Commit graph

394 commits

Author SHA1 Message Date
Giuseppe Graziano
c76cbc94d8 Add sub via protocol mapper to access token
Closes #21185

Signed-off-by: Giuseppe Graziano <g.graziano94@gmail.com>
2024-04-10 10:40:42 +02:00
Pedro Igor
52ba9b4b7f Make sure attribute metadata from user storage providers are added only for the provider associated with a federated user
Closes #28248

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
2024-04-08 09:05:16 -03:00
Justin Tay
e765932df3 Skip unsupported keys in JWKS
Closes #16064

Signed-off-by: Justin Tay <49700559+justin-tay@users.noreply.github.com>
2024-04-08 08:42:31 +02:00
Justin Tay
89a5da1afd Allow empty key use in JWKS for client authentication
Closes #28004

Signed-off-by: Justin Tay <49700559+justin-tay@users.noreply.github.com>
2024-04-04 10:42:37 +02:00
Stian Thorgersen
c3a98ae387
Use Argon2 as default password hashing algorithm (#28162)
Closes #28161

Signed-off-by: stianst <stianst@gmail.com>
2024-03-22 13:04:14 +00:00
Stian Thorgersen
8cbd39083e
Default password hashing algorithm should be set to default password hash provider (#28128)
Closes #28120

Signed-off-by: stianst <stianst@gmail.com>
2024-03-22 12:44:11 +01:00
vramik
032bb8e9cc Map Store Removal: Remove obsolete KeycloakModelUtils.isUsernameCaseSensitive method
Closes #27438

Signed-off-by: vramik <vramik@redhat.com>
2024-03-02 04:40:46 +09:00
Steven Hawkins
37acb2fd09
task: upgrading to quarkus 3.7.0.CR1 (#26203)
there are several downgrades from the quarkus versions, and some
additional logic needed to handle changes with re-creating the
configuration

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
2024-01-31 18:23:07 +00:00
Stian Thorgersen
0fb6bdfcac
Cookie Provider - move remaining cookies (#26531)
Closes #26500

Signed-off-by: stianst <stianst@gmail.com>
2024-01-29 11:06:37 +01:00
Martin Kanis
7797f778d1 Map Store Removal: Rename legacy modules
Closes #24107

Signed-off-by: Martin Kanis <mkanis@redhat.com>
2024-01-25 16:29:16 +01:00
Stian Thorgersen
85ddac26ed
Remove code that expires old cookie paths (#26444)
Closes #26416

Signed-off-by: stianst <stianst@gmail.com>
2024-01-24 13:43:03 +01:00
Takashi Norimatsu
b99f45ed3d Supporting EdDSA
closes #15714

Signed-off-by: Takashi Norimatsu <takashi.norimatsu.ws@hitachi.com>

Co-authored-by: Muhammad Zakwan Bin Mohd Zahid <muhammadzakwan.mohdzahid.fg@hitachi.com>
Co-authored-by: rmartinc <rmartinc@redhat.com>
2024-01-24 12:10:41 +01:00
Martin Kanis
84603a9363
Map Store Removal: Rename Legacy* classes (#26273)
Closes #24105

Signed-off-by: Martin Kanis <mkanis@redhat.com>
2024-01-23 13:50:31 +00:00
Alexander Schwartz
a8eca6add0
Changing to the Infinispan BOM to avoid mis-aligned Infinispan dependencies (#26137)
Closes #22922

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Signed-off-by: Pedro Ruivo <pruivo@redhat.com>
Co-authored-by: Pedro Ruivo <pruivo@redhat.com>
2024-01-15 09:20:47 +01:00
Pedro Igor
d540584449 Using a valid URI when deleting cookies before/after running tests
Closes #22691

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
2024-01-05 15:13:12 -03:00
Steven Hawkins
667ce4be9e
enhance: supporting versioned features (#24811)
also adding a common PropertyMapper validation method

closes #24668

Co-authored-by: Václav Muzikář <vaclav@muzikari.cz>
Co-authored-by: Martin Bartoš <mabartos@redhat.com>
2024-01-03 17:56:31 +01:00
Réda Housni Alaoui
5287500703 @NoCache is not considered anymore
Signed-off-by: Réda Housni Alaoui <reda-alaoui@hey.com>
2024-01-02 09:06:55 -03:00
mposolda
3fa2d155ca Decouple factory methods from the provider methods on UserProfileProvider implementation
closes #25146

Signed-off-by: mposolda <mposolda@gmail.com>
2023-12-01 10:30:57 -03:00
Steven Hawkins
8c3df19722
feature: add option for creating a global truststore (#24473)
closes #24148

Co-authored-by: Václav Muzikář <vaclav@muzikari.cz>
Co-authored-by: Martin Bartoš <mabartos@redhat.com>
2023-11-30 08:57:17 +01:00
Sebastian Schuster
030f42ec83
More efficient listing of assigned and available client role mappings
Closes #23404

Signed-off-by: Sebastian Schuster <sebastian.schuster@bosch.io>
Co-authored-by: Vlasta Ramik <vramik@users.noreply.github.com>
2023-11-22 14:10:11 +01:00
Réda Housni Alaoui
3f014c7299
Cannot display 'Authentication Flows' screen when a realm contains more than ~4000 clients (#21058)
closes #21010 

