libre.sh/keycloak-scim
4
0
Fork 0
Code Issues 15 Pull requests Releases 1 Activity Actions

fix: adds hostname:v1 (#26003)

Browse source 
closes: #25336

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
This commit is contained in:
Steven Hawkins 2024-01-17 15:35:23 -05:00 committed by GitHub
parent ba76682590
commit 74b56201c3
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
18 changed files with 127 additions and 95 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

31
common/src/main/java/org/keycloak/common/Profile.java
View file

@ -28,6 +28,7 @@ import java.util.Arrays;
import java.util.Collections;
import java.util.Comparator;
import java.util.HashMap;
import java.util.HashSet;
import java.util.LinkedHashMap;
import java.util.Map;
import java.util.Objects;
@ -104,10 +105,14 @@ public class Profile {
MULTI_SITE("Multi-site support", Type.PREVIEW),
OFFLINE_SESSION_PRELOADING("Offline session preloading", Type.DEPRECATED),
HOSTNAME_V1("Hostname Options V1", Type.DEFAULT),
//HOSTNAME_V2("Hostname Options V2", Type.DEFAULT, 2),
;
private final Type type;
private final String label;
private final String unversionedKey;
private final String key;
private Set<Feature> dependencies;
private int version;
@ -123,8 +128,14 @@ public class Profile {
this.label = label;
this.type = type;
this.version = version;
if (this.version > 1 && !this.name().endsWith("_V" + version)) {
throw new IllegalStateException("It is expected that the enum name ends with the version");
this.key = name().toLowerCase().replaceAll("_", "-");
if (this.name().endsWith("_V" + version)) {
unversionedKey = key.substring(0, key.length() - (String.valueOf(version).length() + 2));
} else {
this.unversionedKey = key;
if (this.version > 1) {
throw new IllegalStateException("It is expected that the enum name ends with the version");
}
}
this.dependencies = Arrays.stream(dependencies).collect(Collectors.toSet());
}
@ -136,7 +147,7 @@ public class Profile {
* {@link #getVersionedKey()} should instead be shown to users where possible.
*/
public String getKey() {
return name().toLowerCase().replaceAll("_", "-");
return key;
}
/**
@ -144,11 +155,7 @@ public class Profile {
* will share this key.
*/
public String getUnversionedKey() {
String key = getKey();
if (version == 1) {
return key;
}
return key.substring(0, key.length() - (String.valueOf(version).length() + 2));
return unversionedKey;
}
/**
@ -195,6 +202,8 @@ public class Profile {
}
}
private static final Set<String> ESSENTIAL_FEATURES = Collections.unmodifiableSet(new HashSet<>(Arrays.asList(Feature.HOSTNAME_V1.getUnversionedKey())));
private static final Logger logger = Logger.getLogger(Profile.class);
private static Profile CURRENT;
@ -220,6 +229,8 @@ public class Profile {
Feature enabledFeature = null;
if (unversionedConfig == FeatureConfig.ENABLED) {
enabledFeature = entry.getValue().iterator().next();
} else if (unversionedConfig == FeatureConfig.DISABLED && ESSENTIAL_FEATURES.contains(unversionedFeature)) {
throw new ProfileException(String.format("Feature %s cannot be disabled.", unversionedFeature));
}
// now check each feature version to ensure consistency and select any features enabled by default
@ -317,6 +328,10 @@ public class Profile {
return Collections.unmodifiableSet(getOrderedFeatures().keySet());
}
public static Set<String> getDisableableUnversionedFeatureNames() {
return getOrderedFeatures().keySet().stream().filter(f -> !ESSENTIAL_FEATURES.contains(f)).collect(Collectors.toSet());
}
/**
* Get all of the feature versions for the given feature. They will be ordered by priority.
* <p>

6
quarkus/config-api/src/main/java/org/keycloak/config/FeatureOptions.java
View file

