ch>
Co-authored-by: rpo <harture414@gmail.com>
Co-authored-by: mposolda <mposolda@gmail.com>
Co-authored-by: Jan Lieskovsky <jlieskov@redhat.com>
Co-authored-by: Denis <drichtar@redhat.com>
Co-authored-by: Tomas Kyjovsky <tkyjovsk@redhat.com>
2019-11-14 14:45:05 +01:00
Andy Munro
e7e49c13d5 KEYCLOAK-11413 Update UI messages
Co-authored-by: stianst <stianst@gmail.com>

Made a couple more spelling corrections.
2019-11-14 12:31:05 +01:00
Stan Silvert
d439f4181a KEYCLOAK-6503: Linked Accounts Page 2019-11-14 07:39:43 -03:00
stianst
b8881b8ea0 KEYCLOAK-11728 New default hostname provider
Co-authored-by: Hynek Mlnarik <hmlnarik@redhat.com>
2019-11-11 12:25:44 +01:00
Takashi Norimatsu
4574d37d8d KEYCLOAK-11372 Support for attestation statement verification (#6449) 2019-11-08 09:15:28 +01:00
stianst
e13a066c74 KEYCLOAK-11886 Delete themes/src/main/resources/theme/keycloak/common/resources/lib/components/ 2019-11-07 04:45:24 -03:00
Stan Silvert
041229f9ca KEYCLOAK-7429: Linked Accounts REST API 2019-11-05 16:03:21 -05:00
stianst
a6e8232b31 KEYCLOAK-11845 Update admin theme to use shared PatternFly/RCUE 2019-11-01 12:09:25 -03:00