libre.sh/keycloak-scim
2
0
Fork 0
Code Issues 14 Pull requests Releases Packages Activity Actions 6
9715 commits 4 branches 5 tags 480 MiB
Commit graph

3219 commits

Author SHA1 Message Date
Bill Burke
a41d282e92 client permission tests 2017-06-02 15:49:20 -04:00
Thomas Skjølberg
241c58dd61 Add unit tests related to signatures, check that a signature is present when want assertion signing. 2017-06-02 15:36:52 +02:00
Bill Burke
b9f7a43a72 group permissions 2017-06-01 20:16:35 -04:00
Alex Szczuczko
bed6f96fc6 KEYCLOAK-4752 Change required actions UI to uncheck and disable the default checkbox when the enable checkbox is not checked. The API will continue to silently drop actions that are not enabled for the realm. 2017-06-01 08:25:51 -06:00
Pedro Igor
dcd1a68d95 [KEYCLOAK-4992] - Allow clients to exclude resource_set_name from RPT 2017-05-31 19:33:34 -03:00
Pavel Drozd
a52a1f4618 Merge pull request #4196 from vramik/KEYCLOAK-4481 
KEYCLOAK-4481 some authz export tests
 2017-05-30 16:56:54 +02:00
Pavel Drozd
a2e35bf711 Merge pull request #4186 from tkyjovsk/KEYCLOAK-4970 
KEYCLOAK-4970 Arquillian testsuite doesn't work with -Pauth-server-wildfly after upgrade to WF11
 2017-05-30 16:55:21 +02:00
Stian Thorgersen
a6e4245185 Merge pull request #4194 from stianst/KEYCLOAK-4888 
KEYCLOAK-4888
 2017-05-30 14:49:22 +02:00
Tomas Kyjovsky
67bee0dfc2 Upgraded wildfly-arquillian-container-* artifacts to 2.1.0.Alpha2 and added wildfly10 modules in app servers and adapter tests 2017-05-30 14:25:51 +02:00
vramik
8f1938c28d KEYCLOAK-4481 Role based permission test 2017-05-30 13:10:09 +02:00
Stian Thorgersen
8c53c5a90e KEYCLOAK-4888 
Change default hashing provider for realm
 2017-05-30 09:54:05 +02:00
Thomas Darimont
7d0b461683 KEYCLOAK-4975 Use authenticationSession binding name in ScriptBasedAuthenticator 
We now use authenticationSession instead of clientSession to reflect
the renaming of ClientSessionModel to AuthenticationSessionModel.