@ -25,16 +25,16 @@ public class FeatureOptions {
.buildTime(true)
.build();
public static List<String> getFeatureValues(boolean includeVersions) {
public static List<String> getFeatureValues(boolean toEnable) {
List<String> features = new ArrayList<>();
if (includeVersions) {
if (toEnable) {
Profile.getAllUnversionedFeatureNames().forEach(f -> {
features.add(f + "[:" + Profile.getFeatureVersions(f).stream().sorted().map(v -> "v" + v.getVersion())
.collect(Collectors.joining(",")) + "]");
});
} else {
features.addAll(Profile.getAllUnversionedFeatureNames());
features.addAll(Profile.getDisableableUnversionedFeatureNames());
}
features.add(Profile.Feature.Type.PREVIEW.name().toLowerCase());

10
quarkus/runtime/src/main/java/org/keycloak/quarkus/runtime/hostname/DefaultHostnameProvider.java
View file

@ -37,6 +37,8 @@ import java.util.function.Function;
import jakarta.ws.rs.core.UriInfo;
import org.jboss.logging.Logger;
import org.keycloak.Config;
import org.keycloak.common.Profile;
import org.keycloak.common.Profile.Feature;
import org.keycloak.common.enums.SslRequired;
import org.keycloak.common.util.Resteasy;
import org.keycloak.config.HostnameOptions;
@ -44,11 +46,12 @@ import org.keycloak.config.ProxyOptions;
import org.keycloak.config.ProxyOptions.Mode;
import org.keycloak.models.KeycloakSession;
import org.keycloak.models.RealmModel;
import org.keycloak.provider.EnvironmentDependentProviderFactory;
import org.keycloak.urls.HostnameProvider;
import org.keycloak.urls.HostnameProviderFactory;
import org.keycloak.urls.UrlType;
public final class DefaultHostnameProvider implements HostnameProvider, HostnameProviderFactory {
public final class DefaultHostnameProvider implements HostnameProvider, HostnameProviderFactory, EnvironmentDependentProviderFactory {
private static final Logger LOGGER = Logger.getLogger(DefaultHostnameProvider.class);
private static final String REALM_URI_SESSION_ATTRIBUTE = DefaultHostnameProvider.class.getName() + ".realmUrl";
@ -354,4 +357,9 @@ public final class DefaultHostnameProvider implements HostnameProvider, Hostname
return defaultValue;
}
@Override
public boolean isSupported() {
return Profile.isFeatureEnabled(Feature.HOSTNAME_V1);
}
}

10
quarkus/tests/integration/src/test/resources/org/keycloak/it/cli/dist/approvals/cli/help/HelpCommandDistTest.testBuildHelp.unix.approved.txt vendored
View file

@ -51,11 +51,11 @@ Feature:
account2[:v1], account3[:v1], admin-api[:v1], admin-fine-grained-authz[:v1],
admin2[:v1], authorization[:v1], ciba[:v1], client-policies[:v1],
client-secret-rotation[:v1], device-flow[:v1], docker[:v1], dpop[:v1],
dynamic-scopes[:v1], fips[:v1], impersonation[:v1], js-adapter[:v1], kerberos
[:v1], linkedin-oauth[:v1], multi-site[:v1], offline-session-preloading[:
v1], par[:v1], preview, recovery-codes[:v1], scripts[:v1],
step-up-authentication[:v1], token-exchange[:v1], transient-users[:v1],
update-email[:v1], web-authn[:v1].
dynamic-scopes[:v1], fips[:v1], hostname[:v1], impersonation[:v1], js-adapter
[:v1], kerberos[:v1], linkedin-oauth[:v1], multi-site[:v1],
offline-session-preloading[:v1], par[:v1], preview, recovery-codes[:v1],
scripts[:v1], step-up-authentication[:v1], token-exchange[:v1],
transient-users[:v1], update-email[:v1], web-authn[:v1].
--features-disabled <feature>
Disables a set of one or more features. Possible values are: account-api,
account2, account3, admin-api, admin-fine-grained-authz, admin2,

