keycloak-scim

Author	SHA1	Message	Date
Stian Thorgersen	6092524d79	Fix theme resource loading on Windows, and enable additional test in jdk-integration-tests (#33512 ) Closes #33508 Signed-off-by: stianst <stianst@gmail.com>	2024-10-03 11:37:49 +02:00
vramik	c1653448f3	[Organizations] Allow orgs to define the redirect URL after user registers or accepts invitation link Closes #33201 Signed-off-by: vramik <vramik@redhat.com>	2024-10-02 07:37:48 -03:00
Ricardo Martin	6e471a8477	Add the nonce attribute when the client session context is recreated (#33422 ) Closes #33355 Signed-off-by: rmartinc <rmartinc@redhat.com> Co-authored-by: Tomas Kralik <tomas.kralik@pbktechnology.cz>	2024-10-02 09:44:25 +02:00
Pedro Igor	ef48a3a360	Avoid running org related code if there are no orgs in a realm Closes #33424 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2024-10-02 09:39:25 +02:00
Giuseppe Graziano	b46fab2308	Remove root auth session after backchannel logout Closes #32197 Signed-off-by: Giuseppe Graziano <g.graziano94@gmail.com>	2024-10-01 11:56:57 +02:00
mposolda	e582a17a7c	Fix client-attributes condition configuration closes #33390 Signed-off-by: mposolda <mposolda@gmail.com>	2024-10-01 10:12:28 +02:00
Stian Thorgersen	4a2fbf5339	Refactor loading of theme resources (#33326 ) Closes #33325 Signed-off-by: stianst <stianst@gmail.com>	2024-10-01 08:02:05 +02:00
Alexander Schwartz	5c503a55e9	Optimize caching and use of DB connections when Organisations are enabled Closes #33353 Signed-off-by: Alexander Schwartz <aschwart@redhat.com>	2024-09-30 18:35:45 -03:00
rmartinc	8bbae59b60	Add LOGIN_WEBAUTHN as possible initial login page for locale bean Closes #33336 Signed-off-by: rmartinc <rmartinc@redhat.com>	2024-09-30 18:59:39 +02:00
Steven Hawkins	5d99d91818	fix: allows for the detection of a master realm with --import-realms (#32914 ) also moving initial bootstrapping after import closes: #32689 Signed-off-by: Steven Hawkins <shawkins@redhat.com> Co-authored-by: Martin Bartoš <mabartos@redhat.com>	2024-09-30 14:40:16 +02:00
Steven Hawkins	f1a7a4804e	fix: adds additional info / warnings to hostname v2 (#33261 ) * fix: adds additional info / warnings to hostname v2 closes: #24815 Signed-off-by: Steve Hawkins <shawkins@redhat.com> * refining the proxy-headers language from #33209 Signed-off-by: Steve Hawkins <shawkins@redhat.com> * adding hostname-strict-https Signed-off-by: Steve Hawkins <shawkins@redhat.com> * moving removed property check to the quarkus side Signed-off-by: Steve Hawkins <shawkins@redhat.com> * Update quarkus/runtime/src/main/java/org/keycloak/quarkus/runtime/configuration/mappers/HostnameV2PropertyMappers.java Co-authored-by: Martin Bartoš <mabartos@redhat.com> Signed-off-by: Steven Hawkins <shawkins@redhat.com> * Update docs/guides/server/hostname.adoc Signed-off-by: Steven Hawkins <shawkins@redhat.com> --------- Signed-off-by: Steve Hawkins <shawkins@redhat.com> Signed-off-by: Steven Hawkins <shawkins@redhat.com> Co-authored-by: Martin Bartoš <mabartos@redhat.com>	2024-09-28 08:48:09 +00:00
Steven Hawkins	9064d5159a	fix: validate that a full hostname url is expected (#33348 ) closes: #33347 Signed-off-by: Steve Hawkins <shawkins@redhat.com>	2024-09-27 13:57:14 +00:00
Manish Mehta	d57050656e	Fix for Issue# 32622 (https://github.com/keycloak/keycloak/issues/32622 ) The expected Destination Path needs to properly point to the client that is created for IDP-initiated SSO flow. This is especially an issue when Keycloak is behind a reverse proxy that terminates TLS. Signed-off-by: Manish Mehta <ManishMehta@users.noreply.github.com>	2024-09-27 09:20:09 +02:00
rmartinc	1d23c3c720	Use note to detect the IDP verify email action is already done Closes #31563 Signed-off-by: rmartinc <rmartinc@redhat.com>	2024-09-27 09:16:53 +02:00