Note that this is a breaking change which needs to be mentioned in
the upgrade notes!
 2017-05-29 18:14:02 +02:00
Bill Burke
c3ea847b3e auth changes 2017-05-29 09:53:17 -04:00
Stian Thorgersen
684689d40d Merge pull request #3561 from glavoie/KEYCLOAK-3990 
KEYCLOAK-3990: Very slow use of NamedQueries.
 2017-05-29 09:39:39 +02:00
mposolda
c4f172afe7 KEYCLOAK-4977 Upgrade infinispan and undertow version to align with Wildfly 11.0.0.Alpha1 2017-05-26 14:29:30 +02:00
Pavel Drozd
bb1096c511 Merge pull request #4182 from mhajas/KEYCLOAK-4959 
KEYCLOAK-4959 Use desired version of adapter
 2017-05-25 13:16:41 +02:00
mhajas
88473ce3c1 KEYCLOAK-4959 Use desired version of adapter 2017-05-25 12:02:16 +02:00
Hynek Mlnarik
e4fc8f083e KEYCLOAK-3990 Tests 2017-05-24 07:50:48 -04:00
mposolda
2b59db71a8 KEYCLOAK-3316 Remove the IDToken if scope=openid is not used 2017-05-24 09:23:14 +02:00
Pavel Drozd
73c328d5e3 Merge pull request #4178 from pdrozd/ldap-import-test 
KEYCLOAK-4958 Fix condition for skipping test
 2017-05-24 00:32:22 +02:00
Pavel Drozd
a9c98a577b KEYCLOAK-4958 Fix condition for skipping test 2017-05-23 14:47:14 +02:00
Stian Thorgersen
c442bcd8d3 Merge pull request #4174 from stianst/KEYCLOAK-4889 
KEYCLOAK-4889
 2017-05-23 14:26:15 +02:00
Stian Thorgersen
c00a64208a Merge pull request #4136 from frelibert/KEYCLOAK-4897 
KEYCLOAK-4897
 2017-05-23 14:10:34 +02:00
Pavel Drozd
06152d9883 Merge pull request #4165 from vmuzikar/google-fix 
KEYCLOAK-4944 Fix SocialLoginTest to reflect new Google Login screen
 2017-05-23 14:03:08 +02:00
Pavel Drozd
c230edbf72 Merge pull request #4151 from pdrozd/KEYCLOAK-4931 
KEYCLOAK-4931 - install patch available from http
 2017-05-23 14:01:44 +02:00
Pavel Drozd
12fec09410 Merge pull request #4150 from pdrozd/KEYCLOAK-4930 
KEYCLOAK-4930 - Updated install-keycloak script for overlay installat…
 2017-05-23 14:00:35 +02:00
Stian Thorgersen
ef29097679 Merge pull request #4172 from hmlnarik/KEYCLOAK-4813-Destination-Validation-should-ignore-whether-default-port-is-explicitly-specified 
KEYCLOAK-4813 Destination validation counts on port being not specified
 2017-05-23 13:59:36 +02:00
Pavel Drozd
0a869f56a7 Merge pull request #4146 from vramik/KEYCLOAK-4926 
KEYCLOAK-4926 exclude WelcomePageTest from migration scenario
 2017-05-23 13:59:26 +02:00
Stian Thorgersen
ff2d6941d0 Merge pull request #4140 from mstruk/RHSSO-978 
RHSSO-978 Cannot migrate event types using export/import
 2017-05-23 13:55:17 +02:00
Mohammad Rezai
acd78ee407 KEYCLOAK-4956: Fix incorrect PKCE S256 code challenge generation 2017-05-23 16:15:44 +04:30
Stian Thorgersen
130452f6c3 Merge pull request #4085 from mstruk/RHSSO-402 
RHSSO-402 need a way to dump configuration (including ldap provider config) to a file
 2017-05-23 13:29:32 +02:00
Stian Thorgersen
178fd08d9a Merge pull request #4066 from johnament/KEYCLOAK-4765 
KEYCLOAK-4765 - Add ability to disable Query Parameter parsing.
 2017-05-23 13:24:08 +02:00
Stian Thorgersen
097a2267f5 KEYCLOAK-4889 
Improve error messages for password policies
 2017-05-23 13:18:06 +02:00
Hynek Mlnarik
f47283f61a KEYCLOAK-4813 Destination validation counts on port being not specified 2017-05-23 12:52:48 +02:00
mposolda
8adde64e2c KEYCLOAK-4016 Provide a Link to go Back to The Application on a Timeout 2017-05-23 09:08:58 +02:00
Daan de Wit
ef6b303bfe KEYCLOAK-4911 charset not specified by Java client registration API 2017-05-22 15:22:39 +02:00
Bill Burke
ab763e7c5b fixes after merge 2017-05-19 15:54:36 -04:00
Vaclav Muzikar
c2379dbe49 KEYCLOAK-4944 Fix SocialLoginTest to reflect new Google Login screen 2017-05-19 18:07:05 +02:00
Bill Burke
f114895cd2 for merge 2017-05-19 11:29:26 -04:00
vramik
f0386d9374 KEYCLOAK-4926 exclude WelcomePageTest from migration scenario 2017-05-19 13:30:01 +02:00
Marek Posolda
d80381ec0d Merge pull request #4139 from vramik/KEYCLOAK-4827 
KEYCLOAK-4827 Add tests for concurrent use of user session in cache
 2017-05-19 11:14:57 +02:00
Pavel Drozd
60ef910b5b KEYCLOAK-4931 - install patch available from http 2017-05-18 23:47:12 +02:00
Pavel Drozd
53ab314eb9 KEYCLOAK-4930 - Updated install-keycloak script for overlay installation - added ha installation. 2017-05-18 23:35:04 +02:00
Bill Burke
2cac8b1bb7 KEYCLOAK-4929 2017-05-18 16:53:31 -04:00
Bill Burke
c291748f43 KEYCLOAK-4929 2017-05-18 16:48:04 -04:00
Marek Posolda
69ada965d8 Merge pull request #4144 from hmlnarik/KEYCLOAK-4187-Action-tokens-additional-tests 
KEYCLOAK-4627 Additional tests for action tokens
 2017-05-18 14:04:43 +02:00
Hynek Mlnarik
f9767ad6cd KEYCLOAK-4627 Additional tests for action tokens 2017-05-18 12:04:32 +02:00
mposolda
c178a2392d KEYCLOAK-4907 Fix postgresql and mssql. Fix migration 2017-05-17 22:44:44 +02:00
Hynek Mlnarik
10c9e0f00f KEYCLOAK-4897 Tests for assertion-only signatures with encrypted assertions 2017-05-17 15:56:49 +02:00
Marko Strukelj
27b291c345 RHSSO-978 Cannot migrate event types using export/import 2017-05-16 18:52:58 +02:00
Marek Posolda
70d7e07526 Merge pull request #4132 from mposolda/cross-dc4-squash 
KEYCLOAK-4626 KEYCLOAK-4627 Authentication sessions & Action tokens
 2017-05-15 12:46:43 +02:00
Marko Strukelj
7d0ca42c6c RHSSO-402 need a way to dump configuration (including ldap provider config) to a file 2017-05-15 12:13:58 +02:00
Marek Posolda
9804aaf796 Merge pull request #4125 from mtrue01/mtrue01branch 
Fixes for ApacheDS
 2017-05-15 11:03:24 +02:00
Bill Burke
954ef99f22 Merge remote-tracking branch 'upstream/master' 2017-05-12 10:10:29 -04:00
vramik
cc6a5419de KEYCLOAK-4827 Add tests for concurrent use of user session in cache 2017-05-12 14:14:14 +02:00
mposolda
7d8796e614 KEYCLOAK-4626 Support for sticky sessions with AUTH_SESSION_ID cookie. Clustering tests with embedded undertow. Last fixes. 2017-05-11 22:24:07 +02:00
Hynek Mlnarik
b8262a9f02 KEYCLOAK-4628 Single-use cache + its functionality incorporated into reset password token. Utilize single-use cache for relevant actions in execute-actions token 2017-05-11 22:16:26 +02:00