12
quarkus/tests/integration/src/test/resources/org/keycloak/it/cli/dist/approvals/cli/help/HelpCommandDistTest.testBuildHelp.windows.approved.txt vendored
View file

@ -36,6 +36,8 @@ Database:
--db <vendor> The database vendor. Possible values are: dev-file, dev-mem, mariadb, mssql,
mysql, oracle, postgres. Default: dev-file.
--db-driver <driver> The fully qualified class name of the JDBC driver. If not set, a default
driver is set accordingly to the chosen database.
Transaction:
@ -49,11 +51,11 @@ Feature:
account2[:v1], account3[:v1], admin-api[:v1], admin-fine-grained-authz[:v1],
admin2[:v1], authorization[:v1], ciba[:v1], client-policies[:v1],
client-secret-rotation[:v1], device-flow[:v1], docker[:v1], dpop[:v1],
dynamic-scopes[:v1], fips[:v1], impersonation[:v1], js-adapter[:v1], kerberos
[:v1], linkedin-oauth[:v1], multi-site[:v1], offline-session-preloading[:
v1], par[:v1], preview, recovery-codes[:v1], scripts[:v1],
step-up-authentication[:v1], token-exchange[:v1], transient-users[:v1],
update-email[:v1], web-authn[:v1].
dynamic-scopes[:v1], fips[:v1], hostname[:v1], impersonation[:v1], js-adapter
[:v1], kerberos[:v1], linkedin-oauth[:v1], multi-site[:v1],
offline-session-preloading[:v1], par[:v1], preview, recovery-codes[:v1],
scripts[:v1], step-up-authentication[:v1], token-exchange[:v1],
transient-users[:v1], update-email[:v1], web-authn[:v1].
--features-disabled <feature>
Disables a set of one or more features. Possible values are: account-api,
account2, account3, admin-api, admin-fine-grained-authz, admin2,

10
quarkus/tests/integration/src/test/resources/org/keycloak/it/cli/dist/approvals/cli/help/HelpCommandDistTest.testExportHelp.unix.approved.txt vendored
View file

@ -60,11 +60,11 @@ Feature:
account2[:v1], account3[:v1], admin-api[:v1], admin-fine-grained-authz[:v1],
admin2[:v1], authorization[:v1], ciba[:v1], client-policies[:v1],
client-secret-rotation[:v1], device-flow[:v1], docker[:v1], dpop[:v1],
dynamic-scopes[:v1], fips[:v1], impersonation[:v1], js-adapter[:v1], kerberos
[:v1], linkedin-oauth[:v1], multi-site[:v1], offline-session-preloading[:
v1], par[:v1], preview, recovery-codes[:v1], scripts[:v1],
step-up-authentication[:v1], token-exchange[:v1], transient-users[:v1],
update-email[:v1], web-authn[:v1].
dynamic-scopes[:v1], fips[:v1], hostname[:v1], impersonation[:v1], js-adapter
[:v1], kerberos[:v1], linkedin-oauth[:v1], multi-site[:v1],
offline-session-preloading[:v1], par[:v1], preview, recovery-codes[:v1],
scripts[:v1], step-up-authentication[:v1], token-exchange[:v1],
transient-users[:v1], update-email[:v1], web-authn[:v1].
--features-disabled <feature>
Disables a set of one or more features. Possible values are: account-api,
account2, account3, admin-api, admin-fine-grained-authz, admin2,

10
quarkus/tests/integration/src/test/resources/org/keycloak/it/cli/dist/approvals/cli/help/HelpCommandDistTest.testExportHelpAll.unix.approved.txt vendored
View file

