Commit graph

166 commits

Author SHA1 Message Date
rmartinc
05bac4ff0e Remove option Nerver Expires for tokens in Advanced OIDC client configuration
Closes https://github.com/keycloak/keycloak/issues/21927
2023-08-03 12:16:08 +02:00
Alexander Schwartz
5c6df3d26e
Ignore new NodeJS redirect (#22187)
Closes #22186
2023-08-03 11:01:33 +02:00
Alexander Schwartz
748c53df7f
Use Java mechanisms to read language files and default to UTF-8 (#21755)
Closes #21753
2023-08-01 11:27:10 +02:00
aghArdeshir
e64269de70
Remove duplicated description of Scope in JavaScriptAdapter docs (#22084)
The first one had more information than the second one, so I removed the second one altogether
2023-07-31 08:23:41 +00:00
Alexander Schwartz
08dfdffbfb
Fixed updated links for freeipa (#22040)
Closes #22039
2023-07-28 07:31:03 +02:00
Vlasta Ramik
29b67fc8df
Inconsistent Wildcard handling for JPA (#21671)
* Inconsistent Wildcard handling for JPA

Closes #20610

Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
2023-07-27 17:03:22 +02:00
Takashi Norimatsu
2efd79f982 FAPI 2.0 security profile - supporting RFC 9207 OAuth 2.0 Authorization Server Issuer Identification
Closes #20584
2023-07-24 09:11:30 +02:00
David Bister
9420670f14 Update regex password policy to state the specific type of regex to be used.
Closes #21652
2023-07-14 16:32:37 +02:00
Stian Thorgersen
304897b226
Fix links to quickstarts (#21639)
Closes #21637
2023-07-12 14:03:49 +02:00
stianst
a2100d18d4 Enable 22 migration docs
Closes #21629
2023-07-12 13:27:40 +02:00
Pedro Igor
702495fe22
Remove adapters from product documentation (#21177)
Closes #21176
Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
Co-authored-by: Stian Thorgersen <stianst@gmail.com>
2023-07-11 13:32:52 +02:00
Stian Thorgersen
1e7fbd1312
Fix links in docs (#21585) 2023-07-11 11:04:46 +00:00
Stian Thorgersen
3d33878c33
Update release notes for 22 (#21583)
* Updates to release notes

* Fix
2023-07-11 11:02:45 +02:00
Alexander Schwartz
8bdfb8e1b6 Updating performance information on export/import
Closes: #20703
2023-07-07 09:43:59 -03:00
Justin Stephenson
4ece83dd3d
Update freeipa container image to quay.io (#19729) 2023-07-06 14:04:05 +02:00
Ronald Petty
9e68f80377
Update keys.adoc as Field is in prior section (#21012) 2023-07-06 12:50:10 +02:00
Thomas Darimont
637fa741b0
Align naming of OTP policy window setting with actual semantics (#20469) (#21316)
Closes #20469
2023-07-04 12:41:21 +02:00
rmartinc
09e30b3c99 Support for JWE IDToken and UserInfo tokens in OIDC brokers
Closes https://github.com/keycloak/keycloak/issues/21254
2023-07-03 21:25:46 -03:00
Kibubu
51b3906f9d Fix docs to create IAT
The docs mention an outdated path to create initial access tokens.

Fixed by guiding users to the right page
2023-07-03 20:47:41 -03:00
mposolda
0ea2891eee Remove support for OpenJDK 11 on the server side
closes #15014
2023-07-03 13:12:22 -03:00
Martin Bartoš
ee205c8fbc
Enable IPv6 dualstack support by default (#21340)
Closes #15003
2023-07-03 13:35:33 +00:00
Daniele Martinoli
e2ac9487f7
Conditional login through identity provider (#20188)
Closes #20191


Co-authored-by: Jon Koops <jonkoops@gmail.com>
Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
Co-authored-by: Marek Posolda <mposolda@gmail.com>
2023-06-29 18:44:15 +02:00
Joshua Sorah
e945a056bb [docs] Update saml.xml.org link from http to https
closes keycloak/keycloak#21317
2023-06-29 18:24:14 +02:00
Joshua Sorah
8323e91f56 [docs] Update Native App redirect URI recommendtation from localhost to
127.0.0.1

