Commit graph

70 commits

Author SHA1 Message Date
Takashi Norimatsu
fe5fe4c968 KEYCLOAK-2604 Proof Key for Code Exchange by OAuth Public Clients - RFC
7636 - Client Side Implementation
2017-02-03 12:02:54 +09:00
Stian Thorgersen
6f22f88d85 Bump version to 3.0.0.CR1 2017-01-26 06:18:11 +01:00
Pedro Igor
13e92cdb35 [KEYCLOAK-3261] - Properly handle apps deployed at the ROOT context 2017-01-23 21:27:43 -02:00
Slawomir Dabek
cc788cf44e KEYCLOAK-4222 Remove slash from state parameter 2017-01-19 20:11:18 +01:00
Stian Thorgersen
e805ffd945 Bump version to 2.5.1.Final-SNAPSHOT 2016-12-22 08:22:18 +01:00
Stian Thorgersen
b6b3c04400 Merge pull request #3663 from sldab/autodetect-bearer-only
KEYCLOAK-2962 Autodetect bearer-only clients
2016-12-20 14:05:25 +01:00
Pedro Igor
18b94a2153 [KEYCLOAK-4034] - More logging. 2016-12-20 00:04:59 -02:00
Pedro Igor
0b3e867362 [KEYCLOAK-4034] - Minor changes to policy enforcer 2016-12-19 23:44:51 -02:00
Slawomir Dabek
b6d29ccd30 KEYCLOAK-2962 Autodetect bearrer-only clients
Suport more headers
2016-12-19 17:13:14 +01:00
mposolda
8c99a13387 Minor synchronize update 2016-12-12 13:09:19 +01:00
mhajas
081958e282 KEYCLOAK-4051 Use debug instead of debugf 2016-12-08 09:42:52 +01:00
Bill Burke
7271fdaaaa KEYCLOAK-3509 2016-12-06 18:52:37 -05:00
mposolda
74967737ee KEYCLOAK-3824 Ensure sending notBefore invalidates JWKPublicKeyLocator 2016-12-01 17:07:50 +01:00
mposolda
a38544796f KEYCLOAK-3823 KEYCLOAK-3824 Added public-key-cache-ttl for OIDC adapters. Invalidate cache when notBefore sent 2016-12-01 12:25:07 +01:00
Stian Thorgersen
b771b84f56 Bump to 2.5.0.Final-SNAPSHOT 2016-11-30 15:44:51 +01:00
Stian Thorgersen
6ec82865d3 Bump version to 2.4.1.Final-SNAPSHOT 2016-11-22 14:56:21 +01:00
Pedro Igor
9b2ef96b22 [KEYCLOAK-3830] - Allow to configure enforcement-mode to a path definition 2016-11-17 20:50:28 -02:00
Pedro Igor
44ee53b0d8 [KEYCLOAK-3830] - Only enforce permissions when there is a KeycloakSecurityContext. 2016-11-17 20:50:17 -02:00
Hynek Mlnarik
057cc37b60 KEYCLOAK-1881 Clone OIDC adapter HttpClient tools to SAML adapter
and
KEYCLOAK-1881 Extract httpclient configuration from AdapterConfig
2016-11-04 21:53:43 +01:00
sebastien blanc
621d234adc renaming fields to align with json names 2016-10-27 16:16:30 +02:00
Stian Thorgersen
c615674cbb Bump version 2016-10-21 07:03:15 +02:00
Stian Thorgersen
7f04dd20b3 KEYCLOAK-1862 2016-10-19 17:28:22 +02:00
Stian Thorgersen
d2cae0f8c3 KEYCLOAK-905
Realm key rotation for OIDC
2016-10-13 11:19:52 +02:00
Bill Burke
d4c3fae546 merge conflicts 2016-09-30 19:19:12 -04:00
mposolda
f9a0abcfc4 KEYCLOAK-3493 KEYCLOAK-3532 Added KeyStorageProvider. Support key rotation for OIDC clients and identity providers with JWKS url. 2016-09-30 21:28:23 +02:00
Bill Burke
8967ca4066 refactor mongo entities, optimize imports 2016-09-28 15:25:39 -04:00
Bill Burke