@ -60,11 +60,11 @@ Feature:
account2[:v1], account3[:v1], admin-api[:v1], admin-fine-grained-authz[:v1],
admin2[:v1], authorization[:v1], ciba[:v1], client-policies[:v1],
client-secret-rotation[:v1], device-flow[:v1], docker[:v1], dpop[:v1],
dynamic-scopes[:v1], fips[:v1], impersonation[:v1], js-adapter[:v1], kerberos
[:v1], linkedin-oauth[:v1], multi-site[:v1], offline-session-preloading[:
v1], par[:v1], preview, recovery-codes[:v1], scripts[:v1],
step-up-authentication[:v1], token-exchange[:v1], transient-users[:v1],
update-email[:v1], web-authn[:v1].
dynamic-scopes[:v1], fips[:v1], hostname[:v1], impersonation[:v1], js-adapter
[:v1], kerberos[:v1], linkedin-oauth[:v1], multi-site[:v1],
offline-session-preloading[:v1], par[:v1], preview, recovery-codes[:v1],
scripts[:v1], step-up-authentication[:v1], token-exchange[:v1],
transient-users[:v1], update-email[:v1], web-authn[:v1].
--features-disabled <feature>
Disables a set of one or more features. Possible values are: account-api,
account2, account3, admin-api, admin-fine-grained-authz, admin2,

10
quarkus/tests/integration/src/test/resources/org/keycloak/it/cli/dist/approvals/cli/help/HelpCommandDistTest.testImportHelp.unix.approved.txt vendored
View file

@ -60,11 +60,11 @@ Feature:
account2[:v1], account3[:v1], admin-api[:v1], admin-fine-grained-authz[:v1],
admin2[:v1], authorization[:v1], ciba[:v1], client-policies[:v1],
client-secret-rotation[:v1], device-flow[:v1], docker[:v1], dpop[:v1],
dynamic-scopes[:v1], fips[:v1], impersonation[:v1], js-adapter[:v1], kerberos
[:v1], linkedin-oauth[:v1], multi-site[:v1], offline-session-preloading[:
v1], par[:v1], preview, recovery-codes[:v1], scripts[:v1],
step-up-authentication[:v1], token-exchange[:v1], transient-users[:v1],
update-email[:v1], web-authn[:v1].
dynamic-scopes[:v1], fips[:v1], hostname[:v1], impersonation[:v1], js-adapter
[:v1], kerberos[:v1], linkedin-oauth[:v1], multi-site[:v1],
offline-session-preloading[:v1], par[:v1], preview, recovery-codes[:v1],
scripts[:v1], step-up-authentication[:v1], token-exchange[:v1],
transient-users[:v1], update-email[:v1], web-authn[:v1].
--features-disabled <feature>
Disables a set of one or more features. Possible values are: account-api,
account2, account3, admin-api, admin-fine-grained-authz, admin2,

10
quarkus/tests/integration/src/test/resources/org/keycloak/it/cli/dist/approvals/cli/help/HelpCommandDistTest.testImportHelpAll.unix.approved.txt vendored
View file

@ -60,11 +60,11 @@ Feature:
account2[:v1], account3[:v1], admin-api[:v1], admin-fine-grained-authz[:v1],
admin2[:v1], authorization[:v1], ciba[:v1], client-policies[:v1],
client-secret-rotation[:v1], device-flow[:v1], docker[:v1], dpop[:v1],
dynamic-scopes[:v1], fips[:v1], impersonation[:v1], js-adapter[:v1], kerberos
[:v1], linkedin-oauth[:v1], multi-site[:v1], offline-session-preloading[:
v1], par[:v1], preview, recovery-codes[:v1], scripts[:v1],
step-up-authentication[:v1], token-exchange[:v1], transient-users[:v1],
update-email[:v1], web-authn[:v1].
dynamic-scopes[:v1], fips[:v1], hostname[:v1], impersonation[:v1], js-adapter
[:v1], kerberos[:v1], linkedin-oauth[:v1], multi-site[:v1],
offline-session-preloading[:v1], par[:v1], preview, recovery-codes[:v1],
scripts[:v1], step-up-authentication[:v1], token-exchange[:v1],
transient-users[:v1], update-email[:v1], web-authn[:v1].
--features-disabled <feature>
Disables a set of one or more features. Possible values are: account-api,
account2, account3, admin-api, admin-fine-grained-authz, admin2,