Closes keycloak/keycloak#21300
2023-06-29 11:05:33 +02:00
Steven Hawkins
88992dae19
widens status to be any type. (#21281)
this is to avoid olm complaining about an incompatible schema during
upgrade

Relates to #13074
2023-06-29 08:57:22 +02:00
Ricardo Martin
1973d0f0d4 Check the redirect URI is http(s) when used for a form Post (#22)
Closes https://github.com/keycloak/security/issues/22

Co-authored-by: Stian Thorgersen <stianst@gmail.com>
Signed-off-by: Peter Skopek <pskopek@redhat.com>
2023-06-28 17:52:48 -03:00
Steven Hawkins
e9c9f80e8d
adds an instance label to support multiple instances (#20906)
Closes #10562 #14220
2023-06-28 18:05:23 +02:00
Hynek Mlnarik
b8149d66ca Remove ldapsOnly (console and docs)
Closes: #9313
2023-06-28 08:30:09 +02:00
Hynek Mlnarik
c092c76ae8 Remove ldapsOnly (Java)
In `LDAPConstants.java`, the function to set the Truststore SPI system property was removed, as this is now handled by the `shouldUseTruststoreSpi` method in `LdapUtil`.

Closes: #9313
2023-06-28 08:30:09 +02:00
Douglas Palmer
59e1a5d992 Custom theme - url.resourcesCommonPath references wrong theme
closes #20085
2023-06-28 08:25:44 +02:00
Stian Thorgersen
4fcb154d36
Add removal of account console v1 to release notes (#21212)
* Add removal of account console v1 to release notes

* Update docs/documentation/release_notes/topics/22_0_0.adoc

Co-authored-by: Jon Koops <jonkoops@gmail.com>

* Update docs/documentation/release_notes/topics/22_0_0.adoc

Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>

* Update docs/documentation/release_notes/topics/22_0_0.adoc

Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>

* Update docs/documentation/release_notes/topics/22_0_0.adoc

Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>

---------

Co-authored-by: Jon Koops <jonkoops@gmail.com>
Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
2023-06-28 07:52:10 +02:00
Joshua Sorah
c28eba6382 Fix failing External Link Checks
Update URLs that are just redirects to another page.
Point to RFC 7517 for JWK draft docs that were hosted on personal site

Closes keycloak/keycloak#21263
2023-06-27 20:58:17 +02:00
zyairzy
bdb4dd8070
Support passing in locale option to init() (#11760)
Closes #11759
2023-06-27 07:19:13 +00:00
Steve Hawkins
6a92669139 finishes the conversion away from createOrReplace
however this is a broader change given the implications of
serverSideApply vs createOrReplace - mostly the concern of only applying
the managed state not based upon an existing resource

Closes #20850
2023-06-23 11:55:47 -03:00
Steven Hawkins
fc0be1a65b Update docs/documentation/release_notes/topics/22_0_0.adoc
Co-authored-by: Peter Zaoral <pepo48@gmail.com>
2023-06-21 17:14:33 -03:00
Steve Hawkins
5701f70157 changes condition status to be a string, rather than a boolean
Closes #13074
2023-06-21 17:14:33 -03:00
Gilvan Filho
2493f11331 count users by custom user attribute
closes #14747
2023-06-21 11:56:22 -03:00
Stan Silvert
513c00bcd9
Remove unused feature flags. (#21039)
* Remove unused feature flags.
Fixes #20944
Fixes #20943

* Update release notes.