Maksim Zvankovich	90dc7c168c	Add organization admin crud events Closes #31421 Signed-off-by: Maksim Zvankovich <m.zvankovich@rheagroup.com> Co-authored-by: Stefan Guilhen <sguilhen@redhat.com>	2024-09-27 09:09:28 +02:00
Stefan Guilhen	6424708695	Ensure organization id is preserved on export/import - Also fixes issues with description, enabled, and custom attributes missing when re-importing the orgs. Closes #33207 Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>	2024-09-25 16:07:44 +02:00
Stian Thorgersen	af5eef57bf	Improve handling for loopback redirect-uri validation (#195 ) (#33189 ) Closes #33116 Signed-off-by: stianst <stianst@gmail.com>	2024-09-23 13:51:02 +02:00
keshavprashantdeshpande	402aa42201	Add subgroup count to groupByPath (#33161 ) Closes #31410 Signed-off-by: Keshav Deshpande <keshavprashantdeshpande@gmail.com>	2024-09-23 08:28:06 +02:00
Erik Jan de Wit	d01f531b82	removed server side translation in favour of client side (#32985 ) fixes: #32984 Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>	2024-09-23 07:42:07 +02:00
Jon Koops	5e2f09f66d	Remove statically served Keycloak JS from the server (#33083 ) Closes #32827 Signed-off-by: Jon Koops <jonkoops@gmail.com>	2024-09-22 19:05:01 +02:00
Stefan Guilhen	900c496ffe	Remove the kc.org.broker.public attribute and use hideOnLogin in the IDP instead Closes #32209 Signed-off-by: Stefan Guilhen <sguilhen@redhat.com> Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com> Co-authored-by: Erik Jan de Wit <erikjan.dewit@gmail.com>	2024-09-20 16:08:55 +02:00
Stefan Guilhen	e065070751	Set realm when importing users via keycloak-add-user.json Closes #33060 Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>	2024-09-20 15:24:41 +02:00
Steve Hawkins	493252befd	fix: include debug logging for init closes: #33109 Signed-off-by: Steve Hawkins <shawkins@redhat.com>	2024-09-20 15:21:50 +02:00
Stefan Guilhen	42cde0cfdd	Fix various issues holding up CI (#33086 ) - Disables the remote operator tests, which will have to be fixed later. - Fixes the action expired error which occurs when accessing regular registration page with Organizations enabled. - Fixes a race condition in the test suite causing sporadic failures. Closes #33064 Signed-off-by: Stefan Guilhen <sguilhen@redhat.com> Signed-off-by: rmartinc <rmartinc@redhat.com> Signed-off-by: Jon Koops <jonkoops@gmail.com> Co-authored-by: rmartinc <rmartinc@redhat.com> Co-authored-by: Jon Koops <jonkoops@gmail.com>	2024-09-19 21:23:21 +02:00
vramik	fcb31a5aa6	Implement invitation-only self-registration for realm users Closes #31643 Signed-off-by: vramik <vramik@redhat.com>	2024-09-18 13:50:23 +02:00
Alexander Schwartz	2a95d0abfa	Sort order of updates for user properties (#32853 ) This should reduce deadlocks on the user property table if the users are updated concurrently. Closes #32852 Signed-off-by: Alexander Schwartz <aschwart@redhat.com>	2024-09-18 12:37:42 +02:00
Alexander Schwartz	8ef7007e3c	Avoid using plain log messages in ServiceLogger (#32893 ) Closes #32891 Signed-off-by: Alexander Schwartz <aschwart@redhat.com>	2024-09-18 12:36:58 +02:00
stianst	c137482d77	Improve FolderThemeProvider Closes #33015 Signed-off-by: stianst <stianst@gmail.com>	2024-09-18 12:17:23 +02:00
Stefan Guilhen	3e597722a9	Add cache for IdentityProviderStorageProvider.getForLogin (#32918 ) Closes #32573 Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>	2024-09-18 09:05:57 +02:00
Stian Thorgersen	76307872f6	Update bootstrap admin client to use lightweight access token, and disable standard flow (#33014 ) Closes #33010, closes #33011 Signed-off-by: stianst <stianst@gmail.com>	2024-09-17 12:23:19 +00:00