10
quarkus/tests/integration/src/test/resources/org/keycloak/it/cli/dist/approvals/cli/help/HelpCommandDistTest.testStartDevHelp.unix.approved.txt vendored
View file

@ -76,11 +76,11 @@ Feature:
account2[:v1], account3[:v1], admin-api[:v1], admin-fine-grained-authz[:v1],
admin2[:v1], authorization[:v1], ciba[:v1], client-policies[:v1],
client-secret-rotation[:v1], device-flow[:v1], docker[:v1], dpop[:v1],
dynamic-scopes[:v1], fips[:v1], impersonation[:v1], js-adapter[:v1], kerberos
[:v1], linkedin-oauth[:v1], multi-site[:v1], offline-session-preloading[:
v1], par[:v1], preview, recovery-codes[:v1], scripts[:v1],
step-up-authentication[:v1], token-exchange[:v1], transient-users[:v1],
update-email[:v1], web-authn[:v1].
dynamic-scopes[:v1], fips[:v1], hostname[:v1], impersonation[:v1], js-adapter
[:v1], kerberos[:v1], linkedin-oauth[:v1], multi-site[:v1],
offline-session-preloading[:v1], par[:v1], preview, recovery-codes[:v1],
scripts[:v1], step-up-authentication[:v1], token-exchange[:v1],
transient-users[:v1], update-email[:v1], web-authn[:v1].
--features-disabled <feature>
Disables a set of one or more features. Possible values are: account-api,
account2, account3, admin-api, admin-fine-grained-authz, admin2,

19
quarkus/tests/integration/src/test/resources/org/keycloak/it/cli/dist/approvals/cli/help/HelpCommandDistTest.testStartDevHelp.windows.approved.txt vendored
View file

@ -76,18 +76,19 @@ Feature:
account2[:v1], account3[:v1], admin-api[:v1], admin-fine-grained-authz[:v1],
admin2[:v1], authorization[:v1], ciba[:v1], client-policies[:v1],
client-secret-rotation[:v1], device-flow[:v1], docker[:v1], dpop[:v1],
dynamic-scopes[:v1], fips[:v1], impersonation[:v1], js-adapter[:v1], kerberos
[:v1], linkedin-oauth[:v1], multi-site[:v1], par[:v1], preview,
recovery-codes[:v1], scripts[:v1], step-up-authentication[:v1],
token-exchange[:v1], transient-users[:v1], update-email[:v1], web-authn[:v1].
dynamic-scopes[:v1], fips[:v1], hostname[:v1], impersonation[:v1], js-adapter
[:v1], kerberos[:v1], linkedin-oauth[:v1], multi-site[:v1],
offline-session-preloading[:v1], par[:v1], preview, recovery-codes[:v1],
scripts[:v1], step-up-authentication[:v1], token-exchange[:v1],
transient-users[:v1], update-email[:v1], web-authn[:v1].
--features-disabled <feature>
Disables a set of one or more features. Possible values are: account-api,
account2, account3, admin-api, admin-fine-grained-authz, admin2,
authorization, ciba, client-policies, client-secret-rotation, device-flow,
docker, dpop, dynamic-scopes, fips, impersonation, js-adapter, kerberos,
linkedin-oauth, multi-site, par, preview, recovery-codes, scripts,
step-up-authentication, token-exchange, transient-users, update-email,
web-authn.
linkedin-oauth, multi-site, offline-session-preloading, par, preview,
recovery-codes, scripts, step-up-authentication, token-exchange,
transient-users, update-email, web-authn.
Hostname:
@ -275,5 +276,5 @@ Security:
Do NOT start the server using this command when deploying to production.
Use 'kc.bat start-dev --help-all' to list all available options, including
build options.
Use 'kc.bat start-dev --help-all' to list all available options, including build
options.

