No description
Find a file
Thomas Darimont cd51ff3474 KEYCLOAK-13186 Remove role information from RefreshTokens
We now no longer expose role assignment information into the RefreshToken.

Previously RefreshTokens contained information about the realm and
client specific roles which are assigned to a user. Since the role
information is usually either taken from the AccessToken, IDToken or
the User-Info endpoint and the RefreshToken is an internal format which
is opaque to the client, it would be a waste of space to keep that
information in the RefreshToken.

See:
https://lists.jboss.org/pipermail/keycloak-dev/2019-April/011936.html
2020-03-11 06:28:22 +01:00
.travis Update triggers for Docker Hub 2018-08-20 20:38:57 +02:00
adapters KEYCLOAK-13026 Set path of OAuth_Token_Request_State cookie to / 2020-03-05 16:21:24 +01:00
authz Set version to 9.0.1-SNAPSHOT 2020-02-17 20:38:54 +01:00
boms Set version to 9.0.1-SNAPSHOT 2020-02-17 20:38:54 +01:00
common [KEYCLOAK-12192] - Missing Input Validation in IDP Authorization URLs 2020-03-05 06:32:35 +01:00
core KEYCLOAK-13186 Remove role information from RefreshTokens 2020-03-11 06:28:22 +01:00
dependencies Set version to 9.0.1-SNAPSHOT 2020-02-17 20:38:54 +01:00
distribution [KEYCLOAK-11345] - Test basic features of Keycloak.X with current tetsuite 2020-03-10 15:59:35 +01:00
docs KEYCLOAK-12764 Fix shrinkwrap issue by updating arquillian bom version 2020-02-08 10:51:48 +01:00
examples KEYCLOAK-13003 Remove a mention about providers directory 2020-02-17 17:09:27 +01:00
federation KEYCLOAK-12579: LDAP groups duplicated during UI listing of user groups 2020-03-11 06:14:29 +01:00
integration KEYCLOAK-10330 Force Jackson2 provider to be used by Keycloak admin client, to prevent json-b provider taking over 2020-03-05 14:24:58 +01:00
misc Set version to 9.0.1-SNAPSHOT 2020-02-17 20:38:54 +01:00
model KEYCLOAK-12579: LDAP groups duplicated during UI listing of user groups 2020-03-11 06:14:29 +01:00
quarkus [KEYCLOAK-11345] - Test basic features of Keycloak.X with current tetsuite 2020-03-10 15:59:35 +01:00
saml-core Set version to 9.0.1-SNAPSHOT 2020-02-17 20:38:54 +01:00
saml-core-api Set version to 9.0.1-SNAPSHOT 2020-02-17 20:38:54 +01:00
server-spi KEYCLOAK-12579: LDAP groups duplicated during UI listing of user groups 2020-03-11 06:14:29 +01:00
server-spi-private KEYCLOAK-12579: LDAP groups duplicated during UI listing of user groups 2020-03-11 06:14:29 +01:00
services KEYCLOAK-12579: LDAP groups duplicated during UI listing of user groups 2020-03-11 06:14:29 +01:00
testsuite KEYCLOAK-13186 Remove role information from RefreshTokens 2020-03-11 06:28:22 +01:00
themes KEYCLOAK-13237 Allow look ahead window set to 0 for otp policy 2020-03-10 16:01:57 +01:00
util Set version to 9.0.1-SNAPSHOT 2020-02-17 20:38:54 +01:00
wildfly Set version to 9.0.1-SNAPSHOT 2020-02-17 20:38:54 +01:00
.gitattributes KEYCLOAK-1385 Introduce end-of-line normalization 2015-07-17 13:46:51 +02:00
.gitignore KEYCLOAK-10739: Device Activity UI 2019-09-05 12:22:05 -03:00
.travis.yml KEYCLOAK-11293 Update theme build for keycloak-preview 2020-01-29 05:26:55 -03:00
ADOPTERS.md Add Associazione Rousseau to the adopters 2019-10-09 08:05:46 +02:00
CONTRIBUTING.md [KEYCLOAK-12341] Replace references to Keycloak dev mailing list in the repositories 2019-12-04 15:53:03 +01:00
get-version.sh Added get-version script 2019-03-05 08:42:14 +01:00
GOVERNANCE.md [KEYCLOAK-12341] Replace references to Keycloak dev mailing list in the repositories 2019-12-04 15:53:03 +01:00
LICENSE.txt Added text version of ASL2 license 2019-11-08 12:43:10 +01:00
MAINTAINERS.md Updated MAINTAINERS.md 2019-11-11 09:05:47 +01:00
maven-settings.xml Travis improvements 2019-08-13 11:49:25 -03:00
package-lock.json [KEYCLOAK-12439] Update to Angular 1.7.9 2020-01-30 14:25:29 +01:00
pom.xml KEYCLOAK-12695 Upgrade to openshift-restclient-java 8.0.0.Final 2020-03-02 21:16:45 +01:00
prod-arguments.json KEYCLOAK-11293 Update theme build for keycloak-preview 2020-01-29 05:26:55 -03:00
README.md Update README.md 2019-12-09 21:09:11 +01:00
release.sh Fixes for releasing 2019-03-06 11:38:09 +01:00
set-version.sh Bump versions 2017-11-09 15:37:21 +01:00
travis-run-tests.sh KEYCLOAK-11729: ExtendingThemeTest is failing with auth-server-wildfly (#6410) 2019-11-04 11:27:03 +01:00

Keycloak

Keycloak is an Open Source Identity and Access Management solution for modern Applications and Services.

This repository contains the source code for the Keycloak Server, Java adapters and the JavaScript adapter.

Help and Documentation

Reporting Security Vulnerabilities

If you've found a security vulnerability, please look at the instructions on how to properly report it

Reporting an issue

If you believe you have discovered a defect in Keycloak please open an issue in our Issue Tracker. Please remember to provide a good summary, description as well as steps to reproduce the issue.

Getting started

To run Keycloak download the distribution from our website. Unzip and run:

bin/standalone.[sh|bat] 

Alternatively, you can use the Docker image by running:

docker run jboss/keycloak

For more details refer to the Keycloak Documentation.

Building from Source

To build from source refer to the building and working with the code base guide.

Testing

To run tests refer to the running tests guide.

Writing Tests

To write tests refer to the writing tests guide.

Contributing

Before contributing to Keycloak please read our contributing guidelines.

Other Keycloak Projects

License