vramik
fcb31a5aa6
Implement invitation-only self-registration for realm users
...
Closes #31643
Signed-off-by: vramik <vramik@redhat.com>
2024-09-18 13:50:23 +02:00
Alexander Schwartz
2a95d0abfa
Sort order of updates for user properties ( #32853 )
...
This should reduce deadlocks on the user property table if the users are updated concurrently.
Closes #32852
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
2024-09-18 12:37:42 +02:00
Stefan Guilhen
3e597722a9
Add cache for IdentityProviderStorageProvider.getForLogin ( #32918 )
...
Closes #32573
Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
2024-09-18 09:05:57 +02:00
Václav Muzikář
83c00731c3
Upgrade to Quarkus 3.14.2 ( #32519 )
...
Closes #32517
Signed-off-by: Václav Muzikář <vmuzikar@redhat.com>
2024-09-13 20:18:48 +02:00
Pedro Ruivo
f67bec0417
Rename remote-cache Feature
...
Renamed to "clusterless"
Closes #32596
Signed-off-by: Pedro Ruivo <pruivo@redhat.com>
2024-09-13 13:03:13 +02:00
Michal Hajas
0f97e4cb39
Drop old tables for user and client sessions that are no longer used
...
Closes #32582
Signed-off-by: Michal Hajas <mhajas@redhat.com>
2024-09-12 11:47:37 +02:00
Stian Thorgersen
40049f31fa
Remove ProxyClassLoader and PlatformProvider returning script classloader ( #32806 )
...
Closes #32804
Signed-off-by: stianst <stianst@gmail.com>
2024-09-11 17:11:26 +02:00
Thomas Darimont
445a7da902
Ensure realm attributes import happens before client import
...
Fixes #32799
Signed-off-by: Thomas Darimont <thomas.darimont@googlemail.com>
2024-09-11 15:14:33 +02:00
cgeorgilakis-grnet
f8b1b3ee03
Search Identity Providers by alias or display name
...
Closes #32588
Signed-off-by: cgeorgilakis-grnet <cgeorgilakis@admin.grnet.gr>
2024-09-10 21:52:59 +02:00
Martin Kanis
ccb166d0e9
Add caching when querying brokers by organization
...
Closes #32574
Signed-off-by: Martin Kanis <mkanis@redhat.com>
2024-09-09 09:24:43 -03:00
Alexander Schwartz
d9dfe74e8b
Set idle time the same as for the internal cache, but extend it for refreshes
...
Closes #32100
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Signed-off-by: Michal Hajas <mhajas@redhat.com>
Co-authored-by: Michal Hajas <mhajas@redhat.com>
2024-09-09 10:47:56 +02:00
Alexander Schwartz
9454c01d88
Fix parsing of broker user ID if it contains a dot ( #32699 )
...
Closes #32698
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
2024-09-06 14:09:44 +02:00
Alexander Schwartz
ca951c3002
Drop redundant index on client sessions ( #32665 )
...
Closes #32583
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
2024-09-06 13:39:32 +02:00
Giuseppe Graziano
a14548a7a2
Lightweight access tokens for Admin REST API ( #32347 )
...
* Lightweight access tokens for Admin REST API
Closes #31513
Signed-off-by: Giuseppe Graziano <g.graziano94@gmail.com>
2024-09-04 18:04:23 +02:00
Stefan Guilhen
e7a4635620
Filter out org brokers from the account console
...
- org-linked brokers should not be available for login
- prepare the endpoint for search/pagination
Closes #31944
Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
2024-09-04 09:00:52 -03:00
Stefan Guilhen
557d7e87b2
Avoid iterating through all mappers when running the config event listeners
...
Closes #32233
Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
2024-09-04 07:40:58 -03:00
Pedro Ruivo
ba861fc5d7
Remove version() projection from Ickle Queries
...
Closes #32590
Signed-off-by: Pedro Ruivo <pruivo@redhat.com>
2024-09-03 18:07:32 +02:00
Pedro Ruivo
29c8060bda
Trigger mass re-index of the sessions caches when the entity changes
...
Closes #32594
Signed-off-by: Pedro Ruivo <pruivo@redhat.com>
2024-09-03 15:48:14 +02:00
Pedro Igor
4b5b1a4c25
Unignore backchannel logout tests
...
Closes #20643
Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
2024-09-02 08:34:21 +02:00
Martin Kanis
7e6dd682d4
Validate organization alias for forbidden chars
...
Closes #32392
Signed-off-by: Martin Kanis <mkanis@redhat.com>
2024-08-28 21:59:38 +02:00
vramik
37f42430e6
When Organization feature is enabled UserAdapter.getGroupsCount() returns wrong result
...
Closes #32460
Signed-off-by: vramik <vramik@redhat.com>
2024-08-28 21:20:56 +02:00
Pedro Ruivo
378db25016
Skip creating sessions cache when Persistent Sessions is enabled
...
Re-order the configuration steps to avoid redundant warnings
Closes #32416
Signed-off-by: Pedro Ruivo <pruivo@redhat.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
2024-08-27 16:21:08 +00:00
Stefan Guilhen
88cca10472
Rename IDPSpi to IdentityProviderStorageSpi
...
Closes #31639
Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
2024-08-26 15:10:09 -03:00
Stefan Guilhen
98dc21e6fc
Add non-null filter when fetching groups.
...
Closes #32321
Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
2024-08-26 09:33:51 -03:00
Vlasta Ramik
d63c0fbd13
Decouple Identity provider mappers from RealmModel ( #32251 )
...
