Michal Hajas
0bda7e6038
Introduce map event store with CHM implementation
...
Closes #11189
2022-05-17 12:57:35 +02:00
Sven-Torben Janus
0efa4afd49
Evaluate composite roles for hardcoded LDAP roles/groups
...
Closes: 11771
see also KEYCLOAK-18308
2022-05-02 14:13:37 +02:00
Stefan Guilhen
b29b27d731
Ensure code does not rely on a particular format for the realm id or component id
2022-04-20 14:40:38 +02:00
Pedro Igor
2cb5d8d972
Removing upload scripts feature ( #11117 )
...
Closes #9865
Co-authored-by: Michal Hajas <mhajas@redhat.com>
Co-authored-by: Michal Hajas <mhajas@redhat.com>
2022-04-20 14:25:16 +02:00
Martin Bartoš
3aa3db16ea
Fix error response for invalid characters ( #11533 )
...
Fixes #11530
2022-04-20 11:26:08 +02:00
Alexander Schwartz
a6dd9dc0f1
Avoiding AvlPartitionFactory and using JdbmPartitionFactory for the embedded LDAP to work around unstable tests.
...
Fix for #11171 didn't turn out to cover the root cause. Also improved transaction handling in LDAP Map storage.
Closes #11211
2022-04-12 09:12:21 +02:00
Alexander Schwartz
5c810ad0e5
Avoid short-lived connections for ApacheDS to avoid messages around "ignoring the message MessageType UNBIND_REQUEST"
...
The comment in LdapRequestHandler.java in ApacheDS notes just before discarding an unbind request: "in some cases the session is becoming null though the client is sending the UnbindRequest before closing".
Also implementing a retry logic for all remaining errors regarding LDAP.
Closes #11171
2022-04-11 10:03:15 +02:00
Marek Posolda
22a16ee899
OIDC RP-Initiated logout endpoint ( #10887 )
...
* OIDC RP-Initiated logout endpoint
Closes #10885
Co-Authored-By: Marek Posolda <mposolda@gmail.com>
* Review feedback
Co-authored-by: Douglas Palmer <dpalmer@redhat.com>
2022-03-30 11:55:26 +02:00
keycloak-bot
c71aa8b711
Set version to 999-SNAPSHOT ( #10784 )
2022-03-22 09:22:48 +01:00
Martin Bartoš
02d0fe82bc
Auth execution 'Condition - User Attribute' missing
...
Closes #9895
2022-03-08 08:24:48 +01:00
Marek Posolda
90d4e586b6
Show error in case of an unkown essential acr claim. Make sure correc… ( #10088 )
...
* Show error in case of an unkown essential acr claim. Make sure correct acr is set after authentication flow during step-up authentication
Closes #8724
Co-authored-by: Cornelia Lahnsteiner <cornelia.lahnsteiner@prime-sign.com>
Co-authored-by: Martin Bartoš <mabartos@redhat.com>
2022-02-15 09:02:05 +01:00
keycloak-bot
d9f1a9b207
Set version to 18.0.0-SNAPSHOT ( #10165 )
2022-02-11 21:28:06 +01:00
Dominik Guhr
1b77358160
Logging guide v1
...
Closes #10001
2022-02-08 18:13:05 -03:00
Pedro Igor
f107f0596e
Rename h2-file and h2-mem and removing defaults from production databases
...
Closes #9973
2022-02-04 15:43:51 -03:00
Martin Kanis
0471ec4941
Cross-site validation for lazy loading of offline sessions & Switch default offline sessions to lazy loaded
2022-02-03 21:43:47 +01:00
Stian Thorgersen
cc88fb2daa
Update default distribution to Quarkus ( #9839 )
...
Closes #9837
2022-02-01 09:42:09 +01:00
Dominik Guhr
5a1f4b8889
Quarkus update to 2.7.0.Final
...
Minor and micro dependency updates, some relocations (e.g. vault, ZipUtils), so some changes were needed to make this work.
Closes #9872
2022-01-31 09:55:02 -03:00
Pedro Igor
d28b54e5d5
Hide Hasicorp Vault from CLI ( #9700 )
...
Closes #9688
2022-01-25 14:24:35 +01:00
Pedro Igor
b53c5d5eee
Build command should not allow runtime options
...
Closes #9618
2022-01-23 16:30:48 -03:00
Pedro Igor
0a9387ff4f
Unified configuration option format and renaming keycloak.properties to keycloak.conf
...
Closes #9606
2022-01-19 08:47:15 -03:00
Pedro Igor
4f568dff63
[ fixes #9133 ] - Allow setting JDBC driver and transaction type
2021-12-21 09:57:21 -08:00
keycloak-bot
9f3d4a7d42
Set version to 17.0.0-SNAPSHOT
2021-12-20 10:50:39 +01:00
Stian Thorgersen
31345c49b1
Server-only upgrade to WildFly 25.0.1 ( #9190 )
...