rmartinc	5fe916861d	Return 404 on invalid theme type Closes #32798 Signed-off-by: rmartinc <rmartinc@redhat.com>	2024-09-17 09:09:34 +02:00
Giuseppe Graziano	e6c5ee31e4	Admin API with Lightweight access token and transient session Closes #32802 Signed-off-by: Giuseppe Graziano <g.graziano94@gmail.com>	2024-09-16 09:30:15 +02:00
Nate Drake	75973157aa	Fix a few typos (#32929 ) Signed-off-by: Nate Drake <ndrake@gmail.com>	2024-09-15 10:12:26 +00:00
Pedro Ruivo	f67bec0417	Rename remote-cache Feature Renamed to "clusterless" Closes #32596 Signed-off-by: Pedro Ruivo <pruivo@redhat.com>	2024-09-13 13:03:13 +02:00
Stian Thorgersen	40049f31fa	Remove ProxyClassLoader and PlatformProvider returning script classloader (#32806 ) Closes #32804 Signed-off-by: stianst <stianst@gmail.com>	2024-09-11 17:11:26 +02:00
rmartinc	b60621d819	Allow brute force to have http request/response and send emails Closes #29542 Signed-off-by: rmartinc <rmartinc@redhat.com>	2024-09-11 08:35:03 +02:00
cgeorgilakis-grnet	f8b1b3ee03	Search Identity Providers by alias or display name Closes #32588 Signed-off-by: cgeorgilakis-grnet <cgeorgilakis@admin.grnet.gr>	2024-09-10 21:52:59 +02:00
Thomas Darimont	6b83a45b2e	Propagate locale when using app initiated registration URL Fixes #13505 Signed-off-by: Thomas Darimont <thomas.darimont@googlemail.com>	2024-09-10 12:25:17 +02:00
Garth	7988f026e0	Add a PasswordPoliciesBean to the FreeMarker context. Closes #32553 Signed-off-by: Garth <244253+xgp@users.noreply.github.com>	2024-09-10 12:19:53 +02:00
Alexander Schwartz	b88ecc0237	Removing the extra two-minute Window for persistent user sessions (#32660 ) Closes #28418 Signed-off-by: Alexander Schwartz <aschwart@redhat.com> Signed-off-by: Michal Hajas <mhajas@redhat.com> Co-authored-by: Michal Hajas <mhajas@redhat.com>	2024-09-09 09:28:48 +02:00
Steven Hawkins	58d742bb5c	fix: refining v2 hostname validation (#32659 ) closes: #32643 Signed-off-by: Steve Hawkins <shawkins@redhat.com>	2024-09-06 17:49:25 +02:00
Thomas Darimont	211224f613	Use correct error value in Token Exchange error responses The Token Exchange [RFC8693 Section-2.2.2](https://datatracker.ietf.org/doc/html/rfc8693#section-2.2.2) requires that the error code for invalid requests is `invalid_request`. Previously, Keycloak used `invalid_token` as the error code. Fixes #31547 Signed-off-by: Thomas Darimont <thomas.darimont@googlemail.com>	2024-09-05 18:35:36 +02:00
keshavprashantdeshpande	9f5f8e017e	Improve message for failing partial import of realm (#32667 ) Closes #28017 Signed-off-by: Keshav Deshpande <keshavprashantdeshpande@gmail.com> Signed-off-by: Alexander Schwartz <aschwart@redhat.com> Co-authored-by: Alexander Schwartz <aschwart@redhat.com>	2024-09-05 15:12:37 +02:00
mposolda	866101e72e	Optimize LogoutEndpoint.backchannelLogout endpoint closes #32683 Signed-off-by: mposolda <mposolda@gmail.com>	2024-09-05 13:49:31 +02:00
Thomas Darimont	693a63b532	Handle ClientData parsing errors in SessionCodeChecks gracefully - Move ClientData parsing out of SessionCodeChecks ctor - Respond with a bad request if invalid client data is presented Closes #32515 Signed-off-by: Thomas Darimont <thomas.darimont@googlemail.com> Signed-off-by: Alexander Schwartz <aschwart@redhat.com> Co-authored-by: Alexander Schwartz <aschwart@redhat.com>	2024-09-05 10:50:27 +02:00
Giuseppe Graziano	a14548a7a2	Lightweight access tokens for Admin REST API (#32347 ) * Lightweight access tokens for Admin REST API Closes #31513 Signed-off-by: Giuseppe Graziano <g.graziano94@gmail.com>	2024-09-04 18:04:23 +02:00
cgeorgilakis-grnet	e6b271895e	Make update IdentityProvider admin REST API more efficient Closes #32388 Signed-off-by: cgeorgilakis-grnet <cgeorgilakis@admin.grnet.gr>	2024-09-04 11:49:32 -03:00
