UNIX.dog
/
keycloak
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
21,676 Commits 1 Branch 0 Tags 434 MiB
Commit Graph

214 Commits

Author SHA1 Message Date
Daniel Kobras a45b5dcd90 Prefer cert over pubkey in SAML metadata 
If SAML key material was given as a certificate, consistently
expose the certificate rather than just the public key when
presenting SAML metadata info. This change ensures that the
client obtains sufficient information (eg. issuer) to close
the trust chain.

Closes: #17549

Signed-off-by: Daniel Kobras <kobras@puzzle-itc.de>
 2023-03-29 11:17:24 +02:00
rmartinc cab7e50410 Better handling for SAML signatures in POST and REDIRECT bindings 
Closes https://github.com/keycloak/keycloak/issues/17456
 2023-03-15 09:06:59 -03:00
Jon Koops 972ebb9650
Use a valid SemVer format for the SNAPSHOT version (#17334) 
* Use a valid SemVer format for the SNAPSHOT version

* Update pom.xml

* Update pom.xml

---------

Co-authored-by: Stian Thorgersen <stianst@gmail.com>
Co-authored-by: Stian Thorgersen <stian@redhat.com>
 2023-03-03 11:11:44 +01:00
lpa 3cd413dee1 SOAP backchannel logout for SAML protocol 
Closes #16293
 2023-02-27 14:24:12 +01:00
laskasn dc8b759c3d Use encryption keys rather than sig for crypto in SAML 
Closes #13606

Co-authored-by: mhajas <mhajas@redhat.com>
Co-authored-by: hmlnarik <hmlnarik@redhat.com>
 2023-02-10 12:06:49 +01:00
Hynek Mlnarik 977cc473bb Fix linebreaks in XML / SAML signatures 
See https://bugs.openjdk.org/browse/JDK-8264194
See https://issues.apache.org/jira/browse/SANTUARIO-482

Fixes: #14529
 2023-01-23 15:39:10 +01:00
Alexander Schwartz 0fee33bb95 Normalize JVM heap usage in tests and handle OOM situations 
Closes #16089
 2022-12-20 13:26:07 +01:00
David Anderson a8db79a68c
Introduce crypto module using Wildfly Elytron (#14415) 
Closes #12702
 2022-09-27 08:53:46 +02:00
Sebastian Knauer 21f700679f KEYCLOAK-19866 Fix user-defined- and xml-fragment-parsing/Add XPathAttributeMapper 2022-08-03 13:07:12 +02:00
Marek Posolda 4e4fc16617
Skip adding xmlsec security provider. Adding KeycloakFipsSecurityProvider to workaround 'Security.getInstance("SHA1PRNG")' (#12786) 
Closes #12425 #12853
 2022-07-26 16:40:36 +02:00
Marek Posolda be1e31dc68
Introduce crypto/default module. Refactoring BouncyIntegration (#12692) 
Closes #12625
 2022-06-29 07:17:09 +02:00
Alexander Schwartz 850af55edc Ensure that only JDK 8 APIs are used where JDK 8 is still required. 
Closes #10842
 2022-06-20 14:44:33 -03:00
Stian Thorgersen e49e8335e0
Refactor BouncyIntegration (#12244) 
Closes #12243
 2022-06-07 09:02:00 +02:00
Stian Thorgersen e3f3e65ac5
Remove JDK7 support for adapters (#11607) 
Closes #11606
 2022-04-27 08:33:23 +02:00
Michal Hajas 01e16a569d Remove usage of BiFunction from keycloak-core module 
Closes #11091
 2022-04-04 15:52:09 +02:00
Francis PEROT 7555063ed9 Support 0/1 values for XML boolean attributes 
Closes #10802
 2022-03-31 09:36:35 +02:00
Kohei Tamura 05eb4b376d Update DefaultPicketLinkLogger.java 2022-03-24 10:28:49 +01:00
Kohei Tamura 2c94370e8e KEYCLOAK-19105 Fix to log the root cause of exception 
Please refer to: https://issues.redhat.com/browse/KEYCLOAK-19105
 2022-03-24 10:28:49 +01:00
keycloak-bot c71aa8b711
Set version to 999-SNAPSHOT (#10784) 2022-03-22 09:22:48 +01:00
Yoann Guion 3d470126de include AuthnContextDecl if present during SAML Assertion Serialization 
Closes #10743
 2022-03-16 12:12:35 +01:00
keycloak-bot d9f1a9b207
Set version to 18.0.0-SNAPSHOT (#10165) 2022-02-11 21:28:06 +01:00
Hans-Christian Halfbrodt d9d77fe1f7
Fix for KEYCLOAK-18914 (#9355) 
Closed #9382 

