23e3bc5f8f
KEYCLOAK-18466 Configure HTTP client timeouts for adapters
2021-07-22 10:54:59 +02:00
44cd6cd5fb
KEYCLOAK-18824 Simplify MapStorageTransaction and move registerEntityForChanges to CHM transaction
2021-07-21 20:58:26 +02:00
3993b73625
KEYCLOAK-18865 CIBATests failing for auth-server-remote
2021-07-21 14:14:01 +02:00
843bbf1bb3
KEYCLOAK-18852 Prevent NPE in case of missing truststore
...
even though the "return null" at the top of the method is called if no truststore is set, the finally block is still executed. And since the keystore is not there an NPE is thrown when calling the remove method.
2021-07-21 14:13:22 +02:00
d29d945cc4
[KEYCLOAK-18857] - Do not force default to RS256 when verifying tokens sent by clients and JWK does not hold an algorithm
2021-07-21 11:09:02 +02:00
2c019c9ce5
KEYCLOAK-18832 FAPI-CIBA-ID1 conformance test : need to return 401 error=invalid_client if client authentication is not successfully completed on Backchannel Authentication endpoint
2021-07-21 10:13:55 +02:00
8df36fbf28
KEYCLOAK-18828 FAPI-CIBA-ID1 conformance test : Additional checks of signed authentication request
2021-07-21 08:19:19 +02:00
61fcbb307b
KEYCLOAK-18830 FAPI-CIBA-ID1 conformance test : HolderOfKeyEnforcerExecutor needs to be executed on CIBA token request
2021-07-21 08:07:50 +02:00
1f3650dcd9
KEYCLOAK-18815 Update MapKeycloakTransaction return types to match MapStorage
2021-07-20 21:48:27 +02:00
54a0e84070
[KEYCLOAK-18741] - Review error messages when validating PAR requests
2021-07-20 14:08:49 -03:00
7f34af4016
Revert "[KEYCLOAK-18425] - Allow mapping user profile attributes"
...
This reverts commit 3e07ca3c
2021-07-20 14:08:09 -03:00
f1ee2826c1
[KEYCLOAK-18805] - Update Portuguese (Brazil) translations
...
- Fix `oauthGrantTitle` typo error
2021-07-20 12:26:29 -03:00
db7e247f7b
KEYCLOAK-18848 KEYCLOAK-18850 Enable CIBA and PAR by default
2021-07-20 15:59:06 +02:00
f154b0b209
KEYCLOAK-18831 FAPI-CIBA-ID1 conformance test : need to return 400 if user authentication is not successfully completed
2021-07-20 10:46:16 +02:00
e2c5fa20a2
KEYCLOAK-18849 Client Policy - Condition : ClientRolesCondition needs to be evaluated on PAR endpoint
2021-07-20 09:41:48 +02:00
396a78bcc4
[KEYCLOAK-18723] - Configurable constraints for request object encryption
2021-07-20 09:28:09 +02:00
730d4e8ac9
[KEYCLOAK-18807] - Fixing claims in JARM responses
2021-07-20 08:23:33 +02:00
13a08362d4
[KEYCLOAK-18819] - SecureResponseType executor shall allow response_type=code when using JARM and response_mode=jwt
2021-07-20 08:16:19 +02:00
f76c07476c
KEYCLOAK-18827 FAPI-CIBA-ID1 conformance test : Client JWT authentication should allow Backchannel Authentication endpoint as audience
2021-07-20 06:39:28 +02:00
02a9eb442d
KEYCLOAK-18829 FAPI-CIBA-ID1 conformance test : ClientRolesCondition needs to be evaluated on CIBA backchannel authentication request and token request
2021-07-20 06:31:10 +02:00
fe4e089e81
[KEYCLOAK-18745] - Client JWT authentication should allow PAR endpoint as audience
2021-07-19 14:23:53 -03:00
8c49478628
KEYCLOAK-18699 Brand logo is not found for admin console ( #8255 )
2021-07-19 12:33:49 -04:00
61aa4e6a70
KEYCLOAK-18750 - Set "Email Verified" to false when email changed in
...
UserProfile Provider
2021-07-19 11:19:29 -03:00
f188f02d03
KEYCLOAK-18826 FAPI-CIBA-ID1 conformance test : ID Token needs to include auth_time claim
2021-07-19 15:11:23 +02:00
63f04c1118
KEYCLOAK-18683 Client policy executor for check Backchannel signed request algorithms matching FAPI compliant algorithms
2021-07-19 14:48:31 +02:00
a79d28f115
[KEYCLOAK-18729] - Support JAR when using PAR
2021-07-19 11:42:20 +02:00
009d4ca445
KEYCLOAK-18747 Turn MapClientEntity into interface + introduce delegates
...
