Takashi Norimatsu
6b42c2b4d0
FAPI 2.0 security profile - Reject Implicit Grant executor does not return an appropriate error
...
Closes #20622
2023-05-30 18:24:50 +02:00
stianst
0832992e59
Removing OpenShift integration and moving to separate extension
...
closes #20496
Co-authored-by: mposolda <mposolda@gmail.com>
2023-05-30 17:39:32 +02:00
Pedro Igor
17c3804402
Tests for user property mapper
...
Closes #20534
2023-05-29 14:21:03 +02:00
Yoshiyuki Tabata
bd37875a66
allow specifying format of "permission" parameter in the UMA grant token
...
endpoint (#15947 )
2023-05-29 08:56:39 -03:00
Jon Koops
98e5e9799b
Improve third-party storage access detection and cookie fallback
2023-05-25 22:16:59 -03:00
Douglas Palmer
1b8901f5a2
Changing the email address has no impact at username regardless "Email as username" toggle
...
closes #20459
2023-05-25 07:54:03 -03:00
Hynek Mlnarik
fc0e47caa4
Fix KcCustomOidcBrokerTest
...
Fixes : #20541
2023-05-25 10:20:36 +02:00
Peter Zaoral
72b238fb48
Keystore vault ( #19644 )
...
* KeystoreVault SPI
* added KeystoreVault - a Vault SPI implementation (#19281 )
Closes #17252
Signed-off-by: Peter Zaoral <pzaoral@redhat.com>
2023-05-24 16:20:30 +00:00
Jon Koops
90d2a01619
Replace ChromeJavascriptBrowser
annotation with JavascriptBrowser
( #20535 )
2023-05-24 11:23:15 +00:00
Hynek Mlnarik
4950f7bebe
Target correct user resource
2023-05-23 20:53:30 +02:00
Hynek Mlnarik
b9983cc5f6
Fix BrokerTest
2023-05-23 20:53:30 +02:00
Hynek Mlnarik
ac59c551c3
Fix transaction boundaries in tests
2023-05-23 20:53:30 +02:00
Hynek Mlnarik
38442ee0a6
Fix event tests
2023-05-23 20:53:30 +02:00
Hynek Mlnarik
3e58d3da8d
Proper cleanup
2023-05-23 20:53:30 +02:00
vramik
bdbbd2959d
User search with LDAP federation not consistent
...
Closes #10195
2023-05-23 11:48:33 +02:00
wojnarfilip
34b9eed8f0
Removes AccountFederatedIdentityPage from testsuite
...
Closes #15199
2023-05-22 11:07:48 -03:00
i7a7467
e41e1a971a
SLO and ACS Binding are linked with AuthnRequest Binding in SAML Identity Broker Metadata
...
Closes #11079
2023-05-22 10:05:17 +02:00
vramik
fd6a6ec3ad
Make LDAP searchForUsersStream
consistent with other storages
...
Co-authored-by: mhajas <mhajas@redhat.com>
Closes #17294
2023-05-19 08:40:41 +02:00
Artur Baltabayev
33215ab6f4
Added User-Session Note Idp mapper. ( #19062 )
...
Closes #17659
Co-authored-by: bal1imb <Artur.Baltabayev@bosch.com>
Co-authored-by: Daniel Fesenmeyer <daniel.fesenmeyer@bosch.io>
Co-authored-by: Sebastian Schuster <sebastian.schuster@bosch.io>
2023-05-18 13:47:10 +02:00
Lukas Hanusovsky
eb77dcf014
Removing PHOTOZ client and related tests testing UI. Closes #19668
2023-05-18 13:09:51 +02:00
Lukas Hanusovsky
d9b95e0240
Testsuite with Undertow and OpenJDK17 - Nashorn library support.
...
GH Actions failures - refactoring.
2023-05-18 13:09:51 +02:00
Lukas Hanusovsky
406aa21b0b
UserStorageTest - old account console dependencies removed. Closes #19668
2023-05-18 13:09:51 +02:00
Lukas Hanusovsky
b8b9adbea2
CookieTest - old account console dependencies removed. Closes #19668
2023-05-18 13:09:51 +02:00
Lukas Hanusovsky
29deaca3f5
DemoServletsAdapterTest - old account console dependencies removed. Closes #19668
2023-05-18 13:09:51 +02:00
Lukas Hanusovsky
47fd10469f
Old account console dependencies removed - refactoring. Closes #19668
2023-05-18 13:09:51 +02:00
Lukas Hanusovsky
130807fa7b
AbstractCustomAccountManagementTest - old account console dependencies removed. Closes #19668
2023-05-18 13:09:51 +02:00
Lukas Hanusovsky
2ad8f7dd62
Old account console dependencies removed. Closes #19668
...
* LoginTest
* SessionServletAdapterTest
* ClientRedirectTest
* TrustStoreEmailTest
* BrowserFlowTest
* SocialLoginTest
* JavascriptAdapterTest
2023-05-18 13:09:51 +02:00
Lukas Hanusovsky
c685366169
CookiesPathTest - old account console dependencies removed. Closes #19668
2023-05-18 13:09:51 +02:00
Lukas Hanusovsky
5e323ae173
Old account console dependencies removed. Closes #19668
...
* ConsentsTest
* UserTest
* SessionTest
* LoginEventsTest
* AbstractKeycloakTest
2023-05-18 13:09:51 +02:00
danielFesenmeyer
d543ba5b56
Consistent message resolving regarding language fallbacks for all themes
...
- the prio of messages is now as follows for all themes (RL = realm localization, T = Theme i18n files): RL <variant> > T <variant> > RL <region> > T <region> > RL <language> > T <language> > RL en > T en
- centralize the message resolving logic in helper methods in LocaleUtil and use it for all themes, add unit tests in LocaleUtilTest
- add basic integration tests to check whether realm localization can be used in all supported contexts:
- Account UI V2: org.keycloak.testsuite.ui.account2.InternationalizationTest
- Login theme: LoginPageTest
- Email theme: EmailTest
- deprecate the param useRealmDefaultLocaleFallback=true of endpoint /admin/realms/{realm}/localization/{locale}, because it does not resolve fallbacks as expected and is no longer used in admin-ui v2
- fix locale selection in DefaultLocaleSelectorProvider that a supported region (like "de-CH") will no longer selected instead of a supported language (like "de"), when just the language is requested, add corresponding unit tests
- improvements regarding message resolving in Admin UI V2:
- add cypress test i18n_test.spec.ts, which checks the fallback implementation
- log a warning instead of an error, when messages for some languages/namespaces cannot be loaded (the page will probably work with fallbacks in that case)
Closes #15845
2023-05-17 15:00:32 +02:00
Dominik Schlosser
8c58f39a49
Updates Datastore provider to contain full data model
...
Closes #15490
2023-05-16 15:05:10 +02:00
Takashi Norimatsu
7f5e94db87
KEYCLOAK-19539 FAPI 2.0 Baseline : Reject Implicit Grant
2023-05-16 14:17:29 +02:00
Miquel Simon
e959e20e1a
Upgrade tested DB versions
2023-05-15 12:36:27 -03:00
vramik
d1ab921c50
JpaUserProvider count methods are inconsistent with searchForUser's param filter handling
...
Closes #17581
2023-05-05 08:22:05 +02:00
rmartinc
d9025db536
Migrate realms if configured to use RH-SSO themes
...
Closes https://github.com/keycloak/keycloak/issues/17484
2023-05-02 15:38:33 +02:00
Martin Bartoš
b87b70a35d
Ignore particular legacy clustering tests
...
Revert once https://github.com/keycloak/keycloak/issues/19834 issue is resolved
2023-04-27 13:36:54 +02:00
Martin Bartoš
79178b5a23
Use WildFly as the default app server
2023-04-27 13:36:54 +02:00
Martin Bartoš
9d40f77746
Ignore DemoFilterServletAdapterTestForCustomizedIdMapper test
...
Revert once https://github.com/keycloak/keycloak/issues/19809 issue is resolved
2023-04-27 13:36:54 +02:00
Martin Bartoš
60fd7e63d9
Fix OfflineServletsAdapterTest
2023-04-27 13:36:54 +02:00
Martin Bartoš
8d5a4f2677
Fix FIPS tests
2023-04-27 13:36:54 +02:00
Martin Bartoš
c1cced9f31
Fix CorsExampleAdapterTest
...
---
Quarkus3 branch sync no. 14 (24.4.2023)
Resolved conflicts:
keycloak/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/example/cors/CorsExampleAdapterTest.java - Modified
2023-04-27 13:36:54 +02:00
Peter Zaoral
72663060c9
Quarkus3 branch sync no. 13
...
11.4.2023:
* renamed imports from javax to jakarta as a part of the migration from JavaEE to JakartaEE
Signed-off-by: Peter Zaoral <pzaoral@redhat.com>
2023-04-27 13:36:54 +02:00
Martin Bartoš
5b7e9a2603
Remove WF dependencies, add Jakarta SOAP, fix tests
...
---
Quarkus3 branch sync no. 13 (11.4.2023)
Resolved conflicts:
IdeaProjects/keycloak/quarkus/pom.xml - Modified
IdeaProjects/keycloak/quarkus/runtime/pom.xml - Modified
2023-04-27 13:36:54 +02:00
Martin Bartoš
de663dbf93
Quarkus3 branch sync no. 9
...