Alexander Schwartz	0e1a7c6f8e	Add information about token expiry to events Closes #28311 Signed-off-by: Alexander Schwartz <aschwart@redhat.com>	2024-09-04 14:44:51 +02:00
Stefan Guilhen	e7a4635620	Filter out org brokers from the account console - org-linked brokers should not be available for login - prepare the endpoint for search/pagination Closes #31944 Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>	2024-09-04 09:00:52 -03:00
Alexander Schwartz	4d1e1e0bcb	Show details for error messages where they were missing (#32534 ) Closes #32533 Signed-off-by: Alexander Schwartz <aschwart@redhat.com> Signed-off-by: Jon Koops <jonkoops@gmail.com> Co-authored-by: Jon Koops <jonkoops@gmail.com>	2024-09-04 07:23:54 -04:00
Theresa Henze	a1c23fef8c	introduce event types to update/remove credentials Closes #10114 Signed-off-by: Theresa Henze <theresa.henze@bare.id>	2024-09-03 18:27:27 +02:00
Pedro Igor	079242c398	Binding brokering OIDC user sessions with the issuer of the ID Token to avoid looking up sessions by iterating over all brokers in a realm Closes #32091 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2024-09-03 17:51:20 +02:00
Thomas Darimont	88a5c96fff	Add `kc_action` to redirect URI after a required action is cancelled (#31925 ) Closes #31894 Signed-off-by: Thomas Darimont <thomas.darimont@googlemail.com>	2024-09-03 14:26:23 +00:00
mposolda	dad4477995	Remove keycloak-core and keycloak-crypto-default from SAML galleon feature pack and upgrade them to Java 17 closes #32586 Signed-off-by: mposolda <mposolda@gmail.com>	2024-09-03 15:58:57 +02:00
Alexander Schwartz	5bd3da657b	Cache regex patterns in frequently used production code Closes #32428 Signed-off-by: Alexander Schwartz <aschwart@redhat.com>	2024-09-02 08:57:03 -03:00
Jon Koops	2d17024b14	Remove `redirect_uri` support from OIDC logout endpoint Closes #10983 Signed-off-by: Jon Koops <jonkoops@gmail.com> Signed-off-by: Alexander Schwartz <alexander.schwartz@gmx.net> Co-authored-by: Alexander Schwartz <alexander.schwartz@gmx.net>	2024-08-30 12:52:49 +00:00
Martin Kanis	e7d71d43c3	Identity Provider secret visible in Organization tab (API request) Closes #32486 Signed-off-by: Martin Kanis <mkanis@redhat.com>	2024-08-30 09:26:25 -03:00
Douglas Palmer	ecbd856176	Brute force protection: Lockout permanently uses parameters configured under lockout temporarily Closes #30969 Signed-off-by: Douglas Palmer <dpalmer@redhat.com>	2024-08-29 16:30:22 +02:00
Martin Kanis	7e6dd682d4	Validate organization alias for forbidden chars Closes #32392 Signed-off-by: Martin Kanis <mkanis@redhat.com>	2024-08-28 21:59:38 +02:00
Pedro Igor	449557290b	More options to organization scope mapper including adding organization attributes to tokens Closes #31642 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2024-08-27 09:40:55 -03:00
Stefan Guilhen	88cca10472	Rename IDPSpi to IdentityProviderStorageSpi Closes #31639 Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>	2024-08-26 15:10:09 -03:00
Erik Jan de Wit	776a491989	added organizations table to account (#32311 ) * added organizations table to account Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com> Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com> Co-authored-by: Pedro Igor <pigor.craveiro@gmail.com>	2024-08-22 15:44:03 -03:00
Vlasta Ramik	d63c0fbd13	Decouple Identity provider mappers from RealmModel (#32251 ) * Decouple Identity provider mappers from RealmModel Closes #31731 Signed-off-by: vramik <vramik@redhat.com>	2024-08-22 12:05:19 -03:00
Steven Hawkins	d9a92f5de3	fix: expose bootstrap-admin-* options (#32241 ) * fix: expose bootstrap-admin-* options closes: #32176 Signed-off-by: Steve Hawkins <shawkins@redhat.com> * Update quarkus/config-api/src/main/java/org/keycloak/config/BootstrapAdminOptions.java Co-authored-by: Martin Bartoš <mabartos@redhat.com> Signed-off-by: Steven Hawkins <shawkins@redhat.com> --------- Signed-off-by: Steve Hawkins <shawkins@redhat.com> Signed-off-by: Steven Hawkins <shawkins@redhat.com> Co-authored-by: Martin Bartoš <mabartos@redhat.com>	2024-08-21 15:52:38 +02:00
