libre.sh/keycloak-scim
2
0
Fork 0
Code Issues 14 Pull requests Releases Packages Activity Actions 6
26538 commits 4 branches 5 tags 480 MiB
Commit graph

7015 commits

Author SHA1 Message Date
rmartinc
b52256facc Set client in context for dynamic scopes calculation 
Closes #33684

Signed-off-by: rmartinc <rmartinc@redhat.com>
 2024-10-28 17:32:06 -03:00
Marek Posolda
3784fd1f67
Attempt to run snapshot Keycloak server against production DB should fail during migration 
closes #30364

Signed-off-by: mposolda <mposolda@gmail.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
 2024-10-28 15:02:26 +00:00
Douglas Palmer
c816d5e030 Flaky test: org.keycloak.testsuite.broker.KcOidcBrokerTest#testPostBrokerLoginFlowWithOTP_bruteForceEnabled 
Closes #34075

Signed-off-by: Douglas Palmer <dpalmer@redhat.com>
 2024-10-28 11:30:38 -03:00
Pedro Ruivo
84f4bd8af1 Client Scope updates are not replicated between Keycloak nodes 
Fixes #33731

Signed-off-by: Pedro Ruivo <pruivo@redhat.com>
 2024-10-25 11:22:15 +02:00
rmartinc
e41553bcfb Create a new logout session when initiating it for another client 
Closes #34207

Signed-off-by: rmartinc <rmartinc@redhat.com>
 2024-10-25 10:02:23 +02:00
Douglas Palmer
fd1dd49ade Flaky Test: BrowserFlowTest.testAlternativeNonInteractiveExecutorInSubflow() 
Closes #34273

Signed-off-by: Douglas Palmer <dpalmer@redhat.com>
 2024-10-24 22:36:11 +02:00
Martin Kanis
4f3ced9560 ConcurrentModificationException when restarting user sessions 
Closes #34093

Signed-off-by: Martin Kanis <mkanis@redhat.com>
 2024-10-24 21:26:50 +02:00
Steven Hawkins
b2ccde29bb
fix: persist build time spi options (#34157) 
closes: #33902

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
 2024-10-23 16:51:11 +02:00
Pedro Ruivo
f507caae6c Deleting a user leads to ISPN marshalling exception 
Fixes #34224

Signed-off-by: Pedro Ruivo <pruivo@redhat.com>
 2024-10-23 11:53:25 +02:00
Ryan Emerson
902abfdae4
JDBC_PING as default discovery protocol 
Closes #29399

- Add ProviderFactory#dependsOn to allow dependencies between
  ProviderFactories to be explicitly defined
- Disable Infinispan default shutdownhook disabled to ensure lifecycle
  is managed exclusively by Keycloak
- Remove Infinispan shutdown hook in KeycloakRecorder and manage
  EmbeddedCacheManager lifecycle only in DefaultInfinispanConnectionProviderFactory#close

Signed-off-by: Ryan Emerson <remerson@redhat.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
 2024-10-22 20:19:19 +00:00
Gilvan Filho
c4005d29f0 add linear strategy to brute force 
closes #25917

Signed-off-by: Gilvan Filho <gilvan.sfilho@gmail.com>
 2024-10-22 10:33:22 -03:00
rmartinc
6d52520730 Load client keys using SubjectPublicKeyInfo and upload jwks type into the jwks attributes for OIDC ones 
Closes #33820

Signed-off-by: rmartinc <rmartinc@redhat.com>
 2024-10-22 14:24:15 +02:00
Martin Kanis
01026fab79 Flaky test: org.keycloak.testsuite.broker.KcOidcBrokerTest#testPostBrokerLoginFlowWithOTP_bruteForceEnabled 
Closes #34075

Signed-off-by: Martin Kanis <mkanis@redhat.com>
 2024-10-22 08:06:56 -03:00
mposolda
703f16ea86 Hide the 'Delete' button in the account console when DeleteCredentialAction is disabled or unavailable 
closes #30204

Signed-off-by: mposolda <mposolda@gmail.com>
 2024-10-22 11:07:08 +02:00
Pedro Igor
6d5923d560 Tests for role and time policy configuration validation 
Closes #28978