mposolda
db8b733610 KEYCLOAK-4626 Fix TrustStoreEmailTest and PolicyEvaluationCompositeRoleTest. Distribution update 2017-05-11 22:16:26 +02:00
Hynek Mlnarik
c431cc1b01 KEYCLOAK-4627 IdP email account verification + code cleanup. Fix for concurrent access to auth session notes 2017-05-11 22:16:26 +02:00
mposolda
168153c6e7 KEYCLOAK-4626 Authentication sessions - SAML, offline tokens, broker logout and other fixes 2017-05-11 22:16:26 +02:00
Hynek Mlnarik
47aaa5a636 KEYCLOAK-4627 reset credentials and admin e-mails use action tokens. E-mail verification via action tokens. 2017-05-11 22:16:26 +02:00
mposolda
e7272dc05a KEYCLOAK-4626 AuthenticationSessions - brokering works. Few other fixes and tests added 2017-05-11 22:16:26 +02:00
Hynek Mlnarik
b55b089355 KEYCLOAK-4627 Changes in TokenVerifier to include token in exceptions. Reset credentials uses checks to validate individual token aspects 2017-05-11 22:16:26 +02:00
mposolda
a9ec69e424 KEYCLOAK-4626: AuthenticationSessions - working login, registration, resetPassword flows 2017-05-11 22:16:26 +02:00
Hynek Mlnarik
19a41c8704 KEYCLOAK-4627 Refactor TokenVerifier to support more than just access token checks. Action tokens implementation with reset e-mail action converted to AT 2017-05-11 22:16:26 +02:00
mposolda
83b29c5080 KEYCLOAK-4626 AuthenticationSessions: start 2017-05-11 22:16:26 +02:00
mposolda
e4aba9e471 KEYCLOAK-4829 Access token from offline token falsely reported as inactive by token introspection 2017-05-11 21:17:04 +02:00
Mark True
c19d6f36ed KEYCLOAK-4350 fixes test for embedded LDAP for ApacheDS 2017-05-11 09:10:26 -04:00
Stian Thorgersen
c3a2b3a6b6 KEYCLOAK-4523 PBKDF2WithHmacSHA256 and PBKDF2WithHmacSHA512 providers 2017-05-11 11:58:22 +02:00
Bill Burke
bfb4395b28 role and Users finished UI work 2017-05-10 15:25:04 -04:00
Bill Burke
46ec12c41c fixes 2017-05-10 14:19:10 -04:00
Pedro Igor
c0b08a27a2 Test for role policy evaluation 2017-05-09 15:27:19 -03:00
Bill Burke
a8a8ea4bcd Merge remote-tracking branch 'upstream/master' 2017-05-08 13:49:03 -04:00
Bill Burke
f760427c5c fine grain tests 2017-05-08 13:48:51 -04:00
Bill Burke
e1b6ba13cc Merge pull request #3893 from anderius/feature/KEYCLOAK-3056-verify-signature 
[WIP] Saml broker: Added wantAssertionsSigned and wantAssertionsEncrypted
 2017-05-05 09:04:41 -04:00
Pavel Drozd
a8071356bb Merge pull request #4109 from mhajas/KEYCLOAK-4503 
KEYCLOAK-4503 Add test
 2017-05-05 13:06:50 +02:00
Pavel Drozd
ec5860d7f5 Merge pull request #4102 from mhajas/KEYCLOAK-4650 
KEYCLOAK-4650 Add cancel warning test
 2017-05-05 13:06:03 +02:00
Stian Thorgersen
7c2fcaf141 Merge pull request #4113 from stianst/master 
Fixes for product build
 2017-05-05 12:55:33 +02:00
Stian Thorgersen
43f64e51c6 KEYCLOAK-4857 
[RHSSO] async-http-servlet-3.0 missing in newest resteasy
 2017-05-05 12:08:22 +02:00
Marc Heide
d5c643eaf9 KEYCLOAK-4521: consider offline sessions if no active user session was found for user info endpoint 2017-05-04 15:25:09 +02:00
mhajas
b33f7414da KEYCLOAK-4503 Add test 2017-05-03 08:51:26 +02:00
Bill Burke
c3b44e61d4 Merge remote-tracking branch 'upstream/master' 2017-05-01 14:51:07 -04:00
mhajas
618a8e7f90 KEYCLOAK-4650 Add cancel warning test 2017-04-28 14:18:01 +02:00
Stian Thorgersen
bbed1ffca7 Merge pull request #4097 from stianst/KEYCLOAK-4717 
KEYCLOAK-4717 Add test
 2017-04-28 09:42:21 +02:00
Stian Thorgersen
ab8658333f KEYCLOAK-4717 Add test 2017-04-28 09:05:10 +02:00
Eriksson Fabian
ca1152c3e5 KEYCLOAK-4204 Extend brute force protection with permanent lockout on failed attempts 
- Can still use temporary brute force protection.
- After X-1 failed login attempt, if the user successfully logs in his/her fail login count is reset.
 2017-04-28 09:02:10 +02:00
Pavel Drozd
7bcbc9a6af Merge pull request #4042 from daklassen/KEYCLOAK-2976 
KEYCLOAK-2976 Merge two "ClientTest" classes in integration-arquillian
 2017-04-27 17:16:58 +02:00
Stian Thorgersen
87dedb56e5 Set version to 3.2.0.CR1-SNAPSHOT 2017-04-27 14:23:03 +02:00
Pavel Drozd
51e4beccf4 Merge pull request #4076 from vramik/KEYCLOAK-4732 
KEYCLOAK-4732 fix for wildfly
 2017-04-27 08:06:55 +02:00
Bill Burke
c7bdb489ee Merge remote-tracking branch 'upstream/master' 2017-04-26 18:57:56 -04:00
Pedro Igor
389e2b42f1 Test for uma_authorization scope 2017-04-26 16:04:37 -03:00
Bill Burke
2276f99d54 Merge remote-tracking branch 'upstream/master' 2017-04-26 14:39:45 -04:00
Bill Burke
f67013bcb6 fix 2017-04-26 14:39:41 -04:00
Pedro Igor
b78cc63f0d Merge pull request #4084 from pedroigor/KEYCLOAK-4755 
[KEYCLOAK-4755] - Client UI Tests
 2017-04-26 13:29:00 -03:00
Pedro Igor
b84507507d Merge pull request #4079 from mhajas/KEYCLOAK-4769 
KEYCLOAK-4769 Add test for URI priority
 2017-04-26 12:20:53 -03:00
Pedro Igor
fbcfcfa088 [KEYCLOAK-4755] - Client UI Tests 2017-04-26 12:11:53 -03:00
Hynek Mlnarik
d7615d6a68 KEYCLOAK-2122 Configuration of AssertionConsumerServiceUrl in SAML adapter 2017-04-26 11:59:37 +02:00
mhajas
9c0e7cb4a5 KEYCLOAK-4769 Add test for URI priority 2017-04-26 08:32:40 +02:00
Pavel Drozd
f1f2040910 Merge pull request #4000 from mhajas/KEYCLOAK-4703 
KEYCLOAK-4703 Use phantomJS in adapter tests
 2017-04-26 08:04:41 +02:00
John Ament
754b0fd123 KEYCLOAK-4765 - Adding integration tests for adapter module. 2017-04-25 20:29:35 -04:00
Pedro Igor
0ccb98a81f Merge pull request #4078 from pedroigor/KEYCLOAK-3135 
[KEYCLOAK-3135] - Rules UI Tests
 2017-04-25 18:04:09 -03:00
Pedro Igor
5b5cfb01b9 Merge pull request #4077 from pedroigor/KEYCLOAK-4792 
[KEYCLOAK-4792] - Client credentials provider support and making easier to obtain authz client
 2017-04-25 18:03:32 -03:00
Pedro Igor
b3131bf679 [KEYCLOAK-3135] - Rules UI Tests 2017-04-25 16:52:14 -03:00
Pedro Igor
79c9078caa [KEYCLOAK-4792] - Client credentials provider support and making easier to obtain authz client 2017-04-25 14:51:45 -03:00
vramik
