keycloak-scim

Author	SHA1	Message	Date
Achim Rolle	83065b85a2	Fix credential_type in update/remove credential email template Closes #34687 Signed-off-by: Achim Rolle <achim.rolle@aoe.com> Signed-off-by: rmartinc <rmartinc@redhat.com> Co-authored-by: rmartinc <rmartinc@redhat.com>	2024-11-07 10:13:53 +00:00
Ricardo Martin	226daa41c7	Add service account mappers via client scope instead of dedicated scope (#34664 ) Closes #10417 Signed-off-by: rmartinc <rmartinc@redhat.com> Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com> Signed-off-by: Ricardo Martin <rmartinc@redhat.com>	2024-11-07 08:45:11 +01:00
rmartinc	d2e19da64e	Avoid using nip.io resolution in RefreshTokenTest#refreshTokenWithDifferentIssuer test Closes #25675 Signed-off-by: rmartinc <rmartinc@redhat.com>	2024-11-06 14:53:19 +01:00
Ricardo Martin	ce454bda47	Remove online session when offline access is requested as the first request (#34346 ) Closes #34001 Signed-off-by: rmartinc <rmartinc@redhat.com> Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com> Signed-off-by: Marek Posolda <mposolda@gmail.com> --------- Signed-off-by: rmartinc <rmartinc@redhat.com> Signed-off-by: Marek Posolda <mposolda@gmail.com> Co-authored-by: Marek Posolda <mposolda@gmail.com> Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>	2024-11-06 08:33:12 +01:00
fwojnar	b3dd26a7c3	Migrate WelcomeTestPage to testsuite framework (#34543 ) * Migrate WelcomeTestPage to testsuite framework Closes #34491 Signed-off-by: wojnarfilip <fwojnar@redhat.com> * Refactor welcome page a bit Signed-off-by: stianst <stianst@gmail.com> * Fixes for htmlunit Signed-off-by: stianst <stianst@gmail.com> * Cleanup imports Signed-off-by: stianst <stianst@gmail.com> --------- Signed-off-by: wojnarfilip <fwojnar@redhat.com> Signed-off-by: stianst <stianst@gmail.com> Co-authored-by: wojnarfilip <fwojnar@redhat.com> Co-authored-by: stianst <stianst@gmail.com>	2024-11-05 10:57:58 +01:00
Giuseppe Graziano	612e2caae1	Refresh the login page when root auth session changes Closes #32658 Signed-off-by: Giuseppe Graziano <g.graziano94@gmail.com>	2024-11-04 18:31:42 +01:00
Alexander Schwartz	8be4237fd4	Fix failing test AdminEventQueryTest by adding required session parameter (#34612 ) Closes #34611 Signed-off-by: Alexander Schwartz <aschwart@redhat.com>	2024-11-04 12:28:59 +01:00
Bernd Bohmann	7681687e0a	Provide missing user event metrics from aerogear/keycloak-metrics-spi to a keycloak micrometer event listener inspired by https://github.com/aerogear/keycloak-metrics-spi https://github.com/please-openit/keycloak-native-metrics Closes #33043 Signed-off-by: Bernd Bohmann <bommel@apache.org> Signed-off-by: Alexander Schwartz <aschwart@redhat.com> Signed-off-by: Michal Hajas <mhajas@redhat.com> Co-authored-by: Alexander Schwartz <aschwart@redhat.com> Co-authored-by: Michal Hajas <mhajas@redhat.com>	2024-11-04 08:56:24 +01:00
Stefan Guilhen	af434d6bc1	Add checks to prevent GroupLDAPStorageMapper from performing operations on groups it does not manage Closes #11008 Closes #17593 Closes #19652 Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>	2024-11-01 15:49:55 -03:00
Thomas Darimont	36b01cbea0	Revise PAR request object parameter handlig (#34352 ) We now store the original parameter value as-is, in case only a single parameter value is provided. In case multiple parameter values are provided for the same parameter, we only retain the first parameter. This ensures that the original value is retained. Previously the value list from the `decodedFormParameters` `MultivaluedMap` was converted to a String while replacing '[' and ']' with an empty string, which corrupted the original parameter values stored. Fixes #34352 Signed-off-by: Thomas Darimont <thomas.darimont@googlemail.com>	2024-10-31 16:26:31 +01:00
Pedro Igor	db780ed6c7	Trying to make sure there is no active tasks and introduce a timeout Closes #34432 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2024-10-31 12:10:22 +01:00
