libre.sh/keycloak-scim
2
0
Fork 0
Code Issues 14 Pull requests Releases Packages Activity Actions 6
25129 commits 4 branches 5 tags 480 MiB
Commit graph

810 commits

Author SHA1 Message Date
Ricardo Martin
0cd0d03c08
Remove all adapter-core code moved to util (#30012) 
* Remove all tests that are only executed for undertow app server
* Remove installation steps for OIDC adapter in wildfly/eap app server
* Remove the util adapters package except HttpClientBuilder
* Remove HttpClientBuilder and use plain apache http client
Closes #29912

Signed-off-by: rmartinc <rmartinc@redhat.com>
 2024-06-03 09:28:02 +02:00
Peter Zaoral
cd2451d58b
Remove Oracle JDBC driver out of the box (#29895) 
Closes: #29491

Co-authored-by: Václav Muzikář <vaclav@muzikari.cz>
Co-authored-by: Martin Bartoš <mabartos@redhat.com>
Signed-off-by: Peter Zaoral <pzaoral@redhat.com>
 2024-05-31 17:21:19 +00:00
Martin Bartoš
76a6733f0a Replace PhantomJS by HtmlUnit 
Closes #9979

Co-authored-by: Jon Koops <jonkoops@gmail.com>
Signed-off-by: Martin Bartoš <mabartos@redhat.com>
 2024-05-29 11:17:57 +02:00
Pedro Igor
bbb83236f5 Do not lower-case the username from the IdP when creating the federated identity 
Closes #28495

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2024-05-29 01:58:20 -03:00
Thomas Darimont
ab376d9101 Make required actions configurable (#28400) 
- Add tests for crud operations on configurable required actions
- Add support exposing the required action configuration via RequiredActionContext
- Make configSaveError message reusable in other contexts
- Introduced admin-ui specific endpoint for retrieving required actions with config metadata

Fixes #28400

Signed-off-by: Thomas Darimont <thomas.darimont@googlemail.com>
Co-authored-by: Erik Jan de Wit <erikjan.dewit@gmail.com>
 2024-05-23 08:38:36 +02:00
Ricardo Martin
74a80997c7
Fix CRL verification failing due to client cert not being in chain (#29582) 
closes #19853

Signed-off-by: Micah Algard <micahalgard@gmail.com>
Signed-off-by: rmartinc <rmartinc@redhat.com>


Co-authored-by: Micah Algard <micahalgard@gmail.com>
Co-authored-by: rmartinc <rmartinc@redhat.com>
 2024-05-17 11:28:07 +02:00
Pedro Ruivo
cbce548e71 Infinispan 15.0.3.Final 
Closes #29068

Signed-off-by: Pedro Ruivo <pruivo@redhat.com>
 2024-05-08 17:18:39 +02:00
Douglas Palmer
8d628d740e Can we remove undertow OIDC adapter? 
Closes #28788

Signed-off-by: Douglas Palmer <dpalmer@redhat.com>
 2024-05-07 19:47:46 +02:00
Douglas Palmer
00bd6224fa Remove remaining Fuse adapter bits 
Closes #28787

Signed-off-by: Douglas Palmer <dpalmer@redhat.com>
 2024-05-06 09:02:26 +02:00
Douglas Palmer
051c0197db Remove old-WildFly, EAP 7.4 and 6.4 SAML adapters 
Closes #28785

Signed-off-by: Douglas Palmer <dpalmer@redhat.com>
 2024-05-03 15:39:05 +02:00
Douglas Palmer
e0176a7e31 Remove Wildfly and EAP OIDC adapters 
Closes #23381

Signed-off-by: Douglas Palmer <dpalmer@redhat.com>
 2024-05-02 20:16:55 +02:00
Douglas Palmer
8d4d5c1c54 Remove redundant servers from the testsuite 
Closes #29089

Signed-off-by: Douglas Palmer <dpalmer@redhat.com>
 2024-04-30 17:39:32 +02:00
Stefan Guilhen
02e2ebf258 Add check to prevent deserialization issues when the context token is not an AccessTokenResponse. 
- also adds a test for the refresh token on first login scenario.

Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
 2024-04-30 12:02:10 -03:00
Jon Koops
a6e2ab5523 Remove jaxrs-oauth-client and OIDC servlet-filter adapters 
Closes #28784

Signed-off-by: Jon Koops <jonkoops@gmail.com>
 2024-04-26 15:56:57 +02:00
Douglas Palmer
cca660067a Remove JAAS login modules 
Closes #28789

Signed-off-by: Douglas Palmer <dpalmer@redhat.com>
 2024-04-26 09:30:35 +02:00
Douglas Palmer
b2f09feebf Remove servlet filter saml adapters 
Closes #28786

Signed-off-by: Douglas Palmer <dpalmer@redhat.com>
 2024-04-26 09:30:35 +02:00
Douglas Palmer
a4a7d023a7 Remove Jetty OIDC adapter 
Closes #28779

Signed-off-by: Douglas Palmer <dpalmer@redhat.com>
 2024-04-26 09:30:35 +02:00
Douglas Palmer
c5dbab2740 Remove Jetty SAML adapter 
Closes #28782

Signed-off-by: Douglas Palmer <dpalmer@redhat.com>
 2024-04-26 09:30:35 +02:00
Douglas Palmer
43aa10e091 Remove Tomcat OIDC adapter 
Closes #28778

Signed-off-by: Douglas Palmer <dpalmer@redhat.com>
 2024-04-26 09:30:35 +02:00
Douglas Palmer
98faf6e6a0 Remove Tomcat SAML adapter 
Signed-off-by: Douglas Palmer <dpalmer@redhat.com>

Closes #28783
 2024-04-26 09:30:35 +02:00
Stefan Wiedemann
b08c644601
Support credentials issuance through oid4vci (#27931) 
closes #25940 

Signed-off-by: Stefan Wiedemann <wistefan@googlemail.com>
 2024-04-22 11:37:55 +02:00
Pedro Ruivo
3e0a185070 Remove deprecated EnvironmentDependentProviderFactory.isSupported method 
Closes #26280

Signed-off-by: Pedro Ruivo <pruivo@redhat.com>
 2024-04-19 16:36:49 +02:00
mposolda
c427e65354 Secondary factor bypass in step-up authentication 
closes #34

Signed-off-by: mposolda <mposolda@gmail.com>
(cherry picked from commit e632c03ec4dbfbb7c74c65b0627027390b2e605d)
 2024-04-19 14:43:53 +02:00
Stian Thorgersen
0d60e58029
Restrict the token types that can be verified when not using the user info endpoint (#146) (#28866) 
Closes #47

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>

Conflicts:
	core/src/main/java/org/keycloak/util/TokenUtil.java
	testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/oauth/ClientTokenExchangeTest.java

Co-authored-by: Pedro Igor <pigor.craveiro@gmail.com>
 2024-04-18 14:11:05 +02:00
Pedro Ruivo
63cb137b37 Remove usages of EnvironmentDependentProviderFactory.isSupported 
Closes #28751

Signed-off-by: Pedro Ruivo <pruivo@redhat.com>
 2024-04-16 09:43:23 +02:00
Šimon Vacek
0205262c91
Workflow failure: Fuse adapter tests 
Closes: #27021

Signed-off-by: Simon Vacek <simonvacky@email.cz>
 2024-04-15 17:28:16 +02:00
Martin Bartoš
a3669a6562
Make general cache options runtime (#28542) 
Closes #27549

Signed-off-by: Martin Bartoš <mabartos@redhat.com>
 2024-04-12 11:56:11 +02:00
Giuseppe Graziano
c76cbc94d8 Add sub via protocol mapper to access token 
Closes #21185

Signed-off-by: Giuseppe Graziano <g.graziano94@gmail.com>
 2024-04-10 10:40:42 +02:00
Václav Muzikář
e4987f10f5
Hostname SPI v2 (#26345) 
* Hostname SPI v2

Closes: #26084

Signed-off-by: Václav Muzikář <vmuzikar@redhat.com>

* Fix HostnameV2DistTest#testServerFailsToStartWithoutHostnameSpecified

Signed-off-by: Václav Muzikář <vmuzikar@redhat.com>

* Address review comment

Signed-off-by: Václav Muzikář <vmuzikar@redhat.com>

* Partially revert the previous fix

Signed-off-by: Václav Muzikář <vmuzikar@redhat.com>

* Do not polish values

Signed-off-by: Václav Muzikář <vmuzikar@redhat.com>

* Remove filtering of denied categories

Signed-off-by: Václav Muzikář <vmuzikar@redhat.com>

---------

Signed-off-by: Václav Muzikář <vmuzikar@redhat.com>
 2024-04-09 11:25:19 +02:00
Pedro Igor
52ba9b4b7f Make sure attribute metadata from user storage providers are added only for the provider associated with a federated user 
Closes #28248

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2024-04-08 09:05:16 -03:00
Justin Tay
e765932df3 Skip unsupported keys in JWKS 
Closes #16064

Signed-off-by: Justin Tay <49700559+justin-tay@users.noreply.github.com>
 2024-04-08 08:42:31 +02:00
Justin Tay
89a5da1afd Allow empty key use in JWKS for client authentication 
Closes #28004

