Giuseppe Graziano
02d64d959c
Using _system client when account client is disabled for email actions
...
Closes #17857
Signed-off-by: Giuseppe Graziano <g.graziano94@gmail.com>
2024-07-03 08:43:36 +02:00
cgeorgilakis-grnet
20cedb84eb
Check refresh token flow response for offline based on refresh token request parameter
...
Closes #30857
Signed-off-by: cgeorgilakis-grnet <cgeorgilakis@admin.grnet.gr>
2024-07-02 18:13:30 -03:00
Pedro Aguiar
2316b8d82a
update: fix typo in hostname.adoc ( #31007 )
...
- `proxy_name` becomes `project_name`.
Signed-off-by: Pedro Aguiar <contact@codespearhead.com>
2024-07-02 16:50:38 +00:00
Thomas Darimont
f34bb21af6
Fix deprecations in common module
...
- Use charset in `Encode` class
- Replace reflective call to protected `Liquibase#resetServices()` with call to exposed public method on a custom subclass `KeycloakLiquibase`
- Remove usage of deprecated AccessController class in Reflections
- Deprecated SetAccessibleProvilegedAction and UnsetAccessibleProvilegedAction
Fixes #22209
Signed-off-by: Thomas Darimont <thomas.darimont@googlemail.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
2024-07-02 16:02:35 +00:00
Erik Jan de Wit
a8aa410ad3
also translate the message ( #30654 )
...
fixes : #29098
Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>
2024-07-02 15:31:38 +02:00
Erik Jan de Wit
e3649eb86a
changed to use adminUrl instead ( #30441 )
...
* changed to use adminUrl instead
fixes : #19070
Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>
* changed to make use of "frondend url" and "adminUrl"
Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>
---------
Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>
2024-07-02 13:42:07 +02:00
Rishabh Singh
3a156b1a8b
This fix allows the LDAP connection pool parameters - maxsize, prefsize, initsize - to be configured using JVM arguments.
...
Removed the check on connectionPoolingMaxSize, connectionPoolingInitSize and connectionPoolingPrefSize
Closes #30677
Signed-off-by: Rishabh Singh <rishabhsvats@gmail.com>
This fix allows all the LDAP connection pool parameters to be configured using JVM arguments.
Removed all the ldap connection pool parameters
Signed-off-by: Rishabh Singh <rishabhsvats@gmail.com>
2024-07-02 07:47:14 -03:00
Dmitry Telegin
5ff3488c80
Incorrect version comparison in ModelVersion
...
Closes #30935
Signed-off-by: Dmitry Telegin <demetrio@carretti.pro>
2024-07-02 11:52:33 +02:00
mruzicka
53fa901a11
fix: Use correct property for sub-flow name ( #30948 )
...
Signed-off-by: Michal Růžička <michal.ruza@gmail.com>
2024-07-01 14:47:54 +01:00
agagancarczyk
4924847676
Enhanced associated roles ( #30968 )
...
Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>
Co-authored-by: Agnieszka Gancarczyk <agancarc@redhat.com>
2024-07-01 14:38:42 +01:00
agagancarczyk
0d6ecab862
fixed rendering of granted client scopes in User Consents ( #30864 )
...
Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>
Co-authored-by: Agnieszka Gancarczyk <agancarc@redhat.com>
2024-07-01 15:28:35 +02:00
agagancarczyk
3874a141f1
Added some fun-tuning of Permissions table of Authorization ( #30894 )
...
Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>
Co-authored-by: Agnieszka Gancarczyk <agancarc@redhat.com>
2024-07-01 15:20:31 +02:00
Peter Zaoral
add45a25a8
Add default CPU limit/request for the operator ( #30601 )
...
Closes : #27432
Signed-off-by: Peter Zaoral <pzaoral@redhat.com>
2024-07-01 15:12:43 +02:00
Stan Silvert
fd8cb95595
Allow FGA with view-clients to see client roles ( #30834 )
...
Signed-off-by: Stan Silvert <ssilvert@redhat.com>
2024-07-01 08:50:30 -04:00
Erik Jan de Wit
ea0f569bd0
changed X
to link to organization ( #30648 )
...
Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>
2024-07-01 13:22:46 +02:00
Erik Jan de Wit
213b4ca6d1
reset form instead of adding to it ( #30650 )
...
fixes : #30550
Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>
2024-07-01 10:49:04 +02:00
Erik Jan de Wit
cb048c9700
don't show if there is a displayName set ( #30647 )
...
fixes : #30582
Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>
2024-07-01 10:48:10 +02:00
Hynek Mlnarik
287916997e
Show admin console header if serverinfo is forbidden
...