* WF 25.0.1 upgrade light
* Re-enable adapters with old WF versions
* Put server-overlay and server-legacy-dist back to reduce size of PR changes
* Remove some more changes that are not needed
* Fix issues adding to provider properties
* Fix user-profile updates for tests
* tls fixes
* Set WF to 23 for adapter tests
Co-authored-by: Pedro Igor <pigor.craveiro@gmail.com>
2021-12-17 12:12:41 +01:00
Pedro Igor
bf0f3d605c
[ fixes #9052 ] - Renaming cluster options to cache
2021-12-10 08:20:53 +01:00
Pedro Igor
9a4ab82d08
[KEYCLOAK-19847] - Optimizations and refactoring for better/stable startup time
2021-12-02 08:57:23 -08:00
Pedro Igor
e14e56e0f3
[KEYCLOAK-19798] - Hostname support for Dist.X
...
Co-authored-by: Stian Thorgersen <stian@redhat.com>
2021-11-17 10:51:58 -03:00
Martin Bartoš
b17f0695ee
8793 User Profile multiple implementations
2021-11-15 08:46:34 +01:00
Pedro Igor
37b36decbb
[KEYCLOAK-19798] - Less verbose HTTP options and minor changes to property mappers
2021-11-12 07:50:32 -03:00
Dominik Guhr
13a7f773a9
KEYCLOAK-19446 Use FolderThemeProviderFactory with fallback for quarkus so no need to always set config or system variable
2021-11-09 07:59:40 -03:00
mposolda
5740e158e3
KEYCLOAK-18744 OpenBanking Brasil fix for X509 client authentication. More flexibility in Subject DN comparison.
2021-11-05 09:10:50 +01:00
Pedro Igor
eaa96f6147
[KEYCLOAK-18255] - Vault Support in Dist.X
2021-11-03 09:23:33 -03:00
Joerg Matysiak
afc5cb4d14
KEYCLOAK-19617 Simplify creation of custom user profiles
...
* DeclarativeUserProfileProvider passes its ID to DeclarativeUserProfileModel, so this also works for derived classes.
* Moved creation of declarative user profile model to a protected factory method to allow subclasses to provide their own implementation.
* Added integration tests for custom user profile
* configured declarative-user-profile as default user profile provider in test servers
* Restore previously configured default provider after test with special provider settings
* Some refactoring in SpiProviderSwitchingUtils
2021-10-28 08:26:11 -03:00
Dominik
00feef4dbe
KEYCLOAK-19496 Unignore ArtifactBindingCustomResolverTest and make SetDefaultProvider Annotation usable for Quarkus-based distribution
2021-10-08 15:50:59 -03:00
R Yamada
891c8e1a12
[KEYCLOAK-17653] - OIDC Frontchannel logout support
2021-10-07 15:27:19 -03:00
Dominik
12d4837fa9
KEYCLOAK-19484_BasicSamlTest
2021-10-06 12:04:05 -03:00
Martin Kanis
30b3caee9f
KEYCLOAK-18445 Add support for cross-site model tests
2021-10-06 14:37:06 +02:00
Dominik
cd7a22c174
KEYCLOAK-19476: Unignore LoginTest.loginWithLongRedirectUri by adding property to authserver-quarkus
2021-10-06 08:03:34 -03:00
Dominik
021245a330
KEYCLOAK-19463 fix PasswordPolicyTest for Quarkus
2021-10-04 15:32:18 -03:00
Dominik
8cf35c9b7b
KEYCLOAK-13770 - Working DefaultThemeManagerTest
2021-10-01 11:25:17 -03:00
Michal Hajas
da0c945475
KEYCLOAK-18940 Add support for searching composite roles
2021-10-01 12:41:19 +02:00
Pedro Igor
0210acadad
[KEYCLOAK-19424] - Rename the config command to build
2021-10-01 08:39:50 +02:00
Dominik
20b91c7d4f
KEYCLOAK-13770 Fix Quarkus ScriptDeploymentTests, Hostnametests and tests relying on user attribute config
2021-09-27 15:19:45 -03:00
Vlastimil Elias
28e220fa6d
KEYCLOAK-18497 - Support different input types in built-in dynamic forms
2021-09-20 09:14:49 -03:00
Takashi Norimatsu
375e47877e
KEYCLOAK-18558 Client Policy - Endpoint : support Device Authorization Endpoint
2021-09-20 11:22:58 +02:00
Pedro Igor
aa018295c4
[KEYCLOAK-17866] - Upgrade to Quarkus v2
2021-09-10 11:21:09 -03:00
keycloak-bot
262ec3d031
Set version to 16.0.0-SNAPSHOT
2021-07-30 14:56:10 +02:00
mposolda
9b0e1fff8d
KEYCLOAK-18903 More customizable OIDC WellKnown provider
2021-07-28 18:03:23 +02:00
mposolda
4520cbd38c
KEYCLOAK-18904 Support cert-bound tokens when doing client credentials grant. Client policies support for client credentials grant
2021-07-28 07:24:30 +02:00
mposolda
643b3c4c5a
KEYCLOAK-18594 CIBA Ping Mode
2021-07-27 08:33:17 +02:00
Pedro Igor
d29d945cc4
[KEYCLOAK-18857] - Do not force default to RS256 when verifying tokens sent by clients and JWK does not hold an algorithm
2021-07-21 11:09:02 +02:00