No description
dad51773ea
Parse scopes to RAR representation and validate them against the requested scopes in the AuthorizationEndpointChecker Parse scopes as RAR representation and add the created context on the different cache models in order to store the state and make it available for mappers in the ClientSessionContext Create a new AuthorizationRequestSpi to provide different implementations for either dynamic scopes or RAR requests parsing Move the AuthorizationRequest objects to server-spi Add the AuthorizationRequestContext property to the MapAuthenticationSessionEntity and configure MapAuthenticationSessionAdapter to access it Remove the AuthorizationRequestContext object from the cache adapters and entities and instead recalculate the RAR representations from scopes every time Refactor the way we parse dynamic scopes and put everything behind the DYNAMIC_SCOPES feature flag Added a login test and added a function to get the requested client scopes, including the dynamic one, behind a feature flag Add a new filter to the Access Token dynamic scopes to avoid adding scopes that are not permitted for a user Add tests around Dynamic Scopes: replaying existing tests while enabling the DYNAMIC_SCOPES feature and adding a few more Test how the server genereates the AuthorizationDetails object Fix formatting, move classes to better packages and fix parent test class by making it Abstract Match Dynamic scopes to Optional scopes only and fix tests Avoid running these tests on remote auth servers |
||
|---|---|---|
| .github | ||
| adapters | ||
| authz | ||
| boms | ||
| common | ||
| core | ||
| dependencies | ||
| distribution | ||
| docs | ||
| examples | ||
| federation | ||
| integration | ||
| misc | ||
| model | ||
| operator | ||
| quarkus | ||
| saml-core | ||
| saml-core-api | ||
| server-spi | ||
| server-spi-private | ||
| services | ||
| testsuite | ||
| themes | ||
| util | ||
| wildfly | ||
| .gitattributes | ||
| .gitignore | ||
| .gitleaks.toml | ||
| ADOPTERS.md | ||
| CONTRIBUTING.md | ||
| get-version.sh | ||
| GOVERNANCE.md | ||
| LICENSE.txt | ||
| MAINTAINERS.md | ||
| maven-settings.xml | ||
| pom.xml | ||
| prod-arguments.json | ||
| README.md | ||
| release.sh | ||
| set-version.sh | ||
Keycloak
Keycloak is an Open Source Identity and Access Management solution for modern Applications and Services.
This repository contains the source code for the Keycloak Server, Java adapters and the JavaScript adapter.
Help and Documentation
- Documentation
- User Mailing List - Mailing list for help and general questions about Keycloak
Reporting Security Vulnerabilities
If you've found a security vulnerability, please look at the instructions on how to properly report it
Reporting an issue
If you believe you have discovered a defect in Keycloak please open an issue. Please remember to provide a good summary, description as well as steps to reproduce the issue.
Getting started
To run Keycloak download the distribution from our website. Unzip and run:
bin/standalone.[sh|bat]
Alternatively, you can use the Docker image by running:
docker run jboss/keycloak
For more details refer to the Keycloak Documentation.
Building from Source
To build from source refer to the building and working with the code base guide.
Testing
To run tests refer to the running tests guide.
Writing Tests
To write tests refer to the writing tests guide.
Contributing
Before contributing to Keycloak please read our contributing guidelines.
Other Keycloak Projects
- Keycloak - Keycloak Server and Java adapters
- Keycloak Documentation - Documentation for Keycloak
- Keycloak QuickStarts - QuickStarts for getting started with Keycloak
- Keycloak Containers - Container images for Keycloak
- Keycloak Node.js Connect - Node.js adapter for Keycloak
- Keycloak Node.js Admin Client - Node.js library for Keycloak Admin REST API