10.3.2023:
* renamed imports from javax to jakarta as a part of the migration from JavaEE to JakartaEE
* changed version from 999-SNAPSHOT to 999.0.0-SNAPSHOT
2023-04-27 13:36:54 +02:00
Martin Bartoš
952faed4c9
Run Adapter tests with JavaEE support
...
---
Quarkus3 branch sync no. 9 (10.3.2023)
Resolved conflicts:
keycloak/.github/actions/build-keycloak/action.yml - Modified
2023-04-27 13:36:54 +02:00
Peter Zaoral
0b4f40f89b
Quarkus3 branch sync no. 8
...
3.3.2023:
* renamed imports from javax to jakarta as a part of the migration from JavaEE to JakartaEE
Signed-off-by: Peter Zaoral <pzaoral@redhat.com>
2023-04-27 13:36:54 +02:00
Martin Bartoš
64738ea708
Fix issues with JakartaEE Mail dependencies
...
This reverts commit da4644844ed88818c05d777460624403326ab01c
---
Quarkus3 branch sync no. 12 (31.3.2023)
Resolved conflicts:
keycloak/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/sessionlimits/UserSessionLimitsTest.java - Modified
2023-04-27 13:36:54 +02:00
Peter Zaoral
5ebe4ca7c8
Quarkus3 branch sync no. 6
...
17.2.2023:
* renamed imports from javax to jakarta as a part of the migration from JavaEE to JakartaEE
Signed-off-by: Peter Zaoral <pzaoral@redhat.com>
2023-04-27 13:36:54 +02:00
Peter Zaoral
946eacd5b6
Quarkus3 branch sync no. 5
...
10.2.2023:
* renamed imports from javax to jakarta as a part of the migration from JavaEE to JakartaEE
* fixed Undertow server not starting due to ClassNotFoundException: javax.transaction.TransactionManager
Signed-off-by: Peter Zaoral <pzaoral@redhat.com>
2023-04-27 13:36:54 +02:00
Stefan Guilhen
3409a0c840
Fixes SAML tests in testsuite
...
- adds dependency to saaj-impl in saml core public
- updates test apps' web.xml files to use jakarta namespaces
- small cleanup in main pom
- changes order of e-mail servers in testsuite pom to enforce usage of greenmail (changes order in Undertow's classpath)
Closes #16711
2023-04-27 13:36:54 +02:00
Martin Bartoš
b1da7bd613
Revert Mail API
...
---
Quarkus3 branch sync no. 13 (11.4.2023)
Resolved conflicts:
keycloak/quarkus/pom.xml - Modified
---
Quarkus3 branch sync no. 12 (31.3.2023)
Resolved conflicts:
keycloak/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/sessionlimits/UserSessionLimitsTest.java - Modified
2023-04-27 13:36:54 +02:00
Martin Bartoš
1f126647fe
Update dependencies
2023-04-27 13:36:54 +02:00
vramik
60e6fb9dae
Register custom functions FunctionContributor
...
Closes #16336
---
Quarkus3 branch sync no. 6 (17.2.2023)
Resolved conflicts:
keycloak/testsuite/model/src/test/java/org/keycloak/testsuite/model/parameters/JpaMapStorage.java - Modified
keycloak/testsuite/model/src/test/java/org/keycloak/testsuite/model/parameters/JpaMapStorageCockroachdb.java - Modified
keycloak/model/map-jpa/src/main/java/org/keycloak/models/map/storage/jpa/JpaMapStorageProviderFactory.java - Modified
---
Quarkus3 branch sync no. 3 (27.1.2023)
Resolved conflicts:
keycloak/testsuite/model/src/test/java/org/keycloak/testsuite/model/parameters/JpaMapStorage.java - Modified
keycloak/testsuite/model/src/test/java/org/keycloak/testsuite/model/parameters/JpaMapStorageCockroachdb.java - Modified
2023-04-27 13:36:54 +02:00
Peter Zaoral
4ff2de7f46
Quarkus3 branch sync
...
18.1.2023:
* applied Quarkus 3 OpenRewrite recipe
* fixed the parts that were missed by the script
Signed-off-by: Peter Zaoral <pzaoral@redhat.com>
2023-04-27 13:36:54 +02:00
Martin Bartoš
124591ce1a
Adapters can still use Java EE
...
- Provided all JavaEE dependencies for adapters
- Automatically build Undertow Jakarta EE for testsuite (missing SAML)
---
Quarkus3 branch sync no. 11 (24.3.2023)
Resolved conflicts:
keycloak/adapters/oidc/spring-security/pom.xml - Modified
---
Quarkus3 branch sync no. 7 (27.2.2023)
Resolved conflicts:
keycloak/pom.xml - Modified
---
Quarkus3 branch sync no. 5 (10.2.2023)
Resolved conflicts:
keycloak/testsuite/integration-arquillian/servers/auth-server/services/testsuite-providers/pom.xml - Modified
---
Quarkus3 branch sync no. 1 (18.1.2023)
Resolved conflicts:
keycloak/testsuite/integration-arquillian/tests/base/pom.xml - Modified
2023-04-27 13:36:54 +02:00
Martin Bartoš
40c38e0133
Fix dependencies in testsuite, adapters and Quarkus module
...
---
Quarkus3 branch sync no. 11 (24.3.2023)
Resolved conflicts:
keycloak/adapters/oidc/spring-security/pom.xml - Modified
2023-04-27 13:36:54 +02:00
Stefan Guilhen
384d7c17f7
- Fix issues in legacy store
...
- Testsuite (switch undertow-embedded.version)
2023-04-27 13:36:54 +02:00
Martin Bartoš
7cff857238
Migrate packages from javax.* to jakarta.*
...
---
Quarkus3 branch sync no. 14 (24.4.2023)
Resolved conflicts:
keycloak/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/federation/storage/ComponentExportImportTest.java - Modified
keycloak/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/DeclarativeUserTest.java - Modified
keycloak/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/federation/storage/FederatedStorageExportImportTest.java - Modified
keycloak/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/authentication/FlowTest.java - Modified
keycloak/services/src/main/java/org/keycloak/services/resources/admin/UserResource.java - Modified
---
Quarkus3 branch sync no. 13 (11.4.2023)
Resolved conflicts:
keycloak/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/pages/AccountTotpPage.java - Deleted
keycloak/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/federation/storage/BackwardsCompatibilityUserStorageTest.java - Modified
---
Quarkus3 branch sync no. 12 (31.3.2023)
Resolved conflicts:
keycloak/quarkus/runtime/src/main/java/org/keycloak/quarkus/runtime/services/resources/QuarkusWelcomeResource.java - Modified
keycloak/services/src/main/java/org/keycloak/protocol/saml/profile/util/Soap.java - Modified
keycloak/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/util/UserInfoClientUtil.java - Modified
keycloak/services/src/main/java/org/keycloak/protocol/oidc/endpoints/UserInfoEndpoint.java - Modified
keycloak/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/sessionlimits/UserSessionLimitsTest.java - Modified
---
Quarkus3 branch sync no. 10 (17.3.2023)
Resolved conflicts:
keycloak/services/src/main/java/org/keycloak/protocol/saml/SamlProtocolUtils.java - Modified
---
Quarkus3 branch sync no. 9 (10.3.2023)
Resolved conflicts:
keycloak/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/federation/kerberos/AbstractKerberosSingleRealmTest.java - Modified
keycloak/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/forms/LoginTest.java - Modified
---
Quarkus3 branch sync no. 8 (3.3.2023)
Resolved conflicts:
keycloak/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/util/SamlClient.java Modified - Modified
keycloak/services/src/main/java/org/keycloak/protocol/saml/SamlProtocol.java - Modified
keycloak/examples/providers/authenticator/src/main/java/org/keycloak/examples/authenticator/SecretQuestionAuthenticator.java - Modified
---
Quarkus3 branch sync no. 6 (17.2.2023)
Resolved conflicts:
keycloak/integration/admin-client/src/main/java/org/keycloak/admin/client/resource/ComponentsResource.java - Modified
keycloak/testsuite/utils/src/main/java/org/keycloak/testsuite/KeycloakServer.java - Modified
keycloak/services/src/main/java/org/keycloak/protocol/saml/installation/SamlSPDescriptorClientInstallation.java - Modified
---
Quarkus3 branch sync no. 5 (10.2.2023)
Resolved conflicts:
/keycloak/services/src/main/java/org/keycloak/social/google/GoogleIdentityProvider.java Modified - Modified
keycloak/services/src/main/java/org/keycloak/social/twitter/TwitterIdentityProvider.java - Modified
---
Quarkus3 branch sync no. 4 (3.2.2023)
Resolved conflicts:
keycloak/quarkus/runtime/src/main/java/org/keycloak/quarkus/runtime/integration/jaxrs/QuarkusKeycloakApplication.java - Modified
---
Quarkus3 branch sync no. 1 (18.1.2023)
Resolved conflicts:
keycloak/testsuite/client/ClientPoliciesTest.java - Deleted
keycloak/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/client/ClientRegistrationTest.java - Modified
keycloak/model/map-jpa/src/main/java/org/keycloak/models/map/storage/jpa/JpaModelCriteriaBuilder.java - Modified
2023-04-27 13:36:54 +02:00
Hynek Mlnarik
d7d50634b3
Do not impose assumptions on ID format
...
Closes : #19814
2023-04-26 15:37:50 +02:00
Hynek Mlnarik
80ba42a0b4
Tests: Determine IDs from Keycloak
...
Instead of assuming that the ID of created objects is honored,
the tests are rewritten in the way which obtains the ID from
the created objects. This is to account for storages where
ID is not necessarily an UUID and cannot be thus prescribed.