Co-authored-by: Hans-Christian Halfbrodt <hc-github42@halfbrodt.org>
 2022-01-06 18:05:50 +01:00
keycloak-bot 9f3d4a7d42 Set version to 17.0.0-SNAPSHOT 2021-12-20 10:50:39 +01:00
Martin Bartoš 1e1a6779be Issue 8814: Replace deprecated hamcrest-all dependencies 2021-11-23 13:56:28 +01:00
Konstantinos Georgilakis 63c9845cb9 KEYCLOAK-18276 client content screen enhancement 2021-11-18 13:15:02 +01:00
stianst 12c7bc7350 KEYCLOAK-19410 Compile issues in IntelliJ due to imports of sun packages 2021-09-28 14:59:33 +02:00
stianst b04236f7de Fix saml-core issues without changing Java version 2021-09-28 08:11:39 +02:00
stianst 9f79476520 KEYCLOAK-19403 Fix issues in IntelliJ 2021-09-28 08:11:39 +02:00
Sebastian Kanzow 4e8e4592ca [KEYCLOAK-18419] Support SAML 2.0 Encrypted IDs in Assertion 2021-08-03 11:55:36 +02:00
keycloak-bot 262ec3d031 Set version to 16.0.0-SNAPSHOT 2021-07-30 14:56:10 +02:00
Sebastian Kanzow a412bb7b99 [KEYCLOAK-18417] Skip SAML 2.0 AttributeValue with user-defined xsi types 2021-07-30 08:48:25 +02:00
Luca Leonardo Scorcia 6bd7420907 KEYCLOAK-17290 SAML Client - Generate AttributeConsumingService SP metadata section 2021-07-22 21:53:16 +02:00
Martin Bartoš 23e3bc5f8f KEYCLOAK-18466 Configure HTTP client timeouts for adapters 2021-07-22 10:54:59 +02:00
Luca Leonardo Scorcia ae98d8ea28 KEYCLOAK-18315 SAML Client - Add parameter to request specific AttributeConsumingServiceIndex 2021-06-29 16:22:38 +02:00
keycloak-bot 13f7831a77 Set version to 15.0.0-SNAPSHOT 2021-06-18 10:42:27 +02:00
keycloak-bot 4b44f7d566 Set version to 14.0.0-SNAPSHOT 2021-05-06 14:55:01 +02:00
AlistairDoswald 8b3e77bf81 KEYCLOAK-9992 Support for ARTIFACT binding in server to client communication 
Co-authored-by: AlistairDoswald <alistair.doswald@elca.ch>
Co-authored-by: harture <harture414@gmail.com>
Co-authored-by: Michal Hajas <mhajas@redhat.com>
 2021-04-16 12:15:59 +02:00
Luca Leonardo Scorcia dc359e56d4 KEYCLOAK-17329 Allow emitting custom elements in SAML metadata extensions 2021-03-05 20:55:14 +01:00
keycloak-bot 75be33ccad Set version to 13.0.0-SNAPSHOT 2020-12-16 17:31:55 +01:00
Hynek Mlnarik 5c2122d36f KEYCLOAK-16444 Initialize JAXP components consistently 2020-11-25 14:20:19 +01:00
Luca Leonardo Scorcia e8cf1dd92f KEYCLOAK-16325 Forgot the NameQualifier property in SAML2NameIDBuilder 2020-11-16 13:11:40 +01:00
Luca Leonardo Scorcia 637773e265 KEYCLOAK-16325 Introduce SAML2NameIDBuilder for easier creation of NameIDType elements 2020-11-16 10:19:30 +01:00
Roland Werner d544b132f9 KEYCLOAK-15806: 
Extension to SignatureAlgorithm to support more Algorithms (RSA_SHA256_MGF1, RSA_SHA512_MGF1).
    Also included in clients.js and realms.js so it can be chosen as signature algorithm when connecting as SAML client and when brokering through SAML.
 2020-10-15 20:55:27 +02:00
testn 269a72d672 KEYCLOAK-15184: Use static inner class where possible 2020-10-09 23:37:08 +02:00
mhajas e4078933f8 KEYCLOAK-14828 Disable DTD for SAML XML parser 
(cherry picked from commit 37de7de78b2ae0eebee97fe917642bb849325f86)
 2020-09-24 13:35:21 +02:00
Luca Leonardo Scorcia 3973d47bd4 KEYCLOAK-15465 SAML Identity Broker - SP metadata writer always emits AttributeConsumingService isDefault attribute 
The isDefault attribute is defined as optional, yet if it set to null Keycloak incorrectly emits the value isDefault="null".
 2020-09-16 16:44:19 +02:00
Luca Leonardo Scorcia 10077b1efe KEYCLOAK-15485 Add option to enable SAML SP metadata signature 2020-09-16 16:40:45 +02:00
Konstantinos Georgilakis f4f58ab707 KEYCLOAK-15540 correct SAMLAttributeConsumingServiceParser 2020-09-14 16:01:46 +02:00
Dmitry Telegin b62d68a591 KEYCLOAK-14952 - Unit test failure in keycloak-saml-core on Java 11 2020-09-14 11:17:57 +02:00
Luca Leonardo Scorcia 67b2d5ffdd KEYCLOAK-14961 SAML Client: Add ability to request specific AuthnContexts to remote IdPs 2020-09-03 21:25:36 +02:00