* Update docs/documentation/release_notes/topics/22_0_0.adoc

Co-authored-by: Jon Koops <jonkoops@gmail.com>

---------

Co-authored-by: Jon Koops <jonkoops@gmail.com>
2023-06-20 15:02:22 -04:00
Marek Posolda
a6ad701b5e
Update securing_applications guide for latest adapter changes (community) (#20995)
closes #20994


Co-authored-by: Pedro Igor <pigor.craveiro@gmail.com>
Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
2023-06-20 09:21:47 +02:00
rmartinc
20121ee9da Update docs and tooltips for lifespan and idle timeout changes
Closes https://github.com/keycloak/keycloak/issues/20791
2023-06-20 09:01:32 +02:00
Daniele Martinoli
d9b271c22a
Extends the conditional user attribute authenticator to check the attributes of the joined groups (#20189)
Closes #20007
2023-06-19 15:22:35 +02:00
Jon Koops
651a7f29fc
Promote Account Console v3 to preview (#20969) 2023-06-15 12:24:01 -04:00
vramik
535bba5792 Update UserQueryProvider methods
Closes #20438
2023-06-12 16:04:26 +02:00
Vlasta Ramik
ed473da22b
Clean-up of deprecated methods and interfaces
Fixes #20877

Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
2023-06-09 17:11:20 +00:00
Réda Housni Alaoui
eb9bb281ec Require user to agree to 'terms and conditions' during registration 2023-06-08 10:39:00 -03:00
Marek Posolda
8080085cc1
Removing 'http challenge' authentication flow and related authenticators (#20731)
closes #20497


Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
2023-06-08 14:52:34 +02:00
Peter Zaoral
f4cc6d7b76 Update the docs
* updated the release notes
* updated the FIPS guide

Signed-off-by: Peter Zaoral <pzaoral@redhat.com>
2023-06-07 09:23:12 -03:00
Václav Muzikář
0c2ac4f776
Remove mentions of temporary support for Java EE Admin Client (#20807) 2023-06-06 15:39:56 -03:00
Matthew Helmke
6ce9676d68 Update docs/documentation/internal_resources/contributing.adoc
Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
2023-06-02 07:58:59 -03:00
Matthew Helmke
4761ac1587 Update contributing.adoc
Just fixed a link that went stale when the docs moved from their own repo into the main one.

Oh, and hello!! :D
2023-06-02 07:58:59 -03:00
Martin Kanis
43a2eb40f1 Documentation for User Storage Spi is incorrect
Closes #19763
2023-06-01 10:05:57 +02:00
Pedro Igor
53dfb44a8f
Migration guide for JAX-RS changes (#20659)
Closes #keycloak/keycloak#15454
2023-05-31 13:50:34 +00:00
Takashi Norimatsu
a29c30ccd5 FAPI 2.0 security profile - not allow an authorization request whose parameters were not included in PAR request
closes #20623
2023-05-31 14:02:44 +02:00
vramik
a175efcb72 Split UserQueryProvider into UserQueryMethods and UserCountMethods and make LdapStorageProvider implement only UserQueryMethods
Co-authored-by: mhajas <mhajas@redhat.com>

Closed #20156
2023-05-31 11:47:54 +02:00
stianst
0832992e59 Removing OpenShift integration and moving to separate extension
closes #20496

Co-authored-by: mposolda <mposolda@gmail.com>
2023-05-30 17:39:32 +02:00
Stefan Guilhen
27e79fb025 Fix LDAP user synchronization documentation
Closes #16833
2023-05-30 13:36:34 +02:00
Pedro Igor
b41904bf04 Update release notes on adapter deprecation 2023-05-29 09:47:33 -03:00
Yoshiyuki Tabata
bd37875a66 allow specifying format of "permission" parameter in the UMA grant token
endpoint (#15947)
2023-05-29 08:56:39 -03:00
Peter Zaoral
72b238fb48
Keystore vault (#19644)
* KeystoreVault SPI

* added KeystoreVault - a Vault SPI implementation (#19281)

Closes #17252

Signed-off-by: Peter Zaoral <pzaoral@redhat.com>
2023-05-24 16:20:30 +00:00
Andre Nascimento
c8d418d50b Update of the Server Development doc about how 'User Storage Providers' must adhere to Quarkus.
Closes #19156
2023-05-24 08:41:17 -03:00
mposolda
2672c47bc8 Docs note about manually delete themes cache
closes #19675
2023-05-23 08:53:27 +02:00
Marek Posolda
d7d6b83bd6
Fix the documentation about default themes (#20488)
closes #17130


Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
2023-05-22 19:09:01 +02:00
vramik
fd6a6ec3ad Make LDAP searchForUsersStream consistent with other storages
Co-authored-by: mhajas <mhajas@redhat.com>