Signed-off-by: Réda Housni Alaoui <reda-alaoui@hey.com>
2023-11-13 19:13:01 +01:00
vramik
926be135e8 Remove map related modules
Signed-off-by: vramik <vramik@redhat.com>

Closes #24100
2023-11-13 12:34:52 +01:00
vramik
6fa26d7ff4 Delete map dependencies from dependency management
Closes #24101
2023-11-08 13:53:17 +01:00
mposolda
7863c3e563 Moving UPConfig and related classes from keycloak-services
closes #24535

Signed-off-by: mposolda <mposolda@gmail.com>
2023-11-07 12:41:29 +01:00
rmartinc
1b630326b2 Fixes in LDAP tests when using AD
Closing https://github.com/keycloak/keycloak/issues/24357
2023-10-31 13:34:37 +01:00
Thomas Darimont
e567210ed1
Add dedicated feature flag for oauth device grant flow (#23892)
Closes #23891
2023-10-24 10:09:26 +02:00
mposolda
04777299b0 After tab1 finish authentication, make sure that rootAuthenticationSession is expired shortly
closes #23880
2023-10-19 19:23:50 +02:00
shigeyuki kabano
6112b25648 Enhancing Light Weight Token(#22148)
Closes #21183
2023-10-17 13:12:36 +02:00
Alexander Schwartz
50916d58b1 Clean up created test user to avoid conflict with other tests
Closes #23804
2023-10-16 19:10:52 +02:00
Pedro Igor
9c19a8972b Removing the default cache metadata
Closes #23910
2023-10-13 16:32:55 +02:00
Garth
2dfbbff343
added AccountResource SPI, Provider and ProviderFactory. (#22317)
Added AccountResource SPI, Provider and ProviderFactory. updated AccountLoader to load provider(s) and check if it is compatible with the chosen theme.
2023-10-05 15:08:01 +02:00
rmartinc
d90640b5a3 Change email checkserveridentity prop as angus mail sets it to true by default
Closes https://github.com/keycloak/keycloak/issues/22395
2023-09-26 09:11:16 +02:00
Michal Hajas
496c5ad989 Use new findGroupByPath implementation and remove the old one
Closes #23344

Signed-off-by: Michal Hajas <mhajas@redhat.com>
2023-09-25 10:44:24 +02:00
Bernd Bohmann
bb2f59df87
Calling getTopLevelGroups is slow inside GroupLDAPStorageMapper#getLDAPGroupMappingsConverted (#8430)
Closes #14820 
---------
Co-authored-by: Michal Hajas <mhajas@redhat.com>
2023-09-20 17:20:43 +02:00
Justin Tay
658c0ef19f Send Client ID in token request with JWT Authentication
Closes #21444
2023-09-14 10:57:32 +02:00
Daniel Fesenmeyer
a68ad55a37 Support to define compatible mappers for (new) Identity Providers
- Also allows to use existing mappers for custom Identity Providers without having to change those mappers

Closes #21154
2023-09-13 17:19:06 -03:00
mposolda
6f6b5e8e84 Fix authenticatorConfig for javascript providers
Closes #20005
2023-07-31 19:28:25 +02:00
Takashi Norimatsu
05b8b9ee51 Enhancing Pluggable Features of Token Manager
closes #21182
2023-07-24 09:16:29 +02:00
Stian Thorgersen
f82577a7f3
Removed old account console (#21098)
Co-authored-by: Jon Koops <jonkoops@gmail.com>

Closes #9864
2023-06-20 20:46:57 +02:00
vramik
535bba5792 Update UserQueryProvider methods
Closes #20438
2023-06-12 16:04:26 +02:00
rmartinc
9bc30f4705 EventBuilder fixes to copy the store and session context
Closes https://github.com/keycloak/keycloak/issues/20757
Closes https://github.com/keycloak/keycloak/issues/20105
2023-06-07 08:34:27 -03:00
Aboullos
612fe33ade
Remove AccountUpdateProfilePage from the testsuite (#19362)
closes #15202
2023-06-02 11:46:49 +02:00
mposolda
bf9c5821cb Fix for certificate revalidation
closes https://security.snyk.io/vuln/SNYK-JAVA-ORGKEYCLOAK-5291542
2023-05-31 15:42:37 +02:00
vramik
a175efcb72 Split UserQueryProvider into UserQueryMethods and UserCountMethods and make LdapStorageProvider implement only UserQueryMethods
Co-authored-by: mhajas <mhajas@redhat.com>

Closed #20156
2023-05-31 11:47:54 +02:00
stianst
0832992e59 Removing OpenShift integration and moving to separate extension
closes #20496

Co-authored-by: mposolda <mposolda@gmail.com>
2023-05-30 17:39:32 +02:00
Hynek Mlnarik
38442ee0a6 Fix event tests 2023-05-23 20:53:30 +02:00
Peter Zaoral
946eacd5b6 Quarkus3 branch sync no. 5
10.2.2023:
* renamed imports from javax to jakarta as a part of the migration from JavaEE to JakartaEE
* fixed Undertow server not starting due to ClassNotFoundException: javax.transaction.TransactionManager