* Decouple Identity provider mappers from RealmModel
Closes #31731
Signed-off-by: vramik <vramik@redhat.com>
2024-08-22 12:05:19 -03:00
Alexander Schwartz
04d2126c73
Don't fetch expired user sessions from the database
...
Closes #32273
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
2024-08-22 12:51:43 +02:00
Alexander Schwartz
5740f8836a
Cleanup
...
Closes #32273
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
2024-08-22 12:51:43 +02:00
Alexander Schwartz
a7964a588b
Avoid n+1 SQL selects to load sessions
...
Closes #32273
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
2024-08-22 12:51:43 +02:00
vramik
14494fb148
Ensure organization aware IdentityProviderModel is used in the infinispan IDPProvider
...
Closes #32108
Signed-off-by: vramik <vramik@redhat.com>
2024-08-22 07:22:18 -03:00
yelhouti
e8840df0e0
Fix: admin GUI not working with 1000s of realms
...
Search by RealmName is done before loading all realms when filtering
Closes #31956
Signed-off-by: Youssef El Houti <youssef.elhouti@gmail.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
2024-08-21 14:58:36 +02:00
Stefan Guilhen
585d179fe0
Ensure identity providers returned to the org IDP selection are IDPs not associated with any orgs.
...
Closes #32238
Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
2024-08-21 07:49:01 -03:00
Pedro Igor
eeae50fb43
Make sure federationLink always map to the storage provider associated with federated users
...
Closes #31670
Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
2024-08-20 11:27:22 +02:00
Stefan Guilhen
fa7c2b5da6
Address review comments
...
Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
2024-08-19 09:06:35 -03:00
Stefan Guilhen
6e7b36e82f
Add migration tests for the IDP changes
...
Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
2024-08-19 09:06:35 -03:00
Stefan Guilhen
f82159cf65
Rework logic to fetch IDPs for the login page so that IDPs are fetched from the provider and not filtered in code.
...
Closes #32090
Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
2024-08-19 09:06:35 -03:00
Alexander Schwartz
74fec50ac5
Load client sessions in chunks from the database ( #32185 )
...
Closes #32180
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
2024-08-16 15:00:57 +00:00
Michal Hajas
6a9245546e
Set clientId if it is not set in the entity
...
Closes #32195
Signed-off-by: Michal Hajas <mhajas@redhat.com>
2024-08-16 14:27:18 +02:00
mposolda
3d787727f9
Add acr scope to all clients for those migrating from older than Keycloak 18
...
closes #31107
Signed-off-by: mposolda <mposolda@gmail.com>
2024-08-16 12:17:43 +02:00
Alexander Schwartz
88904c0a01
Call JPA code in blocking thread ( #32154 )
...
Closes #32153
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
2024-08-16 10:17:30 +02:00
Alexander Schwartz
49d2efbfb2
Specify version column name in a case-sensitive manner ( #32169 )
...
Closes #32127
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
2024-08-16 10:12:33 +02:00
Stefan Guilhen
aeb1951aba
Replace calls to deprecated RealmModel IDP methods
...
- use the new provider instead
Closes #31254
Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
2024-08-15 10:55:36 -03:00
Martin Kanis
708a6898db
Add a count method to the OrganizationMembersResource
...
Closes #31388
Signed-off-by: Martin Kanis <mkanis@redhat.com>
2024-08-15 09:12:57 -03:00
Pedro Ruivo
e13c9bf462
Retry remote cache operations with back off
...
Implement a retry mechanism for remote cache writes.
Fixes #32030
Signed-off-by: Pedro Ruivo <pruivo@redhat.com>
2024-08-13 15:55:59 +02:00
vramik
4d7f25535c
IDP storage provider Infinispan implementation
...
Closes #31251
Signed-off-by: vramik <vramik@redhat.com>
2024-08-13 08:36:15 -03:00
Pedro Ruivo
07c92c85cb
Drop AuthenticatedClientSessionStore from user sessions
...
New entities for client and user sessions, more query friendly.
The client sessions are found using query instead of storing them in the
user session entity.
Remove of sessions by its field is done based on queries.
Closes #30934
Signed-off-by: Pedro Ruivo <pruivo@redhat.com>
2024-08-12 20:35:50 +02:00
Alexander Schwartz
07a168cb14
Deleted authentication sessions should not be re-surrected with an update
...
Closes #31829
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
2024-08-09 07:26:05 -03:00
Michal Hajas
50c07c6e7c
Simplify configuration for MULTI_SITE
...
Closes #31807
Signed-off-by: Michal Hajas <mhajas@redhat.com>
2024-08-06 16:14:33 +00:00
Michal Hajas
6847af0068
Remove InfinispanMultiSiteLoadBalancerCheckProviderFactory.java
...
Signed-off-by: Michal Hajas <mhajas@redhat.com>
2024-08-06 07:58:12 -03:00
Pedro Ruivo
1e9f6bbb8c
Non clustered Keycloak with External Infinispan feature
...
Disables JGroups (clustering) when remote-cache feature is enabled
Fixes #31876
Signed-off-by: Pedro Ruivo <pruivo@redhat.com>
2024-08-05 17:04:36 +02:00
Pedro Ruivo
fed804160b
Enable ProtoStream encoding for External Infinispan feature
...
The ProtoStream schema is automatically uploaded to the Infinispan
server during startup.
When the schema is updated, the indexes are updated and re-created.
Use the delete statement to delete entities when a realm is removed.
Fixes #30931
Signed-off-by: Pedro Ruivo <pruivo@redhat.com>
2024-08-01 16:16:19 +02:00