Closes #17294
2023-05-19 08:40:41 +02:00
Marek Posolda
908ba027b6
More docs clarification for script authenticator (#20444)
* More docs clarification for script authenticator
closes #20009


Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
2023-05-18 17:41:28 +02:00
Hynek Mlnařík
41cf72d57f
Add note about preserving ID in imports
Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
2023-05-18 13:23:07 +02:00
danielFesenmeyer
d543ba5b56 Consistent message resolving regarding language fallbacks for all themes
- the prio of messages is now as follows for all themes (RL = realm localization, T = Theme i18n files): RL <variant> > T <variant> > RL <region> > T <region> > RL <language> > T <language> > RL en > T en
- centralize the message resolving logic in helper methods in LocaleUtil and use it for all themes, add unit tests in LocaleUtilTest
- add basic integration tests to check whether realm localization can be used in all supported contexts:
  - Account UI V2: org.keycloak.testsuite.ui.account2.InternationalizationTest
  - Login theme: LoginPageTest
  - Email theme: EmailTest
- deprecate the param useRealmDefaultLocaleFallback=true of endpoint /admin/realms/{realm}/localization/{locale}, because it does not resolve fallbacks as expected and is no longer used in admin-ui v2
- fix locale selection in DefaultLocaleSelectorProvider that a supported region (like "de-CH") will no longer selected instead of a supported language (like "de"), when just the language is requested, add corresponding unit tests
- improvements regarding message resolving in Admin UI V2:
  - add cypress test i18n_test.spec.ts, which checks the fallback implementation
  - log a warning instead of an error, when messages for some languages/namespaces cannot be loaded (the page will probably work with fallbacks in that case)

Closes #15845
2023-05-17 15:00:32 +02:00
rmartinc
fdd5e51dbc SSSD documentation updated for quarkus distribution
Closes https://github.com/keycloak/keycloak/issues/20263
2023-05-16 14:26:04 +02:00
Takashi Norimatsu
7f5e94db87 KEYCLOAK-19539 FAPI 2.0 Baseline : Reject Implicit Grant 2023-05-16 14:17:29 +02:00
Martin Kanis
31557f649f Update documentation on user storage provider in Quarkus
Closes #17394
2023-05-16 11:57:26 +02:00
Alexander Schwartz
943b8a37d9
Replace guide with a placeholder for downstream docs (#20266)
Closes #20256
2023-05-16 08:59:11 +02:00
Alexander Schwartz
8cfe8b1411
Update the docs on passthrough proxy (#20072)
Closes #20070
2023-05-15 15:44:47 +00:00
Martin Bartoš
b64260bce5
Jakarta EE and Quarkus 3 upgrade documentation (#20131)
Closes #16251

Co-authored-by: Václav Muzikář <vaclav@muzikari.cz>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
2023-05-15 17:20:04 +02:00
AndyMunro
3443739336 Fix headings in Server Developer guide
Closes #20216
2023-05-15 16:49:29 +02:00
Jon Koops
04ab848003
Rework merging of message bundles for localization of Admin Console (#20183)
Closes #20182
2023-05-11 14:23:10 -04:00
Martin Bartoš
39d24bd04d
Migration guide for Keycloak admin client (#20091) 2023-05-10 09:22:33 +02:00
Joshua Sorah
67cc6bfa7c [docs] Add Keycloak JIRA login redirect to allow list.
Modify the ignored-link-redirects to include a regex that covers the Keycloak JIRA login redirect.

This will prevent the tests from failing due to seeing the login redirect.

Closes keycloak/keycloak#20259
2023-05-09 21:08:57 +02:00
vibrown
5aef59acd8 Changed references to Jira issues to Github issues
Closes #19136
2023-05-09 08:54:25 +02:00
Jon Koops
1d2a98d747
Modernize documentation of JavaScript adapter (#20081)
Closes #19792

Co-authored-by: Andrew Munro <amunro@redhat.com>
2023-05-08 08:21:53 -04:00
Martin Bartoš
960e3503ec
Artifact SLF4J LOG4J-12 has been relocated (#20113) 2023-05-05 13:57:45 +02:00
Stian Thorgersen
19d7dc69f7
Fix links (#20147) 2023-05-04 10:27:52 +02:00
Alexander Schwartz
75ea22bad2
Remove latest vs. archive document header (#20103)
This is done as the docs are no longer built twice.

