inteligr8/alfresco-keycloak
1
0
Fork 0
mirror of https://github.com/bmlong137/alfresco-keycloak.git synced 2025-05-26 21:44:41 +00:00
Code Issues Packages Projects Releases Wiki Activity
72 Commits 7 Branches 7 Tags
Commit Graph

43 Commits

Author SHA1 Message Date
AFaust
4a2f4a5f67 Improve case specific scope use + test realm 2021-10-19 11:43:24 +02:00
AFaust
cff32d017b Test and deal with granular client scopes 2021-10-18 01:36:12 +02:00
AFaust
5933acbb04 Update parent POM / ACS 7 test setup 2021-10-18 01:35:22 +02:00
AFaust
363d09140b Update Keycloak; two Share AMPs for compat with <7.0 + >=7.0 2021-04-15 10:48:38 +02:00
AFaust
abf49db783 Prepare release 2021-03-10 20:00:02 +01:00
AFaust
9477071729 Update actual user object, not just session attribute 2021-02-01 19:09:26 +01:00
AFaust
35d07b1616 Extend utility flexible authenticator with access token awareness 2021-01-17 23:20:29 +01:00
AFaust
ea2a2ee43a Add reasonable default timeouts 
- KeycloakDeployment.resolveUrls() blocks otherwise e.g. if realm is
  misconfigured
 2021-01-02 19:21:04 +01:00
AFaust
6f9578ca63 Deal with spurious Share errors in last RC 2020-11-30 19:33:34 +01:00
AFaust
a3e3d9cac9 Release preparation 2020-11-26 17:51:34 +01:00
AFaust
0dfdc28c50 Further refinement of request context handling 2020-11-04 09:59:17 +01:00
AFaust
f7d78a7a02 Consolidate request context handling 2020-10-30 20:38:29 +01:00
AFaust
45721fcb53 Consolidate projects / shaded dependencies 2020-10-30 13:31:06 +01:00
AFaust
a31309296a Adapter documentation / fix confidential port 2020-10-20 23:34:54 +02:00
AFaust
74f79afa8a Add suport for user name correction in Share 
- effectively support login by alternative identity attributes, e.g.
  Keycloak login by email
 2020-09-04 21:39:34 +02:00
AFaust
96746690b3 Update version for next dev iteration + update Keycloak / deps 2020-09-04 21:39:15 +02:00
AFaust
608ca62af6 Prepare RC release 2020-09-01 17:21:27 +02:00
AFaust
c157daf3dd Further improvements of context handling 
- RequestAttributes init conflicted with some Surf / Alfresco code which
  partially re-initialises request context, skipping user details if
  request attributes contains request (ServletUtil.getRequest())
- consolidate request context handling in doFilter to remove lower-level
  handling in various contexts
 2020-07-30 01:02:04 +02:00
AFaust
f894d79c2e Share backend token handling + NPE fix 2020-07-25 00:29:57 +02:00
AFaust
65f2804734 Update for next RC release 2020-07-08 12:29:14 +02:00
AFaust
169b1ddb15 Automatic Share Keycloak reauth on session expiration; correct logout handling 2020-07-06 01:57:03 +02:00
AFaust
8c53046cb1 Handle corner cases (e.g. XHR after session timeout) 2020-06-22 12:49:39 +02:00
AFaust
4ca4c66998 RC release for pilot customer deployment 2020-06-09 20:00:51 +02:00
AFaust
6e6e21dbf8 Don't override old user groups if refresh fails 2020-06-09 19:49:49 +02:00
AFaust
6298c898e2 Ensure parameter value is not directly written to response 2020-06-05 16:48:17 +02:00
AFaust
1287137cad Login redirect on authentication failure if possible 2020-06-05 16:41:36 +02:00
AFaust
4096f741a5 Revise Share token exchange handling 
- retry if refresh of exchanged token yields invalid token (wrong
  audience - known case of apparently incorrect Keycloak behaviour)
- use custom header instead of redirect patch to have Repository tier not
  redirect to Keycloak login page on unauthenticated access from Share
- activate audience verification which is inactive with Keycloak class
  defaults
 2020-06-05 14:52:18 +02:00
AFaust
399419068f Update Acosix dependencies; fix use of deprecated API 2020-06-05 14:52:07 +02:00
AFaust
3f2b3511da Fix typo in web-fragment 2020-05-10 15:05:54 +02:00
AFaust
53e05606b9 Re-add snapshot for development until next rc 2020-05-10 15:05:35 +02:00
AFaust
d10ff3ddd5 Release candidate 2020-03-08 20:59:47 +01:00
AFaust
f8bdd8ce43 Custom Bearer handling in Share 2020-03-08 20:12:32 +01:00
AFaust
55184fe219 Minor ticket refresh / role permission improvements 2020-02-20 01:52:34 +01:00
AFaust
5e7e439e19 Ensure request context is always set 2020-02-18 01:34:06 +01:00
AFaust
b926431d68 Fix token handling due web script remote re-auth 
- RemoteUserAuthenticator may re-run KeycloakRemoteUserMapper for Bearer
  authentication
- RemoteUserAuthenticator simply re-sets current user without running
  through regular ticket validation hoops (which we already covered)
- need authentication listener to hook into triggered event for
  re-processing access token
- this adds hard-dependency to full acosix-utility module, which is
  extremely unfortunate - TODO: Move authenticator listener patch
  (enabling multiple listeners) into utility core, since it can be
  reasonably considered a non-invasive, baseline patch (does not alter
  core behaviours) relevant for potentially multiple extensions, which
  should not necessitate dependency on full utility module with its
  accompanying set of (more or less) invasive patches
 2020-02-17 10:43:45 +01:00
AFaust
9d9f665f29 Add token exchange support for Share/Repo integration 2020-02-17 02:03:57 +01:00
AFaust
32c4fabff0 Some fixups 2020-02-16 16:35:37 +01:00
AFaust
146f91f011 Enable roles for authority lookup / permission management 2020-02-16 15:01:59 +01:00
AFaust
0f974c9f1d Fix Share working with recent Repository improvements 2020-02-15 01:33:49 +01:00
AFaust
d82a93f83e Basic working state of repo-tier subsystem 
- supports synch of users / groups
- supports configurable / extensible attribute mapping
- supports configurable / extensible filtering
- supports claim / role mapping
- supports Keycloak auth redirect, Bearer and Basic authentication
- bundles newer Keycloak libraries than Alfresco default via shaded
  dependency artifacts
 2020-01-22 15:18:40 +01:00
AFaust
ad7f404846 General working Keycloak filter state 2019-11-15 17:05:34 +01:00
AFaust
d857dbc9a3 Safe reflection via setter + unit test config elements 2019-09-15 20:25:25 +02:00
AFaust
2db4aaddbe Initial version 2019-08-21 00:01:40 +02:00