a3c57f4326 KEYCLOAK-4732 fix for wildfly 2017-04-25 13:57:14 +02:00
Pedro Igor
ab58779d22 [KEYCLOAK-4732] - Need to run the test using the target testing realm 2017-04-25 08:34:39 -03:00
Pedro Igor
38ae6c981b Merge pull request #4068 from pedroigor/KEYCLOAK-3135 
[KEYCLOAK-3135] - Scope permission UI tests and reusable ui-select2 component
 2017-04-25 08:19:32 -03:00
mposolda
8000baeb1f KEYCLOAK-4789 Can't remove userStorage when linked users have consent 2017-04-25 11:32:26 +02:00
Stian Thorgersen
d081f967ea Merge pull request #4067 from hmlnarik/KEYCLOAK-4779 
KEYCLOAK-4779 Fix NPE
 2017-04-25 10:31:00 +02:00
mposolda
b81891f89b KEYCLOAK-4271 Migration test for offline tokens - manual mode 2017-04-25 09:18:33 +02:00
Pedro Igor
49547ccfbc [KEYCLOAK-3135] - Scope permission UI tests and reusable ui-select2 component 2017-04-24 23:12:46 -03:00
Hynek Mlnarik
e8a65017fa KEYCLOAK-4779 Fix NPE 2017-04-24 23:09:27 +02:00
Pedro Igor
5e57e84384 Merge pull request #4054 from pedroigor/KEYCLOAK-3135 
[KEYCLOAK-3135] - More changes to Policy Management API
 2017-04-24 17:44:07 -03:00
Pedro Igor
5972c94dc8 [KEYCLOAK-3135] - More UI tests 2017-04-24 16:50:23 -03:00
Bill Burke
12cb295a35 Merge remote-tracking branch 'upstream/master' 2017-04-24 10:05:46 -04:00
Bill Burke
58868ca99f prototype 2017-04-24 10:05:39 -04:00
mposolda
d05a894831 KEYCLOAK-4326 KEYCLOAK-4588 Can't get granted consents if client template mappers were consented to 2017-04-24 15:44:38 +02:00
Pedro Igor
e0f753bcf5 [KEYCLOAK-3135] - More changes to Policy Management API 2017-04-24 07:34:08 -03:00
mposolda
1fd5af840b KEYCLOAK-4525 Deleting a client with existing sessions/offline_tokens leads to Internal Server Errors 2017-04-24 11:24:09 +02:00
Pavel Drozd
95fc8f79dd Merge pull request #4051 from mhajas/KEYCLOAK-4505 
KEYCLOAK-4505 Add test of clientSession for script based authenticator
 2017-04-21 13:50:29 +02:00
Pavel Drozd
f50e08d111 Merge pull request #4044 from vmuzikar/adapter-compat-upstream 
KEYCLOAK-4761 Support for Java adapter backward compatibility testing
 2017-04-21 13:49:17 +02:00
Pedro Igor
fa1b998802 Merge pull request #4050 from pedroigor/KEYCLOAK-4769 
[KEYCLOAK-4769] - Policy enforcer path matching tests
 2017-04-20 14:02:59 -03:00
Pedro Igor
df163d86e8 Merge pull request #4052 from pedroigor/KEYCLOAK-4754 
[KEYCLOAK-4754] - Unable to delete realm when using aggregated policies
 2017-04-20 13:23:09 -03:00
Pedro Igor
80a80512ea [KEYCLOAK-4769] - Policy enforcer path matching tests 2017-04-20 13:21:01 -03:00
mhajas
4f66919474 KEYCLOAK-4505 Add tests of clientSession for script based authenticator 2017-04-20 17:10:56 +02:00
Pedro Igor
bf69bc94bb [KEYCLOAK-4754] - Unable to delete realm when using aggregated policies 2017-04-20 12:10:52 -03:00
Pavel Drozd
585653b88e Merge pull request #4038 from vmuzikar/social-fix 
KEYCLOAK-4624 Fix, stabilize and revamp SocialLoginTest
 2017-04-20 13:13:29 +02:00
Vaclav Muzikar
c7a97cfd21 KEYCLOAK-4761 Prepare the testsuite for Java adapter backward compatibility testing 2017-04-19 13:51:24 +02:00
David Klassen
19a59429ae KEYCLOAK-2976 Merge two "ClientTest" classes in integration-arquillian 2017-04-19 13:25:30 +02:00
Stian Thorgersen
4f771ac51a Merge pull request #4027 from abacusresearch/KEYCLOAK-4729_update_german_translation 
KEYCLOAK-4729 Update German translations
 2017-04-18 15:13:39 +02:00
Pedro Igor
ac6eb79b53 [KEYCLOAK-4755] - Changing javadoc and license 2017-04-13 15:59:02 -03:00
Pedro Igor
a415ea3670 [KEYCLOAK-4755] - AuthZ UI Tests 2017-04-13 15:54:52 -03:00
Vaclav Muzikar
32b62b2a70 KEYCLOAK-4624 Fix, stabilize and revamp SocialLoginTest 2017-04-13 13:41:30 +02:00
Pedro Igor
964693077a [KEYCLOAK-4751] - More tests 2017-04-12 18:25:38 -03:00
Pedro Igor
8e877a7f6c [KEYCLOAK-3135] - More tests 2017-04-12 14:34:27 -03:00
Pedro Igor
eec712a259 [KEYCLOAK-3135] - Role and user policies apis 2017-04-12 00:52:14 -03:00
Pedro Igor
54ebc1918c [KEYCLOAK-3135] - Using abstract policy representation when creating policies and updating tests 2017-04-12 00:52:13 -03:00
Pedro Igor
d60dcb4c62 [KEYCLOAK-3135] - Some more tests and making policy type rest api more generic 2017-04-12 00:52:13 -03:00
Pedro Igor
8e64bc3e4d Tests for new permission management rest api 2017-04-12 00:52:13 -03:00
Pedro Igor
cf1e8d1dd8 [KEYCLOAK-3135] - Tests and typos 2017-04-12 00:52:13 -03:00
Pedro Igor
55f747ecd0 [KEYCLOAK-3135] - Part 1: Permission Management API 2017-04-12 00:52:13 -03:00
Pavel Drozd
bfd76d7813 Merge pull request #3962 from mhajas/KEYCLOAK-4366 
KEYCLOAK-4366
 2017-04-10 08:44:52 +02:00
Bill Burke
cf095766c7 Merge pull request #4028 from mtrue01/pullmyothercodefinger 
[KEYCLOAK-3964] NoImport Add coverage for basic test behavior
 2017-04-07 12:26:10 -04:00
Mark True
4daafa56fc [KEYCLOAK-3964] NoImport Add coverage for basic test behavior 2017-04-07 10:37:02 -04:00
Dominik Langenegger
16430791bb KEYCLOAK-4729 Update German translations 2017-04-07 16:03:34 +02:00
Pavel Drozd
5e2446f838 Merge pull request #4025 from mtrue01/pullmycodefinger 
KEYCLOAK-4533 Add test for remove user from ldap
 2017-04-07 16:00:37 +02:00
Pavel Drozd
b18c8c92c5 Merge pull request #4007 from mhajas/KEYCLOAK-4288 
KEYCLOAK-4288 Run tests on EAP7
 2017-04-07 15:35:12 +02:00
Mark True
94d375886f Keycloak 4533 commit 2017-04-07 09:26:22 -04:00
Stian Thorgersen
83d0f313ce Merge pull request #4011 from mstruk/KEYCLOAK-4719 
KEYCLOAK-4719 CLI tests fail when run from within the IDE
 2017-04-07 09:17:19 +02:00
Bill Burke
3ce0c57e17 Merge pull request #3831 from Hitachi/master 
KEYCLOAK-2604 Proof Key for Code Exchange by OAuth Public Clients
 2017-04-06 15:36:08 -04:00
Bill Burke
0fd11d16ee Merge pull request #3983 from bartoszmajsak/oso_typo_fix 
Fixes misspelled config class in Openshift provider
 2017-04-06 15:29:44 -04:00
Bill Burke
c198f4ffa7 Merge pull request #4015 from patriot1burke/master 
KEYCLOAK-4727 KEYCLOAK-4652
 2017-04-06 15:27:49 -04:00
Bill Burke
