alfresco-keycloak

mirror of https://github.com/bmlong137/alfresco-keycloak.git synced 2025-07-07 22:34:42 +00:00

Author	SHA1	Message	Date
AFaust	abf49db783	Prepare release	2021-03-10 20:00:02 +01:00
AFaust	35d07b1616	Extend utility flexible authenticator with access token awareness	2021-01-17 23:20:29 +01:00
AFaust	f9e16e0ef4	Service to obtain tokens for integrations	2021-01-09 16:29:28 +01:00
AFaust	89d8ecc5dc	Add inverse mapping / check	2021-01-08 14:36:25 +01:00
AFaust	ea2a2ee43a	Add reasonable default timeouts - KeycloakDeployment.resolveUrls() blocks otherwise e.g. if realm is misconfigured	2021-01-02 19:21:04 +01:00
AFaust	6f9578ca63	Deal with spurious Share errors in last RC	2020-11-30 19:33:34 +01:00
AFaust	a3e3d9cac9	Release preparation	2020-11-26 17:51:34 +01:00
AFaust	45721fcb53	Consolidate projects / shaded dependencies	2020-10-30 13:31:06 +01:00
AFaust	4ad55b7a77	Subsystem documentation / consistency fixes	2020-10-21 19:04:26 +02:00
AFaust	a31309296a	Adapter documentation / fix confidential port	2020-10-20 23:34:54 +02:00
AFaust	f34b6eed2d	Start proper documentation	2020-10-19 22:28:21 +02:00
AFaust	74f79afa8a	Add suport for user name correction in Share - effectively support login by alternative identity attributes, e.g. Keycloak login by email	2020-09-04 21:39:34 +02:00
AFaust	96746690b3	Update version for next dev iteration + update Keycloak / deps	2020-09-04 21:39:15 +02:00
AFaust	608ca62af6	Prepare RC release	2020-09-01 17:21:27 +02:00
AFaust	5ce816e3ee	Further fixes for inconsistent ACS / Share auth integration	2020-07-28 02:53:39 +02:00
AFaust	f894d79c2e	Share backend token handling + NPE fix	2020-07-25 00:29:57 +02:00
AFaust	65f2804734	Update for next RC release	2020-07-08 12:29:14 +02:00
AFaust	169b1ddb15	Automatic Share Keycloak reauth on session expiration; correct logout handling	2020-07-06 01:57:03 +02:00
AFaust	8c53046cb1	Handle corner cases (e.g. XHR after session timeout)	2020-06-22 12:49:39 +02:00
AFaust	4ca4c66998	RC release for pilot customer deployment	2020-06-09 20:00:51 +02:00
AFaust	4096f741a5	Revise Share token exchange handling - retry if refresh of exchanged token yields invalid token (wrong audience - known case of apparently incorrect Keycloak behaviour) - use custom header instead of redirect patch to have Repository tier not redirect to Keycloak login page on unauthenticated access from Share - activate audience verification which is inactive with Keycloak class defaults	2020-06-05 14:52:18 +02:00
AFaust	399419068f	Update Acosix dependencies; fix use of deprecated API	2020-06-05 14:52:07 +02:00
AFaust	ad82e9dbe0	Update Keycloak version; fix minor issues / ensure minimal plugins enabled - despite not yet having any integration tests, Repository-tier Docker startup needed fixing due to missing Acosix Utility dependency	2020-05-10 15:48:07 +02:00
AFaust	3c71bf6df1	Remove aggressive default for direct auth server access	2020-05-10 15:06:35 +02:00
AFaust	53e05606b9	Re-add snapshot for development until next rc	2020-05-10 15:05:35 +02:00
AFaust	390ca566a3	Translate input to preferred user name	2020-05-10 15:04:57 +02:00
AFaust	d10ff3ddd5	Release candidate	2020-03-08 20:59:47 +01:00
AFaust	be6e807f66	Fix imports	2020-03-08 20:59:02 +01:00
AFaust	9e8d709399	Support role exclusion patterns; default excl. on tech. roles	2020-03-08 20:13:57 +01:00
AFaust	0deb5ee8a8	Improved handling of no-auth web script call in pre-authed session	2020-02-24 23:34:46 +01:00
AFaust	2423d365f9	Basic handling; configurable public API coverage + original URL header	2020-02-21 23:39:31 +01:00
AFaust	94b1253f56	Enhance authority display name	2020-02-20 19:11:38 +01:00
AFaust	d5cfe4a131	Deal with Public v1 ReST API auth	2020-02-20 19:11:20 +01:00
AFaust	55184fe219	Minor ticket refresh / role permission improvements	2020-02-20 01:52:34 +01:00
AFaust	8037689598	More flexible 'freshLogin' handling on Bearer token	2020-02-18 01:33:34 +01:00
AFaust	0fa088f49d	Avoid infinite recursion due proxy bean inheritance	2020-02-17 23:56:33 +01:00
AFaust	b926431d68	Fix token handling due web script remote re-auth - RemoteUserAuthenticator may re-run KeycloakRemoteUserMapper for Bearer authentication - RemoteUserAuthenticator simply re-sets current user without running through regular ticket validation hoops (which we already covered) - need authentication listener to hook into triggered event for re-processing access token - this adds hard-dependency to full acosix-utility module, which is extremely unfortunate - TODO: Move authenticator listener patch (enabling multiple listeners) into utility core, since it can be reasonably considered a non-invasive, baseline patch (does not alter core behaviours) relevant for potentially multiple extensions, which should not necessitate dependency on full utility module with its accompanying set of (more or less) invasive patches	2020-02-17 10:43:45 +01:00
AFaust	9d9f665f29	Add token exchange support for Share/Repo integration	2020-02-17 02:03:57 +01:00
AFaust	32c4fabff0	Some fixups	2020-02-16 16:35:37 +01:00
AFaust	146f91f011	Enable roles for authority lookup / permission management	2020-02-16 15:01:59 +01:00
AFaust	0f974c9f1d	Fix Share working with recent Repository improvements	2020-02-15 01:33:49 +01:00
AFaust	cb9f6c95af	Improve role mapping	2020-02-14 02:11:39 +01:00
AFaust	961eb8b3d9	Update dependencies	2020-02-14 02:10:28 +01:00
AFaust	d82a93f83e	Basic working state of repo-tier subsystem - supports synch of users / groups - supports configurable / extensible attribute mapping - supports configurable / extensible filtering - supports claim / role mapping - supports Keycloak auth redirect, Bearer and Basic authentication - bundles newer Keycloak libraries than Alfresco default via shaded dependency artifacts	2020-01-22 15:18:40 +01:00
AFaust	ad7f404846	General working Keycloak filter state	2019-11-15 17:05:34 +01:00
AFaust	d857dbc9a3	Safe reflection via setter + unit test config elements	2019-09-15 20:25:25 +02:00
AFaust	2db4aaddbe	Initial version	2019-08-21 00:01:40 +02:00

47 Commits