Closes : #19814
2023-04-26 15:37:50 +02:00
rmartinc
04ac3a64ee
Adding support for rsa-oaep for SAML encryption
...
Closes https://github.com/keycloak/keycloak/issues/19689
2023-04-26 10:46:10 +02:00
mposolda
a3f2ebb193
Ability to override default/built-in providers with same providerId. Using ProviderFactory.order() for choosing priority providers
...
Closes #19867
2023-04-25 18:04:58 +02:00
Lukas Hanusovsky
30d976d64c
RequiredActionEmailVerificationTest - old account console dependencies removed. ( #19843 )
...
Closes #19668
2023-04-25 08:19:43 +02:00
Hynek Mlnarik
3161c4424c
Fix export / import tests relict
...
Closes : #19812
2023-04-19 22:17:49 +02:00
Hynek Mlnarik
0ddc71d987
Properly encode id in URL
...
Closes : #19816
2023-04-19 15:10:04 -03:00
rmartinc
8e55a63f31
Do not allow add sub-flow to built-in workflow
...
Closes https://github.com/keycloak/keycloak/issues/15536
2023-04-19 11:12:49 +02:00
rmartinc
f051a0cdb3
Improve SessionCodeChecks to detect better the ALREADY_LOGGED_IN situation
...
Closes https://github.com/keycloak/keycloak/issues/19677
2023-04-18 10:35:47 -03:00
Lukas Hanusovsky
4a8510f7d9
Stop disabling Account Console v2 for tests that run fine ( #19728 )
...
Works towards closing #19668
2023-04-17 16:26:32 -03:00
Marek Posolda
8d01109158
Invalid parameter redirect_uri when using an invalid client_id ( #19731 )
...
closes #19662
2023-04-17 15:12:59 +02:00
Hynek Mlnarik
21510dff0c
Add FILE constant to StoreProvider
2023-04-17 08:29:49 +02:00
mposolda
1cbdf4d17e
Fix the issue with LDAP connectionUrl containing multiple hosts
...
Closes #17359
2023-04-16 17:41:22 +02:00
danielFesenmeyer
5554c62bea
Change locale of user profile validation message to be resolved from authenticated user instead of validated user
...
Closes #19707
2023-04-14 11:51:15 -03:00
Stian Thorgersen
f4cabea08c
Make sure the code is bound to the user session ( #18 ) ( #17380 ) ( #17389 )
...
Co-authored-by: Pedro Igor <pigor.craveiro@gmail.com>
2023-04-14 14:42:12 +02:00
Lukas Hanusovsky
556758943f
Old Account Console removal - cleanup imports ( #19700 )
...
Part of #19668
2023-04-13 14:57:28 +00:00
vramik
2b890eb79d
Zero downtime smoke tests
...
Closes #16481
2023-04-12 11:24:35 +02:00
Pedro Igor
83676bf927
Extract JUnit5 support in the distributoin testsuite to a separate module
...
Closes #19552
2023-04-11 10:48:56 +02:00
Lukas Hanusovsky
9bb18400ad
Remove AccountTotpPage from the testsuite ( #17657 )
...
Closes #15201
2023-04-06 11:49:29 +02:00
fwojnar
f55794f8bf
Removes AccountApplicationsPage ( #17651 )
...
Closes #15198
Co-authored-by: wojnarfilip <fwojnar@redhat.com>
2023-04-05 16:54:16 +02:00
rmartinc
99330dbb6d
Manage JsonProcessingException to not return error 500 when json data is wrong
...
Closes https://github.com/keycloak/keycloak/issues/11517
2023-04-03 18:07:34 +02:00
mposolda
4d8d6f8cd8
Preserve authentication flow IDs after import
...
closes #9564
2023-04-03 16:01:52 +02:00
Jon Koops
bdc019b02c
Fully deprecate function-style constructor for Keycloak JS ( #19438 )
2023-04-03 14:45:55 +02:00
Hynek Mlnarik
85c0b47c31
Fix ClientPoliciesExtendedEventTest
...
Closes : #19487
2023-04-03 14:43:50 +02:00
Pedro Igor
6086201fe0
Do not verify identity cookie when processing required actions
...
Closes #17539
2023-03-31 09:56:27 +02:00
rmartinc
89dfeeec38
The getAttributes method in UserAttributeLDAPStorageMapper does not work for email or other UserModel properties
...
Closes https://github.com/keycloak/keycloak/issues/10412
2023-03-30 21:45:07 +02:00
mposolda
709c6b5a47
Regressions in redirect URL verification when redirect_uri has encoded path or default port
...
closes #16851
closes #16587
2023-03-30 14:20:10 +02:00
Pedro Igor
48082d08ec
Email visible on registration page when edit username is not allowed
...
Closes #17439
2023-03-30 08:11:30 +02:00
Jon Koops
8f627517cb
Remove legacy Promise APIs from Keycloak JS ( #19389 )
2023-03-29 16:29:27 +00:00
Michal Hajas
e49dfe534e
Fix missing migration when reading TERMS_AND_CONDITIONS required action in legacy store
...
Closes #17277
2023-03-29 16:43:01 +02:00
Daniel Kobras
a45b5dcd90
Prefer cert over pubkey in SAML metadata
...
If SAML key material was given as a certificate, consistently
expose the certificate rather than just the public key when
presenting SAML metadata info. This change ensures that the
client obtains sufficient information (eg. issuer) to close
the trust chain.
Closes : #17549
Signed-off-by: Daniel Kobras <kobras@puzzle-itc.de>
2023-03-29 11:17:24 +02:00
Marek Posolda
032ece9f7b
Clarify user session limits documentation and test SSO scenario ( #19372 )
...
Closes #17374
Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
2023-03-29 10:08:45 +02:00
rmartinc
2bb9de1a8c
Allow application/jwt media type for userinfo endpoint
...
Closes: https://github.com/keycloak/keycloak/issues/19346
2023-03-28 08:47:35 -03:00
Michal Hajas
beca22311b
Add RefreshTokenTest to database suite so it can catch some expiration issues similar to #17570
2023-03-28 08:32:31 +02:00
Pedro Igor
a9c605750d
Returning email as username setting for admins
...
Fixes #17591
2023-03-27 16:33:44 -03:00
Pedro Hos
bd0a23a865
/users/count endpoint with search field has different behavior than /users query endpoint #17620
...
closes #17620
2023-03-24 13:43:47 +01:00
Klajdi Paja
cf61a65198
Return a user friendly message when a group name already exists on the same level.
...
Closes #16888
2023-03-24 08:13:49 +01:00
rmartinc
8bc5273792
EAP7 and wildfly adapter tests fixes. Execute enable-elytron-se17.cli for EAP7 and JDK-17.
...
Closes https://github.com/keycloak/keycloak/issues/19273
2023-03-23 17:02:39 -03:00
Ayrat Hudaygulov
f578f91a0b
Fix ID token not being sent after expiration for OIDC logout
...
Closes #10164
2023-03-23 13:01:02 +01:00
Ricardo Martin
1a622e707f
Flaky tests org.keycloak.testsuite.federation.sync.SyncFederationTest ( #19095 )
...
Closes: https://github.com/keycloak/keycloak/issues/17430
Closes: https://github.com/keycloak/keycloak/issues/17431
2023-03-21 08:30:42 +01:00
Alexander Schwartz
513bb809f3
Add a map storage global locking implementation for JPA
...
Closes #14734
2023-03-21 08:21:11 +01:00
rmartinc
bef0a4a6f1
Check frontendUrl in the hostname providers
...
Closes https://github.com/keycloak/keycloak/issues/17686
2023-03-20 18:54:58 -03:00
Pedro Igor
a30b6842a6
Decouple the policy enforcer from adapters and provide a separate library
...
Closes keycloak#17353
2023-03-17 11:40:51 +01:00
rmartinc
cab7e50410
Better handling for SAML signatures in POST and REDIRECT bindings
...
Closes https://github.com/keycloak/keycloak/issues/17456
2023-03-15 09:06:59 -03:00
Pedro Igor
af475ffe23
Fixing classloading issue due to the curated application being eagerly closed
2023-03-13 09:34:49 +01:00
vramik
31e4c5cb7e
Add storage-jpa-db
property into Quarkus. Distinguish postgres and crdb for jpa map store.
...
Closes #17305
2023-03-09 11:09:56 +01:00
Tero Saarni
9052ec2b02
Add admin events for realm create/delete. ( #10831 )
...
Closes #10733
2023-03-07 15:57:06 +01:00
Simon Levermann
96c1cf3c49
Allow mapping of UserSessionNotes into UserInfo
...
Fixes #15369
2023-03-07 15:25:14 +01:00
rmartinc
a56b38c5a6
Don't remove session and don't reset restart cookie if passive check error
...
Closes https://github.com/keycloak/keycloak/issues/11340
2023-03-07 15:10:09 +01:00
rmartinc
06ff8b016c
Don't set REMEMBER_ME if it's disabled at realm level
...
Closes https://github.com/keycloak/keycloak/issues/11330
2023-03-07 15:01:58 +01:00
Michal Hajas
837c64de3d
Add support for pessimistic locking to HotRod
...
Closes #13273
2023-03-07 10:44:31 +01:00
mposolda
a0192d61cc
Redirect loop with authentication success but access denied at default identity provider
...
closes #17441
2023-03-06 10:45:01 +01:00
Michal Hajas
465019bec4
Extract attachDevice outside of storage layer
...