ecc104719d bump pom version 2016-09-26 11:01:18 -04:00
mposolda
bf6246f5c1 KEYCLOAK-905 Realm keys rotation support on adapters 2016-09-12 21:24:04 +02:00
Pedro Igor
ce78cc1d1c [KEYCLOAK-3472] - Multiple paths with the same name and tests 2016-08-31 21:04:36 -03:00
mposolda
a8fb988e31 KEYCLOAK-3406 OIDC dynamic client registrations specs fixes 2016-08-11 15:54:51 +02:00
mposolda
d52e043322 Set version to 2.2.0-SNAPSHOT 2016-08-10 08:57:18 +02:00
Pedro Igor
ae1a7542d8 [KEYCLOAK-3385] - Improvements to evaluation tool UI and result 2016-08-01 18:01:24 -03:00
Pedro Igor
3c8ed8e3d8 [KEYCLOAK-3372] - Code cleanup 2016-07-29 05:18:38 -03:00
mposolda
56e011dce4 KEYCLOAK-3318 Adapter support for prompt and max_age. Refactoring to not hardcode OIDC specifics to CookieAuthenticator 2016-07-21 18:19:53 +02:00
mposolda
7571dc07f9 KEYCLOAK-1733 added verifySSL checks for 'basic' and 'query' authentication 2016-07-20 11:04:31 +02:00
Marek Posolda
e03bf6eef6 Merge pull request #2990 from trex667/feat/keycloak-1733
[KEYCLOAK-1733]: introduce token as query paramter
2016-07-20 10:46:11 +02:00
mposolda
dcc4ea3aea KEYCLOAK-3237 Change OIDC adapters to use scope=openid as required per specs 2016-07-14 23:56:46 +02:00
mposolda
629390dd4a KEYCLOAK-2986 Require either expiration or issuedAt for client authentication with signed JWT 2016-07-08 16:16:38 +02:00
awpwb
159b371973 [KEYCLOAK-1733]: introduce token as query paramter
add functional tests for access token as query paramter
2016-07-06 14:12:23 +02:00
Bill Burke
b224917fc5 bump version 2016-06-30 17:17:53 -04:00
Pedro Igor
afa9471c7c [KEYCLOAK-3128] - Admin Client Authorization Endpoints 2016-06-30 10:26:05 -03:00
Pedro Igor
f48288865b [KEYCLOAK-3156] - Missing CORS when responding with denies 2016-06-22 14:39:07 -03:00
Stian Thorgersen
3c0f7e2ee2 Merge pull request #2617 from pedroigor/KEYCLOAK-2753
[KEYCLOAK-2753] - Fine-grained Authorization Services
2016-06-17 13:40:15 +02:00
Pedro Igor
086c29112a [KEYCLOAK-2753] - Fine-grained Authorization Services 2016-06-17 02:07:34 -03:00
Michaël van de Giessen
55910f5f70 KEYCLOAK-3050 - fix npe on deployment 2016-06-13 20:15:41 +02:00
mposolda
72736e5e47 KEYCLOAK-2028 Add test for token-minimum-time-to-live adapter option 2016-06-09 19:22:15 +02:00
Ben Loy
ec180db39f KEYCLOAK-2028: Add preemptive access token refresh support
Add a new keycloak.json property and mechanism to automatically
refresh access tokens if they are going to expire in less than a configurable
amount of time.
2016-06-09 19:22:15 +02:00
Thomas Raehalme
babe94c50d KEYCLOAK-3016: BasicAuthRequestAuthenticator now consumes HttpEntity also on errors. 2016-05-19 08:47:51 +03:00
Vaclav Muzikar
e6f0da99e6 KEYCLOAK-2995 Revert changes from KEYCLOAK-2989 in JWTClientCredentialsProvider 2016-05-12 10:45:45 +02:00
Vaclav Muzikar
9ad584b34d KEYCLOAK-2989 Extend ClientAuthSignedJWTTest 2016-05-10 13:30:55 +02:00