Commit graph

9885 commits

Author SHA1 Message Date
Gabriel Lavoie
134daeac7f KEYCLOAK-3303: Allow reuse of refresh tokens.
- Configurable max reuse count.
2017-09-28 15:30:40 -04:00
Pedro Igor
4c71e2ec17 [KEYCLOAK-4439] - Changes for Wildfly 11.0.0.CR1 (#4504)
* [KEYCLOAK-4439] - Changes for Wildfly 11.0.0.CR1

* [KEYCLOAK-5463] - Fixing servlet filter when using elytron adapters
2017-09-28 11:46:17 +02:00
Hynek Mlnařík
d3c30c30d4 Merge pull request #4499 from pskopek/anyTypeAttribute
[KEYCLOAK-4374] Support SAML 2.0 AttributeValue of type anyType and nil in Assertions
2017-09-28 10:39:27 +02:00
mhajas
efb43682a9 KEYCLOAK-5568 Run ConsoleProtection tests only with elytron 2017-09-27 17:45:20 +02:00
pskopek
d478cdfda4 [KEYCLOAK-4374] Support SAML 2.0 AttributeValue of AnyType and nil 2017-09-27 17:12:51 +02:00
Marek Posolda
d6f202e292 Merge pull request #4485 from tkyjovsk/performance-testing
Performance Testsuite
2017-09-27 15:04:33 +02:00
mhajas
01187901ea KEYCLOAK-5555 Use driver from function argument for URL Asserts 2017-09-27 10:09:46 +02:00
Tomas Kyjovsky
f0ce4d4236 Performance Testsuite 2017-09-25 20:06:06 +02:00
Bill Burke
fd025ae76b Merge pull request #4209 from guitaro/feature/group-search-and-pagination
[KEYCLOAK-2538] - groups pagination and group search
2017-09-23 20:52:19 -04:00
Bill Burke
9034708c99 Merge pull request #4474 from hmlnarik/KEYCLOAK-5254-NPE-in-SAMLIdentityProvider
KEYCLOAK-5254 Fix NPE - NameID format is optional
2017-09-23 20:39:50 -04:00
Bill Burke
9db6a5e0df Merge pull request #4497 from thomasdarimont/issue/KEYCLOAK-3599-add-script-based-protocol-mapper
KEYCLOAK-3599 Revise Script based OIDC ProtocolMapper
2017-09-23 20:38:51 -04:00
Bill Burke
f4b4c75d15 Merge pull request #4496 from patriot1burke/master
KEYCLOAK-5518
2017-09-23 19:14:32 -04:00
Thomas Darimont
57c633967a KEYCLOAK-3599 Revise Script based OIDC ProtocolMapper
We now use the `ScriptingProvider` API instead of
using the `ScriptEngineManager` because dynamic
`ScriptEngineManager` lookups might fail in some
environments like JBoss EAP.

Refactored `AbstractOIDCProtocolMapper` to provide
a new version of the `setClaim(..)` method which takes a
`KeycloakSession` as additional argument.
The old `setClaim(..)` method is marked as deprecated and
should be scheduled for removal in a later release.
To ensure backwards compatibility we call the old `setClaim(..)`
from the new `setClaim(..,keycloakSession)` method in order
to not break user implementations of OIDC ProtocolMappers.

The existing OIDC ProtocolMappers which override the old
`setClaim(..)` method should be updated to use the new version
`setClaim(..,keycloakSession)`.