Fixes : #30683
Signed-off-by: Hynek Mlnarik <hmlnarik@redhat.com>
2024-06-28 20:22:16 +02:00
Steven Hawkins
d534860e2b
fix: admin cli client should set the content when performing a merge ( #30539 )
...
closes : #29878
Signed-off-by: Steve Hawkins <shawkins@redhat.com>
2024-06-28 15:56:07 +02:00
Pedro Igor
cc2ccc87b0
Filtering organization groups when managing or processing groups
...
Closes #30589
Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
2024-06-28 10:27:18 -03:00
Christoph Schulz
657aff787f
Add missing comma to ( #30914 )
...
Signed-off-by: Christoph Schulz <mail@ciis0.de>
Co-authored-by: Alexander Schwartz <alexander.schwartz@gmx.net>
2024-06-28 13:13:13 +00:00
Steven Hawkins
aae1fa1417
fix: addresses cli erroneously wants a secret when env password is set ( #30892 )
...
closes : #30866
Signed-off-by: Steve Hawkins <shawkins@redhat.com>
2024-06-28 11:48:42 +02:00
Thomas Darimont
690c6051bb
Fix scope policy evaluation for client to client token exchange ( #26435 )
...
Previously the scope from the token was not set available in the ClientModelIdentity attributes.
This caused the NPE in `org.keycloak.authorization.policy.provider.clientscope.ClientScopePolicyProvider.hasClientScope`(..)
when calling `identity.getAttributes().getValue("scope")`.
We now pass the provided decoded AccessToken down to the ClientModelIdentity creation
to allow to populate the required scope attribute.
We also ensure backwards compatibility for ClientPermissionManagement API.
Fixes #26435
Signed-off-by: Thomas Darimont <thomas.darimont@googlemail.com>
2024-06-28 10:33:20 +02:00
Pedro Ruivo
829e12b857
Incorrect order when instantiate ClientRemovedEvent
...
* Fix incorrect order in ClientRemovedEvent constructor
* Do not send an event if the events list is empty
Closes #30840
Signed-off-by: Pedro Ruivo <pruivo@redhat.com>
2024-06-28 09:51:02 +02:00
Václav Muzikář
bce7a29035
Document how Admin REST API endpoints work with Hostname config
...
Closes #30537
Signed-off-by: Václav Muzikář <vmuzikar@redhat.com>
Co-authored-by: Martin Bartoš <mabartos@redhat.com>
2024-06-28 09:31:41 +02:00
dependabot[bot]
da7de7abd1
Bump vite from 5.3.1 to 5.3.2
...
Bumps [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite ) from 5.3.1 to 5.3.2.
- [Release notes](https://github.com/vitejs/vite/releases )
- [Changelog](https://github.com/vitejs/vite/blob/main/packages/vite/CHANGELOG.md )
- [Commits](https://github.com/vitejs/vite/commits/v5.3.2/packages/vite )
---
updated-dependencies:
- dependency-name: vite
dependency-type: direct:development
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-06-28 08:40:17 +02:00
mposolda
f1b8a983d2
Cleanup mod_auth_mellon from the testsuite
...
closes #30869
Signed-off-by: mposolda <mposolda@gmail.com>
2024-06-28 08:33:36 +02:00
Stan Silvert
a1445cd93f
Minor doc fix. ( #30899 )
...
Signed-off-by: Stan Silvert <ssilvert@redhat.com>
2024-06-27 16:18:32 -04:00
Douglas Palmer
7a8c7502d2
Cleanup of adapter-spi module?
...
Closes#30871
Signed-off-by: Douglas Palmer <dpalmer@redhat.com>
2024-06-27 19:41:30 +02:00
Pascal Knüppel
c4ebd0cd0c
Add event for ClientScope created ( #30715 )
...
closes #30795
Signed-off-by: Pascal Knüppel <pascal.knueppel@governikus.de>
2024-06-27 19:05:29 +02:00
Douglas Palmer
220f32aa85
Cleanup of adapter pages
...
Closes #30870
Signed-off-by: Douglas Palmer <dpalmer@redhat.com>
2024-06-27 18:57:22 +02:00
Douglas Palmer
601355d517
Flaky test: org.keycloak.testsuite.oauth.TokenIntrospectionTest#testUnsupportedToken
...
Closes #30111
Signed-off-by: Douglas Palmer <dpalmer@redhat.com>
2024-06-27 18:41:48 +02:00
andymunro
30264c7dd4
Remove inclusive language foreword
...
Closes #30856
Signed-off-by: AndyMunro <amunro@redhat.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
2024-06-27 15:22:03 +02:00
mposolda
7279f2092e
Cleanup of test-apps and related adapter code
...
closes #30867
Signed-off-by: mposolda <mposolda@gmail.com>
2024-06-27 15:10:31 +02:00
Marek Posolda
644bdad2f1
Update integration/admin-client-jee/pom.xml
...