Peter Zaoral	6ab3b98743	Temporary admin account notice logged to org.keycloak.events (#32307 ) * removed the temporary admin accounts logging from JBossLoggingEventListenerProvider Signed-off-by: Peter Zaoral <pzaoral@redhat.com>	2024-08-21 13:31:57 +00:00
Pedro Igor	c1f6d5ca64	Support for selecting an organization when requesting the organization scope Closes #31438 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2024-08-21 13:04:58 +02:00
Stefan Guilhen	585d179fe0	Ensure identity providers returned to the org IDP selection are IDPs not associated with any orgs. Closes #32238 Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>	2024-08-21 07:49:01 -03:00
Peter Zaoral	1b5fe5437a	Warnings for temporary admin user and service account (#31387 ) * UI banner, labels and log messages are shown when temporary admin account is used * added UI tests that check the elements' presence Signed-off-by: Peter Zaoral <pzaoral@redhat.com> Co-authored-by: Václav Muzikář <vaclav@muzikari.cz>	2024-08-21 09:30:24 +02:00
Pedro Ruivo	4675a4eda9	Deprecate UserSessionCrossDCManager Fixes #31878 Signed-off-by: Pedro Ruivo <pruivo@redhat.com>	2024-08-21 08:52:39 +02:00
Pedro Igor	e3c0b918bd	Returning a full representation when querying organizations Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2024-08-20 11:11:14 -03:00
Pedro Igor	4376a3c757	Add an endpoint to the organizations endpoint to return the organizations for a given user Closes #32158 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2024-08-20 11:11:14 -03:00
Pedro Igor	eeae50fb43	Make sure federationLink always map to the storage provider associated with federated users Closes #31670 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2024-08-20 11:27:22 +02:00
Stefan Guilhen	fa7c2b5da6	Address review comments Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>	2024-08-19 09:06:35 -03:00
Stefan Guilhen	f82159cf65	Rework logic to fetch IDPs for the login page so that IDPs are fetched from the provider and not filtered in code. Closes #32090 Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>	2024-08-19 09:06:35 -03:00
Pedro Igor	8e0436715c	Support for ALL and ANY organization scope values Related #31438 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2024-08-19 08:45:23 -03:00
mposolda	3d787727f9	Add acr scope to all clients for those migrating from older than Keycloak 18 closes #31107 Signed-off-by: mposolda <mposolda@gmail.com>	2024-08-16 12:17:43 +02:00
Václav Muzikář	cb418b0bfc	Upgrade to Quarkus 3.13.2 (#31678 ) * Upgrade to Quarkus 3.13.2 Closes #31676 Signed-off-by: Václav Muzikář <vmuzikar@redhat.com> Co-authored-by: Peter Zaoral <pzaoral@redhat.com> Co-authored-by: Martin Bartoš <mabartos@redhat.com>	2024-08-16 11:41:34 +02:00
himanshi1099	7459992e40	Realm update validation for incorrect timeout values (#32137 ) closes #31595 Signed-off-by: Himanshi Gupta <higupta@redhat.com>	2024-08-16 08:58:27 +02:00
Alexander Schwartz	80d235fffb	Handle non-existing client gracefully (#32151 ) Closes #32150 Signed-off-by: Alexander Schwartz <aschwart@redhat.com>	2024-08-15 16:08:40 +02:00
Stefan Guilhen	aeb1951aba	Replace calls to deprecated RealmModel IDP methods - use the new provider instead Closes #31254 Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>	2024-08-15 10:55:36 -03:00
Pedro Igor	96acc62c00	Support for resolving organization based on the organization scope Closes #31438 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2024-08-15 10:32:15 -03:00