Closes #17336
2023-03-03 17:58:34 +01:00
Zakaria Amine
fb5a7f654b
trigger IDENTITY_PROVIDER_FIRST_LOGIN (and UPDATE_PROFILE ) event when identity provider flow succeeds ( #15100 )
...
closes #15098
2023-03-03 17:49:27 +01:00
Jon Koops
972ebb9650
Use a valid SemVer format for the SNAPSHOT version ( #17334 )
...
* Use a valid SemVer format for the SNAPSHOT version
* Update pom.xml
* Update pom.xml
---------
Co-authored-by: Stian Thorgersen <stianst@gmail.com>
Co-authored-by: Stian Thorgersen <stian@redhat.com>
2023-03-03 11:11:44 +01:00
Alexander Schwartz
1e4401f521
Avoid returning the same entity multiple times from separate searches
...
Closes #15604
2023-03-02 08:21:38 +01:00
Marek Posolda
59f4fe1c60
NPE on Theme after upgrade to 21 when parent or import theme not exists ( #17350 )
...
* NPE on Theme after upgrade to 21 when parent or import theme not exists
closes #17313
* Update per review
2023-03-01 15:46:37 +00:00
rmartinc
5cdf4d5791
Read-Only attributes should be modified if creation is delayed for LDAP
...
Closes https://github.com/keycloak/keycloak/issues/16848
2023-03-01 11:26:57 +01:00
Pedro Igor
fbf5541802
Remove duplicated set-cookie header from response when expiring cookies
...
Closes #17192
2023-02-27 14:17:27 -03:00
lpa
3cd413dee1
SOAP backchannel logout for SAML protocol
...
Closes #16293
2023-02-27 14:24:12 +01:00
rmartinc
38a46726e4
Implement UserInfoTokenMapper in HardcodedRole and RoleNameMapper mappers
...
Closes https://github.com/keycloak/keycloak/issues/15624
2023-02-27 10:14:48 -03:00
Václav Muzikář
557a22968c
Stabilize Account Console UI tests ( #17243 )
...
Closes #17178
Closes #17102
Closes #17070
Closes #17045
Closes #17044
Closes #16875
Closes #16870
Closes #16715
Closes #16670
Closes #16646
Closes #16627
Closes #16620
2023-02-23 12:35:08 +01:00
rmartinc
f91ac2970d
Polish fips-mode switch for preview ( #17228 )
...
* Polish fips-mode switch for preview
Closes #17208 #17210
Co-authored-by: mposolda <mposolda@gmail.com>
2023-02-22 12:12:52 +01:00
drohwer89
4ff180da64
Terminating all sessions above the session limit ( #16068 )
...
Adjusts implementation of UserSessionLimitsAuthenticator to terminate all sessions above the session limit.
Closes #14689
Co-authored-by: Marek Posolda <mposolda@gmail.com>
2023-02-16 17:56:59 +01:00
rmartinc
9995a3cdd4
lastSync value into COMPONENT_CONFIG is always updated
...
Closes https://github.com/keycloak/keycloak/issues/17022
2023-02-16 17:48:49 +01:00
mposolda
4f068fcdcc
Make https-trust-store-type set to bcfks by default in strict-mode
...
Closes #17119
2023-02-16 08:00:21 -03:00
sui.jieqiang
1f6fa0501c
Fix search user groups without limit
...
Closes #12649
2023-02-15 15:50:46 +01:00
vramik
7b604d6784
Sync properties in map-storage-jpa-cocroach
with other profiles
...
Closes #17107
2023-02-15 10:49:22 +01:00
Hynek Mlnarik
bb0eb899a7
Add ability to run arq testsuite with file store
...
Fixes : #17032
2023-02-15 10:17:23 +01:00
Pedro Igor
9e46b9e43f
Handling events after transaction completion using a separate session
...
Closes #15656
2023-02-14 13:10:57 +01:00
Václav Muzikář
a57821ed80
Fix JDK 17 InaccessibleObjectException with infinispan
2023-02-13 17:09:36 -03:00
laskasn
dc8b759c3d
Use encryption keys rather than sig for crypto in SAML
...
Closes #13606
Co-authored-by: mhajas <mhajas@redhat.com>
Co-authored-by: hmlnarik <hmlnarik@redhat.com>
2023-02-10 12:06:49 +01:00
Marek Posolda
9cfc1fdfa9
Reduce the redundant tests in fips-suite ( #16970 )
...
Closes #16969
2023-02-09 12:21:33 +01:00
Pedro Igor
423fc6daba
Flaky test KcOidcBrokerTokenExchangeTest ( #16914 )
...
Closes #16896
2023-02-08 14:49:49 +00:00
Dmitry Telegin
5f39aeb590
Pre-authorization hook for client policies
...
Closes #9017
2023-02-08 15:06:32 +01:00
Michal Hajas
6fa62e47db
Leverage HotRod client provided transaction
...
Closes #13280
2023-02-08 10:26:30 +01:00
Stian Thorgersen
4782a85166
Remove old admin console feature ( #16861 )
...
* Remove old admin console feature
Closes #16860
* Update help txt files for Quarkus tests
2023-02-07 12:59:35 +01:00
Pedro Igor
7b58783255
Allow mapping claims to user attributes when exchanging tokens
...
Closes #8833
2023-02-07 10:57:35 +01:00
Thomas Darimont
e38b7adf92
Revise blacklist password policy provider #8982
...
- Reduce false positive probability from 1% to 0.01% to avoid
rejecting to many actually good passwords.
- Make false positive rate configurable via spi config
- Revised log messages
Supported syntax variant:
`passwordBlacklist(wordlistFilename)`
Fixes #8982
Signed-off-by: Thomas Darimont <thomas.darimont@googlemail.com>
2023-02-07 10:36:39 +01:00
Martin Kanis
5ba004b447
Leverage Infinispan lifespan for ExpirableEntities in HotRod storage
2023-02-07 10:01:32 +01:00
Stian Thorgersen
fc075a3d35
Remove old admin console tests ( #16859 )
...
Closes #16858
2023-02-07 08:51:36 +01:00
Denis Bernard
5db64133b8
Add Attribute to Group Mapper for SAML IDP
...
Cleansing code as PR Comment
Add test for Advanced Attribute to Group Mapper
Closes #12950
2023-02-06 10:58:48 -03:00
Pedro Igor
1a1ee78dbd
Removing tests from base group broker mapper test classes
2023-02-06 10:58:48 -03:00
Pedro Igor
d97b9c48c4
Make sure PBKDF2 providers are using the expect size for derived keys ( #16798 )
...
Closes #16797
2023-02-03 15:31:25 +01:00
rmartinc
f8f112d8d2
Upgrade twitter4j ( #16828 )
...
Closes https://github.com/keycloak/keycloak/issues/16731
2023-02-03 15:28:37 +01:00
Marek Posolda
51bed81814
Fixes for OOB endpoint and KeycloakSanitizer ( #16773 )
...
(cherry picked from commit 91ac2fb9dd50808ff5c76d639594ba14a8d0d016)
2023-02-02 08:34:50 +01:00
Pedro Igor
e3c41ec3a0
Ignoring test methods from parent classes
...
Closes #15687
2023-02-01 14:58:03 -08:00
Stian Thorgersen
d9025231f9
HTML Injection in Keycloak Admin REST API ( #16765 )
...
Resolves #GHSA-m4fv-gm5m-4725
Co-authored-by: Martin Bartoš <mabartos@redhat.com>
2023-02-01 14:34:15 +01:00
Marek Posolda
33ff9ef17e
Fix remaining failing tests with BCFIPS approved mode ( #16699 )
...
* Fix remaining failing tests with BCFIPS approved mode
Closes #16698
2023-01-30 16:01:57 +01:00
mposolda
7f017f540e
BCFIPS approved mode: Some tests failing due the short secret for client-secret-jwt client authentication
...
Closes #16678
2023-01-30 08:40:46 +01:00
Martin Kanis
c4255e7301
Wrong property for events in map-storage-hot-rod on Undertow
2023-01-27 14:24:34 +01:00
mposolda
5591b5198b
Still test failures with BCFIPS approved mode due the hardcoded keys
...
Closes #16643
2023-01-26 15:50:29 +01:00
Pedro Igor
f6602e611b
Allow managing the username idn homograph validator
...
Closes #13346
2023-01-26 04:55:43 -08:00
mposolda
a804400c84
Added KERBEROS feature. Disable it when running tests on FIPS
...
closes #14966
2023-01-25 18:38:46 +01:00
mposolda
16888eaeab
Only available RSA key sizes should be shown in admin console
...
Closes #16437
2023-01-25 13:15:07 +01:00
mposolda
29888dbf1a
Update realm keys in the testsuite to be generated where possible. Update other keys to be FIPS compliant
...
Closes #12420
2023-01-25 08:26:15 +01:00
Hynek Mlnarik
977cc473bb
Fix linebreaks in XML / SAML signatures
...
See https://bugs.openjdk.org/browse/JDK-8264194
See https://issues.apache.org/jira/browse/SANTUARIO-482
Fixes : #14529
2023-01-23 15:39:10 +01:00
Konstantinos Georgilakis
c73859794e
Short verification_uri for Device Authorization Request
...
Closes #16107
2023-01-18 08:34:52 +01:00
Pedro Igor
33cb1ad7cd
Support runnning tests using an embedded distribution
...
Closes #16420
2023-01-13 12:03:36 -08:00
mposolda
79fa6bb3c9
Initial support for running testsuite in BCFIPS approved mode
...