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2024-10-22 05:43:05 -03:00
Douglas Palmer
271e749c82 ResetPasswordTest.resetPasswordExpiredCode Error -> AbstractKeycloakTest.deleteAllCookiesForRealm:297 
Closes #33940

Signed-off-by: Douglas Palmer <dpalmer@redhat.com>
 2024-10-22 09:09:16 +02:00
rmartinc
2004467749 Check alias is unique for authenticator config when it is created 
Closes #31727

Signed-off-by: rmartinc <rmartinc@redhat.com>
 2024-10-21 15:25:32 +02:00
Simon Levermann
dcf1d83199
Enable enforcement of a minimum ACR at the client level (#16884) (#33205) 
closes #16884 

Signed-off-by: Simon Levermann <github@simon.slevermann.de>
 2024-10-21 13:54:02 +02:00
Douglas Palmer
2dd754533d Flaky Test ResetPasswordTest.resetPasswordLoggedUser:188->openResetPasswordUrlAndDoFlow:252 
Closes #34023

Signed-off-by: Douglas Palmer <dpalmer@redhat.com>
 2024-10-21 08:36:49 +02:00
Igor Petrov
8e872818c5 feat: eliminate client secret requirement 
This commit eliminates neccessity for providing client secret when
constructing client via Admin Client API. The requirement for client
secret became obsolete when Keycloak onboarded a X509 certificate
authorizer.

closes #33755

Signed-off-by: Igor Petrov <igor.petrov-ext@camunda.com>
 2024-10-18 16:35:15 +02:00
Pedro Igor
3a9bab35b6 Fixing action token lifespan information in the invitation email 
Closes #34049

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2024-10-18 09:10:14 +02:00
Pedro Igor
d1dba15964 Do not show domain match message in the identity-first login when no login hint is provided 
Closes #34069

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2024-10-18 09:05:27 +02:00
Pedro Igor
ee38d551ce Respect the locale set to a user when redering verify email pages 
Closes #34063

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2024-10-18 09:04:38 +02:00
Stefan Guilhen
7d8ff710c2 Invalidate user session when associated IdP is missing (previously removed) 
Closes #31724

Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
 2024-10-17 16:30:51 -03:00
Pascal Knüppel
41ee68611f
Allow to create EC certificates if new EC-key-provider is created (#31843) 
Closes #31842

Signed-off-by: Pascal Knüppel <pascal.knueppel@governikus.de>
 2024-10-17 16:05:59 +02:00
Thomas Darimont
6a4ec24015 Users have to authenticate first before account-console is loaded 
Signed-off-by: Thomas Darimont <thomas.darimont@googlemail.com>
 2024-10-17 07:53:20 -03:00
Thomas Darimont
c400eff9b0 Account console backend should redirect to login on missing auth (#31469) 
Adapted the login redirect logic from the old account console.

Fixes #31469

Signed-off-by: Thomas Darimont <thomas.darimont@googlemail.com>
 2024-10-17 07:53:20 -03:00
rmartinc
13655007a6 Remove online session for offline access in direct access grants and client credentials 
Closes #32650

Signed-off-by: rmartinc <rmartinc@redhat.com>
 2024-10-17 10:49:05 +02:00
Martin Kanis
a8a5c96510 Fix unstable testPostBrokerLoginFlowWithOTP_bruteForceEnabled test 
Closes #33549

Signed-off-by: Martin Kanis <mkanis@redhat.com>
 2024-10-15 15:36:05 -03:00
Martin Kanis
8fb5ecaa6c Auth not possible for auth session where user was enabled in the meantime 
Closes #33883

Signed-off-by: Martin Kanis <mkanis@redhat.com>
 2024-10-15 14:28:36 -03:00
Jon Koops
228c21a7a0
Allow Keycloak JS to be initialized without passing options (#33950) 
Closes #8935

Signed-off-by: Jon Koops <jonkoops@gmail.com>
 2024-10-15 17:46:15 +02:00
Pedro Igor
b76f4f9c1b Avoid iterating over user policies when removing users 
Closes #19358

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2024-10-15 15:01:40 +02:00
Martin Kanis
0ebf862b63 LDAP Import: KERBEROS_PRINCIPAL not updated when UserPrincipal changes and user already exists 
Closes #32266