rmartinc	78aa08941a	Fix NPE in ConditionalOtpFormAuthenticator if no configuration Closes #34298 Signed-off-by: rmartinc <rmartinc@redhat.com>	2024-10-31 07:48:07 -03:00
vramik	b27a5d05b4	Fix error message in test Signed-off-by: vramik <vramik@redhat.com>	2024-10-30 12:26:03 -03:00
vramik	3d91df42d8	Declining terms and conditions in account-console results in error Closes #28328 Signed-off-by: vramik <vramik@redhat.com>	2024-10-30 12:26:03 -03:00
Giuseppe Graziano	3d663802bb	Fix flaky test for concurrent client creation on H2 database Closes #29290 Signed-off-by: Giuseppe Graziano <g.graziano94@gmail.com>	2024-10-29 20:58:50 -03:00
rmartinc	b52256facc	Set client in context for dynamic scopes calculation Closes #33684 Signed-off-by: rmartinc <rmartinc@redhat.com>	2024-10-28 17:32:06 -03:00
Marek Posolda	3784fd1f67	Attempt to run snapshot Keycloak server against production DB should fail during migration closes #30364 Signed-off-by: mposolda <mposolda@gmail.com> Signed-off-by: Alexander Schwartz <aschwart@redhat.com> Co-authored-by: Alexander Schwartz <aschwart@redhat.com>	2024-10-28 15:02:26 +00:00
Douglas Palmer	c816d5e030	Flaky test: org.keycloak.testsuite.broker.KcOidcBrokerTest#testPostBrokerLoginFlowWithOTP_bruteForceEnabled Closes #34075 Signed-off-by: Douglas Palmer <dpalmer@redhat.com>	2024-10-28 11:30:38 -03:00
Pedro Ruivo	84f4bd8af1	Client Scope updates are not replicated between Keycloak nodes Fixes #33731 Signed-off-by: Pedro Ruivo <pruivo@redhat.com>	2024-10-25 11:22:15 +02:00
rmartinc	e41553bcfb	Create a new logout session when initiating it for another client Closes #34207 Signed-off-by: rmartinc <rmartinc@redhat.com>	2024-10-25 10:02:23 +02:00
Douglas Palmer	fd1dd49ade	Flaky Test: BrowserFlowTest.testAlternativeNonInteractiveExecutorInSubflow() Closes #34273 Signed-off-by: Douglas Palmer <dpalmer@redhat.com>	2024-10-24 22:36:11 +02:00
Martin Kanis	4f3ced9560	ConcurrentModificationException when restarting user sessions Closes #34093 Signed-off-by: Martin Kanis <mkanis@redhat.com>	2024-10-24 21:26:50 +02:00
Steven Hawkins	b2ccde29bb	fix: persist build time spi options (#34157 ) closes: #33902 Signed-off-by: Steve Hawkins <shawkins@redhat.com>	2024-10-23 16:51:11 +02:00
Pedro Ruivo	f507caae6c	Deleting a user leads to ISPN marshalling exception Fixes #34224 Signed-off-by: Pedro Ruivo <pruivo@redhat.com>	2024-10-23 11:53:25 +02:00
Ryan Emerson	902abfdae4	JDBC_PING as default discovery protocol Closes #29399 - Add ProviderFactory#dependsOn to allow dependencies between ProviderFactories to be explicitly defined - Disable Infinispan default shutdownhook disabled to ensure lifecycle is managed exclusively by Keycloak - Remove Infinispan shutdown hook in KeycloakRecorder and manage EmbeddedCacheManager lifecycle only in DefaultInfinispanConnectionProviderFactory#close Signed-off-by: Ryan Emerson <remerson@redhat.com> Signed-off-by: Alexander Schwartz <aschwart@redhat.com> Co-authored-by: Alexander Schwartz <aschwart@redhat.com>	2024-10-22 20:19:19 +00:00
Gilvan Filho	c4005d29f0	add linear strategy to brute force closes #25917 Signed-off-by: Gilvan Filho <gilvan.sfilho@gmail.com>	2024-10-22 10:33:22 -03:00
rmartinc	6d52520730	Load client keys using SubjectPublicKeyInfo and upload jwks type into the jwks attributes for OIDC ones Closes #33820 Signed-off-by: rmartinc <rmartinc@redhat.com>	2024-10-22 14:24:15 +02:00
Martin Kanis	01026fab79	Flaky test: org.keycloak.testsuite.broker.KcOidcBrokerTest#testPostBrokerLoginFlowWithOTP_bruteForceEnabled Closes #34075 Signed-off-by: Martin Kanis <mkanis@redhat.com>	2024-10-22 08:06:56 -03:00
mposolda	703f16ea86	Hide the 'Delete' button in the account console when DeleteCredentialAction is disabled or unavailable closes #30204 Signed-off-by: mposolda <mposolda@gmail.com>	2024-10-22 11:07:08 +02:00
Pedro Igor	6d5923d560	Tests for role and time policy configuration validation Closes #28978 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2024-10-22 05:43:05 -03:00