26db0dd1fc Merge pull request #4016 from pedroigor/KEYCLOAK-4726 
[KEYCLOAK-4726] - Multiple role policies crash realm delete
 2017-04-06 13:21:53 -04:00
Pedro Igor
1f50421a54 [KEYCLOAK-4726] - Multiple role policies crash realm delete 2017-04-06 12:36:03 -03:00
Bill Burke
1b3549f828 oops 2017-04-06 10:49:48 -04:00
Bill Burke
d635e7aadd oops 2017-04-06 10:48:23 -04:00
Bill Burke
201d2c6aac Merge remote-tracking branch 'upstream/master' 2017-04-06 10:44:43 -04:00
Bill Burke
31074c3c8d KEYCLOAK-4727 KEYCLOAK-4652 2017-04-06 10:44:33 -04:00
Stian Thorgersen
af4c74f1d9 Merge pull request #3718 from thomasdarimont/issue/KEYCLOAK-4163-improve-support-for-email-addresses 
KEYCLOAK-4163 Improve support for e-mail addresses
 2017-04-06 15:34:30 +02:00
Marko Strukelj
0269db0e85 KEYCLOAK-4719 CLI tests fail when run from within the IDE 2017-04-06 12:46:05 +02:00
mhajas
670103356f KEYCLOAK-4288 Run tests on EAP7 2017-04-05 10:28:04 +02:00
Marek Posolda
ad1ca78034 Merge pull request #4002 from mposolda/master 
KEYCLOAK-4705 Running test from IDE should log INFO to the console
 2017-04-04 11:52:10 +02:00
Pavel Drozd
30b785c60d Merge pull request #3999 from vmuzikar/ie-fix 
KEYCLOAK-4351 Stabilize TermsAndConditions test in IE
 2017-04-04 10:48:22 +02:00
Pavel Drozd
b4c5eb8354 Merge pull request #3994 from vramik/KEYCLOAK-4534 
KEYCLOAK-4534 ClientInitiatedAccountLinkTest fails with auth-server-w…
 2017-04-04 10:47:36 +02:00
Pavel Drozd
91c3977d71 Merge pull request #3988 from mhajas/KEYCLOAK-3955 
KEYCLOAK-3955
 2017-04-04 10:46:12 +02:00
Pavel Drozd
bb0b3c6470 Merge pull request #3987 from mhajas/KEYCLOAK-3696 
KEYCLOAK-3696 Fix SPFacade servlet
 2017-04-04 10:45:47 +02:00
Pavel Drozd
8036f12114 Merge pull request #3986 from mhajas/KEYCLOAK-4677 
KEYCLOAK-4677 Fix javascript adapter tests
 2017-04-04 10:45:07 +02:00
mposolda
457f183d46 KEYCLOAK-4705 Running test from IDE should log INFO to the console 2017-04-04 10:15:22 +02:00
mhajas
04182d1d44 KEYCLOAK-4703 Use phantomJS in adapter tests 2017-04-04 09:17:00 +02:00
Vaclav Muzikar
5e360cf919 KEYCLOAK-4351 Stabilize TermsAndConditions test in IE 2017-04-04 07:40:16 +02:00
Pedro Igor
f857625d07 [KEYCLOAK-3573] - Elytron adapter CLI scripts and tests. 2017-03-31 11:31:33 -03:00
vramik
ca6d8c9dbe KEYCLOAK-4534 ClientInitiatedAccountLinkTest fails with auth-server-wildlfy 2017-03-30 12:47:51 +02:00
mhajas
3bb587530b KEYCLOAK-3955 2017-03-28 16:05:44 +02:00
mhajas
438ec8d245 Fix SPFacade servlet 2017-03-28 15:12:33 +02:00
mhajas
bc05010ece Fix javascript adapter tests 2017-03-28 15:02:44 +02:00
Stian Thorgersen
0180d54dd9 KEYCLOAK-4668 Exclude modules in product profile 2017-03-28 10:04:20 +02:00
Takashi Norimatsu
ef3aef9381 Merge branch 'master' into master 2017-03-28 16:21:40 +09:00
Vaclav Muzikar
66c13b4a72 KEYCLOAK-4613 Fix Console UI and Social Login tests 2017-03-27 15:25:24 +02:00
mhajas
36fc643bfb KEYCLOAK-4366 2017-03-27 11:22:01 +02:00
Bartosz Majsak
0197600565 Fixes misspelled config class 2017-03-27 09:38:47 +02:00
Pavel Drozd
ed67dcc712 Merge pull request #3975 from vmuzikar/KEYCLOAK-4660 
KEYCLOAK-4660 Add support for Chrome CLI switches to Arquillian Tests…
 2017-03-27 09:38:33 +02:00
Pavel Drozd
4b813ea1d1 Merge pull request #3960 from mhajas/KEYCLOAK-3961 
KEYCLOAK-3961 Fix wrong conflict merge
 2017-03-27 09:37:18 +02:00
Pavel Drozd
4aa996c2db Merge pull request #3959 from mhajas/KEYCLOAK-4141 
KEYCLOAK-4141 Added saml tests
 2017-03-27 09:36:41 +02:00
Pavel Drozd
b1535d4751 Merge pull request #3951 from vramik/KEYCLOAK-4571 
KEYCLOAK-4571 Adapt server-config-migration module for testing both p…
 2017-03-27 09:34:33 +02:00
Bill Burke
71f0c01d4f Merge pull request #3980 from patriot1burke/master 
KEYCLOAK-4664 KEYCLOAK-4665
 2017-03-25 20:12:22 -04:00
Bill Burke
f554fd90db Merge pull request #3911 from almighty/oso_provider 
[KEYCLOAK-4528] Adds Openshift Identity Provider as part of social brokers
 2017-03-25 19:25:44 -04:00
Bill Burke
e5a2642e62 Merge pull request #3978 from pedroigor/KEYCLOAK-3573 
[KEYCLOAK-3573] - Elytron SAML and OIDC Adapters
 2017-03-25 19:24:42 -04:00
Bill Burke
8c2e756732 fix 2017-03-25 19:21:50 -04:00
Bill Burke
dd8a64f30c KEYCLOAK-4664 2017-03-25 11:21:11 -04:00
Pedro Igor
30d7a5b01f [KEYCLOAK-3573] - Elytron SAML and OIDC Adapters 2017-03-24 11:32:08 -03:00
Vaclav Muzikar
6a093abfdb KEYCLOAK-4660 Add support for Chrome CLI switches to Arquillian Testsuite 2017-03-24 12:25:49 +01:00
vramik
49e43e59c4 patch MigrationServerConfigTest 2017-03-24 09:31:53 +01:00
Pavel Drozd
996f60ff57 Merge pull request #3963 from Pepo48/KEYCLOAK-4488 
KEYCLOAK-4488 Fix Auth Flows Console UI tests
 2017-03-24 08:45:48 +01:00
Bill Burke
815e9e8e02 Merge pull request #3968 from vramik/KEYCLOAK-4229 
KEYCLOAK-4229 Add migration test from 2.5.5
 2017-03-23 14:48:39 -04:00
Bill Burke
d1e71acf10 Merge pull request #3961 from jblashka/maxLifespanInvalidationFixes 
KEYCLOAK-4612 Fix CachePolicy.MAX_LIFESPAN invalidation
 2017-03-23 14:25:21 -04:00
Bartosz Majsak
210143738e Merge branch 'master' into oso_provider 2017-03-23 13:45:07 +01:00
vramik
1fccff7e7c KEYCLOAK-4229 Add migration test from 2.5.5 2017-03-22 14:19:35 +01:00
Peter Zaoral
0a8ca19944 KEYCLOAK-4488 Fix Auth Flows Console UI tests 
Signed-off-by: Peter Zaoral <pzaoral@redhat.com>
 2017-03-21 11:16:08 +01:00
mhajas
7c1eb5582a KEYCLOAK-4141 Added saml tests 2017-03-21 10:41:06 +01:00
Jared Blashka
61bd9bb58c Fix CachePolicy.MAX_LIFESPAN invalidation 2017-03-20 22:56:35 -04:00
mhajas
8b8b5174eb KEYCLOAK-3961 Fix wrong conflict merge 2017-03-20 15:04:32 +01:00
Peter Nalyvayko
b2f10359c8 KEYCLOAK-4335: x509 client certificate authentication 
Started on implementing cert thumbprint validation as a part of x509 auth flow. Added a prompt screen to give users a choice to either log in based on the identity extracted from X509 cert or to continue with normal browser login flow authentication; clean up some of the comments

