libre.sh/keycloak-scim
2
0
Fork 0
Code Issues 14 Pull requests Releases Packages Activity Actions 6
24786 commits 4 branches 5 tags 480 MiB
Commit graph

24786 commits

This branch
This branch
All branches
Author SHA1 Message Date
Hosted Weblate
11dbee4e24 Update translation files 
Updated by "Cleanup translation files" hook in Weblate.

Translation: Keycloak/Theme base/login
Translate-URL: https://hosted.weblate.org/projects/keycloak/theme-baselogin/
 2024-04-23 21:48:44 +02:00
Sourav Kumar
6ff19af38a
Fix default helpText as per new defaults for password hashing algorithm (#28698) 
Signed-off-by: souravs17031999 <souravs_1999@rediffmail.com>
 2024-04-23 15:47:34 -04:00
vramik
d65649d5c0 Make sure organization are only manageable by the admin users with the manage-realm role 
Closes #28733

Signed-off-by: vramik <vramik@redhat.com>
 2024-04-23 12:16:57 -03:00
Hynek Mlnarik
6065f7d624 Fix missing translation 
Fixes: #28744

Signed-off-by: Hynek Mlnarik <hmlnarik@redhat.com>
 2024-04-23 13:15:19 +02:00
Steven Hawkins
9486432f3f
fix: removing httpclient override (#28304) 
we need to have a dependency on commons-logging-jboss-logging

closes: #21392

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
 2024-04-23 10:09:06 +02:00
Mark Banierink
ad32896725
replaced and removed deprecated token methods (#27715) 
closes #19671 

Signed-off-by: Mark Banierink <mark.banierink@nedap.com>


Co-authored-by: Pedro Igor <pigor.craveiro@gmail.com>
 2024-04-23 09:23:37 +02:00
Pedro Igor
8e48bac278 Ordering the group and role ids in the policy representation 
Closes #28824

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2024-04-22 20:28:47 +02:00
mposolda
337a337bf9 Grant urn:ietf:params:oauth:grant-type:pre-authorized_code was enabled even if oid4vc_vci feature is disabled 
closes #28968

Signed-off-by: mposolda <mposolda@gmail.com>
 2024-04-22 18:31:46 +02:00
rmartinc
eac4b53751 Incorrect proxyMappings example in the guides 
Closes #25514

Signed-off-by: rmartinc <rmartinc@redhat.com>
 2024-04-22 18:30:41 +02:00
Tero Saarni
64862d568e Convert database errors to 500 instead of 400. 
Signed-off-by: Tero Saarni <tero.saarni@est.tech>
 2024-04-22 11:42:18 -03:00
Stefan Guilhen
f1532565b6 Don't use no-arg version of GroupModel.getSubGroupsStream() when fetching the subgroups from the GroupResource endpoint. 
- prevents pre-loading all groups; instead use the stream from the JPA adapter to load subgroups one by one and then filter based on the user permissions.

Closes #28935

Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
 2024-04-22 11:27:29 -03:00
Stefan Guilhen
8ca4bc77a1 Improve the performance of the queries used to find granted resources 
- simplifies the queries to avoid unnecessary join
- creates two new indexes to speed up search time

Closes #28861

Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
 2024-04-22 11:26:06 -03:00
Erik Jan de Wit
957859d846
Automatically re-authenticate on single-logout (#28723) 
Automatically forces the user to re-authenticate from the Admin and Account consoles when a single-logout occurs.

Closes #23832
Closes #23833

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>
Signed-off-by: Jon Koops <jonkoops@gmail.com>
Co-authored-by: Jon Koops <jonkoops@gmail.com>
 2024-04-22 11:45:15 +00:00
Alexander Schwartz
5ae1712f73
Fixing the condition for remote TLS and username/password (#28950) 
Closes #28949

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
 2024-04-22 13:38:46 +02:00
Marek Posolda
b553fc2ae0
Fix compilation error (#28965) 
closes #28964

Signed-off-by: mposolda <mposolda@gmail.com>
 2024-04-22 11:19:33 +00:00
Erwin Rohde
10544a5a93 socketTimeoutUnits and establishConnectionTimeoutUnits use TimeUnit set in HttpClientBuilder 
Closes #28881