Given that the Map*Entity is turned into an interface, it makes more sense
to use non-primitive types to allow for null values. This enables signalizing
that an entity does not define a particular value, and builds a base for definition
of instances with defaults: If a value is not present in the queried instance
(i.e. is `null`), the value would be obtained from a delegate containing
the defaults.
2021-07-17 15:45:46 +02:00
2c8d4ad9b4
KEYCLOAK-18590 Realm localizations of one realm must not affect themes displayed in context of other realms.
2021-07-16 16:12:58 +02:00
fbaeb18a5f
KEYCLOAK-18471 Added ID to admin event object.
2021-07-16 12:46:07 +02:00
740248fd54
KEYCLOAK-17324 Fix javadoc for CredentialModel
...
* There are errors in the deprecation notes in the javadoc where the new methods are referred.
* Some places where getCredentialData() and getSecretData() have been referred to should actually refer to getPasswordCredentialData() and getPassowordSecretData() respectively for PasswordCredentialModel.
* Similarly, for OTPCredentialModel, getOTPCredentialData() anad getOTPSecretData() should be referred.
2021-07-15 21:20:07 +02:00
47f736f819
KEYCLOAK-17646 tool tip for krb5 multi-SPN config
...
The specified server principal is eventually passed to
createJaasConfigurationForServer() in
com.sun.security.auth.module.Krb5LoginModule, which accepts a special value of
'*' to indicate that tickets for all service principals contained in the given
keytab file should be accepted. This is the only way to allow more than one
service principal name (eg. for a multi-homes setup), and this setting is not
obvious without knowledge of the underlying API.
Signed-off-by: Daniel Kobras <kobras@puzzle-itc.de >
2021-07-15 21:10:42 +02:00
f1face6973
[KEYCLOAK-18748] - Do not remove attributes when declarative provider is enabled
2021-07-15 12:00:39 -03:00
dc1c9b944f
KEYCLOAK-18370 Introduce QueryParameters
2021-07-15 13:25:31 +02:00
7d26b245de
KEYCLOAK-17947 Propagate security domain to ejb
...
same fix as in https://github.com/keycloak/keycloak/pull/5977 just for the offline installer
2021-07-15 08:16:35 -03:00
a25c70784c
KEYCLOAK-18467 support unicode for realm localization texts
2021-07-15 10:30:42 +02:00
a07f3f9608
KEYCLOAK-18688 Add testing composite roles in RoleInvalidationClusterTest
2021-07-15 10:18:57 +02:00
108bd91edc
KEYCLOAK-15909 Add sort in tables
2021-07-15 09:39:02 +02:00
9d0c7ba488
Fix storeToken label association for gitlab idp
2021-07-15 09:31:25 +02:00
7618e66136
[KEYCLOAK-18541] separate template for IDP review page
2021-07-13 21:43:52 -03:00
a8fdd79d1b
KEYCLOAK-17763 Inefficient call to ClientProvider.getClientsStream()
2021-07-12 11:51:15 +02:00
00017b44a3
KEYCLOAK-18311 fix creation of roles during client registration
2021-07-12 11:39:47 +02:00
1baab67f3b
[KEYCLOAK-18630] - Request object encryption support
2021-07-09 11:27:30 -03:00
6686482ba5
[KEYCLOAK-18591] - Support a dynamic IDP user review form
2021-07-09 10:05:26 -03:00
333f77a039
KEYCLOAK-18518 Add expiration lifespan configuration to every distributed and replicated cache
2021-07-09 13:25:56 +02:00
f3a96b9da9
KEYCLOAK-18644 New Account Console Tests failures
2021-07-09 11:56:02 +02:00
7cdcf0f93e
KEYCLOAK-18654 Client Policy - Endpoint : support Token Request by CIBA Backchannel Authentication
2021-07-09 11:24:12 +02:00
43eb2b7c90
KEYCLOAK-18123 Client Policy - Executor : Enforce Backchannel Authentication Request satisfying high security level
2021-07-09 09:11:13 +02:00
63b737545f
KEYCLOAK-18653 Client Policy - Endpoint : support Pushed Authorization Request Endpoint
2021-07-09 09:06:38 +02:00
4099833be8
[KEYCLOAK-18693] - Declarative profile validating read-only attribute if it exists
2021-07-08 15:22:02 -03:00
dce163d3e2
KEYCLOAK-18587 CIBA signed request: Client must configure the algorithm
2021-07-08 10:16:22 +02:00
Martin Bartoš