This was necessary to be able to lookup a `ScriptingProvider`.
2017-09-22 22:57:07 +02:00
Bill Burke
1599e6db6e KEYCLOAK-5518 2017-09-22 16:38:50 -04:00
Bill Burke
537081ec9d Merge pull request #4494 from patriot1burke/master
KEYCLOAK-5516
2017-09-22 16:38:13 -04:00
Bill Burke
3020a04a8b Merge pull request #4490 from Fiercely/master
Keycloak 2035
2017-09-22 16:13:22 -04:00
Bill Burke
7067ad1b07 Merge pull request #4495 from thomasdarimont/issue/KEYCLOAK-3599-add-script-based-protocol-mapper
KEYCLOAK-3599 Add Script based OIDC ProtocolMapper
2017-09-22 16:12:20 -04:00
Bill Burke
790e2dc69f fix compiler bug 2017-09-22 15:43:13 -04:00
Thomas Darimont
236b2b9273 KEYCLOAK-3599 Add Script based OIDC ProtocolMapper 2017-09-22 21:24:20 +02:00
Bill Burke
9d452b4bc3 Merge remote-tracking branch 'upstream/master' 2017-09-22 11:48:41 -04:00
Bill Burke
eb4f7f3b21 KEYCLOAK-5516 2017-09-22 11:48:30 -04:00
Antonio Howcroft Ferreira
a551195ddf KEYCLOAK-2035 update with feedback from PR by bburke 2017-09-22 15:05:49 +01:00
howcroft
e78bf5f876 Keycloak 2035
This PR adds:
* an endpoint to Role that lists users with the Role
* a tab "Users in Role" in Admin console Role page
* it is applicable to Realm and Client Roles
* Extends UserQueryProvider with default methods (throwing Runtime Exception if not overriden)
* Testing in base testsuite and Console
2017-09-22 15:05:49 +01:00
Bill Burke
15ddb2009d Merge pull request #4475 from mstruk/KEYCLOAK-5328
KEYCLOAK-5328 Documentation issue for kcadm.sh set-password command
2017-09-21 21:50:16 -04:00
Bill Burke
8667f5ec02 Merge pull request #4492 from tisoft/KEYCLOAK-5510
KEYCLOAK-5510
2017-09-21 21:46:17 -04:00
Bill Burke
05b0189773 Merge pull request #4493 from patriot1burke/master
KEYCLOAK-910 KEYCLOAK-5455
2017-09-21 21:43:50 -04:00
Bill Burke
8ace0e68c3 KEYCLOAK-910 KEYCLOAK-5455 2017-09-21 17:15:18 -04:00
Markus Heberling
79c51a6a80 KEYCLOAK-5510
Allow import of groups with missing subgroups.
2017-09-21 13:11:49 +02:00
Bill Burke
ab58052a4c Merge pull request #4482 from patriot1burke/master
KEYCLOAK-5491 KEYCLOAK-5492 KEYCLOAK-5490
2017-09-19 14:01:40 -04:00
Stan Silvert
7124d93a24 Merge pull request #4487 from ssilvert/kc1250-big-commit
KEYCLOAK-5502: Fix install of node and yarn for account2 profile.
2017-09-19 10:39:38 -04:00
Pavel Drozd
c67a1d0469 Merge pull request #4483 from vmuzikar/KEYCLOAK-5495
KEYCLOAK-5495 Update Arquillian Drone to 2.4.2
2017-09-19 16:34:16 +02:00
Stan Silvert
9d66d55ac1 KEYCLOAK-5502: Fix install of node and yarn for account2 profile. 2017-09-19 09:53:22 -04:00
Stan Silvert
657c68475d Merge pull request #4486 from ssilvert/kc1250-big-commit
KEYCLOAK-1250: Initial commit for new account mgt.
2017-09-18 16:51:18 -04:00
Marek Posolda
ad6e45bf22 Merge pull request #4484 from mposolda/master
KEYCLOAK-5480 Cross-DC setup: Remote cache stores are connecting to infinispan servers in both datacenters
2017-09-18 21:53:42 +02:00
Stan Silvert
c8a4fc2c57 KEYCLOAK-1250: Initial commit for new account mgt. 2017-09-18 15:32:43 -04:00
Marko Strukelj
87cad0d84b KEYCLOAK-5328 Documentation issue for kcadm.sh set-password command 2017-09-18 20:01:31 +02:00
mposolda
18031e2ed3 KEYCLOAK-5498 Update infinispan version to 8.2.8.Final to align with version in Wildfly 2017-09-18 18:05:35 +02:00
mposolda
ca92bcbf7f KEYCLOAK-5480 Cross-DC setup: Remote cache stores are connecting to Infinispan servers in both datacenters 2017-09-18 18:04:04 +02:00
Marek Posolda
fa35249afd Merge pull request #4480 from TeliaSoneraNorge/KEYCLOAK-5494
Fix introspection error for pairwise access tokens
2017-09-18 16:44:24 +02:00
Pedro Igor
e8ef050093 Merge pull request #4471 from pedroigor/KEYCLOAK-5095
[KEYCLOAK-5095] - RPT should contain the RS as audience
2017-09-18 09:32:47 -03:00
Martin Hardselius
6b687c4318 Fix offline validation errors
Refactored token validation method to run user checks only if the user
session is valid.
2017-09-18 11:26:57 +02:00
Vaclav Muzikar
b4aae198fc KEYCLOAK-5495 Update Arquillian Drone to 2.4.2 2017-09-18 09:52:45 +02:00
Bill Burke
2276279434 fix 2017-09-15 17:46:42 -04:00
Bill Burke
5a22b360f1 resolve conflicts 2017-09-15 16:37:35 -04:00
Bill Burke
f927ee7b4e KEYCLOAK-5491 KEYCLOAK-5492 2017-09-15 16:30:45 -04:00
Pavel Drozd
21238ec35c Merge pull request #4472 from mhajas/KEYCLOAK-5286
KEYCLOAK-5286 Add test for failing scenario
2017-09-15 13:38:28 +02:00
Pavel Drozd
42bb09fa31 Merge pull request #4463 from vmuzikar/fix-socialtests
KEYCLOAK-5437 Fix Facebook social login test
2017-09-15 13:37:16 +02:00
Pavel Drozd
34b8c58c0f Merge pull request #4459 from mhajas/KEYCLOAK-5320
KEYCLOAK-5320 Configure SSL using creaper
2017-09-15 13:35:14 +02:00
Bill Burke
3e6adbc904 KEYCLOAK-5490 (#4477) 2017-09-15 11:36:48 +02:00
Martin Hardselius
a4315f4076 Fix introspection error for pairwise access tokens
When access tokens containing a pairwise sub are introspected, user
related checks are using that sub to fetch the UserModel instead of
fetching the user from the UserSession. No corresponding user is found
(or possibly even another user) and the token is reported inactive.

Resolves: KEYCLOAK-5494
2017-09-15 10:31:47 +02:00