Signed-off-by: Erwin Rohde <erwin@rohde.nu>
 2024-04-22 08:11:11 -03:00
Dimitri Papadopoulos Orfanos
7c77bb732f
Fix typo found by codespell in shell scripts (#28957) 
Signed-off-by: Dimitri Papadopoulos <3234522+DimitriPapadopoulos@users.noreply.github.com>
 2024-04-22 08:06:24 -03:00
Ott
975bb6762f Fixed type in invalidPasswordNotContainsUsernameMessage 
Signed-off-by: Ott <ottalexanderdev@gmail.com>
 2024-04-22 08:06:02 -03:00
Douglas Palmer
ed22530d16 Failure reset time is applied to Permanent Lockout 
Closes #28821

Signed-off-by: Douglas Palmer <dpalmer@redhat.com>
 2024-04-22 11:47:22 +02:00
Stefan Wiedemann
b08c644601
Support credentials issuance through oid4vci (#27931) 
closes #25940 

Signed-off-by: Stefan Wiedemann <wistefan@googlemail.com>
 2024-04-22 11:37:55 +02:00
Lex Cao
7e034dbbe0
Add IdpConfirmOverrideLinkAuthenticator to handle duplicate federated identity (#26393) 
Closes #26201.

Signed-off-by: Lex Cao <lexcao@foxmail.com>


Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
 2024-04-22 11:30:14 +02:00
Erik Jan de Wit
014b644724
removed use of deprecated dropdown (#28928) 
towards: #28197

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>
 2024-04-22 08:17:11 +02:00
Erik Jan de Wit
9a418cc53d
remove deprecated component use (#28924) 
towards: #28197

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>
 2024-04-22 07:21:58 +02:00
Alexander Schwartz
071032a108 Fixing the condition for embedded cache MTLS encryption 
Closes #28750

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
 2024-04-20 18:30:24 +02:00
Alexander Schwartz
9d0b1ecee4 Review CLI option change for caching 
Closes #28750

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
 2024-04-20 18:30:24 +02:00
Pedro Ruivo
3de5357091 CLI options to disable encryption and authentication to external Infinispan 
Closes #28750

Signed-off-by: Pedro Ruivo <pruivo@redhat.com>
 2024-04-20 18:30:24 +02:00
JN
6977d58d27
Add missing French and Spanish translations (#28807) 
Closes #28798

Signed-off-by: JN <xkizokux@gmail.com>
 2024-04-20 10:18:49 +00:00
etiksouma
1afd20e4c3 return proper error message for admin users endpoint 
closes #28416

Signed-off-by: etiksouma <al@mouskite.com>
 2024-04-20 12:17:53 +02:00
agagancarczyk
750ff41691
adll 3 scenarios (#28899) 
Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>
Co-authored-by: Agnieszka Gancarczyk <agancarc@redhat.com>
 2024-04-19 15:40:49 -04:00
Erik Jan de Wit
659f0f583f
changed name and added version number (#28157) 
Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>
 2024-04-19 14:10:34 -04:00
Pedro Ruivo
3e0a185070 Remove deprecated EnvironmentDependentProviderFactory.isSupported method 
Closes #26280

Signed-off-by: Pedro Ruivo <pruivo@redhat.com>
 2024-04-19 16:36:49 +02:00
Giuseppe Graziano
f6071f680a Avoid the same userSessionId after re-authentication 
Closes keycloak/keycloak-private#69

Signed-off-by: Giuseppe Graziano <g.graziano94@gmail.com>
 2024-04-19 14:44:39 +02:00
mposolda
c427e65354 Secondary factor bypass in step-up authentication 
closes #34

Signed-off-by: mposolda <mposolda@gmail.com>
(cherry picked from commit e632c03ec4dbfbb7c74c65b0627027390b2e605d)
 2024-04-19 14:43:53 +02:00
Giuseppe Graziano
897c44bd1f Validation of providerId during required action registration 
Closes #26109

Signed-off-by: Giuseppe Graziano <g.graziano94@gmail.com>
 2024-04-19 13:06:51 +02:00
Hynek Mlnarik
4f30400e07 Relax checking of messages 
Related to: #28873
Fixes: #28911

Signed-off-by: Hynek Mlnarik <hmlnarik@redhat.com>
 2024-04-19 12:52:40 +02:00
Václav Muzikář
2b8c895f71
Upgrade to Quarkus 3.8.4 (#28884) 
Closes #28880

Signed-off-by: Václav Muzikář <vmuzikar@redhat.com>
 2024-04-19 09:18:46 +00:00
Thomas Darimont
68617180a2 Show indicator for transient user in user sessions list in admin ui (28879) 
For transient users a transient label is now shown in the realm sessions and client sessions list in the admin ui.