x509 authentication for browser and direct grant flows. Implemented certificate to user mapping based on user attribute

Implemented CRL and OCSP certificate revocation checking and added corresponding configuration settings to set up responderURI (OCSP), a location of a file containing X509CRL entries and switiches to enable/disable revocation checking; reworked the certificate validation; removed superflous logging; changed the certificate authentication prompt page to automatically log in the user after 10 seconds if no response from user is received

Support for loading CRL from LDAP directory; finished the CRL checking using the distribution points in the certificate; updated the instructions how to add X509 authentication to keycloak authentication flows; minor styling changes

Stashing x509 unit test related changes; added the steps to configure mutual SSL in WildFly to the summary document

A minor fix to throw a security exception when unable to check cert revocation status using OCSP; continue working on README

Changes to the formating of the readme

Added a list of features to readme

Fixed a potential bug in X509 cert user authenticator that may cause NPE if the client certificate does not define keyusage or extended key usage extensions

Fixed compile time errors in X509 validators caused by the changes to the user credentials model in upstream master

Removed a superfluous file created when merging x509 and main branches

X509 authentication: removed the PKIX path validation as superflous

Reverted changes to the AbstractAttributeMapper introduced during merging of x509 branch into main

Merge the unit tests from x509 branch

added mockito dependency to services project; changes to the x509 authenticators to expose methods in order to support unit tests; added a default ctor to CertificateValidator class to support unit testing; updated the direct grant and browser x509 authenticators to report consistent status messages; unit tests to validate X509 direct grant and browser authenticators; fixed OCSP validation to throw an exception if the certificate chain contains a single certificate; fixed the CRL revocation validation to only use CRL distribution point validation only if configured

CRL and OSCP mock tests using mock netty server. Changed the certificate validator to better support unit testing.

changes to the mockserver dependency to explicitly exclude xercesImpl that was causing SAMLParsingTest to fail

Added a utility class to build v3 certificates with optional extensions to facilitate X509 unit testing; removed supoerfluous certificate date validity check (undertow should be checking the certificate dates during PKIX path validation anyway)

X509: changes to make configuring the user identity extraction simplier for users - new identity sources to map certificate CN and email (E) attributes from X500 subject and issuer names directly rather than using regular expressions to parse them