Co-authored-by: Jon Koops <jonkoops@gmail.com>
2024-06-27 11:00:30 +02:00
mposolda
3c3f59f861
Move some server related logic from info representation classes to server codebase
...
Signed-off-by: mposolda <mposolda@gmail.com>
2024-06-27 11:00:30 +02:00
mposolda
e5a4c94f75
Added suffix to keycloak-admin-client artifacts in keycloak repository
...
Signed-off-by: mposolda <mposolda@gmail.com>
2024-06-27 11:00:30 +02:00
MWarnecke
c5fc9f2962
Use provided scope for maven-plugin dependencies
...
* use provided scope for maven dependencies
As the maven-plugin-plugin suggests, dependencies to the maven runtime
should be in provided scope.
This gets rid of the according warning which was written during build.
Before Maven 3.9, plexus-utils was injected in the classpath at runtime.
As of Maven 3.9 this is not the case anymore which broke the plugin due
to a usage of said dependency. The only usage is replaced by a visitor
to copy files.
Closes #30542
Signed-off-by: Michael Warnecke <WarneckeMichael@web.de>
* Guides need to see maven's Log class
Signed-off-by: Michael Warnecke <WarneckeMichael@web.de>
---------
Signed-off-by: Michael Warnecke <WarneckeMichael@web.de>
2024-06-27 09:50:19 +02:00
dependabot[bot]
fa47d1a416
Bump mocha from 10.5.1 to 10.5.2
...
Bumps [mocha](https://github.com/mochajs/mocha ) from 10.5.1 to 10.5.2.
- [Release notes](https://github.com/mochajs/mocha/releases )
- [Changelog](https://github.com/mochajs/mocha/blob/main/CHANGELOG.md )
- [Commits](https://github.com/mochajs/mocha/compare/v10.5.1...v10.5.2 )
---
updated-dependencies:
- dependency-name: mocha
dependency-type: direct:development
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-06-27 08:32:58 +02:00
Moises Rodriguez
d924db0b0b
Add REST API error message to NetworkError
( #30720 )
...
Closes #30829
Signed-off-by: moises <moises@signot.com>
2024-06-26 21:49:01 +00:00
Lukas Hanusovsky
2915a03c6b
Removing chrome-install dependency from GH actions, and Chrome and Firefox webdriver system property from CI workflow
...
Closes #30408
Signed-off-by: Lukas Hanusovsky <lhanusov@redhat.com>
2024-06-26 18:08:07 +00:00
Hynek Mlnarik
f65af84191
Conditionally show Client Offline Session Max
...
Fixes : #30521
Signed-off-by: Hynek Mlnarik <hmlnarik@redhat.com>
2024-06-26 19:06:27 +02:00
Martin Bartoš
0a888512a8
New operator failing on health checks ( #30709 )
...
Closes #30355
Signed-off-by: Martin Bartoš <mabartos@redhat.com>
Co-authored-by: Václav Muzikář <vaclav@muzikari.cz>
2024-06-26 15:46:48 +00:00
Jon Koops
cd0dbdf264
Use the Keycloak server URL for common resources ( #30823 )
...
Closes #30541
Signed-off-by: Jon Koops <jonkoops@gmail.com>
2024-06-26 14:52:25 +00:00
jade
261bc41af2
messages: Correct {Client,Realm} Role prefix description to make sense ( #30277 )
...
It's unclear from the previous description that this field is used to
prepend things to the names in the token.
Signed-off-by: Jade Lovelace <software@lfcode.ca>
Co-authored-by: agagancarczyk <4890675+agagancarczyk@users.noreply.github.com>
2024-06-26 14:24:58 +01:00
rmartinc
c20dbc5c32
Add availability for features and make kerberos use it
...
Closes #30730
Signed-off-by: rmartinc <rmartinc@redhat.com>
2024-06-26 14:33:38 +02:00
agagancarczyk
ca26524259
Restored multivalued switch on create attribute ( #30811 )
...
* restored multivalued switch
Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>
* small cleanup
Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>
---------
Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>
Co-authored-by: Agnieszka Gancarczyk <agancarc@redhat.com>
2024-06-26 14:30:11 +02:00
etiksouma
d34e468a57
Rename label on realm details page ( #28106 )
...
Closes #28106
Signed-off-by: etiksouma <al@mouskite.com>
2024-06-26 12:31:42 +02:00
Martin Bartoš
30fdba00b5
Describe mTLS overrides for the management interface ( #30735 )
...
Closes #30094
Signed-off-by: Martin Bartoš <mabartos@redhat.com>
2024-06-26 12:02:36 +02:00
Alexander Schwartz
1edf444bc8
Re-augment at start after a previous dev mode ( #30461 )
...
Closes #30460
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
2024-06-26 09:00:54 +00:00