|
|
5/5/2017 10:04:41 AM
Saml broker: Added wantAssertionsSigned and wantAssertionsEncrypted
|
2/23/2017 5:28:01 PM
This will toggle the flag in the SP Metadata Descriptor, and validate the signature if and only if "Validate signature" is selected. * wantAssertionsEncrypted: This will simply require that the assertion is encrypted. Default behavior is unchanged. The signature validation uses the original XML, and supports therefore an IdP that adds whitespace and line breaks between tags (for example OpenAM).
|
5/5/2017 8:13:02 AM
alerts: two possible NPEs, one possible int overflow
|
4/28/2017 10:54:47 AM
integer multiplication has the potential to overflow before the
result is being cast to the 'long' result.
Details:
https://lgtm.com/projects/g/keycloak/keycloak/snapshot/dist-7900299-1490802114895/files/saml-core/src/main/java/org/keycloak/saml/processing/core/saml/v2/util/XMLTimeUtil.java#V133
|
4/28/2017 10:51:51 AM
logic
The logical-AND operator '&&' evaluates its operands in order, which is
what is required here. The bitwise-AND operator '&' always evaluates all
operands, which will in some cases result in a NPE in the second
operand.
Details:
https://lgtm.com/projects/g/keycloak/keycloak/snapshot/dist-7900299-1490802114895/files/services/src/main/java/org/keycloak/services/resources/admin/RealmAdminResource.java#V543
|
4/28/2017 10:50:30 AM
false logic)
Details:
https://lgtm.com/projects/g/keycloak/keycloak/snapshot/dist-7900299-1490802114895/files/model/jpa/src/main/java/org/keycloak/models/jpa/JpaUserCredentialStore.java#V122
|
5/5/2017 8:06:50 AM
Add test
|
|
|
5/5/2017 8:06:03 AM
Add cancel warning test
|