10
quarkus/tests/integration/src/test/resources/org/keycloak/it/cli/dist/approvals/cli/help/HelpCommandDistTest.testStartDevHelpAll.unix.approved.txt vendored
View file

@ -76,11 +76,11 @@ Feature:
account2[:v1], account3[:v1], admin-api[:v1], admin-fine-grained-authz[:v1],
admin2[:v1], authorization[:v1], ciba[:v1], client-policies[:v1],
client-secret-rotation[:v1], device-flow[:v1], docker[:v1], dpop[:v1],
dynamic-scopes[:v1], fips[:v1], impersonation[:v1], js-adapter[:v1], kerberos
[:v1], linkedin-oauth[:v1], multi-site[:v1], offline-session-preloading[:
v1], par[:v1], preview, recovery-codes[:v1], scripts[:v1],
step-up-authentication[:v1], token-exchange[:v1], transient-users[:v1],
update-email[:v1], web-authn[:v1].
dynamic-scopes[:v1], fips[:v1], hostname[:v1], impersonation[:v1], js-adapter
[:v1], kerberos[:v1], linkedin-oauth[:v1], multi-site[:v1],
offline-session-preloading[:v1], par[:v1], preview, recovery-codes[:v1],
scripts[:v1], step-up-authentication[:v1], token-exchange[:v1],
transient-users[:v1], update-email[:v1], web-authn[:v1].
--features-disabled <feature>
Disables a set of one or more features. Possible values are: account-api,
account2, account3, admin-api, admin-fine-grained-authz, admin2,

19
quarkus/tests/integration/src/test/resources/org/keycloak/it/cli/dist/approvals/cli/help/HelpCommandDistTest.testStartDevHelpAll.windows.approved.txt vendored
View file

@ -76,18 +76,19 @@ Feature:
account2[:v1], account3[:v1], admin-api[:v1], admin-fine-grained-authz[:v1],
admin2[:v1], authorization[:v1], ciba[:v1], client-policies[:v1],
client-secret-rotation[:v1], device-flow[:v1], docker[:v1], dpop[:v1],
dynamic-scopes[:v1], fips[:v1], impersonation[:v1], js-adapter[:v1], kerberos
[:v1], linkedin-oauth[:v1], multi-site[:v1], par[:v1], preview,
recovery-codes[:v1], scripts[:v1], step-up-authentication[:v1],
token-exchange[:v1], transient-users[:v1], update-email[:v1], web-authn[:v1].
dynamic-scopes[:v1], fips[:v1], hostname[:v1], impersonation[:v1], js-adapter
[:v1], kerberos[:v1], linkedin-oauth[:v1], multi-site[:v1],
offline-session-preloading[:v1], par[:v1], preview, recovery-codes[:v1],
scripts[:v1], step-up-authentication[:v1], token-exchange[:v1],
transient-users[:v1], update-email[:v1], web-authn[:v1].
--features-disabled <feature>
Disables a set of one or more features. Possible values are: account-api,
account2, account3, admin-api, admin-fine-grained-authz, admin2,
authorization, ciba, client-policies, client-secret-rotation, device-flow,
docker, dpop, dynamic-scopes, fips, impersonation, js-adapter, kerberos,
linkedin-oauth, multi-site, par, preview, recovery-codes, scripts,
step-up-authentication, token-exchange, transient-users, update-email,
web-authn.
linkedin-oauth, multi-site, offline-session-preloading, par, preview,
recovery-codes, scripts, step-up-authentication, token-exchange,
transient-users, update-email, web-authn.
Hostname:
@ -275,5 +276,5 @@ Security:
Do NOT start the server using this command when deploying to production.
Use 'kc.bat start-dev --help-all' to list all available options, including
build options.
Use 'kc.bat start-dev --help-all' to list all available options, including build
options.