Signed-off-by: Justin Tay <49700559+justin-tay@users.noreply.github.com>
 2024-04-04 10:42:37 +02:00
Stian Thorgersen
c3a98ae387
Use Argon2 as default password hashing algorithm (#28162) 
Closes #28161

Signed-off-by: stianst <stianst@gmail.com>
 2024-03-22 13:04:14 +00:00
Stian Thorgersen
8cbd39083e
Default password hashing algorithm should be set to default password hash provider (#28128) 
Closes #28120

Signed-off-by: stianst <stianst@gmail.com>
 2024-03-22 12:44:11 +01:00
Steven Hawkins
35b9d8aa49
task: remove usage of resteasy-core-spi (#27387) 
closes: #27242

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
 2024-03-21 15:28:34 +01:00
vramik
032bb8e9cc Map Store Removal: Remove obsolete KeycloakModelUtils.isUsernameCaseSensitive method 
Closes #27438

Signed-off-by: vramik <vramik@redhat.com>
 2024-03-02 04:40:46 +09:00
Ryan Emerson
a2f027ee00 Use AWS JDBC Wrapper in CI tests. Resolves #27123 
Signed-off-by: Ryan Emerson <remerson@redhat.com>
 2024-02-19 19:07:24 +01:00
Stian Thorgersen
23d5f2188d
Run adapters in a separate job on GitHub Actions (#26962) 
Closes #25892

Signed-off-by: stianst <stianst@gmail.com>
 2024-02-13 12:38:58 +01:00
Steven Hawkins
37acb2fd09
task: upgrading to quarkus 3.7.0.CR1 (#26203) 
there are several downgrades from the quarkus versions, and some
additional logic needed to handle changes with re-creating the
configuration

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
 2024-01-31 18:23:07 +00:00
Stian Thorgersen
0fb6bdfcac
Cookie Provider - move remaining cookies (#26531) 
Closes #26500

Signed-off-by: stianst <stianst@gmail.com>
 2024-01-29 11:06:37 +01:00
Martin Kanis
7797f778d1 Map Store Removal: Rename legacy modules 
Closes #24107

Signed-off-by: Martin Kanis <mkanis@redhat.com>
 2024-01-25 16:29:16 +01:00
Ricardo Martin
b58f35fb47
Revert "Enable verify profile required action by default for new realms" (#26495) 
This reverts commit 7f195acc14.

Signed-off-by: rmartinc <rmartinc@redhat.com>
 2024-01-25 12:28:16 +01:00
rmartinc
7f195acc14 Enable verify profile required action by default for new realms 
Closes #25985

Signed-off-by: rmartinc <rmartinc@redhat.com>
 2024-01-24 20:28:06 +01:00
Stian Thorgersen
85ddac26ed
Remove code that expires old cookie paths (#26444) 
Closes #26416

Signed-off-by: stianst <stianst@gmail.com>
 2024-01-24 13:43:03 +01:00
Takashi Norimatsu
b99f45ed3d Supporting EdDSA 
closes #15714

Signed-off-by: Takashi Norimatsu <takashi.norimatsu.ws@hitachi.com>

Co-authored-by: Muhammad Zakwan Bin Mohd Zahid <muhammadzakwan.mohdzahid.fg@hitachi.com>
Co-authored-by: rmartinc <rmartinc@redhat.com>
 2024-01-24 12:10:41 +01:00
Martin Kanis
84603a9363
Map Store Removal: Rename Legacy* classes (#26273) 
Closes #24105

Signed-off-by: Martin Kanis <mkanis@redhat.com>
 2024-01-23 13:50:31 +00:00
Alexander Schwartz
a8eca6add0
Changing to the Infinispan BOM to avoid mis-aligned Infinispan dependencies (#26137) 
Closes #22922

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Signed-off-by: Pedro Ruivo <pruivo@redhat.com>
Co-authored-by: Pedro Ruivo <pruivo@redhat.com>
 2024-01-15 09:20:47 +01:00
Pedro Igor
d540584449 Using a valid URI when deleting cookies before/after running tests 
Closes #22691

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2024-01-05 15:13:12 -03:00
Steven Hawkins
667ce4be9e
enhance: supporting versioned features (#24811) 
also adding a common PropertyMapper validation method

closes #24668

Co-authored-by: Václav Muzikář <vaclav@muzikari.cz>
Co-authored-by: Martin Bartoš <mabartos@redhat.com>
 2024-01-03 17:56:31 +01:00
Réda Housni Alaoui
5287500703 @NoCache is not considered anymore 
Signed-off-by: Réda Housni Alaoui <reda-alaoui@hey.com>
 2024-01-02 09:06:55 -03:00