X509 fixed a compile error caused by the changes to the user model in master

Integration tests to validate X509 client certificate authentication

Minor tweaks to X509 client auth related integration tests

CRLs to support x509 client cert auth integration tests

X509: reverted the changes to testrealm.json and updated the test to configure the realm at runtime

X509 - changes to the testsuite project configuration to specify a path to a trust store used to test x509 direct grant flow; integration tests to validate x509 authentication in browser and direct grant flows; updated the client certificate to extend its validatity dates; x509 integration tests and authenticators have been refactored to use a common configuration class

X509 separated the browser and direct grant x509 authenction integration tests

x509 updated the authenticator provider test to remove no longer supported cert thumbprint authenticator

x509 removed the dependency on mockito

x509 re-implemented OCSP certificate revocation client used to check revocation status when logging in with x509 certificate to work around the dependency on Sun OCSP implementation; integration tests to verify OCSP revocation requests

index.txt.attr is needed by openssl to run a simple OCSP server

x509: minor grammar fixes

Add OCSP stub responder to integration tests

This commit adds OCSP stub responder needed for the integration tests,
and eliminates the need to run external OCSP responder in order to run
the OCSP in X509OCSPResponderTest.

Replace printStackTrece with logging

This commit replaces call to printStackTrace that will end up going to
the stderr with logging statement of WARN severity.

Remove unused imports

Removed unused imports in
org.keycloak.authentication.authenticators.x509 package.

Parameterized Hashtable variable

Removed unused CertificateFactory variable

Declared serialVersionUID for Serializable class

Removed unused CertificateBuilder class

The CertificateBuilder was not used anywhere in the code, removing it to
prevent technical debt.

Removing unused variable declaration

`response` variable is not used in the test, removed it.

Made sure InputStreams are closed

Even though the InputStreams are memory based, added try-with-resources
to make sure that they are closed.

Removed deprecated usage of URLEncoder

Replaced invocation of deprecated method from URLEncoder with Encode
from Keycloak util package.

Made it more clear how to control OCSP stub responder in the tests

X509 Certificate user authentication: moved the integration unit tests into their own directory to fix a failing travis test job

KEYCLOAK-4335: reduced the logging level; added the instructions how to run X.509 related tests to HOW-TO-RUN.md doc; removed README.md from x509 folder; removed no longer used ocsp profile and fixed the exclusion filter; refactored the x509 base test class that was broken by the recent changes to the integration tests

KEYCLOAK-4335: fixed a few issues after rebasing
 2017-03-17 05:24:57 -04:00
Stian Thorgersen
a87ee04024 Bump to 3.1.0.CR1-SNAPSHOT 2017-03-16 14:21:40 +01:00
vramik
d0992ef9bd KEYCLOAK-4571 Adapt server-config-migration module for testing both project and product 2017-03-16 10:53:14 +01:00
Pavel Drozd
c30cdb5411 Merge pull request #3932 from vmuzikar/KEYCLOAK-4169 
KEYCLOAK-4169 Instructions on how to run UI and Welcome Page tests
 2017-03-15 23:53:49 +01:00
Pavel Drozd
b2d677256d Merge pull request #3877 from mhajas/KEYCLOAK-3955 
KEYCLOAK-3955 Add CORS tests to integration arquillian testsuite
 2017-03-15 23:52:03 +01:00
Stian Thorgersen
feeac69197 Merge pull request #3888 from daklassen/KEYCLOAK-4421 
KEYCLOAK-4421 Change any http maven urls to https to reduce build-time MITM vulnerability
 2017-03-15 09:54:21 +01:00
Stian Thorgersen
44907503a4 Merge pull request #3935 from knutz3n/KEYCLOAK-4559 
KEYCLOAK-4559 Filter users by realm id when search for user by attribute
 2017-03-15 08:44:43 +01:00
Thomas Darimont
b782892769 KEYCLOAK-4163 Improve support for e-mail addresses 
Added support for user friendly email addresses as well as dedicated
reply-to addresses for emails being sent by Keycloak.
Both can be customized via the email settings per realm in
the admin-console.
User friendly email addresses use the format:
"Friendly Name"<email@example.org> and provide way to add a meaning
full name to an e-mail address.

We also allow to specify an optional envelope from bounce address.
If a mail sent to a user could not be delivered the email-provider
will sent a notification to that address.