Closes #16429
2023-01-13 02:59:06 -08:00
ムハマドザクワンビンムハマドザヒド / MOHDZAHID,BIN MUHAMMADZAKWAN
cc6597967a
Refactoring ClientPoliciesTest
...
Closes #14795
2023-01-12 09:38:12 +01:00
Pedro Igor
9945135861
Verify if token is revoked when validating bearer tokens ( #16394 )
...
Closes #16388
2023-01-11 14:42:29 +01:00
mposolda
ac490a666c
Fix KcSamlSignedBrokerTest in FIPS. Support for choosing realm encryption key for decrypt SAML assertions instead of realm signature key
...
Closes #16324
2023-01-10 20:39:59 +01:00
Miquel Simon
7bd78f604a
Added MariaDB to Legacy Store IT. ( #16157 )
2023-01-10 17:37:27 +01:00
Pedro Igor
d797d07d8f
Ignore user profile attributes for service accounts
...
Closes #13236
2023-01-10 16:26:53 +01:00
mposolda
4d55c6a647
Adding SAML tests for FIPS - with addition of XMLDSig security provider
...
Closes #14969
2023-01-10 08:37:03 +01:00
Pedro Igor
53ee95764e
Do not show username field when updating profile if UPDATE_EMAIL feature is enabled and email as username is enabled
...
Closes #16263
2023-01-06 14:12:47 +01:00
Réda Housni Alaoui
141c9dd803
update-email: email change does not affect the username when "Email as username" option is checked ( #15583 )
...
Closes #13988
2023-01-06 14:04:48 +01:00
Miquel Simon
c2682157fb
Added MS SQL Server to Legacy Store IT. ( #16121 )
...
* Added MS SQL Server to Legacy Store IT.
* Update testsuite/integration-arquillian/pom.xml
Co-authored-by: Stian Thorgersen <stianst@gmail.com>
Co-authored-by: Stian Thorgersen <stian@redhat.com>
2023-01-06 08:55:09 +01:00
Réda Housni Alaoui
dbe0c27bcf
Allowing client registration access token rotation deactivation
2023-01-05 20:53:57 +01:00
mposolda
e374e309c6
Deprecate SHA1 based algorithms for sign SAML documents and assertions
...
Closes #16240
2023-01-05 20:45:20 +01:00
Michal Hajas
6566b58be1
Introduce Infinispan GlobalLock implementation
...
Closes #14721
2023-01-05 16:58:44 +01:00
Hynek Mlnarik
071fc03f41
Move transaction processing into session close
...
Fixes : #15223
2023-01-05 16:12:32 +01:00
Stian Thorgersen
6c1f981eec
Fix UserTest.sendResetPasswordEmailWithCustomLifespan ( #16233 )
...
Closes #16232
2023-01-04 13:03:33 +01:00
Stian Thorgersen
7dc16c69cb
Force refreshing token for admin client if time offset is set ( #16242 )
...
Closes #16143
2023-01-04 13:03:10 +01:00
ムハマドザクワンビンムハマドザヒド / MOHDZAHID,BIN MUHAMMADZAKWAN
ce6b737e33
NPE in userinfo endpoint
...
Closes #15429
2023-01-02 13:53:29 +01:00
Miquel Simon
9bb5b08015
Added Oracle to Legacy Store IT. ( #16097 )
2022-12-21 08:15:38 +01:00
mposolda
36bd76957d
Make Keycloak FIPS working with OpenJDK 17 on FIPS enabled RHEL
...
Closes #15721
2022-12-20 21:03:55 +01:00
Michal Hajas
c79d29e68c
Move HotRod profile to the same pom as other map profiles and introduce map-storage-chm profile
...
Closes #16046
2022-12-20 17:51:40 +01:00
Alexander Schwartz
1d758fac2b
Adding CRDB into GHA for the new store ( #16021 )
...
The CockroachDB database is slower than PostgreSQL, therefore it will only run branches and nightly builds.
Closes #16020
2022-12-17 08:50:21 +01:00
Pedro Igor
857b02be63
Allow managing the required settigs for the email attribute
...
Closes #15026
2022-12-15 13:11:06 -08:00
Pedro Igor
782d145cef
Allow updating authz settings via default client registration provider
...
Closes #9008
2022-12-15 20:43:43 +01:00
Stian Thorgersen
c1b0f2a6ab
Rebalanace BaseIT test groups ( #16007 )
2022-12-15 08:52:30 +01:00
Stian Thorgersen
a5670af745
Keycloak CI workflow refactoring ( #15968 )
...
* Keycloak CI workflow refactoring
Closes #15861
* Update testsuite/integration-arquillian/tests/base/testsuites/base-suite.sh
Co-authored-by: Hynek Mlnařík <hmlnarik@users.noreply.github.com>
* Update testsuite/integration-arquillian/tests/base/testsuites/suite.sh
Co-authored-by: Hynek Mlnařík <hmlnarik@users.noreply.github.com>
* Update testsuite/integration-arquillian/tests/base/testsuites/suite.sh
Co-authored-by: Hynek Mlnařík <hmlnarik@users.noreply.github.com>
* Update CodeQL actions
Co-authored-by: Hynek Mlnařík <hmlnarik@users.noreply.github.com>
2022-12-14 16:12:23 +01:00
Stian Thorgersen
0f2ca3bfdd
fixes from release/20 ( #15982 )
...
* Avoid path traversal vis double-url encoding of redirect URI (#8 )
(cherry picked from commit a2128fb9e940d96c2f9a64edcd4fbcc768eedb4f)
* Do not resolve user session if corresponding auth session does not exist (#7 )
* Stabilizing the ConcurrentLoginTest when running with JPA map storage by locking user sessions (#9 )
Co-authored-by: Marek Posolda <mposolda@gmail.com>
Co-authored-by: Pedro Igor <pigor.craveiro@gmail.com>
Co-authored-by: Alexander Schwartz <alexander.schwartz@gmx.net>
2022-12-14 07:46:17 +01:00
Stian Thorgersen
30cc16e648
Move authorization tests into authz package ( #15957 )
...
Closes #15956
2022-12-12 18:09:11 +01:00
Michal Hajas
de7dd77aeb
Change id of TermsAndConditions required actions to uppercase
...
Closes #9991
2022-12-07 10:51:37 -03:00
mposolda
f4e91a5312
The redirect URI cannot be verified during logout in the case when client was removed
...
closes #15866
2022-12-07 08:20:30 +01:00
mposolda
264c5a6cdb
Support for KcReg and KcAdm CLI to use BCFIPS instead of BC on FIPS platforms
...
Closes #14968
2022-12-06 13:02:46 +01:00
Pedro Igor
022d2864a6
Make sure JAX-RS resource methods are advertizing the media type they support
...
Closes #15811
Closes #15810
2022-12-06 08:13:43 -03:00
Stian Thorgersen
2f0d8cd895
Move hok, par, and rar tests to oauth package ( #15834 )
...
Closes #15833
2022-12-05 15:42:20 +01:00
Michal Hajas
59ccae76cb
Fix flaky JS test ( #15804 )
...
Closes #15761
Co-authored-by: Stian Thorgersen <stianst@gmail.com>
2022-12-05 13:16:04 +01:00
Stian Thorgersen
8e6437e596
Fix Flaky test: RequiredActionTotpSetupTest.setupTotpExistingReusableCodeDisabled ( #15779 )
...
Closes #15564
2022-12-01 10:41:46 +01:00
Hynek Mlnařík
60ce949304
Ignore unknown clients in LDAP role mapper
...
Fixes : #10958
2022-12-01 09:51:05 +01:00
Stian Thorgersen
c24bc1bab0
Tweak time offset in RefreshTokenTest ( #15760 )
...
Closes #15718
2022-11-30 16:11:46 +01:00
Stian Thorgersen
c3c858c88a
Fix OpenshiftClientStorageTest.testCodeGrantFlowWithServiceAccountUsingOAuthRedirectReference ( #15741 )
...
Closes #15565
2022-11-29 14:20:21 +01:00
Miquel Simon
88bc5e2307
Use different Postgres image in Testcontainers. Upgraded Testcontainers dependency to 1.17.5.
2022-11-28 10:57:14 +01:00
mposolda
3e9c729f9e
X.509 authentication fixes for FIPS
...
Closes #14967
2022-11-25 11:50:30 +01:00
Stefan Guilhen
5c2a5fac31
Enable all test methods in ConcurrentLoginTest for JPA Map Storage
...
- Tests still disabled for Hotrod and CHM
- Fixes concurrent login issues with CRDB. Verified with both PostgreSQL and CockroachDB.
Closes #12707
Closes #13210
2022-11-24 13:36:22 +01:00
Lex Cao
dd03137ea7
Strip secret of user when creating from admin API
...
Closes #14843
2022-11-24 11:38:42 +01:00
Nagy Vilmos
4b6b607fe9
Should not hide IDP from login page ( #14174 )
...
Closes #14173
2022-11-23 10:49:21 +01:00
rmartinc
b7188c3891
Unknown bind DN using LDAP anonymous bind aka bind type none ( #15546 )
...
Closes #15497
2022-11-23 10:23:46 +01:00
danielFesenmeyer
18381ecd2e
Fix update of group mappers on certain changes of the group path
...
The group reference in the mapper was not updated in the following cases:
- group rename: when an ancestor group was renamed
- (only for JpaRealmProvider, NOT for MapRealmProvider/MapGroupProvider) group move: when a group was converted from subgroup to top-level or when a subgroup's parent was changed
Closes #15614
2022-11-23 10:12:34 +01:00
cgeorgilakis-grnet
085dd24875
Client registration service do not check client protocol for Bearer token
...