Stian Thorgersen	310824cc2b	Remove legacy cookies Closes #16770 Signed-off-by: stianst <stianst@gmail.com> Signed-off-by: Jon Koops <jonkoops@gmail.com> Co-authored-by: Jon Koops <jonkoops@gmail.com>	2024-08-15 15:27:38 +02:00
Martin Kanis	708a6898db	Add a count method to the OrganizationMembersResource Closes #31388 Signed-off-by: Martin Kanis <mkanis@redhat.com>	2024-08-15 09:12:57 -03:00
Yoshiyuki Tabata	cb6eb187ac	Client Policy - Condition : Client - Client Attribute Closes https://github.com/keycloak/keycloak/issues/31766 Signed-off-by: Yoshiyuki Tabata <yoshiyuki.tabata.jy@hitachi.com>	2024-08-14 09:56:56 +02:00
kaustubh-rh	cf8905efe8	Fix for Client secret is visable in Admin event representation when Credentials Reset action performed for the Client. (#32067 ) * Stripping secrets for the credential representation Signed-off-by: kaustubh B <kbawanka@redhat.com>	2024-08-12 13:47:41 -03:00
Steven Hawkins	b72ddbcc45	fix: add a warning log if a deprecated admin env variable is used (#32038 ) closes: #31491 Signed-off-by: Steve Hawkins <shawkins@redhat.com>	2024-08-12 08:54:30 +02:00
rmartinc	347f595913	Add ECDH-ES encyption algorithms to the java keystore key provider Closes #32023 Signed-off-by: rmartinc <rmartinc@redhat.com>	2024-08-09 15:57:51 +02:00
Martin Kanis	da0864682a	Conditionally redirect existing users to a broker based on their credentials Closes #31006 Signed-off-by: Martin Kanis <mkanis@redhat.com>	2024-08-09 07:59:25 -03:00
rmartinc	2a06e1a6db	Add SHAKE256 hash provider for Ed448 Closes #31931 Signed-off-by: rmartinc <rmartinc@redhat.com>	2024-08-08 17:36:54 +02:00
Justin Tay	966a454548	Add ECDH-ES JWE Algorithm Provider, Add generated ECDH key provider (#23928 ) Closes #23596 Closes #23597 Signed-off-by: Justin Tay <49700559+justin-tay@users.noreply.github.com>	2024-08-08 17:29:35 +02:00
Steven Hawkins	7ce6f12fe3	fix: adds a check for duplicate users/clients to simplify cmd errors (#31583 ) also changes temp-admin-service to temp-admin closes: #31160 Signed-off-by: Steve Hawkins <shawkins@redhat.com>	2024-08-08 08:20:33 -04:00
Pedro Igor	3ab2446074	Do not return identity providers when querying the realm representation Closes #21072 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2024-08-07 10:06:51 -03:00
rmartinc	acbbfde4ab	Adding upgrading notes for brute force changes Closes #31960 Signed-off-by: rmartinc <rmartinc@redhat.com>	2024-08-07 14:38:30 +02:00
Pascal Knüppel	f3341390f4	Issuer id must be a URL according to specification (#30961 ) fixes #30960 Signed-off-by: Pascal Knüppel <pascal.knueppel@governikus.de> Signed-off-by: Captain-P-Goldfish <captain.p.goldfish@gmx.de>	2024-08-07 14:35:58 +02:00
Giuseppe Graziano	35c8c09b8d	OIDC dynamic client registration with response_type=none Closes #19564 Signed-off-by: Giuseppe Graziano <g.graziano94@gmail.com>	2024-08-07 10:34:47 +02:00
rmartinc	8a09905e5c	Remove the attempt in brute force when the off-thread finishes Closes #31881 Signed-off-by: rmartinc <rmartinc@redhat.com>	2024-08-06 15:30:49 -03:00
Michal Hajas	50c07c6e7c	Simplify configuration for MULTI_SITE Closes #31807 Signed-off-by: Michal Hajas <mhajas@redhat.com>	2024-08-06 16:14:33 +00:00
Stefan Wiedemann	6258256c1b	Fix access token issue OID4VC (#31763 ) closes #31712 Signed-off-by: Stefan Wiedemann <wistefan@googlemail.com>	2024-08-04 11:42:40 +02:00
Ingrid Kamga	7c69c857a1	Add a media type to error responses on OID4VC endpoints Closes #31585 Signed-off-by: Ingrid Kamga <Ingrid.Kamga@adorsys.com>	2024-08-02 12:09:09 +02:00
Justin Tay	f537343545	Allow empty key use in JWKS from identity provider Closes #31823 Signed-off-by: Justin Tay <49700559+justin-tay@users.noreply.github.com>	2024-08-02 11:39:43 +02:00

1 2 3 4 5 ...

4852 commits