Douglas Palmer	271e749c82	ResetPasswordTest.resetPasswordExpiredCode Error -> AbstractKeycloakTest.deleteAllCookiesForRealm:297 Closes #33940 Signed-off-by: Douglas Palmer <dpalmer@redhat.com>	2024-10-22 09:09:16 +02:00
rmartinc	2004467749	Check alias is unique for authenticator config when it is created Closes #31727 Signed-off-by: rmartinc <rmartinc@redhat.com>	2024-10-21 15:25:32 +02:00
Simon Levermann	dcf1d83199	Enable enforcement of a minimum ACR at the client level (#16884 ) (#33205 ) closes #16884 Signed-off-by: Simon Levermann <github@simon.slevermann.de>	2024-10-21 13:54:02 +02:00
Douglas Palmer	2dd754533d	Flaky Test ResetPasswordTest.resetPasswordLoggedUser:188->openResetPasswordUrlAndDoFlow:252 Closes #34023 Signed-off-by: Douglas Palmer <dpalmer@redhat.com>	2024-10-21 08:36:49 +02:00
Igor Petrov	8e872818c5	feat: eliminate client secret requirement This commit eliminates neccessity for providing client secret when constructing client via Admin Client API. The requirement for client secret became obsolete when Keycloak onboarded a X509 certificate authorizer. closes #33755 Signed-off-by: Igor Petrov <igor.petrov-ext@camunda.com>	2024-10-18 16:35:15 +02:00
Pedro Igor	3a9bab35b6	Fixing action token lifespan information in the invitation email Closes #34049 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2024-10-18 09:10:14 +02:00
Pedro Igor	d1dba15964	Do not show domain match message in the identity-first login when no login hint is provided Closes #34069 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2024-10-18 09:05:27 +02:00
Pedro Igor	ee38d551ce	Respect the locale set to a user when redering verify email pages Closes #34063 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2024-10-18 09:04:38 +02:00
Stefan Guilhen	7d8ff710c2	Invalidate user session when associated IdP is missing (previously removed) Closes #31724 Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>	2024-10-17 16:30:51 -03:00
Pascal Knüppel	41ee68611f	Allow to create EC certificates if new EC-key-provider is created (#31843 ) Closes #31842 Signed-off-by: Pascal Knüppel <pascal.knueppel@governikus.de>	2024-10-17 16:05:59 +02:00
Thomas Darimont	6a4ec24015	Users have to authenticate first before account-console is loaded Signed-off-by: Thomas Darimont <thomas.darimont@googlemail.com>	2024-10-17 07:53:20 -03:00
Thomas Darimont	c400eff9b0	Account console backend should redirect to login on missing auth (#31469 ) Adapted the login redirect logic from the old account console. Fixes #31469 Signed-off-by: Thomas Darimont <thomas.darimont@googlemail.com>	2024-10-17 07:53:20 -03:00
rmartinc	13655007a6	Remove online session for offline access in direct access grants and client credentials Closes #32650 Signed-off-by: rmartinc <rmartinc@redhat.com>	2024-10-17 10:49:05 +02:00
Martin Kanis	a8a5c96510	Fix unstable testPostBrokerLoginFlowWithOTP_bruteForceEnabled test Closes #33549 Signed-off-by: Martin Kanis <mkanis@redhat.com>	2024-10-15 15:36:05 -03:00
Martin Kanis	8fb5ecaa6c	Auth not possible for auth session where user was enabled in the meantime Closes #33883 Signed-off-by: Martin Kanis <mkanis@redhat.com>	2024-10-15 14:28:36 -03:00
Jon Koops	228c21a7a0	Allow Keycloak JS to be initialized without passing options (#33950 ) Closes #8935 Signed-off-by: Jon Koops <jonkoops@gmail.com>	2024-10-15 17:46:15 +02:00
Pedro Igor	b76f4f9c1b	Avoid iterating over user policies when removing users Closes #19358 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2024-10-15 15:01:40 +02:00
Martin Kanis	0ebf862b63	LDAP Import: KERBEROS_PRINCIPAL not updated when UserPrincipal changes and user already exists Closes #32266 Signed-off-by: Martin Kanis <mkanis@redhat.com>	2024-10-11 09:16:17 -03:00
rmartinc	7e5734fd48	Fix incorrect filter in docker protocol Closes #33776 Signed-off-by: rmartinc <rmartinc@redhat.com>	2024-10-11 08:58:18 +02:00
Pedro Igor	9a3d81c23e	Only process organization selection when the user is identified Closes #33699 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2024-10-10 16:24:25 +02:00

1 2 3 4 5 ...

7030 commits