Closes #15612
2022-11-23 08:49:13 +01:00
Stefan Guilhen
f8df04b3b8
Fix UserSessionProviderTest.testOnClientRemoved on CRDB
...
Closes #15558
2022-11-21 13:05:11 +01:00
Michal Hajas
6d683824a4
Deprecate DBLockProvider and replace it with new GlobalLockProvider
...
Closes #9388
2022-11-16 16:13:25 +01:00
Martin Kanis
5e891951f5
Update Infinispan version to 14.0.2.Final
2022-11-16 14:56:45 +01:00
Douglas Palmer
9f532eecaf
Weird export/re-import behaviour regarding post.logout.redirect.uris
...
Closes #14884
2022-11-15 09:24:32 +01:00
vramik
021189f190
Make GHA Map-JPA base testsuite running with Quarkus
...
Co-authored-by: Martin Batros <mabartos@redhat.com>
Closes #13725
2022-11-10 10:08:14 +01:00
Jia Chen
c3d53ae6e0
Returns an empty groups stream without querying the database if a user doesn't belong to any groups
...
Closes #12567
2022-11-09 13:07:42 +01:00
danielFesenmeyer
ec30c52a00
Fix paging on the "Users in role" endpoint, when JPA persistence is used
...
- add order-by-clause to the corresponding JPA query (ordering by username ASC)
- adjust admin-client RoleResource to return a List instead of a Set, by introducing new methods #getUserMembers (instead of #getRoleUserMembers - the "Role" prefix is not needed, because it is clear from the resource name that it's about roles)
- adjust tests to use the new method and check that the expected order is returned
Closes #14772
2022-11-07 20:44:06 +01:00
stianst
1de9c201c6
Refactor Profile
...
Closes #15206
2022-11-07 07:28:11 -03:00
Marek Posolda
c0c0d3a6ba
Short passwords with PBKDF2 mode working ( #14437 )
...
* Short passwords with PBKDF2 mode working
Closes #14314
* Add config option to Pbkdf2 provider to control max padding
* Update according to PR review - more testing for padding and for non-fips mode
2022-11-06 14:49:50 +01:00
Marek Posolda
f616495b05
Fixing UserFederationLdapConnectionTest,LDAPUserLoginTest to work with FIPS ( #15299 )
...
closes #14965
2022-11-03 16:35:57 +01:00
Marek Posolda
2ba5ca3c5f
Support for multiple keys with same kid, which differ just by algorithm in the JWKS ( #15114 )
...
Closes #14794
2022-11-03 09:32:45 +01:00
Stian Thorgersen
cf913af823
Add support for Microsoft Authenticator ( #15272 )
...
Closes #15271
2022-11-02 12:56:07 +01:00
Stian Thorgersen
cac4c43052
Remove AccountPasswordPage from testsuite ( #15204 )
...
Closes #15200
2022-11-02 06:20:39 +01:00
Alexander Schwartz
dd5a60c321
Allow a partial import to overwrite the default role
...
Closes #9891
2022-11-01 15:35:02 -03:00
Pedro Igor
f6985949b6
Close the session within resteasy boundaries ( #15193 )
...
Closes #15192
2022-11-01 11:06:34 +01:00
Stian Thorgersen
17117820cc
Remove AccountFormServiceTest ( #15197 )
...
Closes #15196
2022-10-28 12:26:59 +02:00
Michal Hajas
883e83e625
Remove deprecated methods from data providers and models
...
Closes #14720
2022-10-25 09:01:33 +02:00
Alexander Schwartz
9b80bad391
Stabilize test testAccountManagementLinkIdentity by waiting for username to appear
...
Closes #15054
2022-10-24 19:19:27 +02:00
Stian Thorgersen
29b8294dd6
Filter list of supported OTP applications by current policy ( #15113 )
...
Closes #15112
2022-10-24 16:47:16 +02:00
mposolda
55c514ad56
More flexibility in keystore related tests, Make keycloak to notify which keystore types it supports, Support for BCFKS
...
Closes #14964
2022-10-24 08:36:37 +02:00
Stian Thorgersen
97ae90de88
Remove Red Hat Single Sign-On product profile from upstream ( #14697 )
...
* Remove Red Hat Single Sign-On product profile from upstream
Closes #14916
* review suggestions: Remove Red Hat Single Sign-On product profile from upstream
Closes #14916
Co-authored-by: Peter Skopek <pskopek@redhat.com>
2022-10-18 14:43:04 +02:00
Marek Posolda
0756ef9a75
Initial integration tests with BCFIPS distribution ( #14895 )
...
Closes #14886
2022-10-17 23:33:22 +02:00
Stian Thorgersen
f7490b7f7c
Fix issue where admin2 was not enabled by default if account2 was disabled ( #14914 )
...
Refactoring ThemeSelector and DefaultThemeManager to re-use the same logic for selecting default theme as there used to be two places where one had a broken implementation
Closes #14889
2022-10-17 15:17:54 +02:00
vramik
f49582cf63
MapUserProvider in KC20 needs to store username compatible with KC19 to be no-downtime-upgradable
...
Closes #14678
2022-10-14 09:32:38 +02:00
danielFesenmeyer
f80a8fbed0
Avoid login failures in case of non-existing group or role references and update references in case of renaming or moving
...
- no longer throw an exception, when a role or group cannot be found, log a warning instead
- update mapper references in case of the following events:
- moving a group
- renaming a group
- renaming a role
- renaming a client's Client ID (may affect role qualifiers)
- in case a role or group is removed, the reference still will not be changed
- extend and refactor integration tests in order to check the new behavior
Closes #11236
2022-10-13 13:23:29 +02:00
Martin Kanis
761929d174
Merge ActionTokenStoreProvider and SingleUseObjectProvider ( #13677 )
...
Closes #13334
2022-10-13 09:26:44 +02:00
Lex Cao
8ea3f30d82
Support profile projection parameter for LinkedIn IDP
...
Closes #13384
2022-10-11 15:22:00 -03:00
Takashi Norimatsu
148c7695ff
Pluggable Features of Token Manager
...
Closes #12065
2022-10-07 08:43:34 +02:00
Marek Posolda
425b6b8df2
Parameters 'client_id' and 'response_type' not strictly required in O… ( #14679 )
...
* Parameters 'client_id' and 'response_type' not strictly required in OIDC request object
Closes #14255
2022-10-05 11:20:15 +02:00
Douglas Palmer
44aae52fb4
Fixed locale switcher on error page ( #14728 )
...
Closes #14205
2022-10-05 10:30:07 +02:00
Marek Posolda
c59660ca86
KEYCLOAK_SESSION not working for some user federation setups when user ID has special chars ( #14560 )
...
closes #14354
2022-10-05 08:59:30 +02:00
Marek Posolda
fb24c86a3b
offline token issuance can cause violation of PRIMARY KEY constraint CONSTRAINT_OFFL_CL_SES_PK3 ( #14658 )
...
closes #13706
2022-10-03 12:54:12 +02:00
Stian Thorgersen
390c7485c7
Remove WildFly dist modules ( #14675 )
...
Closes #14307
2022-09-30 14:26:55 +02:00
Alice Wood
1eb7e95b97
enhance existing group search functionality allow exact name search keycloak/keycloak#13973
...
Co-authored-by: Abhijeet Gandhewar <agandhew@redhat.com>
2022-09-30 10:37:52 +02:00
Martin Bartoš
a20d6e2f1f
Remove JBoss-based auth servers from the testsuite ( #14317 )
...
Closes #14299
2022-09-30 09:41:57 +02:00
Marcelo Daniel Silva Sales
22713bc144
Incorrect error message OIDC client authentication ( #14656 )
...
closes #12162
Co-authored-by: Pedro Hos <pedro-hos@outlook.com>
2022-09-30 09:40:05 +02:00
David Anderson
a8db79a68c
Introduce crypto module using Wildfly Elytron ( #14415 )
...
Closes #12702
2022-09-27 08:53:46 +02:00
Alexander Schwartz
be2deb0517
Modify RealmsAdminResource.importRealm to work with InputStream
...
Closes #13609
2022-09-26 20:58:08 +02:00
Alice Wood
55a660f50b
enhance group search to allow searching for groups via attribute keycloak/keycloak#12964
...
Co-authored-by: Abhijeet Gandhewar <agandhew@redhat.com>
Co-authored-by: Michal Hajas <mhajas@redhat.com>
2022-09-19 15:19:36 +02:00
Takashi Norimatsu
0a832fc744
Intent support before issuing tokens (UK OpenBanking)
...
Closes #12883
2022-09-19 12:15:00 +02:00
rmartinc
cc9326fcad
Delay LDAPObject creation until mandatory attributes are set ( #14341 )
...
Closes #14286
2022-09-16 20:35:50 +02:00
Dmitry Telegin
cc2117bf7c
UserInfo endpoint not fully standards compliant
...
Closes #14184
2022-09-16 10:15:08 +02:00
danielFesenmeyer
3af1134975
Update IDP link username when sync mode is "force"
...
Closes #13049
2022-09-14 08:02:17 -03:00
Martin Bartoš
ed3d003d65
Remove Legacy migration tests from testsuite ( #14310 )
...