Signed-off-by: Peter Zaoral <pzaoral@redhat.com>
2023-04-27 13:36:54 +02:00
Martin Bartoš
124591ce1a Adapters can still use Java EE
- Provided all JavaEE dependencies for adapters
- Automatically build Undertow Jakarta EE for testsuite (missing SAML)
---
Quarkus3 branch sync no. 11 (24.3.2023)
Resolved conflicts:
keycloak/adapters/oidc/spring-security/pom.xml - Modified
---
Quarkus3 branch sync no. 7 (27.2.2023)
Resolved conflicts:
keycloak/pom.xml - Modified
---
Quarkus3 branch sync no. 5 (10.2.2023)
Resolved conflicts:
keycloak/testsuite/integration-arquillian/servers/auth-server/services/testsuite-providers/pom.xml - Modified
---
Quarkus3 branch sync no. 1 (18.1.2023)
Resolved conflicts:
keycloak/testsuite/integration-arquillian/tests/base/pom.xml - Modified
2023-04-27 13:36:54 +02:00
Martin Bartoš
7cff857238 Migrate packages from javax.* to jakarta.*
---
Quarkus3 branch sync no. 14 (24.4.2023)
Resolved conflicts:
keycloak/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/federation/storage/ComponentExportImportTest.java - Modified
keycloak/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/DeclarativeUserTest.java - Modified
keycloak/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/federation/storage/FederatedStorageExportImportTest.java - Modified
keycloak/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/authentication/FlowTest.java - Modified
keycloak/services/src/main/java/org/keycloak/services/resources/admin/UserResource.java	- Modified
---
Quarkus3 branch sync no. 13 (11.4.2023)
Resolved conflicts:
keycloak/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/pages/AccountTotpPage.java - Deleted
keycloak/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/federation/storage/BackwardsCompatibilityUserStorageTest.java - Modified
---
Quarkus3 branch sync no. 12 (31.3.2023)
Resolved conflicts:
keycloak/quarkus/runtime/src/main/java/org/keycloak/quarkus/runtime/services/resources/QuarkusWelcomeResource.java - Modified
keycloak/services/src/main/java/org/keycloak/protocol/saml/profile/util/Soap.java - Modified
keycloak/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/util/UserInfoClientUtil.java - Modified
keycloak/services/src/main/java/org/keycloak/protocol/oidc/endpoints/UserInfoEndpoint.java - Modified
keycloak/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/sessionlimits/UserSessionLimitsTest.java - Modified
---
Quarkus3 branch sync no. 10 (17.3.2023)
Resolved conflicts:
keycloak/services/src/main/java/org/keycloak/protocol/saml/SamlProtocolUtils.java -	Modified
---
Quarkus3 branch sync no. 9 (10.3.2023)
Resolved conflicts:
keycloak/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/federation/kerberos/AbstractKerberosSingleRealmTest.java - Modified
keycloak/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/forms/LoginTest.java - Modified
---
Quarkus3 branch sync no. 8 (3.3.2023)
Resolved conflicts:
keycloak/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/util/SamlClient.java	Modified - Modified
keycloak/services/src/main/java/org/keycloak/protocol/saml/SamlProtocol.java - Modified
keycloak/examples/providers/authenticator/src/main/java/org/keycloak/examples/authenticator/SecretQuestionAuthenticator.java - Modified
---
Quarkus3 branch sync no. 6 (17.2.2023)
Resolved conflicts:
keycloak/integration/admin-client/src/main/java/org/keycloak/admin/client/resource/ComponentsResource.java - Modified
keycloak/testsuite/utils/src/main/java/org/keycloak/testsuite/KeycloakServer.java - Modified
keycloak/services/src/main/java/org/keycloak/protocol/saml/installation/SamlSPDescriptorClientInstallation.java - Modified
---
Quarkus3 branch sync no. 5 (10.2.2023)
Resolved conflicts:
/keycloak/services/src/main/java/org/keycloak/social/google/GoogleIdentityProvider.java	Modified - Modified
keycloak/services/src/main/java/org/keycloak/social/twitter/TwitterIdentityProvider.java - Modified
---
Quarkus3 branch sync no. 4 (3.2.2023)
Resolved conflicts:
keycloak/quarkus/runtime/src/main/java/org/keycloak/quarkus/runtime/integration/jaxrs/QuarkusKeycloakApplication.java - Modified
---
Quarkus3 branch sync no. 1 (18.1.2023)
Resolved conflicts:
keycloak/testsuite/client/ClientPoliciesTest.java - Deleted
keycloak/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/client/ClientRegistrationTest.java - Modified
keycloak/model/map-jpa/src/main/java/org/keycloak/models/map/storage/jpa/JpaModelCriteriaBuilder.java - Modified
2023-04-27 13:36:54 +02:00
mposolda
a3f2ebb193 Ability to override default/built-in providers with same providerId. Using ProviderFactory.order() for choosing priority providers
Closes #19867
2023-04-25 18:04:58 +02:00