10
quarkus/tests/integration/src/test/resources/org/keycloak/it/cli/dist/approvals/cli/help/HelpCommandDistTest.testStartHelp.unix.approved.txt vendored
View file

@ -77,11 +77,11 @@ Feature:
account2[:v1], account3[:v1], admin-api[:v1], admin-fine-grained-authz[:v1],
admin2[:v1], authorization[:v1], ciba[:v1], client-policies[:v1],
client-secret-rotation[:v1], device-flow[:v1], docker[:v1], dpop[:v1],
dynamic-scopes[:v1], fips[:v1], impersonation[:v1], js-adapter[:v1], kerberos
[:v1], linkedin-oauth[:v1], multi-site[:v1], offline-session-preloading[:
v1], par[:v1], preview, recovery-codes[:v1], scripts[:v1],
step-up-authentication[:v1], token-exchange[:v1], transient-users[:v1],
update-email[:v1], web-authn[:v1].
dynamic-scopes[:v1], fips[:v1], hostname[:v1], impersonation[:v1], js-adapter
[:v1], kerberos[:v1], linkedin-oauth[:v1], multi-site[:v1],
offline-session-preloading[:v1], par[:v1], preview, recovery-codes[:v1],
scripts[:v1], step-up-authentication[:v1], token-exchange[:v1],
transient-users[:v1], update-email[:v1], web-authn[:v1].
--features-disabled <feature>
Disables a set of one or more features. Possible values are: account-api,
account2, account3, admin-api, admin-fine-grained-authz, admin2,

15
quarkus/tests/integration/src/test/resources/org/keycloak/it/cli/dist/approvals/cli/help/HelpCommandDistTest.testStartHelp.windows.approved.txt vendored
View file

@ -77,18 +77,19 @@ Feature:
account2[:v1], account3[:v1], admin-api[:v1], admin-fine-grained-authz[:v1],
admin2[:v1], authorization[:v1], ciba[:v1], client-policies[:v1],
client-secret-rotation[:v1], device-flow[:v1], docker[:v1], dpop[:v1],
dynamic-scopes[:v1], fips[:v1], impersonation[:v1], js-adapter[:v1], kerberos
[:v1], linkedin-oauth[:v1], multi-site[:v1], par[:v1], preview,
recovery-codes[:v1], scripts[:v1], step-up-authentication[:v1],
token-exchange[:v1], transient-users[:v1], update-email[:v1], web-authn[:v1].
dynamic-scopes[:v1], fips[:v1], hostname[:v1], impersonation[:v1], js-adapter
[:v1], kerberos[:v1], linkedin-oauth[:v1], multi-site[:v1],
offline-session-preloading[:v1], par[:v1], preview, recovery-codes[:v1],
scripts[:v1], step-up-authentication[:v1], token-exchange[:v1],
transient-users[:v1], update-email[:v1], web-authn[:v1].
--features-disabled <feature>
Disables a set of one or more features. Possible values are: account-api,
account2, account3, admin-api, admin-fine-grained-authz, admin2,
authorization, ciba, client-policies, client-secret-rotation, device-flow,
docker, dpop, dynamic-scopes, fips, impersonation, js-adapter, kerberos,
linkedin-oauth, multi-site, par, preview, recovery-codes, scripts,
step-up-authentication, token-exchange, transient-users, update-email,
web-authn.
linkedin-oauth, multi-site, offline-session-preloading, par, preview,
recovery-codes, scripts, step-up-authentication, token-exchange,
transient-users, update-email, web-authn.
Hostname:

10
quarkus/tests/integration/src/test/resources/org/keycloak/it/cli/dist/approvals/cli/help/HelpCommandDistTest.testStartHelpAll.unix.approved.txt vendored
View file