Closes #14300
2022-09-14 11:29:53 +02:00
Václav Muzikář
e999aeeab8
Fix DefaultHostnameTest
on Undertow
2022-09-13 14:41:23 -03:00
Martin Bartoš
aa5a4e3d84
Remove remote WildFly server from the testsuite ( #14321 )
...
Closes #14319
2022-09-13 12:49:40 +02:00
Václav Muzikář
490590625d
Fix listApplicationsThirdParty
2022-09-13 08:33:31 +02:00
Jurjan-Paul Medema
eb0124e3e1
Mapper option 'Aggregate attribute values' is now applied to group hierarchy ( #7871 )
...
Closes #11255
2022-09-12 13:34:28 +02:00
Christoph Leistert
7e5b45f999
Issue #8749 : Add an option to control the order of the event query and admin event query
2022-09-11 21:30:12 +02:00
Alexander Schwartz
1d2d3e5ca5
Move UserFederatedStorageProvider into legacy module
...
Closes #13627
2022-09-11 18:37:45 +02:00
Pedro Igor
3518362002
Validate auth time when max_age is sent to brokered OPs
...
Closes #14146
2022-09-09 10:30:51 -03:00
Pedro Igor
a0079b516b
Allow setting response mode ( #14104 )
...
Closes #14083
2022-09-09 14:28:47 +02:00
Martin Bartoš
0fcf5d3936
Reuse of token in TOTP is possible
...
Fixes #13607
2022-09-09 08:56:02 -03:00
Marek Posolda
040e52cfd7
SAML javascript protocol mapper: disable uploading scripts through admin console by default ( #14293 )
...
Closes #14292
2022-09-09 13:47:51 +02:00
vramik
869ccc82b2
Enable MapUserProvider storing username with the letter case significance
...
Closes #10245
Closes #11602
2022-09-09 11:46:11 +02:00
Dominik Guhr
f2b02f19e6
Closes #13786
2022-09-07 18:29:26 +02:00
cgeorgilakis
07b0df8f62
View groups from account console ( #7933 )
...
Closes #8748
2022-09-07 11:25:31 +02:00
Lex Cao
1f197aa96b
Add basic auth compliant to RFC 6749 ( #14179 )
...
Closes #14179
2022-09-07 10:09:30 +02:00
Christoph Leistert
cc2bb96abc
Fixes #9482 : A user could be assigned to a parent group if he is already assigned to a subgroup.
2022-09-06 21:31:31 +02:00
Thomas Peter
19d69169b1
introduce expiration option for admin events
2022-09-06 16:05:53 +02:00
Pedro Igor
a6137b9b86
Do not empty attributes if they are not provided when user profile is enabled
...
Closes #11096
2022-09-06 12:59:05 +02:00
Michal Hajas
f69497eb28
KEYCLOAK-12988 Deprecate getUsers* methods in favor of searchUsers* variants
...
Closes #14018
2022-09-06 10:38:28 +02:00
Sergey Ch
860c3fbbd3
KEYCLOAK-17263 Add exact searching for users ( #8059 )
...
Co-authored-by: Stian Thorgersen <stianst@gmail.com>
2022-09-01 19:27:24 +02:00
Thomas Darimont
43623ea9d0
KEYCLOAK-18499 Add max_age support to oauth2 brokered logins
...
Revise KcOidcBrokerPassMaxAgeTest to use setTimeOffset(...)
2022-09-01 09:24:44 -03:00
Joerg Matysiak
a8019d78e7
Fixed handling of required setting for email in user profile.
...
Resolves #13923
2022-08-31 17:19:19 -03:00
Martin Bartoš
677579fce6
Environment variables for admin creation in testsuite
...
Closes #14102
2022-08-31 07:29:55 -03:00
Nagy Vilmos
f6db484172
Keep the locale related authNotes through the IdentityBroker flow. ( #10444 )
...
Closes #8827
2022-08-31 09:37:26 +02:00
Martin Bartoš
e6a5f9c124
Default required action providers are still available after feature disabling
...
Closes #13189
2022-08-31 08:42:47 +02:00
Stian Thorgersen
eece543ede
Remove AddUserTest as it was specific to the WildFly distribution ( #14091 )
...
Closes #14072
2022-08-30 16:57:44 +02:00
Manato Takai
1cdc21f0ff
Add duplicate parameter check for UserInfo endpoint. ( #14024 )
...
Closes #14016
2022-08-30 14:39:15 +02:00
Joerg Matysiak
62790b8ce0
Allow permission configuration for username and email in user profile.
...
Enhanced Account API to respect access to these attributes.
Resolves #12599
2022-08-25 21:54:51 -03:00
Michal Hajas
05b9e6d59e
Upgrade Infinispan to 13.0.10.Final ( #13910 )
...
Closes #12306
2022-08-25 13:09:34 +02:00
Christoph Leistert
5408d25e09
Fixes #10656 : Sub realm localization GET endpoints can be called using tokens issued by the master realm. ( #10660 )
...
* Fixes #10656 : Sub realm localization GET endpoints can be called using tokens issued by the master realm.
* Fixes #10656 : Added some tests
2022-08-25 09:02:07 +02:00
Markus Till
7f999a4629
integration.admin-client: Add exact search for all dedicated user attributes ( #13361 )
...
Closes #13360
2022-08-25 08:57:31 +02:00
Arnaud Martin
af0d97e534
Delete broker links for federated users when an identity provider is deleted
...
Closes #13731
2022-08-25 08:24:09 +02:00
Pedro Igor
ddcf0f45f9
Run import within the context of the realm being imported
...
Closes #12289
2022-08-25 08:18:43 +02:00
Pedro Igor
25be07be17
Allow introspecting tokens issued during token exchange with delegation semantics
...
Closes #9337
2022-08-24 09:47:04 -03:00
Takashi Norimatsu
8c1ea4b47c
mTLS binding support for password grant
...
Closes #13662
2022-08-24 11:44:48 +02:00
Konstantinos Georgilakis
c5b9dc1e7b
set context session client equal to clientsession client (fromClientSessionAndScopeParameter method of DefaultClientSessionContext)
...
Closes #13162
2022-08-23 17:33:07 +02:00
Konstantinos Georgilakis
baa89debd9
Correct isValidScope method of TokenManager for Dynamic scopes
...
Closes #13158
2022-08-23 16:30:04 +02:00
Lex Cao
6b1c64a1a9
Add rememberMe to a user session representation( #13408 ) ( #13765 )
...
Closes #13408
2022-08-23 15:28:52 +02:00
Konstantinos Georgilakis
2002fd983b
Showing consent screen text instead of scope name in consent part of Application page in Account console
...
Closes #13109
2022-08-23 11:22:31 +02:00
rishabhsvats
c223291a1e
Adds REGISTER event when new user login through first broker flow
...
Updates KcOidcBrokerEventTest, AbstractFirstBrokerLoginTest to factor in REGISTER event in first broker flow
Closes #11646
Correcting Indentation of AbstractFirstBrokerLoginTest
2022-08-23 10:43:56 +02:00
Stefan Guilhen
f84fdfa8ef
Fix UserSessionProviderTest failures with CockroachDB ( #13891 )
...
- move assertions to a separate tx due to CRDB's SERIALIZABLE isolation level
Closes #13211
2022-08-23 09:57:13 +02:00
Sebastian Schuster
53472e097c
13647 fixed wrong feature flag for checking admin fine-grained authz
2022-08-22 09:34:12 -03:00
Stefan Guilhen
5775e7c4ba
Fix ConcurrentTransactionsTest failure with CockroachDB ( #13890 )
...
- realm has to be removed in a separate tx due to CRDB's SERIALIZABLE isolation level
Closes #13211
2022-08-22 08:39:14 +02:00
Pedro Igor
eda33a0b21
Concurrency issue when caching JS policies
...
Closes #12204
2022-08-17 16:30:32 -03:00
Pedro Igor
15bbb46657
Avoid removing static path config from cache
...
Closes #9855
2022-08-17 16:29:59 -03:00
Martin Bartoš
5a2852530f
Fix DB tests for Quarkus
...
Fixes #13642
2022-08-17 10:23:05 -03:00
Pedro Igor
841c65d24f
Return 404 when invoking authorization endpoints in case authz settings are disabled
...
Closes #10151
2022-08-16 16:37:44 -03:00
Michal Hajas
ab431e3bd9
Fix KeycloakQuarkusServerDeployableContainer to correctly configure map store
...
Closes #13721
2022-08-11 16:55:06 +02:00
Pedro Igor
e3af0610e2
Support running base testsuite on Windows
...
Closes #12648
Co-authored-by: Dominik Guhr <dguhr@redhat.com>
2022-08-10 20:03:53 -03:00
Markus Till
fa383bf76c
Suppress confirmation screen for logout in oidc ( #13471 )
...
Closes #13469
2022-08-10 18:25:50 +02:00
Michal Hajas
d55d110ff9
Run Infinispan using Testcontainers in base testsuite
...
Closes #13620
2022-08-10 16:36:44 +02:00
Marcelo Daniel Silva Sales
e44cea587f
NullPointer during OIDC logout client disabled ( #13424 )
...
closes #12624
2022-08-08 12:34:09 +02:00
Tero Saarni
2392af157b
Forward quarkus server output to console in testsuite
2022-08-05 09:48:48 -03:00
Sebastian Knauer
21f700679f
KEYCLOAK-19866 Fix user-defined- and xml-fragment-parsing/Add XPathAttributeMapper
2022-08-03 13:07:12 +02:00
Marek Posolda
7e925bfbff
Unit tests in "crypto/fips1402" passing on RHEL 8.6 with BC FIPS approved mode. Cleanup ( #13406 )
...