Closes #19974
2023-05-03 09:16:34 +00:00
Alexander Schwartz
ff284182ba
Fix the links to the docs which have three groups starting from KC19 (#20035)
Relates to #19974
2023-05-03 08:58:52 +02:00
mposolda
a3f2ebb193 Ability to override default/built-in providers with same providerId. Using ProviderFactory.order() for choosing priority providers
Closes #19867
2023-04-25 18:04:58 +02:00
Jon Koops
5cfa4bedfd
Remove function-style constructor from Keycloak JS (#19912) 2023-04-24 12:24:33 +00:00
Alexander Schwartz
4f8d67c9fc All commands now auto-reaugment except show-config
Closes #15782
Closes #15898
Closes #17498
2023-04-21 15:06:51 +02:00
Stian Thorgersen
6b3eb46314
Fix setting versions for docs (#19826)
Closes #19801
2023-04-20 09:07:05 +02:00
Stian Thorgersen
2484e87ffc
Update 21_1_0.adoc 2023-04-20 08:23:54 +02:00
andymunro
30ce2d1e5b
Improve key rotation section (#19168)
Co-authored-by: Bruno Oliveira da Silva <bruno@abstractj.com>
2023-04-19 11:04:13 -03:00
buti1021
8a4af59ccb
new link for edit this section button (#19680) 2023-04-18 08:42:51 +02:00
Stian Thorgersen
feb20de2ef
Update release notes for 21.1 (#19718)
* Update release notes for 21.1

* Update docs/documentation/release_notes/topics/21_1_0.adoc

Co-authored-by: Pedro Igor <pigor.craveiro@gmail.com>

* Update docs/documentation/upgrading/topics/keycloak/changes-21_1_0.adoc

Co-authored-by: Jon Koops <jonkoops@gmail.com>

* Update docs/documentation/release_notes/topics/21_1_0.adoc

Co-authored-by: Jon Koops <jonkoops@gmail.com>

* Update docs/documentation/upgrading/topics/keycloak/changes-21_1_0.adoc

Co-authored-by: Jon Koops <jonkoops@gmail.com>

---------

Co-authored-by: Pedro Igor <pigor.craveiro@gmail.com>
Co-authored-by: Jon Koops <jonkoops@gmail.com>
2023-04-14 16:04:44 +02:00
Jon Koops
37e46f3551
Refer to Account Console features by version number (#19716) 2023-04-14 10:48:36 +00:00
Jon Koops
a2eb619e0e
Include Account Console version 3 as a theme (#19641) 2023-04-13 09:41:40 -04:00
mposolda
863d28e232 Promote FIPS 140-2 to supported in Keycloak 22
closes #17234
2023-04-12 15:29:54 +02:00
mposolda
087d1a3be8 Remove unused and outdated page for user federation mapper
closes #19128
2023-04-12 15:21:41 +02:00
mposolda
d89c81fec4 Authentication flows first paragraph seems incomplete
closes #19126
2023-04-12 15:21:03 +02:00
little-pinecone
783cf00f3e Add example for mapping role names between Keycloak and Spring Boot
* use SimpleAuthorityMapper as an example mapper
* show how to convert role names to upper case
* document that the default prefix for that mapper maps role names properly

Closes #19535
2023-04-05 11:04:54 -03:00
mposolda
c6f13363b9 Add nashorn javascript engine to Keycloak server
closes #17671
2023-04-04 14:56:46 +02:00
Jon Koops
bdc019b02c
Fully deprecate function-style constructor for Keycloak JS (#19438) 2023-04-03 14:45:55 +02:00
Jon Koops
8f627517cb
Remove legacy Promise APIs from Keycloak JS (#19389) 2023-03-29 16:29:27 +00:00
Michal Hajas
e49dfe534e Fix missing migration when reading TERMS_AND_CONDITIONS required action in legacy store
Closes #17277
2023-03-29 16:43:01 +02:00