See: https://en.wikipedia.org/wiki/Bounce_address

Add test for proper email headers in sent messages
 2017-03-14 18:22:54 +01:00
Bill Burke
6d51862057 Merge pull request #3897 from anderius/feature/KEYCLOAK-4504-redirect-logout 
[WIP] Saml broker: Option to specify logout request binding
 2017-03-14 11:32:26 -04:00
Johannes Knutsen
9a0de676c4 KEYCLOAK-4559 Filter users by realm id when searching for user by user attribute 2017-03-14 11:05:12 +01:00
David Klassen
32d3f760ec KEYCLOAK-4421: Change http url to https 
Change any http maven urls to https to reduce build-time MITM vulnerability
 2017-03-14 10:18:40 +01:00
Pedro Igor
9d1d22565c Merge pull request #3938 from pedroigor/authz-fixes 
AuthZ Services Fixes
 2017-03-13 15:20:41 -03:00
Pedro Igor
e7e6314146 [KEYCLOAK-4555] - Fixes and improvements to evaluation code 2017-03-13 14:08:54 -03:00
Marek Posolda
649ca36ece Merge pull request #3945 from mposolda/master 
KEYCLOAK-4572 AccountTest.changeProfileNoAccess unstable
 2017-03-13 15:57:43 +01:00
Pavel Drozd
253c8a342b Merge pull request #3941 from pdrozd/KEYCLOAK-4569 
KEYCLOAK-4569 SSSDTest rewrited to be usable in different enviroments
 2017-03-13 15:50:06 +01:00
Pavel Drozd
71a9d51c56 Merge pull request #3940 from pdrozd/KEYCLOAK-4304 
KEYCLOAK-4304 Updated Kerberos tests to be able to run them on differ…
 2017-03-13 15:49:01 +01:00
Stian Thorgersen
ef164f5e69 Merge pull request #3943 from stianst/TRAVIS 
Add --no-snapshot-updates to Travis builds
 2017-03-13 15:41:05 +01:00
mposolda
aa84709087 KEYCLOAK-4572 AccountTest.changeProfileNoAccess unstable 2017-03-13 13:58:46 +01:00
Stian Thorgersen
2cf4518ffd Disable snapshot for repositories 2017-03-13 09:03:46 +01:00
Pavel Drozd
f32fc99e80 KEYCLOAK-4569 SSSDTest rewrited to be usable in different enviroments 2017-03-13 08:05:30 +01:00
Pavel Drozd
b5433720c1 KEYCLOAK-4304 Updated Kerberos tests to be able to run them on different environment 2017-03-13 08:00:41 +01:00
Pavel Drozd
282896b653 Merge pull request #3930 from vmuzikar/KEYCLOAK-4554-2 
KEYCLOAK-4554 Fix WelcomePage test
 2017-03-10 15:57:47 +01:00
Pavel Drozd
3884dd974a Merge pull request #3925 from vmuzikar/KEYCLOAK-4553 
KEYCLOAK-4553 Truststore not found in Arquillian tests in "other" module
 2017-03-10 15:56:40 +01:00
Vaclav Muzikar
f3e842fdd9 KEYCLOAK-4169 Instructions on how to run UI and Welcome Page tests 2017-03-10 11:26:21 +01:00
Bill Burke
0ff4223184 Merge pull request #3922 from hmlnarik/KEYCLOAK-4288-SAML-logouts-are-not-invalidating-the-sessions-for-all-the-logged-in-applications 
KEYCLOAK-4288 Invalidate sessions in cluster for SAML logouts
 2017-03-09 19:13:37 -05:00
Bill Burke
b618dbd97f Merge pull request #3926 from mrpardijs/KEYCLOAK-4360-Add-SAML-OneTimeUse-Condition 
KEYCLOAK-4360: Add OneTimeUse condition to SAMLResponse
 2017-03-09 19:09:02 -05:00
Vaclav Muzikar
dc2d2cdbde Merge branch 'master' of https://github.com/keycloak/keycloak into KEYCLOAK-4553 2017-03-09 16:54:08 +01:00
Vaclav Muzikar
8b888fdf0c KEYCLOAK-4554 Fix WelcomePage test 2017-03-09 16:41:54 +01:00
Pavel Drozd
11d93994c2 Merge pull request #3919 from vramik/KEYCLOAK-4210 
KEYCLOAK-4210 remove redundant dependency
 2017-03-09 15:49:55 +01:00
Mark Pardijs
c78c0b73d3 KEYCLOAK-4360: Add OneTimeUse condition to SAMLResponse 
Add OneTimeUse Condition to SAMLResponse when configured in client settings
 2017-03-09 13:01:05 +01:00
Vaclav Muzikar
2175f66a30 KEYCLOAK-4553 Truststore not found in Arquillian tests in "other" module 2017-03-09 11:17:42 +01:00
Thomas Darimont
1dea38bdbb KEYCLOAK-4205 Allow to return json arrays in Client and Realm Role Mappers 
Previously the ClientRoleMapper and RealmRoleMapper returned
roles as a comma delimited String in OIDC tokens which
needed to be parsed by client applications.
We now support to generate the role information as JSON
arrays by setting "multi valued" to "true" in the
client role mapper or realm role mappers respectively
which makes it easier for clients to consume.

The default setting for "multi valued" is "false" to
remain backwards compatible.

An example AccessToken that shows the two modes can be found here:
https://gist.github.com/thomasdarimont/dff0cd691cd6e0b5e33c2eb4c76ae5e8
 2017-03-08 20:56:56 +01:00
Bill Burke
efffcc5f41 Merge pull request #3915 from TeliaSoneraNorge/KEYCLOAK-4524 
KEYCLOAK-4524
 2017-03-08 10:08:04 -05:00
Bill Burke
6f2ace538f Merge pull request #3917 from reneploetz/master 
KEYCLOAK-4537 Jetty 9.4 implementation (OIDC/SAML)
 2017-03-08 09:44:33 -05:00
vramik
0c4a1b1489 KEYCLOAK-4210 remove redundant dependency 2017-03-08 10:51:18 +01:00
Pavel Drozd
62876b9694 Merge pull request #3912 from vmuzikar/KEYCLOAK-4526 
KEYCLOAK-4526 Fix Node.js Arquillian tests
 2017-03-07 21:53:30 +01:00
Pavel Drozd
739dae0846 Merge pull request #3908 from vramik/KEYCLOAK-4348 
KEYCLOAK-4348 upgrade maven-surefire-plugin version
 2017-03-07 21:52:24 +01:00
Pavel Drozd
7ab67d205b Merge pull request #3903 from tkyjovsk/KEYCLOAK-4515 
KEYCLOAK-4515 Make it possible to clean-up other DB types than mysql or postgres
 2017-03-07 21:50:48 +01:00
Rene Ploetz
e770a05db0
KEYCLOAK-4537 Jetty 9.4 implementation (OIDC/SAML) 2017-03-06 23:01:24 +01:00
mhajas
213ed6fa4b KEYCLOAK-3955 2017-03-06 10:22:06 +01:00
mhajas
280689055f KEYCLOAK-3961 2017-03-06 10:17:59 +01:00
Bill Burke
05e080624b import after each test 2017-03-03 11:32:48 -05:00
Bill Burke
c6dc59f63e Merge remote-tracking branch 'upstream/master' 2017-03-03 11:00:32 -05:00
Martin Hardselius
a0a85f62c6 KEYCLOAK-4524 possible to add identity prover mappers with same name into single identity provider 
- unique name enforcement working
- test added
 2017-03-03 16:40:49 +01:00
Bill Burke
3bb29e033b KEYCLOAK-4501, KEYCLOAK-4511, KEYCLOAK-4513 2017-03-03 09:48:52 -05:00
Bartosz Majsak
beee0c1e67 Implements social login test for OpenShift 2017-03-03 14:55:40 +01:00
Vaclav Muzikar
b0b0bfdf76 KEYCLOAK-4526 Fix Node.js Arquillian tests 2017-03-03 11:08:13 +01:00
Bartosz Majsak
1a6bb2fedb Adds Openshift Identity Provider as part of social brokers 2017-03-02 15:14:57 +01:00
vramik
a24070c2b0 KEYCLOAK-4348 upgrade maven-surefire-plugin version 2017-03-02 12:09:15 +01:00