Closes #13128
2022-07-29 18:03:56 +02:00
Hynek Mlnarik
143e6bc932
Replace undertow-map with quarkus-map
...
Fixes : #12652
2022-07-27 14:08:38 +02:00
Stian Thorgersen
ae33af92d9
Promote new admin console to default ( #13243 )
...
Closes #13242
2022-07-27 10:13:49 +02:00
Pedro Hos
ee2c5391bd
Possible client enumeration in the authorization endpoint
...
Closes #12164
2022-07-26 09:10:06 +02:00
Douglas Palmer
c00514d659
Support for post_logout_redirect_uris in OIDC client registration ( #12282 )
...
Closes #10135
2022-07-25 10:57:52 +02:00
Dominik Guhr
9bb1299d89
change optimised to optimized
...
also: fix kc.bat to not use autobuild in devmode anymore, fix containers.adoc to not use auto_build naming, fix build command cli help as it is not required anymore to run it beforehand.
2022-07-22 10:29:07 -03:00
Stian Thorgersen
a251d785db
Remove text based login flows ( #13249 )
...
* Remove text based login flows
Closes #8752
* Add display param back in case it's used by some custom authenticators
2022-07-22 15:15:25 +02:00
Alexander Schwartz
cb81a17611
Disable Infinispan for map storage and avoid the component factory when creating a realm independent provider factory
...
Provide startup time in UserSessionProvider independent of Infinispan,
cleanup code that is not necessary for the map storage as it isn't using Clustering.
Move classes to the legacy module.
Closes #12972
2022-07-22 08:20:00 +02:00
Douglas Palmer
adeef6c2a0
Partial import feature does not import Identity Provider mappers in Keycloak #12861
2022-07-21 18:04:15 +02:00
Stefan Guilhen
e9c55f45e5
Enable action token JPA provider in map-storage-jpa profile
...
Closes #13139
2022-07-20 16:30:20 -03:00
Pedro Igor
3631a413d2
Allow token exchange when subjec_token is not associated with a session
...
Closes #12596
2022-07-20 15:42:26 -03:00
Lex Cao
f0988a62b8
Use base64 url decoded for client secret when authenticating with Basic Auth ( #12486 )
...
Closes #11908
2022-07-16 09:38:41 +02:00
Pedro Igor
89028613d8
Introducing --optimise option
...
Closes #10737
2022-07-15 15:12:17 -03:00
Marcelo Daniel Silva Sales
f7a80409a9
Add flow to generate secret length based on signature algorithm ( #13107 )
...
Closes #9376
2022-07-15 11:06:07 +02:00
Vlasta Ramik
ec853a6b83
JPA map storage: User / client session no-downtime store ( #12241 )
...
Co-authored-by: Alexander Schwartz <alexander.schwartz@gmx.net>
Closes #9666
2022-07-14 12:07:02 -03:00
kz-masa
d26cff270f
Delete unnecessary import statements ( #12935 ) ( #12936 )
2022-07-12 19:37:15 -03:00
Martin Bartoš
216922233a
Remote base tests don't work with WildFly ( #12842 )
...
Fixes #12841
2022-07-12 15:14:09 +02:00
Martin Kanis
4b43612806
Disable WARN logging for Hot Rod RemoteQuery class
2022-07-11 16:48:56 -03:00
Pedro Igor
5b48d72730
Upgrade Resteasy v4
...
Closes #10916
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
2022-07-11 12:17:51 -03:00
Martin Bartoš
07ab29378b
Make WebAuthn required actions enabled by default
...
Closes #12723
2022-07-11 15:32:40 +02:00
Michal Hajas
0f86427dd0
Make user->client sessions relationship consistent
...
Closes #12817
2022-07-11 08:42:28 -03:00
Martin Bartoš
17f1d04960
Possibility to execute DB migration tests for Quarkus distribution ( #12688 )
...
Closes #12685
2022-07-11 12:23:41 +02:00
Takashi Norimatsu
29aad9dc45
PAR logic affecting /auth endpoint
...
Closes #9289
2022-07-11 11:56:37 +02:00
Alexander Schwartz
29a501552e
Disable the JpaUserFederatedStorageProvider when map storage is enabled
...
Closes #12895
2022-07-07 10:47:42 -03:00
Alexander Schwartz
d91a5eb99f
Move methods from UserStorageUtil to LegacyRealmModel
...
It is better suited to take methods removed from RealmModel earlier.
Closes #12805
2022-07-07 09:57:17 -03:00
Stefan Guilhen
dc88dd5286
Users Map JPA implementation ( #12871 )
2022-07-05 11:19:31 -03:00
Alexander Schwartz
098d4dda0e
Split PublicKeyStorageProvider ( #12897 )
...
Split PublicKeyStorageProvider
- Extract clearCache() method to separate interface and move it to the legacy module
- Make PublicKeyProvider factories environment dependent
- Simple map storage for public keys that just delegates
Resolves #12763
Co-authored-by: Martin Kanis <mkanis@redhat.com>
2022-07-05 09:57:51 -03:00
Stefan Guilhen
007fa1f374
Single Use Objects Map JPA implementation
...
Closes #9852
2022-07-04 10:05:51 -03:00
Alexander Schwartz
4b20e90292
Move session persistence package to legacy-private module
...
Also, disabling the jpa session persister when map storage is enabled.
Closes #12712
2022-07-04 10:05:26 -03:00
Konstantinos Georgilakis
32f8f30f36
Include 'urn:ietf:params:oauth:grant-type:token-exchange' in grant_types_supported field of Keycloak OP metadata, if token-exchange is enabled
...
closes #10888
2022-06-30 17:13:47 -03:00
Jon Koops
06d1b4faab
Restore enum variant of ResourceType
...
This reverts commit 3b5a578934
.
2022-06-30 12:20:51 -03:00
Alexander Schwartz
ddeab744d0
Moving RoleStorageProviderModel to the legacy modules
...
Closes #12656
2022-06-29 20:04:32 +02:00
vramik
3b5a578934
Change enum ResourceType to interface with String constants
...
Closes #12485
2022-06-29 13:35:11 +02:00
Lex Cao
c3c8b9f0c8
Add client_secret
to response when token_endpoint_auth_method
is not private_key_jwt
( #12609 )
...
Closes #12565
2022-06-29 10:19:18 +02:00
Clara Fang
4643fd09e3
Replace occurrences of getParameterTypes().length and getParameters().length with getParameterCount()
...
This should reduce GC pressure.
Closes #12644
2022-06-29 08:53:09 +02:00
Konstantinos Georgilakis
ccc0449314
json device code flow error responses
...
closes #11438
2022-06-29 07:23:02 +02:00
Marek Posolda
be1e31dc68
Introduce crypto/default module. Refactoring BouncyIntegration ( #12692 )
...
Closes #12625
2022-06-29 07:17:09 +02:00
danielFesenmeyer
b6d8c27cac
OIDC logout: In "legacy mode", support post_logout_redirect_uri param without requiring id_token_hint param
...
Closes #12680
2022-06-28 14:36:03 +02:00
leandrobortoli
c5d5659100
Fixed bug on client credentials grant when encryption key not found
...
Closes #12348
2022-06-27 13:00:21 +02:00
Lex Cao
f8a7c8e160
Validate name of client scope ( #12571 )
...
Closes #12553
2022-06-27 12:26:18 +02:00
Pedro Igor
3d2c3fbc6a
Support JSON objects when evaluating claims in regex policy
...
Closes #11514
2022-06-23 14:04:09 -03:00
Pedro Igor
d3a40e8620
Use backend baseURL for UMA-related backend endpoints
...
Closes #12549
2022-06-23 10:35:26 -03:00
Takashi Norimatsu
a10eef882f
DeviceTokenRequestContext.getEvent returns a wrong ClientPolicyEvent
...
Closes #12455
2022-06-22 13:01:35 +02:00
Takashi Norimatsu
d396ee7d30
CIBA flow : no error on invalid scope
...
Closes #12589
2022-06-22 12:55:55 +02:00
rmartinc
711440e513
[ #11036 ] Identity Providers: Add support for elliptic curve signatures (ES256/ES384/ES512) using JWKS URL
2022-06-21 10:52:25 -03:00
Stefan Guilhen
7d96f3ad5a
Events Map JPA implementation
...
Closes #9667
2022-06-21 13:53:48 +02:00
Hynek Mlnarik
26198e4b0b
Disable tests irrelevant for map storage
2022-06-21 08:53:06 +02:00
Alexander Schwartz
d41764b19b
Inline deprecated methods in legacy code
2022-06-21 08:53:06 +02:00
Alexander Schwartz
08bbb1fb92
Move LDAP REST Endpoints to LDAP package
...
- Thus remove implicit dependency on services on the legacy modules
- Disable tests for LDAP/Kerberos that won't work when map storage is enabled
2022-06-21 08:53:06 +02:00
Alexander Schwartz
1bc6133e4e
redirect calls to userLocalStorage from legacy modules (federation, ldap, sssd, kerberos)
2022-06-21 08:53:06 +02:00
Hynek Mlnarik
e396d0daa1
Renaming SingleUserCredentialManager and UserModel.getUserCredentialManager():
...
- class SingleUserCredentialManager to SingleEntityCredentialManager
- method UserModel.getUserCredentialManager() to credentialManager()
Renaming of API without "get" prefix to make it consistent with other APIs like for example with KeycloakSession
2022-06-21 08:53:06 +02:00