@ -77,11 +77,11 @@ Feature:
account2[:v1], account3[:v1], admin-api[:v1], admin-fine-grained-authz[:v1],
admin2[:v1], authorization[:v1], ciba[:v1], client-policies[:v1],
client-secret-rotation[:v1], device-flow[:v1], docker[:v1], dpop[:v1],
dynamic-scopes[:v1], fips[:v1], impersonation[:v1], js-adapter[:v1], kerberos
[:v1], linkedin-oauth[:v1], multi-site[:v1], offline-session-preloading[:
v1], par[:v1], preview, recovery-codes[:v1], scripts[:v1],
step-up-authentication[:v1], token-exchange[:v1], transient-users[:v1],
update-email[:v1], web-authn[:v1].
dynamic-scopes[:v1], fips[:v1], hostname[:v1], impersonation[:v1], js-adapter
[:v1], kerberos[:v1], linkedin-oauth[:v1], multi-site[:v1],
offline-session-preloading[:v1], par[:v1], preview, recovery-codes[:v1],
scripts[:v1], step-up-authentication[:v1], token-exchange[:v1],
transient-users[:v1], update-email[:v1], web-authn[:v1].
--features-disabled <feature>
Disables a set of one or more features. Possible values are: account-api,
account2, account3, admin-api, admin-fine-grained-authz, admin2,

15
quarkus/tests/integration/src/test/resources/org/keycloak/it/cli/dist/approvals/cli/help/HelpCommandDistTest.testStartHelpAll.windows.approved.txt vendored
View file

@ -77,18 +77,19 @@ Feature:
account2[:v1], account3[:v1], admin-api[:v1], admin-fine-grained-authz[:v1],
admin2[:v1], authorization[:v1], ciba[:v1], client-policies[:v1],
client-secret-rotation[:v1], device-flow[:v1], docker[:v1], dpop[:v1],
dynamic-scopes[:v1], fips[:v1], impersonation[:v1], js-adapter[:v1], kerberos
[:v1], linkedin-oauth[:v1], multi-site[:v1], par[:v1], preview,
recovery-codes[:v1], scripts[:v1], step-up-authentication[:v1],
token-exchange[:v1], transient-users[:v1], update-email[:v1], web-authn[:v1].
dynamic-scopes[:v1], fips[:v1], hostname[:v1], impersonation[:v1], js-adapter
[:v1], kerberos[:v1], linkedin-oauth[:v1], multi-site[:v1],
offline-session-preloading[:v1], par[:v1], preview, recovery-codes[:v1],
scripts[:v1], step-up-authentication[:v1], token-exchange[:v1],
transient-users[:v1], update-email[:v1], web-authn[:v1].
--features-disabled <feature>
Disables a set of one or more features. Possible values are: account-api,
account2, account3, admin-api, admin-fine-grained-authz, admin2,
authorization, ciba, client-policies, client-secret-rotation, device-flow,
docker, dpop, dynamic-scopes, fips, impersonation, js-adapter, kerberos,
linkedin-oauth, multi-site, par, preview, recovery-codes, scripts,
step-up-authentication, token-exchange, transient-users, update-email,
web-authn.
linkedin-oauth, multi-site, offline-session-preloading, par, preview,
recovery-codes, scripts, step-up-authentication, token-exchange,
transient-users, update-email, web-authn.
Hostname:

5
server-spi-private/src/main/java/org/keycloak/provider/EnvironmentDependentProviderFactory.java
View file

@ -31,7 +31,10 @@ public interface EnvironmentDependentProviderFactory {
* @return <code>true</code> if the provider is supported and should be available, <code>false</code> otherwise
* @deprecated Prefer overriding/using the {@link #isSupported(Config.Scope)} method.
*/
boolean isSupported();
@Deprecated
default boolean isSupported() {
return false;
}
/**
* An alternative to {@link #isSupported()} method to check if the provider is supported based on the