Signed-off-by: Martin Kanis <mkanis@redhat.com>
 2024-10-11 09:16:17 -03:00
rmartinc
7e5734fd48 Fix incorrect filter in docker protocol 
Closes #33776

Signed-off-by: rmartinc <rmartinc@redhat.com>
 2024-10-11 08:58:18 +02:00
Pedro Igor
9a3d81c23e Only process organization selection when the user is identified 
Closes #33699

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2024-10-10 16:24:25 +02:00
rmartinc
a74e60f4d7 Check email with ignorecase when setting basic attributes in IdP 
Closes #31848

Signed-off-by: rmartinc <rmartinc@redhat.com>
 2024-10-10 09:55:58 +02:00
Jon Koops
3930356c21
Treat unencrypted local origins as an insecure context in Safari (#33700) 
Closes #33557

Signed-off-by: Jon Koops <jonkoops@gmail.com>
 2024-10-09 23:38:03 +02:00
Douglas Palmer
a276b3bb3d Flaky test: org.keycloak.testsuite.forms.BrowserButtonsTest#appInitiatedRegistrationWithBackButton 
Closes #32676

Signed-off-by: Douglas Palmer <dpalmer@redhat.com>
 2024-10-09 08:00:57 +02:00
rmartinc
467e881725 Use clickLink in delete credential page 
Closes #33505

Signed-off-by: rmartinc <rmartinc@redhat.com>
 2024-10-08 12:22:53 +02:00
mposolda
07cf71e818 Better logging when error happens during transaction commit 
closes #33275

Signed-off-by: mposolda <mposolda@gmail.com>
 2024-10-08 11:14:10 +02:00
Ricardo Martin
611e6d102e
Create session for the requester client in Token Exchange (#31290) 
Closes #31180


Signed-off-by: rmartinc <rmartinc@redhat.com>
Co-authored-by: Marek Posolda <mposolda@gmail.com>
 2024-10-08 10:24:10 +02:00
Gilles Etchepareborde
593afbb4e0 This PR intends to always set the event type in order to prevent error when firing an error event. 
Closes #30453

Signed-off-by: Gilles Etchepareborde <etchepar@yahoo.fr>
 2024-10-08 10:15:53 +02:00
rmartinc
a475cbf009 Re-try login to account for firefox CI 
Closes #30994

Signed-off-by: rmartinc <rmartinc@redhat.com>
 2024-10-08 10:08:49 +02:00
rmartinc
44b1290917 Return next action if the current action is not supported in AIA 
Closes #33513

Signed-off-by: rmartinc <rmartinc@redhat.com>
 2024-10-08 09:54:53 +02:00
Douglas Palmer
26255f47f8
Upgrade Selenium (#33600) 
Closes #33599

Signed-off-by: Douglas Palmer <dpalmer@redhat.com>
 2024-10-08 09:18:54 +02:00
ikhomyn
6b96ee2b6d
Fix social login tests (#33525) 
Part of #33524

Signed-off-by: Ivan Khomyn <ikhomyn@redhat.com>
 2024-10-07 16:44:33 +02:00
mposolda
95c529104e Remove retry in LoginPage.resetPassword due the more universal fix exists in UIUtils.clickLink 
closes #33492

Signed-off-by: mposolda <mposolda@gmail.com>
(cherry picked from commit 88c94c28b0092df3f44277a5cc47e1d5026fe3af)
 2024-10-04 14:25:58 +02:00
mposolda
cb5c510c49 Adding retry when clicking on rememberMe checkbox on the loginPage during tests 
closes #32476
closes #32677
closes #32767
closes #33132
closes #32550

Signed-off-by: mposolda <mposolda@gmail.com>
 2024-10-04 12:01:38 +02:00
mposolda
edb05421ac Issue when running tests from IDE on embedded undertow - org.jboss.threads.EnhancedQueueExecutor.setKeepAliveTime(java.time.Duration) 
closes #33517

Signed-off-by: mposolda <mposolda@gmail.com>
 2024-10-03 18:44:41 +02:00
rmartinc
38e0568f9f Use clickLink in LanguageComboboxAwarePage 
Closes #32473
Closes #32939

Signed-off-by: rmartinc <rmartinc@redhat.com>
 2024-10-03 18:26:10 +02:00