Fixes #28879

Co-authored-by: Thomas Darimont <thomas.darimont@googlemail.com>
Co-authored-by: Hynek Mlnařík <hmlnarik@users.noreply.github.com>
Signed-off-by: Thomas Darimont <thomas.darimont@googlemail.com>
 2024-04-19 09:48:41 +02:00
Peter Zaoral
f9e68cdc54
quarkus-next: java.util.NoSuchElementException: No value present causes quarkus-server build failure (#28857) 
* resolveFileLogLocation transformer method now checks the location value presence

Closes: #28856

Signed-off-by: Peter Zaoral <pzaoral@redhat.com>
 2024-04-19 09:14:19 +02:00
Steven Hawkins
d7ef650623
task: use informer rather than 0 interval polling (#28901) 
related to: #28869

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
 2024-04-19 09:05:32 +02:00
Pascal Knüppel
ef45629df4
Add docs for transient-users how to prevent profile-review (#28889) 
Signed-off-by: Captain-P-Goldfish <captain.p.goldfish@gmx.de>

#relatesTo https://github.com/keycloak/keycloak/discussions/26637
 2024-04-18 23:49:51 +02:00
Joerg Matysiak
76a5a27082 Refactored StripSecretsUtils in order to make it unit-testable, added unit tests for it 
Don't mask secrets at realm export

Closes #21562

Signed-off-by: Joerg Matysiak <joerg.matysiak@bosch.com>
 2024-04-18 18:26:47 -03:00
Pedro Igor
7483bae130 Make sure admin events are not referencing sensitive data from their representation 
Closes #21562

Signed-off-by: Joerg Matysiak <joerg.matysiak@bosch.com>
 2024-04-18 18:26:47 -03:00
Steve Hawkins
0be34d64e7 task: refactor overlap between cli clients 
also repackaging to more clearly delineate code roles

closes: #28329

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
 2024-04-18 17:39:16 -03:00
john-gom
808926b63e
Use a typeahead select where there are ten or more options (#28512) 
Use typeahead for locale selector



Fix onFilter of SelectControl rather than removing it

Signed-off-by: John Gomersall <thegoms@gmail.com>
 2024-04-18 16:18:00 -04:00
cgeorgilakis-grnet
89263f5255 Fix refresh token scope in refresh token flow with scope request parameter 
Closes #28463

Signed-off-by: cgeorgilakis-grnet <cgeorgilakis@admin.grnet.gr>
 2024-04-18 16:17:46 -03:00
Ricardo Martin
4c2542b91f
Better management of domains in TrustedHostClientRegistrationPolicy (#139) (#28876) 
Closes keycloak/keycloak-private#63

Signed-off-by: rmartinc <rmartinc@redhat.com>
 2024-04-18 16:06:50 +02:00
Ricardo Martin
8daace3f69
Validate Saml URLs inside DefaultClientValidationProvider (#135) (#28873) 
Closes keycloak/keycloak-private#62

Signed-off-by: rmartinc <rmartinc@redhat.com>
 2024-04-18 16:04:13 +02:00
Ricardo Martin
fc6b6f0d94
Perform exact string match if redirect URI contains userinfo, encoded slashes or parent access (#131) (#28872) 
Closes keycloak/keycloak-private#113
Closes keycloak/keycloak-private#134

Signed-off-by: rmartinc <rmartinc@redhat.com>
Co-authored-by: Stian Thorgersen <stianst@gmail.com>
 2024-04-18 16:02:24 +02:00
Douglas Palmer
00d4cab55e Flaky test: org.keycloak.testsuite.forms.ResetPasswordTest#resetPasswordLink 
Closes #21422

Signed-off-by: Douglas Palmer <dpalmer@redhat.com>
 2024-04-18 15:54:30 +02:00
Martin Bartoš
7f74286106 Emphasize the need for setting container limit 
Closes #28729

Signed-off-by: Martin Bartoš <mabartos@redhat.com>
 2024-04-18 15:44:27 +02:00